Section 42 of ITA, 2000 : Section 42: Control Of Private Key

Explanation using Example

Let's consider John, who is a subscriber of a Digital Signature Certificate. He uses this for signing official documents digitally. According to Section 42(1) of The Information Technology Act, 2000, John needs to ensure that he takes reasonable measures to keep the private key of his digital signature secure. This could mean storing it in a secure location or using strong, unique passwords.

One day, John notices some suspicious activity related to his digital signature. He suspects that his private key might have been compromised. As per Section 42(2), John immediately informs his Certifying Authority about the potential compromise of his private key. He does this by sending them an official email, as specified in their regulations.

However, until the moment John informed the Certifying Authority about the compromise, any misuse of his digital signature due to the compromised private key would be his liability. This is clarified in the Explanation of Section 42.