The Bill to amend the Information Technology Act, 2000 was passed in both houses of parliament in December, 2008. It received assent of the President on the 5th February, 2009 and was notified in the Gazette as The Information Technology (Amendment) Act, 2008. The amended Information Technology Act is operational since 27th October 2009. The legislation provides measures to tackle cyber crimes including terrorism, pornography (including child pornography), e-commerce frauds, video voyeurism as well as provisions that will help realize a strong data protection regime in the country that is expected to enhance trustworthiness of the Indian IT/BPO service providers.

The government has to make rules under several provisions of the Amended IT Act. DSCI and NASSCOM was consulted by the government for framing of rules under sections 43A, 67C, and 79. Inputs on the following have been solicited from DSCI:

• 43A Compensation for failure to protect data : a body corporate handling any sensitive personal data or information in a computer resource controlled/operated by it has to follow reasonable security practices – failure to do so may result in loss of information which will make it liable to pay compensation. For this section, government requires DSCI views on “reasonable security practices and procedures”, and on “sensitive personal data or information”.
• 67C Preservation and retention of information by intermediaries : intermediary has to preserve and retain information for specified duration, in a manner and format as may be prescribed by the government. If an intermediary intentionally or knowingly contravenes such provisions he is liable to imprisonment upto three years.
• 79 Exemption from liability of intermediary in certain cases : under certain conditions intermediary is not liable for third party information or data. But on receiving actual knowledge, or on being notified by the government that any information residing in his computer resource is being used to commit an unlawful act, if the intermediary fails to remove or disable access, he shall become liable for punishment.

View or Download the Consultation Paper submitted by DSCI to the Department of Information Technology on the amended Information Technology Act. Also, explore our Resource Library and know more about the Making of Rules, IT (Amendment) Act 2008, Draft Encryption Policy submitted to the DIT.

Click to read the Articles contributed by DSCI in the leading dailies to raise awareness about the amended IT Act.