Friday, 12 August 2016

BSIT 64 (COMPUTER ETHICS AND CYBER LAWS) ~ gniithelp

Unit 1  (What is Computer Ethics)

1. Define computer ethics.
Answer- 
The term computer ethics was coined in the mid 1970s by Walter Manor to refer to that field of applied professional ethics dealing with ethical problems aggravated, transformed, or created by human technology. Computer ethics is the analysis of the nature and social impact of computer technology, and the formulation and justification of the policies for the ethical use of such technology. Computer ethics examine the ethical issues surrounding computer usage and the connection between ethics and technology. It includes consideration of both personal and social policies for ethical use of computer technology. The goal is to understand the impact of computing technology upon human values, minimize the damage that technology can do to human values, and to identify ways to use computer technology to advance human values. 

2. Explain the four classifications of ethical issues.
Answer- 
Ethical issues can be classified into:
1. Privacy issues: The privacy issues deal with the collection, storage, and dissemination of information about individuals. For example:
  • What information about oneself should an employer reveal to others?
  • What kind of surveillance can an employer use on its employees?
  • What things can people keep to themselves and not be forced to reveal to others?
  • What information about individuals should be kept in databases, and how secure is the information there?
2. Accuracy issues: The accuracy issues deal with authenticity, fidelity, and accuracy of information collected and procured. The questions that need to be addressed in accuracy issues include:
Who is responsible for the accuracy, fidelity, and accuracy of information collected?
  • How can we ensure that information will be processed properly and presented accurately to the users?
  • How can we ensure that errors in databases, data transmissions, and data processing are accidental and not intentional?
  • Who is to be held responsible for errors in information, and how should the injured party be compensated?
3. Property issues: The property issues deal with ownership and value of information (intellectual property). Examples of issues that need to be addressed as property issues are:
  • Who owns the information?
  • What are the just and fair prices for its exchange?
  • How should one handle software piracy?
  • Under what circumstances can one use proprietary databases?
  • Can corporate computers be used for private purposes?
  • How should experts who contribute their knowledge to create expert systems be compensated?
  • How should access to information channels be allocated?
4. Accessibility issues: The accessibility issues concern with the right to access information and payment towards the same. These issues include:
  • Who is allowed to access information?
  • How much should be charged for permitting accessibility to information?
  • How can accessibility be provided for employees with disability?
  • Who will be provided with the necessary equipments for accessing information?
There is a need to address these four types of issues so that the computer and information technology business operates in an ethical domain. We must ensure that information technology, and the information it handles, is used to enhance the dignity of mankind.

Unit 2  (Topics In Computer Ethics)

1.Examine the social and ethical issues arising out of the presence of computers in the workplace.

Answer- 
The social and ethical issues that can arise out of the presence of computers in the workplace are:
  • Task Automation: At workplace, computers have become universal tools that can in principle perform any task and hence pose a threat to jobs. They are far more efficient than humans in performing many tasks. Therefore, economic incentives to replace humans with computerized devices are very high. In the industrialized world, many workers doing jobs as bank tellers, autoworkers, telephone operators, typists, and graphic artists, have already been replaced by computers. Even professionals like medical doctors, lawyers, teachers, accountants, and psychologists are finding that computers can perform many traditional duties performed by workers and professionals. On the other hand, the computer industry has generated a wide range of new jobs in the form of hardware engineers, software engineers, system analysts, webmasters, information technology teachers, and computer sales clerks. Even when a job is not eliminated by computers, the job profile could be radically altered. An airplane pilot may be assisted by computers to make choice about the best landing times and air corridor selection. So, job gains and losses are to be viewed in the context of the society we live in.
  • Health and Safety: Another workplace issue concerns health and safety. Often radiation from machines, repetitive injuries, and posture related problems are common at computer dominated workplaces. Another concern is poisonous non biodegradable computer waste, which is causing a major threat to the environment. When information technology is introduced into the work place, it is important to consider the likely impact upon health and job satisfaction of workers who will use it. The advent of stress in the workplace due to the introduction of computers is becoming more and more evident.
  • Employee Monitoring: Another major concern is the employee monitoring or surveillance by the organizations using sophisticated computer driven technology. Some amount of monitoring may be vital for protecting the interest of the employer and to increase productivity, but excess of such surveillance can becomes unethical.

