Introduction
Cloud Computing is all about technology and business model. It is emerging as a persistent and consumer-driven utility that is attracting great interest from entrepreneurs, innovators and technology evangelists, as well as the public at large. Cloud Computing affects people, process and technology of the enterprise. In spite of having benefits with Cloud computing paradigm such as efficiency, flexibility, easy set up and overall reduction in IT cost, cloud computing paradigm could raise privacy and confidentiality risks.
Problem Area
Now the problem arises, does our present Indian IT Act 2000 is capable to regulate the cloud computing environment? Or there is a need of new framework to regulate this.
Solution
The cloud itself is a set of computer, computer system, computer network, storage, data, services and interfaces that enable the delivery of computing as service. Cloud services include the delivery of software, infrastructure and storage over the internet based on user demand.
And Indian IT Act 2000 defines all these in Section 2 and its sub-sections as follows:
- Section 2 (ha)
This section defines “Communication Device”, means cell phone, personal digital assistance or combination of both or any other device used to communicate, send or transmit any text, video audio or image.
Explanation:
In cloud computing communication devices plays a very vital role, such as transfer and receiving of electronic data. This section defines the “Communications Device” used to communicate, send or transmit electronic data.
- Section 2 (i)
This section defines “Computer”, means any electronic, magnetic, optical or other high speed data processing device or system which performs logical, arithmetic and memory functions by manipulates of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer
software or communication facilities which are connected or related to the computer in a computer system or computer network
Explanation:
Cloud computing environment consists of computers which as per section 2(i) performs all the possible operations like input, output, processing, storage, computer software or communication etc. and using cloud computing the service providers provides various services like PaaS, IaaS & SaaS using computers.
- Section 2(j)
i) The use of satellite, microwave, terrestrial line, wire, wireless or other communication media and;
ii) Terminals or a complex consisting of two or more interconnected computers or communication device whether or not the inter-connection is continuously maintained
Explanation:
Cloud computing environment consists of a computer network, which consists of one or more computer systems or communication devices, so as to process, store high volume of data, and makes the transfer and receiving of data possible using communication devices. Cloud services are made available through internet and intranet infra-structure. Such infra-structure consists of various communications media as defined above and also contains various interconnected computers or communication devices.
- Section 2(k)
Explanation:
Cloud environment consists of computer resources including computer system, computer network, data, database, software etc. Computer system, computer network, data, database, software etc all plays a vital role in cloud computing environment and all these comes in the category of the computer resources as defined in this section.
- Section 2(l)
input data and output data that performs logic, arithmetic, data storage and retrieval, communication control and other functions
Explanation:
Cloud environment consists of computer system as it contains all the devices, programmes, processes, storage, communication and other functions mentioned in the above said section.
- Section 2(nb)
Explanation:
Cloud service providers; implement various security measures so as to protect stored user information, equipment, computer, computer resource etc. from unauthorized access, use, modification or destruction. Various tools and best practices are being used by the service providers so as to protect the data and resources.
- Section 2(o)
Explanation:
In cloud computing various services are being provided in relation to user data i.e. a representation of information, knowledge, facts concepts or instructions. And this data may be collected from the various categories of users like service consumers, client, service host etc.; and the data is collected and represented in a formalized manner and is being processed in a computer system or computer network through various hosted services and interfaces and also stored in the SAN networks.
- Section 2(r)
Explanation:
In cloud computing environment the information is generated, sent, received, processed or stored using various mediums like magnetic, optical computer memory. So the data in the cloud computing environment is in the electronic form.
- Section 2(t)
Explanation:
In cloud computing environment the information is generated, sent, received, processed or stored in the electronic form as said in the above Section 2(r) of IT Act 2000, so the data in the cloud computing environment is the electronic record.
- Section 2(u)
Explanation:
In cloud computing environment various services are provide in form of functions too. As in the case of SaaS, various services are exposed using APIs so as to provide various business/scientific (and many more) functionalities; which are processed by computer including the logic, control various mathematical calculations, storage and retrieval of information/data.
- Section 2(v)
Explanation:
In cloud computing environment the information is generated, sent, received, processed or stored; and that information consists of data, message, text, image, sound voice, programmes, services in form of software and database etc.
- Section 2(w)
Explanation:
In cloud environment, the cloud service provider acts as an intermediary; as it provides various services including web-hosting services, network services, platform services, infrastructure services and many more.
Cloud Environment Type & fitment in IT ACT 2000
Cloud environment based on infrastructure/services is classified as IaaS(Infrastructure as a Service), PaaS(Platform as a Service) & SaaS(Software as a Service).
In IaaS, infrastructure is provided as the service; which includes various computers, computer system, computer network, communication device, storage network etc.
In PaaS, platform is provided as service; which includes various computer systems and resources and various software to available as service to the end users. This also provides platform to store, develop, test, deploy processes, application and data.
In SaaS, software is provided as service; which includes various software/applications/programmes as service, which process the data in electronic form and also uses input, output and storage in electronic form.
Summary
As per the sections of Indian Information Technology Act 2000 described above, the legal infrastructure/framework for the Cloud Computing and its environment already exists; as all the various services, platform, infrastructure are defined in the Section 2 and its subsections of IT ACT 2000.
Further in other sections of IT ACT 2000, various contraventions and offences related to Information technology and Cyber World are defined. In Section 43 of Indian IT ACT 2000, various contraventions related to IT are defined. In Section 66, 66 A-F, 67, 67A-C various offences are defined.
The only need is to educate people and to define the new guidelines so as to monitor the cloud environment for better and safe service.
