isca ca final - wirc · digital signature and electronic signature section 3 : authentication of...
TRANSCRIPT
Digital Signature and Electronic Signature
Section 3 : Authentication of Electronic Records
Can be verified by a personElectronic Records are Converted into Message Digest #function having corresponding
public key
Mathematical Algorithm
By attaching Private Key
Section 3A : Electronic Signature
Information
linked only to Signatory
ES alteration detectable
alteration detectable
SCD/
Authentication
Data
CG May:1. Prescribe procedure for
ascertaining whether ES is of person purposed to have affixed it through the official gazette
2. CG can notify in OG to add/omit any ES & procedure to affix it.
Chapter 7 : Information Technology Regulatory Issues
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
r
CA FIN
AL IS
CA by
CA KARTI
K IYER
e
CA FIN
AL IS
CA by
CA KARTI
K IYERRecords
Can#function
Mathematical Algorithm
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
Key
linked only
CA FIN
AL IS
CA by
CA KARTI
K IYER
alteration
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
Section 4 : Legal Recognition of Electronic Records (diagram)
Printed/Typewritten form required Given in electronic form Law is deemed to besatisfied
Section 5 : Legal Recognition of Electronic Signature
Authentication required by Authentication done by affixing DS Reqmt. of affixing signature shall bedeemed to have been satisfied
Section 6 : Use of Electronic records and Electronic Signatures in Government andits Agencies
inAppropriate Govnt. may Prescribe manner/format of Electronic form
1) Filling any form & other documents2) Grant of any license/permit3) Receipts/Payments in Government Office
CA FIN
AL IS
CA by
CA KARTI
K IYER
form Law
Signature
DS Reqmt.
records and Electronic
may Prescribe manner/format
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
Section 6A : Delivery of services by Services Provided
Appropriate Government may:1) authorize service provider to 2) May authorize service provider to 3)Shall specify scale of service charges
collect, retain and appropriate charge by electronic meansservice charges
Section 7 : Retention of Electronic Records
Section 7A : Audit of Documents, etc. maintained in Electronic form
Section 8 : Publication of rules, regulation, etc in Electronic Gazette
Notification in OG in electronic form Valid
Section 9 : Section 6,7 and 8 not to confer any person the right to insist that document shouldbe accepted in electronic form
Documents, Deemed to be 1) Information should be accessible for subsequent users
Records & retain in electronic 2) E record should be in original format or in a format that accurately represents
Information if the information
3) Details of D3 ORT (Date, Destination, Dispatch, Origin, Receipt, Time) of ER
should be available.
CA FIN
AL IS
CA by
CA KARTI
K IYER
charges
CA FIN
AL IS
CA by
CA KARTI
K IYER
subsequent
format or in aCA F
INAL
ISCA b
y CA K
ARTIK IY
ER
CA FIN
AL IS
CA by
CA KARTI
K IYER
in Electronic
regulation, etc in Electronic
form Valid
CA FIN
AL IS
CA by
CA KARTI
K IYER
form Valid
not to conferform
ORT (Date, Destination, Dispatch
CA FIN
AL IS
CA by
CA KARTI
K IYER
Section 10 : Power to make rules by CG in respect of Electronic Signature
1.Type of DS
2.Manner & Format of Fixing DS
3.Manner of procedure for identifying person for affixing DS
4.Control Process to ensure CIA
5.Any other matter
Section 10A : Validity of contracts formed through electronic means
Any contract in electronic form is enforceable
Section 14 : Secure Electronic Record
After security procedure applied to El. Record = Secure El. record
Section 15 : An ES is deemed to be secured ES if :
1. SCD, at the time of affixing, was in exclusive control of signatory +
2. SCD was stored & affixed in an exclusive manner as may be prescribed
Section 16 : Security Procedures and Practices
CG is empowered to provide prescribed security procedure.
CA FIN
AL IS
CA by
CA KARTI
K IYER
means
El. Record
secured ES if
control
exclusive manner
Procedures and
empowered to provide
CA FIN
AL IS
CA by
CA KARTI
K IYER
Penalty and Adjudication{Mr. PAAdju’s sad day story}
• Sec 43 – Compensation for Damage
to computer / computer system
{Mr. Black cap accessing computer story}
• Sec 43A – Compensation for failure to protect data given to body corporate
{Mr PAAdju goes to his company for data recovery}
• Sec 44 – Penalty for failure to {FuFiMa}
• Furnish information (return or report) to Controller or Certifying Authority – (Rs 1.5Lacs)
• File return/Furnish information within time specified (Rs 5,000/day till failure continues)
• Maintain books of accounts or records (Rs 10,000 / day till failure continues)
Sec 45 Whoever contravenes any rules or regulations made under this Act, for the contravention of whichno penalty has been separately provided, shall be liable to pay a compensation not exceeding Rs 25,000 tothe person affected by such contravention.
