Cyber Crime - A Hindrance In Digital World
The internet is one of the fastest growing areas of technical area
infrastructure development. Today information and communication technologies are
omnipresent and trend towards digitization is growing the demand for internet
connectivity has led to integration of computer technology into products that
have usually functioned in sustaining the backspace of Technological development
of society.
The cyber world in itself has a virtual reality where anyone can hide or even fake this identity, the gift of internet is used by the criminally minded to commit wrongful acts and then hide under the blanket provided by the internet. Digital India is the result of many innovations and advances in technology. More than half of the population is not in the habit of using computers, the internet and other devices most commonly used are social media sites Facebook, Chatrooms, Skype, Whatsapp, dating sites etc.[1]
Crime is defined as an act punishable by law as forbidden by statute or injurious to the public welfare.[2] It is a very wide definition. Anything which is injurious to public welfare is a crime. In modern complex society things maybe against the public welfare.
According to Bentham:
offences are whatever the legislature has prohibited for good or for bad reasons. If the questions relate to theoretical research for the discovery of the best possible laws according to the principle of utility, we give the name of offence to every act which we think ought to be prohibited by reasons of some evil which it produce or tends to produce.
According to Blackstone crime is an act in violation of public law.
In Austinian sense public law is identical with constitutional law. That being so, the crime would then mean an act done in violation of constitutional law. the definition would thus cover only political offences leaving aside a vest area of other criminal behavior. Blackstone also defines crime as violation of the public rights and duties due to the whole community, considered as a community, in its social aggregated capacity.
Stephan, the editor of Blackstone has slightly modified this definition in the following form. a crime is a violation of crime, considered in reference to the evil tendency of such violation as regard the community at large.
According to Kenny:
crimes are wrong whose sanctions is punitive and is in no way remissible by any private person but is remissible by crown alone, if remissible at all.[3]
A generalized definition of cyber crime unlawful acts where in the computer is either a tool or target or both.[5] Before evaluating the concept of cyber crime it is obvious that the concept of conventional crime be discussed and the points of similarity and greviences between both these forms maybe discussed.
There is apparently no distinction between cyber and conventional crime. However on a deep introspections we may say that there exist a final line demarcation between the conventional and cyber crime, which is appreciable the demarcation lies in the involvement of in the cases of cyber crime. There is much more to the internet than physically wired network computers.[6]
The influence of ICTs on society goes far beyond establishing basic information infrastructure. The availability of ICTs is a foundation for development in the creation, availability and use of network-based services.[7] The Fight against cyber crime needs a comprehensive approach. Only investigation against cyber crime cannot solemnly bring out the perspective of crime rather a strong step is required to bring out the offender.
Deterring cybercrime is an integral component of a national cyber security and critical information infrastructure protection strategy. in particular, this include the adoption of appropriate legislation against the misuse of ICTs for criminal or other purposes and other activity intended to affect the integrity of national critical infrastructure. The Formulation and implementation of national framework of strategy for cyber security thus crime thus as a comprehensive approach.[9]
Cybercrime is a narrow sense cover any illegal behavior committed by means of, in relation to a computer system or network, including any such crimes are illegal possession and offering or distributing information by means of a computer system or network. One common definition describe cybercrime as any activity in which computers or network are a tool, a target or a place of different activity.
The 21st Century
As in each Preceding decade, new trends in the computer crime and cybercrime continued to be discovered in 21st century.the first decade of the new millennium was dominated by new, highly sophisticated methods of committing crimes, such as phishing and the emerging use of technology that is more difficult for law enforcement to handle the investigate, such as voice-over-IP Communications[18] and cloud computing.[19]
Objective
Scope Of Study
The researcher has focused on accessing the procedure of investigation under the law and the investigating agencies that have been entrusted with the responsibility of curbing this form of crime. The focus of this research is to evolve the ways for identifying the stalker so that he can be at the earliest subjected to the due process of law.
Review Of Literature
No research work can possibly be taken up without consulting literature available on the topic under study.Before starting up the work on the problem the present research aims to review the existing literature on the subject. The review of the existing literature would provide clarity of concept, understanding of different aspects, and would help in identifying problem zones and formulating research methodology.[20] Pramod kumar singh, (2007)[21] traces the origin of the term cyber space as coined by William Gibson in the science fiction novel November in 1984. Basically, it denotes the virtual location within which the electronic activities take place. Cyber space is a borderless environment it has no territorial based boundaries.
The internet address has no relation to the physical location of the computers and individual accessing to them thus render geographic borders of nations meaningless. Cyber space, thus, challenges the well established principle of international law that control over the physical space and people is an attribute of Sovereign and statehood. Bequal (1979)[22] brings out the necessity of cyber laws relating to the use of information technology that the problem has been aggravated by the antiquated and over bureaucratized legal apparatus.
At stake is the very form of government, and if there is a failure to adapt the legal systems to the needs and demand of an ever growing technology, the entire system of governance would collapse. According to Ghokale and Pawar (1994)[23] have suggested that it is imperative for a developing country like India to focus their attention on this phenomenon, and introduce necessary amendments to the existing laws, so that computer crime can be tackled in time.
This also facilitates the expanding horizons of traditional criminology.the argument is that law in not a solution in itself to such problems. VIVEK SOOD in his book Cyber Crimes, Electronic evidence and investigation: legal issues (2010)[24] suggested various strategies to curb cyber-crimes. He says that since cyber crime are technology based, so the best answer to these crimes is security technology.
Fire –Walls, anti-virus software and anti-intrusion system are some of the effectively used security technologies. He concluded that protect yourself is the best mantra against cyber-crimes. According to him, effective cooperation between the law enforcement agencies within the country and between nations is also necessary to challenge cyber criminals and bring them before the law. Dr.Vishwanath Paranjpee in his book legal dimension of cyber crimes and preventive laws with special reference to India(2010)[25] has pointed out that with the rapid development of computer technology and internet over the years, the problem of cyber-crime has assumed gigantic proportions and emerged as a global issue. cyber-crime along with the municipal cyber legislation of different countries like UK, USA, India, Canada, china, Japan, France, etc.
The Challenges
Recent developments in ICTs have not only resulted in new cybercrimes and new criminals methods, but also new method of investigating cybercrime. Advances in ICTs have greatly expanded the abilities of law-enforcement agencies. Conversely, offenders may use new tools to prevent identification and hamper investigation. This chapters focuses on the challenges of fighting cybercrime.
Opportunities
Law enforcement agencies can now use the increasing power of computer systems and complex forensic software to speed up investigations and automate search procedures. It can prove difficult to automate investigation processes. while a keyboard-based search for illegal content can be carried out easily, the identification of illegal pictures is more problematic.hash –value based approaches are only successful if pictures have been rated previously, hash value based approaches are only successful if pictures have been rated previously, the hash value is stored in a database and the picture that was analysed has not been modified.
General Challenges
Many everyday communications depend on internet based services, including calls or email communications. It has made responsible for the control and management functions in building car and aviation services. The supply of energy water and communication services depend on ICTs. Existing technical infrastructure has a number of weakness such as the monoculture of operating system.
Legal Challenges
Proper legislation is the foundation for the investigation and prosecution of cybercrime. However, law-makers must continuously respond to the internet developments and monitor the effectiveness of existing provisions, especially given the speed of developments in network technology. The main challenge for national criminal legal system is the delay between the recognition of potential cybercrime.
Identification of gaps in penal code
To ensure effective legislative foundations, it is necessary to compare the status of criminal legal provisions in the national law with requirements arising from the new kind of criminal offence.it many cases, existing case laws may be able to cover new varieties of existing crimes(e.g law addressing forgery)
India became the 12 century to enable cyber law after it passed the information technology act 2000.
Thus international law is primarily a system regulating the rights and duties of states inter se popularly known as the 'LAW OF NATIONS' Basic primary aim is securing justice for human beings. The history of international law dates back to the earliest times to the beginning of the period of antiquity.
During the period of Rome's dominance were rules governing the relations between Rome and various nations with which it had commercial relations. In the 19th century this law further expanded the reason being the emergence of powerful states within and outside Europe.
Development of International law
The present day century has witnessed a greater impetus to the development of international law, the reason being growing interdependence of states and of vastly increase intercourse between them due to all kinds of inventions that overcame the difficulties of time, space and intellectual communications.
Source of International law
John Austin (1970-1859) he was the foremost protagonists of international law.
The material source of international law:
This was adopted by the ministry of Europe on 8-11-2001,it further was signed on 23-11-2001 in budapest. And it come in to force in 2004 in the month of july.it was further signed by 11 states. This was the first global agreement on cybercrime which used internet and a computer as a tool to commit the offence.
This agreement includes the following types of cybercrime:
Punishment
Cybercrime must be dealt with very seriously because it causes a lot of damage to businesses and the actual punishment should depend on the type of fraud used. The penalty for illegally accessing a computer system ranges from 6months to 5 years. The penalty for the unofficial modification on a computer ranges from 5 to 10 years. Others penalties are listed below:
Cyber-crime usually includes the following:
Compounding of offences
As per section 77-A Of the act, any court of competent jurisdiction may compound offences, other than offences for which the punishment for life or imprisonment for a term exceeding three years has been provided under the act.
1. No offence shall be compounded if-
Internet Challenges
The impact of the internet on the existing legal regime can be well appreciated by the fact that the US congress more than 50 bills pertaining to internet and e-commerce, in the first three months of 1999 alone.
