Unit – V
The Information Technology Act, 2000
1. Give the different definitions under “The Information Technology Act, 2000”.
Answer – The different definitions under “the Information Technology” Act are as under:
(a) "Access", with its grammatical variation and cognate expressions, means gaining entry into, instructing or communicating with the logical, arithmetical or memory function resources of a computer, computer system or computer network;
(b) "Addressee" means a person who is intended by the originator to receive the electronic record but does not include any intermediary;
(c) "Adjudicating officer" means an adjudicating officer appointed under sub-section (1) of section 46;
"Affixing digital signature", with its grammatical variations and cognate expressions means adoption of any methodology or procedure by a person for the purpose of authenticating an electronic record by means of digital signature;
"Appropriate Government " means as respects any matter- enumerated in List II of the Seventh Schedule to the Constitution;relating to any State law enacted under List III of the Seventh Schedule to the Constitution,the State Government and in any other case, the Central Government;
"Asymmetric crypto system" means a system of a secure key pair consisting of a private key for creating a digital signature and a public key to verify the digital signature;
"Certifying Authority" means a person who has been granted a license to issue a Digital Signature Certificate under section 24;
"Certification practice statement" issued by a Certifying Authority to specify the practices that the Certifying Authority employs in issuing Digital Signature Certificates;
"Computer" means electronic, magnetic, optical or other high-speed date processing device or system which performs logical, arithmetic and memory functions by manipulations of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or relates to the computer in a computer system or computer network;
"Computer network" means the inter-connection of one or more computers through-
(i) the use of satellite, microwave, terrestrial lime or other communication media; and
(ii) Terminals or a complex consisting of two or more interconnected computers whether or not the interconnection is continuously maintained;
"Computer resources" means computer, computer system, computer network, data, computer database or software;
"Computer system" means a device or collection of devices, including input and output support devices and excluding calculators which are not programmable and capable being used in conjunction with external files which contain computer programmes, electronic instructions, input data and output data that performs logic, arithmetic, data storage and retrieval, communication control and other functions;
"Controller" means the Controller of Certifying Authorities appointed under sub-section (1) of section 17’
"Cyber Appellate Tribunal" means the cyber Regulations Appellate Tribunal established under sub-section (1) of section 48;
"Data" means a representation of information, knowledge, facts, concepts or instruction which are being prepared or have been prepared in a formalized manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.
"Digital signature" means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3;
"Digital Signature Certificate" means a Digital Signature Certificate issued under sub-section (4) of section 35;
"Electronic from", with reference to information, means, any information generated, sent, received or stored in media, magnetic, optical, computer memory, micro film, computer generated micro fiche or similar device;
"Electronic Gazette" means Official Gazette published in the electronic form;
"electronic record" means date, record or date generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche;
"Function", in relation to a computer, includes logic, control, arithmetical process, deletion, storage and retrieval and retrieval and communication or telecommunication from or within a computer;
"Information’ includes data, text, images, sound, voice, codes, computer programmes, software and databases or micro film or computer generated micro fiche;
"Intermediary" with respect to any particular electronic message, means any person who on behalf of another person receives, stores or transmits that message or provides any service with respect to that message;
"Key pair", in an asymmetric crypto system, means a private key and its mathematically related public key., which are so related that the public key can verify a digital signature created by the private key;
"Law" includes any Act of Parliament or of a State Legislature, Ordinances promulgated by the President under article 240, Bills enacted as President’s Act under sub-clause (a) of clause (1) of article 375 of the Constitution and includes rules, regulations, bye-laws and order issued or made thereunder;
"License" means a license granted to a Certifying Authority under section 24;
(a) "Originator" means a license granted to a Certifying Authority under section 24;
(b) "Prescribed" means prescribed by rules made under the Act;
(c) "Private key" means the key of a key pair used to create a digital signature;
(d) "Public key" means the key of a key pair used to verify a digital signature and listed in the Digital Signature Certificate;
(e) "Secure system" means computer hardware, software and procedure that-
- Are reasonably secure from unauthorized access and misuses;
- Provide a reasonable level of reliability and correct operation;
- Are reasonably suited to performing the intended functions; and
- Adhere to generally accepted security procedures;
(f) "Security procedure" means the security procedure prescribed under section 16 by the Central Government;
(g) "Subscriber" means a person in whose name the Digital Signature Certificate is issued;
(h) "Verify", in relation to a digital signature, electronic record or public key, with its grammatical variations and cognate expressions, means to determine whether-
(a) the initial electronic record was affixed with the digital signature by the sue of private key corresponding to the public key of the subscriber;
(b) the initial electronic record is retained intact or has been altered since such electronic record was so affixed with the digital signature.
(2) Any reference in this Act to any enactment or any provision thereof shall, in relation to an area in which such enactment or such provision is not in force, be construed as a reference to the corresponding law or the relevant provision of the corresponding law, if any, in force in that area.
2. What is Electronic Governance and what are the Provisions for e-governance under the IT Act, 2000?
Answer - According to the World Bank, E-Governance is when government agencies use information and communication technologies to transform relations with citizens, businesses, and other government agencies. One of the prime objectives of the IT Act, 2000 is the promotion of electronic governance. In this article, we will talk about electronic records and e-governance.
Provisions for e-governance under the IT Act, 2000
These are the provisions under the IT Act, 2000 in the context of e-governance:
1. Legal Recognition of Electronic Records (Section 4)
Let’s say that a certain law requires a matter written, typewritten, or printed. Even in the case of such a law, the requirement is satisfied if the information is rendered or made available in an electronic form and also accessible for subsequent reference.
2. Legal recognition of digital signatures (Section 5)
Let’s say that the law requires a person’s signature to authenticate some information or a document. Notwithstanding anything contained in such law, if the person authenticates it with a digital signature in a manner that the Central Government prescribes, then he satisfies the requirement of the law.
For the purpose of understanding this, signature means a person affixing his handwritten signature or a similar mark on the document.
