Sayadasite: Legal Aspects of e-commerce

Legal Aspects (a particular part or feature of something) of e-commerce

Common Legal Issues Faced By E-Commerce Businesses

Incorporation Problem. If you are a company operated merely via a website, not being incorporated is a crucial problem. ...

Trademark Security Problem. Not getting your trademark protected is one of the main legal issues in the field of e-commerce. ...

Copyright Protection Issue. ...

Transaction Issues. ...

Privacy Issues.

With the advanced and increased use of online media, online business is becoming a fast emerging trend. Every five in eight companies are operating online, conducting e-commerce business. But being functional online doesn’t mean you can escape legal matters.

There are various legal issues associated with eCommerce businesses as well. And if these issues are not taken care of in time, they can lead to serious problems for your business.

Described below are some of the common legal issues an e-commerce business faces.

Incorporation Problem

If you are a company operated merely via a website, not being incorporated is a crucial problem. Any purchase and selling activity related to your products will be considered illegal and you can’t claim your right in case of any fraud and corruption. Without incorporation, your business has no shelter.

Trademark Security Problem

Not getting your trademark protected is one of the main legal issues in the field of e-commerce. Since trademark is your company’s logo and symbol, the representation of your business all over the web, it must be protected. If you don’t secure it, it won’t take long before you’ll realize your trademark is being infringed upon. This is very common legal issue and can become a deadly threat to your e-business.

With the hackers on loose and cybercrime so common, trademark infringement of your business or by your business can be a serious legal matter and may hinder your business’s progress.

Copyright Protection Issue

While publishing content for your e-commerce website, using content of any other company can be a severe legal problem. This might mark an end to your e-business. There are many sites online which are royalty free and allow you to access their content and images. You may use those sites for creating web content for your business site.

Even if you unintentionally used copyrighted content, the other party can easily sue your business.

Transaction Issues

The Australian Consumer Law (ACL) governs all e-commerce transactions in Australia. Therefore, if you do not abide by the rules, you can get into serious law violation problems.

If your business fails to provide clear and complete description of the product, cost and purchase details, information about delivery i.e. when the customer will receive products and other information related to exchange and refunds, the ACL can impose penalties on your business.

Privacy Issues

When it comes to online businesses, privacy is the major issue that can create problems both for the business and customers. Consumers share information with businesses online and they expect the sellers to keep their information confidential. By just one minor mistake and leakage of valuable information of a customer, you’ll not only lose your potential customer but your image and reputation will become a question mark. Moreover, you’ll be subjected to serious legal problems according to Australian privacy laws.

If e-commerce businesses lead to exposure and advantages for businesses online, then it certainly has given rise to some legal issues too that can be avoided by keeping in mind the rules and laws framed by Australian Government.

Security issues of e-commerce

E-Commerce is defined as the buying and selling of products or services over electronic systems such as the Internet and to a lesser extent, other computer networks. It is generally regarded as the sales and commercial function of eBusiness. There has been a massive increase in the level of trade conducted electronically since the widespread penetration of the Internet. A wide variety of commerce is conducted via eCommerce, including electronic funds transfer, supply chain management, Internet marketing, online transaction processing, electronic data interchange (EDI), inventory management systems, and automated data collection systems. US online retail sales reached $175 billion in 2007 and are projected to grow to $335 billion by 2012 (Mulpuru, 2008).
This massive increase in the uptake of eCommerce has led to a new generation of associated security threats, but any eCommerce system must meet four integral requirements:

privacy – information exchange

d must be kept from unauthorized parties

integrity – the exchanged information must not be altered or tampered with

authentication – both sender and recipient must prove their identities to each other and

non-repudiation – proof is required that the exchanged information was indeed received (Holcombe, 2007).

