IT Act 2000: Does it suffice the need of the time?

“It has become appallingly obvious that our technology has exceeded our humanity.”

— Albert Einstein.

India accounts for 700 million Internet users, along with 375 reported cyberattacks reported in a day. From Financial transactions to connecting with our closed ones, digitalisation has become a prominent part of our lives. Does the concern exist over how safe we are as individuals while sharing our information? Let’s find out through the assessment of the Information Technology Act.

With such speedy development and with 5 million in 2000 to 81 million in 2010 internet users the Information Technology Act, 2000 was the need of the hour. IT act, 2000 got amended to broaden the Act and make it flexible. This led to the passage of Information Technology Act, 2008 and recent 2017 amendment talked about India which was growing rapidly in terms of digitisation without having proper grievance redressal which led to the setting up of Cyber Appellate Tribunal.

This is important to know why is the Information Technology Act being talked about, which came on 18th October 2000 and why it has been in the limelight this year as amidst lockdown India saw a 37% increase in cyber-attacks in the first quarter of 2020 as compared to the 4th quarter of the last year, a new report revealed.

IT Act 2000: Provisions and Setbacks

1. Under Section 43 of IT act 2000 act, hacking is a punishable offence with imprisonment up to 3 years, or with fine up to two lakh rupees, or both. Despite that, the instances of such nature keep occurring. For Example:

Recently Big basket’s user database was hacked into and the personal information of 2 crores users was sold on the dark web which included Email ids, Mobile numbers, Passwords, PINs, Names, etc with full addresses, location and IP addresses. It was sold on Dark web for $40,000. Various data breach cases which occurred in 2020 are Haldiram snacks, Indian Prime Minister’s Website called Narendra Modi.in, Redmi Good, Bharat Matrimony. Com and IRCTC- Online Ticket and Portal.

2. In India, even after numerous laws like POCSO and Section 67 B and 67 A under the Information Technology Act which have made the publication of obscene material illegal and for publishing pornographic content online. Kailash Satyarthi told Business Insider that, in India, short films are produced where children are being raped. Shockingly, a US NGO revealed that 25,000 cases of child porn material have been uploaded on social media sites in just 5 months in India.

In 2020 63 cases of Online Child Sexual Abuse and Exploitation (OCSAE) were registered in Karnataka under Protection of Children against Sexual Offences and Section 66E(Punishment for violation of privacy) and 67B of Information Technology Act, 2000. 46 people were held over 130 FIRs registered during the lockdown. While researching further we found out that Consumption of child pornography content in India has spiked by 95 per cent amid lockdown, according to a recent report by an NGO India Child Protection Fund (ICPF).

3. Section 69 A of the IT Act, 2000, was introduced by an amendment to the Act in 2008. It gives the Central government the power to block public access to any information online- whether on websites or mobile apps.

Recently our government banned 267 Chinese apps on the assumption that these apps might be threatening the national security and integrity of our country.

When we compare India’s IT Act laws with other countries’ laws like the UK and the USA, here’s what has been found:

The issues which are important enough to be addressed like Spam and Bank Account hacking have not been talked about intensely or do not have provisions in the Information Technology act. On the other hand, the USA and the European Union have enacted anti-spam legislation. Australia’s laws where spammers may be fined up to 1.1 million dollars per day. And for bank account hack IT act does talk about the unauthorized access to the banks but does not lay any duty upon the bank to protect the details of the customers. While on the other hand, the UK has a data protection law under which it holds banks accountable and responsible if any damage is caused to the customers’ if their information is leaked. The Indian IT Act amendment talks about the ‘sensitive personal data’ in section 43 but fails to define what exactly it implies by sensitive personal data.

The Way Forward

To make the Information Technology act more refurbished and pertinent in the times of technological boom, certain points of the actions which need to be worked upon are:

It’s time we need specific laws on social media, fake news and e-commerce. Because most of the laws applied to the crimes are of two different legislations which are Indian Penal Code and Information Technology. Majorly, the offences under IT act are bailable and compoundable and can lead to an amicable settlement between the parties whereas the offences under IPC are not bailable and may also lead to higher punishment span.

As witnessed recently how the government sites and common grocery sites like Big Basket and PM Man ki Baat got hacked. What’s needed is a strong encryption technology and mainly for government organizations because they are more dependent on computers for the work and the information is too sensitive that they can’t afford any leakage of the transactions.

While considering the above points, it’s important to discuss Digital literacy in India. A recent report by the Digital Empowerment Foundation shows that 30% of our population lacks basic literacy and thrice that of digital literacy. It’s important to focus on digital literacy too along with the need for the laws. The awareness about where to provide data, or personal information is a necessary step to keep ourselves safe and secure online.

Some food for thought– Isn’t it strange that a new Personal Data Protection Bill is going to be enacted soon whereas, under the IT Act, the term ‘encryption’ has not even been defined?