-
Cyber Laws(BTCOE504)UNIT-I
Syllabus• Internet, E-Commerce And E-Governance With Reference
To Free Market
Economy• Understanding Computers, Internet and Cyber Laws•
Conceptual Framework of E-commerce:E-governance• The Role of
Electronic Signatures in E-commerce with Reference to Free
Market Economy in India.Reference Books1. Harish Chander, Cyber
Laws and It Protection, PHI Publication.
By Prof. Pankaj R. Patil
-
Understanding Computers, Internet and Cyber Laws Modern Era-
There is abundance of knowledge in every sphere of life in the
modern era. The
world has become very small and has come to be called the
'global village'.- The means of communication have become very fast
and any kind of
information from any place in the world can be obtained within
minutes with the help of the Internet wherein every field of
knowledge is available to the people across the world. Such a
scenario has also made possible a globalised free market economy in
the world.
- E-commerce is the trend today and many business transactions
are going online.
- Individuals and business houses need not directly deal with
the other business people for doing business.
By Prof. Pankaj R. Patil
-
- Business community as well as individuals are increasingly
using computers tocreate, transmit and store Information In the
electronic form instead of thetraditional paper documents.
- Information store in electronic form is very cheap easier to
store and retrieve,speedier, and long lasting, unlike paper
documents.
- Now, business people have realised the a advantages of
business transactionin the electronic form.
- Such a change of thinking of business people as well as the
availability of thefacilities in the form of computers and
electronic commerce has made itessential to have an effective legal
regime for governing the e-commerce andbusiness transactions
properly and effectively.
By Prof. Pankaj R. Patil
-
Need for Cyber Laws- The advantages of the use of computers and
internet are immense in the
modern business and our society cannot smoothly function without
computersand information technology (IT).
- But the use of internet and computers has brought along many
unavoidablemisuses of computer and the internet.
- This has been easily possible more so because, in the use of
the computers,there is no territorial limit and can be used from
any jurisdiction.
- This sort of freedom has helped many computer experts
Indulging in unlawfulcyber criminal activities across the
world.
- Hacking, bugging, cheating, pornography, embezzlement, fraud
and so on havebecome very popular on the internet
By Prof. Pankaj R. Patil
-
- In Times of India it was reported that the cases of credit
card fraud have shotup these days.-According to the Delhi Police,
complaints of online credit card frauds have seena sharp increase
in the past two years. And since online transactions are one-sided,
customers end up paying for frauds.- Moreover, there is
counterfeiting of plastic money. It may be Someone got
hold of your card details and copied them onto a bogus card, and
startedspending your money.
- even terrorists plot -terror over the Internet. It is reported
by the US officialsthat four Caribbean men who plotted to carry out
attacks on fuel tanks andlines leading to the John F. Kennedy
airport had conducted "precise andextensive" surveillance using
photographs, video, and satellite imagesdownloaded from the Google
Earth.
By Prof. Pankaj R. Patil
-
- the importance and need to have proper legislation to curb the
kinds crimes onthe internet present legal provisions recognize
paper based records anddocuments, which bear signatures. But the
e-commerce, eliminates to a greatextent the need for paper based
transactions, and therefore in order to facilitateand promote it,
there is an imminent need for cyber laws.
- The United Nations Commission on International Trade Law
adopted theModel Law on Electronic Commerce in 1996 India is a
signatory to this andhas therefore to revise the laws accordingly
Keeping in view the urgent need tobring suitable changes in the
existing laws to facilitate e-commerce and e-governance, the
Information and Technology Bill, 1999 was introduced in
theParliament in India.
- provides legal recognition of electronic records and
electronic signatures. Suchchanges in laws will enable the
conclusion of contracts and the creation orights and obligations
through the electronic medium.
- The new law also provides for the use and acceptance of
electronic recordsand electronic signatures in government offices
and its agencies.
By Prof. Pankaj R. Patil
-
Historical Perspective Impact of the Internet and Information
Technology (IT) on Business and
Society- Internet because of its open architecture ,digital
format and unifying protocols,
has emerged as the platform to support increase connectivity and
interactionamong network .
- technological development offer a vision of future marked by
new capabilitiesin processing speed , transport and storage of data
.
-
By Prof. Pankaj R. Patil
-
The Character & Use of Internet Technologies - Information
technologies and their applications are totally characterised
by
heterogeneity.- People access the internet by using a wide
variety of devices that range from high -
performance workstations to handheld appliances- heterogeneous
marketplace increases the importance of the role of standards.- The
unifying nature of the Transmission Control Protocol/Internet
Protocol (TCP/IP)
has been critical to Internet's success.- The intense volume of
information and the simplicity of its transfer causes some
problems.- Ownership of information is very hard to protect, the
illicit reuse of copyright
material is commonplace, the spreading of false and malicious
information is also adaily occurrence.
- Therefore, the aim of cyber or cyber-related laws world-wide
is to harmonise theexisting laws and the ultimate aim of
legislation world-wide should be to reduce thecosts of world trade
by issuing out inconsistencies and uncertainties resulting
fromdifferences in the municipal laws.
By Prof. Pankaj R. Patil
-
- merging of all sources of information into a single
retrievable database.- For instance, every home, office, news
medium, library, data bank business,
government agency and computer will be connected to every
device, such astelephone, television, or personal computer.
- Products and services once offered only at the local store are
now available tothe consumers at every corner of the planet.
- Around the world, e-commerce is the subject of intense
interest in manysectors: in government, business, service sector,
amongst consumers andacademics. E-commerce has expanded from the
closed world of business-to-business transactions between
non-parties to encompass a complex web ofdifferent activities
involving large number of individuals, many of whom willnever meet
each other.
- A world class telecommunications infrastructure and
information is the key torapid economic and social development of a
country
By Prof. Pankaj R. Patil
-
- IT has become a key enabler for economic growth, it has also
broughtabout fundamental changes as to how business is conducted.
India'sstrength in the software area has made it a key player in
the just-in-timeglobal economy where speed has become the important
factor.
- Internet transaction will involve parties from more than one
jurisdiction.- Thus, there is an urgent need for the international
community to develop a
uniform law based on fair principles of equality, and a system
forregulating the Internet and cyberspace regime in the world under
the law.
- Each country has tries to develop its own local, national or
municipallaws to deal with the the problems of cyber crimes and the
resolution ofdisputes about e-commerce and business transactions on
the Internet.
- concerted and genuine efforts by the international community
to bringabout a uniform international law to deal with the problem
of cyber crimesand disputes arising out of e-commerce and
international businesstransactions. By Prof. Pankaj R. Patil
-
- Internet provides intellectual property owners with a
unlimited market for theirworks. At the same time, it offers
similarly expanded opportunities for thoseseeking to abuse the
law.