Privacy
Privacy has become a major concern for consumers with the rise of identity theft and impersonation, and any concern for consumers must be treated as a major concern for eCommerce providers. According to Consumer Reports Money Adviser (Perrotta, 2008), the US Attorney General has announced multiple indictments relating to a massive international security breach involving nine major retailers and more than 40 million credit- and debit-card numbers. US attorneys think that this may be the largest hacking and identity-theft case ever prosecuted by the justice department. Both EU and US legislation at both the federal and state levels mandates certain organizations to inform customers about information uses and disclosures. Such disclosures are typically accomplished through privacy policies, both online and offline (Vail et al., 2008).
In a study by Lauer and Deng (2008), a model is presented linking privacy policy, through trustworthiness, to online trust, and then to customers’ loyalty and their willingness to provide truthful information. The model was tested using a sample of 269 responses. The findings suggested that consumers’ trust in a company is closely linked with the perception of the company’s respect for customer privacy (Lauer and Deng, 2007). Trust in turn is linked to increased customer loyalty that can be manifested through increased purchases, openness to trying new products, and willingness to participate in programs that use additional personal information. Privacy now forms an integral part of any e-commerce strategy and investment in privacy protection has been shown to increase consumer’s spend, trustworthiness and loyalty.
The converse of this can be shown to be true when things go wrong. In March 2008, the Irish online jobs board, jobs.ie, was compromised by criminals and users’ personal data (in the form of CV’s) were taken (Ryan, 2008). Looking at the real-time responses of users to this event on the popular Irish forum, Boards.ie, we can see that privacy is of major concern to users and in the event of their privacy being compromised users become very agitated and there is an overall negative effect on trust in e-commerce. User comments in the forum included: “I’m well p*ssed off about them keeping my CV on the sly”; “I am just angry that this could have happened and to so many people”; “Mine was taken too. How do I terminate my acc with jobs.ie”; “Grr, so annoyed, feel I should report it to the Gardai now” (Boards.ie, 2008).

INTEGRITY:

Integrity (the quality of being honest and having strong moral principles) is nothing but message must not be altered or tampered with. There are several chances for damage of data integrity in the E-commerce area. Errors could take place when entering data manually. Errors may occur when data is being transmitted from one computer to another. Data could be modified or theft because of software bugs or viruses. Data could be lost due to the unexpected hardware damages like server or disk crashes. There is possibility of data loss due to the natural disasters like fire accidents.

There are many ways to minimize these threats to data integrity. We can maintain the Back up of our data efficiently by updating regularly. Modern technology provides us various security mechanisms to controlling access to data. We can improve the data integrity through designing user interfaces that prevent the input of invalid data, for example menu driven applications which allow user to choose particular they are looking for. We can use the error detection and correction software when transmitting data to develop integrity.

Authentication:

In E-commerce, authentication (showing something to be true, genuine, or valid) is a process through seller validates the information provided by the buyer like credit card information. In this process verification of both the cardholder’s identity and the payment card’s details are checked. In E-commerce transactions sellers must be very careful and responsible to provide good payment authentication services. A well developed and implemented transaction authentication process will decrease the number of customer disputes and charged-back transactions. If the E-commerce website does not have the good authentication system could lead a great loss of both data and money.

Nonrepudiation:

Non-repudiation (refers to the assurance that the owner of a signature key pair that was capable of generating an existing signature corresponding to certain data cannot convincingly deny having signed the data.)

Prevention against any one party from reneging on an agreement after the fact. For E-commerce and other electronic transactions, including ATMs (cash machines), all parties to a transaction must be confident that the transaction is secure; that the parties are who they say they are (authentication), and that the transaction is verified as final. Systems must ensure that a party cannot subsequently repudiate (reject) a transaction. To protect and ensure digital trust, the parties to such systems may employ Digital Signatures, which will not only validate the sender, but will also ‘time stamp’ the transaction, so it cannot be claimed subsequently that the transaction was not authorized or not valid etc.

Confidentiality (kɒnfɪdɛnʃɪˈalɪti/):

Confidentiality (privacy and respecting someone's wishes) is protecting our data from unauthorized users. That means whatever the data or information shared by the merchant and the customers should be accessed by those two parties only. No other should be able to access such data. To maximize the confidentiality we must follow good encryption and decryption methods, proper authentication and authorization procedures. We must use good antivirus or software error detections system.

Firewall

A firewall is software or firmware that enforces a set of rules about what data packets will be allowed to enter or leave a computer network. A firewall's main purpose is to filter traffic and lower the risk that malicious packets traveling over the public internet will be able to impact the security of a private network. Firewalls are incorporated into a wide variety of networked devices and may also be purchased as stand-alone software applications.

