1. Define computer ethics.

AnswerThe term computer ethics was coined in the mid 1970s by Walter Manor to
refer to that field of applied professional ethics dealing with ethical problems
aggravated, transformed, or created by human technology. Computer ethics
is the analysis of the nature and social impact of computer technology, and
the formulation and justification of the policies for the ethical use of such
technology. Computer ethics examine the ethical issues surrounding
computer usage and the connection between ethics and technology. It
includes consideration of both personal and social policies for ethical use of
computer technology. The goal is to understand the impact of computing
technology upon human values, minimize the damage that technology can do
to human values, and to identify ways to use computer technology to
advance human values.

2. Explain the four classifications of ethical issues.

AnswerEthical issues can be classified into:
1. Privacy issues: The privacy issues deal with the collection, storage, and
dissemination of information about individuals. For example:
What information about oneself should an employer reveal to others?
What kind of surveillance can an employer use on its employees?
What things can people keep to themselves and not be forced to reveal to
others?
What information about individuals should be kept in databases, and how
secure is the information there?
2. Accuracy issues: The accuracy issues deal with authenticity, fidelity, and
accuracy of information collected and procured. The questions that need to
be addressed in accuracy issues include:
Who is responsible for the accuracy, fidelity, and accuracy of information
collected?
How can we ensure that information will be processed properly and presented
accurately to the users?
How can we ensure that errors in databases, data transmissions, and data

processing are accidental and not intentional?

Who is to be held responsible for errors in information, and how should the
injured party be compensated?
3. Property issues: The property issues deal with ownership and value of
information (intellectual property). Examples of issues that need to be
addressed as property issues are:
Who owns the information?
What are the just and fair prices for its exchange?
How should one handle software piracy?
Under what circumstances can one use proprietary databases?
Can corporate computers be used for private purposes?
How should experts who contribute their knowledge to create expert systems
be compensated?
How should access to information channels be allocated?
4. Accessibility issues: The accessibility issues concern with the right to
access information and payment towards the same. These issues include:
Who is allowed to access information?
How much should be charged for permitting accessibility to information?
How can accessibility be provided for employees with disability?
Who will be provided with the necessary equipments for accessing
information?
There is a need to address these four types of issues so that the computer
and information technology business operates in an ethical domain. We must
ensure that information technology, and the information it handles, is used to
enhance the dignity of mankind.

Unit 2 (Topics In Computer Ethics)

1.Examine the social and ethical issues arising out of the presence of
computers in the workplace.

AnswerThe social and ethical issues that can arise out of the presence of computers
in the workplace are:
Task Automation: At workplace, computers have become universal tools that
can in principle perform any task and hence pose a threat to jobs. They are
far more efficient than humans in performing many tasks. Therefore,
economic incentives to replace humans with computerized devices are very
high. In the industrialized world, many workers doing jobs as bank tellers,
autoworkers, telephone operators, typists, and graphic artists, have already
been replaced by computers. Even professionals like medical doctors,
lawyers, teachers, accountants, and psychologists are finding that computers
can perform many traditional duties performed by workers and professionals.
On the other hand, the computer industry has generated a wide range of new
jobs in the form of hardware engineers, software engineers, system analysts,
webmasters, information technology teachers, and computer sales clerks.
Even when a job is not eliminated by computers, the job profile could be
radically altered. An airplane pilot may be assisted by computers to make
choice about the best landing times and air corridor selection. So, job gains
and losses are to be viewed in the context of the society we live in.
Health and Safety: Another workplace issue concerns health and safety. Often
radiation from machines, repetitive injuries, and posture related problems are
common at computer dominated workplaces. Another concern is poisonous
non biodegradable computer waste, which is causing a major threat to the
environment. When information technology is introduced into the work place,
it is important to consider the likely impact upon health and job satisfaction
of workers who will use it. The advent of stress in the workplace due to the
introduction of computers is becoming more and more evident.
Employee Monitoring: Another major concern is the employee monitoring or
surveillance by the organizations using sophisticated computer driven
technology. Some amount of monitoring may be vital for protecting the
interest of the employer and to increase productivity, but excess of such
surveillance can becomes unethical.

