Cyber Forensics
The increasing plethora of Digital Devices across the world has emerged the
issue of digital security and thereby increasing the huge number of crimes in
the cyber world. Digital Forensics is a way of collecting evidence that requires
the usage of apt forensic tools and technical knowledge which play an important
part in the Administration of Justice relating to digital crimes.
Confidentiality of Evidence is a very dynamic and intricate process.
In the absence of sufficient evidence even the Judiciary is helpless to deliver justice, hence Digital Forensics plays a vital role in the technologically advancing era. Embedded endurance strategy needs sophisticated thinking at the Micro level (people, network, systems) as well as the Macro level (Organizational). The growing use of social sites and dependence on digital methods for e-payment have emerged the crimes of credit card scams and hacking of accounts.
Hackers have been able to break the security and were able to break through the secured systems of Banks, Organizations, and many more. The laws related to Information Technology are not so strong, only a few provisions carry strong penal provisions. The Information Technology Act, of 2000 was a breakthrough but still needs improvement.
As new crimes like Credit Card scams, WhatsApp scams, UPI Frauds, Remote Access Screen sharing Frauds, Scams using QR Codes and the list goes on, there is a strong need to update the existing laws and techniques to find the digital evidence and the Digital Forensics can play a vital role. The present Paper will cover the issues and challenges in the Cyber World and the Role of Digital Forensics in the administration of justice in the present era.
Introduction
Digital forensics sometimes known as 'digital forensic science' is a branch of forensic science encompassing the recovery, investigation, examination, and analysis of material found in digital devices, often in relation to mobile devices and computer crime. The term "digital forensics" was originally used as a synonym for computer forensics but has expanded to cover the investigation of all devices capable of storing digital data.[1] This field started growing with the usage of electronic devices viz. computer, mobile, internet, etc.
Thus, Digital Forensics can be defined as the process of preservation, identification, extraction, and documentation of sound computer evidence that can be used by a court of law. It is the science of finding evidence from digital media like a computer, mobile phone, server, or network. It provides the forensic team with the best techniques and tools to solve complicated digital-related cases.[2]
Concept
The concept of Digital Evidence was incepted from the legal process. Electronic evidence is a component of almost all criminal activities and digital forensics support is crucial for law enforcement investigations. Electronic evidence can be collected from a wide array of sources, such as computers, smartphones, remote storage, unmanned aerial systems, shipborne equipment, and more. The main goal of digital forensics is to extract data from the electronic evidence, process it into actionable intelligence and present the findings for prosecution. All processes utilize forensic techniques to ensure the findings are admissible in court.[3]
For the identification of the exact source of cybercrime, the very first requirement is to uniquely identify each device present in the network forensics protocol that ensures tracking up to the true source of digital evidence by collecting beforehand forensically sound evidence and the protocol can collect target data from the device in the form of a device fingerprint.[4]
There are basically five steps involved in this process, first is the identification, the purpose of the investigation and the resource required for the same. Experts need to see What, Where and How the data is stored. The second step is securing and preserving the data. This step includes preventing people from using the digital device so as to save the device from tempering. The third step is analyzing, the identification of tools and techniques need to be identified for processing data and interpreting the results in this step. However, it might take numerous iterations of examination to support a specific crime theory.
The fourth step is documentation of the crime scene, a record of all the visible data must be created. It helps in recreating the crime scene and reviewing it. It involves proper documentation of the crime scene, sketching, and crime-scene mapping along with pictures and graphs. The last step is arranging and presentation of the digital evidence so collected. However, it should be written in layperson's terms using abstracted terminologies. All abstracted terminologies should reference specific details.[5]
The varied branches of the field largely explain the distributed nature of evidence to be collected when a computer/cybercrime is reported or suspected to have been perpetrated. In evidence law, digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use at trial. To be admissible in the court, a piece of evidence must be relevant and its probative value must outweigh any prejudicial effect.[6]
SIM Swap Scam
SIM Swap Scam occurs when fraudsters manage to get a new SIM card issued against a registered mobile number fraudulently through the mobile service provider. With the help of this new SIM card, they get One Time Password (OTP) and alerts, required for making financial transactions through victim's bank account. Getting a new SIM card against a registered mobile number fraudulently is known as SIM Swap.
Credit card (or debit card) fraud
Credit card (or debit card) fraud involves an unauthorized use of another's credit or debit card information for the purpose of purchases or withdrawing funds from it.
Impersonation and identity theft
Impersonation and identity theft is an act of fraudulently or dishonestly making use of the electronic signature, password or any other unique identification feature of any other person.
Phishing
Phishing is a type of fraud that involves stealing personal information such as Customer ID, IPIN, Credit/Debit Card number, Card expiry date, CVV number, etc. through emails that appear to be from a legitimate source.
Spamming
Spamming occurs when someone receives an unsolicited commercial messages sent via email, SMS, MMS and any other similar electronic messaging media. They may try to persuade recepient to buy a product or service, or visit a website where he can make purchases; or they may attempt to trick him/ her into divulging bank account or credit card details.
Ransomware
Ransomware is a type of computer malware that encrypts the files, storage media on communication devices like desktops, Laptops, Mobile phones etc., holding data/information as hostage. The victim is asked to pay the demanded ransom to get his device decrypted.
Virus
A computer Virus is a program written to enter to your computer and damage/alter your files/data and replicate themselves.
Worms
Worms are malicious programs that make copies of themselves again and again on the local drive, network shares, etc.
Trojan horse
A Trojan horse is not a virus. It is a destructive program that looks as a genuine application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. Trojans open a backdoor entry to your computer which gives malicious users/programs access to your system, allowing confidential and personal information to be theft.
Data Breach
A data breach is an incident in which information is accessed without authorization.
Denial of Services (DoS) attack is an attack intended for denying access to computer resources without the permission of the owner or any other person who is in charge of a computer, computer system, or computer network. A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
Website Defacement
Website Defacement is an attack intended to change the visual appearance of a website and/ or make it dysfunctional. The attacker may post indecent, hostile, and obscene images, messages, videos, etc.
Cyber-Squatting
Cyber-Squatting is an act of registering, trafficking in or using a domain name with the intent to profit from the goodwill of a trademark belonging to someone else.
Pharming
Pharming is a cyber-attack aiming to redirect a website's traffic to another, bogus website.
Cryptojacking
Cryptojacking is the unauthorized use of computing resources to mine cryptocurrencies.
Online Drug Trafficking
Online Drug Trafficking is the crime of selling, transporting, or illegally importing unlawful controlled substances, such as heroin, cocaine, marijuana, or other illegal drugs using electronic means.
Espionage
Espionage is the act or practice of obtaining data and information without the permission and knowledge of the owner.
Digital Crime and Digital Forensic in India
The bed lock of digital forensics started in the 1840s when Hans Gross (1847-1915) used scientific studies in a criminal investigation. Later in 1942, Forensic Bureau Investigation (FBI) in the USA established a forensic laboratory to provide forensic services to all local authorities. In 1978, after the first-ever computer crime happened, Florida Computer Crime Act came in to force. In 1992, the term 'Computer Forensics' was used for the first time in literature.
This helped in the establishment of the International organization on Computer Evidence (IOCE) in 1995. Computer forensics came to its prominence in the year 2000 with the foundation of the first Regional computer forensic laboratory by the FBI. Consequently, the first book on Computer Forensics by the Scientific Working group on digital evidence (SWGDE), called "Best Practices for Computer Forensics" was published in the year 2002. In 2010, Simson Garfinkel incorporated digital evidence in the forensic investigation processes.
As far as Digital forensics in India is concerned, the evolutionary process has been slow. In India, there is not even a single codified statute or law which deals with Computer forensics. The reason can be the fact that technology law is still in its nascent stage in India. There are no regulations and rules governing digital forensics, so if someone wants to become a cyber forensic, he has to complete a certified course on digital forensics after finishing his graduation.
There is not a single organization that governs the profession of digital forensics in India. The prime use of digital forensics in India is to deliver justice and solve complicated cases involving digital complexities. Hence, it becomes very essential to make a regulatory body that can see if the people in the profession are actually qualified enough to perform and manage this task. Most of the time, the court of law has to be dependent upon data and evidence which are gathered from the investigation of digital media.