The term firewall is a metaphor that compares a type of physical barrier that's put in place to limit the damage a fire can cause with a virtual barrier that's put in place to limit damage from an external or internal cyberattack. When located at the perimeter of a network, a firewall provides low-level network protection, as well as important logging and auditing functions.

When organizations began moving from mainframe computers and dumb clients to the client-server model, the ability to control access to the server became a priority. Before the first firewalls emerged based on work done in the late 1980s, the only real form of network security was enforced through access control lists (ACLs) residing on routers. ACLs specified which Internet Protocol (IP) addresses were granted or denied access to the network.

The exponential growth of the internet and the resulting increase in connectivity of networks, however, meant that filtering network traffic by IP address alone was no longer enough. Static packet-filtering firewalls, which examine packet headers and use rules to make decisions about what traffic to let through, arguably became the most important part of every network security initiative by the end of the last century.

How does a firewall work?

A network firewall works by establishing a border between the internet and the network it guards. It is inserted inline across a network connection and inspects all packets entering the network. As it inspects, a rules engine distinguishes between traffic that is benign and traffic that is potentially dangerous.

A firewall is not capable of making judgments on its own -- no computer is. Instead, it follows programmed rules created by humans. These rules dictate whether the firewall should let a packet through the network barrier. If a packet matches a pattern that indicates danger, the corresponding rule will instruct the firewall not to let the packet through. These rules have to be constantly updated because the criteria for what patterns indicate a dangerous packet change frequently.

Why are firewalls important?

A firewall is the most basic and oldest form of network security. The term has grown gradually in familiar usage to the point where it can be assumed that any conversation about cybersecurity will at least include its mention.

A firewall ideally eliminates, or at least reduces, exposure to external hosts, protocols and networks that are known to be vectors for network threats. It is the foundation from which current network security technologies build. As the nature of network threats and networks themselves change, the firewall still plays an important role -- albeit alongside other, more recent technologies.

Functions

The primary function of all firewalls is the same: screen network traffic to prevent unauthorized access between computer networks. There are many ways to perform that function, which vary based on the user's needs and the size and state of the user's network. As a result, there are several types of firewalls. The two main types are host-based and network-based.

A host-based firewall is installed on individual servers and monitors incoming and outgoing signals. Network-based firewalls can be built into the cloud's infrastructure or be delivered as a virtual firewall service.

Types of firewalls

Other types of firewalls include packet-filtering firewalls, stateful inspection firewalls, proxy firewalls and next-generation firewalls (NGFWs).

A packet-filtering firewall examines packets in isolation and does not know the packet's context.

A stateful inspection firewall examines network traffic to determine whether one packet is related to another packet.

A proxy firewall (aka application-level gateway) inspects packets at the application layer of the Open Systems Interconnection (OSI) reference model.

An NGFW (Next-Generation Firewalls) uses a multilayered approach to integrate enterprise firewall capabilities with an intrusion prevention system (IPS) and application control.

A personal firewall is software used to protect a single internet-connected computer from attacks, as opposed to a multitude of devices.

How packet-filtering firewalls work

When a packet passes through a packet-filtering firewall, its source and destination address, protocol and destination port number are checked. The packet is dropped -- it's not forwarded to its destination -- if it does not comply with the firewall's rule set. For example, if a firewall is configured with a rule to block Telnet access, then the firewall will drop packets destined for Transmission Control Protocol (TCP) port number 23, the port where a Telnet server application would be listening.

How stateful inspection firewalls work

Stateful inspection firewalls -- also known as dynamic packet-filtering firewalls -- maintain a table that keeps track of all open connections. When new packets arrive, the firewall compares information in the packet header to the state table and determines whether it is part of an established connection. If it is part of an existing connection, then the packet is allowed through without further analysis. If the packet doesn't match an existing connection, it is evaluated according to the rule set for new connections.

Stateful inspection firewalls monitor communication packets over time and examine both incoming and outgoing packets.