2. Discuss the impact of globalization on computer ethics.

The fast pace of globalization and creation of global and cyber markets, has
given computing a new meaning. Bynum and Rogerson (1996) have
suggested the use of the expression "Global Information Ethics" to describe
the impact of globalization on computers ethics. Others (see van den Hoven,
Introna, Johnson, and Nissenbaum, 1999) have used the expression

"Information Communications Technology Ethics" or ICT Ethics to attempt to

capture the convergence of information-related and
communications-related ethical issues in a global context.

Global networks like the Internet and especially the World Wide Web (WWW)
are connecting people all over the globe. Efforts are on to develop mutually
agreeable standards of conduct and efforts to advance and defend human
values. Globalization has led to the discussion of the following issues:
Global Laws: Over 200 countries are already interconnected by the Internet.
Given this situation, what is the effect and impact of the law of one particular
country on the rest of the world? Issues regarding freedom of speech,
protection of intellectual property, invasion of privacy vary from country to
country. The framing of common laws pertaining to such issues to ensure
compliance by all the countries is one of the foremost questions being
debated.
Global Cyber Business: Technology is growing rapidly to enable electronic
privacy and security on the Internet to safely conduct international business
transactions. With such advanced technology in place, there will be a rapid
expansion of global cyber business. Nations with a technological
infrastructure already in place will enjoy rapid economic growth, while the
rest of the world will lag behind. This disparity in levels of technology will fuel
political and economic fallout, which could further widen the gap between the
rich and the poor.
Global Education: Inexpensive access to the global information net for the
rich and the poor alike is necessary for everyone. However the impact of this
sudden and global education on different communities, cultures, and religious
practices is likely to be profound. The impact on lesser known universities
would be felt as older well-established universities begin offering degrees and
knowledge modules over the Internet.

Unit 3 (Ethics And The Internet)

1.Discuss the distinct features of the Internet.

AnswerThe Internet has three distinct features:

Global Scope: The Internet has a global reach. Internet technology has much
broader scope and access than conventional modes of communications and
data retrieval. With little effort, a user can reach hundreds and thousands of
individuals around the globe. The ability to reach many people quickly and
easily is not exactly new or unique compared to radio or television
communication. But the significant difference between the Internet and
television and radio is that in the case of radio and television, communication
is in most cases one way whereas in the case of Internet it is interactive. It is
this interactivity, which is the unique characteristic of the Internet. Not just
interactivity, customizability, easy usability, and accessibility are also distinct
features of Internet.
Anonymity: The second important feature of the Internet is that it provides a
certain kind of anonymity. On the Internet, individuals have the possibility of
creating a different profile, ensuring that information about them cannot be
traced while in communication with others on the Internet. It is a silent
feature of Internet communication and people can deliberately avoid seeing
or hearing one another directly. Anonymity makes accountability for ones
action difficult to achieve and tends to diminish trust in the information that
is being exchanged. The feature of anonymity has also facilitated the
development of virtual information.
The open and anonymous nature of communications on the web, has led to
the development of software with stealth to gather information intelligently.
An inference is made from information gathered without our knowledge or
consent, which is termed as virtual information. This type of information
adds information to a persons profile and tends to redefine a persons digital
persona. This is an invasion of ones virtual privacy.
Reproducibility: The third feature is not just a feature of the Internet, but of
information technology in general. Electronic information exists in the form
that makes it easy to copy without any loss of originality or value in the
process of reproduction. Copied data or software is perfectly usable. Copied
data or software leaves no evidence behind and the creator/owner of the data
or software could remain unaware of their work being copied. Reproducibility
facilitates anonymity.