The issues which need to be addressed urgently are security of transactions, privacy, property, protection of children, jurisdiction, and validity of contracts, procedural rules of evidence and other host of issues.
To answer the simple question of what is computer crime, or computer related crime, or cyber crime, it is necessary to understand the different types or classifications of crime that can be linked to computers. for example, hacking into a long-distance telephone service to enjoy free telephone calls is a type of computer related crime. whatever from computer crimes take, the characteristics that make computer system, particularly computer banking system.
So attractive for legitimate purposes make them similarly for illegitimate purposes such as money laundering.
Federal law enforcement and regulatory agencies are particularly concerned about three issues. first, the effectiveness of current operating requirement against cyber baking system. why? the current regulatory system depends on regulated financial institutions acting as a pass-through or intermediary between two parties, thus facilitating the transactions.what are known as peer to peer transactions. The intermediary is simply the internet.
Research Methodology
Researchers need to consider the sources on which to base and confirm their research and findings. They have a choice between primary data and secondary sources and the use of both, Which is termed triangulation, or dual methodology. primary research involves collecting direct data about a given subject directly from the real world. Primary data is the data collected by researcher themselves .i.e. interview observations, action research, case studies life histories questionnaire etc.
Secondary source consist of data that has already been produced and can be contemporary or historical, qualitative or quantitative. for example previous research, official statistics, mass media products, diaries letters, government reports, web information and historical data and information.legal research, therefore, takes into its ambit the research by analyzing secondary source of data.
It is a research into legal rules, principles, concept or doctrines.it involves a rigorous systematic exposition relationship. it arranges the existing law in order and provide thematic parameters for such an order.it also concern with critical review of legislation and of decisional by the researcher in carrying out this research work.
Is purely criminal. an exhaustive and critical study has been made all available relevant statutes, texts and case law on cyber-crimes. The research materials, for the present discretions, consist of various books on the subject, relevant case law from various reports, different articles published in various journals, various communications reports on the subject and relevant statutes. published articles in national in the dissertation at appropriate place.
Research Design
The research design used for this study is of descriptive type i.e studies which describe the characteristics of particular group and individuals.
Research Approach
In the research survey method used for collection of data and prepare questionnaire to draw the conclusion.
Questionnaire Schedule
Question are framed in such a way that the answer reflect the ideas and thought of respondents.
The scale is as:
Questions
Hypothesis
Computer and cyber space are usually used to commit crimes on the premise that the incidents are rarely detected due to anonymity. Cyber stalking is mainly committed for pleasure, revenge or out of fun on the intended victim. Victim do not readily come forward to report cyber stalking especially,for the reason of loss of reliability; futility of the whole process, as the crime has trans-national dimensions and there is no law to act beyond the sovereign boundaries.
The information technology act 2008 is casually enforced unlike other penal legislations; the act requires amendment changes in the technology and types of usage of cyber space. The procedure and the process of implementation need to be secured through the appointment of cyber officers so that it preventable to a great extent.
In India which ranks fifth in the world in incidence of cybercrime there has been hacking of 9000 websites in the proceeding three years with five percent increase in cybercrime each year. Cyber criminals are now moving beyond computers and attacking mobile- held devices such as smart phones and tablets.
For the purpose of speedy exchange of information in cyber crime related cases,india has asked U.S For setting up an Indo-American alert watch and warn network of participating law enforcement agencies of both the countries for prompt time sharing of information which would go long way in reducing time in investigation of cyber crime and apprehending the prepetrators of these crimes.
The purpose of such spam is to trick the person for divulging his personal information so that the offender can steal his identity and commit crime in that person's name. since of transactions being intercepted or diverted. Now a days valid credit card numbers can be intercepted electronically as well as physically the digital information stored on a card can be counterfeited.section 74 of the copyright act makes internet fraud as an offence punishable with imprisonment up to two years or with fine which may extend to rupees one lakh.
In data diddling, the perpetrator of offence changes the data prior to or during input into a computer. It also includes automatic change in the financial information for some time before processing and then restoring it in original form.
Trade mark is also one of the intellectual property right and protect the goodwill and reputation of trader and businessman. These marks are intended to be differentiate goods of a trader from other traders who are in same stream of trade and business. Passing off actions are also covered under the trade-marks act wherein in a trader passes off his inferior quality goods in nature of some reputed trader who is selling the same commodity or article. Thus if a particular logo is in relation to product B Would be infringement of trademark right and an or internet. It will attract the provisions of information technology act 2000.
Infringement of copyright is defined in section 51 of the copyright act. It not only give rise to civil action but also imposes criminal liability. civil remedies are provided under Ch X11 of the act where as penal consequences of infringement of copyright are contained in chapter X111 of the act.
Section 63 of the act, provides that a person infringing or abetting the infringement is liable to imprisonment up to three years and fine, which may extend to two lakh rupees. There in enhanced penalty for second or subsequent conviction.
Section 63 B of act further provides that knowingly making use of an infringing copy of computer software on a computer is a separate offences punishable with imprisonment for not less than seven days and which may extend to rupees one lakh.
Significantly, many areas where information technology has an impact have been rendered justiciable by the information technology act, 2000. They include e-commerce, jurisdictional issues, security measures, evidence, e-banking etc.
It may noted that just as the legitimate business organisations in the private or public sector rely upon information system for communication or record deeping, so also the cyber criminal organisations carry on their illegal activities using enhanced cyber space technology.commenting on this aspect has predict that information technology is not only reshaping the mode of corporate functioning and emerging new business strategies but it is dramatically increasing the number of potential cyber criminals. according to him, there is bound to be simultaneous increase in the incidence of cybercrime with the new internet sites and users which currently total around 40 million worldwide.
Categories
Plan Of The Study
The whole work is divided into different chapters in order to achieve the logical conclusion on the basis of systematic study.
Introduction
In this chapter objective, significance and scope of study will be introduced.the concept and nature of cyber-crime is also discussed.it describe the aim and objective, importance, scope, hypothesis, research problem in the hand.it also describes the research methodology employed for conducting research.
Conclusion And Suggestion
Indian laws are well drafted and are capable of handling all kinds of challenges as posed by cyber criminals. however, the enforcement agencies are required to be well versed with the changing technologies and laws.
As internet technology advances so does the threat of cyber crime.in times like these we must protect ourselves from cyber-crime.anti virus software, firewalls and security patches are just the beginning. Government surveillance under cyber law has gone through Amendment to the IT Act in 2008 gave the government wide powers of interception, encryption, and blocking. The amendment made in sec66-A made sending 'offensive' message through a computer or any other communication service. Such as cell phone or tablet, a punishable offence.
However, the supreme court struck down the provision of sec66-a as infringing the constitutional right of freedom of speech by its judgment in Shreya Singhal v. Union of India.
The section 66a had been widely misused by police in various states to arrest innocent person for posting critical comments on social and political issue on social networking site.
Almost every nation is confronted with the dilemma to balance its national security with privacy and freedom of expression.
With a view to strengthening the national security, sec69 as amended given power to the state to issue directions for interception or monitoring or decryption of any information through any computer resource.
Though the supreme court in shreya case struck down sec66-a of the information technology act, 2000 in its entirely being violative of article 19(1) (a) and not saved by reasonable restrictions laid down in art 19(2). It has no proximate connection with incitement to commit an offence. the court further clarified that 69-A. the reason being that section 69-a provides several safeguards as follow:
The introduction of electronic money and virtual banks, exchanges and shops became one of the factors of the appearance of a new kind of crime transnational computer crimes. Today law enforcements face tasks of counteraction and investigation of crimes in a sphere of computer technologies and Cyber crimes. Still, the definition of Cyber crimes remains unclear to law enforcement, through criminal action on the Internet pose great social danger. Transnational characters of these crimes give the ground today in the development of a mutual policy to regulate a strategy to fight Cyber crime.
One of the most serious steps to regulate this problem was the adoption of Cyber Crimes Convention by European Council on 23rd November 2001, the first ever agreement on juridical and procedural aspects of investigating and Cyber crimes. It specifies efforts coordinated at the national and international levels and directed at preventing illegal intervention into the work of computer systems. The convention stipulates actions targeted at national and international level, directed to prevent unlawful infringement of computer systems functions.
The convention divides Cyber crimes into four main kinds: hacking of computer systems, fraud, forbidden content and breaking copyright laws.By ways and measures these crimes are specific, have high latency and low exposure levels.[26]
There is another descriptive feature of these crimes, they are mostly committed only with the purpose to commit other more gravy crimes, for example, theft from bank accounts, getting restricted information, counterfeit of money or securities, extortion, espionage, etc.
There are various initiatives taken by the organization worldwide from time to time to control the growing menace of Cyber crime. Some of the initiatives taken by various organizations are:
That includes work against the selling of private data, counterfeit information and application of viruses and other harmful computer programs. We will instruct our experts to generate unified approaches to fighting cyber criminality, and we will need an international legal base for this particular work, and we will apply all of that to prevent terrorists from using computer and internet sites for hiring new terrorist and the recruitment of other illegal actors.[28]
Till there is an acceptable model for International cyber law, countries would keep on refusing to be part of the same. For example, India chose not to join the European Convention on Cyber Crime because it would have introduced a completely alien legal framework into the Indian legislative process.
Similarly, there is an urgent need to maintain a balance between civil liberties and national security and law enforcement requirements. The clash of civil liberties like free speech and expression with cyber security will also need to be studied carefully.