- the act of registering a domain name similar to or identical
with a famoustrademark is an unfair competition whereby the domain
registrant takes unfairadvantage of the fame of the trademark to
either increase traffic to the domainor to seize a potential asset
of trademark owner in the hope that the trademarkowner will pay the
registrant to relinquish the domain name.
- even though many courts simply note the objective facts, such
as that adomain registrant Owns an inventory of domain names which
closely resemblefamous marks and which are not being used for any
commerce other than thepotential sale of the domain name to the
trademark owner.
By Prof. Pankaj R. Patil
-
- Yahoo! Inc. v. Akash Arora & Anr. wherein the Internet
search engine Yahoo!sued an Intenet pirate who had not only copied
the domain nameYahooindia.com but had used ‘Yahooindia’ as a
trademark in similar script onits website, and by offering
directory services with information specific toIndia, was passing
itself off as an extension of Yahoo, The defendant hadfurther
copied the contents of the plaintiff’s web page and consequently
theHTML code associated with the said page.
- In this case, the Delhi High Court granted an Injunction
restraining thedefendant from using Yahoo either as a part of his
domain name or atrademark or from copying any of the contents of
the plaintiff’s website andthereby infringing Yahoo’s copyrights.
The court also held that the trademarklaw applies with the equal
force on the Internet as it does in the physicalworld.
- Moreover, on account of the case of copying, anonymity, and
ease of accessfrom any comer of the world, the internet is a medium
in which the courtsshould take a strict view on copying.By Prof.
Pankaj R. Patil
-
-Apart from the usual or ordinary crimes of pornography,
hacking, bugging, cheatingand like, now a days websites are being
created for defaming and embarrassingindividuals either for
political purpose or for harassing women by posting them sexrelated
embarrassing situations, taking undue advantages and blackmailing
them.- JNU (Jawaharlal Nehru University) Scholar case.- an
airhostess had complained that she had been profiled on Orkur as a
“Sex struckwomen’. It is reported by The Economic Offences Wing of
the Delhi Police that it hasreceived 35 complaints against the site
called Orkut. And Delhi Police has registered 6cases in this
connection. It has been told by the joint Commissioner of Police
(CP)(Crime) Delhi Police that the sites are being used to settle
personal scores and defamepeople.-since most of such profiles are
created at cyber cafes it is often very difficult toidentify the
culprit (offender).-The situations explained in the previous two
paragraphs point out the utility and theadverse impact of the
Internet and cyberspace on commercial business as well aspeople in
society in general. Thus, there is a need to understand properly
the role ofcomputers, the cyber laws and the Internet.
By Prof. Pankaj R. Patil
-
Conceptual Framework of E-commerce:E-governance
What is E-commerce? - Traditionally, national or international
business or commerce was conductedthrough business contracts
specifically written on proper paper documents andwithout them, no
business contract—whether national or international—wasconsidered
binding and valid on the contractual parties.- In the past, there
was no possibility of any other form of contracting business
except through paper documents as the facilities of Internet or
cyberspace werenot available.
- conduct business on Internet both nationally and
internationally the conduct ofbusiness and business transactions of
any kind between the parties on theInternet and cyberspace is
called e-commerce.
By Prof. Pankaj R. Patil
-
- A new business when it is at the exploratory and planning
stage, some basiclegal and practical problems have got to be
understood. While Starting a newbusiness on the Internet or cyber
space, the following points must be considered
1. A thorough preparation of investigation and market research
is imperativebefore starting a new business on the internet.2.
Agreement have to be made, involve financial commitment, contract
have to beentered between business parties which are agreement
between parties which areenforceable under law.3. The business
entrepreneur should be aware about the problems peculiar to
thebusiness and the kind of transactions the businessman is going
to enter with theother parties.4. It is useful and advisable to
anticipate certain terms and conditions of thecontract which are
profitable and favorable. and knowing them. fully well will
belegally binding.
By Prof. Pankaj R. Patil
-
5. New business can be started as a single owner proprietary
business,partnershipbusiness with the firm name, Private Limited
Company. Or as a Public Limited Company.
Growth and Development of E-commerce- page of a e-commerce or
business on the World Wide Web (WWW) can reach
the surfers very fast in any part of the world.- The scope on
the page on the internet can subject the publisher to
jurisdiction
of a lawsuit anywhere in the world.- The advantages of
cyberspace are that its scope has no territorial boundaries.
And the cost and speed of messages of transactions on the net is
almost entirelyindependent of physical location.
- The Messages can be transmitted from one physical location to
any otherlocation without degradation, decay, or substantial
delay.
By Prof. Pankaj R. Patil
-
Various modes of E-Commerce- e-commerce operates on broad
characterizations through four modes which are
as follows1. Advertising, sale, lease or license of tangible
products over the Internet
includes goods and products such as shrink-wrapped software,
compact disks(CDs), books. machinery, and so on.
2. Advertising, sale, lease or license of intangible contents
such as softwaredownloads, digitized forms of music available for
downloads, electronicnewspapers, photos and services, offered by
online databases. In an intangibleproduct such as subscription for
an online newspaper in some cases, allowsthe same to be taken as a
print out of a hard copy. In such cases it may beargued that such
print out of a hard copy constitutes a tangible medium. Thecost of
printing is not included in the online newspaper whereas the cost
ofprinting is included in case of traditionally paper-based news
paper.
By Prof. Pankaj R. Patil
-
1. Advertising, sale, or license of services such as offshore
softwaredevelopment, online newspapers, online ticket bookings,
trading in stocks andshares, online banking, online casino games
and the like. Such services mayinclude push-content as well, if
such service is subscribed to. In such e-commerce in the form of
advertising, providing, selling, leasing, licensing,Internet access
and telecommunications are the concerned Internet ServiceProvider
(ISPs) and the backbone is the service providers.
2. Advertising, sale, lease, license of tangible products over
the internet theelectronic counterpart of our traditional order
systems. electronic counterpartof mail-order system function as
advertising,marketing, selling medium fortangible products derived
from content providers, Not only does advertisingtake place through
Online advertises but other media such as television orradio .
By Prof. Pankaj R. Patil
-
- e-commerce includes retailing and wholesale businesses, online
newspaper and otherinformation sources and services like
pay-per-use-schemes for online databases,subscription services,
online healthcare services, online gambling
services,videoconferencing, offshore and inland banking and stock
trading in a way everything thatthe traditional methods could
offer. Mechanism Involved in the Operation of Internet- All
machines connected to a network are generally identified by their
Internet Protocol (IP)
numbers and Internet also has its own IP number.- The devices
communicate with each other through the IP number system
functioning like
two conventional telephones.- For easier performance the
specific IP numbers denoting a computer is given a domain
name. And the communication of data takes place in the form of
packets. A typical ‘packet’contains a header as well as a data
part.
