Monday, October 7, 2002		Book Review

THE phenomenal growth of the Internet is unparalleled. On the one hand the Internet has a stake in the economies of the world while on the other it has gripped popular imagination by providing easy communication, entertainment, leisure and relaxation. The global village is more of a reality today than it was ever before. The Internet is continually changing the dynamics of the world. The law needs to be alive to this change in society. Roscoe Pound once said, "Legal order must be flexible as well as stable. Law must be overhauled continually and refitted continually to the change in social life which it is to govern" With that goal in mind the Indian Parliament went about legislating the first cyber law and christened it the Information and Technology Act. It was never going to be easy legislating on a subject like information technology simply because technology is ever changing and more so in the cyber world. ‘Cyber Law - The Indian Perspective’ is perhaps the first commentary on the statute. Cyber jurisprudence is still in its embryonic stage and the book will go some distance in providing direction to this study. Duggal’s book throws up more questions than it answers but then that itself is a great feat. Articulating and bring these questions into the public domain is in itself a great service to cyber jurisprudence. Cyber laws are grappling with a range of issues and none of them have simple answers. Take, for example, the issue of jurisdiction. In the good old days it was the "law of the land" that prevailed but the Information Technology Act provides for extra-territorial jurisdiction (with good reason) although in the prevailing circumstances the provision is of mere academic value (The provision may have more meaning once an international machinery to check cyber crimes is put in place). Duggal analyses the issue of jurisdiction from all angles, never failing to cite cases of other countries where the argument so demands. It is exciting and stimulating to the legal mind to see how the judiciary in other parts of the world is tackling these problems. The regulation of the Internet (and, mind you, regulation is essential) poses some unique problems to the lawmakers. The Internet threatens to turn on its head some settled principles of law and will definitely pose some peculiar questions to the judiciary. It seems that cyber law is pressing hard against the existing and settled boundaries of legal principles to evolve and adapt to new and unforeseen circumstances and unique issues that the cyber world presents. In that context the legislation is a futuristic attempt providing some guidelines, a broad framework to the judiciary that in any case is probably ill-equipped to appreciate technical nuances of cyber law. Therefore the special tribunal envisaged in the Act will be very beneficial.

The book brings some legitimate apprehensions to the fore. Like the absence of a comprehensive PKI (Public Key Infrastructure) policy, which is so essential to e-commerce, one of the objectives of the Act. The Act simultaneously empowers both the controller under Section 28 and the adjudicating officer under Section 46(1) of the IT Act to investigate or inquire into contraventions mentioned in Chapter IX. Another faux pas brought out is the requirement of a CPS (certification practice statement) from prospective users of Digital Signature Certificates that is wholly erroneous and needs to be amended immediately.

The book deals at length with the chapter on offences. It provides a brief write up of the cases currently being investigated. The author has made some interesting observations regarding the need to balance "right to privacy" with national security concerns. The one that got me really thinking was his view that S. 69(2), (3) maybe ultra vires the Constitutional mandate and the fundamental right guaranteed under Article 20(3) which is the right against self-incrimination. Section 69 deals with the Controller’s power to intercept information on grounds of national security etc. Clauses 2 and 3 of this section mandate that the subscriber or any person in charge of the computer resource, shall extend all facilities and technical assistance to decrypt information. Any failure to extend such help may lead to imprisonment that may extend to seven years.

One may not agree with all the propositions put forward by the author, nonetheless his book does help in understanding the Information Technology Act better. Most importantly the book gets you thinking. What more can a lawyer ask for?