2. Discuss the impact of globalization on computer ethics.
The fast pace of globalization and creation of global and cyber markets, has given computing a new meaning. Bynum and Rogerson (1996) have suggested the use of the expression "Global Information Ethics" to describe the impact of globalization on computers ethics. Others (see van den Hoven, Introna, Johnson, and Nissenbaum, 1999) have used the expression "Information Communications Technology Ethics" or ICT Ethics to attempt to capture the convergence of information-related and 
communications-related ethical issues in a global context. 

Global networks like the Internet and especially the World Wide Web (WWW) are connecting people all over the globe. Efforts are on to develop mutually agreeable standards of conduct and efforts to advance and defend human values. Globalization has led to the discussion of the following issues:
  • Global Laws: Over 200 countries are already interconnected by the Internet. Given this situation, what is the effect and impact of the law of one particular country on the rest of the world? Issues regarding freedom of speech, protection of intellectual property, invasion of privacy vary from country to country. The framing of common laws pertaining to such issues to ensure compliance by all the countries is one of the foremost questions being debated.
  • Global Cyber Business: Technology is growing rapidly to enable electronic privacy and security on the Internet to safely conduct international business transactions. With such advanced technology in place, there will be a rapid expansion of global cyber business. Nations with a technological infrastructure already in place will enjoy rapid economic growth, while the rest of the world will lag behind. This disparity in levels of technology will fuel political and economic fallout, which could further widen the gap between the rich and the poor.
  • Global Education: Inexpensive access to the global information net for the rich and the poor alike is necessary for everyone. However the impact of this sudden and global education on different communities, cultures, and religious practices is likely to be profound. The impact on lesser known universities would be felt as older well-established universities begin offering degrees and knowledge modules over the Internet.

Unit 3 (Ethics And The Internet)
1.Discuss the distinct features of the Internet.
Answer- 
The Internet has three distinct features:
  • Global Scope: The Internet has a global reach. Internet technology has much broader scope and access than conventional modes of communications and data retrieval. With little effort, a user can reach hundreds and thousands of individuals around the globe. The ability to reach many people quickly and easily is not exactly new or unique compared to radio or television communication. But the significant difference between the Internet and television and radio is that in the case of radio and television, communication is in most cases one way whereas in the case of Internet it is interactive. It is this interactivity, which is the unique characteristic of the Internet. Not just interactivity, customizability, easy usability, and accessibility are also distinct features of Internet.
  • Anonymity: The second important feature of the Internet is that it provides a certain kind of anonymity. On the Internet, individuals have the possibility of creating a different profile, ensuring that information about them cannot be traced while in communication with others on the Internet. It is a silent feature of Internet communication and people can deliberately avoid seeing or hearing one another directly. Anonymity makes accountability for one’s action difficult to achieve and tends to diminish trust in the information that is being exchanged. The feature of anonymity has also facilitated the development of “virtual information”.
The open and anonymous nature of communications on the web, has led to the development of software with stealth to gather information intelligently. An inference is made from information gathered without our knowledge or consent, which is termed as “virtual information”. This type of information adds information to a person’s profile and tends to redefine a person’s digital persona. This is an invasion of one’s “virtual privacy”. 
  • Reproducibility: The third feature is not just a feature of the Internet, but of information technology in general. Electronic information exists in the form that makes it easy to copy without any loss of originality or value in the process of reproduction. Copied data or software is perfectly usable. Copied data or software leaves no evidence behind and the creator/owner of the data or software could remain unaware of their work being copied. Reproducibility facilitates anonymity.