3. Use of electronic records and digital signatures in Government and its agencies (Section 6)
(1) If any law provides for –
- The filing of a form, application, or any document with any Government-owned or controlled office, agency, body, or authority
- The grant or issue of any license, sanction, permit or approval in a particular manner
- Also, the receipt or payment of money in a certain way
Then, notwithstanding anything contained in any other law in force such as filing, grant, issue, payment, or receipt is satisfied even if the person does it in an electronic form. The person needs to ensure that he follows the Government-approved format.
(2) With respect to the sub-section (1), may prescribe:
- The format and manner of filing, creating or issuing such electronic records
- Also, the manner and method of payment of any fees or charges for filing, creating or issuing any such records
4. Retention of electronic records (Section 7)
(1) Let’s say that the law requires the retention of certain records, documents or information for a specific period. In such cases, the requirement is also satisfied if the retention is in an electronic form, provided:
- The information contained therein is accessible and also usable for a subsequent reference.
- The format of the electronic record is the same as the one originally created, received or sent. Even if the format is changed, then it must accurately represent the original information.
- The electronic record contains details to facilitate the identification of the origin, destination, and also the date and time of the dispatch or receipt of the record.
This is provided that the clause does not apply to any information which is automatically generated primarily for the purpose of enabling an electronic record for dispatch or receipt.
(2) Nothing in this section applies to any law which expressly provides for the retention of records, documents or information electronically.
5. Publication of rules, regulations, etc., in Electronic Gazette (Section 8)
Let’s say that law requires the publishing of official regulation, rule, by-law, notification or any other matter in the Official Gazette. In such cases, the requirement is also satisfied if such rule, regulation, order, bye-law, notification or any other matter is published in the Official Gazette or Electronic Gazette.
However, the date of publication of the rule, regulation, by-law, notification or any other matter is the date of the Gazette first published in any form – Official or Electronic.
6. Section 6,7 and 8 do not confer a right to insist document should be accepted in Electronic form (Section 9)
It is important to note that, nothing contained in Sections 6, 7, and 8 confer a right upon any person to insist either the acceptance, issuance, creation or also retention of any document or a monetary transaction in the electronic form from:
- Ministry or Department of the Central/State Government
- Also, any authority or body established under any law by the State/Central Government
7. Power to make rules by Central Government in respect of digital signature (Section 10)
The IT Act, 2000 empowers the Central Government to prescribe:
- Type of digital signature
- Also, the manner and format of affixing the digital signature
- Procedures which facilitate the identification of the person affixing the digital signature
- Control processes and procedures to ensure the integrity, security, and confidentiality of electronic payments or records
- Further, any other matter which is legally important for digital signatures
3. Explain Attribution of electronic records and Acknowledgment of receipt.
Attribution of electronic records.
An electronic record shall be attributed to the originator -
- If it was sent by the originator himself.
- By a person who had the authority to act on behalf of the originator in respect of that electronic record, or
- By an information system programmed by or on behalf of the originator to operate automatically.
Acknowledgment of receipt
- Where the originator has not agreed with the addressee that the acknowledgment of receipt of electronic record be given in a particular form or by a particular method, an acknowledgment may be given by -
- Any communication by the addressee, automated or otherwise, or
- Any conduct of the addressee, sufficient to indicate to the originator that the electronic record has been received.
- Where the originator has stipulated that the electronic record shall be binding only on receipt of an acknowledgment of such electronic record by him, then unless acknowledgment has been so received, the electronic record shall be deemed to have been never sent by the originator.
- Where the originator has not stipulated that the electronic record shall be binding only on receipt of such acknowledgment, and the acknowledgment has not been received by the originator within the time specified or agreed or, if no time has been specified or agreed to within a reasonable time, then the originator may give notice to the addressee stating that no acknowledgment has been received by him and specifying a reasonable time by which the acknowledgment must be received by him and if no acknowledgment is received within the aforesaid time limit he may after giving notice to the addressee, treat the electronic record as though it has never been sent.
Time and place of despatch and receipt of electronic record
- Save as otherwise agreed to between the originator and the addressee, the dispatch of an electronic record occurs when it enters a computer resource outside the control of the originator.
- Save as otherwise agreed between the originator and the addressee, the time of receipt of an electronic record shall be determined as follows, namely :-
- If the addressee has designated a computer resource for the purpose of receiving electronic records -
- Receipt occurs at the time when the electronic, record enters the designated computer resource, or
- If the electronic record is sent to a computer resource of the addressee that is not the designated computer resource, receipt occurs at the time when the electronic record is retrieved by the addressee.
- If the addressee has not designated a computer resource along with specified timings, if any, receipt occurs when the electronic record enters the computer resource of the addressee.
- If the addressee has designated a computer resource for the purpose of receiving electronic records -
- Save as otherwise agreed to between the originator and the addressee, an electronic record is deemed to be dispatched at the place where the originator has his place of business, and is deemed to be received at the place where the addressee has his place of business.
- The provisions of sub-section (2) shall apply notwithstanding that the place where the computer resource is located may be different from the place where the electronic record is deemed to have been received under sub-section (3).
- For the purposes of this section -
- If the originator or the addressee has more than one place of business, the principal place of business, shall be the place of business.
- If the originator or the addressee does not have a place of business, his usual place of residence shall be deemed to be the place of business.
- "usual place of residence", in relation to a body corporate, means the place where it is registered.
4. Explain penalties. What is the penalty for failure to furnish information, return, etc and Residuary penalty ?
Answer - If any person without permission of the owner or any other person who is in charge of a computer, computer system or computer network,- accesses or secures access to such computer, computer system or computer network downloads, copies or extracts any data, computer data base information from such computer, computer system or computer network including information or data held or stored in any removable storage medium.Introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network;
Damages or causes to be damaged and computer, computer system or computer network, data, computer database or any other programmes residing in such computer, computer system or computer network;
Disrupts or causes disruption of any computer, computer system or computer network;
Denies or causes the denial of access to any person authorised to access any computer, computer system or computer network by any means;
Provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder;
Charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system or compute network he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected.