Accesses, downloads, computer virus, disrupts, denies access, {DAD} destroys-alters-deletes information in computer resource, diminishes value, {SCAlD} Steals-conceals-alters-destroys computer source code
CA FIN
AL IS
CA by
CA KARTI
K IYER
Adjudication
Accesses, downloads, computer virus, disrupts, denies access, {DAD} destroys-alters-deletes information in computer resource, diminishes value,
CA FIN
AL IS
CA by
CA KARTI
K IYER
given to body
report) to Controller
within
accounts or records
contravenes anyseparatelyby such
{SCAlD} Steals-conceals-alters-destroys computer source code
OFFENCESSec Regarding Impr.
(in yrs)
Fine
(in lacs)
65 Tampering with Computer Source Documents 3 2L
66 Computer Related Offences If any person, dishonestly, or fraudulently, does any act
referred to in section 43
3 5L
66A Sending offensive messages (GOMC)….{Arre I’m going to kill you…} 3
66B Dishonestly receiving stolen computer or communication device {Bittu’s mobile} 3 1L
66C Make use of electronic signature, password, unique identity {Chasebook profile
access}
3 1L
66D Cheating by personation {fake Dawood sends message} 3 1L
66E Captures, publishes or transmits image affecting privacy of a person {Eleven dirty
pictures}
3 2L
66F Threatens unity, integrity or sovereignty of India {Fawad, the terrorist speaking} Life
67 Obscene material 3 / 5 5 / 10
67A Sexually explicit material 5 / 7 10 / 10
67B Sexually explicit material depicting children 5 / 7 10 / 10
Grossly offensive or
menacing character
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
fraudulently, doesCA F
INAL
ISCA b
y CA K
ARTIK IY
ER
communication device
Dawood sends
CA FIN
AL IS
CA by
CA KARTI
K IYER
integrity or sovereignty
explicit material
Sec Regarding Impr.
(in yrs)
Fine
(in lacs)
67C Preservation & Retention of Information by intermediaries shall be done as prescribed by
CG. Any intermediary who intentionally or knowingly contravenes the provisions of sub
section (1) shall be punished.
3 Fine
68 Power of the Controller to give directions to Certifying Authority or an employee Any
person who intentionally or knowingly fails to comply
2 1
69 Powers to issue directions for interception or monitoring or decryption of any information
through any computer resource. If any person contravenes then
7 Fine
69A Power to issue directions for blocking for public access of any information through any
computer source. If any person contravenes then
7 Fine
69B Power to authorize tomonitor & collect traffic data or information through any computer
resource for Cyber Security. If any person contravenes then
3 Fine
70 Appropriate Govt. may declare in OG that any computer resource which directly or
indirectly affects the facility of Critical Information Infrastructure, to be a Protected System.
Any person who secures access or attempts to secure access to a protected system
10 Fine
70A National Nodal Agency shall be responsible for all measures including Research and
Development relating to protection of Critical Information Infrastructure
70B Indian Computer Emergency Response Team to serve as national agency for incident
response. DG + other officers shall be appointed. Function in the area of cyber security. SP,
intermediaries, data centers, body corporate or any other person should provide
information to ICERT. If they fail to do so penalty will be applicable.
1 1
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
prescribed by
sub
employee
decryption of
then
of any information through
data or information
contravenes then
that any computer
Information
attempts to
be responsible
protection
Emergency
CA FIN
AL IS
CA by
CA KARTI
K IYER
DG + other officers
intermediaries, data centers,
ICERT.
Sec Regarding Impr.
(in yrs)
Fine
(in lacs)
71 Penalty formisrepresentation or suppresses any material fact from, the Controller or the
Certifying Authority for obtaining any license or ESC
2 1
72 Penalty for breach of confidentiality and privacy. While providing services under the terms
of lawful contract, the defaulter has secured access to any material containing personal
information about another person, with the intent to cause or knowing that he is likely to
cause, wrongful loss or wrongful gain, discloses, without the consent of the person
concerned, or in breach of a lawful contract
2 1
72A Punishment of Disclosure of Information in breach of lawful contract 3 5
73 Penalty for publishing ESC false in certain particulars
For wrongful loss/gain
A person has ECS with Knowledge that
• Certifying Authority has not issued it
• Subsidiary listed in certificate has not accepted it
• Certificate has been revoked/ suspended
2 1
74 Whoever knowingly creates, publishes or otherwise makes available an ESC for any
fraudulent or unlawful purpose
2 1
75 Act to apply for offences or contraventions committed outside India
76 Confiscation of Any computer, computer system, floppies, compact disks, tape drives or
any other accessories
79 Exemption from Liability of Intermediary in certain cases
An intermediary shall be exempt from liability if he – {O2} i.e. Only provides access and
Observes due diligence. An intermediary should not – {InSe2} Initiate the transaction,
Select the receiver of the transmission, Select/modify information contained in
transmission. CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
CA FIN
AL IS
CA by
CA KARTI
K IYER
the
under the terms
containing personal
that he is likely
of the person
contract
accepted it
or otherwise
contraventions
computer, computer
Liability of Intermediary
shall be exempt
diligence.
receiver of