- The packets can traverse through several networks before
reaching destination. The formatand transmission of data is through
use of several protocols.
- The common protocol used on the Internet is Transmission
Control Protocol/InternetProtocol (TCP/IP).
- The data portion of packet can be encrypted for better
security. Packets are made to takethe shortest route to the
destination.
By Prof. Pankaj R. Patil
-
Type of Players in E-commerce- following important players are
involved in commercial transactions on the internet 1. Network
Provider:This forms a part of the internet backbone, providing the
requisite amount of bandwidth.2. Internet Service Provider
(ISP):The ISP contracts with the Individual users, Companies and
organizations to provide access to Internetin the form of dial-up
or leased accounts for a requisite fees.ISP also provides space on
its servers forhosting websites.3. The User:The most important
player in the e-commerce model is the user. All system of
e-commerce includingpurchase, sale, payment and others are
structured around the user.4. The Website:The website contracts
with the ISP to host its business. The user contracts with the
website forpurchase, sale of good, products or services. If
products or goods are intangible and exclusively foronline use, the
website may contract with a content provider to provide requisite
products and goods.And if the website represents any manufacturing
concern or is its own content provider, it may offer itsproducts
for sale, and in other cases, websites may have to offer royalty
for content providers for thepurchase of rights or license fees for
products.
By Prof. Pankaj R. Patil
-
5. The Payment Providers: -The payment providers are like Visa,
or Mastercard which offer exchange collection methodsthrough the
use of credit cards and various other forms of electronic money.
Generally,tangible forms of money like paper currency support
online payment mechanisms or creditcard payment.6. The Payment
System Provider:-These are the providers of underlying technology
and guidance for the payment systemproviders to function. The
payment providers need to get a license from payment
systemproviders like RBI or Cyber cash and the like.7. The Software
Architects: They provide applications for both clients and server
to enable efficient service over the Internet8. Advertiser:-like
Ad. In TV and radio, online Ad. Is a big business. It takes forms
of banner Ad. And e-mail ad. Advertiser contracts with the websites
and supplies Ad. , to increase number of users visiting the
websites
By Prof. Pankaj R. Patil
-
9. Content Provider:Provides product and goods to websites for
sale. They receive part of proceeds or royalty or both from the
website10. The Back-end System:These are software applications that
maintain inventory & accounting . Databaseproduct from oracle
& Microsoft are typical examples- Besides, players includes
search engine like yahoo or Alta Vista Web Development and Hosting
Agreement- A customer generally obtains only one of the services
which are describedseparately in the following segregated
categories:
By Prof. Pankaj R. Patil
-
- File conversation is the basic service which involves file
manipulation such as converting non-HTML documents into HIML and
scanning photos or graphics and saving such files into GIF or
JPEG.
- Web design involves creating designing the look and feel of
the website, including logos and banners, navigation bars or tools,
page layout and object placement.
- Code development involves coding HTML pages (from scratch), cg
scripts, and Java applets or other applications.
- System integration website involves integrating the website
with one or more third party applications, such as chat engines,
search engines, e-commerce store fronts etc.
- Back-end system involve integrating the website with one or
more existing applications such as legacy systems.
By Prof. Pankaj R. Patil
-
Web HostingWeb hosting in the generic description can encompass
a number of different relationshipsdescribed in the
following:-Collocation occurs when the customer locate customer
owned servers at the provider’sfacility. In a straight collocation
relationship, the providers will not manipulate content onthese
servers. Providers of these services usually provide space for the
servers in chain, fencedwithin ‘cages’.- In the typical hosting
relationship, the provider (as opposed to the customer) provides
theservers and software in addition to the Internet connection.-
Co-branding is a popular technique which has been used to expand
the scope of a customerwebsite co-branding pages on a third party
Servers.- Outsourcing is increasingly becoming popular. Outsourcing
occurs When a customeroutsources one or more functions of its
website to & third party provider. For example whowhere? allows
a customer website to offer co-branded e-mail to its users by
directingcustomer's User co-branded pages Operated on Who Where
server using Who where?Software.
By Prof. Pankaj R. Patil
-
The Problem of Internet Jurisdiction- The main trouble and
problem about the Internet Jurisdiction is the presenceof multiple
parties in various parts of the world who have a virtual nexus
witheach other.- The question arises in such cases that if one
party wants to sue the other, then
where can one sue? The municipal laws traditionally require two
areas, theplace where the defendant resides, and where the cause of
action arises.However, 1n the context of Internet, we find that
both these are difficult toestablish with any certainty.
- For example, X in India decides to download an article from a
website, andpays money for it through a credit card; but then he is
unable to performdownloading.
- If X wants to sue the owner of the site who is in England,
while the site itself isbased in a server in Malaysia. In this case
where does the defendant reside?The transaction having occurred on
the Internet, was the defendant in India orMalaysia?
By Prof. Pankaj R. Patil
-
- The problems of jurisdiction of such type of issues have
contributed to a gooddeal of confusion and contradiction that
prevail in the judicial decision of theInternet jurisdiction.
- In Cybersell, Inc. v. Cybersell, Inc it was found that a
conflicting factualsituation was involved over the
jurisdiction.
- The case was about a trademark dispute between two
corporations, one of themin Orlando and another at Arizona.
- The court was faced with the issue of whether the mere use of
a website by theFlorida Corporation was sufficient to grant the
court in Orlando to try the casewithin its jurisdiction. In this
case, the court held that it had no jurisdictionfocusing on
traditional analysis established by the US Supreme Courtconcerning
the due process aspects of personal jurisdiction.
- In this case, the Court opined “it is essential in each case
that there be someact by which the defendant purposefully avails
itself of the privilege ofconducting activities within forum state
,thus invoking benefits & protectionof its law.
By Prof. Pankaj R. Patil
-
Illustrative Cases about Cyberspace Jurisdiction- The Pres-kap,
Inc. v. System One, Direct Access, Inc;' case involved electronic
contacts
through a computerized airline reservation system.- The
plaintiff owned and operated a computerized airline reservations
system. The computer
system as well as plaintiff's main billing office was in Florida
and a branch office operated inNew York. The defendant based in New
York owned and operated a travel office in NewYork, the parties
negotiated a lease contract in New York and there was a breach of
contractwhich was the issue of the lawsuit.