The reason for the same is the fact that most people now have access to the internet which as a result is also increasing the number of crimes involving digital media. For example, If a woman is getting blackmailed on a messaging app, then the most effective way of proving it in court will be to give evidence, which in such cases, most of the time is in digital forms. The right to privacy is a fundamental right guaranteed under the constitution of India.
There is a chance of privacy infringement when the data in electronic forms are provided to forensic science analysts. It is reasonable to consider that forensic investigators should have the right to access all the data which can be helpful in tracking down the offender. But most of the time, the investigator also takes all the confidential information which is not needed for the case. So, the hazard of exploiting privacy is always there in the case of a digital forensics investigation.
Analogies can be made to the controversial Aadhar Card case when UDIAI collected all the information from the citizens of India on the behalf of the government. In such cases, if an unauthorized person gets access to the password, username, PIN, or any other such required information because of the forensic science analyst, then it will not be difficult for them to maneuver the account and use it for illegal purposes.[8]
In India, although the population is from different economic classes, yet the use of electronic devices is very popular amongst all age groups. The pandemic of COVID 19 has given rise to the use of e-methods be it education or work-from-home culture. Be it a child of 3 years or a man of 90 can easily be seen using a mobile phone, tablet, iPod, and laptop to name a few.
According to National Investment Promotion and Facilitation Agency, India is one of the largest consumer electronics markets in the Asia Pacific Region and the world's fastest-growing industry, Electronics System Design, and Manufacturing (ESDM) continues to transform lives, businesses, and economies across the globe. The global electronic devices market is estimated at $ 2.9 Tn in 2020. India's share in the global electronic systems manufacturing industry has grown from 1.3% in 2012 to 3.6% in 2019.[9]
India's exports are set to increase rapidly from $10 Bn in 2021 to $120 Bn in 2026. India's domestic production in electronics has increased from $ 29 Bn in 2014-15 to $ 67 Bn in 2020-21. Production of mobile handsets is further slated to increase in value from $30 Mn in 2021 to $ 126 Mn in 2026. India produces roughly 10 mobile phones per second which amounts to $950 worth of production every second. India's semiconductor market is expected to increase from $15 Bn in 2020 to $110 Bn in 2030, growing at a CAGR of 22%. Technology transitions such as the rollout of 5G networks and Internet of Things are driving the accelerated adoption of electronics products. Initiatives such as 'Digital India' and 'Smart City' projects have raised the demand for IoT in the electronics devices market and will undoubtedly usher in a new era for electronic products. India is expected to have a digital economy of $1 Tn by 2025.[10]
With this emerging number of users of electronic devices, emerges crime related to electronic devices. It creates a big challenge for evidence collection as we require expertise in the field who are equipped with the latest technology, legal procedure, and forensics know-how.
India reported 52,974 cases of cybercrime in 2021, an increase of over 5 percent from 2020 (50,035 cases) and over 15 percent from 2019 (44,735 cases), according to the latest government data. Over 70 percent of the cybercrime cases were reported from Telangana, Uttar Pradesh, Karnataka, Maharashtra, and Assam, the National Crime Records Bureau's (NCRB) 'Crime In India 2021' report showed. The average rate of cybercrime incidents (per one lakh population) was recorded at 3.9 in the country in 2021, stated the NCRB, which functions under the Ministry of Home Affairs. The charge-sheeting rate in cybercrime cases in 2021 was recorded at 33.8, the report showed, suggesting that the police probe was completed only in one-third of the cases registered across the country.[11]
In India, the point of consideration is the legal and judicial systems and their functioning which seems to be outmoded. With the rise of cyber-crimes, there is a need to change the current policies and built a new techno-legal framework to fight cyber-crime with the use of the latest forensic technologies. Crimes like email spoofing and Facebook account hacking are very common in India but due to weak legal implications and poor law enforcement, the criminals are set free to commit more crimes.
The cyber-crime conviction rate is very low in India, whereas cyber-crimes have continuously surged in India. Cyber-attacks in India are done by other countries like the USA, UAE, Pakistan, Nigeria, Saudi Arabia, etc. Crimes like email fraud, phishing, credit/debit card fraud, viruses, identity theft, etc. are very prevalent in India. There is a need of having strong cyber law monitoring and stringent cyber security. However, this can be achieved only if there is a decent digital infrastructure available with the proper mindset.[12]
It deals with extracting data from storage media by searching active, modified, or deleted files.
Network Forensics:
It is a sub-branch of digital forensics. It is related to monitoring and analysis of computer network traffic to collect important information and legal evidence.
Wireless Forensics:
It is a division of network forensics. The main aim of wireless forensics is to offer the tools need to collect and analyze the data from wireless network traffic.
Database Forensics:
It is a branch of digital forensics relating to the study and examination of databases and their related metadata.
Malware Forensics:
This branch deals with the identification of malicious code, to study their payload, viruses, worms, etc.
Email Forensics
Deals with recovery and analysis of emails, including deleted emails, calendars, and contacts.
Memory Forensics:
It deals with collecting data from system memory (System Registers, Cache, RAM) in raw form and then carving the data from the Raw dump.
Mobile Phone Forensics:
It mainly deals with the examination and analysis of mobile devices. It helps to retrieve phone and SIM contacts, call logs, incoming, and outgoing SMS/MMS, Audio, videos, etc.
The Information Technology Act, of 2000, serves as a useful illustration of the dearth of dynamism in digital rule-making in India. Though it forms the legislative bedrock of the country's online edifice, it has only been significantly amended once in 2008
In 2008, augmentations extended the meaning of "specialized gadgets" to incorporate cell phones and to reflect current use; validate electronic signatures and contracts; making the owner of a given IP address responsible for content accessed or distributed through it. Punishments range from detainment for a term that may extend to three years and a fine. Offenses that happen in a corporate setting can bring about additional managerial punishments and regulatory observations that can demonstrate difficulty in working together.
To summarise, the new Indian IT Act attempts to catch a few viewpoints managing individual information protection, Blackhat hacking, and digital illegal intimidation. Be that as it may, a solid and directed execution instrument is needed to moderate the prospects of the Act's abuse. It applies to organizations that work together in India. This incorporates substances, enrolled in India, re-appropriate there, and keeping up with servers inside the nation's lines. The demonstration covers activity of any kind including web trades and electronic records. It is said that the Information Technology Act, of 2000 has been adequately able to handle the challenges which are posed by the rapidly changing internet and information.
Over the last few years, India has emerged as a leading innovator when it comes to technological advancements and a primary market in the digital space.
At the same time, there had been raging concerns on aspects relating to data security and safeguarding the privacy of 130 crore Indians, such concerns also pose a threat to the sovereignty and security of our country. The Ministry of Information Technology received many complaints from various sources including several reports about the misuse of some mobile apps available on Android and iOS platforms for stealing and surreptitiously transmitting users' data in an unauthorized manner to servers that have locations outside India. The compilation of these data, it's mining, and profiling by elements hostile to the national security and defense of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which requires emergency measures.[14]
The Indian Cyber Crime Coordination Centre, Ministry of Home Affairs sent an exhaustive recommendation for blocking these malicious apps. The Computer Emergency Response Team (CERT-IN) has received many representations from citizens regarding the security of data and breach of privacy impacting public order issues.
Likewise, there have been similar bipartisan concerns, flagged by various public representatives, both outside and inside the Parliament of India. There has been a strong chorus in the public space to take strict action against Apps that harm India's sovereignty as well as the privacy of our citizens. On the basis of these and upon receiving credible inputs that such Apps pose threat to the sovereignty and integrity of India, the Government of India disallowed the usage of 59 Apps, used in both mobile and non-mobile Internet-enabled devices.[15]
This move safeguarded the interests of crores of Indian mobile and internet users. This decision was a targeted move to ensure the safety and sovereignty of Indian cyberspace.
