Recently it was reported that a meeting of Cyber Cafe owners were held at Bangalore in which the Police have suggested that the Cyber Cafes install a software for tracking the ID of users. It was also stated that a free software would be made available for the purpose.

While it is good that a practical solution is being considered for compliance of the karnataka cyber cafe regulations first announced in 2004, it is necessary to bring to the notice of the authorities, that the timing of the suggestion was not ideal. According to the report of Times of India the meeting was held on 29th October 2009.

However on October 27, 2009, the new Information Technology Act 2008 was notified for effectiveness by the Central Government making the Karnataka Cyber Cafe regulations -which were incidentally called Information technolgoy (Karnataka) Rules 2004 and notified under the signature of the then IT&BT under secretary on 5th August 2004, redundant.

Under the ITA 2008 “Cyber Cafe” has been defined (there was no definition in ITA 2000) and powers to regulate them as “Intermediaries” vests with the CERT-IN.

For the benefit of immediate reference the relevant sections of ITA 2008 are reproduced below from an earlier article titled . .“Cyber Cafes in India now come under strict regualtions”

Section 2(na) of ITA 2008,

“Cyber cafe” means any facility from where access to the internet is offered by any person in the ordinary course of business to the members of the public.

Section 2(w) of ITA 2008

“Intermediary” with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes.

As per Section 67(C) of ITA 2008,

(1) Intermediary shall preserve and retain such information as may be specified for such duration and in such manner and format as the Central Government may prescribe.

(2) Any intermediary who intentionally or knowingly contravenes the provisions of sub section (1) shall be punished with an imprisonment for a term which may extend to three years and shall also be liable to fine.

As per Section 69 (modified version),

(1) Where the central Government or a State Government or any of its officer specially authorized by the Central Government or the State Government, as the case may be, in this behalf may, if satisfied that it is necessary or expedient to do in the interest of the sovereignty or integrity of India, defense of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence, it may, subject to the provisions of sub-section (2), for reasons to be recorded in writing, by order, direct any agency of the appropriate Government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information transmitted received or stored through any computer resource.

(2) The Procedure and safeguards subject to which such interception or monitoring or decryption may be carried out, shall be such as may be prescribed

(3) The subscriber or intermediary or any person in charge of the computer resource shall, when called upon by any agency which has been directed under sub section (1), extend all facilities and technical assistance to –

(a) provide access to or secure access to the computer resource generating, transmitting, receiving or storing such information; or

(b) intercept or monitor or decrypt the information, as the case may be; or

(c)  provide information  stored in computer resource.

(4) The subscriber or intermediary or any person who fails to assist the agency referred to in sub-section (3) shall be punished with an imprisonment for a term which may extend to seven years and shall also be liable to fine.

The important points to be noted in this section as well as the two other sections 69A and 69 B quoted below are

a) These powers are available to both the Central and State Governments who can specially authorize an officer for the purpose.

b) It can be invoked even for preventing incitement to the commission of any cognizable offence. It is debatable whether the term “Cognizable offence” has to be restricted to ITA 2008 only or can be extended to IPC or other laws as well.

c) Government shall prescribe necessary safeguards to be followed by Intermediaries.

d) The powers include demanding of information stored in a computer

e) Non compliance may result in stiff penalty of imprisonment upto 7 years.

The sections 69  specifically vest the powers in an agency to be designated. It has deliberately avoided the use of the term “Police”. The legislative intent is therefore indicative  that Police need not be the agency to exercise the powers under this sections.

It is believed that the Union Government is presently formulating rules under sections 79 which will define the “Due Diligence” requirements for intermediaries which will incldue the Cyber Cafe regulations.

Hence we may say that the Karnataka Police have jumped the gun to announce the adoption of a specific technology for cyber cafe regulations.

It would be advisable for the Police to wait until the complete set of rules are ready or request the IT&BT Secretary to formulate the necessary rules.

Naavi

Be Sociable, Share!