- The Court in this case found only two contacts between
defendants and the forum StatesFlorida. The defendants forwarded
lease payments to a billing office in Miami anddefendant’s
computers made electronic contracts with the plaintiff's computer
base inFlorida. The Court, relying on Burger King Corp. v.
Rudzewicz, held that a contract withoutof state party alone could
not establish its jurisdiction. And so, it was left to decide
andconsider only the electronic contracts.
- The Florida Appeals Court ruled that electronic contracts with
a computer database locatedin talent State were insufficient to
establish personal jurisdiction.
By Prof. Pankaj R. Patil
-
Type of Websites- For the purposes of jurisdiction websites can
be divided into two groups:1.Passive and Interactive Sites: These
sites provide information in a read only format’.2. Interactive
Sites: These encourage the browser to enter information identifying
the browserand/or providing background on the browser's interest or
buying habits.
-In Zippo Mfg. Co. v. Zippo Dot Com Inc., the Court found
purposeful availment based on thedefendant’s interactive website
and contacts with 3000 individuals and seven Internet
accessproviders in Pennsylvania in a trademark infringement
lawsuit.- Here, the website allowed browsers to sign up for the
defendant’s Internet news service. The
defendant was a California company and its employees were
located in California, and thecompany maintained no office in
Pennsylvania, where the law suit was brought.
- The court concluded in this case that because of the 3000
Pennsylvania subscribers and theagreements with Pennsylvania
Internet Service Providers (ISPs), the defendant
purposefullyavailed itself of Pennsylvania’s jurisdiction.
By Prof. Pankaj R. Patil
-
- -The Court held that the defendant had minimum contacts with
the forum State.- In another case that of American Network, Inc. v.
Access America/Connect
Atlanta, Inc., wherein a trademark infringement case a Georgia
defendant washauled up into a New York Courts.
- A New York plaintiff sued the Georgia defendant for trademark
infringementand unfair competition in the US District Court for the
Southern District of NewYork. In this case, the plaintiff was a
provider of a similar consulting service tothose provided by the
defendant and claimed the mark used by the defendant, infringed the
plaintiff s mark . Since theplaintiff business was located in New
York and the defendant was aware of suchbusiness, it was reasonable
for the defendant to expect that the publication ofthe offending
mark on the Internet would result in harm suffered in New York.
By Prof. Pankaj R. Patil
-
- Again in Weber .v. Jolly Hotels’, wherein the plaintiff, Weber
a New Jerseyresident brought a law suit as a result of injuries
sustained while staying atdefendant’s hotel in Italy. In this case,
the plaintiff asserted that New Jerseymay exercise general
jurisdiction over the defendant, an Italian corporationwhich has
the defendant’s Internet advertisements. Following the present
caseto instances that involve advertisements placed in ‘national
publications’, theCourt held that Internet advertisement by itself
was not sufficient to conferpersonal jurisdiction upon a
defendant.
- To give a general jurisdiction, the Court opined that it
requires the activitywith the forum State to be continuous and
substantial, the basic requirementwhich has not been established in
this case.
- And the Court further observed that “advertising on the
Internet does nottantamount to directing activity at or to
purposefully availing on site of aparticular forum Thus it would he
observed that in Internet cases, the courtshave been holding that a
passive website should not be the basis forjurisdiction.
By Prof. Pankaj R. Patil
-
- It may be pointed out that the modern technology behind the
Internet has introduced anumber of complications and the issues,
and to determine a jurisdiction of the Court isnot that simple. We
see that an e-mail address does not always indicate or specify
thegeographical address of the sender. These factors have led to
the contradictions in thejudicial decisions with regard to the
effect of e-mail. Except when sent to a knownrecipient it may be
difficult to say that e-mail distribution is a method by which
acompany purposefully avail itself of the privilege of conducting
activities within therecipient’s forum state.
- it may be seen that on the question of jurisdiction by Courts
to be exercised on thedefendant is not always uniform and
consistent in the cases of Jurisdiction on theInternet.
- suggested that independent rule should govern the jurisdiction
on the internet .- by uniform law governing cyberspace transaction
would be easier.- Its possible for parties to prefer choice of
preferred forium of law under contract- parties often choose forum
between conflicting laws to apply its own law & its called
forum shopping
By Prof. Pankaj R. Patil
-
The Role of Electronic Signatures in E-commerce with Reference
to Free Market Economy in India
- India is one of the very few countries, in the world besides
Singapore, to havebrought about legislation in cyber laws in the
year 2000. One of the mainobjective of information technology (IT)
is to provide a legal recognition fortransactions carried out by
means of electronic data interchange and othermeans of electronic
communication, commonly referred to as e-commercewhich involves the
use of alternatives to the paper-based methods ofcommunication and
storage of information to facilitate electronic filing ofdocuments
with the government agencies.
-
By Prof. Pankaj R. Patil
-
- Primarily, in contracts, the significance of signature is
requirement of evidence inlaw, the law trusting the acknowledged
written word in favour of oral agreement. Thereason for this is
that signature on paper continued to exist as proof, while the
spokenword cannot be reproduced as a proof Therefore the need for
signature grew in view ofthe basic distrust of human motives so as
to bind the parties to promises with writtensignatures ensuring
non-repudiation.- Handwritten paper-based signatures identify a
person— by signing the signer marks
the test in his own way, and make it attributable to him.
Signature associates thecontent of a and shows int. Signature
provides certainty and proof to the personalinvolvement of that
person in the act of signing, signature associate the content ofthe
document and shows intention of the party to be bound by the
content of thecontract by signing.
- It also shows the intent of the persons to endorse the
authorship of the text, andassociate himself of written documents
by somebody else.
- Signature also shows the time and place of the document. It is
a kind of a ceremonyto show the legal significance of his act.
Moreover, signatures on a writtenmemorandum often impart a sense of
clarity and finality to the transaction.
- Therefore, the present practice of signatures by the parties
shows the validity andenforceability of a document. Signature
usually intends documenting the transactionand signing or
authenticating the documents.
By Prof. Pankaj R. Patil
-
- Electronic signatures is the need of the hour in order to
profitably carry out e-commerce andbusiness in the globalized free
market economy across the world. Basic Laws of Digital and
Electronic Signature in India- Under the IT Act, 2000, Chapter-II,
Section 3 provides the basic provisions of Authenticationof
electronic records:(l) Subject to the provision of this section,
any subscriber may authenticate an electronic recordby affixing his
digital signature.(2) The authentication of the electronic record
shall be effected by the use of asymmetric cryptosystem and hash
function which envelop and transform the initial electronic record
into anotherelectronic record,
By Prof. Pankaj R. Patil
-
Explanation:For the purposes of this sub-section, 'hash
function' means an algorithm mapping ortranslation of one sequence
of bitsinto another, generally smaller, set known as "hash result"
such that an electronic record yieldsthe same hash resultevery time
the algorithm is executed with the same electronic record as its
input making itcomputationally infeasible(a) to derive or
reconstruct the original electronic record from the hash result
produced by thealgorithm, and(b) that two electronic records can
produce the same hash result using the algorithm.