New Initiatives
Government of India Ministry of Electronics and IT to promote e-Governance for empowering citizens, promoting the inclusive and sustainable growth of the Electronics, IT & ITeS industries, enhancing India's role in Internet Governance, adopting a multipronged approach that includes the development of human resources, promoting R&D and innovation, enhancing efficiency through digital services and ensuring secure cyberspace has taken following initiatives:
The Ministry of Electronics and Information Technology (MeitY) has notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules,2021 (referred to as "IT Rules, 2021") on 25th February 2021. The goals of these rules are to ensure an Open, Safe & Trusted, and Accountable Internet for all Indian Internet Users and Digital Nagriks. These rules have succeeded in creating a new sense of accountability amongst Intermediaries to their users, especially within Big Tech platforms.
However, as the digital ecosystem and connected Internet users in India expand, so do the challenges and problems faced by them, as well as some of the infirmities and gaps that exist in the current rule vis-a-vis the Big Tech platform. Therefore. New amendments have been proposed to the IT Rules 2021, to address these challenges and gaps.
As a part of the pre-legislative consultation process, a copy of the aforesaid draft amendment to the IT Rules 2021 has been uploaded on the website of the Ministry of Electronics and Information Technology (www.meity.gov.in) for public feedback and input. These are being offered for public consultation and comments from all stakeholders inviting feedback on the draft amendment to the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 relating to due diligence by an intermediary under rule 3(1)(b)(v).[17]
A European-led international treaty, the Convention on Cybercrime, came into force in 2004 with the aim of reconciling national computer crime laws, investigative techniques, and international cooperation The treaty has been signed by 43 nations (including the US, Canada, Japan, South Africa, UK, and other European nations) and ratified by 16. The issue of training also received attention. Commercial companies (often forensic software developers) began to offer certification programs, and digital forensic analysis was included as a topic at the UK specialist investigator training facility, Centrex.[18]
In the late 1990s, mobile devices became more widely available, advancing beyond simple communication devices, and were found to be rich forms of information, even for crime not traditionally associated with digital forensics. Despite this, digital analysis of phones has lagged behind traditional computer media, largely due to problems over the proprietary nature of devices. Focus has also shifted to internet crime, particularly the risk of cyber warfare and cyberterrorism.[19]
A February 2010 report by the United States Joint Forces Command concluded the following: Through cyberspace, enemies will target industry, academia, government, as well as the military in the air, land, maritime, and space domains. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication.
The field of digital forensics still faces unresolved issues. A 2009 paper, "Digital Forensic Research: The Good, the Bad and the Unaddressed" by Peterson and Shenoi, identified a bias towards Windows operating systems in digital forensics research. In 2010, Simson Garfinkel identified issues facing digital investigations in the future, including the increasing size of digital media, the wide availability of encryption to consumers, a growing variety of operating systems and file formats, an increasing number of individuals owning multiple devices, and legal limitations on investigators. The paper also identified continued training issues, as well as the prohibitively high cost of entering the field.[20]
Forensic backlogs are an increasing concern for many law enforcement agencies. Agencies must shift from simply collecting digital evidence to effectively analyzing the digital evidence collected. Media analysis is time-intensive and requires training to ensure that all pieces of evidentiary value are identified and processed.
Another problem is that the sheer volume of data or evidence files collected makes it difficult for agencies to keep up with the output. For example, a single cyber-crime investigation can result in hundreds of gigabytes of data, which can be captured and preserved, but not analyzed in a timely manner. This creates a forensic backlog that affects the lives of victims, is costly to the agency, and can hinder the prosecution's case against the offender. The solution is to utilize automated media exploitation tools that can process large volumes of data in a timely manner without requiring extensive expertise.
As a law enforcement officer, the forensic backlog problem can be a significant challenge. With the right approach and technology, it's possible to reduce your backlog and improve the overall efficiency of your forensic processes. In this article, we look at key strategies that can be used to reduce forensic backlogs and allow law enforcement to make the best use of their resources.
One key strategy that can be used to reduce forensic backlogs is by adopting an evidence-based approach to decision-making. This means that when considering which cases to prioritize, you should base your decisions on the evidence available. By doing this, you can ensure that you are focusing your efforts on the cases that are most likely to result in a conviction.
Another strategy that can be used to reduce forensic backlogs is by investing in technology. For example, you may want to consider investing in a digital evidence management system. This type of system can help you to streamline your evidence-gathering and processing, which can save you time in the long run.
Finally, it's also important to focus on training and education. By ensuring that your staff is properly trained in the latest forensic techniques, you can make sure that they can work efficiently and effectively. This can ultimately save you time and money, and help to reduce your forensic backlogs.
By following these key strategies, you can make a significant impact on your forensic backlogs. By taking an evidence-based approach, investing in technology, and focusing on training and education, you can help to streamline your processes and save time and resources.
Landmark Cases
Some Examples of Uses of Digital Forensics[30]
In recent times, commercial organizations have used digital forensics in the following a type of cases:
Disadvantages of Digital Forensics[32]
The major drawbacks of using Digital Forensic:
Conclusion[33]
A standardized and harmonized framework or solution that comprehensively captures thetechno-legal requirements of Digital Forensic is an indispensable tool for computer/cyber crime investigators and digital forensics experts to handle and/or otherwise process distributed digital evidence expeditiously for admissibility in the law courts.
Recommendations:
There is, first of all, the need to streamline existing laws and implement existing policies, technical and legal requirements for evidence admissibility. Standard procedures that are coherent and ensure harmony between lawyers, judges, forensic experts, law enforcement agencies, corporations, individuals, and the court must be adhered to. Secondly, the harmonization of cybercrime investigation and digital forensics practices across borders is essential for investigations that oftentimes involve more than one legal jurisdiction. Furthermore, heavy investments must be made to boost the capacities of the relevant institutions engaged in both digital evidence gathering and prosecution.[34]
End-Notes:
In the absence of sufficient evidence even the Judiciary is helpless to deliver justice, hence Digital Forensics plays a vital role in the technologically advancing era. Embedded endurance strategy needs sophisticated thinking at the Micro level (people, network, systems) as well as the Macro level (Organizational). The growing use of social sites and dependence on digital methods for e-payment have emerged the crimes of credit card scams and hacking of accounts.
Hackers have been able to break the security and were able to break through the secured systems of Banks, Organizations, and many more. The laws related to Information Technology are not so strong, only a few provisions carry strong penal provisions. The Information Technology Act, of 2000 was a breakthrough but still needs improvement.
As new crimes like Credit Card scams, WhatsApp scams, UPI Frauds, Remote Access Screen sharing Frauds, Scams using QR Codes and the list goes on, there is a strong need to update the existing laws and techniques to find the digital evidence and the Digital Forensics can play a vital role. The present Paper will cover the issues and challenges in the Cyber World and the Role of Digital Forensics in the administration of justice in the present era.
Introduction
Digital forensics sometimes known as 'digital forensic science' is a branch of forensic science encompassing the recovery, investigation, examination, and analysis of material found in digital devices, often in relation to mobile devices and computer crime. The term "digital forensics" was originally used as a synonym for computer forensics but has expanded to cover the investigation of all devices capable of storing digital data.[1] This field started growing with the usage of electronic devices viz. computer, mobile, internet, etc.
Thus, Digital Forensics can be defined as the process of preservation, identification, extraction, and documentation of sound computer evidence that can be used by a court of law. It is the science of finding evidence from digital media like a computer, mobile phone, server, or network. It provides the forensic team with the best techniques and tools to solve complicated digital-related cases.[2]
Concept
The concept of Digital Evidence was incepted from the legal process. Electronic evidence is a component of almost all criminal activities and digital forensics support is crucial for law enforcement investigations. Electronic evidence can be collected from a wide array of sources, such as computers, smartphones, remote storage, unmanned aerial systems, shipborne equipment, and more. The main goal of digital forensics is to extract data from the electronic evidence, process it into actionable intelligence and present the findings for prosecution. All processes utilize forensic techniques to ensure the findings are admissible in court.[3]
For the identification of the exact source of cybercrime, the very first requirement is to uniquely identify each device present in the network forensics protocol that ensures tracking up to the true source of digital evidence by collecting beforehand forensically sound evidence and the protocol can collect target data from the device in the form of a device fingerprint.[4]
There are basically five steps involved in this process, first is the identification, the purpose of the investigation and the resource required for the same. Experts need to see What, Where and How the data is stored. The second step is securing and preserving the data. This step includes preventing people from using the digital device so as to save the device from tempering. The third step is analyzing, the identification of tools and techniques need to be identified for processing data and interpreting the results in this step. However, it might take numerous iterations of examination to support a specific crime theory.