2. What are the fundamental conceptions regarding the evaluation of

individual actions?
AnswerIn the history of moral philosophy, two fundamentally different and mutually
exclusive conceptions of the moral evaluation of individual actions are

prevalent:
One approach or school of thought believes that it is important to examine an
issue under independently justified principles of what one considers being
right. The idea here is to follow the principles that articulate what is morally
right irrespective of the consequences. This is referred to as deontological
approach. In this approach, one starts out with one or more moral principles
and see how they apply to particular cases.
The other school of thought believes that it is important to look for the course
of action that maximizes the good. This approach involves determining which
action yields the best consequences measured in some standard of the
good or morality. This approach referred to as teleological approach
involves deciding on what is good for population. It also spells out what is
wrong with actions that interfere with attempts to get it.

Unit 4 (A professionals code of ethics)

1. How do professional codes address issues from the viewpoint of computing

profession?
AnswerThe code of ethics provides a basis to address issues from the viewpoint of
the computing profession. These codes address issues from the viewpoint of
computing profession by imposing three levels of ethical obligations, which
are to be followed by the professionals:
The first level is a set of ethical values, such as integrity and justice, which
professionals share with other human beings by virtue of their shared
humanity. Code statements at this level are statements of aspiration that
provide vision and objectives.
The second level obliges professionals to more challenging obligations than
those required at the first level. At the second level, by virtue of their role as
professionals and their special skills, they owe a higher degree of care to
those affected by their work. Every type of professional shares this second
level of ethical obligation. Code statements at this level express the
obligations of all professionals and professional attitudes. They do not
describe specific behavior details, but they clearly indicate professional
responsibilities.
The third level comprises several obligations that derive directly from

elements unique to the particular professional practice. Code elements at this

level assert more specific behavioral responsibilities that are more closely
related to the state of art within the particular profession. The range of
statements is from more general aspirational statement to specific and
measurable requirements. Professional code of ethics needs to address all
three of these levels.

2. How is a professional code distinguished?

AnswerProfessional code can be distinguished into:
Code of Ethics: Code of ethics is more aspirational. They are mission
statements emphasizing the professional objectives and vision.
Code of Conduct: Code of conduct is more oriented towards the professionals
attitude. They do not describe in detail how to carry out a particular action,
bur they make clear the issues at stake in different specialized fields.
Code of Practice: Code of practice on the other hand fixes some accepted
state of art (Berleur, 1996) and relate to current operational activities

Unit 5 (Information Technology and the Net)

1. E-Commerce is the new mantra of business Explain?

AnswerE-Commerce is the use of the Internet to buy and sell goods and services. ECommerce is changing the way in which organizations do business, resulting
in streamlined purchasing processes and lowering the cost of transacting
business for both large and small companies.
E-Business helps in improving the way the business is conducted with the
government, customers, and other businesses.
E-mail can be used in businesses to communicate with suppliers. It can also
be used for responding and receiving the customer queries. For example, email can be used to accept orders from the customers. The customers can
also make the payments online and get the information regarding the
products available along with their price.

Internet can also be used by businesses for managing their records and they
can make use of electronic bookkeeping. An on-line banking service is
another area, which can be used by the businesses. These services can be
used for funds transfer, payroll management, and electronic bill payment.

2. Describe the nature and features of the internet.

AnswerA network of networks is called as an Internet. In this the computers systems
are connected with each other in a local area network. They are also
connected to computers on a national and International scale. The fiber-optic
cable, twisted - pair copper wire, microwave transmission, or other
communication medias are used for connecting each node, which is a part of
the web. A set of rules is followed when the computers on the web
communicate with each other. These rules are called as Internet Protocols. In
this type of communication, the Internet acts as a packet switched network.
The data that needs to be transmitted is broken down into smaller packets.
The address of the final destination is attached with the packets. These
packets may follow different route from computer to computer until their final
destination. At the final destination the recipient machine reassembles the
packets.