2. What are the fundamental conceptions regarding the evaluation of individual actions?
Answer- 
In the history of moral philosophy, two fundamentally different and mutually exclusive conceptions of the moral evaluation of individual actions are prevalent:
  • One approach or school of thought believes that it is important to examine an issue under independently justified principles of what one considers being right. The idea here is to follow the principles that articulate what is morally right irrespective of the consequences. This is referred to as “deontological” approach. In this approach, one starts out with one or more moral principles and see how they apply to particular cases.
  • The other school of thought believes that it is important to look for the course of action that maximizes the good. This approach involves determining which action yields the best consequences measured in some standard of the “good” or “morality”. This approach referred to as “teleological” approach involves deciding on what is good for population. It also spells out what is wrong with actions that interfere with attempts to get it.

Unit 4  (A professional’s code of ethics)

1. How do professional codes address issues from the viewpoint of computing profession?

Answer- 
The code of ethics provides a basis to address issues from the viewpoint of the computing profession. These codes address issues from the viewpoint of computing profession by imposing three levels of ethical obligations, which are to be followed by the professionals:
The first level is a set of ethical values, such as integrity and justice, which professionals share with other human beings by virtue of their shared humanity. Code statements at this level are statements of aspiration that provide vision and objectives.
The second level obliges professionals to more challenging obligations than those required at the first level. At the second level, by virtue of their role as professionals and their special skills, they owe a higher degree of care to those affected by their work. Every type of professional shares this second level of ethical obligation. Code statements at this level express the obligations of all professionals and professional attitudes. They do not describe specific behavior details, but they clearly indicate professional responsibilities.
The third level comprises several obligations that derive directly from elements unique to the particular professional practice. Code elements at this level assert more specific behavioral responsibilities that are more closely related to the state of art within the particular profession. The range of statements is from more general aspirational statement to specific and measurable requirements. Professional code of ethics needs to address all three of these levels. 

2. How is a professional code distinguished?
Answer- 
 Professional code can be distinguished into: 
  1. Code of Ethics: Code of ethics is more aspirational. They are mission statements emphasizing the professional objectives and vision.
  2. Code of Conduct: Code of conduct is more oriented towards the professional’s attitude. They do not describe in detail how to carry out a particular action, bur they make clear the issues at stake in different specialized fields.
  3. Code of Practice: Code of practice on the other hand fixes some accepted state of art (Berleur, 1996) and relate to current operational activities

Unit 5  (Information Technology and the Net)

1. E-Commerce is the new mantra of business –Explain?

Answer- 
  • E-Commerce is the use of the Internet to buy and sell goods and services. E-Commerce is changing the way in which organizations do business, resulting in streamlined purchasing processes and lowering the cost of transacting business for both large and small companies.
  • E-Business helps in improving the way the business is conducted with the government, customers, and other businesses.
  • E-mail can be used in businesses to communicate with suppliers. It can also be used for responding and receiving the customer queries. For example, e-mail can be used to accept orders from the customers. The customers can also make the payments online and get the information regarding the products available along with their price.
  • Internet can also be used by businesses for managing their records and they can make use of electronic bookkeeping. An on-line banking service is another area, which can be used by the businesses. These services can be used for funds transfer, payroll management, and electronic bill payment.

2. Describe the nature and features of the internet.
Answer- 
A network of networks is called as an Internet. In this the computers systems are connected with each other in a local area network. They are also connected to computers on a national and International scale. The fiber-optic cable, twisted - pair copper wire, microwave transmission, or other communication medias are used for connecting each node, which is a part of the web. A set of rules is followed when the computers on the web communicate with each other. These rules are called as Internet Protocols. In this type of communication, the Internet acts as a packet switched network. The data that needs to be transmitted is broken down into smaller packets. The address of the final destination is attached with the packets. These packets may follow different route from computer to computer until their final destination. At the final destination the recipient machine reassembles the packets.

