Section 18 of ITA, 2000 : Section 18: Functions Of Controller

Bare Act

The Controller may perform all or any of the following functions, namely:

1. exercising supervision over the activities of the Certifying Authorities;
2. certifying public keys of the Certifying Authorities;
3. laying down the standards to be maintained by the Certifying Authorities;
4. specifying the qualifications and experience which employees of the Certifying Authority should possess;
5. specifying the conditions subject to which the Certifying Authorities shall conduct their business;
6. specifying the contents of written, printed or visual materials and advertisements that may be distributed or used in respect of an electronic signature Certificate and the public key;
7. specifying the form and content of an electronic signature Certificate and the key;
8. specifying the form and manner in which accounts shall be maintained by the Certifying Authorities;
9. specifying the terms and conditions subject to which auditors may be appointed and the remuneration to be paid to them;
10. facilitating the establishment of any electronic system by a Certifying Authority either solely or jointly with other Certifying Authorities and regulation of such systems;
11. specifying the manner in which the Certifying Authorities shall conduct their dealings with the subscribers;
12. resolving any conflict of interests between the Certifying Authorities and the subscribers;
13. laying down the duties of the Certifying Authorities;
14. maintaining a database containing the disclosure record of every Certifying Authority containing such particulars as may be specified by regulations, which shall be accessible to the public.

Simplified Act

The Controller has the power to do the following:

1. Watch over the work of Certifying Authorities (organizations that issue digital certificates).
2. Approve the public keys used by Certifying Authorities.
3. Set the standards that Certifying Authorities must follow.
4. Decide what kind of education and experience the employees of a Certifying Authority need to have.
5. State the rules under which Certifying Authorities can operate.
6. Control what can be included in ads and information about electronic signature certificates and public keys.
7. Determine how electronic signature certificates and keys should look and what information they should contain.
8. Dictate how Certifying Authorities should keep their financial records.
9. Set the terms...

Explanation using Example

Let's consider a hypothetical scenario to understand the application of Section 18 of The Information Technology Act, 2000.

Suppose there's a company named SecureSign Pvt. Ltd. that operates as a Certifying Authority (CA) and provides electronic signature certificates. The Controller, as per the IT Act, has several responsibilities towards SecureSign Pvt. Ltd. and its subscribers.

Firstly, the Controller is responsible for supervising the activities of SecureSign Pvt. Ltd. to ensure they are in line with the standards set by the Controller. If SecureSign Pvt. Ltd. wants to run an advertisement campaign, the contents of the campaign materials must be approved by the Controller.

Secondly, the Controller specifies the qualifications and experience required for employees at SecureSign Pvt. Ltd. This ensures that ...