3. Discuss the impact of the information technology revolution on society.

AnswerThe amazing growth of information technology has implications for every
aspect of society. So far there is little research that reveals how technology
has and will continue to change the dynamics of society and the nonprofit
sector. Following point elaborate how information technology affects various
sections of society:
The nonprofit sector is experiencing an organizational version of the "digital
divide"-the technology gap between large and small nonprofits. Hardware,
software, and technical assistance are not enough to close the divide;
strategic planning and staff time are also essential.
The true impact the Internet will have on society is in "building community,"
bringing together groups of citizens, who are united by shared values working
for the public good, often spanning international lines.
Organizations that use technology well are usually marked by strong support

from the executive director, support from the board, and the presence of a
"key user" staff person.
The Internet enables an organization to strengthen relationships with its
current audiences as it enables targeted, fast, and consistent communication.
It can also enable nonprofits to reach out to new audiences through effective
use of search engines and "viral marketing".
Strategic use of technology is likely to require long-term collaborations with
for-profit and nonprofit partners.
Technology can be used to mobilize people globally around a common cause
to achieve world-changing results far beyond the promise of enabling
nonprofit organizations to perform important functions, such as fundraising
and recruiting volunteers more effectively.

4. There is no nexus between cyber space and real space - Comment.

AnswerThere is the difference between the business rules for online commerce and
carrying business in the real space. Much of this difference comes from
Internet's telepresence features. This feature renders the network
technologically indifferent to physical location. The network is very insensitive
to geography. It is not possible to determine the physical location of a user or
a resource. In real space, locating a person or entity with which business is
interacting is much easier. In the cyberspace to know the location of the
partners with whom you are interacting is very difficult to know. In some
instances, even an Internet address tells something only about the location of
a given machine. There is no way to find the information about the actual
user.

Unit 6 (Sources of the Law)

1. Explain the different sources of law.

AnswerThere are three main sources of law, namely, legislation, common law and
custom. Legislation is the formal enactment of law by the legislature created
or authorized by the Constitution. It constitutes the process of codification or
legislative enactment. It consists of written laws, as contrasted with the judge

made law or common law.

Common law comprises the body of principles. It is a body of law that

develops and derives through judicial decisions, as distinguished from
legislative enactments. Judicial decisions become a source of law by reason of
the practice of courts, of accepting "precedent" as a source of law, that is, the
established judicial practice that a court must follow the law laid down by a
decision of the higher judiciary in the country or state.

Custom denotes a usage or practice of the people which by common

adoption and acquiescence and by long and unvarying habit, has become
compulsory and has acquired the force of law with respect to the place or
subject matter to which it relates. Legislation and common law can operate in
any sphere of human activity, while the operation of custom is generally
restricted to a particular locality, group or family.

2. Discuss the significance of legislation.

AnswerThere are three main sources of law, namely, legislation, case law and
custom.
"Legislation" is the formal enactment of law by the legislature created or
authorized by the Constitution.
Significance of Legislation: Legislation is the foundation of democratic polity.

The legislature provides the following functions:

The legislature can legislate in advance. Judges cannot do so.
The legislature can make a law on any subject within its competence. But
judges can deal with a subject, only when the point arises before them.
The legislature (both of parliament, state or even local self Government) can
(subject to constitutional limitations) override the law laid down by the
courts, on a particular point (though, because of the doctrine of separation of
powers, the legislature cannot reverse or modify the actual decision rendered
by the court in a particular case).

Legislation is the most fertile source of law. Subject to limitations flowing from
the constitutional doctrine, that matters of policy cannot be delegated, the
legislature can vest a subordinate authority with power to make rules, orders,
etc.

A legislative enactment is not subject to appeal; and the law enacted by it

cannot be reversed, by a higher authority (though it can be declared to be
void, if it is unconstitutional).