3. Discuss the impact of the information technology revolution on society.
Answer- 
The amazing growth of information technology has implications for every aspect of society. So far there is little research that reveals how technology has and will continue to change the dynamics of society and the nonprofit sector. Following point elaborate how information technology affects various sections of society:
  • The nonprofit sector is experiencing an organizational version of the "digital divide"-the technology gap between large and small nonprofits. Hardware, software, and technical assistance are not enough to close the divide; strategic planning and staff time are also essential.
  • The true impact the Internet will have on society is in "building community," bringing together groups of citizens, who are united by shared values working for the public good, often spanning international lines.
  • Organizations that use technology well are usually marked by strong support from the executive director, support from the board, and the presence of a "key user" staff person.
  • The Internet enables an organization to strengthen relationships with its current audiences as it enables targeted, fast, and consistent communication. It can also enable nonprofits to reach out to new audiences through effective use of search engines and "viral marketing".
  • Strategic use of technology is likely to require long-term collaborations with for-profit and nonprofit partners. 
Technology can be used to mobilize people globally around a common cause to achieve world-changing results far beyond the promise of enabling nonprofit organizations to perform important functions, such as fundraising and recruiting volunteers more effectively.

4. There is no nexus between cyber space and real space - Comment.
Answer- 
There is the difference between the business rules for online commerce and carrying business in the real space. Much of this difference comes from Internet's telepresence features. This feature renders the network technologically indifferent to physical location. The network is very insensitive to geography. It is not possible to determine the physical location of a user or a resource. In real space, locating a person or entity with which business is interacting is much easier. In the cyberspace to know the location of the partners with whom you are interacting is very difficult to know. In some instances, even an Internet address tells something only about the location of a given machine. There is no way to find the information about the actual user. 

Unit 6 (Sources of the Law)

1. Explain the different sources of law.
Answer- 
There are three main sources of law, namely, legislation, common law and custom. Legislation is the formal enactment of law by the legislature created or authorized by the Constitution. It constitutes the process of codification or legislative enactment. It consists of written laws, as contrasted with the judge made law or common law.

Common law comprises the body of principles. It is a body of law that develops and derives through judicial decisions, as distinguished from legislative enactments. Judicial decisions become a source of law by reason of the practice of courts, of accepting "precedent" as a source of law, that is, the established judicial practice that a court must follow the law laid down by a decision of the higher judiciary in the country or state.

Custom denotes a usage or practice of the people which by common adoption and acquiescence and by long and unvarying habit, has become compulsory and has acquired the force of law with respect to the place or subject matter to which it relates. Legislation and common law can operate in any sphere of human activity, while the operation of custom is generally restricted to a particular locality, group or family.

2. Discuss the significance of legislation.
Answer- 
There are three main sources of law, namely, legislation, case law and custom. 
"Legislation" is the formal enactment of law by the legislature created or authorized by the Constitution. 
Significance of Legislation: Legislation is the foundation of democratic polity.

  1. The legislature provides the following functions:
  2. The legislature can legislate in advance. Judges cannot do so.
  3. The legislature can make a law on any subject within its competence. But judges can deal with a subject, only when the point arises before them.
  4. The legislature (both of parliament, state or even local self Government) can (subject to constitutional limitations) override the law laid down by the courts, on a particular point (though, because of the doctrine of separation of powers, the legislature cannot reverse or modify the actual decision rendered by the court in a particular case).
  5. Legislation is the most fertile source of law. Subject to limitations flowing from the constitutional doctrine, that matters of policy cannot be delegated, the legislature can vest a subordinate authority with power to make rules, orders, etc.

A  legislative enactment is not subject to appeal; and the law enacted by it cannot be reversed, by a higher authority (though it can be declared to be void, if it is unconstitutional). 