Explanation.-For the purposes of this section.- (i) “computer contaminant” means any set of computer instructions that are designed –
(a) to modify, destroy, record, transmit date or programme residing within a computer, computer system or computer network; or
(b) by any means to usurp the normal operation of the computer, compute system, or computer network;
(ii) “computer database” means a representation of information,
Knowledge, facts, concepts or instructions in text, image, audio, video that are being prepared or have been prepare in a formalised manner or have been produced by a computer, computer system or computer network and are intended for use in a computer, computer system or computer network;
(iii) “computer virus” means any computer instruction, information, data or programme that destroys, damages, degrades adversely affects the performance of a computer resources or attaches itself to another itself to another computer resources and operates when a programme, date or instruction is executed or some other even takes place in that computer resource;
(iv) “damage” means to destroy, alter, delete, add, modify or re-arrange any computer resource by any means.
Penalty for failure to furnish information, return, etc.-
If any person who is required under this Act or any rules or regulations made thereunder to-
(a) furnish any document, return or report to the Controller or the Certifying Authority fails to furnish the same, he shall be liable to a penalty not exceeding one lakh and fifty thousand rupees for each such failure;
(b) file any return or furnish any information, books or other documents within the time specified therefor in the regulations fails to file return or furnish the same within the time specified therefor in the regulations, he shall be liable to a penalty not exceeding five thousand rupees for every day during which such failure continues;
(c) maintain books of account or records fails to maintain the same, he shall be liable to a penalty no exceeding ten thousand rupees for every day during which the failure continues.
Residuary penalty.-
Whoever contravenes any rules or regulations made under this Act, for the contravention of which no penalty has been separately provided, shall be liable to pay a compensation not exceeding twenty-five thousand rupees to the person affected by such contravention or a penalty not exceeding twenty-five thousand rupees.
5. What is the Power to adjudicate ?
Answer - Power to adjudicate –
(1) For the purpose of adjudging under this Chapter whether any person has committed a contravention of any of the provisions of this Act or of any rule, regulation, direction or order made thereunder the Central
Government shall, subject to the provisions of sub section (3), appoint any officer not below the rank of a Director to the Government of India or an equivalent officer of a State Government to be an adjudicating officer for holding an inquiry in the manner prescribed by the Central Government .
(2) The adjudicating officer shall, after giving the person referred to in sub-section (1) a reasonable opportunity for making representation in the matter and if, on such inquiry, he is satisfied that the person has committed the contravention, he may impose such penalty or award such compensation as he thinks fit in accordance with the provisions of that section.
(3) No person shall be appointed as an adjudicating officer unless he possesses such experience in the filed of Information Technology and legal or judicial experience as may be prescribed by the Central Government.
(4) Where more than one adjudicating officers are appointed, the Central Government shall specify by order the matters and places with respect to which such officers shall exercise their jurisdiction.
(5) Every adjudicating officer shall have the powers of a civil court which are conferred on the Cyber Appellate Tribunal under sub-section (2) of section (2) of section 58, and-
(a) all proceedings before it shall be deemed to be judicial proceedings within the meaning of section 193 and 228 of the Indian Penal Code (45 of 1860);
(b) shall be deemed to be a civil court for the purpose of section 345 and 346 of the Code of Criminal Procedure, 1973 (2 of 1974).
6. What Factors to be taken into account by the adjudicating officer ?
Answer - While adjudging the quantum of compensation under this Chapter, the adjudicating officer shall have due regard to the following factors, namely:-
(a) the amount of gain of unfair advantage, whenever quantifiable, made as a result of the default;
(b) the amount of loss caused to any person as a result of the default;
(c) the repetitive nature of the default.
7. Briefly explainCyber Appellate Tribunal
Answer - The Information Technology Act, 2000 also provides for the establishment of the Cyber Appellate Tribunal. In this article, we will look at the establishment, composition, jurisdiction, powers, and procedures if a Cyber Appellate Tribunal.
Establishment of Cyber Appellate Tribunal (Section 48)
- The Central Government notifies and establishes appellate tribunals called Cyber Regulations Appellate Tribunal.
- The Central Government also specifies in the notification all the matters and places which fall under the jurisdiction of the Tribunal.
The qualifications for appointment as Presiding Officer of the Cyber Appellate Tribunal (Section 50)
A person is considered qualified for the appointment as the Presiding Officer of a Tribunal if –
- He has the qualification of the Judge of a High Court
- He is or was the member of the Indian Legal Service and holds or has held a post in Grade I of that service for at least three years.
The Term of Office (Section 51)
The Term of Office of the Presiding Officer of a Cyber Appellate Tribunal is five years from the date of entering the office or until he attains the age of 65 years, whichever is earlier.
Filling up of vacancies (Section 53)
If for any reason other than temporary absence, there is a vacancy in the Tribunal, then the Central Government hires another person in accordance with the Act to fill the vacancy. Further, the proceedings continue before the Tribunal from the stage at which the vacancy is filled.
Resignation and removal (Section 54)
- The Presiding Officer can resign from his office after submitting a notice in writing to the Central Government, provided:
- He holds office until the expiry of three months from the date the Central Government receives such notice (unless the Government permits him to relinquish his office sooner), OR
- He holds office till the appointment of a successor, OR
- Until the expiry of his office; whichever is earlier.
- In case of proven misbehaviour or incapacity, the Central Government can pass an order to remove the Presiding Officer of the Cyber Appellate Tribunal. However, this is only after the Judge of the Supreme Court conducts an inquiry where the Presiding Officer is aware of the charges against him and has a reasonable opportunity to defend himself.
- The Central Government can regulate the procedure for the investigation of misbehaviour or incapacity of the Presiding Officer.
Orders constituting Appellate Tribunal to be final and not to invalidate its proceedings (Section 55)
According to this section, no order of the Central Government appointing any person as the Presiding Officer of the Tribunal can be questioned in any manner. Further, no one can question any proceeding before a Cyber Appellate Tribunal in any manner merely on the grounds of any defect in the Constitution of the Tribunal.
Appeal to Cyber Appellate Tribunal (Section 57)
- Subject to the provisions of sub-section (2), a person not satisfied with the Controller or Adjudicating Officer’s order can appeal to the Cyber Appellate Tribunal having jurisdiction in the matter.
- No appeal shall lie to the Cyber Appellate Tribunal from an order made by an adjudicating officer with the consent of the parties.