3. Distinguish between the different branches of law.

AnswerBranches of Law: The common law system could be categorized in various
ways. At a fundamental level it could be categorized as substantive law and
procedural law. Substantive law is one, which recognizes, defines and confers
rights on the parties. Whereas procedural law focuses on procedure to be
followed to give effect to the predetermined rights, duties and obligations
both outside and inside the courts of law.
Similarly, another categorization is civil and criminal laws.
One more criterion for divisions could be connected with the impact and
coverage of the particular rule of law. When it relates to public domain, it
becomes "public law". E.g. laws like constitution law, administrative law and
criminal law are construed as public laws. When it concerns individuals, it is
labeled as "private law". E.g. the Indian Contract Act, 1872.

4. What is common law. How does it differ from codified law?

AnswerCommon law or uncodified law is the law flowing from judicial decisions. E.g.
the process of dispute resolution or adjudication of liability by either village
elders or people holding power through the process of issuing commands has
received social acceptance. The uncodified law governs large segment of the
legal regime. The judgment pronounced by an organ of the higher judiciary
performs at least two important functions:
For the immediate parties, the judgment becomes a source, rights and duties.
For the world, it becomes a source of law, it happens to deal with a legal

proposition - and to make a definite pronouncement on the subject.

It is different from codified law because codified laws are made formally by a
law making body of people, where as common laws have their enunciations
through decisions of courts.

5. Explain how custom is a source of law?

AnswerCustom (as a source of law) denotes a usage or practice of the people, which
by common adoption and acquiescence and by long and unvarying habit, has
become compulsory and has acquired the force of law with respect to the
place or subject matter to which it relates. Legislation and common law can
operate in any sphere of human activity, while the operation of custom is
generally restricted to a particular locality, group or family.

Unit 7 (Information Technology and the Attempted Legal Response)

1. State and discuss the primary assumptions of a legal system.

AnswerFollowing are the primary assumptions of a legal system:
Sovereignty: Law making power is a matter of sovereign prerogative. As a
result, the writ of sovereign authority runs throughout wherever sovereign
power exercises authority. Beyond its authority, the sovereign cannot
regulate a subject matter through legal intervention.
Territorial Enforcement: Any law in real world context can only be subjected to
predetermined territorial enforcements. There are some exceptions to this.
The sovereign authority could join extra territorial jurisdiction in case of
criminal law. This indicates that the sovereign authority can initiate
prosecution, even if the crime is committed beyond the limits of the territory.
The proceedings must comply with the principle of 'double criminality', that is
in both the countries, the alleged act of commission must have been
criminalized.
Notion of property: The obtaining premise of the legal response considers
'property' as tangible and physical. In the cyber context, 'property' in the

form of digitized services or goods poses serious challenges to this legal

understanding. Also that the 'domain names' raise fundamental questions.
Paper-based transaction: Obtaining legal response considers and encourages
people to create and constitute legally binding relationships on the basis of
paper- based transactions. Although the word document under law takes
within its fold material other than paper also. Since in cyber context, digital or
electronic record forms the basis of electronic transactions. Hence, the
transactions are on the basis of electronic records.
Real relationships: Legal response considers relationships quite often. In view
of connectivity, pace and accuracy as to transmission, in the cyber context,
these relationships acquire unique distinction of virtual character. In case of
trade and commerce, commercial transaction in the form of contracts
constitutes the foundation of legal relationship.

Unit 8 (Cyber Crimes)

1. Discuss the current forms of computer crime.

AnswerThe misuse of computers began in the year 1960. Later with the rapid growth
of telecommunications dissemination of harmful contents, such as
pornography and other communication offences in computer networks arose.
The modus operandi does not follow a continuous path. It constantly adapts
to new technologies. Hence, the computer crimes can be analyzed under the
following broad categories:
Privacy infringement: The personal rights of the citizens are endangered with
the collection, transmission, and storage of the personal data. Therefore, in
the data processing area, the protection of privacy needs to be considered. A
balance needs to be maintained between the privacy interests of data
subjects concerned and the economic freedom of the holders of personal
data.
Economic offences: The economic crimes are considered as the central area
of computer crime. Hacking, fraudulent manipulation of the computer data is
some of the economic offences related to computers.
Computer hacking: The greatest risk that the information technology
business faces today is the security of information in terms of integrity,
availability, and confidentiality. Stories about website defacements, credit

card frauds, non-availability of web and application servers, and new virus
attacks are common. These defacements are done by hackers and this
process is called as hacking.
Software piracy and other forms of product piracy: This includes illegal access
of computer programs. It also includes copying the softwares of the
individuals to gather more information.

