Information Technology Act, 2000 is one of the legislation, most talked about in the age of information. Government transactions (e-governance), personal communications between individuals; electronic commerce etc. all are based on the use of IT. In these circumstances, it becomes important that authorities are at the place to implement the provisions of the cyber law.
Information Technology Act, 2000 aims –
- to provide legal recognition for transactions carried out by means of electronic
data interchange and other means of electronic communication, commonly referred to
as “electronic commerce”, which involve the use of alternatives to paper-based methods
of communication and storage of information,
- to provide for an alternate technology of electronic signatures for bringing harmonisation with the United Nations Model Law on Electronic Signatures,
- to facilitate electronic filing of documents with the Government agencies and
- to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Banker’s Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934.
- to declare Critical Information Infrastructure as a protected system so as to restrict its access etc.
To achieve the aforesaid objectives, following authorities have been established. This post highlights the various statutory authorities, envisaged under Information Technology Act, 2000 –
|S.No.||Statutory Authority||Relevant Sections||Role/Function|
|1.||Controller of Certifying Authorities||Sections 17-29||To exercise supervision over the activities of the Certifying Authorities; to certify public keys of the Certifying Authorities; lay down the standards to be maintained by the Certifying Authorities etc|
|2.||Certifying Authorities||Sections 30-39||To issue an electronic signature Certificate and ensure compliance of the Act, etc.|
|3.||Cyber Appellate Tribunal||Sections 48-64||To hear appeals from an order made by Controller or an adjudicating officer under this Act|
|4.||Adjudicating Officer||Sections 46-47||To hold an inquiry in the manner prescribed by the Central Government|
|5.||National Nodal Agency||Section 70A||To be responsible for all measures including Research and Development relating to the protection of Critical Information Infrastructure|
|6.||Indian Computer Emergency Response Team||Section 70 B||To serve as the national agency for performing the following functions in the area of Cyber Security-
(a) collection, analysis and dissemination of information on cyber incidents
(b) forecast and alerts of cyber-security incidents
(c) emergency measures for handling cyber security incidents
(d) coordination of cyber incidents response activities
(e) issue guidelines, advisories, vulnerability notes and white papers relating to information security practices, procedures, prevention, response and reporting of cyber incidents
|7.||Examiner of Electronic Evidence||Section 79A||To provide expert opinion on electronic form evidence before any court or other authority|
|8.||Cyber Regulation Advisory Committee||Section 88
|To advise the Central Government either generally as regards any rules or for any other purpose connected with this Act, and advise the Controller in framing the regulations under this Act|
- Computer Emergency Response Team-IN (Section 70B)
It started functioning from January 2004.
- National Critical Information Infrastructure Protection Centre (NCIIPC) (Section 70A)
It has been designated as the National Nodal Agency in respect of Critical Information Infrastructure Protection under Sec 70A of the Information Technology Act, 2000.
Section 70(1) defines “Critical Information Infrastructure” as the computer resource, the incapacitation or destruction of which, shall have a debilitating impact on national security, economy, public health or safety.
The above authorities discharge the functions to ensure that cyber transactions are smooth and secure.
Image from here