The fourth step is documentation of the crime scene, a record of all the visible data must be created. It helps in recreating the crime scene and reviewing it. It involves proper documentation of the crime scene, sketching, and crime-scene mapping along with pictures and graphs. The last step is arranging and presentation of the digital evidence so collected. However, it should be written in layperson's terms using abstracted terminologies. All abstracted terminologies should reference specific details.[5]
The varied branches of the field largely explain the distributed nature of evidence to be collected when a computer/cybercrime is reported or suspected to have been perpetrated. In evidence law, digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use at trial. To be admissible in the court, a piece of evidence must be relevant and its probative value must outweigh any prejudicial effect.[6]
Issue/cybercrimes along with their indicative explanation in India[7]
- Child Pornography/ Child Sexually Abusive Material
Child sexually abusive material (CSAM) refers to material containing the sexual image in any form, of a child who is abused or sexually exploited. Section 67 (B) of the IT Act states that "it is punishable for publishing or transmitting of material depicting children in the sexually explicit act, etc. in electronic form.
- Cyber Bullying
A form of harassment or bullying inflicted through the use of electronic or communication devices such as computer, mobile phone, laptop, etc.
- Cyberstalking
Cyberstalking is the use of electronic communication by a person to follow a person, or attempts to contact a person to foster personal interaction repeatedly despite a clear indication of disinterest by such person; or monitors the internet, email or any other form of electronic communication commits the offense of stalking.
- Cyber Grooming
Cyber Grooming is when a person builds an online relationship with a young person and tricks or pressures him/ her into doing a sexual act.
- Job Fraud
Online Job Fraud is an attempt to defraud people who are in need of employment by giving them false hope/ promise of better employment with higher wages.
- Sextortion
Online Sextortion occurs when someone threatens to distribute private and sensitive material using an electronic medium if he/ she doesn't provide images of a sexual nature, sexual favours, or money.
- Vishing
Vishing is an attempt where fraudsters try to seek personal information like Customer ID, Net Banking password, ATM PIN, OTP, Card expiry date, CVV etc. through a phone call.
- Sexting
Sexting is an act of sending sexually explicit digital images, videos, text messages, or emails, usually by cell phone.
- Smishing
Smishing is a type of fraud that uses mobile phone text messages to lure victims into calling back on a fraudulent phone number, visiting fraudulent websites or downloading malicious content via phone or web.
SIM Swap Scam
SIM Swap Scam occurs when fraudsters manage to get a new SIM card issued against a registered mobile number fraudulently through the mobile service provider. With the help of this new SIM card, they get One Time Password (OTP) and alerts, required for making financial transactions through victim's bank account. Getting a new SIM card against a registered mobile number fraudulently is known as SIM Swap.
Credit card (or debit card) fraud
Credit card (or debit card) fraud involves an unauthorized use of another's credit or debit card information for the purpose of purchases or withdrawing funds from it.
Impersonation and identity theft
Impersonation and identity theft is an act of fraudulently or dishonestly making use of the electronic signature, password or any other unique identification feature of any other person.
Phishing
Phishing is a type of fraud that involves stealing personal information such as Customer ID, IPIN, Credit/Debit Card number, Card expiry date, CVV number, etc. through emails that appear to be from a legitimate source.
Spamming
Spamming occurs when someone receives an unsolicited commercial messages sent via email, SMS, MMS and any other similar electronic messaging media. They may try to persuade recepient to buy a product or service, or visit a website where he can make purchases; or they may attempt to trick him/ her into divulging bank account or credit card details.
Ransomware
Ransomware is a type of computer malware that encrypts the files, storage media on communication devices like desktops, Laptops, Mobile phones etc., holding data/information as hostage. The victim is asked to pay the demanded ransom to get his device decrypted.
Virus
A computer Virus is a program written to enter to your computer and damage/alter your files/data and replicate themselves.
Worms
Worms are malicious programs that make copies of themselves again and again on the local drive, network shares, etc.
Trojan horse
A Trojan horse is not a virus. It is a destructive program that looks as a genuine application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. Trojans open a backdoor entry to your computer which gives malicious users/programs access to your system, allowing confidential and personal information to be theft.
Data Breach
A data breach is an incident in which information is accessed without authorization.
Denial of Services (DoS) attack is an attack intended for denying access to computer resources without the permission of the owner or any other person who is in charge of a computer, computer system, or computer network. A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
Website Defacement
Website Defacement is an attack intended to change the visual appearance of a website and/ or make it dysfunctional. The attacker may post indecent, hostile, and obscene images, messages, videos, etc.
Cyber-Squatting
Cyber-Squatting is an act of registering, trafficking in or using a domain name with the intent to profit from the goodwill of a trademark belonging to someone else.
Pharming
Pharming is a cyber-attack aiming to redirect a website's traffic to another, bogus website.
Cryptojacking
Cryptojacking is the unauthorized use of computing resources to mine cryptocurrencies.
Online Drug Trafficking
Online Drug Trafficking is the crime of selling, transporting, or illegally importing unlawful controlled substances, such as heroin, cocaine, marijuana, or other illegal drugs using electronic means.
Espionage
Espionage is the act or practice of obtaining data and information without the permission and knowledge of the owner.
Digital Crime and Digital Forensic in India
The bed lock of digital forensics started in the 1840s when Hans Gross (1847-1915) used scientific studies in a criminal investigation. Later in 1942, Forensic Bureau Investigation (FBI) in the USA established a forensic laboratory to provide forensic services to all local authorities. In 1978, after the first-ever computer crime happened, Florida Computer Crime Act came in to force. In 1992, the term 'Computer Forensics' was used for the first time in literature.
This helped in the establishment of the International organization on Computer Evidence (IOCE) in 1995. Computer forensics came to its prominence in the year 2000 with the foundation of the first Regional computer forensic laboratory by the FBI. Consequently, the first book on Computer Forensics by the Scientific Working group on digital evidence (SWGDE), called "Best Practices for Computer Forensics" was published in the year 2002. In 2010, Simson Garfinkel incorporated digital evidence in the forensic investigation processes.
As far as Digital forensics in India is concerned, the evolutionary process has been slow. In India, there is not even a single codified statute or law which deals with Computer forensics. The reason can be the fact that technology law is still in its nascent stage in India. There are no regulations and rules governing digital forensics, so if someone wants to become a cyber forensic, he has to complete a certified course on digital forensics after finishing his graduation.
There is not a single organization that governs the profession of digital forensics in India. The prime use of digital forensics in India is to deliver justice and solve complicated cases involving digital complexities. Hence, it becomes very essential to make a regulatory body that can see if the people in the profession are actually qualified enough to perform and manage this task. Most of the time, the court of law has to be dependent upon data and evidence which are gathered from the investigation of digital media.
The reason for the same is the fact that most people now have access to the internet which as a result is also increasing the number of crimes involving digital media. For example, If a woman is getting blackmailed on a messaging app, then the most effective way of proving it in court will be to give evidence, which in such cases, most of the time is in digital forms. The right to privacy is a fundamental right guaranteed under the constitution of India.
There is a chance of privacy infringement when the data in electronic forms are provided to forensic science analysts. It is reasonable to consider that forensic investigators should have the right to access all the data which can be helpful in tracking down the offender. But most of the time, the investigator also takes all the confidential information which is not needed for the case. So, the hazard of exploiting privacy is always there in the case of a digital forensics investigation.
Analogies can be made to the controversial Aadhar Card case when UDIAI collected all the information from the citizens of India on the behalf of the government. In such cases, if an unauthorized person gets access to the password, username, PIN, or any other such required information because of the forensic science analyst, then it will not be difficult for them to maneuver the account and use it for illegal purposes.[8]
In India, although the population is from different economic classes, yet the use of electronic devices is very popular amongst all age groups. The pandemic of COVID 19 has given rise to the use of e-methods be it education or work-from-home culture. Be it a child of 3 years or a man of 90 can easily be seen using a mobile phone, tablet, iPod, and laptop to name a few.
