Author: Shravani Gupta
College: University of Petroleum and Energy Studies
Introduction
The Act was passed to promote online shopping. It grants legal validity to transactions made through electronic communication that use technologies other than paper-based ones for information storage and communication. It allows for the electronic filing of documents during official contacts. The Act lists certain cybercrimes, gives law enforcement authorities the green light to go after them, and creates the proper forums for adjudication. In order to fully implement the Act's requirements, it also modifies a few laws. It will immediately benefit businessmen that often trade a lot of paperwork related to contracts, letters of credit, and bills during everyday transactions by saving them money, time, and headache. For our purposes, section 43 of the Code, which addresses the penalty for computer damage, is one of the pertinent laws.
Penalty for harm to a computer, computer system, etc. under Section 43.
If somebody accesses or secures access to a computer, computer system, or computer network without the owner's or any other person in charge of those systems' permission;
Downloads, copies, or extracts any data, computer code, or information from a computer, computer system, or computer network, including information or data stored on a removable storage medium;
Introduces or causes to be introduced any computer virus or computer contaminant into a computer, computer system, or computer network; and
Damages or causes to be damaged any computer, computer system, computer network, data, computer data base, or any other programme.
Any computer, computer system, or computer network is disrupted or is the cause of disruption;
Refuses or causes the refusal of access to any person authorised to access any computer, computer system, or computer network by any means;
Gives any assistance to any person to facilitate access to a computer, computer system, or computer network in violation of the provisions of this Act, rules, or regulations made thereunder.
Tampers with or manipulates any computer, computer system, or computer network in order to charge the services used by one person to the account of another, he is responsible to pay damages in the amount of compensation not to exceed one crore rupees to the person thus injured.
Explanation - For the purposes of this section, "computer contaminant" refers to any set of computer instructions that are intended to
Alter, destroy, record, transmit, or usurp the normal operation of a computer, computer system, or computer network; or
By any means, to do either of the above;
"Computer data base" refers to a representation of knowledge, facts, concepts, or information;
"Computer data base" refers to a formalised representation of information, knowledge, facts, concepts, or instructions in text, image, audio, or video created by a computer, computer system, or computer network and intended for use in a computer, computer network, or other device.
The term "damage" refers to the act of erasing, changing, deleting, adding, or otherwise rearranging any computer resource.
India is one of the few nations that has implemented cyber legislation to promote e-commerce and prosecute cybercriminals. The IT Act has come under fire for not being able to stop cybercrimes from happening from a variety of social groups. The legal community is not only baffled by the Act's application to some criminal activity, but it is also extremely upset by the Act's exclusion of several cybercrimes. The purpose of the paper is to analyses these arguments, not to support or refute them.
Section 69 of the IT Act, 2000
Any agency of the relevant government may be instructed by the Central or State Government, or by any other competent authority, to monitor, intercept, or decrypt any information sent, generated, received, or stored in any computer resource. Now, Section 5(2) of the Indian Telegraph Act also allowed for the interception and monitoring of data, but this Section only listed the following five circumstances as the ones in which a person's right to privacy could be suspended by the interception, monitoring, or detention of any message or class of messages sent or received by any telegraph:
In the cause of India's independence and unity
State-wide security
Amiable interactions with foreign countries
To uphold law and order
Avoid provoking someone to commit a crime
The "investigation of crime" is the sixth requirement listed in Section 69 of the Information Technology Act. The reach of the legislation has multiplied with the addition of this sixth prerequisite. Since there are thousands of instances being investigated, the possibilities covered by the first five conditions are far smaller than the eventualities covered by this sixth criterion alone.
This is not the only reason that this Section is thought to violate citizens' rights to privacy significantly more than any other law pertaining to data monitoring and interception. In addition to using intermediaries, this Section allows the agencies to communicate with subscribers directly. The network of telecom service providers is intended to be the site of interception under the Indian Telegraph Act, but Section 69 also applies to intermediates and subscribers, making it a highly intrusive form of surveillance.
The agencies' reach has broadened in both breadth and time dimension as a result of the addition of the storage of data. Even though the laws stipulate that an order can only be valid for 180 days, an agency has full access to all information and data once it has been put in the system, regardless of when it was done so.