(3) Any person by the use of a public key of the subscriber can
verify the electronic record.(4) The private key and the public key
are unique to the subscriber and constitute afunctioning key
pair.
By the IT (Amendment) Act, 2008, the law has been provided with
anotherSection 3A which provides for as follows:
By Prof. Pankaj R. Patil
-
(1) Notwithstanding anything contained in Section 3, but subject
to the provisions ofsub-section (2), a- subscriber may authenticate
any electronic record by such electronic signature or
electronic authentication technique which(a) is considered
reliable; and(b) may be specified in the Second Schedule.- For the
purposes of this section, any electronic signature or electronic
authentication
technique shall be- considered reliable if(a) the signature
creation data or the authentication data are, within the context
inwhich they are used, linked to the signatory or, as the case may
be, the authenticatorand to no other person;(b) the signature
creation data or the authentication data were, at the time of
signing,under the control of the signatory or, as the case may be,
the authenticator and of noother person;
By Prof. Pankaj R. Patil
-
(c) any alteration to the electronic signature made after
affixing such signature isdetectable;(d) any alteration to the
information made after its authentication by electronicsignature is
detectable; and(e) it fulfils such other conditions which may be
prescribed.(3) The Central Government may prescribe the procedure
for the purpose ofascertaining whether electronic signature is that
of the person by whom it is purportedto have been affixed or
authenticated.(4) The Central Government may, by notification in
the Official Gazette, add to oromit any electronic signature or
electronic authentication technique and the procedurefor affixing
such signature from the Second Schedule: Provided that no
electronicsignature or authentication technique shall be specified
in the Second Schedule unlesssuch signature or technique is
reliable.(5) Every notification issued under sub-section (4) shall
be laid before each House ofParliament.- It’s essential to keep the
validity of digital signature under the law.
By Prof. Pankaj R. Patil
-
Authentication of Digital Signatures and Electronic Records-
section 3 of the IT Act, 2000, provides the conditions subjects to
which an electronic record may be
authenticated by means of affixing digital signature.- The
digital signature is created in two different steps- First, the
electronic record is converted into a message digest by using a
mathematical function
known as hash function which digitally freezes the electronic
record thus ensuring the integrity ofthe content of the intended
communication contained in the electronic record.
- Any tampering with the contents of the electronic record will
immediately invalidate the digitalsignature.’
- And secondly, the identity of the person affixing the digital
signature is authenticated through theuse of a private key which
attaches itself to the message digest and which can be verified by
anyperson who has the public key corresponding to such private key.
This process will enable any bodyto verify whether the electronic
record is retained intact or has been tampered with since it was
sofixed with the digital signature.
- Moreover, it will also enable a person who has a public key to
identify the originator of the message.- The IT (Certifying
Authorities) Rules, 2000, Rule 3 provides the manner in which the
information
can be authenticated by means of digital signature’.- According
to Rule 3 a digital signature—Shall be created and verified by
cryptography that concern
itself with transforming electronic record into seemingly
unintelligible forms and back again; usewhat is known as ‘public
key cryptography, which employs an algorithm using two
By Prof. Pankaj R. Patil
-
- in order to create a digital signature one has to sign an
electronic record for any other item of information.
- The signer shall first apply the hash function in the signer’s
software; hashfunction shall compute a hash result of standard
length which is unique (for allpractical purposes) to the
electronic record; the signer’s software transforms thehash result
into a digital signature using signer’s private key; the result
digitalsignature shall be unique to both electronic record and a
private key used tocreate.- The digital signature shall be attached
to its electronic record and storedor transmitted with its
electronic record.
By Prof. Pankaj R. Patil
-
Authentication of Electronic Signatures and Electronic Records-
Section 3A of the IT Act, 2008, provides for the procedures for
electronic signatures, electronic
records and the authentication of electronic signatures and
electronic authentication technique.- For the validity of
electronic signatures it is important to provide for such procedure
which is
considered reliable under the law. And such authentication of
electronic signatures .and electronicauthentication technique may
be specified in the Second Schedule.
- Any electronic signature or electronic authentication
technique shall be considered reliable if thesignature creation
data or authentication data are within the context in which they
are used andlinked to the signatory or the authenticator and to no
other person. And the signature creation data orauthentication data
were and at the time of signing, under the control of the signatory
or theauthenticator and not under the control of any other person.
Also, any alteration to the electronicsignature made after affixing
such signature is detectable. Similarly, any alteration to the
informationafter authentication by electronic signature shall be
detectable.
- Moreover, electronic signature or authenticator may be
required to fulfill other conditions whichmay be prescribed by the
government. The Central Government may prescribe the procedure
forascertaining Whether the electronic signature is of such person
who had affixed or authenticated.
- Central Government has the power to add to or Omit any
electronic signature or electronicauthentication and the procedure
from the Second Schedule. But such signature or
authenticationtechnique shall not be included in the Second
Schedule if they are not reliable.
By Prof. Pankaj R. Patil
-
UNCITRAL: Model Law on Electronic Commerce, 1996-The United
Nations Commission on International Trade Law (UNCITRAL) has
suggested the ModelLaw on e-commerce to be followed by all the
countries the world.-Article 7 of the UNCITRAL Model Law
provides:Where the law requires a signature of a person, that
requirement is met in relationto a data message if—(1) (a) A method
is used to identify that and to indicate that person’s approval
ofthe information contained in the data message;1) (b) That method
is as reliable as Was appropriate for the purpose for which the
data message wasgenerated or communicated, in the light of all the
circumstances, including any relevant agreement.(2) Paragraph (1)
applies whether the requirement there in is in the form of an
obligation or whetherthe law simply provides consequences for the
absence of a signature. :- The UNCITRAL model law on e-commerce
focuses on two basic function of signature, namely, toidentify the
author of document and to confirm that the author approved the
content of that document.The reading of these two paragraphs
establishes the principles that in an electronic environment,
thebasic legal functions of a signature are performed by way of a
method that identifies the originator of adata message and confirms
that the originator approved the content of that data message.