According to National Investment Promotion and Facilitation Agency, India is one of the largest consumer electronics markets in the Asia Pacific Region and the world's fastest-growing industry, Electronics System Design, and Manufacturing (ESDM) continues to transform lives, businesses, and economies across the globe. The global electronic devices market is estimated at $ 2.9 Tn in 2020. India's share in the global electronic systems manufacturing industry has grown from 1.3% in 2012 to 3.6% in 2019.[9]
India's exports are set to increase rapidly from $10 Bn in 2021 to $120 Bn in 2026. India's domestic production in electronics has increased from $ 29 Bn in 2014-15 to $ 67 Bn in 2020-21. Production of mobile handsets is further slated to increase in value from $30 Mn in 2021 to $ 126 Mn in 2026. India produces roughly 10 mobile phones per second which amounts to $950 worth of production every second. India's semiconductor market is expected to increase from $15 Bn in 2020 to $110 Bn in 2030, growing at a CAGR of 22%. Technology transitions such as the rollout of 5G networks and Internet of Things are driving the accelerated adoption of electronics products. Initiatives such as 'Digital India' and 'Smart City' projects have raised the demand for IoT in the electronics devices market and will undoubtedly usher in a new era for electronic products. India is expected to have a digital economy of $1 Tn by 2025.[10]
With this emerging number of users of electronic devices, emerges crime related to electronic devices. It creates a big challenge for evidence collection as we require expertise in the field who are equipped with the latest technology, legal procedure, and forensics know-how.
India reported 52,974 cases of cybercrime in 2021, an increase of over 5 percent from 2020 (50,035 cases) and over 15 percent from 2019 (44,735 cases), according to the latest government data. Over 70 percent of the cybercrime cases were reported from Telangana, Uttar Pradesh, Karnataka, Maharashtra, and Assam, the National Crime Records Bureau's (NCRB) 'Crime In India 2021' report showed. The average rate of cybercrime incidents (per one lakh population) was recorded at 3.9 in the country in 2021, stated the NCRB, which functions under the Ministry of Home Affairs. The charge-sheeting rate in cybercrime cases in 2021 was recorded at 33.8, the report showed, suggesting that the police probe was completed only in one-third of the cases registered across the country.[11]
In India, the point of consideration is the legal and judicial systems and their functioning which seems to be outmoded. With the rise of cyber-crimes, there is a need to change the current policies and built a new techno-legal framework to fight cyber-crime with the use of the latest forensic technologies. Crimes like email spoofing and Facebook account hacking are very common in India but due to weak legal implications and poor law enforcement, the criminals are set free to commit more crimes.
The cyber-crime conviction rate is very low in India, whereas cyber-crimes have continuously surged in India. Cyber-attacks in India are done by other countries like the USA, UAE, Pakistan, Nigeria, Saudi Arabia, etc. Crimes like email fraud, phishing, credit/debit card fraud, viruses, identity theft, etc. are very prevalent in India. There is a need of having strong cyber law monitoring and stringent cyber security. However, this can be achieved only if there is a decent digital infrastructure available with the proper mindset.[12]
Types of Digital Forensics[13]
Some types of digital forensics are as follows:
Disk Forensics:It deals with extracting data from storage media by searching active, modified, or deleted files.
Network Forensics:
It is a sub-branch of digital forensics. It is related to monitoring and analysis of computer network traffic to collect important information and legal evidence.
Wireless Forensics:
It is a division of network forensics. The main aim of wireless forensics is to offer the tools need to collect and analyze the data from wireless network traffic.
Database Forensics:
It is a branch of digital forensics relating to the study and examination of databases and their related metadata.
Malware Forensics:
This branch deals with the identification of malicious code, to study their payload, viruses, worms, etc.
Email Forensics
Deals with recovery and analysis of emails, including deleted emails, calendars, and contacts.
Memory Forensics:
It deals with collecting data from system memory (System Registers, Cache, RAM) in raw form and then carving the data from the Raw dump.
Mobile Phone Forensics:
It mainly deals with the examination and analysis of mobile devices. It helps to retrieve phone and SIM contacts, call logs, incoming, and outgoing SMS/MMS, Audio, videos, etc.
Indian Government Initiatives
Information Technology Act 2000 (Amended 2008)
The Information Technology (IT) Act of 2000 was passed in the budget session of parliament and endorsed by President K.R. Narayanan in 2000. The IT Act, 2000 spreads across 13 chapters and 4 schedules (2 of which have been omitted). The act provides legal recognition of authenticating electronic records by digital and electronic signatures. It lays down provisions for e-governance and e-records. It provides procedures to secure electronic signatures. It then goes on to mention the penalties, compensation, and the kind of adjudicating system that will be followed if any discrepancy arises under this act. The act further lays down the provisions of constituting an appellate tribunal and the kinds of offenses that this act has the authority to look into.The Information Technology Act, of 2000, serves as a useful illustration of the dearth of dynamism in digital rule-making in India. Though it forms the legislative bedrock of the country's online edifice, it has only been significantly amended once in 2008
In 2008, augmentations extended the meaning of "specialized gadgets" to incorporate cell phones and to reflect current use; validate electronic signatures and contracts; making the owner of a given IP address responsible for content accessed or distributed through it. Punishments range from detainment for a term that may extend to three years and a fine. Offenses that happen in a corporate setting can bring about additional managerial punishments and regulatory observations that can demonstrate difficulty in working together.
To summarise, the new Indian IT Act attempts to catch a few viewpoints managing individual information protection, Blackhat hacking, and digital illegal intimidation. Be that as it may, a solid and directed execution instrument is needed to moderate the prospects of the Act's abuse. It applies to organizations that work together in India. This incorporates substances, enrolled in India, re-appropriate there, and keeping up with servers inside the nation's lines. The demonstration covers activity of any kind including web trades and electronic records. It is said that the Information Technology Act, of 2000 has been adequately able to handle the challenges which are posed by the rapidly changing internet and information.
Over the last few years, India has emerged as a leading innovator when it comes to technological advancements and a primary market in the digital space.
At the same time, there had been raging concerns on aspects relating to data security and safeguarding the privacy of 130 crore Indians, such concerns also pose a threat to the sovereignty and security of our country. The Ministry of Information Technology received many complaints from various sources including several reports about the misuse of some mobile apps available on Android and iOS platforms for stealing and surreptitiously transmitting users' data in an unauthorized manner to servers that have locations outside India. The compilation of these data, it's mining, and profiling by elements hostile to the national security and defense of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which requires emergency measures.[14]
The Indian Cyber Crime Coordination Centre, Ministry of Home Affairs sent an exhaustive recommendation for blocking these malicious apps. The Computer Emergency Response Team (CERT-IN) has received many representations from citizens regarding the security of data and breach of privacy impacting public order issues.
Likewise, there have been similar bipartisan concerns, flagged by various public representatives, both outside and inside the Parliament of India. There has been a strong chorus in the public space to take strict action against Apps that harm India's sovereignty as well as the privacy of our citizens. On the basis of these and upon receiving credible inputs that such Apps pose threat to the sovereignty and integrity of India, the Government of India disallowed the usage of 59 Apps, used in both mobile and non-mobile Internet-enabled devices.[15]
This move safeguarded the interests of crores of Indian mobile and internet users. This decision was a targeted move to ensure the safety and sovereignty of Indian cyberspace.