- The person filing the appeal must do so within 25 days from the date of receipt of the order from the Controller or Adjudicating Officer. Further, he must accompany the appeal with the prescribed fees. However, if the Tribunal is satisfied with the reasons behind the delay of filing the appeal, then it may entertain it even after the expiry of 25 days.
- On receiving an appeal under sub-section (1), the Tribunal gives an opportunity to all the parties to the appeal to state their points, before passing the order.
- The Cyber Appellate Tribunal sends a copy of every order made to all the parties to the appeal and the concerned Controller or adjudicating officer.
- The Tribunal tries to expeditiously deal with the appeals received under sub-section (1). It also tries to dispose of the appeal finally within six months of receiving it.
8. What are the Procedure and powers of the Cyber Appellate Tribunal (Section 58)
Answer - Procedure and powers of the Cyber Appellate Tribunal (Section 58)
- The Code of Civil Procedure, 1908 does not bind the Cyber Appellate Tribunal. However, the principles of natural justice guide it and it is subject to other provisions of the Act. The Tribunal has powers to regulate its own procedure.
- In order to discharge its functions efficiently, the Tribunal has the same powers as vested in a Civil Court under the Code of Civil Procedure, 1908, while trying a suit in the following matters:
- Summoning and enforcing the attendance of any person and examining him under oath
- Ensuring the availability of the required documents or electronic records
- Receiving evidence on affidavits
- Issuing commissions for examining witnesses or documents
- Reviewing its decisions
- Dismissing an application for default or deciding it ex-parte, etc.
- Every proceeding before the Cyber Appellate Tribunal is like a judicial proceeding within the meaning of sections 193 and 228 and for the purposes of section 196 of the Indian Penal Code. Further, the Tribunal is like a Civil Court for the purposes of section 195 and Chapter XXVI of the Code of Criminal Procedure, 1973.
Right to Legal Representation (Section 59)
The appellant can either appear in person or authorize one or more legal practitioners to present his case before the tribunal.
Limitation (Section 60)
The provisions of the Limitation Act, 1963, apply to the appeals made to the Tribunal.
Civil Court not to have jurisdiction (Section 61)
If the IT Act, 2000 empowers the adjudicating officer or the Cyber Appellate Tribunal for certain matters, then no Civil Court can entertain any suit or proceedings for the same.
Further, no court can grant an injunction on any action that a person takes in pursuance of any power that the Act confers upon him.
Appeal to High Court (Section 62)
Let’s say that a person is not satisfied with the decision or order of the Tribunal. In such cases, he can file an appeal with the High Court. He must do so within 60 days of receiving the communication of the order/decision from the Tribunal.
The appeal can be on any fact or law arising out of such an order. The High Court can extend the period by another 60 days if it feels that the appellant had sufficient cause and reasons for the delay.
Compounding of contraventions (Section 63)
- The Controller or any other officer that he or the adjudicating authorizes may compound any contravention. Compounding is possible either before or after the institution of adjudication proceedings. This is subject to the conditions that the controller or such other officer or the adjudicating officer specifies. Provided, the sum does not exceed the maximum amount of penalty that the Act allows for the compounded contravention.
- Nothing in sub-section (1) applies to a person who commits the same or similar contravention within a period of three years from the date on which his first contravention was compounded. Therefore, if the person commits a second contravention after the expiry period of three years from the date on which his first contravention was compounded, then this becomes his first contravention.
- Once a contravention is compounded under sub-section (1), then no proceeding is possible against the person guilty of the compounded contravention.
Recovery of Penalty (Section 64)
If a penalty imposed under this Act is not paid, then the same is recovered as arrears of land revenue. Further, the license or digital signature certificate is suspended until the penalty is paid.
9. What do you understand by Cyber Offence ?
Answer - The faster world-wide connectivity has developed numerous online crimes and these increased offences led to the need of laws for protection. In order to keep in stride with the changing generation, the Indian Parliament passed the Information Technology Act 2000 that has been conceptualized on the United Nations Commissions on International Trade Law (UNCITRAL) Model Law.
The law defines the offenses in a detailed manner along with the penalties for each category of offence.
Offences
Cyber offences are the illegitimate actions, which are carried out in a classy manner where either the computer is the tool or target or both.
Cyber-crime usually includes the following −
- Unauthorized access of the computers
- Data diddling
- Virus/worms attack
- Theft of computer system
- Hacking
- Denial of attacks
- Logic bombs
- Trojan attacks
- Internet time theft
- Web jacking
- Email bombing
- Salami attacks
- Physically damaging computer system.
10. What are the offences which are included in the I.T. Act 2000 ?
Answer - The offences included in the I.T. Act 2000 are as follows −
- Tampering with the computer source documents.
- Hacking with computer system.
- Publishing of information which is obscene in electronic form.
- Power of Controller to give directions.
- Directions of Controller to a subscriber to extend facilities to decrypt information.
- Protected system.
- Penalty for misrepresentation.
- Penalty for breach of confidentiality and privacy.
- Penalty for publishing Digital Signature Certificate false in certain particulars.
- Publication for fraudulent purpose.
- Act to apply for offence or contravention committed outside India Confiscation.
- Penalties or confiscation not to interfere with other punishments.
- Power to investigate offences.
Example
Offences Under The It Act 2000
Section 65. Tampering with computer source documents
Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer program, computer system or computer network, when the computer source code is required to be kept or maintained by law for the being time in force, shall be punishable with imprisonment up to three year, or with fine which may extend up to two lakh rupees, or with both.
Explanation − For the purpose of this section “computer source code” means the listing of programs, computer commands, design and layout and program analysis of computer resource in any form.
Object − The object of the section is to protect the “intellectual property” invested in the computer. It is an attempt to protect the computer source documents (codes) beyond what is available under the Copyright Law
Essential ingredients of the section
Knowingly or intentionally concealing
Knowingly or intentionally destroying
Knowingly or intentionally altering
Knowingly or intentionally causing others to conceal
Knowingly or intentionally causing another to destroy
Knowingly or intentionally causing another to alter.
This section extends towards the Copyright Act and helps the companies to protect their source code of their programs.
Penalties − Section 65 is tried by any magistrate.
This is cognizable and non-bailable offence.
Penalties − Imprisonment up to 3 years and / or
Fine − Two lakh rupees.