Recently Alexander Seger, Head of Economic Crime Division, Council of Europe, asked India to be a part of the Convention on Cyber crime. Although the intentions seem to be good yet the end result would be a big failure. This is so because an action without proper planning and preparation can never fetch the desired result. India is presently suffering from weak cyber law, ignored cyber security and absence of cyber forensics capabilities.
The Information Technology Act, 2000 (IT Act, 2000) is the sole cyber law of India that is regulating all the aspects of cyber law, cyber security and cyber forensics. Undoubtedly, the legal enablement of ICT systems in India is missing. Surprisingly, Seger thinks that the Information Technology (Amendment) Bill, 2008 now provides with a "fairly complete" legal framework.
He opined that now the most important step is to follow it up with steps that will enable India to cooperate internationally in an effective manner. According to Praveen Dalal, the Leading Techno-Legal Specialist of India and managing partner of Perry4 Law, India is currently not equipped to sign any International Convention or Treaty regarding Cyber Law and Cyber Crimes. If the very base is defective we cannot get the result we are carving for. The IT Act, 2000 is weak, cyber security is missing and cyber forensics capabilities do not exist. There are no efforts in these directions in India except by private sector.
Private Initiatives like Cyber Security Research Centre of India (CSRCI) of Perry4Law is very important for bringing Harmonisation of cyber law. Perry4Law and PTLB have been trying to leverage the opinion and expertise of specialists in their respective fields. Further, among many laudable objectives of CSRCI, one of it pertains to providing assistance in the formulation of International Cyber Law Treaty. CSRCI, Perry4Law and PTLB are in the process of formulating a draft that must be considered by the Indian government before acceding to any Convention in this regard.
It is clear that India is not yet ready to sign any international treaty or convention. Signing of the same would only increase pressure upon the law enforcement and Indian government. The proper course of actions is to improve its position regarding cyber law, cyber security and cyber forensics. Once that is achieved, we must proceed towards analysing the draft of European Union or any other institution[30]
Firstly, A Sound Cyber Law regime: The Cyber law in India can be found in the form of IT Act, 2000. Now the IT Act, as originally enacted, was suffering from various loopholes and lacunas. These grey areas were excusable since India introduced the law recently and every law needs some time to mature and grow. It was understood that over a period of time it will grow and further amendments will be introduced to make it compatible with the International standards. It is important to realise that we need qualitative law and not quantitative laws. In other words, one single Act can fulfil the need of the hour provided we give it a dedicated and futuristic treatment.
The dedicated law essentially requires a consideration of public interest as against interest of few influential segments. Further, the futuristic aspect requires an additional exercise and pain of deciding the trend that may be faced in future. This exercise is not needed while legislating for traditional laws but the nature of cyber space is such that we have to take additional precautions. Since the Internet is boundary less, any person sitting in an alien territory can do havoc with the computer system of India. For instance, the Information Technology is much more advanced in other countries.
If India does not shed its traditional core that it will be vulnerable to numerous cyber threats in the future. The need of the hour is not only to consider the contemporary standards of the countries having developed Information Technology standards but to anticipate future threats as well in advance. Thus, a futuristic aspect of the current law has to be considered. Now the big question is whether India is following this approach? Unfortunately, the answer is in NEGATIVE.[31]
Secondly, Sounds enforcement machinery: A law might have been properly enacted and may be theoretically effective too but it is useless unless enforced in its true letter and spirit. The law enforcement machinery in India is not well equipped to deal with cyber law offences and contraventions. They must be trained appropriately and should be provided with suitable technological support.
Establishing a Suitable framework:
There is a dire need for the emergence of a well-defined framework of Cyber Laws, which should be able to do the following:
Effective Implementation of any law is as critical an exercise as its enactment.
A law implementing agency has to focus on the following major areas to be effective:
Cyber Legislations Worldwide
To meet the challenge posed by new kinds of crime made possible by computer technology including telecommunication, many countries have also reviewed their respective domestic criminal laws so as to prevent computer related crimes. Some of these countries are USA, Austria, Denmark, France Germany, Greece, Finland, Italy, Turkey, Sweden, Switzerland, Australia, Canada, India, Japan, Spain, Portugal, UK, Malaysia and Singapore.
However, no country has fully resolved all the issues such as legal, enforcement and prevention of crime. The legislations enacted by different countries cover only few of the classified computer related offences. However, looking to the dynamic and fast changing technology, new types of offences may pop-up frequently[33].
Some of the major types of offences against which many countries across the globe have enacted various Acts (mostly at preliminary levels) are as follows:
The IT Law 2000, though appears to be self-sufficient, it takes mixed stand when it comes to many practical situations.
It loses its certainty at many places like:
The IT Act is silent on filming anyone's personal actions in public and then distributing it electronically. It holds ISPs (Internet Service Providers) responsible for third party data and information, unless contravention is committed without their knowledge or unless the ISP has undertaken due diligence to prevent the contravention.[35]
For example, many Delhi based newspapers advertise the massage parlours; and in few cases even show the 'therapeutic masseurs' hidden behind the mask, who actually are prostitutes. Delhi Police has been successful in busting out a few such rackets but then it is not sure of the action it can take…should it arrest the owners and editors of newspapers or wait for some new clauses in the Act to be added up?? Even the much hyped case of the arrest of Bajaj, the CEO of Bazee.com, was a consequence of this particular ambiguity of the law. One cannot expect an ISP to monitor what information their subscribers are sending out, all 24 hours a day.
Cyber law is a generic term, which denotes all aspects, issues and the legal consequences on the Internet, the World Wide Web and cyber space. India is the 12th nation in the world that has cyber legislation apart from countries like the US, Singapore, France, Malaysia and Japan.
But can the cyber laws of the country be regarded as sufficient and secure enough to provide a strong platform to the country's e-commerce industry for which they were meant? India has failed to keep in pace with the world in this respect, and the consequence is not far enough from our sight; most of the big customers of India's outsourcing company have started to re-think of carrying out their business in India.Bajaj's case has given the strongest blow in this respect and have broken India's share in outsourcing market as a leader.[36]
If India doesn't want to lose its position and wishes to stay as the world's leader forever in outsourcing market, it needs to take fast but intelligent steps to cover the glaring loopholes of the Act, or else the day is not far when the scenario of India ruling the world's outsourcing market will stay alive in the dreams only as it will be overtaken by its competitors.
The Effectiveness of cyber law in India–The Information Technology Act, 2000 and critical analysis:
The IT Act, 2000 came at a time when cyber-specific legislation was much needed. It filled up the lacunae for a law in the field of e-commerce. Taking cue from its base-document, i.e. the UNICITRAL Model Law53 on electronic commerce, adopted in 1996, a law attuned to the Indian needs has been formulated.
Apart from e-commerce related provisions, computer crimes and offences along with punishments have been enumerated and defined. The powers of the police to investigate and power of search and seizure, etc. have been provided for. However, certain points need a re-working right from the scratch or require revamping.[37]
At the first instance, though the IT Act, 2000 purports to have followed the pattern of the UNICITRAL Model Law on Electronic Commerce, yet what took people by surprise is its coverage not only of e-commerce, but something more, i.e. computer crime and amendments to the Indian Penal Code. The UNICITRAL Model Law did not cover any of the other aspects.
Therefore in a way, the IT Act, 2000 has been an attempt to include other issues relating to cyber world as well which might have an impact on the ecommerce transactions and its smooth functioning. Though, that of course is not reflected even from the Statements of Objectives and reasons or the preamble of the Statute. Amendments to the Indian evidence Act are evidently made to permit electronic evidence in court. This is a step in the right direction.
Secondly, a single section devoted to liability of the Network Service Provider is highly inadequate. The issues are many more. Apart from classification of the Network Service provider itself there can be various other instances in which the Provider can be made liable specially under other enactments like the Copyright Act or the Trade Marks Act. However the provision in the IT Act, 2000 devoted to ISP protection against any liability is restricted only to the Act or rules or regulations made there under. The section is not very clear as to whether the protection for the ISPs extends even under the other enactments.
It has been argued that the Act of this nature would divide the society into digital haves and digital have-nots. This argument is based on the premise that with an extremely low PC penetration, poor Internet connectivity and other poor communication infrastructure facilities, a country like India would have islands of digital haves surrounded by digital have-nots. Logically speaking, such an argument is untenable as the „digital core has been expanding horizontally and everyday communication connectivity is rising across India.
An Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.
The introduction of the internet has brought the tremendous changes in our lives. People of all fields are increasingly using the computers to create, transmit and store information in the electronic form instead of the traditional papers, documents. Information stored in electronic forms has many advantages, it is cheaper, easier to store, easier to retrieve and for speedier to connection.
Though it has many advantages, it has been misused by many people in order to gain themselves or for sake or otherwise to harm others. The high and speedier connectivity to the world from any place has developed many crimes and these increased offences led to the need of law for protection.
Some countries have been rather been vigilant and formed some laws governing the net. In order to keep in pace with the changing generation, the Indian Parliament passed the law Information Technology Act 2000. The IT Act 2000 has been conceptualized on the United Nations Commissions on International Trade Law (UNCITRAL) Model Law.
The increase rate of technology in computers has led to enactment of Information Technology Act 2000. The converting of the paper work into electronic records, the storage of the electronic data, has led tremendous changed the scenario of the country. The Act further amends the Indian Penal Code, 1860, The Evidence Act, 1872, The Banker's Book's Evidence Act, 1891 and The Reserve Bank of India Act, 1934.
Section 65: Tampering with computer source documents
Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the being time in force, shall be punishable with imprisonment up to three year, or with fine which may extend up to two lakh rupees, or with both.
