ELECTRONIC RECORD

&
DIGITAL SIGNATURE

Introduction

The government of India introduced the Information technology act, 2000 for making suitable amendments to the existing laws to facilitate e-commerce and give legal recognition to electronic records and digital signatures, which will facilitate the conclusion of contracts and the creation of legal rights and obligations through electronic communication like internet. The IT law also contains provisions regarding cyber law and all other activities carried out by electronic means.

What is Electronic Record ?

According to Information technology Act, 2000(Section 2) .Electronic record means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche.

What is Digital Signature ?

Digital Signature means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provision of Section 3. - According to Information technology Act, 2000 (Section 2)

Security of Electronic record and digital signature

The IT act sets out the conditions that would apply to qualify electronic records and digital signatures as being secure . It contains section 14 16 14. Secure electronic record. Where any security procedure has been applied to an electronic record at a specific point of time. then such record shall be deemed to be a secure electronic record from such point of time to the time of verification. 15. Secure digital signature. If, by application of a security procedure agreed to by the parties concerned, it can be verified that a digital signature, at the time it was affixed, wasunique to the subscriber affixing it. capable of identifying such subscriber. created in a manner or using a means under the exclusive control of the subscriber and is linked to the electronic record to which it relates in such a manner that if the electronic record was altered the digital signature would be invalidated. then such digital signature shall be deemed to be a secure digital signature.

16. Security procedure. The Central Government shall for the purposes of this Act prescribe the security procedure having regard to commercial circumstances prevailing at the time when the procedure was used, includingthe nature of the transaction. the level of sophistication of the parties with reference to their technological capacity. the volume of similar transactions engaged in by other parties. the availability of alternatives offered to but rejected by any party. the cost of alternative procedures, and the procedures in general use for similar types of transactions or communications.

What is digital signature certification?

Section 35 lays down the procedure for insurance of a digital signature certificate . It provides that an application for such certifacte shall be made in the prescribed form and shall be prescribed by the central govt. and different fees may be prescribed for different classes of applicants. The section also provides that no digital signature certifacte shall be granted unless the certifying authority is satisfied . The applicant holds the private key corresponding to the public key is listed A private key , Is capable of creating a digital signature The public key is listed in the certificate and can be used to verify the signature

SUSPENSION OF DIGITAL SIGNATURE CERTIFICATE

The certifying authority may suspend such certificate if it thinks that such a step needs to be taken in public interest . It shall not be suspended for a period exceeding 15 days unless the subscriber has been given an opportunity of being heard .

REVOCATION OF DIGITAL SIGNATURE CERTIFACTE

SECTION 38 provides for revocation under certain circumstances. Such revocation shall not be done unless the subscriber has been given an opportunity of being heard in the matter. Revocation or suspension should be published through a notice by a certifying authority.

Duties of subscribers (Sec 4042)

The subscriber shall generate a key pair using a secure system. By accepting the certificate, the subscriber certifies to the public;
That he holds the private key correspondent to the public key. That all the information contained in the certificate as well as material relevant are true.

The subscriber shall exercise all reasonable care to retain control of his

Penalties and adjudication (43-47)

The act provides for awarding compensation or damages for certain types of computer frauds. It also provides for the appointment of adjudicating officer for holding an inquiry in relation to certain computer crimes and for awarding compensation.

Types of penalties

Penalty for damage to computer, computer system or network.

It is dealt under sec 43 by any of the following methods. By Securing access By downloading or extracting any data, computer database of information or those stored in any removable storage medium. Introducing any computer contaminant or virus. By damaging. By disrupting. By denying access to any person authorized. Providing assistance to any unauthorized person.

Penalty for failure to furnish information, return, etc (Sec 44)

If any person who is required to under this act or any rules or regulations made thereunder to: Furnish any document, return or report to the controller or the certifying authority fails to do so. File any return or furnish any information, books or other documents with in the time specified therefore in the regulations. Maintain books of account or records, fails to maintain the same.

Residuary penalty (Sec 45) Whoever contravenes any rules and regulations made under this act, for the contravention of which no penalty has been separately provided according to this section.

Adjudicating officer
Power to adjudicate according to section 46. The officer can not be below the rank of a director to the government of India or an equivalent officer of a state government. Such appointment is made by the central government. A person to be eligible must have adequate experience in the field of IT and such legal or judicial experience as may be prescribed by the central

Quantum of compensation

Section 47 provides that while deciding up on the quantum of compensation the officer shall have due regard to the amount of gain of unfair advantage and the amount of loss caused to any person as well as the respective nature of the default.