Unit – V
The Information Technology Act, 2000
1. Give the different definitions under “The Information Technology Act, 2000”.
Answer – The different definitions under “the Information Technology” Act are as under:
(a) "Access", with its grammatical variation and cognate expressions, means gaining entry into, instructing or communicating with the logical, arithmetical or memory function resources of a computer, computer system or computer network;
(b) "Addressee" means a person who is intended by the originator to receive the electronic record but does not include any intermediary;
(c) "Adjudicating officer" means an adjudicating officer appointed under sub-section (1) of section 46;
"Affixing digital signature", with its grammatical variations and cognate expressions means adoption of any methodology or procedure by a person for the purpose of authenticating an electronic record by means of digital signature;
"Appropriate Government " means as respects any matter- enumerated in List II of the Seventh Schedule to the Constitution;relating to any State law enacted under List III of the Seventh Schedule to the Constitution,the State Government and in any other case, the Central Government;
"Asymmetric crypto system" means a system of a secure key pair consisting of a private key for creating a digital signature and a public key to verify the digital signature;
"Certifying Authority" means a person who has been granted a license to issue a Digital Signature Certificate under section 24;
"Certification practice statement" issued by a Certifying Authority to specify the practices that the Certifying Authority employs in issuing Digital Signature Certificates;
"Computer" means electronic, magnetic, optical or other high-speed date processing device or system which performs logical, arithmetic and memory functions by manipulations of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or relates to the computer in a computer system or computer network;
"Computer network" means the inter-connection of one or more computers through-
(i) the use of satellite, microwave, terrestrial lime or other communication media; and
(ii) Terminals or a complex consisting of two or more interconnected computers whether or not the interconnection is continuously maintained;
"Computer resources" means computer, computer system, computer network, data, computer database or software;
"Computer system" means a device or collection of devices, including input and output support devices and excluding calculators which are not programmable and capable being used in conjunction with external files which contain computer programmes, electronic instructions, input data and output data that performs logic, arithmetic, data storage and retrieval, communication control and other functions;
"Controller" means the Controller of Certifying Authorities appointed under sub-section (1) of section 17’
"Cyber Appellate Tribunal" means the cyber Regulations Appellate Tribunal established under sub-section (1) of section 48;
"Data" means a representation of information, knowledge, facts, concepts or instruction which are being prepared or have been prepared in a formalized manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.
"Digital signature" means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3;
"Digital Signature Certificate" means a Digital Signature Certificate issued under sub-section (4) of section 35;
"Electronic from", with reference to information, means, any information generated, sent, received or stored in media, magnetic, optical, computer memory, micro film, computer generated micro fiche or similar device;
"Electronic Gazette" means Official Gazette published in the electronic form;
"electronic record" means date, record or date generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche;
"Function", in relation to a computer, includes logic, control, arithmetical process, deletion, storage and retrieval and retrieval and communication or telecommunication from or within a computer;
"Information’ includes data, text, images, sound, voice, codes, computer programmes, software and databases or micro film or computer generated micro fiche;
"Intermediary" with respect to any particular electronic message, means any person who on behalf of another person receives, stores or transmits that message or provides any service with respect to that message;
"Key pair", in an asymmetric crypto system, means a private key and its mathematically related public key., which are so related that the public key can verify a digital signature created by the private key;
"Law" includes any Act of Parliament or of a State Legislature, Ordinances promulgated by the President under article 240, Bills enacted as President’s Act under sub-clause (a) of clause (1) of article 375 of the Constitution and includes rules, regulations, bye-laws and order issued or made thereunder;
"License" means a license granted to a Certifying Authority under section 24;
(a) "Originator" means a license granted to a Certifying Authority under section 24;
(b) "Prescribed" means prescribed by rules made under the Act;
(c) "Private key" means the key of a key pair used to create a digital signature;
(d) "Public key" means the key of a key pair used to verify a digital signature and listed in the Digital Signature Certificate;
(e) "Secure system" means computer hardware, software and procedure that-
- Are reasonably secure from unauthorized access and misuses;
- Provide a reasonable level of reliability and correct operation;
- Are reasonably suited to performing the intended functions; and
- Adhere to generally accepted security procedures;
(f) "Security procedure" means the security procedure prescribed under section 16 by the Central Government;
(g) "Subscriber" means a person in whose name the Digital Signature Certificate is issued;
(h) "Verify", in relation to a digital signature, electronic record or public key, with its grammatical variations and cognate expressions, means to determine whether-
(a) the initial electronic record was affixed with the digital signature by the sue of private key corresponding to the public key of the subscriber;
(b) the initial electronic record is retained intact or has been altered since such electronic record was so affixed with the digital signature.
(2) Any reference in this Act to any enactment or any provision thereof shall, in relation to an area in which such enactment or such provision is not in force, be construed as a reference to the corresponding law or the relevant provision of the corresponding law, if any, in force in that area.
2. What is Electronic Governance and what are the Provisions for e-governance under the IT Act, 2000?
Answer - According to the World Bank, E-Governance is when government agencies use information and communication technologies to transform relations with citizens, businesses, and other government agencies. One of the prime objectives of the IT Act, 2000 is the promotion of electronic governance. In this article, we will talk about electronic records and e-governance.
Provisions for e-governance under the IT Act, 2000
These are the provisions under the IT Act, 2000 in the context of e-governance:
1. Legal Recognition of Electronic Records (Section 4)
Let’s say that a certain law requires a matter written, typewritten, or printed. Even in the case of such a law, the requirement is satisfied if the information is rendered or made available in an electronic form and also accessible for subsequent reference.
2. Legal recognition of digital signatures (Section 5)
Let’s say that the law requires a person’s signature to authenticate some information or a document. Notwithstanding anything contained in such law, if the person authenticates it with a digital signature in a manner that the Central Government prescribes, then he satisfies the requirement of the law.
For the purpose of understanding this, signature means a person affixing his handwritten signature or a similar mark on the document.