2. Discuss the classification of crimes under the IT Act, 2000.

AnswerWhile considering the general terrain of cyber law, as of now, the following
acts are construed as cyber crimes in the IT Act, 2000:
Without permission of the authorized user
Accessing or securing access to such computer, computer system or
computer network
Downloading, copying or extracting any data or information for such
computer, computer system or computer network including information or
data held or stored on any removable storage medium
Introducing any computer virus or contaminant in the computer, computer
system or network
Damaging the computer, computer system or network
Disrupting the working of the computer, computer system or network
Disrupting the access of the computer, computer system or network of an
authorized user
Providing assistance to ensure unauthorized access to the computer,
computer system or network
Tampering with computer source documents
Hacking with computer system
Publishing of information, which is obscene in electronic form
Carrying on activities that are not in compliance with the provisions of the Act
Failure to extend all facilities and technical assistance to the Controller to
decrypt any information necessary for the security of the nation

Unauthorized access or attempt to secure unauthorized access to a system

that by official notification is declared a protected system

Unit 9 (Cyber Contracts)

1. Discus the essentials of a valid contract.

AnswerThe essentials of a valid contract are:
Intention with which the contract is created: The intention to create a
contract should be clear otherwise, it will be treated as invalid.
Offer and acceptance: A contract ceases to exist without an offer. An
acceptance will be deemed to be complete when both the parties are in
conscience with each other.
Consideration: A consideration may consist sometimes in the doing of a
requested act, and sometimes in the making of a promise by the offeree.
Consideration is not required for a promise to compensate, wholly or in part,
a person who has already voluntarily done something for the promisor or
something, which the promisor was legally compellable to do. It is also not
required for a written and signed promise by the debtor (or his duly
authorized agent) to pay a time-barred debt to the creditor.
Capacity to enter into contract: A person can enter into a contract only after
he has attained an age of majority and is not debarred by law for doing any
unlawful activity.
Free consent of the parties: When consent is attained by fraud or
misrepresentation, the agreement can become void at the consent of the
party who was forced to enter into such an agreement.
Lawful object of the agreement: If the consideration or an object is unlawful,
the agreement will be treated as void.

2. What are the remedies for the breach of a contract.

AnswerThe principal remedies for the breach of contract are:

Damages: The party who has broken the contract needs to pay compensation
for any loss or damage that has occurred to the party with whom such a
contract was entered into.
Specific performance of the contract: In certain cases, the court directs
against the party in default for the "specific performance" of the contract.
This means that the party will be asked to perform the obligations that he
needs to perform according to the contract.
Injunction: An injunction is a preventive relief and is granted at the discretion
of the court. The discretion of the court is not arbitrary but is guided by
judicial principles. A further check on the discretion is the provision for
correction through an appeal in a higher court.

Unit 10 (Cyber Privacy)

1. Discuss the policy approaches to privacy issues

AnswerThe policy regime pertaining to protection of privacy concerns is premised
upon the following three approaches:
Market approach: This approach rejects extrinsic legal enforcement and takes
within its fold self regulatory mechanisms, which would enable the market
players to employ or adopt. It does not talk about tangible consumer
remedies.
Human rights approach: This approach recognizes rights to information and
the related attribute of privacy as a human right.
Contract approach: This recognizes contract model. This model premises on
the ground that in a given context the privacy concerns are better protected
if the concern is treated as terms and conditions of the contract. Hence, the
contract imposes an obligation on the parties to protect the privacy concerns.
In the event of breach the contract itself provides for contractual remedies.