Application firewalls

As attacks against web servers became more common, it became apparent that there was a need for firewalls to protect networks from attacks at the application layer. Packet-filtering and stateful inspection firewalls can't distinguish among valid application layer protocol requests, data and malicious traffic encapsulated within apparently valid protocol traffic.

How application layer and proxy firewalls work

An application firewall may also be referred to as a proxy-based or reverse-proxy firewall. They provide application layer filtering and can examine the payload of a packet and distinguish among valid requests, data and malicious code disguised as a valid request or data.

Personal firewalls

These are especially useful for users with always-on connections, like Digital Subscriber Line (DSL) or cable modem, because those connection types use static IP addresses. These attributes make a network especially vulnerable to potential hackers. As with all firewalls, the personal model's main function is to filter inbound and outbound traffic and to alert the user to intrusions. The difference is that it is for personal use and guards a single home network, as opposed to a large network with many potentially dispersed devices. It is often compared to antivirus applications.

Hardware firewalls

A firewall can either be software- or hardware-based. It is possible to have both and advisable to have both, depending on the user's needs. The benefit of having a physical firewall device is that it tends to be relatively tamper-proof because it needs to be accessed physically in order to do so. Also, because it is a dedicated network device, data passes through it quickly. It should not have a negative impact on network speed.

However, a hardware firewall device is incapable of reading the content that passes through it. It is only capable of blocking sources of information, such as a device. For this reason, it is good for setting restrictions between in-home devices but is not optimal for monitoring network traffic, as it is not able to filter network traffic based on content.

Use cases

For an organization to be truly secure, it must engage in security information and event management (SIEM) using a firewall or a combination of cyber security devices. There are several vulnerabilities and threats that must be prevented using a firewall. Just having one of the types of firewalls mentioned above is not enough to ensure security. Effective firewall use comes from having the right type, as well as proper maintenance and use of that firewall. Some use cases include the following:

Detecting an insider attack: A perimeter firewall is only meant to guard against attackers outside of a system. It is useless against insider attacks. The only firewall-based guard against insider attacks is the use of internal firewalls on top of a perimeter firewall. An internal firewall helps partition individual assets in a network. Organizations should audit all sensitive files, folders and documents to detect a potential insider threat. All the audits should measure up to baseline documentation within the organization that outlines best practices for using the organization's network.

Some examples of behavior that might indicate an insider threat include the following:

Transmission of sensitive data in plain text

Resource access outside of business hours

Sensitive resource access failure by the user

Third-party users network resource access

Updating patches and settings: Failing to install security patches can cause vulnerabilities to go untreated. Vendors discover these and develop patches to cover them as soon as possible. If users fail to implement the patches, the vulnerability sits waiting to be exploited. Also, poorly or improperly configuring the settings of a firewall can be costly and time-consuming.

Deep packet inspection (DPI): Layer 7 inspection is an inspection mode used by NGFWs to check the information within the packets it inspects. Less advanced firewalls simply check the origin and destination of the packet without looking inside. Not checking the contents of a packet enables malware to get through.

Preventing distributed DoS (DDos) attacks: A DDoS attack is a malicious attempt to disrupt normal traffic of a targeted network by overwhelming the target or its surrounding infrastructure with a flood of traffic. It utilizes multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources, such as internet of things (IoT) devices. A DDoS attack is like a traffic jam preventing regular traffic from arriving at its desired destination. The key concern in mitigating a DDoS attack is differentiating between attack and normal traffic.

E-locking & e-Security

The growing adoption of Internet for business applications has exposed users to unwanted risks and attacks. Now more than ever, we find individuals/corporate houses exchanging critical information over the Internet. However, a lack of security infrastructure makes this information exchange vulnerable to outside intervention. To meet these challenges, businesses are opting for modern security measures, such as e-security. E-security measures are designed to preserve the confidentiality and integrity of the users’ data on the Internet.

E-Lock digital signature solutions provide the basic e-security foundation for businesses. Along with authenticity, our solutions make sure that the information or transactions are not intercepted and exploited. The solutions are designed to suit the business requirements of the user, making them user-friendly. E-Lock facilitates a secure and safe business environment for its users, which allows them to conduct business operations freely. With reduced time spent on security concerns, users can divert their focus on business expansion activities.