3. Use of electronic records and digital signatures in Government and its agencies (Section 6)
(1) If any law provides for –
- The filing of a form, application, or any document with any Government-owned or controlled office, agency, body, or authority
- The grant or issue of any license, sanction, permit or approval in a particular manner
- Also, the receipt or payment of money in a certain way
Then, notwithstanding anything contained in any other law in force such as filing, grant, issue, payment, or receipt is satisfied even if the person does it in an electronic form. The person needs to ensure that he follows the Government-approved format.
(2) With respect to the sub-section (1), may prescribe:
- The format and manner of filing, creating or issuing such electronic records
- Also, the manner and method of payment of any fees or charges for filing, creating or issuing any such records
4. Retention of electronic records (Section 7)
(1) Let’s say that the law requires the retention of certain records, documents or information for a specific period. In such cases, the requirement is also satisfied if the retention is in an electronic form, provided:
- The information contained therein is accessible and also usable for a subsequent reference.
- The format of the electronic record is the same as the one originally created, received or sent. Even if the format is changed, then it must accurately represent the original information.
- The electronic record contains details to facilitate the identification of the origin, destination, and also the date and time of the dispatch or receipt of the record.
This is provided that the clause does not apply to any information which is automatically generated primarily for the purpose of enabling an electronic record for dispatch or receipt.
(2) Nothing in this section applies to any law which expressly provides for the retention of records, documents or information electronically.
5. Publication of rules, regulations, etc., in Electronic Gazette (Section 8)
Let’s say that law requires the publishing of official regulation, rule, by-law, notification or any other matter in the Official Gazette. In such cases, the requirement is also satisfied if such rule, regulation, order, bye-law, notification or any other matter is published in the Official Gazette or Electronic Gazette.
However, the date of publication of the rule, regulation, by-law, notification or any other matter is the date of the Gazette first published in any form – Official or Electronic.
6. Section 6,7 and 8 do not confer a right to insist document should be accepted in Electronic form (Section 9)
It is important to note that, nothing contained in Sections 6, 7, and 8 confer a right upon any person to insist either the acceptance, issuance, creation or also retention of any document or a monetary transaction in the electronic form from:
- Ministry or Department of the Central/State Government
- Also, any authority or body established under any law by the State/Central Government
7. Power to make rules by Central Government in respect of digital signature (Section 10)
The IT Act, 2000 empowers the Central Government to prescribe:
- Type of digital signature
- Also, the manner and format of affixing the digital signature
- Procedures which facilitate the identification of the person affixing the digital signature
- Control processes and procedures to ensure the integrity, security, and confidentiality of electronic payments or records
- Further, any other matter which is legally important for digital signatures
3. Explain Attribution of electronic records and Acknowledgment of receipt.
Attribution of electronic records.
An electronic record shall be attributed to the originator -
- If it was sent by the originator himself.
- By a person who had the authority to act on behalf of the originator in respect of that electronic record, or
- By an information system programmed by or on behalf of the originator to operate automatically.
Acknowledgment of receipt
- Where the originator has not agreed with the addressee that the acknowledgment of receipt of electronic record be given in a particular form or by a particular method, an acknowledgment may be given by -
- Any communication by the addressee, automated or otherwise, or
- Any conduct of the addressee, sufficient to indicate to the originator that the electronic record has been received.
- Where the originator has stipulated that the electronic record shall be binding only on receipt of an acknowledgment of such electronic record by him, then unless acknowledgment has been so received, the electronic record shall be deemed to have been never sent by the originator.
- Where the originator has not stipulated that the electronic record shall be binding only on receipt of such acknowledgment, and the acknowledgment has not been received by the originator within the time specified or agreed or, if no time has been specified or agreed to within a reasonable time, then the originator may give notice to the addressee stating that no acknowledgment has been received by him and specifying a reasonable time by which the acknowledgment must be received by him and if no acknowledgment is received within the aforesaid time limit he may after giving notice to the addressee, treat the electronic record as though it has never been sent.
Time and place of despatch and receipt of electronic record
- Save as otherwise agreed to between the originator and the addressee, the dispatch of an electronic record occurs when it enters a computer resource outside the control of the originator.
- Save as otherwise agreed between the originator and the addressee, the time of receipt of an electronic record shall be determined as follows, namely :-
- If the addressee has designated a computer resource for the purpose of receiving electronic records -
- Receipt occurs at the time when the electronic, record enters the designated computer resource, or
- If the electronic record is sent to a computer resource of the addressee that is not the designated computer resource, receipt occurs at the time when the electronic record is retrieved by the addressee.
- If the addressee has not designated a computer resource along with specified timings, if any, receipt occurs when the electronic record enters the computer resource of the addressee.
- If the addressee has designated a computer resource for the purpose of receiving electronic records -
- Save as otherwise agreed to between the originator and the addressee, an electronic record is deemed to be dispatched at the place where the originator has his place of business, and is deemed to be received at the place where the addressee has his place of business.
- The provisions of sub-section (2) shall apply notwithstanding that the place where the computer resource is located may be different from the place where the electronic record is deemed to have been received under sub-section (3).
- For the purposes of this section -
- If the originator or the addressee has more than one place of business, the principal place of business, shall be the place of business.
- If the originator or the addressee does not have a place of business, his usual place of residence shall be deemed to be the place of business.
- "usual place of residence", in relation to a body corporate, means the place where it is registered.
4. Explain penalties. What is the penalty for failure to furnish information, return, etc and Residuary penalty ?
Answer - If any person without permission of the owner or any other person who is in charge of a computer, computer system or computer network,- accesses or secures access to such computer, computer system or computer network downloads, copies or extracts any data, computer data base information from such computer, computer system or computer network including information or data held or stored in any removable storage medium.Introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network;
Damages or causes to be damaged and computer, computer system or computer network, data, computer database or any other programmes residing in such computer, computer system or computer network;
Disrupts or causes disruption of any computer, computer system or computer network;
Denies or causes the denial of access to any person authorised to access any computer, computer system or computer network by any means;
Provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder;
Charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system or compute network he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected.