National Cyber Crime Reporting Portal
This portal is an initiative of the Government of India to facilitate victims/complainants to report cybercrime complaints online. This portal caters to complaints pertaining to cyber crimes only with a special focus on cyber crimes against women and children. Complaints reported on this portal are dealt with by law enforcement agencies/ police based on the information available in the complaints. It is imperative to provide correct and accurate details while filing the complaint for prompt action. A person can also contact local police in case of an emergency or for reporting crimes other than cyber crimes. The national police helpline number is 112 and the national women's helpline number is 181 while Cyber Crime Helpline is 1930.[16]New Initiatives
Government of India Ministry of Electronics and IT to promote e-Governance for empowering citizens, promoting the inclusive and sustainable growth of the Electronics, IT & ITeS industries, enhancing India's role in Internet Governance, adopting a multipronged approach that includes the development of human resources, promoting R&D and innovation, enhancing efficiency through digital services and ensuring secure cyberspace has taken following initiatives:
- e-Government: Providing e-infrastructure for the delivery of e-services
- e-Industry: Promotion of electronics hardware manufacturing and IT-ITeS industry
- e-Innovation / R&D: Implementation of R&D Framework - Enabling creation of Innovation/ R&D Infrastructure in emerging areas of ICT&E/Establishment of mechanism for R&D translation
- e-Learning: Providing support for the development of e-Skills and Knowledge network
- e-Security: Securing India's cyberspace
- e-Inclusion: Promoting the use of ICT for more inclusive growth
- Internet Governance: Enhancing India's role in Global Platforms of Internet Governance.
The Ministry of Electronics and Information Technology (MeitY) has notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules,2021 (referred to as "IT Rules, 2021") on 25th February 2021. The goals of these rules are to ensure an Open, Safe & Trusted, and Accountable Internet for all Indian Internet Users and Digital Nagriks. These rules have succeeded in creating a new sense of accountability amongst Intermediaries to their users, especially within Big Tech platforms.
However, as the digital ecosystem and connected Internet users in India expand, so do the challenges and problems faced by them, as well as some of the infirmities and gaps that exist in the current rule vis-a-vis the Big Tech platform. Therefore. New amendments have been proposed to the IT Rules 2021, to address these challenges and gaps.
As a part of the pre-legislative consultation process, a copy of the aforesaid draft amendment to the IT Rules 2021 has been uploaded on the website of the Ministry of Electronics and Information Technology (www.meity.gov.in) for public feedback and input. These are being offered for public consultation and comments from all stakeholders inviting feedback on the draft amendment to the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 relating to due diligence by an intermediary under rule 3(1)(b)(v).[17]
Digital Forensics and International Laws
Since 2000, in response to the need for standardization, various bodies, and agencies have published guidelines for digital forensics. The Scientific Working Group on Digital Evidence (SWGDE) produced a 2002 paper, Best practices for Computer Forensics, this was followed, in 2005, by the publication of an ISO standard (ISO 17025, General requirements for the competence of testing and calibration laboratories).A European-led international treaty, the Convention on Cybercrime, came into force in 2004 with the aim of reconciling national computer crime laws, investigative techniques, and international cooperation The treaty has been signed by 43 nations (including the US, Canada, Japan, South Africa, UK, and other European nations) and ratified by 16. The issue of training also received attention. Commercial companies (often forensic software developers) began to offer certification programs, and digital forensic analysis was included as a topic at the UK specialist investigator training facility, Centrex.[18]
In the late 1990s, mobile devices became more widely available, advancing beyond simple communication devices, and were found to be rich forms of information, even for crime not traditionally associated with digital forensics. Despite this, digital analysis of phones has lagged behind traditional computer media, largely due to problems over the proprietary nature of devices. Focus has also shifted to internet crime, particularly the risk of cyber warfare and cyberterrorism.[19]
A February 2010 report by the United States Joint Forces Command concluded the following: Through cyberspace, enemies will target industry, academia, government, as well as the military in the air, land, maritime, and space domains. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication.
The field of digital forensics still faces unresolved issues. A 2009 paper, "Digital Forensic Research: The Good, the Bad and the Unaddressed" by Peterson and Shenoi, identified a bias towards Windows operating systems in digital forensics research. In 2010, Simson Garfinkel identified issues facing digital investigations in the future, including the increasing size of digital media, the wide availability of encryption to consumers, a growing variety of operating systems and file formats, an increasing number of individuals owning multiple devices, and legal limitations on investigators. The paper also identified continued training issues, as well as the prohibitively high cost of entering the field.[20]
Forensic backlogs are an increasing concern for many law enforcement agencies. Agencies must shift from simply collecting digital evidence to effectively analyzing the digital evidence collected. Media analysis is time-intensive and requires training to ensure that all pieces of evidentiary value are identified and processed.
Another problem is that the sheer volume of data or evidence files collected makes it difficult for agencies to keep up with the output. For example, a single cyber-crime investigation can result in hundreds of gigabytes of data, which can be captured and preserved, but not analyzed in a timely manner. This creates a forensic backlog that affects the lives of victims, is costly to the agency, and can hinder the prosecution's case against the offender. The solution is to utilize automated media exploitation tools that can process large volumes of data in a timely manner without requiring extensive expertise.
As a law enforcement officer, the forensic backlog problem can be a significant challenge. With the right approach and technology, it's possible to reduce your backlog and improve the overall efficiency of your forensic processes. In this article, we look at key strategies that can be used to reduce forensic backlogs and allow law enforcement to make the best use of their resources.
One key strategy that can be used to reduce forensic backlogs is by adopting an evidence-based approach to decision-making. This means that when considering which cases to prioritize, you should base your decisions on the evidence available. By doing this, you can ensure that you are focusing your efforts on the cases that are most likely to result in a conviction.
Another strategy that can be used to reduce forensic backlogs is by investing in technology. For example, you may want to consider investing in a digital evidence management system. This type of system can help you to streamline your evidence-gathering and processing, which can save you time in the long run.
Finally, it's also important to focus on training and education. By ensuring that your staff is properly trained in the latest forensic techniques, you can make sure that they can work efficiently and effectively. This can ultimately save you time and money, and help to reduce your forensic backlogs.
By following these key strategies, you can make a significant impact on your forensic backlogs. By taking an evidence-based approach, investing in technology, and focusing on training and education, you can help to streamline your processes and save time and resources.
Landmark Cases
Shreya Singhal Vs UOI [21]
In the instant case, the validity of Section 66A of the IT Act was challenged before the Supreme Court.
Facts: Two women were arrested under Section 66A of the IT Act after they posted allegedly offensive and objectionable comments on Facebook concerning the complete shutdown of Mumbai after the demise of a political leader. Section 66A of the IT Act provides punishment if any person using a computer resource or communication, such information which is offensive, false, or causes annoyance, inconvenience, danger, insult, hatred, injury, or ill will.
The women, in response to the arrest, filed a petition challenging the constitutionality of Section 66A of the IT Act on the ground that it is violative of the freedom of speech and expression.
Decision: The Supreme Court based its decision on three concepts namely: discussion, advocacy, and incitement. It observed that mere discussion or even advocacy of a cause, no matter how unpopular, is at the heart of the freedom of speech and expression. It was found that Section 66A was capable of restricting all forms of communication and it contained no distinction between mere advocacy or discussion on a particular cause which is offensive to some and incitement by such words leading to a causal connection to public disorder, security, health, and so on.
In response to the question of whether Section 66A attempts to protect individuals from defamation, the Court said that Section 66A condemns offensive statements that may be annoying to an individual but not affecting his reputation.
However, the Court also noted that Section 66A of the IT Act is not violative of Article 14 of the Indian Constitution because there existed an intelligible difference between information communicated through the internet and through other forms of speech. Also, the Apex Court did not even address the challenge of procedural unreasonableness because it is unconstitutional on substantive grounds.
Shamsher Singh Verma v. State of Haryana[22]
In this case, the accused preferred an appeal before the Supreme Court after the High Court rejected the application of the accused to exhibit the Compact Disc filed in defense and to get it proved from the Forensic Science Laboratory.
The Supreme Court held that a Compact Disc is also a document. It further observed that it is not necessary to obtain admission or denial concerning a document under Section 294 (1) of CrPC personally from the accused, the complainant, or the witness.
-
Syed Asifuddin and Ors. v. State of Andhra Pradesh and Anr.[23]
Facts: The subscriber purchased a Reliance handset and Reliance mobile services together under the Dhirubhai Ambani Pioneer Scheme. The subscriber was attracted by better tariff plans of other service providers and hence, wanted to shift to other service providers. The petitioners (staff members of TATA Indicom) hacked the Electronic Serial Number (hereinafter referred to as "ESN"). The Mobile Identification Number (MIN) of Reliance handsets were irreversibly integrated with ESN, programming of ESN made the device would be validated by Petitioner's service provider and not by Reliance Infocomm.