Our solutions can be easily integrated into applications, such as document management, core banking, workflow management, e-mortgage and e-tendering, without disturbing the current workflow. This leads to a win-win situation for the customers, as they do not have to pay extra to make solutions compatible with their existing ones. Hence, compliance is guaranteed in a cost-effective manner.

With E-Lock solutions, customers can encrypt and digitally sign files in any online format. This encrypted message can be mailed/stored while assuring the data integrity. In order to conduct data verification and authentication, customized settings are provided to allow only authorized persons to access that data, maintaining privacy and security.

At present, the Railway Infrastructure Corporation (Australia) uses E-Lock DeskSeal Web to boost its e-security. The solution is used to approve sensitive designed documents, and all communication is encrypted to ensure privacy.

Other benefits that customers can enjoy with an E-Lock partnership are:
Improved security measures

Data integration

Legal compliance

Reduced overhead

Less processing time

Effective time management

Growth environment

Encryption

What is Encryption?

Encryption (Encryption is a process that encodes a message or file so that it can be only be read by certain people.) is the process of converting normal text (data) into “Cipher text.” Once completed, this makes it impossible for someone to read or interpret the original data until it is decrypted back into its original state. This allows the exchange of data between companies and even individual-to-company without the risk of someone “in the middle” intercepting this data and using it in a harmful or illegal way. Once the data is encrypted, only the person who originally encrypted the data or the recipient who has been provided the decryption key will be able to decrypt and read the data.

These days, we often hear about hackers stealing data from large-scale companies, banks and retailers, which presents a possible threat to those databases where the data is stored. The good news is that most (if not all) of these established websites’ online transactions have the data stored in encryption. It takes a very significant effort and very expensive technology to decrypt this stolen data in an effort to keep your information secure.

Using Encryption Technology in E-Commerce

As our use of e-commerce continues to soar, the need for encryption of customer data (as well as inventories, company financial information, etc.) increases as well. When you sign up on a website for a membership, club, or even just for their weekly newsletter, your personal information is stored. Once you start to purchase products or services from that retailer or service company, those transactions are stored in your “history” for a record of your activity with that company.

If you think about it, you now have a majority of your personal information tied to your purchase history, including credit card information and more. If it weren’t for encryption, if a hacker were to breach the initial security of these websites, they would have access to all of your information.

To try and prevent this from happening, companies have teams within their organization that not only are responsible for encrypting the data to keep it secure, but are also constantly reviewing new technologies to support an even stronger encryption and data security solution.

It is a continuing fight and commitment to increased vigilance that keeps these experts steps ahead of hackers and thieves to keep your data safe. Here at Unleaded Group, we are committed to keeping our clients and their customers safe with the latest encryption technologies. If you own an ecommerce platform and are not sure if its security, call us today to schedule an appointment with one of our consultants at 720-221-7126

Cyber laws

Cyber law (Provides legal recognition to electronic documents and a framework to support e-filing and e-commerce transactions and also provides a legal framework to mitigate) is the part of the overall legal system that deals with the Internet, cyberspace, and their respective legal issues. Cyber law covers a fairly broad area, encompassing several subtopics including freedom of expression, access to and usage of the Internet, and online privacy. Generically, cyber law is referred to as the Law of the Internet.

Why are cyber laws needed?

Like any law, a cyber law is created to help protect people and organizations on the Internet from malicious people on the Internet and help maintain order. If someone breaks a cyber law or rule, it allows another person or organization to take action against that person or have them sentenced to a punishment.

See our computer crime term for an example of crimes cyber laws help prevent.

Cracking - Breaking or deciphering codes that are being used to protect data.

Cyber terrorism - Hacking, threats, and blackmailing towards a business or person.

Cyberbully or Cyberstalking - Harassing or stalking others online.

What happens if you break a cyber law?

There are different forms of punishment depending on the type of cyber law you broke, who you offended, where you broke the law, and where you live. In many situations, breaking the rules on a website will result in your account becoming suspended or banned and your IP addressedblocked. To determine the consequences of your action for minor offenses, we recommend reviewing the companies terms of service or rules.

If you've committed a more serious offense such as hacking, attacking another person or website, or causing another person or company distress, additional action may be taken against you.