Explanation.-For the purposes of this section.- (i) “computer contaminant” means any set of computer instructions that are designed –
(a) to modify, destroy, record, transmit date or programme residing within a computer, computer system or computer network; or
(b) by any means to usurp the normal operation of the computer, compute system, or computer network;
(ii) “computer database” means a representation of information,
Knowledge, facts, concepts or instructions in text, image, audio, video that are being prepared or have been prepare in a formalised manner or have been produced by a computer, computer system or computer network and are intended for use in a computer, computer system or computer network;
(iii) “computer virus” means any computer instruction, information, data or programme that destroys, damages, degrades adversely affects the performance of a computer resources or attaches itself to another itself to another computer resources and operates when a programme, date or instruction is executed or some other even takes place in that computer resource;
(iv) “damage” means to destroy, alter, delete, add, modify or re-arrange any computer resource by any means.
Penalty for failure to furnish information, return, etc.-
If any person who is required under this Act or any rules or regulations made thereunder to-
(a) furnish any document, return or report to the Controller or the Certifying Authority fails to furnish the same, he shall be liable to a penalty not exceeding one lakh and fifty thousand rupees for each such failure;
(b) file any return or furnish any information, books or other documents within the time specified therefor in the regulations fails to file return or furnish the same within the time specified therefor in the regulations, he shall be liable to a penalty not exceeding five thousand rupees for every day during which such failure continues;
(c) maintain books of account or records fails to maintain the same, he shall be liable to a penalty no exceeding ten thousand rupees for every day during which the failure continues.
Residuary penalty.-
Whoever contravenes any rules or regulations made under this Act, for the contravention of which no penalty has been separately provided, shall be liable to pay a compensation not exceeding twenty-five thousand rupees to the person affected by such contravention or a penalty not exceeding twenty-five thousand rupees.
5. What is the Power to adjudicate ?
Answer - Power to adjudicate –
(1) For the purpose of adjudging under this Chapter whether any person has committed a contravention of any of the provisions of this Act or of any rule, regulation, direction or order made thereunder the Central
Government shall, subject to the provisions of sub section (3), appoint any officer not below the rank of a Director to the Government of India or an equivalent officer of a State Government to be an adjudicating officer for holding an inquiry in the manner prescribed by the Central Government .
(2) The adjudicating officer shall, after giving the person referred to in sub-section (1) a reasonable opportunity for making representation in the matter and if, on such inquiry, he is satisfied that the person has committed the contravention, he may impose such penalty or award such compensation as he thinks fit in accordance with the provisions of that section.
(3) No person shall be appointed as an adjudicating officer unless he possesses such experience in the filed of Information Technology and legal or judicial experience as may be prescribed by the Central Government.
(4) Where more than one adjudicating officers are appointed, the Central Government shall specify by order the matters and places with respect to which such officers shall exercise their jurisdiction.
(5) Every adjudicating officer shall have the powers of a civil court which are conferred on the Cyber Appellate Tribunal under sub-section (2) of section (2) of section 58, and-
(a) all proceedings before it shall be deemed to be judicial proceedings within the meaning of section 193 and 228 of the Indian Penal Code (45 of 1860);
(b) shall be deemed to be a civil court for the purpose of section 345 and 346 of the Code of Criminal Procedure, 1973 (2 of 1974).
6. What Factors to be taken into account by the adjudicating officer ?
Answer - While adjudging the quantum of compensation under this Chapter, the adjudicating officer shall have due regard to the following factors, namely:-
(a) the amount of gain of unfair advantage, whenever quantifiable, made as a result of the default;
(b) the amount of loss caused to any person as a result of the default;
(c) the repetitive nature of the default.
7. Briefly explainCyber Appellate Tribunal
Answer - The Information Technology Act, 2000 also provides for the establishment of the Cyber Appellate Tribunal. In this article, we will look at the establishment, composition, jurisdiction, powers, and procedures if a Cyber Appellate Tribunal.
Establishment of Cyber Appellate Tribunal (Section 48)
- The Central Government notifies and establishes appellate tribunals called Cyber Regulations Appellate Tribunal.
- The Central Government also specifies in the notification all the matters and places which fall under the jurisdiction of the Tribunal.
The qualifications for appointment as Presiding Officer of the Cyber Appellate Tribunal (Section 50)
A person is considered qualified for the appointment as the Presiding Officer of a Tribunal if –
- He has the qualification of the Judge of a High Court
- He is or was the member of the Indian Legal Service and holds or has held a post in Grade I of that service for at least three years.
The Term of Office (Section 51)
The Term of Office of the Presiding Officer of a Cyber Appellate Tribunal is five years from the date of entering the office or until he attains the age of 65 years, whichever is earlier.
Filling up of vacancies (Section 53)
If for any reason other than temporary absence, there is a vacancy in the Tribunal, then the Central Government hires another person in accordance with the Act to fill the vacancy. Further, the proceedings continue before the Tribunal from the stage at which the vacancy is filled.
Resignation and removal (Section 54)
- The Presiding Officer can resign from his office after submitting a notice in writing to the Central Government, provided:
- He holds office until the expiry of three months from the date the Central Government receives such notice (unless the Government permits him to relinquish his office sooner), OR
- He holds office till the appointment of a successor, OR
- Until the expiry of his office; whichever is earlier.
- In case of proven misbehaviour or incapacity, the Central Government can pass an order to remove the Presiding Officer of the Cyber Appellate Tribunal. However, this is only after the Judge of the Supreme Court conducts an inquiry where the Presiding Officer is aware of the charges against him and has a reasonable opportunity to defend himself.
- The Central Government can regulate the procedure for the investigation of misbehaviour or incapacity of the Presiding Officer.
Orders constituting Appellate Tribunal to be final and not to invalidate its proceedings (Section 55)
According to this section, no order of the Central Government appointing any person as the Presiding Officer of the Tribunal can be questioned in any manner. Further, no one can question any proceeding before a Cyber Appellate Tribunal in any manner merely on the grounds of any defect in the Constitution of the Tribunal.
Appeal to Cyber Appellate Tribunal (Section 57)
- Subject to the provisions of sub-section (2), a person not satisfied with the Controller or Adjudicating Officer’s order can appeal to the Cyber Appellate Tribunal having jurisdiction in the matter.
- No appeal shall lie to the Cyber Appellate Tribunal from an order made by an adjudicating officer with the consent of the parties.