Questions before the Court:
- Whether a telephone handset is a "Computer" under Section 2(1)(i) of the IT Act?
- Whether manipulation of ESN programmed into a mobile handset amounts to an alteration of source code under Section 65 of the IT Act?
(i) Section 2(1)(i) of the IT Act provides that a "computer" means any electronic, magnetic, optical, or other high-speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic, or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or related to the computer in a computer system or computer network. Hence, a telephone handset is covered under the ambit of "computer" as defined under Section 2(1)(i) of the IT Act.
(ii) Alteration of ESN makes exclusively used handsets usable by other service providers like TATA Indicomm. Therefore, alteration of ESN is an offence under Section 65 of the IT Act because every service provider has to maintain its own SID code and give its customers a specific number to each instrument used to avail the services provided. Therefore, the offence registered against the petitioners cannot be quashed with regard to Section 65 of the IT Act. - Shankar v. State Rep[24]
Facts: The petitioner approached the Court under Section 482, CrPC to quash the charge sheet filed against him. The petitioner secured unauthorized access to the protected system of the Legal Advisor of the Directorate of Vigilance and Anti-Corruption (DVAC) and was charged under Sections 66, 70, and 72 of the IT Act.
Decision: The Court observed that the charge sheet filed against the petitioner cannot be quashed with respect to the law concerning the non-granting of sanction of prosecution under Section 72 of the IT Act.
Christian Louboutin SAS v. Nakul Bajaj & Ors.[25]
Facts: The Complainant, a Luxury shoes manufacturer filed a suit seeking an injunction against an e-commerce portal www.darveys.com for indulging in a Trademark violation with the seller of spurious goods.
The question before the Court was whether the defendant's use of the plaintiff's mark, logos, and image are protected under Section 79 of the IT Act.
Decision: The Court observed that the defendant is more than an intermediary on the ground that the website has full control over the products being sold via its platform. It first identifies and then promotes third parties to sell their products. The Court further said that active participation by an e-commerce platform would exempt it from the rights provided to intermediaries under Section 79 of the IT Act.
Avnish Bajaj v. State (NCT) of Delhi[26]
Facts: Avnish Bajaj, the CEO of Bazee.com was arrested under Section 67 of the IT Act for the broadcasting of cyber pornography. Someone else had sold copies of a CD containing pornographic material through the bazee.com website.
Decision: The Court noted that Mr. Bajaj was nowhere involved in the broadcasting of pornographic material. Also, the pornographic material could not be viewed on the Bazee.com website. But Bazee.com receives a commission from the sales and earns revenue for advertisements carried on via its web pages.
The Court further observed that the evidence collected indicates that the offence of cyber pornography cannot be attributed to Bazee.com but to some other person. The Court granted bail to Mr. Bajaj subject to the furnishing of 2 sureties Rs. 1 lakh each. However, the burden lies on the accused that he was merely the service provider and does not provide content.
State of Tamil Nadu v. Suhas Katti[27]
The instant case is a landmark case in the Cyber Law regime for its efficient handling made the conviction possible within 7 months from the date of filing the FIR.
Facts: The accused was a family friend of the victim and wanted to marry her but she married another man which resulted in a Divorce. After her divorce, the accused persuaded her again and on her reluctance to marrying him, he took the course of harassment through the Internet. The accused opened a false e-mail account in the name of the victim and posted defamatory, obscene, and annoying information about the victim.
A charge-sheet was filed against the accused person under Section 67 of the IT Act and Section 469 and 509 of the Indian Penal Code, 1860.
Decision: The Additional Chief Metropolitan Magistrate, Egmore convicted the accused person under Section 469 and 509 of the Indian Penal Code, 1860 and Section 67 of the IT Act. The accused was subjected to the Rigorous Imprisonment of 2 years along with a fine of Rs. 500 under Section 469 of the IPC, Simple Imprisonment of 1 year along with a fine of Rs. 500 under Section 509 of the IPC, and Rigorous Imprisonment of 2 years along with a fine of Rs. 4,000 under Section 67 of the IT Act.
CBI v. Arif Azim (Sony Sambandh case)
A website called www.sony-sambandh.com enabled NRIs to send Sony products to their Indian friends and relatives after online payment for the same.
In May 2002, someone logged into the website under the name of Barbara Campa and ordered a Sony Colour TV set along with a cordless telephone for one Arif Azim in Noida. She paid through her credit card and the said order was delivered to Arif Azim. However, the credit card agency informed the company that it was an unauthorized payment as the real owner denied any such purchase.
A complaint was therefore lodged with CBI and further, a case under Sections 418, 419, and 420 of the Indian Penal Code, 1860 was registered. The investigations concluded that Arif Azim while working at a call center in Noida, got access to the credit card details of Barbara Campa which he misused.
The Court convicted Arif Azim but being a young boy and a first-time convict, the Court's approach was lenient towards him. The Court released the convicted person on probation for 1 year. This was one among the landmark cases of Cyber Law because it displayed that the Indian Penal Code, 1860 can be an effective legislation to rely on when the IT Act is not exhaustive.
Pune Citibank Mphasis Call Center Fraud
Facts: In 2005, US $ 3,50,000 were dishonestly transferred from the Citibank accounts of four US customers through the internet to few bogus accounts. The employees gained the confidence of the customer and obtained their PINs under the impression that they would be a helping hand to those customers to deal with difficult situations. They were not decoding encrypted software or breathing through firewalls, instead, they identified loopholes in the MphasiS system.
Decision: The Court observed that the accused in this case are the ex-employees of the MphasiS call center. The employees there are checked whenever they enter or exit. Therefore, it is clear that the employees must have memorized the numbers. The service that was used to transfer the funds was SWIFT i.e. society for worldwide interbank financial telecommunication. The crime was committed using unauthorized access to the electronic accounts of the customers. Therefore this case falls within the domain of 'cyber crimes". The IT Act is broad enough to accommodate these aspects of crimes and any offense under the IPC with the use of electronic documents can be put at the same level as the crimes with written documents.
The court held that section 43(a) of the IT Act, 2000 is applicable because of the presence of the nature of unauthorized access that is involved to commit transactions. The accused were also charged under section 66 of the IT Act, 2000 and section 420 i.e. cheating, 465,467 and 471 of The Indian Penal Code, 1860.
SMC Pneumatics (India) Pvt. Ltd. vs. Jogesh Kwatra[28]
Facts: In this case, Defendant Jogesh Kwatra was an employee of the plaintiff's company. He started sending derogatory, defamatory, vulgar, abusive, and filthy emails to his employers and to different subsidiaries of the said company all over the world to defame the company and its Managing Director Mr. R K Malhotra. In the investigations, it was found that the email originated from a Cyber Cafe in New Delhi. The Cybercafé attendant identified the defendant during the enquiry. On 11 May 2011, Defendant was terminated of the services by the plaintiff.
Decision: The plaintiffs are not entitled to relief of perpetual injunction as prayed because the court did not qualify as certified evidence under section 65B of the Indian Evidence Act. Due to the absence of direct evidence that it was the defendant who was sending these emails, the court was not in a position to accept even the strongest evidence. The court also restrained the defendant from publishing, transmitting any information in the Cyberspace which is derogatory or abusive of the plaintiffs.
Nasscom vs. Ajay Sood & Others
In a landmark judgment in the case of National Association of Software and Service Companies vs Ajay Sood & Others, delivered in March, '05, the Delhi High Court declared 'phishing' on the internet to be an illegal act, entailing an injunction and recovery of damages.
Elaborating on the concept of 'phishing', in order to lay down a precedent in India, the court stated that it is a form of internet fraud where a person pretends to be a legitimate association, such as a bank or an insurance company in order to extract personal data from a customer such as access codes, passwords, etc. Personal data so collected by misrepresenting the identity of the legitimate party is commonly used for the collecting party's advantage. court also stated, by way of an example, that typical phishing scams involve persons who pretend to represent online banks and siphon cash from e-banking accounts after conning consumers into handing over confidential banking details.
