Due Diligence – Is your online business or e-commerce website compliant with Information Technology Act?

Controlling Cyber Crimes

Prevention of white collar crimes, especially socioeconomic offences and crimes related to computers, has been paid due attention over the years by the Indian Government.  After the recent amendment to the Information Technology Act, 2000, more provisions have been included to prescribe guidelines and punishment related to cyber crimes, from hacking to pornography.

Cyber crime has become a profession and the demographic of your typical cyber criminal is changing rapidly, from bedroom-bound geek to the type of organized gangster more traditionally associated with drug-trafficking, extortion and money laundering.

It has become possible for people with comparatively low technical skills to steal thousands of pounds a day without leaving their homes. In fact, to make more money than can be made selling heroin (and with far less risk), the only time the criminal need leave his PC is to collect his cash. Sometimes they don’t even need to do that.

Internet Fraud

The term Internet fraud refers to any type of fraud scheme that uses email, web sites, chat rooms or message boards to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions or to transmit the proceeds of fraud to financial institutions or to other connected with the scheme.

What Online Businesses should do as per Information Technology Act?

IT Act 2000 not only prescribes punishments relating to cyber crimes, but also prescribes guidelines to those engaged in online businesses.   Some of the recommendations provided under the IT Act are:

1)  Privacy Policy

2)  Terms & Conditions

3)  Cookie Policies

4)  Data Security and Storage Policies

5)  SSL Certificate

Although these are recommendations, one needs to implement the above as a prerequisite to contract with any Payment Gateway vendors.

These documents will, in most cases, act as a contractual agreement between the website owner, visitor browsing the web site, and potential and existing customers.  These documents come in handy in cases of disputes.

How to implement?  Can I copy-paste from other sites?

Generally copy-pasting is what most of the website owners do, this pretty much works for normal websites.  However, if you are running an online business, you need to draft these documents/agreements according to your business requirements.

Therefore, it is recommended in one’s best interest to get in touch with a good cyber crime lawyer for those requirements.

What is Online Business Due Diligence?

E-business due diligence is a process of checking an online business to make sure it is fully in compliant with the Information Technology Act and other Penal laws existing in India and if required around the world.