3. Distinguish between the different branches of law.
Answer- 
Branches of Law: The common law system could be categorized in various ways. At a fundamental level it could be categorized as substantive law and procedural law. Substantive law is one, which recognizes, defines and confers rights on the parties. Whereas procedural law focuses on procedure to be followed to give effect to the predetermined rights, duties and obligations both outside and inside the courts of law.
Similarly, another categorization is civil and criminal laws.
One more criterion for divisions could be connected with the impact and coverage of the particular rule of law. When it relates to public domain, it becomes "public law". E.g. laws like constitution law, administrative law and criminal law are construed as public laws. When it concerns individuals, it is labeled as "private law". E.g. the Indian Contract Act, 1872.

4. What is common law. How does it differ from codified law?
Answer- 
Common law or uncodified law is the law flowing from judicial decisions. E.g. the process of dispute resolution or adjudication of liability by either village elders or people holding power through the process of issuing commands has received social acceptance. The uncodified law governs large segment of the legal regime. The judgment pronounced by an organ of the higher judiciary performs at least two important functions:
  • For the immediate parties, the judgment becomes a source, rights and duties.
  • For the world, it becomes a source of law, it happens to deal with a legal proposition - and to make a definite pronouncement on the subject.

It is different from codified law because codified laws are made formally by a law making body of people, where as common laws have their enunciations through decisions of courts. 

5. Explain how ‘custom’ is a source of law?
Answer- 
Custom (as a source of law) denotes a usage or practice of the people, which by common adoption and acquiescence and by long and unvarying habit, has become compulsory and has acquired the force of law with respect to the place or subject matter to which it relates. Legislation and common law can operate in any sphere of human activity, while the operation of custom is generally restricted to a particular locality, group or family. 

Unit 7  (Information Technology and the Attempted Legal Response)

1. State and discuss the primary assumptions of a legal system.
Answer- 
Following are the primary assumptions of a legal system:
  • Sovereignty: Law making power is a matter of sovereign prerogative. As a result, the writ of sovereign authority runs throughout wherever sovereign power exercises authority. Beyond its authority, the sovereign cannot regulate a subject matter through legal intervention.
  • Territorial Enforcement: Any law in real world context can only be subjected to predetermined territorial enforcements. There are some exceptions to this. The sovereign authority could join extra territorial jurisdiction in case of criminal law. This indicates that the sovereign authority can initiate prosecution, even if the crime is committed beyond the limits of the territory. The proceedings must comply with the principle of 'double criminality', that is in both the countries, the alleged act of commission must have been criminalized.
  • Notion of property: The obtaining premise of the legal response considers 'property' as tangible and physical. In the cyber context, 'property' in the form of digitized services or goods poses serious challenges to this legal understanding. Also that the 'domain names' raise fundamental questions.
  • Paper-based transaction: Obtaining legal response considers and encourages people to create and constitute legally binding relationships on the basis of paper- based transactions. Although the word ‘document’ under law takes within its fold material other than paper also. Since in cyber context, digital or electronic record forms the basis of electronic transactions. Hence, the transactions are on the basis of electronic records.
  • Real relationships: Legal response considers relationships quite often. In view of connectivity, pace and accuracy as to transmission, in the cyber context, these relationships acquire unique distinction of virtual character. In case of trade and commerce, commercial transaction in the form of contracts constitutes the foundation of legal relationship.

Unit 8 (Cyber Crimes)

1. Discuss the current forms of computer crime.
Answer- 
The misuse of computers began in the year 1960. Later with the rapid growth of telecommunications dissemination of harmful contents, such as pornography and other communication offences in computer networks arose. The modus operandi does not follow a continuous path. It constantly adapts to new technologies. Hence, the computer crimes can be analyzed under the following broad categories:
  • Privacy infringement: The personal rights of the citizens are endangered with the collection, transmission, and storage of the personal data. Therefore, in the data processing area, the protection of privacy needs to be considered. A balance needs to be maintained between the privacy interests of data subjects concerned and the economic freedom of the holders of personal data.
  • Economic offences: The economic crimes are considered as the central area of computer crime. Hacking, fraudulent manipulation of the computer data is some of the economic offences related to computers.
  • Computer hacking: The greatest risk that the information technology business faces today is the security of information in terms of integrity, availability, and confidentiality. Stories about website defacements, credit card frauds, non-availability of web and application servers, and new virus attacks are common. These defacements are done by hackers and this process is called as hacking.
  • Software piracy and other forms of product piracy: This includes illegal access of computer programs. It also includes copying the software’s of the individuals to gather more information.