In addition to the vague and very intrusive restrictions, Section 69(4) makes refusing to cooperate or aid the investigating agency a criminal punishable by up to seven years in jail. The Indian Telegraph Act does provide for penalties for illegal monitoring and interception, but there is no stated sentence of incarceration for refusal to cooperate. Telecom Service Providers are governed by the licensing terms and circumstances outlined in the Indian Telegraph (Amendment) Rules, 2007.
Privacy and Section 69 of the IT Act
The Supreme Court ruled that telephone tapping breached the basic right to privacy in People's Union for Civil Liberties v. Union of India (1996), and as a result, the court established protections against the nebulous nature of the State's surveillance powers. The Supreme Court's protections have a significant impact on India's surveillance legislation. A similar notion can now be extended to online interactions. In this situation, the right of an individual to hold a telephone call in the quiet of one's office or home without any interruption was recognised as a right to privacy.
The basic requirements of the safeguards established by the court were: designating a body to issue orders for telephone tapping; establishing five fundamental justifications for such orders; requiring consideration of alternative methods for obtaining the necessary information, if feasible; establishing review committees; directing the maintenance of records of what was intercepted; and establishing a validity period for such orders. The rules established by the court in this case were later codified as Rule 419-A of the Indian Telegraph Rules 1951, with minor modifications.
The Information Technology Act of 2000 established the system for intercepting digital communications. The Supreme Court's ruling in the aforementioned case has had a significant impact on future laws pertaining to state surveillance, casting a long shadow over it. The Rule 419-A's effects are also discernible in the parallels between it and the 2009 Information Technology (Procedure and Safeguards for Interception, Monitoring, and Decryption of Information) Rules' procedures and safeguards pertaining to the State's surveillance powers over digital communications.
The National Intelligence Grid (NATGRID), Network Traffic Analysis (NETRA), Centre for Artificial Intelligence and Robotics (CAIR), Defence Research and Development Organization (DRDO), and other mass surveillance projects have been implemented by the Indian government, but the specifics of these projects and the privacy protection measures in place are unclear. Digital interpersonal communication has substantially increased, necessitating the creation of a brand-new set of privacy protection regulations that are particularly created to limit the State's ability to monitor its citizens online.
Redesigning India's monitoring laws is necessary
The new technology for mass surveillance makes it simple to get around or violate the current protections for citizens' privacy. Email, social media, VoIP, Google searches, and other modern modes of communication also need the constitutional protection of privacy and freedom, and this can only be done by overhauling India's current rules governing surveillance and privacy. In India today, practically all telephone and IP network communications may be watched all at once, i.e. using keywords. Because this kind of mass surveillance is not allowed by the law, it is being carried out with little respect for the privacy rights of individuals. So, in order for the surveillance programs to continue, separate acts of the Parliament that include provisions for more safeguards than the present law are required to mandate the authorization. We are currently discussing a type of surveillance that is fundamentally distinct from the type of monitoring carried out through telephone tapping and interception. Considering this, we can infer the necessity of the new monitoring laws listed below:
Limits on how long data should be retained,
Responsibility for unauthorized use of, or disclosure of, intercepted communications,
Metadata and content interception differ from one another.
Along with a reinforced version of the current protections regarding the conditions under which an intercepting order may be issued, the authority that may issue it, and the information which must be mandatory contained, the aforementioned safeguards must be put into place. The concentration of power with the executive branch of government is another issue with the current surveillance law regime that needs to be rectified. Currently, the executive branch of the government is in charge of monitoring the target person and deciding whether or not this monitoring breaches that person's privacy and rights. This puts the concept of separation of powers in conflict.
Additionally, it is crucial to improve on the implementation of the protections because those who break these laws do not suffer the proper repercussions. It is necessary to involve the judiciary's competence in weighing the interception demands against the person's privacy rights.