By Prof. Pankaj R. Patil
-
UNCITRAL: Draft Rules of November, 1998- Make a clear
distinction between electronic signatures, enhanced electronic
signatures and digital
signature.- Article 1 of the UNCITRAL (Draft Rules of November,
1998) provides the following:(a) “Electronic Signature’ means data
in electronic form in, affixed to, or logically associated with,
a
data message, and [that may be] used to [identify the signer of
the data message and indicate the Signer’sapproval of the
information contained in the data message] satisfy the conditions
set forth in Article 7(1) (a)of the UNCITRAL Model Law on
Electronic Commerce.(b) ‘Enhanced electronic signature’ means an
electronic signature which is created, and at the timeit was made
can be verified through the application of a security procedure or
combination ofsecurity procedures that ensures that such electronic
signature—(i) is unique to the signer for the purpose for which and
within the context;(ii) can be used to identify objectively the
Signer of the data message;(iii) was created and affixed to the
data message by the signer or using a means under the sole control
of the
signer: and(iv) was created and is linked to the data message to
which it relates in a manner such that any change in
the data message would be revealed.
By Prof. Pankaj R. Patil
-
- Variant A: ‘Digital signature means an electronic signature
created by transforming a datamessage using a message digest
function, and encrypting the resulting transformation with
anasymmetric cryptosystem using the Signer’s private key .such that
any person having theinitial untransformed data Message, the
encrypted transformation and the encryptedtransformation, and the
signers corresponding public key Can be accurately determine:(i)
transformation was created using the private key that corresponds
to thesigner’s public key; and(ii) whether the initial data message
has been altered since the transformation was made.-Variant B:
‘Digital Signature’ is a cryptographic transformation using an
asymmetriccryptographic technique of the numerical representation
of a data message, such that anyperson having the data message and
the relevant public key can determine, that-(i) the transformation
was created using the private key corresponding to the relevant
publickey; and(ii) that the data message has not been altered since
the cryptographic transformation.
By Prof. Pankaj R. Patil
-
Securing Electronic transactions Cryptography and Securing
Electronic Transactions
- An important condition for e-commerce’s survival is the
ability to safeguard all electronictransactions. Unless an
electronic transaction is secure it would be difficult to determine
itsauthenticity. Moreover, the users will be hesitant to send
confidential information over thenet. Existence of safeguards and
assurance that such transmission are foolproof will go along way
towards boosting e-commerce and the common way of protecting
electronictransactions is through cryptography. Cryptography uses
sophisticated mathematicalalgorithms, particularly a technology
which is known as asymmetric cryptography.
- In this process, encryption and decryption techniques involve
the use of two kinds of keys,public keys and private keys, both of
which are mathematically linked. One key is used forencryption and
the other corresponding key is used for decryption. Each user has a
pair ofkeys of which the private key is kept secret and the public
key is open to all.
- Therefore, if X wants to send a message to Y, X will encrypt
the message with Y’s publickey and send it to Y. It is only Y who
Would be able to access the message
- The nature of digital signature 1s the importance of digital
signature which is also knownas advanced or secure electronic
signature.By Prof. Pankaj R. Patil
-
The Concept of Hash Function- Apart from the generation of key
pairs, another fundamental process known as the hash
function is used in both creating and verifying a digital
signature.- A hash function is a mathematical process based on a
algorithm which creates a digital
representation or compressed form of the message, often referred
to as a ‘message digest’ or‘fingerprint’ of the message in the form
of a ‘hash value’ or ‘hash result’ of a standard lengthwhich is
usually much smaller than the message, but nevertheless
substantially unique to it.
- It is seen that encrypting a document with a public key system
requires a lot of time. Tospeed up the procedure, it is possible to
apply the private key, not to the whole message butonly on its
message digest (or hash code). The message digest is a sort of an
excerpt of theoriginal text, known as ‘digital fingerprint’.
- As hash function is public and therefore no private key is
required security of the hashfunction is very significant to the
integrity of the digital signature. To use the hash functionsfor
digital authentication they must have certain properties to make
them secure enoughcryptographic usage.
By Prof. Pankaj R. Patil
-
Utility of Digital Signature’s Verification- Thus the
verification of digital signature indicates that the digital
signature was created using
the signer’s private key, because only the signer’s public key
will verify a digital signature created with the signer’s private
key, and that the message was not altered since it was signed. -
This is because, the hash result computed in verification matches
the hash result form the digital signature, which was computed when
the message was digitally signed. Certification, Certifying
Authorities and the Status of Electronic Signature under the
Indian Law- Any person may make an application to the Certifying
Authority for issue of a Electronic
Signature Certificate. He has to apply in the prescribed form of
the Central Government. The application shall accompany by such fee
not exceeding twenty five thousands rupees as may be prescribed by
the Central Government to be paid to the Certifying Authority.
- On receipt of the application the Certifying Authority may
after consideration of the certification practice statement or the
other statement under Sub-section (3) and after making such
enquires as it may deem fit, grant the Electronic Signature
Certificate or for reasons to be recorded in writing, rejects the
application:
By Prof. Pankaj R. Patil
-
(a) The applicant holds the private key corresponding to the
public key to Be listed in theelectronic Signature Certificate.(b)
The applicant holds a private key, which 1s capable of creating a
electronic signature.(c) The public key to be listed in the
certificate can be used to verify a electronic signatureaffixed by
the private key held by the applicant.- Provided that no
application shall be rejected unless the applicant has been given
areasonable opportunity of showing cause against the proposed
rejection
By Prof. Pankaj R. Patil
-
The Appointment of Controller and Other Officers and Their
Functions- Under Chapter VI of the IT Act, 2000 as amended by the
IT (Amendment) Act, 2008, the Central Government may
by notification in the Official Gazette appoint a Controller of
CAs and may also by the same or subsequentnotification, appoint
such number of Deputy Controllers and Assistant Controllers, others
officers and employees as
it deems fit.-The Controller of Certifying Authorities may
perform all or any of thefunctions namely—(a) Exercising
supervision over the activities of the Certifying Authorities(b)
Certifying public keys of the Certifying Authorities;(c) Laying
down the standards to be maintained by the Certifying
Authorities;(d) Specifying the qualifications and experience which
employees of the certifying Authority should process;(e) Specifying
the conditions subject to which the Certifying Authorities shall
conduct their business;(f) Specifying the contents of written,
printed or visual materials and advertisements that may be
distributed or
used in respect of a Electronic Signature Certificate and the
Public key(g) Specifying the form and content of electronic
signature and the key(h) Specifying the form and the manner in
which accounts shall be maintained by certifying authority(i)
Specifying the term and condition subject to which auditors may be
appointed and remuneration to be paid to them
By Prof. Pankaj R. Patil
-
(j) Facilitating the establishment of any electronic system by a
Certifying Authority eithersolely or jointly with other Certifying
Authorities and regulation of such systems;(k) Specifying the
manner in which the Certifying Authorities shall conduct their
dealingswith the subscriber’s(l) Resolving any conflict of
interests between the Certifying Authoritiesand the subscriber’s(m)
Laying down the duties of the Certifying Authorities(n) Maintaining
a database containing the disclosure record of every Certifying
Authoritycontaining such particulars as may be specified by
regulations, which shall be accessible topublic.