Penalties: Section 65 is tried by any magistrate.
This is cognizable and non-bailable offence.
Penalties: Imprisonment up to 3 years and / or
Fine: Two lakh rupees.
Section66: Hacking with the computer system
Punishment: Imprisoned up to three years and Fine:
This may extend up to two lakh rupees or with both. Section 67: Publishing of obscene information in electronic form Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstance, to read see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees.
Penalties: Punishment:
On first conviction- imprisonment which may extend up to five years. Fine: up to on first conviction which may extend to one lakh rupees.
On second conviction-imprisonment up to which may extend to ten years and Fine which may extend up to two lakh rupees. [40]
Section 68: Power of controller to give directions
The Controller may, by order, direct a Certifying Authority or any employee of such Authority to take such measures or cease carrying on such activities as specified in the order if those are necessary to ensure compliance with the provisions of this Act, rules or any regulations made there under.
Any person who fails to comply with any order under sub-section (1) shall be guilty of an offence and shall be liable on conviction to imprisonment for a term not exceeding three years or to a fine not exceeding two lakh rupees or to both.
Explanation: Any person who fails to comply with any order under sub section (1) of the above section, shall be guilty of an offence and shall be convicted for a term not less than three years or to a fine exceeding two lakh rupees or to both. The under this section is non-bailable & cognizable.
Penalties:
Punishment: imprisonment up to a term not exceeding three years
Fine: not exceeding two lakh rupees.
Section 69: Directions of Controller to a subscriber to extend facilities to decrypt information
Penalties:
Punishment: imprisonment for a term which may extend to seven years. The offence is cognizable and non- bailable.
Section 70: Protected System
The appropriate Government may, by notification in the Official Gazette, declare that any computer, computer system or computer network to be a protected system.
The appropriate Government may, by order in writing, authorize the persons who are authorized to access protected systems notified under sub-section (1).
Any person who secures access or attempts to secure access to a protected system in contravention of the provision of this section shall be punished with imprisonment of either description for a term which may extend to ten years and shall also be liable to fine.
Penalties:
Punishment: the imprisonment which may extend to ten years and fine.
Section 71: Penalty for misrepresentation
Whoever makes any misrepresentation to, or suppresses any material fact from, the Controller or the Certifying Authority for obtaining any license or Digital Signature Certificate, as the case may be, shall be punished with imprisonment for a term which may extend to two years, or which fine which may extend to one lakh rupees, or with both.
Penalties:
Punishment: imprisonment which may extend to two years
Fine: may extend to one lakh rupees or with both.
Section 72: Penalty for breach of confidentiality and privacy
Save as otherwise provide in this Act or any other law for the time being in force, any person who, in pursuance of any of the powers conferred under this Act, rules or regulation made there under, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both. [42]
Penalties:
Punishment: term which may extend to two years.
Fine: one lakh rupees or with both.
Section 73: Penalty for publishing Digital Signature Certificate false in certain particulars
No person shall publish a Digital Signature Certificate or otherwise make it available to any other person with the knowledge that:
Penalties:
Punishment: imprisonment of a term of which may extend to two years.
Fine: fine may extend to 1 lakh rupees or with both
Section 74: Publication for fraudulent purpose
Whoever knowingly creates publishes or otherwise makes available a Digital Signature Certificate for any fraudulent or unlawful purpose shall be punished with imprisonment for a term which may extend to two years, or with fine which extend to one lakh rupees, or with both.
Penalties:
Punishment: imprisonment for a term up to two years.
Fine: up to one lakh or both.
Section 75: Act to apply for offence or contravention committed outside India
Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any offence or contravention committed outside India by any person irrespective of his nationality. For the purposes of sub-section (1), this Act shall apply to an offence or Contravention committed outside India by any person if the act or conduct constituting the offence or contravention involves a computer, computer system or computer network located in India.[43]
Section 76: Confiscation
Any computer, computer system, floppies, compact disks, tape drives or any other accessories related thereto, in respect of which any provisions of this Act, rules, orders or regulations made there under has been or is being contravened, shall be liable to confiscation
Provided that where it is established to the satisfaction of the court adjudicating the confiscation that the person in whose possession, power or control of any such computer, computer system, floppies, compact disks, tape drives or any other accessories relating thereto is found is not responsible for the contravention of the provisions of this Act, rules orders or regulations made there under, the court may, instead of making an order for confiscation of such computer, computer system, floppies, compact disks, tape drives or any other accessories related thereto, make such other order authorized by this Act against the person contravening of the provisions of this Act, rules, orders or regulations made there under as it may think fit.
Section 77: Penalties or confiscation not to interfere with other punishments
No penalty imposed or confiscation made under this Act shall prevent the imposition of any other punishment to which the person affected thereby is liable under any other law for the time being in force.
Explanation: The aforesaid section lays down a mandatory condition, which states the Penalties or confiscation not to interfere with other punishments to which the person affected thereby is liable under any other law for the time being in force.
Section 78: Power to investigate offences
Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer not below the rank of Deputy Superintendent of Police shall investigate any offence under this Act.
Explanation: The police officer not below the rank of Deputy Superintendent of police shall investigate the offence.
The act was widely criticized on various fronts and due this criticism detailed amendments were brought in the form of IT Amendment Act, 2008. Major of such amendments were the focus on data privacy and information security. Even though legal recognition of digital signatures was already included under the original Act of 2000, but the Amendment Act, 2008 made the digital signature technology-neutral. Along with, the defining of reasonable security practices to be followed by the Corporate, the role of intermediaries was also redefined.
Very importantly, the term cyber cafe was defined under this Act. Offences like child pornography and cyber terrorism were also included is the forms of cybercrimes. Cyber terrorism has been made a heinous cybercrime under this Act and has been defined in the widest possible terms and made punishable with imprisonment which may extend to imprisonment for life and fine.
An important change that has been brought forth by the Amendment Act is that the new amendment has replaced Section 43 with Section 66. Under Section 66 the Word hacking has been removed, but that does not mean that hacking as an offence has been removed; instead hacking still remains an offence by the name of data theft in this section. This section has further been widened in the form of Sections 66A to 66F. 66A deals with the sending of offensive messages through communication service, and causing annoyance to any electronic communication, and also includes the offence of misleading the recipient of the origin of such messages.
Such offences can be punished with imprisonment for 3 years or fine. 66B deals with dishonestly receiving stolen computers or other communication device and such a crime can be punished with three years of imprisonment or fine of Rs.1 Lakh or both. 66C deals with stealing electronic signature or identity such as using another person's password or electronic signature, such an offence can be punished with three years of imprisonment or fine of Rs. 1 lakh or both. Similar is the punishment under section 66D for cheating by personating through computer resource or a communication device. 66E covers the offences relating to privacy violation such as publicly publishing the information about any person's location without prior permission or consent. 66F is great importance as it deals with cyber terrorism.
This Section covers a wide range of offences which can be termed as terrorism; Such as, any act denying access to any authorized person to access the computer in order to hamper the unity, integrity, security or sovereignty of the nation. Further, this section also includes the acts of access to a commuter resource without authorization. It also covers such acts which can lead to any injury to any person or result in damage or destruction of any property, while trying to contaminate the computer through any virus like Trojan etc.
All the offences that are covered under this Section can be punished with life imprisonment. Very importantly, the offences which are covered under section 66 are cognizable and non-bailable.[45]
The major transformation from section 43 of the original act to Section 66 of the Amendment Act is that, that all the offences that were covered under Section 43 gave rise to civil liability which had its remedy in either compensation or damages. But under Section 66 of the Amendment Act if such act is done with criminal intention that is mensrea, then it will attract criminal liability having remedy in imprisonment or fine or both.
Moreover, under Sections 71, 72, 73 of the Information Technology Act 2000 some acts or omissions have been made criminally liable with strict liability e.g. Penalty for breach of confidentiality and privacy, penalty for misrepresentation etc. Section 67 of the original Act dealt with publishing or transmitting obscene material in electronic form but the scope of this section was widened by the amendment which included child pornography under section 67-B and also the act of retention of records by the intermediaries.
And such offences under section 67-A will be punished with conviction of a term up to 3 years and fine of Rs.5 lakh and in case it is the second conviction then conviction will be for five years and fine of Rs.10 Lack or both. But for offence under section 67-B the provision is for stricter conviction which is for 5 years and fine of Rs. 10 lakh or both in case of first conviction, and the same will be increased to 7 years and fine of Rs. 10 lakh in case of second conviction.
An important set of well-intentioned but woefully inadequate provisions are those relating to the protection of data. The absence of a specific law on data protection had, in itself, garnered much criticism both within the country as well as in the context of international transactions and outsourcing. The old Act offered the feeble protection of a single provision (section 43) that dealt with unauthorized access and damage to data. In an attempt to meet industry demands and international market standards, the ITA introduced two sections that address civil and criminal sanctions.
While this exercise understandably falls far short of a comprehensive law relating to data (being squeezed into an omnibus piece of technology related legislation, rather than one geared up only to deal with data), there was considerable anticipation of its role in papering over the existing cracks and provide a workable, if temporary, data protection regime.
The Indian Penal Code, 1860 [46]
Normally referred to as the IPC, this is a very powerful legislation and probably the most widely used in criminal jurisprudence, serving as the main criminal code of India. Enacted originally in 1860 and amended many time since, it covers almost all substantive aspects of criminal law and is supplemented by other criminal provisions. In independent India, many special laws have been enacted with criminal and penal provisions which are often referred to and relied upon, as an additional legal provision in cases which refer to the relevant provisions of IPC as well.
