• Introduced
    Lok Sabha
    Dec 15, 2006
    Gray
  • Referred
    Standing Committee
    Dec 19, 2006
    Gray
  • Report
    Standing Committee
    Sep 07, 2007
    Gray
  • Passed
    Lok Sabha
    Dec 22, 2008
    Gray
  • Passed
    Rajya Sabha
    Dec 23, 2008
    Gray

The Information Technology (Amendment) Bill, 2006 proposes to amend the IT Act to (a) make the authentication of electronic record technology neutral, (b) provide for protection of personal information, (c) change the name and constitution of the appellate tribunal, (d) limit the liability of intermediaries and (e) establish an examiner of electronic evidence. It specifies that publishing or transmitting of offensive or pornographic material in electronic form would be an offence. In addition the Bill amends the Indian Penal Code, 1860 to include new offences such as identity theft and recording or transmitting nude images of a person without his permission.

Highlights of the Bill

  • The Information Technology (Amendment) Bill, 2006 amends the Information Technology Act, 2000.

  • The Bill makes a company handling sensitive personal data liable to pay compensation up to Rs 5 crore, if it is negligent in implementing reasonable security measures with respect to such data.

  • The Bill does not hold intermediaries liable for third party data or content made available by them. This protection is not absolute and intermediaries are required to remove unlawful data or content on receiving information about it.

  • The Bill proposes to enable authentication of electronic records by any electronic signature technique.

  •  

    The Bill changes the name and the composition of the appellate tribunal. It also establishes an examiner of electronic evidence to give expert opinion on “electronic form evidence”.

Key Issues and Analysis

  • The Bill enables the central government to intercept computer communication for investigation of any offence. Telephones and letters may be intercepted only to protect national interest, sovereignty etc.

  • Neither the IT Act nor any other law covers how personal information may be collected, processed, shared and used. While the Bill provides compensation for unlawful loss or gain arising from unauthorised use of data, it does not address the issue of breach of privacy.

  • Any person copying or destroying data without permission of the owner is liable to pay damages. The Bill does not cover situations in which an employee who has permission to access certain data misuses such data.

  • Intermediaries are not liable for third party data. They are required to remove unlawful content on receiving “actual knowledge”. This term is not defined.

  •  

    The expert committee appointed to suggest amendments to the IT Act had recommended stringent punishment for child pornography. The Bill does not address this. The Standing Committee stated that the issue of unwanted commercial e-mails (spam) has not been addressed.

Read the complete analysis here