Cyber Law in India

The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb

Cyber-crime can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code. The abuse of computers has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000

Cyber Law is the law governing cyber space. It is a very wide term and includes computers, networks, software, data storage devices (such as hard disks, USB disks etc), the Internet, websites, emails and even electronic devices such as cell phones, ATM machines etc.

Cyber law encompasses laws relating to: o o o o 1. Cyber Crimes 2. Electronic and Digital Signatures 3. Intellectual Property 4. Data Protection and Privacy

Cyber crime is the latest and perhaps the most complicated problem in the cyber world. It may be said to be those species, of which, genus is the conventional crime, and where either the computer is an object or subject of the conduct constituting crime. Cyber crimes are unlawful acts where computer is used either as a tool; or a target; or both.

Cybercrimes can be basically divided into three major categories: 1. Cybercrimes against persons. 2. Cybercrimes against property. 3. Cybercrimes against government.

Cybercrimes committed against persons: It include various crimes like transmission of child-pornography, harassment of any one with the use of a computer such as e-mail. The trafficking, distribution, posting, and dissemination of obscene material including pornography and indecent exposure, is one of the most important Cybercrimes known today.

Cybercrimes against property: These crimes include: o o o o Computer vandalism (destruction of others' property); Transmission of harmful programmes; Siphoning of funds from financial institutions; Stealing secret information & data.

Cybercrimes against government: Cyber terrorism is one distinct kind of crime in this category. The medium of Cyberspace is used by individuals and groups to threaten the international governments as also to terrorise the citizens of a country. This crime manifests itself into terrorism when an individual cracks; into a government or military maintained website.

Technical Aspects
Technological advancements have created new possibilities for criminal activity, in particular the criminal misuse of information technologies such as a. Unauthorized

access & Hacking:-

Access means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network. Unauthorized access would therefore mean any kind of access without the permission of either the rightful owner or the person in charge of a computer, computer system or computer network. b.

Trojan Attack:-

The program that act like something useful but do the things that are quiet damping. The programs of this kind are called as Trojans. c.

Virus and Worm attack:-

A program that has capability to infect other programs and make copies of itself and spread into other programs is called virus. e.

Denial of Service attacks:-

Flooding a computer resource with more requests than it can handle. This causes the resource to crash thereby denying access of service to authorized users. g.

Forgery:-

Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using sophisticated computers, printers and scanners. Also impersonate another person is considered forgery. h

. IPR Violations:-

These include software piracy, copyright infringement, trademarks violations, theft of computer source code, patent violations. etc.

i.

Cyber Terrorism:-

Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic control, telecommunication networks are the most likely targets. Others like police, medical, fire and rescue systems etc. j.

Banking/Credit card Related crimes:-

In the corporate world, Internet hackers are continually looking for opportunities to compromise a companys security in order to gain access to confidential banking and financial information. k.

E-commerce/ Investment Frauds:-

Sales and Investment frauds. An offering that uses false or fraudulent claims to solicit investments or loans, or that provides for the purchase, use, or trade of forged or counterfeit securities.

l.

Sale of illegal articles:-

This would include trade of narcotics, weapons and wildlife etc., by posting information on websites, auction websites, and bulletin boards or simply by using email communication. m

. Online gambling:-

There are millions of websites hosted on servers abroad, that offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering. n

. Defamation: -

Defamation can be understood as the intentional infringement of another person's right to his good name.

Cyber Stalking:Cyber stalking involves following a persons movements across the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc. q

. Identity Theft :-

Identity theft occurs when someone appropriates another's personal information without their knowledge to commit theft or fraud.

. Breach of Privacy and Confidentiality

Privacy Privacy refers to the right of an individual/s to determine when, how and to what extent his or her personal data will be shared with others. Confidentiality It means non disclosure of information to unauthorized or unwanted persons. In addition to Personal information some other type of information which useful for business and leakage of such information to other persons may cause damage to business or person, such information should be protected.