The Delhi HC stated that even though there is no specific legislation in India to penalize phishing, it held phishing to be an illegal act by defining it under Indian law as "a misrepresentation made in the course of trade leading to confusion as to the source and origin of the e-mail causing immense harm not only to the consumer but even to the person whose name, identity or password is misused." The court held the act of phishing as passing off and tarnishing the plaintiff's image.
The plaintiff in this case was the National Association of Software and Service Companies (Nasscom), India's premier software association.The defendants were operating a placement agency involved in head-hunting and recruitment. In order to obtain personal data, which they could use for purposes of headhunting, the defendants composed and sent e-mails to third parties in the name of Nasscom.
The high court recognised the trademark rights of the plaintiff and passed an ex-parte adinterim injunction restraining the defendants from using the trade name or any other name deceptively similar to Nasscom. The court further restrained the defendants from holding themselves out as being associates or a part of Nasscom.
The court appointed a commission to conduct a search at the defendants' premises. Two hard disks of the computers from which the fraudulent e-mails were sent by the defendants to various parties were taken into custody by the local commissioner appointed by the court. The offending e-mails were then downloaded from the hard disks and presented as evidence in court.
During the progress of the case, it became clear that the defendants in whose names the offending e-mails were sent were fictitious identities created by an employee on the defendants' instructions, to avoid recognition and legal action. On discovery of this fraudulent act, the fictitious names were deleted from the array of parties as defendants in the case.
Subsequently, the defendants admitted their illegal acts and the parties settled the matter through the recording of a compromise in the suit proceedings. According to the terms of the compromise, the defendants agreed to pay a sum of Rs1.6 million to the plaintiff as damages for violation of the plaintiff's trademark rights. The court also ordered the hard disks seized from the defendant's premises to be handed over to the plaintiff who would be the owner of the hard disks.
This case achieves clear milestones: It brings the act of "phishing" into the ambit of Indian laws even in the absence of specific legislation; It clears the misconception that there is no "damages culture" in India for violation of IP rights; This case reaffirms IP owners' faith in the India
Challenges faced by Digital Forensics[29]
Following are the major challenges faced by the Digital Forensic:- The increase of electronic devices and extensive use of internet access
- Easy availability of hacking tools
- Lack of physical evidence makes prosecution difficult.
- The large amount of storage space into Terabytes that makes this investigation job difficult.
- Any technological changes require an upgrade or changes to solutions.
Some Examples of Uses of Digital Forensics[30]
In recent times, commercial organizations have used digital forensics in the following a type of cases:
- Intellectual Property Theft
- Industrial espionage
- Employment disputes
- Fraud investigations
- Inappropriate use of the Internet and email in the workplace
- Forgeries related matters
- Bankruptcy investigations
- Issues concern with the regulatory compliance
Advantages of Digital forensics[31]
Some benefits of Digital forensics are:- To ensure the integrity of the computer system.
- To produce evidence in the court, which can lead to the punishment of the culprit.
- It helps companies to capture important information if their computer systems or networks are compromised.
- Efficiently tracks down cybercriminals from anywhere in the world.
- Helps to protect the organization's money and valuable time.
- Allows to extract, process, and interpretation of factual evidence, so it proves the cybercriminal actions in the court.
Disadvantages of Digital Forensics[32]
The major drawbacks of using Digital Forensic:
- Digital evidence accepted into court. However, it must be proved that there is no tampering
- Producing electronic records and storing them is an extremely costly affair
- Legal practitioners must have extensive computer knowledge
- Need to produce authentic and convincing evidence
- If the tool used for digital forensics is not according to specified standards, then in the court of law, the evidence can be disapproved by justice.
- Lack of technical knowledge by the investigating officer might not offer the desired result
Conclusion[33]
A standardized and harmonized framework or solution that comprehensively captures thetechno-legal requirements of Digital Forensic is an indispensable tool for computer/cyber crime investigators and digital forensics experts to handle and/or otherwise process distributed digital evidence expeditiously for admissibility in the law courts.
Recommendations:
There is, first of all, the need to streamline existing laws and implement existing policies, technical and legal requirements for evidence admissibility. Standard procedures that are coherent and ensure harmony between lawyers, judges, forensic experts, law enforcement agencies, corporations, individuals, and the court must be adhered to. Secondly, the harmonization of cybercrime investigation and digital forensics practices across borders is essential for investigations that oftentimes involve more than one legal jurisdiction. Furthermore, heavy investments must be made to boost the capacities of the relevant institutions engaged in both digital evidence gathering and prosecution.[34]
End-Notes:
- M Reith, C Carr, G Gunsch, "An examination of digital forensic models". (International Journal of Digital Evidence, 2002) available at https://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.13.9683 (last visited on March 19, 2023)
- Lawrence Williams, "What is Digital Forensics? History, Process, Type Challenges" available at: https://www.guru99.com/digital-forensics.html (last visited on March 19, 2023).
- Interpol, available at https://www.interpol.int/en/How-we-work/Innovation/Digital-forensics#:~:text=Digital%20forensics%20is%20a%20branch,crucial%20for%20law%20enforcement%20investigations (last visited on March 19, 2023).
- Rachana Y. Patil, Satish R. Devane, "Network Forensic Investigation Protocol to Identify True Origin of Cyber Crime", Journal of King Saud University (Computer and Information Sciences 2022) available at https://www.sciencedirect.com/science/article/pii/S1319157819311103?via%3Dihub (last visited on March19, 2023)
- Supra note 2.
- Emmanuel Kpakpo Brown, "Digital Forensic and Distributed Evidence"
- Available at: https://cybercrime.gov.in/Webform/CrimeCatDes.aspx last visited on March 20, 2023.
- Available at https://www.legaleagle-lawforum.com/forum/academic-articles/evolution-of-digital-forensics-in-india#:~:text=In%202010%2C%20Simson%20Garfinkel%20incorporated,which%20deals%20with%20Computer%20forensics. Last visited March 20, 2023.
- National Investment Promotion and Facilitation Agency, investindia.gov.in/sector/electronic-systems last visited March 20, 2023.
- Ibid.
- Available at: https://telecom.economictimes.indiatimes.com/news/5-pc-rise-in-cybercrimes-in-india-in-2021-charge-sheeting-only-in-one-third-cases-govt-data/93904202 last visited on March 20, 2023.
- Supra Note 7.
- Supra Note 2.
- Available at: https://pib.gov.in/PressReleasePage.aspx?PRID=1635206#:~:text=This%20move%20will%20safeguard%20the,and%20sovereignty%20of%20Indian%20cyberspace. Last visited on March 20, 2023.
- Ibid.
- Available at: https://cybercrime.gov.in/ last visited on March 19, 2023.
- Available at: https://www.meity.gov.in/ last visited on March 20, 2023.
- Ibid.
- Ibid.
- (2013) 12 SCC 73
- 2015 SCC OnLine SC 1242
- 2005 CriLJ 4314
- 2005 CriLJ 4314
- Crl. O.P. No. 6628 of 2010
- (2018) 253 DLT 728
- (2008) 150 DLT 769
- CC No. 4680 of 2004
- CM APPL. No. 33474 of 2016
- Supra Note 2.
- Supra Note 2.
- Supra Note 2.
- .Supra Note 6.
- Supra Note 6.
Law Article in India
Legal Question & Answers
Lawyers in India - Search By City
LawArticles
How To File For Mutual Divorce In Delhi
How To File For Mutual Divorce In Delhi Mutual Consent Divorce is the Simplest Way to Obtain a D...
Increased Age For Girls Marriage
It is hoped that the Prohibition of Child Marriage (Amendment) Bill, 2021, which intends to inc...
Facade of Social Media
One may very easily get absorbed in the lives of others as one scrolls through a Facebook news ...
Section 482 CrPc - Quashing Of FIR: Guid...
The Inherent power under Section 482 in The Code Of Criminal Procedure, 1973 (37th Chapter of t...
The Uniform Civil Code (UCC) in India: A...
The Uniform Civil Code (UCC) is a concept that proposes the unification of personal laws across...
Role Of Artificial Intelligence In Legal...
Artificial intelligence (AI) is revolutionizing various sectors of the economy, and the legal i...
Please Drop Your Comments