The Indian Penal Code was amended by inserting the word electronic thereby treating the electronic records and documents on a par with physical records and documents. The Sections dealing with false entry in a record or false document etc (e.g. 192, 204, 463, 464, 464, 468 to 470, 471, 474, 476 etc) have since been amended as 'electronic record and electronic document' thereby bringing within the ambit of IPC.
Now, electronic record and electronic documents has been treated just like physical records and documents during commission of acts of forgery or falsification of physical records in a crime. After the above amendment, the investigating agencies file the cases/ charge-sheet quoting the relevant sections from IPC under section 463,464, 468 and 469 read with the ITA/ITAA under Sections 43 and 66 in like offences to ensure the evidence and/or punishment can be covered and proved under either of these or under both legislation.
Offences covered under IPC and Special Laws[47]
Sec.503 IPC: Sending threatening messages by email
Section 503 - Criminal intimidation
Whoever threatens another with any injury to his person, reputation or property, or to the person or reputation of any one in whom that person is interested, with intent to cause alarm to that person, or to cause that person to do any act which he is not legally bound to do, or to omit to do any act which that person is legally entitled to do, as the means of avoiding the execution of such threat, commits criminal intimidation.
Explanation- A threat to insure the reputation of any deceased person in whom the person threatened is interested, is within this section.
Sec. 499 IPC: Sending defamatory messages by email
Section 499 - Defamation
Whoever, by words either spoken or intended to be read, or by signs or by visible representations, makes or publishes any imputation concerning any person intending to harm, or knowing or having reason to believe that such imputation will harm, the reputation of such person, is said, except in the cases hereinafter expected, of defame that person.
Explanation - It may amount to defamation to impute anything to a deceased person, if the imputation would harm the reputation of that person if living, and is intended to be hurtful to the feelings of his family or other near relatives.
Forgery of electronic records, Email spoofing
Sec 463, 464, 468, 469 IPC
Section 463: Forgery
Whoever makes any false documents or electronic record part of a document or electronic record with, intent to cause damage or injury, to the public or to any person, or to support any claim or title, or to cause any person to part with property, or to enter into any express or implied contract, or with intent to commit fraud or that fraud may be committed, commits forgery.
Section 464: Making a false document
A person is said to make a false document or false electronic record-
First-Who dishonestly or fraudulently-
Secondly- Who, without lawful authority, dishonestly or fraudulently, by cancellation or otherwise, alters a document or an electronic record in any material part thereof, after it has been made, executed or affixed with digital signature either by himself or by any other person, whether such person be living or dead at the time of such alteration; or
Thirdly- Who dishonestly or fraudulently causes any person to sign, seal, execute or alter a document or an electronic record or to affix his digital signature on any electronic record knowing that such person by reason of unsoundness of mind or intoxication cannot, or that by reason of deception practiced upon him, he does not know the contents of the document or electronic record or the nature of the alterations.
Section 468: Forgery for purpose of cheating
Whoever commits forgery, intending that the 1[document or Electronic Record] forged shall be used for the purpose of cheating, shall be punished with imprisonment of either description for a term which may extend to seven years, and shall also be liable to fine.
Section 469: Forgery for purpose of harming reputation
Whoever commits forgery, 1[intending that the document or Electronic Record forged] shall harm the reputation of any party, or knowing that it is likely to use for that purpose, shall be punished with imprisonment of either description for a term which may extend to three years, and shall also be liable to fine.
4. Bogus websites, cyber frauds
Sec 420 IPC
Section 420: Cheating and dishonestly inducing delivery of property
Whoever cheats and thereby dishonestly induces the person deceived any property to any person, or to make, alter or destroy the whole or any part of a valuable security, or anything which is signed or sealed, and which is capable of being converted into a valuable security, shall be punished with imprisonment of either description for a term which may extend to seven years, and shall also be liable to fine.
Web-Jacking
Sec. 383 IPC
Section 383: Extortion
Whoever intentionally puts any person in fear of any injury to that person, or to any other, and thereby dishonestly induces the person so put in fear to deliver to any property or valuable security, or anything signed or sealed which may be converted into a valuable security, commits "extortion".
E-Mail Abuse, Online Defamation
Sec.500, 509 IPC
Section 500: Punishment for defamation
Whoever defames another shall be punished with simple imprisonment for a term which may extend to two years, or with fine, or with both.
Section 509: Word, gesture or act intended to insult the modesty of a woman
Whoever, intending to insult the modesty of any woman, utters any word, makes any sound or gesture, or exhibits any object, intending that such word or sound shall be heard, of that such gesture or object shall be seen, by such woman, or intrudes upon the privacy of such woman, shall be punished with simple imprisonment for a term which may extend to one year, or with fine, or with both.
Criminal Intimidation by E-mail or Chat
Sec. 506, 507 IPC
Section 506: Punishment for criminal intimidation
Whoever commits, the offence of criminal intimidation shall be punished with imprisonment of either description for a term which may extend to two years, or with fine, or with both;
If threat be to cause death or grievous hurt, etc.: -And if the threat be to cause death or grievous hurt, or to cause the destruction of any property by fire, or to cause an offence punishable with death or 1[imprisonment for life], or with imprisonment for a term which may extend to seven years, or to impute, unchastity to a woman, shall be punished with imprisonment of either description for a term which may extend to seven years, or with fine, or with both.
Section 507: Criminal intimidation by an anonymous communication
Whoever commits the offence of criminal intimidation by an anonymous communication, or having taken precaution to conceal the name or abode of the person form whom the threat comes, shall be punished with imprisonment of either description for a term which may extend to two years, in addition to the punishment provided for the offence by the last preceding section.
Online sale of Drugs
NDPS Act
Online sale of Arms
Arms Act
Piracy
Sec. 51, 63, 63 B Copyright act
Section 51: When copyright infringed
Copyright in a work shall be deemed to be infringed:
Section 63: Offence of infringement of copyright or other rights conferred by this Act.
Any person who knowingly infringes or abets the infringement of:
Explanation-Construction of a building or other structure which infringes or which, if completed, would infringe the copyright in some other work shall not be an offence under this section.
Section 63A: Enhanced penalty on second and subsequent convictions
Whoever having already been convicted of an offence under section 63 is again convicted of any such offence shall be punishable for the second and for every subsequent offence, with imprisonment for a term which shall not be less than one year but which may extend to three years and with fine which shall not be less than one lakh rupees but which may extend to two lakh rupees:
Provided that where the infringement has not been made for gain in the course of trade or business the court may, for adequate and special reasons to be mentioned in the judgment impose a sentence of imprisonment for a term of less than one year or a fine of less than one lakh rupees: Provided further that for the purposes of this section, no cognizance shall be taken of any conviction made before the commencement of the Copyright (Amendment) Act, 1984.
Section 63B: Knowing use of infringing copy of computer programme to be an offence
Any person who knowingly makes use on a computer of an infringing copy of a computer programme shall be punishable with imprisonment for a term which shall not be less than seven days but which may extend to three years and with fine which shall not be less than fifty thousand rupees but which may extend to two lakh rupees:
Provided that where the computer programme has not been used for gain or in the course of trade or business, the court may, for adequate and special reasons to be mentioned in the judgment, not impose any sentence of imprisonment and may impose a fine which may extend to fifty thousand rupees."
Obscenity
Sec. 292,293,294 IPC, Indecent Representation of Women Act [49]
Section 292: Sale, etc., or obscene books, etc
Section 292A: Printing etc. of grossly indecent or scurrilous matter or matter intended for blackmail
Whoever:
Section 293: Sale, etc., of obscene objects to young person
Whoever sells, lets to hire, distributes, exhibits or circulates to any person under the age of twenty years any such obscene object as is referred to in the last preceding section, or offers or attempts so to do, shall be punished 2[on first conviction with imprisonment of either description for a term which may extend to three years, and with fine which may extend to two thousand rupees, and, in the event of a second or subsequent conviction, with imprisonment of either description for a term which may extend to seven years, and also with fine which may extend to five thousand rupees.
Section 294: Obscene acts and songs
Whoever, to the annoyance of others:
Sec. 378, 379 IPC
Section 378: Theft
Whoever intending to take dishonestly any moveable property out of the possession of any person without that person's consent, moves that property in order to such taking, is said to commit theft.
Section 379: Punishment for theft
Whoever commits theft shall be punished with imprisonment of either description for a term which may extend to three years, or with fine, or with both.
Thus, a sound cyber law training of the Judges and Lawyers is the need of the hour. In short, the dream for an Ideal Cyber Law in India requires a considerable amount of time, money and resources. In the present state of things, it may take five more years to appreciate its application. The good news is that Government has sanctioned a considerable amount as a grant to bring e-governance within the judicial functioning. The need of the hour is to appreciate the difference between mere computerisation and cyber law literacy.
The judges and lawyers must be trained in the contemporary legal issues like cyber law so that their enforcement in India is effective. With all the challenges that India is facing in education and training, e- learning has a lot of answers and needs to be addressed seriously by the countries planners and private industry alike. E-learning can provide education to a large population not having access to it.[52]
The IT Act 2000 attempts to change out-dated laws and provides ways to deal with Cyber crimes. Let's have an overview of the law where it takes a firm stand and has got successful in the reason for which it was framed:
In the present global situation where cyber control mechanisms are important we need to push cyber laws. Cyber Crimes are a new class of crimes to India rapidly expanding due to extensive use of internet. Getting the right lead and making the right interpretation are very important in solving a Cyber crime. The 7 stage continuum of a criminal case starts from perpetration to registration to reporting, investigation, prosecution, adjudication and execution.