By Prof. Pankaj R. Patil
-
Authentication and Verification of Electronic/Digital
Signatures- To give authenticity to a electronic/digital signature
the verifier must have access to the
signer’s public key and also should provide the assurance that
it corresponds to signer’sprivate key.
- The public and private key has no intrinsic association with
any person. It is simply a pairof numbers which is quite distinct
from paper base signature in the signer’s handwriting.
- Public key encryption is supposed to serve its usage in an
open environment so that thekeys are sent to a wide variety of
persons where there may not be any relationship or trustdevelopment
between the parties.
- In this process, the parties involved should have a high
degree of confidence in the publicand the private keys. In this
connection, it is found that Trusted Third Parties (TTP’s) or
theCAs have a very significant role to play. The CAs are generally
organized in a number ofcountries hierarchically into what is often
referred to as a Public Key Infrastructure (PKI).
- PKI is a way to provide confidence that a user’s public key
has not been tampered with andin fact corresponds to that of the
user’s private key.
- And that the encryption techniques being used are sound; and
the entities that issue thecryptographic keys can be trusted to
retain or recreate the public and private keys that maybe used for
confidentiality encryption where the use of such a technique is
authorized.
By Prof. Pankaj R. Patil
-
- It may be seen that National Legal System are dependent on the
power of governmentcoercion backed by the courts and the rule of A
law. The effectiveness of a legal system islimited by its political
and geographical boundaries.
- creating & verifying e-signature for many legal purposes1.
Signer authentication2. Message authentication3. Affirmative act4.
Efficiency
By Prof. Pankaj R. Patil
-
The Cost and Benefits of Implementing Electronic/Digital
Signatures in E-commerce in India
- First, there is the cost of institutional overheads of
establishing and utilizing CAs,repositories, and other important
services, as well as assuring quality in the performance oftheir
functions. Secondly, a subscriber or an electronic/ digital signer
will require software,and will also probably have to pay the CA the
fee for the issue of a Certificate.
- Finally, it works as an open system by retaining a high degree
of information security, evenfor information sent over open,
insecure but inexpensive and widely used channels.
By Prof. Pankaj R. Patil
-
Security Privacy of Electronic/ Digital Signatures- It is
essential that key generation is undertaken under the control of
the individual
concerned and that the private keys never leaves the possession
of that person withouttaking strong security precautions. In case
any other approach is taken, such as generationby a Services
organization or by a government authority, serious security and
privacy issuesarise because there is scope for the individual to be
convincingly impersonated.
- Another important concern relates to the manner in which
private keys are stored and arebacked-up and in which back-up
copies are stored.
- It is also common to have reforms as a privacy policy. Some of
the most privacy-intrusiverisk arise from the existence and misuse
of ‘public registers’ of various types for exampletelephone books,
motor vehicle register, electoral roll and registers of building
approvals.
By Prof. Pankaj R. Patil
-
Private Key Escrow and Key Recovery Systems- An Escrow is an
arrangement under which something is placed on deposit with a
trusted
party, but may be accessed by third parties under certain
conditions. Originally this systemwas used for title deeds for real
property, and as a source-code for software packages.
- The Keys Escrow System allows authorized Institutions under
certain conditions to decryptdata using information supplied by one
or more CAs/TTPs (Trusted Third Parties).
- Nowadays, cryptographers are using the so-called Key Recovery
approaches as analternative to key escrow systems. No key is ever
transferred to another party and this systemcan be understood by
imagining the lock of the front of a house.
By Prof. Pankaj R. Patil
-
- In this case, there are a series of digits, for instance, a
six-digit combination (instead of actualnumber) that the house
owner may give to his trusted party.
- Here again, it is not necessary that the house owner must
provide all six digits to the trustedparty. He may apply splitting
of the key approach and split the number and provide the spiltparts
to more than one trusted party.
- It is seen that the cryptography key recovery system is much
more complex. There are largenumbers of digits that go into the
construction of a key.
-What we need is some type of framework for licensing and
information transaction, whethermodelled on United Nations
Commission on International Trade Law (UNCITRAL) or not,would be
useful to facilitate information economy transactions.
By Prof. Pankaj R. Patil
-
Obligation of a Certifying Authority and Certificate Management-
The CA is expected to disclose adequate information to its
subscribers and also the relying
parties on the assurance levels in the Certificates that it
issues and the limitations of itsliabilities. This enables the
users of the Certificates to make well informed choices on thetypes
of Certificates that will meet their usage requirements.
- To ensure the integrity of Electronic/Digital Certificates,
the CA must implementappropriate security controls in the
certificate management process like certificateregistration,
generation issuance of certificate ,publication renewal,suspension
ofcertificate, their revocation and archival security controls.
By Prof. Pankaj R. Patil
-
Security Threats to Cyberspace and E-commerce- These days, most
of the people depend on computers to perform work, including
homework
and create or store useful information about the transaction or
necessary data.- And therefore it is imperative for the information
stored on the computer to be kept properly
with necessary security. It is also necessary that people
protect there computers from theloss of data misuse and the abuse.
it is important and crucial for business people to keepinformation
in computer, effectively secured so that hackers cannot access the
information.computer security risk is by any action that could
cause loss of information, software data,computes processing
incompatibilities.
- Under Section 70A the Central Government by notification
published in the OfficialGazette may designate any organization of
the Government as the national nodal agency inrespect of Critical
Information Infrastructure protection which shall be responsible
for allmeasures including Research and Development relating to
protection of CriticalInformation Infrastructure.
By Prof. Pankaj R. Patil
-
-The Indian Computer Emergency Response Team shall serve as the
national agency forperforming the following functions in the area
of cyber security:(a) Collection, analysis and dissemination of
information on cyber incidents.(b) Forecast and alerts of cyber
security incidents.(c) Emergency measures for handling cyber
security incidents.(d) Coordination of cyber incidents response
activities.(e) Issue guidelines, advisories, vulnerability notes
and whitepapers relating to informationsecurity practices,
procedures, preventation, response and reporting of cyber
incidents.(f) Such other functions relating to cyber security as
may be prescribed.