2. Explain the essentials of Privacy Preferences Project (P3P) platform.

AnswerP3P aims at providing a simple, automated way for users to gain more control
over the use of personal information on websites they browse. P3P is a

standardized set of multiple-choice questions about the website's privacy

policies. Online customers can answer these questions to select the way their
personal information will be handled by the service provider. This snapshot
could be read by P3P enabled browsers and set according to the set of
privacy preferences of the consumer. P3P not only provides facilitating
environment for the consumer to decide, negotiate and firm up the
contractual relationship, but also recognizes nine aspects of online privacy.
The first five aspects deal with (a) who is collecting this data? (b) Exactly
what information is being collected? (c) for what purposes? (d) which
information is being shared with others? (e) and who are these recipients?
The remaining four aspects focus on the site's internal privacy policies. They
include (a) can users make changes in how their data is used? (b) how are
disputes resolved? (c) what is the policy for retaining data? (d) and where can
be detailed policies found in human readable form?

P3P is software to negotiate privacy agreements between websites and online

visitors. It is a kind of social technology that involves not merely technology
but also active participation of human beings

3. Describe the concept of Sensitive Personal Information in ITA 2008.

[P.S: This paragraph is a suggested addition. Corresponding changes need to
be made in the index page
also]
Answer-

Unit 11 (Information Technology Act, 2000 (I.T. Act, 2000))

1. What are the evidentiary presumptions of a secured electronic document.

Explain the process of encryption and decryption of data.
AnswerAn electronic document is said to be secure where any security procedure has
been applied to the electronic document at a specific point of time. Such a
document is deemed to be secure till the time of verification. But there is no
presumption about the integrity and authenticity of the electronic record. To
create a legally bound electronic document is technologically complex. A

legally enforceable electronic document must pass the test of authentication,

non-repudiation, confidentiality, and information integrity during transmission
or storage. The key element in the authentication of a paper-based document
is the signature of the contracting persons. Likewise an electronic signature is
the key in an electronic record. The equivalent electronic signature is referred
to as digital signature. A digital signature is to identify the sender of the
electronic record, authenticate the originator of the message and to certify
that the message could not have been tampered with during the course of its
transmission. The process of making the information unintelligible to the
unauthorized reader is known as encryption of data. The process of making
the information readable once again is known as decryption of data. The
science of Cryptography is made up of encryption and decryption. There are
two types of Cryptographic systems - symmetric and asymmetric. The
symmetric Crypto system consists of both the sender and the receiver having
access and sharing a common 'Key' to encrypt or decrypt a message. The
asymmetric Crypto system is a more a secure system. This system uses two
keys. The originator of the document keeps one of the keys known as the
'Private key' and the other key is sent to the recipient of the message. The
recipient affixes the digital signature when he uses the public key to open the
message sent to him. Thus the combination of the Public Key and the Private
Key provide both confidentiality and authentication, which enables for secure
electronic transmission.

2. Explain the term digital signature. What is a digital signature certificate.

AnswerDigital Signature: The IT Act states that where any law provides that
information shall be in writing or in printed form, the requirement is deemed
to be satisfied if such information is in an electronic form and is accessible for
subsequent reference. The key ingredients of the formation of electronic
contracts comprise communication of offer and acceptance by electronic
means, verification of the source of the communication, authentication of the
time and place of dispatch and finally the verifiability of the receipt of the
data communication. A 'digital signature' may be affixed to authenticate an
electronic record. The digital signature serves to satisfy the legal requirement
of affixing of a signature in a written or printed document. The Central
Government has the power to make rules about the type of digital signature,
the manner and format of digital certificate that shall be affixed, control
process and procedures to ensure adequate integrity, security and
confidentiality of electronic records and payments. Digital Signature
Certificate: It certifies the identity of the subscriber and implies his
acceptance of the provisions of this act and the rules and regulations

contained therein. The certificate is issued only on the following grounds:

The Certifying Authority being satisfied that the information contained in the
application of certificate is accurate.
The subscriber holds a Private Key capable of creating a Public Key.
The Private Key corresponds to the Public Key to be listed in the Digital
Signature Certificate.
The Public Key to be listed in the certificate can be used to verify a digital
signature affixed by the Private Key held by the subscriber.