The system cannot be stronger than the weakest link in the chain.In India; there are 30 million policemen to train apart from 12,000 strong Judiciary. Police in India are trying to become Cyber crime savvy and hiring people who are trained in the area. Each police station in Delhi will have a computer soon which will be connected to the Head Quarter. The pace of the investigations however can be faster; judicial sensitivity and knowledge need to improve. Focus needs to be on educating the police and district judiciary. IT Institutions can also play a role in this area.
Technology nuances are important in a spam infested environment where privacy can be compromised and individuals can be subjected to become a victim unsuspectingly. We need to sensitize our investigators and judges to the nuances of the system. Most cyber criminals have a counter part in the real world. If loss of property or persons is caused the criminal is punishable under the IPC also. Since the law enforcement agencies find it is easier to handle it under the IPC, IT Act cases are not getting reported and when reported are not necessarily dealt with under the IT Act. A lengthy and intensive process of learning is required. [55]
A whole series of initiatives of cyber forensics were undertaken and cyber law procedures resulted out of it. This is an area where learning takes place every day as we are all beginners in this area. We are looking for solutions faster than the problems can get invented. We need to move faster than the criminals.
The real issue is how to prevent Cyber crime. For this, there is need to raise the probability of apprehension and conviction. India has a law on evidence that considers admissibility, authenticity, accuracy, and completeness to convince the judiciary. The challenge in Cyber crime cases includes getting evidence that will stand scrutiny in a foreign court.
For this India needs total international cooperation with specialized agencies of different countries. Police has to ensure that they have seized exactly what was there at the scene of crime, is the same that has been analyzed and the report presented in court is based on this evidence. It has to maintain the chain of custody. The threat is not from the intelligence of criminals but from our ignorance and the will to fight it. The law is stricter now on producing evidence especially where electronic documents are concerned.
The computer is the target and the tool for the perpetration of crime. It is used for the communication of the criminal activity such as the injection of a virus/worm which can crash entire networks.
The Information Technology (IT) Act, 2000, specifies the acts which have been made punishable. Since the primary objective of this Act is to create an enabling environment for commercial use of I.T., certain omissions and commissions of criminals while using computers have not been included. With the legal recognition of Electronic Records and the amendments made in the several sections of the IPC vide the IT Act, 2000, several offences having bearing on cyber-arena are also registered under the appropriate sections of the IPC.
Survey regarding Cyber crime:
During the year 2003, 60 cases were registered under IT Act as compared to 70 cases during the previous year thereby reporting a decline of 14.3 percent in 2003 over 2002. Of the total 60 cases registered under IT Act 2000, around 33 percent (20 cases) relate to Obscene Publication / Transmission in electronic form, normally known as cases of cyber pornography. 17 persons were arrested for committing such offences during 2003[56].
There were 21 cases of Hacking of computer systems wherein 18 persons were arrested in 2003. Of the total (21) Hacking cases, the cases relating to Loss/Damage of computer resource/utility under Sec 66(1) of the IT Act were to the tune of 62 percent (13 cases) and that related to Hacking under Section 66(2) of IT Act were 38 percent (8cases).
During 2003, a total of 411 cases were registered under IPC Sections as compared to 738 such cases during 2002 thereby reporting a significant decline of 44 percent in 2003 over 2002[57. Andhra Pradesh reported more than half of such cases (218 out of 411) (53 percent).
Though, these offences fall under the traditional IPC crimes, the cases had the cyber tones wherein computer, Internet or its related aspects were present in the crime and hence they were categorized as Cyber Crimes under IPC.
During 2003, number of cases under Cyber Crimes relating to Counterfeiting of currency/Stamps stood at 53 wherein 118 persons were arrested during 2003. Of the 47,478 cases reported under Cheating, the Cyber Forgery (89) accounted for 0.2 per cent. Of the total Criminal Breach of Trust cases (13,432), the Cyber frauds (269) accounted for 2 percent. Of the Counterfeiting offences (2,055), Cyber Counterfeiting (53) offences accounted for 2.6 percent.
A total of 475 persons were arrested in the country for Cyber Crimes under IPC during 2003. Of these, 53.6 percent offenders (255) were taken into custody for offences under Criminal Breach of Trust/Fraud (Cyber) and 21.4 percent (102) for offences under Cyber Forgery.
The age-wise profile of the arrested persons showed that 45 percent were in the age-group of 30-45 years, 28.5 percent of the offenders were in the age-group of 45-60 years and 11 offenders were aged 60 years and above. Gujarat reported 2 offenders who were below 18 years of age[58].
Cyber crime is not on the decline. The latest statistics show that Cyber crime is actually on the rise. However, it is true that in India, Cyber crime is not reported too much about. Consequently there is a false sense of complacency that Cyber crime does not exist and that society is safe from Cyber crime. This is not the correct picture. The fact is that people in our country do not report Cyber crimes for many reasons. Many do not want to face harassment by the police. There is also the fear of bad publicity in the media, which could hurt their reputation and standing in society. Also, it becomes extremely difficult to convince the police to register any Cyber crime, because of lack of orientation and awareness about Cyber crimes and their registration and handling by the police.
A recent survey indicates that for every 500 Cyber crime incidents that take place, only 50 are reported to the police and out of that only one is actually registered. These figures indicate how difficult it is to convince the police to register a Cyber crime. The establishment of Cyber crime cells in different parts of the country was expected to boost Cyber crime reporting and prosecution[59]. However, these cells haven't quite kept up with expectations. Netizens should not be under the impression that Cyber crime is vanishing and they must realize that with each passing day, cyberspace becomes a more dangerous place to be in, where criminals roam freely to execute their criminals intentions encouraged by the so- called anonymity that internet provides.
The absolutely poor rate of Cyber crime conviction in the country has also not helped the cause of regulating Cyber crime. There have only been few Cyber crime convictions in the whole country[60], which can be counted on fingers. We need to ensure that we have specialized procedures for prosecution of Cyber crime cases so as to tackle them on a priority basis,. This is necessary so as to win the faith of the people in the ability of the system to tackle Cyber crime. We must ensure that our system provides for stringent punishment of Cyber crimes and cyber criminals so that the same acts as a deterrent for others.[61]
Threat Perceptions
UK has the largest number of infected computers in the world followed by the US and China. Financial attacks are 16 events per 1000, the highest among all kinds of attacks. The US is the leading source country for attacks but this has declined. China is second and Germany is third. It is hard to determine where the attack came from originally.
The number of viruses and worm variants rose sharply to 7,360 that is a 64% increase over the previous reporting period and a 332% increase over the previous year. There are 17,500 variants of Win.32 viruses[62]. Threats to confidential information are on the rise with 54% of the top 50 reporting malicious code with the potential to expose such information[63]. Phishing messages grew to 4.5 million from 1 million between July and December 2004.
Some Indian Case Studies:
There have been various cases that have been reported in India and which have a bearing upon the growth and revolution of Cyber law in India. The present page encapsulates some of the important landmark cases that have impacted the evolution and growth of Cyber law jurisprudence in India.
The following are some of the important cases impacting the growth of Cyber law in India:
Pune Citibank Mphasis Call Center Fraud
US $ 3,50,000 from accounts of four US customers were dishonestly transferred to bogus accounts. This will give a lot of ammunition to those lobbying against outsourcing in US. Such cases happen all over the world but when it happens in India it is a serious matter and we cannot ignore it. It is a case of sourcing engineering. Some employees gained the confidence of the customer and obtained their PIN numbers to commit fraud. They got these under the guise of helping the customers out of difficult situations. Highest security prevails in the call centers in India as they know that they will lose their business. There was not as much of breach of security but of sourcing engineering.
The call center employees are checked when they go in and out so they cannot copy down numbers and therefore they could not have noted these down. They must have remembered these numbers, gone out immediately to a cyber café and accessed the Citibank accounts of the customers.
All accounts were opened in Pune and the customers complained that the money from their accounts was transferred to Pune accounts and that's how the criminals were traced. Police has been able to prove the honesty of the call center and has frozen the accounts where the money was transferred.
There is need for a strict background check of the call center executives. However, best of background checks cannot eliminate the bad elements from coming in and breaching security. We must still ensure such checks when a person is hired. There is need for a national ID and a national data base where a name can be referred to. In this case preliminary investigations do not reveal that the criminals had any crime history. Customer education is very important so customers do not get taken for a ride. Most banks are guilt of not doing this.
Bazee.com case
CEO of Bazee.com was arrested in December 2004 because a CD with objectionable material was being sold on the website. The CD was also being sold in the markets in Delhi. The Mumbai city police and the Delhi Police got into action. The CEO was later released on bail. This opened up the question as to what kind of distinction do we draw between Internet Service Provider and Content Provider. The burden rests on the accused that he was the Service Provider and not the Content Provider. It also raises a lot of issues regarding how the police should handle the Cyber crime cases and a lot of education is required.
State of Tamil Nadu VsSuhasKatti
The Case of SuhasKatti is notable for the fact that the conviction was achieved successfully within a relatively quick time of 7 months from the filing of the FIR. Considering that similar cases have been pending in other states for a much longer time, the efficient handling of the case which happened to be the first case of the Chennai Cyber Crime Cell going to trial deserves a special mention.