2. Discuss the classification of crimes under the IT Act, 2000.
Answer- 
While considering the general terrain of cyber law, as of now, the following acts are construed as cyber crimes in the IT Act, 2000:
  • Without permission of the authorized user
  • Accessing or securing access to such computer, computer system or computer network
  • Downloading, copying or extracting any data or information for such computer, computer system or computer network including information or data held or stored on any removable storage medium
  • Introducing any computer virus or contaminant in the computer, computer system or network
  • Damaging the computer, computer system or network
  • Disrupting the working of the computer, computer system or network
  • Disrupting the access of the computer, computer system or network of an authorized user
  • Providing assistance to ensure unauthorized access to the computer, computer system or network
  • Tampering with computer source documents
  • Hacking with computer system
  • Publishing of information, which is obscene in electronic form
  • Carrying on activities that are not in compliance with the provisions of the Act
  • Failure to extend all facilities and technical assistance to the Controller to decrypt any information necessary for the security of the nation
  • Unauthorized access or attempt to secure unauthorized access to a system that by official notification is declared a protected system

Unit 9 (Cyber Contracts)

1. Discus the essentials of a valid contract.
Answer- 
The essentials of a valid contract are:
  • Intention with which the contract is created: The intention to create a contract should be clear otherwise, it will be treated as invalid.
  • Offer and acceptance: A contract ceases to exist without an offer. An acceptance will be deemed to be complete when both the parties are in conscience with each other.
  • Consideration: A consideration may consist sometimes in the doing of a requested act, and sometimes in the making of a promise by the offeree. Consideration is not required for a promise to compensate, wholly or in part, a person who has already voluntarily done something for the promisor or something, which the promisor was legally compellable to do. It is also not required for a written and signed promise by the debtor (or his duly authorized agent) to pay a time-barred debt to the creditor.
  • Capacity to enter into contract: A person can enter into a contract only after he has attained an age of majority and is not debarred by law for doing any unlawful activity.
  • Free consent of the parties: When consent is attained by fraud or misrepresentation, the agreement can become void at the consent of the party who was forced to enter into such an agreement.
  • Lawful object of the agreement: If the consideration or an object is unlawful, the agreement will be treated as void.

2. What are the remedies for the breach of a contract.
Answer- 

The principal remedies for the breach of contract are:
  • Damages: The party who has broken the contract needs to pay compensation for any loss or damage that has occurred to the party with whom such a contract was entered into.
  • Specific performance of the contract: In certain cases, the court directs against the party in default for the "specific performance" of the contract. This means that the party will be asked to perform the obligations that he needs to perform according to the contract.
  • Injunction: An injunction is a preventive relief and is granted at the discretion of the court. The discretion of the court is not arbitrary but is guided by judicial principles. A further check on the discretion is the provision for correction through an appeal in a higher court.

Unit 10 (Cyber Privacy)


1. Discuss the policy approaches to privacy issues
Answer-
The policy regime pertaining to protection of privacy concerns is premised upon the following three approaches:
  • Market approach: This approach rejects extrinsic legal enforcement and takes within its fold self regulatory mechanisms, which would enable the market players to employ or adopt. It does not talk about tangible consumer remedies.
  • Human rights approach: This approach recognizes rights to information and the related attribute of privacy as a human right.
  • Contract approach: This recognizes contract model. This model premises on the ground that in a given context the privacy concerns are better protected if the concern is treated as terms and conditions of the contract. Hence, the contract imposes an obligation on the parties to protect the privacy concerns. In the event of breach the contract itself provides for contractual remedies.