By Prof. Pankaj R. Patil
-
(5) The manner of performing functions and duties of the agency
referred to in sub-section (1)shall be such as may be
prescribed.(6) For carrying out the provision of sub-section (4),
the agency referred to in sub-section (1)may call for information
and give direction to the service providers, intermediaries,
datacentres, body corporate and any other person.(7) Any service
provider, intermediaries, data centers, body corporate or person
who fails toprovide the information called for or comply with the
direction under sub-section (6), shall bepunishable for a term
which may extend to one year or with fine which may extend to one
lakhrupees or with both.(8) No court shall take cognizance of any
offence under the section, except on a complaintmade by an officer
authorized in this behalf by the agency referred to in sub-section
(1)
By Prof. Pankaj R. Patil
-
- The biggest threats on the Internet are as follows:• Internet
Explorer tops the list of Internet security attack targets in the
most recent joint
report of the FBI and security organization SANS Institute.•
Phishing and identity theft—In this case, the message may ask the
user to click a link that
leads to a bogus Web page complete with realistic user-name and
password log-in fields, orit might ask for credit card numbers.
• Malware, which is a software designed to infiltrate or damage
a computer system withoutthe owner’s informed concerned. Malware
doesn’t need description as most of the usercertainly on one
occasion or other encountered some problem related to Malwares.
By Prof. Pankaj R. Patil
-
International Efforts to Enact Laws Relating to Electronic/
Digital Signatures-The OECD which consist of primarily
industrialized countries including Australia, Canada,
WesternEuropean Nations, Japan and the US have adopted a set of
guidelines for cryptography policy. Theseguidelines are summarized
as follows:• Cryptography method should be trustworthy in order to
generate confidence in the use of information
and communication system.• The users of cryptography should have
a right to choose any Cryptography method subject to the
applicable law.• Cryptographic methods should develop in
response to the needs, demands and responsibilities of
individuals, and businesses and of government.• The technical
standards criteria and protocols form cryptographic methods should
be developed and
promulgated at the national and international level. The
fundamental rights of individuals to privacyincluding secrecy of
communication and protection of personal data should be respected
in nationalcryptography policies and in the implementation and use
of cryptographic methods.
• National cryptographic policies may allow lawful access to the
plaintext of cryptography keys, ofencrypted data. These policies
must also respect the other principles contained in the guidelines
to thegreatest extent possible.
• Whether established by contract or legislations, the liability
of individuals and entities that offercryptographic services or
hold or access cryptographic keys should be clearly stated.
• The government should cooperate to coordinate cryptographic
policies, and as a part of this effort,government should remove or
avoid creating in the name. of cryptographic policy
unjustifiedobstacles to trade.
By Prof. Pankaj R. Patil
-
Efforts in the US• The US have enacted or drafted digital
signature legislation. The Utah Digital
Signature Act of 1995 provides a legal framework for the use of
cryptographyfor authentication and integrity purposes Guidelines
under the Singapore Electronic Transaction Act, 1998 - The
guidelines in the Singapore Electronic Transaction Act of 1998
provide for the
security guidelines to establish the security criteria for the
management systems andoperations of the CAs.
- The guidelines are aimed at protecting the integrity,
confidentiality and availability ofcertification services, data and
systems.
- The CAs are to be licensed by the Controller of CAs which are
required to comply with themandatory criteria stated in the
security guidelines.
- These guidelines supplement the provisions in the Electronic
Transaction Act and itsRegulations.
By Prof. Pankaj R. Patil
-
The above guidelines address the security criteria for the
following certificate manual function performed by the CA: •
Identification and authentication of registration, suspension and
revocation requests • Generation, issuance, suspension and
revocation of certificates • Publication and archival of
certificates and their suspension or revocation information •
Overall management and obligation of a CA • Certification
management • Key management • System and operations • Application
integration.
By Prof. Pankaj R. Patil
-
-Accordingly, the IT Act, 2000 has been enacted in India to meet
the challenges of e-commerce, cyberspace, digital technology and
communication system.- Keeping in view the United Nations
Commission on International Trade Law (UNCI
TRAL) which adopted a model law on electronic commerce, the
Indian law has tried tofollow the model law recommended by UNCI
TRAL in the year 1997, as in the case ofmodel law which provides
for equal legal treatment of users of electronic communicationand
paper-based communication. India has followed the model
recommendation whileenacting the IT Act, 2000.
By Prof. Pankaj R. Patil
-
Different Approaches of Digital Signatures • Prescriptive
approaches of Digital Signature: This comprehensive effort that
seeks to
enable and facilitate e-commerce with the recognition of digital
signatures through aspecific regulatory and statutory framework.
This approach establishes a detailed PublicKey Infrastructure (PKI)
licensing scheme, allocates duties between contracting
parties,prescribes liability standards and creates evidentiary
presumptions and standards forsignature or document
authentication.
• Criteria Based Approach: The predominant model for
criteria-based laws is the CaliforniaAuthentication Standard. The
California criteria-based approach has proved to be quiteflexible
for various State Legislatures in the US. In this approach, a broad
criteria may beapply both to electronic and digital signature,
since it is designed to lay the requirementsfor trustworthiness and
security. the In this approach,
• Signature-enabling Category Approach: general laws permit any
electronic mark that isintended to authenticate writing to satisfy
a signature requirement. It is found thatMassachusetts has put
'forward the most modest position regarding
electronicauthentication due to similar concerns as voiced in
California regarding the potential formarket distortions and the
need for technological neutrality
By Prof. Pankaj R. Patil
Cyber Laws�(BTCOE504)�Understanding Computers, Internet and
Cyber Laws�Slide Number 3Slide Number 4Slide Number 5Slide Number
6Slide Number 7 Slide Number 9Slide Number 10Slide Number 11Slide
Number 12Slide Number 13Conceptual Framework of
E-commerce:�E-governanceSlide Number 15Slide Number 16Slide Number
17Slide Number 18Slide Number 19Slide Number 20Slide Number 21Slide
Number 22Slide Number 23Slide Number 24Slide Number 25Slide Number
26Slide Number 27Slide Number 28Slide Number 29Slide Number 30Slide
Number 31�The Role of Electronic Signatures in E-commerce with
Reference to Free Market Economy in India �Slide Number 33Slide
Number 34Slide Number 35Slide Number 36Slide Number 37Slide Number
38Slide Number 39Slide Number 40Slide Number 41Slide Number 42Slide
Number 43Slide Number 44Slide Number 45Slide Number 46Slide Number
47Slide Number 48Slide Number 49Slide Number 50Slide Number 51Slide
Number 52Slide Number 53Slide Number 54Slide Number 55Slide Number
56Slide Number 57Slide Number 58Slide Number 59Slide Number 60Slide
Number 61Slide Number 62Slide Number 63Slide Number 64Slide Number
65