The case related to posting of obscene, defamatory and annoying message about a divorcee woman in the yahoo message group. E-Mails were also forwarded to the victim for information by the accused through a false e-mail account opened by him in the name of the victim.
The posting of the message resulted in annoying phone calls to the lady in the belief that she was soliciting.
Based on a complaint made by the victim in February 2004, the Police traced the accused to Mumbai and arrested him within the next few days. The accused was a known family friend of the victim and was reportedly interested in marrying her. She however married another person.
This marriage later ended in divorce and the accused started contacting her once again. On her reluctance to marry him, the accused took up the harassment through the Internet. On 24-3-2004 Charge Sheet was filed u/s 67 of IT Act 2000, 469 and 509 IPC before The Hon'ble Addl. CMM Egmore by citing 18 witnesses and 34 documents and material objects.
The same was taken on file in C.C.NO.4680/2004. On the prosecution side 12 witnesses were examined and entire documents were marked as Exhibits. The Defense argued that the offending mails would have been given either by ex-husband of the complainant or the complainant herself to implicate the accused as accused alleged to have turned down the request of the complainant to marry her.
Further the Defence counsel argued that some of the documentary evidence was not sustainable under Section 65 B of the Indian Evidence Act. However, the court relied upon the expert witnesses and other evidence produced before it, including the witnesses of the Cyber Cafe owners and came to the conclusion that the crime was conclusively proved.
The Ld. Additional Chief Metropolitan Magistrate, Egmore, delivered the judgment on 5-11-04 as follows:
The accused is found guilty of offences under section 469, 509 IPC and 67 of IT Act 2000 and the accused is convicted and is sentenced for the offence to undergo RI for 2 years under 469 IPC and to pay fine of Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1 year Simple imprisonment and to pay fine of Rs.500/- and for the offence u/s 67 of IT Act 2000 to undergo RI for 2 years and to pay fine of Rs.4000/- All sentences to run concurrently.
The accused paid fine amount and he was lodged at Central Prison, Chennai. This is considered as the first case convicted under section 67 of Information Technology Act 2000 in India.
The Bank NSP Case
The Bank NSP case is the one where a management trainee of the bank was engaged to be married. The couple exchanged many emails using the company computers. After some time the two broke up and the girl created fraudulent email ids such as Indian bar associations and sent emails to the boy's foreign clients. She used the banks computer to do this. The boy's company lost a large number of clients and took the bank to court. The bank was held liable for the emails sent using the bank's system.
SMC Pneumatics (India) Pvt. Ltd. v. JogeshKwatra[64]
In India's first case of cyber defamation, a Court of Delhi assumed jurisdiction over a matter where a corporate's reputation was being defamed through emails and passed an important ex-parte injunction. In this case, the defendant Jogesh Kwatra being an employ of the plaintiff company started sending derogatory, defamatory, obscene, vulgar, filthy and abusive emails to his employers as also to different subsidiaries of the said company all over the world with the aim to defame the company and its Managing Director Mr. R K Malhotra. The plaintiff filed a suit for permanent injunction restraining the defendant from doing his illegal acts of sending derogatory emails to the plaintiff.
Gaurav Rajeshkumar Sharma vs State Of Gujarat (2020)[65] The present application is filed under Section 439 of the Code of Criminal Procedure, 1973, for regular bail in connection with FIR being C.R.No.I3 of 2019 registered with Cyber Crime Police Station, Surat City for offence under Sections 406, 419, 420, 465, 467, 468, 471, 120B of the Indian Penal Code and Sections 66C, 66D of the Information Technology (Amendment) Act.
Learned Advocate appearing on behalf of the applicant submits that considering the nature of the offence, the applicant may be enlarged on regular bail by imposing suitable conditions. Learned Public Prosecutor appearing on behalf of the respondent State has opposed grant of regular bail looking to the nature and gravity of the offence. Learned Advocates appearing on behalf of the respective parties do not press for further reasoned order.
Muniyasamy vs The Principal Secretary (2020)[66] The detaining authority on being satisfied with the materials placed by the sponsoring authority that the activities of the detenu are prejudicial to the maintenance of public order and public health, clamped the order of detention and making a challenge to the same, the present Habeas Corpus Petition has been filed by the petitioner.
We have heard Mr.R.Alagumani, learned counsel appearing for the petitioner and Mr.K.Dinesh Babu, learned Additional Public Prosecutor appearing for the respondents and perused the materials available on record. Learned counsel appearing for the petitioner has drawn the attention of this Court to Paragraph No.5 of the grounds of detention and would submit that the detenu Santhanam has been granted conditional bail in the first and second adverse cases in Madurai City Prohibition Enforcement and in the ground case in Madurai City Prohibition Enforcement Wing Crime No.568 of 2019 by the learned Judicial Magistrate No.IV, Madurai, in Cr.M.P.No.3952 of 2019, on 09.09.2019 and he is still in remand in the said case, as he has not produced the required sureties before the Courts concerned as ordered in the bail orders.
However, in order to scuttle the grant of bail by the Judicial Magistrate Courts and to defeat the order passed by the Judicial Magistrate Courts, the impugned order of detention has been passed, which is unjustified and impermissible in law, hence, the impugned order of detention is liable to be quashed. In support of his submission, the learned counsel appearing for the petitioner has relied upon an unreported decision of this Court dated 05.07.2018 made in H.C.P.(MD) No.948 of 2018 in the matter of Selvakumar v. The Secretary to Government, State of Tamil Nadu and two others.
The relevant portion of the order runs thus: The order of detention reflects a most blatant attempt to scuttle the grant of bail by this Court to the detenu and defeat the order passed by this Court. The detention order dated 27.06.2018 informs that the detenu has been granted bail on the very same date under orders in Crl.O.P.(MD) No.9959 of 2018, on 27.06.2018 and thereafter proceeds to state that the detenu has not produced sureties, as ordered by this Court.
Ritesh Kanojiya vs The State Of Madhya Pradesh (2020)[67] This is first application under Section 439 of the Cr.P.C. for grant of bail. Applicant Ritesh Kanojiya was arrested on 09/12/2019 in connection with Crime No.270/2019 registered at Police Station State Cyber Crime Zone, Rampur, District Jabalpur (M.P.) for the offence punishable under Sections 419, 465, 471, 120-B of the IPC and Section 66-C, 66-D of the I.T. Act.
As per the prosecution case, complainant Mohd. Imranulahak filed a written complaint on 05/12/2019 before Superintendent of Police, Jabalpur averring that he is a resident of Ansar Nagar, Chopda Gohalpur Jabalpur and does the business of photocopy and railway tickets in the name of I.A. Services. His shop is situated at Adhartal near ICICI Bank. He also procured a shop Establishment Certificate from Jabalpur Municipal Corporation in the year 2016.
He never did the business of selling mobile SIMs. Somebody had stolen his identification document and by using that document got 50 SIMs of Vodafone company. On that, police inquired about the matter. During the inquiry, it was found that co-accused Ashfaq Ahmed acquired the copy of the shop Establishment Certificate of complainant's shop and the copy of his Aadhar Card. Thereafter, co-accused Ashfaq Ahmed in connivance with co-accused Rohit Bajaj wrongly issued SIMs in the name of complainant Mohd. Imranulahak based on those documents.
Thereafter, co-accused Ashfaq Ahmed sold those SIMs to co-accused Akash Ahirwar and Amit Soni. It is further averred that co-accused Amit Soni also made a fake firm in Digitally signed by ANURAG SONI Date: 25/02/2020 16:02:31 2 MCRC-54513-2019 the name of Amit Mobile Agency and also got the shop Establishment Certificate in the name of that firm from Municipal Corporation, Jabalpur.
Applicant Ritesh Kanojiya wrongly gave a certificate to the effect that he physically verified that shop while that shop was not in existence and issued SIMs of Vodafone company to Amit Mobile Agency. Co-accused Amit Soni and Akash Ahirvar sold those SIMs to co-accused Nishant Patel and he sold those SIMs to various persons. It is also alleged that those SIMs were used by the criminals in cyber crimes for committing fraud with the various persons. On that Police arrested the applicant 09/12/2019.
Amit Soni vs The State Of Madhya Pradesh (2020)[68]
This is second application under Section 439 of the Cr.P.C. for grant of bail. Applicant Amit Soni was arrested on 09/12/2019 in connection with Crime No.270/2019 registered at Police Station State Cyber Crime Zone, Rampur, District Jabalpur (M.P.) for the offence punishable under Sections 419, 465, 471, 120-B of the IPC and Section 66-C, 66-D of the I.T. Act.
The earlier bail application filed by the applicant was dismissed on merit by this Court vide order dated 29/01/2020 passed in M.Cr.C.No.53797/2019. As per the prosecution case, complainant Mohd. Imranulahak filed a written complaint on 05/12/2019 before Superintendent of Police, Jabalpur averring that he is a resident of Ansar Nagar, Chopda Gohalpur Jabalpur and does the business of photocopy and railway tickets in the name of I.A. Services. His shop is situated at Adhartal near ICICI Bank. He also procured a shop Establishment Certificate from Jabalpur Municipal Corporation in the year 2016. He never did the business of selling mobile SIMs. Somebody had stolen his identification document and by using that document got 50 SIMs of Vodafone company.
On that, police inquired about the matter. During the inquiry, it was found that co-accused Ashfaq Ahmed acquired the copy of the shop Establishment Certificate of complainant'€™s shop and the copy of his Aadhar Card. Thereafter, co-accused Ashfaq Ahmed in connivance with co-accused Rohit Bajaj wrongly issued SIMs in the name of complainant Mohd. Imranulahak based on those documents.