Relevant Judgments
1. Ajit Mohan and Ors . vs . Legislative Assembly , National Capital Territory of Delhi and Ors .
Facts of the Case: Communal riots broke out in several locations in North-East Delhi between February 24 and February 29, 2020, causing an unpleasant outbreak of bloodshed throughout the city. This led to the loss of life and property, hampered the operation of Delhi's civic services, and, like any previous incident of this kind, took on a political overtone. In the wake of these riots, the Legislative Assembly of the National Capital Territory of Delhi (the Assembly) resolved to constitute a Committee on Peace and Harmony (Committee) to consider the factors and situations which have the potential to disturb communal harmony in the National Capital Territory of Delhi and suggest measures to eliminate such factors and deal with such situations so as to establish harmony among different religious or linguistic communities or social groups. The committee got numerous complaints about various Facebook comments, and then one publication sparked an investigation into the matter. He rejected and questioned the authority of the Assembly to summon him via the present petition under Article 32 of the Constitution of India, 1950, despite receiving a summons asking him to appear before them.
Subject Involved in the Case:
· Can a non-executive member of the Executive be called before the Legislative Assembly?
· If true, how much can this privilege be used before it violates someone's First Amendment rights to free speech and privacy?
Overview of the case: From February 24 to February 29, 2020, unrest erupted in Delhi. Communal riots in several districts of North-East Delhi claimed lives and destroyed property before turning political. The Delhi Legislative Assembly established the Committee on Peace and Harmony on March 20, 2020, under the leadership of Mr. Raghav Chadha, Member, Legislative Assembly, in response to these disturbances. The Committee claimed that it had received hundreds of complaints alleging that Facebook had been used to incite bigotry and racial animosity, as well as that the media outlet was biassed in favour of the ruling party and devotees of Hinduism. Ajit Mohan, Vice President and Managing Director of Facebook India Online Services Private Limited, was given notice to appear before the Parliamentary Committee as a result of the claims made against Facebook, and he did so. Ajit Mohan was handed a summons to appear after the Peace and Harmony Committee said that Facebook had conspired with those who had an interest in disturbances and that he should be charged as a co-accused before taking any action against the media outlet. Additionally, Mr. Ajit Mohan received a second summons along with a notice that failure to comply would be construed as a violation of the Committee's privilege and that appropriate legal action would be taken. Under Article 32 of the Constitution, Mr. Ajit Mohan petitioned the Supreme Court with a writ contesting the summons and power of the Delhi Legislative Assembly.
Judgment Analysis: The Bench denied the request for a writ of mandamus and upheld the Committee's summons to Mr. Ajit Mohan and Facebook. After hearing the arguments, the Bench created the following questions that needed to be addressed:
Does the house have the right to subpoena someone to testify?
If so, to what extent can it be used while taking into account the person's right to privacy and freedom of speech?
What is the legislative assembly's legal authority?
Under the headings of
The Privileges Issue,
The Privilege of Right to Privacy and Free Speech, and
Legislative Competence, the Court examined the arguments.
As they had enough time to issue their ruling, the Court took note of recent events that occurred on the issues at hand around the world during the COVID period. The Court examined the responsibility and function of middlemen in the politics of many countries, including the UK and the US. It mentioned the UK Commons Privileges Committee's report as well as the incident in which the CEOs of Google, Twitter, and Facebook were summoned before the US House of Representatives' House Energy and Commerce Committee for alleged statements regarding vaccinations and the US Presidential Elections. The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, which held intermediaries accountable for content shared on their platform and required intermediaries to do due diligence, were noted by the court. The Court took note of the most recent changes made in accordance with the GNCTD Act, but it declined to hold a hearing to discuss them because they weren't at issue in the pertinent proceedings.
Opinion of the Court: The Court believes that an intermediary like Facebook has a very broad and powerful role, and that the petitioners' claim that it is only a forum for idea exchange is overly simplistic. Governments from all across the world have expressed worry about these intermediaries' ability to influence the public, and they are working to hold these platforms more responsible for the information disseminated on them. The Court noted that Facebook has almost 270 million users in India, and while it has provided voice to many different groups, it cannot be denied that it has also given a platform to many disruptive views, for which it must accept responsibility.
The Court stated in its ruling that these platforms are not in the least bit charitable, are only concerned with advancing business models, frequently violate users' privacy, and polarise public discourse. In order to receive rights, social media intermediaries cannot be permitted to assume distinct responsibilities in different nations. For example, in the US, they are known as publishers, whereas in India, they are merely media platforms. As a result, Mr. Salve's argument would not persuade the court. Delhi, the nation's capital, cannot afford to experience another crisis like the recent riots, hence the authorities should closely consider Facebook's participation in this issue. Regarding the issue of privilege, it was argued that the right to speak privately cannot be used to compel someone who is not a member of the assembly to do so. The Court considers Provision 194(3) of the Constitution, which Mr. Salve referenced, and declares that because the language of the cited article is confusing and unclear, neither it nor the Court will interpret it or order the Legislature to do so.
The Committee has not used the privilege power because neither the Court nor the parties are aware of the nature of the questions that will be raised, whether a privilege question will be raised, or whether the Committee will send the issue to the Assembly for consideration. The committees are an extension of the Legislative Assembly and assist it in carrying out various Assembly duties, the Court said in reference to the Kalpana Mehta case. Regarding privileges and fundamental rights, the court observed that no action had been taken against the petitioners and that the summons was valid because neither the petitioners nor anyone else had been charged with any crimes nor had any fundamental rights been violated. The petitioner's arguments were premature because nothing had occurred, and the Court decided not to comment more on this matter because N. Ravi's case was still ongoing. The Court notes that the Committee had the legal authority to inquire about any issues relating to peace and harmony without interfering with those covered by the Union List of the seventh schedule. The petitioner may choose not to respond to any inquiries that fall within the forbidden areas, and the Committee's ability to prosecute is constrained.
2. Sharat Babu Digumarti vs . Govt . of NCT of Delhi
Facts of the Case: A was first exonerated under Sections 294 and 292 of the Indian Penal Code, 1860 after filing a petition in the High Court to annul the ongoing trial court case.
However, the charge was later still framed under Section 292 by the trial court. He presented a review petition to the High Court, but it was denied. In the current appeal, the appellant contests the High Court's dismissing decision.
Opinion of the Court and Judgment Analysis: The Information Technology Act covers the offence under Section 292 IPC when it deals with obscenity in electronic form, according to the bench of Dipak Misra and Praffula C. Pant, JJ., who were asked to rule on whether the appellant, who had been discharged under Section 67 of the IT Act, could still be prosecuted under that section. It should be remembered that the IT Act, a special law, governs electronic modes of transmission, and that special laws take precedence over general laws and previous laws.
In spite of the charges being dropped under Section 67 of the IT Act, the case involved an appeal against the High Court's ruling charging the appellant with a violation of Section 292 IPC. According to the ruling in Aneeta Hada v. Godfather Travels and Tours (P) Ltd., (2008) 13 SCC 703, the appellant, senior manager of the intermediary, had been singled out for prosecution under Section 292 IPC while the managing director of the intermediary had been cleared of all charges. The appellant's attorney argued that Section 79 protected the intermediary until he had actual knowledge because, as the language suggested, it took into account the internet world's paradigm, in which platform service providers do not control and, in fact, cannot control the acts and omissions of primary, secondary, and tertiary users of such internet platforms. While the respondent's attorney argued that because the case involved the sale of pornographic content, which is illegal under Section 292 IPC rather than Section 67 of the IT Act, the responsibility of the intermediary's person in charge was crucial.
According to the Court, the infraction in question involved electronic records, and Section 67 expressly provided for punishment for disseminating and distributing offensive content in electronic form. With Section 79 serving as an exception, the aforementioned law, when combined with Sections 67-A and 67-B, was a comprehensive code that gave individuals protection. The sale of pornographic literature, among other things, is prohibited under Section 292 IPC, but if the offence has a connection to an electronic record, Section 79's protection cannot be disregarded or negated. The appellant's criminal charges were dropped by the court.
Conclusion
As a result of international firms' dominance over communication channels in the digital age, authorities have struggled to identify offenders because the middlemen won't help them. Without a question, effective surveillance must be in place in this new era of digitization in order to prevent widespread use of the internet and communication networks for organised crime and terrorism. The day when telephones were the only means of communication is over, so it is necessary to expand the scope of the legislation to reflect this change in society. However, it is important to remember that no citizen's right to privacy is abused in the process of defending the populace from digital abuse. The state's surveillance laws currently in effect provide the administration unrestrained power because of their extremely broad outlines. An illustration of such arbitrary power can be seen in the well-known Sreya Singhal case. Such authority has far-reaching effects on other liberties in addition to disproportionately restricting persons' fundamental right to privacy.
References
Commentaires