2. Explain the essentials of Privacy Preferences Project (P3P) platform.
Answer- 
P3P aims at providing a simple, automated way for users to gain more control over the use of personal information on websites they browse. P3P is a standardized set of multiple-choice questions about the website's privacy policies. Online customers can answer these questions to select the way their personal information will be handled by the service provider. This snapshot could be read by P3P enabled browsers and set according to the set of privacy preferences of the consumer. P3P not only provides facilitating environment for the consumer to decide, negotiate and firm up the contractual relationship, but also recognizes nine aspects of online privacy. The first five aspects deal with (a) who is collecting this data? (b) Exactly what information is being collected? (c) for what purposes? (d) which information is being shared with others? (e) and who are these recipients? The remaining four aspects focus on the site's internal privacy policies. They include (a) can users make changes in how their data is used? (b) how are disputes resolved? (c) what is the policy for retaining data? (d) and where can be detailed policies found in human readable form?

P3P is software to negotiate privacy agreements between websites and online visitors. It is a kind of social technology that involves not merely technology but also active participation of human beings

3. Describe the concept of “Sensitive Personal Information” in ITA 2008.
[P.S: This paragraph is a suggested addition. Corresponding changes need to be made in the index page
also]

Answer- 

Unit 11 (Information Technology Act, 2000 (I.T. Act, 2000))

1. What are the evidentiary presumptions of a secured electronic document. Explain the process of encryption and decryption of data.
Answer- 
An electronic document is said to be secure where any security procedure has been applied to the electronic document at a specific point of time. Such a document is deemed to be secure till the time of verification. But there is no presumption about the integrity and authenticity of the electronic record. To create a legally bound electronic document is technologically complex. A legally enforceable electronic document must pass the test of authentication, non-repudiation, confidentiality, and information integrity during transmission or storage. The key element in the authentication of a paper-based document is the signature of the contracting persons. Likewise an electronic signature is the key in an electronic record. The equivalent electronic signature is referred to as digital signature. A digital signature is to identify the sender of the electronic record, authenticate the originator of the message and to certify that the message could not have been tampered with during the course of its transmission. The process of making the information unintelligible to the unauthorized reader is known as encryption of data. The process of making the information readable once again is known as decryption of data. The science of Cryptography is made up of encryption and decryption. There are two types of Cryptographic systems - symmetric and asymmetric. The symmetric Crypto system consists of both the sender and the receiver having access and sharing a common 'Key' to encrypt or decrypt a message. The asymmetric Crypto system is a more a secure system. This system uses two keys. The originator of the document keeps one of the keys known as the 'Private key' and the other key is sent to the recipient of the message. The recipient affixes the digital signature when he uses the public key to open the message sent to him. Thus the combination of the Public Key and the Private Key provide both confidentiality and authentication, which enables for secure electronic transmission.

2. Explain the term digital signature. What is a digital signature certificate.
Answer- 
Digital Signature: The IT Act states that where any law provides that information shall be in writing or in printed form, the requirement is deemed to be satisfied if such information is in an electronic form and is accessible for subsequent reference. The key ingredients of the formation of electronic contracts comprise communication of offer and acceptance by electronic means, verification of the source of the communication, authentication of the time and place of dispatch and finally the verifiability of the receipt of the data communication. A 'digital signature' may be affixed to authenticate an electronic record. The digital signature serves to satisfy the legal requirement of affixing of a signature in a written or printed document. The Central Government has the power to make rules about the type of digital signature, the manner and format of digital certificate that shall be affixed, control process and procedures to ensure adequate integrity, security and confidentiality of electronic records and payments. Digital Signature Certificate: It certifies the identity of the subscriber and implies his acceptance of the provisions of this act and the rules and regulations contained therein. The certificate is issued only on the following grounds:
  1. The Certifying Authority being satisfied that the information contained in the application of certificate is accurate.
  2. The subscriber holds a Private Key capable of creating a Public Key.
  3. The Private Key corresponds to the Public Key to be listed in the Digital Signature Certificate.
  4. The Public Key to be listed in the certificate can be used to verify a digital signature affixed by the Private Key held by the subscriber.

