India passes its first cyberlaw with Draconian powers

NEW DELHI, 19 May 2000 - With the passing of the IT Act 2000, e-mail as a valid form of communication in India is now legally recognized. Acceptance in an electronic form of any offer, culminating into an electronic contract, has also been declared legal and enforceable.

For the first time in Indian law, this act effectively recognizes digital signatures. The new law has also resulted in a hierarchy of infrastructure consisting of a Controller for certifying authorities, Adjudicating Officers and Cyber Appellate Tribunal.

The most distressing part of the new IT Act 2000 is its absolute trampling of cyber liberties and freedom. A police officer with the rank equivalent of a Deputy Superintendent, is granted the power to do almost anything in the name of nabbing cyber criminals and preventing cyber crime.

The unlimited power given to a police officer is in the form of an absolute discretion to enter and search any public place and arrest any person, without warrant, who is "reasonably suspected" of having committed or of committing a cyber crime or if he is about to commit a cyber crime.

The discretion of the police officer further extends to defining who is "reasonably suspected" of a cybercrime. Also, the Indian Cyberlaw talks of the arrest of any person who is about to commit a cybercrime. It is indeed alien to Cyberlaw jurisprudence as to how any police officer is going to decide if a person is about to commit a cybercrime.

Also, the requirements of cyberspace are very different from the actual world. Most of the time, it is difficult to decide till the last moment as to whether any cybercrime is about to be committed.

To top it all, the IT Act 2000 gives immunity to the Central Government and its officials, including police from any suit, prosecution and other legal proceedings for any act done in good faith, in pursuance of the provisions of the Act. Effectively, this rules out any protection for a person who is made a target of abuse and misuse of discretion by the police.

In addition, the Indian law makes itself applicable to not only the whole of India but also to any contravention or offence committed outside India by any person of any nationality throughout the world. Internet is about abolishing boundaries and not about creating them. The new law opens up a pandora's box for a conflict of jurisdiction.

The law further takes immovable property out of the ambit of electronic commerce as immovable property is excluded from the applicability of the Act.

The Government of India further claims immunity from judicial review in its power of appointing the Presiding Officer of the Cyber Appellate Tribunal, a feature hitherto unknown to Indian jurisprudence.

Another surprising feature of the new Indian law is that it begins by granting a legal infrastructure for e-commerce without touching anything on other important legal issues for the corporate sector like Intellectual Property Rights, Domain Names, Internet Policy, Linking or Disclaimer.

Another clause of the new law takes a contrary stand from emerging global Cyberlaw trends relating to liability of Internet Service Providers (ISPs) for third party data and information. Contrary to global trends, ISPs as a matter of principle, are made liable for third party data and information made available by them through their service.

The ISP is not liable only if it proves that it had no knowledge of the commission of any offence or contravention of the provisions of the Act, or if it proves that it acted with due diligence to prevent the commission of any offence or contravention of the provisions of the Act. Both the two exceptions are loosely defined and the same shall become one more tool of harassment of companies in the hands of the authorities.

The biggest concern about the new Indian Cyberlaw relates to its implementation. The Act does not lay down parameters for its implementation. Also, with the fact that Internet penetration in India is extremely low and that Indian government and police officials, in general, are not computer savvy, the new Indian Cyberlaw raises more questions than it answers them.