Need for Cyber Law:

o Cyberspace is an intangible dimension that is impossible to govern and regulate using conventional law. o o o o o o Cyberspace has complete disrespect for jurisdictional boundaries . Cyberspace handles gigantic traffic volumes every second. Cyberspace is open to participation by all. Cyberspace offers enormous potential for anonymity to its members. Cyberspace offers never-seen-before economic efficiency . Electronic information has become the main object of cyber crime .

o Here the original information , so to say, remains in the possession of the owner and yet information gets stolen

IT Act of India 2000

The primary source of cyber law in India is the Information Technology Act , 2000 (IT Act) which came into force on 17 October 2000. The primary purpose of the Act is to provide legal recognition to electronic commerce and to facilitate filing of electronic records with the Government.Information Technology Act 2000 consisted of 94 sections segregated into 13 chapters. Four schedules form part of the Act. This Act aims to provide the legal infrastructure for e-commerce in India. And the cyber laws have a major impact for e-businesses and the new economy in India. So, it is important to understand what are the various perspectives of the IT Act, 2000 and what it offers. The Information Technology Act, 2000 also aims to provide for the legal framework so that legal sanctity is accorded to all electronic records and other activities carried out by electronic means. The Act states that unless otherwise agreed, an acceptance of contract may be expressed by electronic means of communication and the same shall have legal validity and enforceability.

Some highlights of the Act are listed below:

*Chapter-II of the Act specifically stipulates that any subscriber may authenticate an electronic record by affixing his digital signature. Chapter-III of the Act details about Electronic Governance and provides inter alia amongst others that where any law provides that information or any other matter shall be in writing or in the typewritten or printed form, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is rendered or made available in an electronic form; and accessible so as to be usable for a subsequent reference. Chapter-IV of the said Act gives a scheme for Regulation of Certifying Authorities. The Act envisages a Controller of Certifying Authorities who shall perform the function of exercising supervision over the activities of the Certifying Authorities as also laying down standards and conditions governing the Certifying Authorities as also specifying the various forms and content of Digital Signature Certificates. Chapter-VII of the Act details about the scheme of things relating to Digital Signature Certificates. The duties of subscribers are also enshrined in the said Act. Chapter-IX of the said Act talks about penalties and adjudication for various offences. The penalties for damage to computer, computer systems etc. has been fixed as damages by way of compensation not exceeding Rs. 1,00,00,000 to affected persons. Chapter-X of the Act talks of the establishment of the Cyber Regulations Appellate Tribunal, which shall be an appellate body where appeals against the orders passed by the Adjudicating Officers, shall be preferred. Chapter-XI of the Act talks about various offences and the said offences shall be investigated only by a Police Officer not below the rank of the Deputy Superintendent of Police.

The Information Technology Amendment Act, 2008

The Information Technology Amendment Act, 2008 (IT Act 2008) has been passed by the parliament on 23rd December 2008. It received the assent of President of India on 5th February, 2009. The IT Act 2008 has been notified on October 27, 2009. o ITA 2008, as the new version of Information Technology Act 2000 is often referred, has provided additional focus on Information Security. It has added several new sections on offences

including Cyber Terrorism and Data Protection. In the 2008 version of the Act, there are 124 sections (excluding 5 sections that have been omitted from the earlier version) and 14 chapters. o o Schedule I and II have been replaced. Schedules III and IV are deleted.

Salient features of the Amendment Act :

o The term digital signature has been replaced with electronic signature to make the Act more technology neutral. o A new section 10A has been inserted to the effect that contracts concluded electronically shall not be deemed to be unenforceable solely on the ground that electronic form or means was used. o A new section 43A has been inserted to protect sensitive personal data or information dealt, possessed, or handled by a body corporate. o New sections 66A to 66F prescribe punishment for offenses such as obscene electronic message transmissions, identity theft, cheating by impersonation using computer resource, violation of privacy & cyber terrorism. o Section 67 of the old Act is amended to reduce term of imprisonment for publishing or transmitting obscene material in electronic form to 3 years from 5 years and increase the fine thereof from Rs.100,000 to Rs. 500,000. o Sections 67 A and B insert penal provisions in respect of offenses of publishing/ transmitting of material containing sexually explicit act and child pornography in electronic form. o In view of the increasing threat of terrorism, amended section 69 giving power to the state to direct interception or monitoring of decryption of any information through any computer resource. o Sections 69 A and B, grant power to the state to direct blocking for public access of any information through any computer resource and to authorize to monitor and collect traffic data or information through any computer resource for cyber security. o Section 79 of the old Act which exempted intermediaries has been modified to the effect that an intermediary shall not be liable for any 3 rd party information data or communication link made available or hosted by him, subject to certain conditions. o A proviso has been added to Section 81 which states that the provisions of the Act shall have overriding effect.