7 aims and salient provisions

Here are the salient features of Republic Act 8792:

1. It gives legal recognition of electronic data messages, electronic documents, and electronic signatures. (section 6 to 13)

2. Allows the formation of contracts in electronic form. (section 16)

3. Makes banking transactions done through ATM switching networks absolute once consummated. (section 16)

4. Parties are given the right to choose the type and level of security methods that suit their needs. (section 24)

5. Provides the mandate for the electronic implementation of transport documents to facilitate carriage of goods. This includes documents such as, but not limited to, multi-modal, airport, road, rail, inland waterway, courier, post receipts, transport documents issued by freight forwarders, marine/ocean bill of lading, non-negotiable seaway bill, charter party bill of lading. (section 25 and 26)

6. Made cable, broadcast, and wireless physical infrastructure within the activity of telecommunications. (section 28)

7. Empowers the Department of Trade and Industry to supervise the development of e-commerce in the country. It can also come up with policies and regulations, when needed, to facilitate the growth of e-commerce. (section 29)

8. Provided guidelines as to when a service provider can be liable. (section 30)

9. Authorities and parties with the legal right can only gain access to electronic documents, electronic data messages, and electronic signatures. For confidentiality purposes, it shall not share or convey to any other person. (section 31 and 32)

10. Hacking or cracking, refers to unauthorized access including the introduction of computer viruses, is punishable by a fine from 100 thousand to maximum commensurating to the damage. With imprisonment from 6 months to 3 years. (section 33)

8 Cyber laws in India and their limitations

What is the cyber law in India?

Cyber Laws in India prevent any crime done using technology, where a computer is a tool for cybercrime. The laws for cyber crime protects citizens from dispensing sensitive information to a stranger online. Ever since the introduction to cyber laws in India happened, IT Act 2000 was enacted and amended in 2008 covering different types of crimes under cyber law in India. The Act explains the types of cyber crime and punishment.

The realm of cyberspace which is largely dependent upon the internet and use of technology, incidents of cyber crimes are reported to have increased. To protect one from cybercrime, there was a need for cyber laws and so the implementation of cyber laws in India began in the year 2000, with the IT Act as an introduction to Indian Cyber Law.

To know about cyberlaw, it is necessary to understand what is Cyber Law in India and what it deals with.

By definition, cyberlaw states that it's a subset of law which specifically deals with the inter-network technology. Meaning cyber law in India deals with the crimes done through a computer or any other digital device.

Role of law in the cyber world is related to the below:

Cyber Crimes

Electronic and Digital Signatures

Intellectual Property

Data Protection and Privacy

In cybercrime, the computer can either be a tool, target, or both.

Importance of Cyber Law in India

Cyber laws in India or cybercrime law in India is important because of the prime reason that cyber crime act in India encompasses and covers all the aspects which occur on or with the internet - transactions and activities which concern the internet and cyberspace.

Types of Cyber Crimes

Different types of cyber crimes have different punishments in India.

Identity theft – (Identity theft is the crime of obtaining the personal or financial information of another person to use their identity to commit fraud, such as making unauthorized transactions or purchases) When personal information of a person is stolen with the purpose of using their financial resources or to take a loan or credit card in their name then such a crime is known as Identity theft.

Cyberterrorism – (the politically motivated use of computers and information technology to cause severe disruption or widespread fear in society, cyberterrorism refers to the use of the Internet in order to perform violent actions that either threaten or result in serious bodily harm or even loss of life.) When a threat of extortion or any kind of harm is being subjected towards a person, organization, group or state, it is known as the crime of Cyber Terrorism. Generally, it includes the well-planned attack strategies on the Government and corporate computer system.

Cyberbullying – (Cyberbullying includes sending, posting, or sharing negative, harmful, false, or mean content about someone else. It can include sharing personal or private information about someone else) When a teenager or adolescent harasses, defames, or intimidates someone with the use of the internet, phone, chat rooms, instant messaging or any other social network then the person is said to be committing the crime of Cyberbullying. When the same crime is done by adults it is known as Cyberstalking.

