Formally called The Information Technology Act of 2000, one of the primary objectives of the law was to facilitate e-commerce by giving recognition to digital signatures.
The law also aimed at providing a thrust to e-governance by extending legal recognition to electronically filed documents.
Two years down the line, digital signatures are yet to become common for the common man. Though three digital certification authorities have been licenced so far SafeScript (a Satyam group company), Institute for Development and Research in Banking Technology (an arm of the Reserve Bank of India) and National Informatics Centre only a few corporates have chosen digital signature as an authentication tool.
Successful e-commerce requires e-payments infrastructure. The law is silent on e-payments, says Cyber laws expert and Supreme Court advocate Pavan Duggal.
There also has not been any perceptible progress on the e-governance front. Electronic filing with the government is possible only when the government specifies the format. That has not been done so far, says Duggal.
While the law sought to provide an enabling environment for the e-sector on one end, it also charted out penalties for cyber crime and fraud. Whether it is hacking into a computer network, injection of a virus into the system, publication of obscene information or denial of access attacks, the law provides for imprisonment and damages which could go up to Rs 1 crore.
Many analysts have however questioned the efficacy of these laws. Not many cases have been registered and not a single case has been decided so far, says Duggal, who has also authored a book on the subject.
Benchmarked against the objectives of the law, only about 25-30 per cent success has been achieved. On one hand, some implementation effort is required and on the other, the law itself needs some changes, he said.
The law needs to be amended and expanded to include the following issues, according to Mr Duggal: Privacy and security of the data pertaining to the e-consumer, an issue which has not been addressed by the law; Protection for intellectual property rights of companies who get into e-commerce; legal recognition of and penalties for cyber terrorism.