But the certifying authority can revoke a digital signature certificate issued by it, if required.

3. Explain the difference between the system of “Hash Value Creation” and “Asymmetric key Encryption”Answer- 


Unit 12 (Penalties and Adjudication)

1. What is meant by unauthorized access to a computer under the provisions of the IT Act, 2000.
Answer- 
The IT Act defines unauthorized access by any person as acts done without the permission of the owner, which includes:
  • Accessing or securing access to such computer, computer system or computer network,
  • Downloading, copying or extracting any data or information for such computer, computer system or computer network including information or data held or stored on any removable storage medium,
  • Introducing any computer virus or contaminant in the computer, computer system or network,
  • Damaging the computer, computer system or network,
  • Disrupting the working of the computer, computer system or network,
  • Disrupting the access of the computer, computer system or network to an authorized user
  • Providing assistance to ensure unauthorized access to the computer, computer system or network,
  • The penalty to be paid by the person for unauthorized access by way of compensation not exceeding one crore rupees to the affected person.

2. Discuss the adjudicatory processes incorporated in the Act.
Answer- 
Adjudicatory Process: A reasonable opportunity is given to the person being charged with contravention of the Act by the adjudicating officer. When the adjudicating Officer is satisfied that there had been a contravention of the Act, he imposes such penalty or award compensation in accordance with the provisions of that section. While adjudging the quantum of compensation under this section the adjudicating officer shall take into consideration the amount of gain of unfair advantage wherever quantifiable made as a result of the default, the amount of loss caused to any person as a result of the default and the repetitive nature of the default. The adjudicating officer also has the powers of the Civil Court, which are conferred on the Cyber Appellate Tribunal. 

Unit 13  (Amendments to current legal provisions)

1. What is the meaning of the word 'commercial' as interpreted in the Information Technology Act? 

Answer- 
Information Technology Act of India is based on the UNCITRAL Model Law for Electronic Commerce. This Model Law lays down that the term "commercial", should be given a wide interpretation so as to cover matters arising from all relationships of a commercial nature, whether contractual or not. 

2. What is UNCITRAL?

Answer- 
UNCITRAL stands for United Nations Commission on International Trade Law. UNCITRAL was established by the General Assembly in 1966 (Resolution 2205(XXI) of 17 December 1966). The General Assembly gave the Commission the general mandate to further the progressive harmonization and unification of the law of international trade. The Commission has since come to be the core legal body of the United Nations system in the field of international trade law. 

3. If a person commits a cyber crime outside India, such as fabricating a record, does the amended definition of 'evidence' and 'fabrication of record' will make him/her liable under the IT Act?

Answer- 
Yes the person will be liable under the Information Technology Act as this act not only extends to the whole of India, but also applies to any offence or contravention committed outside India by any person.

4. Why it was necessary to introduce changes in the existing legislations along with the enactment of Information Technology Act?

Answer- 
The earlier legislations that governed the commercial transactions were applicable only to paper documents. In view of the Information Technology Act, it was necessary that these legislations treat electronic documents and electronic transactions at par with paper documents and offline transactions.

5. What constitutes evidence and how electronic evidence is different from paper evidence?Answer- 
Under the Indian Evidence Act, 1872, two types of evidences are recognized, oral evidence and documentary evidence. The documentary evidences are classified as primary evidence and secondary evidence. Primary evidence is the 'original' paper or document where as secondary evidence is where the contents of the original will have to be proved or brought to the record. On the other hand, an electronic record is an original as well as in duplicate or it is primary as well as secondary evidence at the same time. 

No comments:

Post a Comment