But the certifying authority can revoke a digital signature certificate issued by
it, if required.

3. Explain the difference between the system of Hash Value Creation and
Asymmetric key Encryption
Answer-

Unit 12 (Penalties and Adjudication)

1. What is meant by unauthorized access to a computer under the provisions

of the IT Act, 2000.
AnswerThe IT Act defines unauthorized access by any person as acts done without
the permission of the owner, which includes:
Accessing or securing access to such computer, computer system or
computer network,
Downloading, copying or extracting any data or information for such
computer, computer system or computer network including information or
data held or stored on any removable storage medium,
Introducing any computer virus or contaminant in the computer, computer
system or network,

Damaging the computer, computer system or network,

Disrupting the working of the computer, computer system or network,
Disrupting the access of the computer, computer system or network to an
authorized user
Providing assistance to ensure unauthorized access to the computer,
computer system or network,
The penalty to be paid by the person for unauthorized access by way of
compensation not exceeding one crore rupees to the affected person.

2. Discuss the adjudicatory processes incorporated in the Act.

AnswerAdjudicatory Process: A reasonable opportunity is given to the person being
charged with contravention of the Act by the adjudicating officer. When the
adjudicating Officer is satisfied that there had been a contravention of the
Act, he imposes such penalty or award compensation in accordance with the
provisions of that section. While adjudging the quantum of compensation
under this section the adjudicating officer shall take into consideration the
amount of gain of unfair advantage wherever quantifiable made as a result of
the default, the amount of loss caused to any person as a result of the default
and the repetitive nature of the default. The adjudicating officer also has the
powers of the Civil Court, which are conferred on the Cyber Appellate
Tribunal.

Unit 13 (Amendments to current legal provisions)

1. What is the meaning of the word 'commercial' as interpreted in the

Information Technology Act?
AnswerInformation Technology Act of India is based on the UNCITRAL Model Law for
Electronic Commerce. This Model Law lays down that the term "commercial",
should be given a wide interpretation so as to cover matters arising from all
relationships of a commercial nature, whether contractual or not.

2. What is UNCITRAL?
AnswerUNCITRAL stands for United Nations Commission on International Trade Law.
UNCITRAL was established by the General Assembly in 1966 (Resolution
2205(XXI) of 17 December 1966). The General Assembly gave the
Commission the general mandate to further the progressive harmonization
and unification of the law of international trade. The Commission has since
come to be the core legal body of the United Nations system in the field of
international trade law.

3. If a person commits a cyber crime outside India, such as fabricating a

record, does the amended definition of 'evidence' and 'fabrication of record'
will make him/her liable under the IT Act?
AnswerYes the person will be liable under the Information Technology Act as this act
not only extends to the whole of India, but also applies to any offence or
contravention committed outside India by any person.

4. Why it was necessary to introduce changes in the existing legislations

along with the enactment of Information Technology Act?
AnswerThe earlier legislations that governed the commercial transactions were
applicable only to paper documents. In view of the Information Technology
Act, it was necessary that these legislations treat electronic documents and
electronic transactions at par with paper documents and offline transactions.

5. What constitutes evidence and how electronic evidence is different from

paper evidence?
AnswerUnder the Indian Evidence Act, 1872, two types of evidences are recognized,
oral evidence and documentary evidence. The documentary evidences are
classified as primary evidence and secondary evidence. Primary evidence is
the 'original' paper or document where as secondary evidence is where the
contents of the original will have to be proved or brought to the record. On

the other hand, an electronic record is an original as well as in duplicate or it

is primary as well as secondary evidence at the same time.