http://www.indianexpress.com/full_story.php?content_id=77204 ENS ECONOMIC BUREAU August 30, 2005 NEW DELHI, The Expert Committee on Cyber Law set up to amend the Information Technology (IT) Act has deleted "hacking" from its list of offences. In what IT and legal experts say seems to be a knee-jerk reaction to the recent spate of MMS porn and BPO-hacking cases, the committee has installed video-porn and child porn as two separate entities, both with higher punishments. In fact, the committee has suggested that apart from digital signatures, electronic signatures should be accepted, which will help identify the correct person sending an e-mail or other electronic documents. The committee has also proposed making encryption standards technology-neutral, meaning that no single standard needs to be used by all Indians. "But where is the data protection law? The Committee has diluted punishments, deleted the very word "hacking" from the IT Act and given the government sweeping powers to intercept cyber networks," says IT lawyer Pavan Duggal. This, when the PM had expressly stated after the Karan Bahree expose, that a new IT law must be framed to give BPOs an international-standard data protection law. For instance, take Section 66. In its new form, it deletes the words "hacker" and "hacking" making it impossible for an ordinary ciziten to file a hacking complaint. It also installs a one to two-year sentence and Rs 5 lakh fine for breaking into a computer network, instead of the present Rs 3 lakh year sentence and Rs 2 lakh fine. "By reducing the punishment, though the fine has increased, the government is sending the signal: "Please go ahead and hack", says Duggal. Similarly, under Section 67, which deals with punishment for obscenity in electronic form, the new proposal has halved fines while keeping prison terms constant. But from here on, the flavour of the proposed amendments turn distinctly Orwellian. Under Section 43, the Committee has inserted a fresh requirement to prove that someone accused under the IT Act is guilty: His action must be proved as "dishonest and fraudulent" as well. Besides, Section 66, which relates to computer-related offences has now been revised to fall in line with Section 43, which deals with penalty for damage to a computer resource. Here, new terms such as "negligence" "dishonest" and "fraudulent" have been introduced, which has the lawyers in a tizzy. "These words will make the task of punishing people like Karan Bahree even more difficult. If it is proved that I introduced a harmful virus into a network, I should be punishable by law. Why should anyone have to prove that I was "dishonest" and "fraudulent" as well... The offence speaks for itself, explains Duggal. If your e-mail account is hacked, only your e-mail service provider will be able to file a case for redressal. An ordinary citizen will be rendered remediless, he adds. The recommedations defend the changes: "Sometimes because of lack of knowledge or for curiosity, new learners... unintentionally or without knowing... do certain undesirable act on the Net. ..it need(s) to be ensured that new users do not get scared away because of publicity of computer related offences. Section 43 acts as a reassuring Section to a common Netizen (sic)." However, the Committee does comes down hard on pornography. Taking pictures of an individual without his knowledge and transmitting them without consent is to be considered a violation of privacy. Changes are also proposed in electronic-obscenity provisions to bring in line with the Indian Penal Code, and two new sections will address child pornography and video voyuerism, and recommendations have been made for higher punishment. CTRL+ALT+DELETE: PROPOSED CHANGES * Section 66: Earlier dealt with hacking, now with computer-related offences. * Section 67: Obscenity in electronic form. Revised to bring in line with IPC. Fines increased. * New section added to address child pornography with higher punishment, video voyeurism specifically addressed. * Section 69: Amended, power to issue directions for interception or monitoring or decryption of any information through any computer resource * Section 78A: New, to help the Judiciary in handling technical issues. * Section 79: Revised, to bring out the extent of liability of intermediary in certain cases. * Normal provisions of CrPC will apply, only DSPs and above will be authorised to investigate. * Electronic signatures to be allowed apart from digital signatures. * New section for "Formulation and Validity of Electronic Contracts" * More stringent norms for data protection and privacy. _________________________________________ Attend ToorCon Sept 16-18th, 2005 Convention Center San Diego, California www.toorcon.org
This archive was generated by hypermail 2.1.3 : Tue Aug 30 2005 - 00:04:46 PDT