Law on information and communication technology
ICT is being developed at a tremendous speed and computer is the
major invention or the result of the same. Outcome of ICT has been used
by all professions or businesses in the world like for surgeries done by
surgeons in theatres equipped with Information Technology goods or
Engineers design bridges or buildings using computers and accountants
also make their accounts on computers. There are rules that govern even
Likewise, Information and Communication Technology also must have
governing laws and rules for its existence. Law relating to ICT is not
an isolated subject. Its involvement could be seen in any given area
like criminal law, civil law, labour law, intellectual property law,
taxation law and so on.
Development of laws dealing with ICT
The laws are being developed to improve ICT and resolve its disputes
However, it is impossible to make changes or introduce laws and
regulations on every change or modification in ICT.
Therefore, there must a governing framework and guidance under ICT
Law to deal with its present and possible future problems.
CT law development in other jurisdictions
In the UK Computer Misuse Act (1990), Trade Marks Act (1994),
Defamation Act (1996), Data Protection Act (1998), the Copyright and
Related Regulations (1996), Electronic Communication Act (2000),
Telecommunications Regulations (1999), ‘The Consumer Protection (Distant
Selling) Regulations (2000) have been introduced to fulfill obligations
upon international treaties and agreements entered into by the United
Kingdom. There is a rapid development in ICT Law in the neighbouring
Likewise, necessary legislation has been introduced in countries like
United States of America, Malaysia and Australia.
Development of legislation under ICT in Sri Lanka
Computer evidence is neither original evidence nor derivative
evidence. This is the situation in Sri Lanka and in Benwell vs. Republic
of Sri Lanka it was held that computer evidence is in a category of its
Under the law of Sri Lanka, computer evidence is not admissible under
the Evidence Ordinance.
There was a need to have law reforms regarding acceptance of computer
evidence regarding acceptance of computer evidence.
Acts and regulations introduced in Sri Lanka relating to ICT
The Evidence (Special Provisions) Act No. 14 of 1995, the Information
and Communication Technology Act No. 27 of 2003, the Payment and
Settlement Systems Act No. 28 of 2005, the Electronic Transactions Act
No. 19 of 2006, the Payment Devices Frauds Act No. 30 of 2006 and the
Computer Crime Act No. 24 of 2007. Further, Telecommunications Act No.
25 of 1991 and No. 27 of 1996 were enacted introducing the
Telecommunications Regulatory Commission of Sri Lanka (TRCSL) and
Interconnection Rules 2003 have been introduced and Director-General of
TRCSL has issued the public notice on International Traffic bypass
Control Rules of 2003.
Purpose of enacting the Information Technology Act
The purpose is explained in the preamble of the Act No. 27 of 2003 as
“to provide provisions for the establishment of the National Committee
on Information and Communication Technology of Sri Lanka and to provide
for the setting out of National Policy on ICT and for the preparation of
an action plan, the appointment of a Task Force for ICT, the
establishment of the ICTA of Sri Lanka charged with the implementation
of the National Policy in both the public and private sectors and for
the matters connected therewith or incidental thereto.”
Main objective of the Evidence (Special Provisions) Act No. 14 of
The main objective of the Act is “to provide for the admissibility of
audiovisual recordings and information contained in statements produced
by computers in civil and criminal proceedings and to provide for
matters connected therewith or incidental thereto.”
Electronic Transactions Act in Sri Lanka
By introducing the Electronic Transactions Act No. 19 of 2006,
Parliament intended to recognise and facilitate the formation of
contracts, the creation and exchange or data messages, electronic
documents, electronic records and other communications in electronic
form in Sri Lanka.
Further, the Act provides for the appointment of a Certification
Authority and accreditation of Certification Service Providers and
matters connected therewith or incidental thereto.
Other relevant laws dealing with ICT in Sri Lanka
One of the objectives of section 2 of the Payment and Settlement
Systems Act No. 28 of 2005 is to facilitate the electronic presentment
Provisions of Payment Devices Frauds Act No. 30 of 2006 deal with
fraudulent transactions that have taken place in connection with
electronic devices as well.
The Computer Crime Act No. 24 of 2007 has been enacted to provide for
the identification of computer crimes and to provide the procedure for
the investigation and prevention of such crimes and to provide for
related matters therewith.
Practical aspects relating to applicability of ICT law
As far as the present legal provisions are concerned, Sri Lanka is
not second to any other developed or developing country in dealing with
ICT related matters subject to few exceptions. However, there is no
legislation for data protection or privacy policies to handle some ICT
related issues efficiently. As far as the experiences in other
jurisdictions are concerned there can be a number of practical issues
due to lack of the said laws in Sri Lanka.
What is the way forward?
There is no debate that until the investigators are trained, fully
equipped computer forensic laboratories are setup and the knowledge of
Judges, lawyers and academics involved in ICT related matters are
improved; these laws and rules will be confined only to books. These
practical aspects should be gradually resolved. Educating the public
will immensely contribute to improve the situation.