Section 89 of ITA, 2000 : Section 89: Power Of Controller To Make Regulations

Explanation using Example

Let's imagine a scenario where a new technology emerges that allows more secure and efficient digital certification. The Controller of Certifying Authorities (CCA) in India, after consulting with the Cyber Regulations Advisory Committee, decides that this technology should be adopted by all Certifying Authorities (CAs) in India. However, this would require new regulations to be implemented.

The Controller, with approval from the Central Government, issues a notification in the Official Gazette, outlining these new regulations. These regulations might include:

• (a) The specifics of how each CA should maintain a database of disclosure records using this new technology;
• (b) The conditions under which the Controller may recognize a foreign CA that already uses this new technology;
• (c) The terms and conditions for granting a license to a CA that wishes to adopt this new technology;
• (d) Other standards that a CA must observe when using this new technology;
• (e) The way in which a CA should disclose matters using this new technology;
• (f) The details that should accompany an application when a CA applies to use this new technology;
• (g) The method by which a subscriber should communicate the compromise of a private key to a CA using this new technology.

These new regulations are then laid before each House of Parliament. If both Houses agree to any modifications, or decide that the regulations should not be made, the regulations will only have effect in the modified form or will not take effect at all. However, this does not affect the validity of anything previously done under these regulations.