Hacking – (Hacking refers to activities that seek to compromise digital devices, such as computers, smart phones, tablets, and even entire networks. And while hacking might not always be for malicious purposes, nowadays most references to hacking, and hackers, characterize it/them as unlawful activity by cybercriminals—motivated by financial gain, protest, information gathering (spying), and even just for the “fun” of the challenge.) The most common cyber crime is Hacking. In this crime, the person gets access to other people's computers and passwords to use it for their own wrongful gain.

Evolution of Cyber Law in India

With an increase in the dependency on the use of technology, the need for cyberlaw was necessary. Much like every coin has two sides, therefore, the dependency on technology has its pros and cons.

The rise of the 21st century marked the evolution of cyberlaw in India with the Information Technology Act, 2000 (popularly known as the IT Act). The first ever cyber crime was recorded in the year 1820

The objective of Information Technology laws in India is as follows:

To provide legal recognition for all e-transactions

To give legal recognition to digital signatures as a valid signature to accept agreements online

To give legal recognition to keeping accounting books in electronic form by bankers as well as other organizations

Protection of online privacy and stopping cyber crimes

The Indian IT law updated the Reserve Bank of India Act and the Indian Evidence Act.

With the evolution of cyber law almost all online activities came under scrutiny. However, one thing about cyber law is that there are certain areas on which cybercrime laws in India do not apply such as:

Negotiable Instrument being other than cheque

Power of Attorney

Will

The contract for Sale or Conveyance of Immovable Property

Central Government notified documents or transactions

The Need for Cyber Laws

In the present world which is more tech-savvy, the words cyber law and cyber crimes has also become more sophisticated.

Internet and technology were launched for research purposes and making life of humans easy but as the use and number of people on the internet increased, the need for cyber laws in India was felt.

As the nature of the internet is anonymous it is easy to commit cyber crimes. Thereby many could misuse this aspect largely.

What is the Information Technology Act, 2000?

When the emphasis was on the need for cyber law or cyber security laws, then, it was imperative to implement an IT law in India. Thus, the Information Technology Act, 2000, or also known as the Indian Cyber Act or the Internet Law came to force in India.

Since the enactment, the Indian Internet Laws were drafted to bring in view all the electronic records and online/electronic activities to legal recognition. The IT Act also addresses the important issues of security, which are critical to the success of electronic transactions.

The Internet Laws in India not only validates digital signatures but also provides for how authentication of the documents, which has been accepted and generated by using the digital signatures, can be done.

As IT Act is a cyber security law introduced to secure cyberspace, the Information Technology Law was amended under;

The Indian Penal Code

The Indian Evidence Act

The Banker’s Book Evidence Act

The Reserve Bank of India

The prime focus of cyber law in India is to prevent:

Computer crime

Forgery of electronic data & record in e-commerce

Electronic transaction

IT Act, 2000 went through amendments in the year 2008. These were made in light of the laws on cyber crime - IT Act, 2000 by way of the IT Act, 2008. They were enforced at the beginning of 2009 to strengthen the cyber security laws.

Modifications in the Information Technology Act, 2008 included the change in the definition of some terms such as communication device.

The amendment for the definition of communication device was to include:

The current use

To validate the digital signature

To make the IP address owner accountable

Impose liability for data breaches

How to Prevent Cyber Crime?

No doubt that the cyber security laws or cyber laws in India provide protection from cyber crime. However, prevention is always better than cure.

Therefore, one should take the following steps for preventing a cyber crime:

Unsolicited text message - We all get text messages from an unknown number. One should be cautious and try to avoid responding to text message or automated voice message from an unknown number.

Downloads on the mobile phone - Download everything on the mobile phone from a trustworthy source only.

Rating and feedback - Always check for seller’s rating and feedback of customer for the seller. Be sure that you are checking current feedbacks. Also, beware of feedbacks that are 100% seller favouring or have an entry on the same date.

Personal Information Request - Everyone must have received a call or mail. In which, the person on the other side asks for personal information. This includes your card CVV or a mail containing an attachment, which requires you to click on embedded links. Be sure to never respond to such emails or calls.

Sayadasite

Multiple Ads

Search

Menu Bar

Legal Aspects of e-commerce

No comments: