Amended IT Act comes into force

3 min read

The Information Technology (Amendment) Act, 2008 has come into force on 27th October 2009.

Nine years after the birth of cyber laws in India, the new improved cyber law regime in India has become a reality. The Information Technology Act initially came into force on 17th October 2000. Major changes to this law have now come into force.

Most of these changes relate to cyber crimes. The last decade has seen a spurt in crimes like cyber stalking and voyeurism, cyber pornography, email frauds, phishing and crimes through social networking. All these and more are severely dealt with under the new laws.

Some of the major developments are:

1.    Voyeurism is now specifically covered. Acts like hiding cameras in changing rooms, hotel rooms etc is punishable with jail upto 3 years. This would apply to cases like the infamous Pune spycam incident where a 58-year old man was arrested for installing spy cameras in his house to ‘snoop’ on his young lady tenants.

2.    Publishing sexually explicit acts in the electronic form is punishable with jail upto 3 years.  This would apply to cases like the Delhi MMS scandal where a video of a young couple having sex was spread through cell phones around the country.

3.    Collecting, browsing, downloading etc of child pornography is punishable with jail upto 5 years for the first conviction. For a subsequent conviction, the jail term can extend to 7 years. A fine of upto Rs 10 lakh can also be levied.

4.    The punishment for spreading obscene material by email, websites, sms has been reduced from 5 years jail to 3 years jail. This covers acts like sending ‘dirty’ jokes and pictures by email or sms.

5.    Compensation on cyber crimes like spreading viruses, copying data, unauthorised access, denial of service etc is not restricted to Rs 1 crore anymore. The Adjudicating Officers will have jurisdiction for cases where the claim is upto Rs. 5 crore. Above that the case will need to be filed before the civil courts.

6.     A special liability has been imposed on call centers, BPOs, banks and others who hold or handle sensitive personal data. If they are negligent in “implementing and maintaining reasonable security practices and procedures”, they will be liable to pay compensation. It may be recalled that India’s first major BPO related scam was the multi crore MphasiS-Citibank funds siphoning case in 2005. Under the new law, in such cases, the BPOs and call centers could also be made liable if they have not implemented proper security measures.

7.    Refusing to hand over passwords to an authorized official could land a person in prison for upto 7 years.

8.    The offence of cyber terrorism has been specially included in the law. A cyber terrorist can be punished with life imprisonment.

9.    Sending threatening emails and sms are punishable with jail upto 3 years.

10.    Hacking into a Government computer or website, or even trying to do so in punishable with imprisonment upto 10 years.

11.    Cyber crime cases can now be investigated by Inspector rank police officers. Earlier such offences could not be investigated by an officer below the rank of a deputy superintendent of police.

The following have also come into force on 27 October, 2009:

1. Rules pertaining to section 52 (Salary, Allowances and Other Terms and Conditions of Service of Chairperson and Members),

2. Rules pertaining to section 54 (Procedure for Investigation of Misbehaviour or Incapacity of Chairperson and Members),

3. Rules pertaining to section 69 (Procedure and Safeguards for Interception, Monitoring and Decryption of Information),

4. Rules pertaining to section 69A (Procedure and Safeguards for Blocking for Access of Information by Public),

5. Rules pertaining to section 69B (Procedure and safeguard for Monitoring and Collecting Traffic Data or Information) and

6. Notification under section 70B for appointment of the Indian Computer Emergency Response Team.

---

---