- The person filing the appeal must do so within 25 days from the date of receipt of the order from the Controller or Adjudicating Officer. Further, he must accompany the appeal with the prescribed fees. However, if the Tribunal is satisfied with the reasons behind the delay of filing the appeal, then it may entertain it even after the expiry of 25 days.
- On receiving an appeal under sub-section (1), the Tribunal gives an opportunity to all the parties to the appeal to state their points, before passing the order.
- The Cyber Appellate Tribunal sends a copy of every order made to all the parties to the appeal and the concerned Controller or adjudicating officer.
- The Tribunal tries to expeditiously deal with the appeals received under sub-section (1). It also tries to dispose of the appeal finally within six months of receiving it.
8. What are the Procedure and powers of the Cyber Appellate Tribunal (Section 58)
Answer - Procedure and powers of the Cyber Appellate Tribunal (Section 58)
- The Code of Civil Procedure, 1908 does not bind the Cyber Appellate Tribunal. However, the principles of natural justice guide it and it is subject to other provisions of the Act. The Tribunal has powers to regulate its own procedure.
- In order to discharge its functions efficiently, the Tribunal has the same powers as vested in a Civil Court under the Code of Civil Procedure, 1908, while trying a suit in the following matters:
- Summoning and enforcing the attendance of any person and examining him under oath
- Ensuring the availability of the required documents or electronic records
- Receiving evidence on affidavits
- Issuing commissions for examining witnesses or documents
- Reviewing its decisions
- Dismissing an application for default or deciding it ex-parte, etc.
- Every proceeding before the Cyber Appellate Tribunal is like a judicial proceeding within the meaning of sections 193 and 228 and for the purposes of section 196 of the Indian Penal Code. Further, the Tribunal is like a Civil Court for the purposes of section 195 and Chapter XXVI of the Code of Criminal Procedure, 1973.
Right to Legal Representation (Section 59)
The appellant can either appear in person or authorize one or more legal practitioners to present his case before the tribunal.
Limitation (Section 60)
The provisions of the Limitation Act, 1963, apply to the appeals made to the Tribunal.
Civil Court not to have jurisdiction (Section 61)
If the IT Act, 2000 empowers the adjudicating officer or the Cyber Appellate Tribunal for certain matters, then no Civil Court can entertain any suit or proceedings for the same.
Further, no court can grant an injunction on any action that a person takes in pursuance of any power that the Act confers upon him.
Appeal to High Court (Section 62)
Let’s say that a person is not satisfied with the decision or order of the Tribunal. In such cases, he can file an appeal with the High Court. He must do so within 60 days of receiving the communication of the order/decision from the Tribunal.
The appeal can be on any fact or law arising out of such an order. The High Court can extend the period by another 60 days if it feels that the appellant had sufficient cause and reasons for the delay.
Compounding of contraventions (Section 63)
- The Controller or any other officer that he or the adjudicating authorizes may compound any contravention. Compounding is possible either before or after the institution of adjudication proceedings. This is subject to the conditions that the controller or such other officer or the adjudicating officer specifies. Provided, the sum does not exceed the maximum amount of penalty that the Act allows for the compounded contravention.
- Nothing in sub-section (1) applies to a person who commits the same or similar contravention within a period of three years from the date on which his first contravention was compounded. Therefore, if the person commits a second contravention after the expiry period of three years from the date on which his first contravention was compounded, then this becomes his first contravention.
- Once a contravention is compounded under sub-section (1), then no proceeding is possible against the person guilty of the compounded contravention.
Recovery of Penalty (Section 64)
If a penalty imposed under this Act is not paid, then the same is recovered as arrears of land revenue. Further, the license or digital signature certificate is suspended until the penalty is paid.
9. What do you understand by Cyber Offence ?
Answer - The faster world-wide connectivity has developed numerous online crimes and these increased offences led to the need of laws for protection. In order to keep in stride with the changing generation, the Indian Parliament passed the Information Technology Act 2000 that has been conceptualized on the United Nations Commissions on International Trade Law (UNCITRAL) Model Law.
The law defines the offenses in a detailed manner along with the penalties for each category of offence.
Offences
Cyber offences are the illegitimate actions, which are carried out in a classy manner where either the computer is the tool or target or both.
Cyber-crime usually includes the following −
- Unauthorized access of the computers
- Data diddling
- Virus/worms attack
- Theft of computer system
- Hacking
- Denial of attacks
- Logic bombs
- Trojan attacks
- Internet time theft
- Web jacking
- Email bombing
- Salami attacks
- Physically damaging computer system.
10. What are the offences which are included in the I.T. Act 2000 ?
Answer - The offences included in the I.T. Act 2000 are as follows −
- Tampering with the computer source documents.
- Hacking with computer system.
- Publishing of information which is obscene in electronic form.
- Power of Controller to give directions.
- Directions of Controller to a subscriber to extend facilities to decrypt information.
- Protected system.
- Penalty for misrepresentation.
- Penalty for breach of confidentiality and privacy.
- Penalty for publishing Digital Signature Certificate false in certain particulars.
- Publication for fraudulent purpose.
- Act to apply for offence or contravention committed outside India Confiscation.
- Penalties or confiscation not to interfere with other punishments.
- Power to investigate offences.
Example
Offences Under The It Act 2000
Section 65. Tampering with computer source documents
Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer program, computer system or computer network, when the computer source code is required to be kept or maintained by law for the being time in force, shall be punishable with imprisonment up to three year, or with fine which may extend up to two lakh rupees, or with both.
Explanation − For the purpose of this section “computer source code” means the listing of programs, computer commands, design and layout and program analysis of computer resource in any form.
Object − The object of the section is to protect the “intellectual property” invested in the computer. It is an attempt to protect the computer source documents (codes) beyond what is available under the Copyright Law
Essential ingredients of the section
Knowingly or intentionally concealing
Knowingly or intentionally destroying
Knowingly or intentionally altering
Knowingly or intentionally causing others to conceal
Knowingly or intentionally causing another to destroy
Knowingly or intentionally causing another to alter.
This section extends towards the Copyright Act and helps the companies to protect their source code of their programs.
Penalties − Section 65 is tried by any magistrate.
This is cognizable and non-bailable offence.
Penalties − Imprisonment up to 3 years and / or
Fine − Two lakh rupees.