M/S Spentex Industries Ltd. & Anr. vs. Pulak Chowdhary (2019)[69] send you the D&B; downgrading their report now don't worry I told you they are not eligible for any kindness. The mobile transcripts, SMS copies, audio tapes, Mr. Mukund's Handwritten letter, Confessions of various agencies in writing, Emails from Mr. Sanjay, and Mr. Mukund, Security register of our society, attempt to murder of mine I have tons od evidence which are sufficient to book these people even they have violated the privacy and secrecy of mine in front of you in Bumi International hotel, I am still in no mood to harm the entire group but to this few individual who acted over smart (they should not take it my weakness first commercially try to finish my organisation I will see how many people they will buy) breach the service contract from day one and all the Press brief have full proprietary rights of Parul Sona International and you need not to scare them with all my commercial, professional and security and safety I requested to send it.
I will see now who will come for their rescue trying to my nokia cell phone to detet the SMS, all feedback report from day one to day last I have copied even they hacked by password of id [email protected] an offence in IT act 2000.
Gundu vs The Principal Secretary (2020)[70] The Hon'ble Apex Court in Rekha v. State of T.N. [71]reported in (2011) 5 SCC 244 has ruled that the preventive detention is, by nature repugnant to democratic ideas and an anathema to the rule of law. No such law exists in the USA and in England (except during war time). It may be mentioned herein that in cases of preventive detention no offence is proved and the justification of such detention is suspicion or reasonable probability, and there is no conviction, which can only be warranted by legal evidence.
When the detaining authority passes the order of detention on subjective satisfaction, as per clause (3) of Article 22 the detenu is not entitled to a lawyer or the right to be produced before a Magistrate within 24 hours arrest. Such Article excludes the applicability of clauses (1) and (2). However, to prevent misuse of this potentially dangerous power the law of preventive detention has to be strictly construed and meticulous compliance with the procedural safeguards, however technical, is, in our opinion, mandatory and vital.
The exclusion of applicability of clauses (1) and (2) of Article 22 does not mean that the arrest of detenu should not be informed to his family members, which is sine qua non, therefore, the non-compliance would vitiate the very detention itself. Applying this ratio here, we hold that the non- compliance of the mandatory condition that the family members of the detenu should be informed of his arrest having not been done in this case, would vitiate the very detention itself.
Accordingly, on this sole ground, the detention order is liable to fall. In the result, the Habeas Corpus Petition is allowed by setting aside the Order of Detention passed by the second respondent herein, namely, the District Magistrate and District Collector, Dindigul District, in Detention Order No.32/2019 dated 18.06.2019. Consequently, the detenu, namely, Maruthupandi, son of Gundu, aged about 23 years.
M/ S. Heera Gold Exim Private... vs The State Of Telangana (2019)[72] Brief facts of the case are that the 2nd petitioner is the Managing Director of the 1st petitioner Company, which was incorporated under the Companies Act, 1956, dealing with Jewellery and articles of gold and investment from the investors in the company and as against the investment made by the investors, they would get 36% of the dividend on the invested amount.
The 1st petitioner company is solvent, it has accepted the investments from the various investors and the same were received by the company through bank and the dividends and payments are usually made after the maturity through bank only to its investors and there is no provision for acceptance of the investment by way of cash under the Memorandum of Articles of the 1st petitioner company.
Since for the last 15 years, the 1st petitioner company has been paying the dividends and the maturity amounts to the respective investors for which there are no complaints whatsoever. It is also stated that the 1st petitioner company also accepted the investment not only from all over India, but also from the investors of the other Countries and the 1st petitioner company has been successfully and honestly dealing with the investors. When the investment was made by the investors, the company issued certificate and enters with an arrangement comprising terms and conditions and accordingly the lock-in period for such investment was one year and also two years and the dividends for the investments to be payable to the investors once in a month.
It is also stated that many investors of the 1st petitioner company have earned more dividends than the actual capital amount which they invested with the company. It is stated that few months prior to filing of the complaints by the investors there was a delay for payment of the dividends due to the fact that there is some unexpected down flow in the market, as a result of which, the 1st petitioner company has decided to pay the dividends to its investors once in three months and the said factum has been intimated to the respective investors. In view of the delay in payment of dividends, some hyper-sensitive investors demanded for refund of the investment made by them with the 1st petitioner company.
As per the arrangement and contracted terms and conditions, the investment cannot be refunded to its customers after the expiry of the lock-in period and the investors have to make an application as per the terms and conditions of the agreement entered with the 1st petitioner company and then only the investments will be refunded. But, some of the investors decided not to follow the terms of the agreement i.e., insofar as the people, who have invested are concerned, from Telangana only nine persons lodged complaints to the various police stations i.e., respondent Nos.6 to 10 in W.P.No.5449 of 2019 and respondent No.5 in W.P.No.7950 of 2019.
It is also stated that on receipt of the said complaints, the aforesaid crimes came to be registered. In view of registration of aforesaid crimes the news was spread over in other States of India and other investors lodged various complaints in various police stations in various States i.e., State of Andhra Pradesh, State of Karnataka, State of Maharashtra and State of Kerala etc.
By virtue of the aforesaid false complaints, which were lodged and registered by the police, the 1st petitioner company is not able to function its day-to-day affairs as the Managing Director, who is the 2nd petitioner herein, was arrested on 15.10.2018 in Crime No.170 of 2018 and languished in Chenchalguda Jail. It is also submitted that no single pie has been misused by the 1st petitioner company nor any misappropriation has been done and it is functioning smoothly, but by virtue of lodging false complaints, the 1st petitioner company is not in a position to look after the day-to-day affairs and functions.
It is also stated that the 2nd petitioner got bail in one case, and before releasing from the said crime, the police has shown her arrest in another crime under P.T. Warrant, which is quite contrary to Cr.P.C. It is stated that the bail has been granted to the 2nd petitioner in Crime No.170 of 2018 and even before her being released from the jail, the 2nd petitioner was once again arrested in other case, therefore, she was not in a position to come out from the jail for one reason or the other and the 2nd petitioner is not in a position to make any bail application in the case.
It is also stated that the aim of the 1st petitioner company is social good and the income which was derived by the 1st petitioner company was used for the purpose of education, habitation, food and other basic necessities of orphan Muslim girls and that scholarships were also given to the students, who are brilliant and belong to poor families.
The 1st petitioner company is located at Hyderabad and 2nd petitioner is permanent resident of H.No.9-4-134/A/5/23/1, 5th Floor, HS Residency, Vali Colony, Golconda, Hyderabad, and she is a law abiding citizen, social worker and she has been working for the uplift of minority Muslim women and she is also the President of Madarsa-e-Niswan- Isha-Atul-Islam-Urdu, an Arabic Development Society.
It is also stated that the 2nd petitioner launched a political party by name All India Mahila Empowerment Party in the State of Telangana, by virtue of good reputation in the Muslim Community. The existing Muslim leader, who belongs to political party AIMIM namely Asaduddin Owaisi, lodged a false complaint vide F.I.R.No.154 of 2012 dated 14.08.2012 on the file of the Additional Director General of Police, Law and Order, for the offences punishable under Sections 420 and 406 of I.P.C., and ultimately the police has filed a report stating that it is a false complaint.
It is stated that if the party launched by the 2nd petitioner contest in the State General Elections in 2018, it would be an impediment to the AIMIM party and this would divide the votes between both the parties, in which event the said AIMIM party may be defeated.
However, as against the said complaint, the 2nd petitioner filed a suit for defamation vide O.S.No.835 of 2017, which is pending before the Chief Judge, City Civil Court, Hyderabad. Therefore, the complaints, which were filed by respondent Nos.12 to 15 in W.P.No.5449 of 2019 and respondent Nos.8 to 10 in W.P.No.7950 of 2019, with various police stations are not entertainable as the police have no jurisdiction to register the said complaints, investigate into the matters and to arrest the 2nd petitioner.
All the complaints describe the company and investor relationship, therefore, if any investor has any grievance with regard to the investment made by him, he should have approached the appropriate and competent authority i.e., Registrar of Companies only and if assuming that any fraud has been done by the 1st petitioner company, the investor should have approached the Serious Fraud Investigation Office, therefore, the police has no authority to entertain and register the complaint, which fall under the purview of the Companies Act, 2013. Hence, the present writ petitions are filed aggrieved by the action of the police in registering the aforesaid crimes.
M/S. Heera Gold Exim Private... vs The State Of Telangana, on 23 December, 2019[73] Brief facts of the case are that the 2nd petitioner is the Managing Director of the 1st petitioner Company, which was incorporated under the Companies Act, 1956, dealing with Jewellery and articles of gold and investment from the investors in the company and as against the investment made by the investors, they would get 36% of the dividend on the invested amount.
The 1st petitioner company is solvent, it has accepted the investments from the various investors and the same were received by the company through bank and the dividends and payments are usually made after the maturity through bank only to its investors and there is no provision for acceptance of the investment by way of cash under the Memorandum of Articles of the 1st petitioner company. Since for the last 15 years, the 1st petitioner company has been paying the dividends and the maturity amounts to the respective investors for which there are no complaints whatsoever.
It is also stated that the 1st petitioner company also accepted the investment not only from all over India, but also from the investors of the other Countries and the 1st petitioner company has been successfully and honestly dealing with the investors. When the investment was made by the investors, the company issued certificate and enters with an arrangement comprising terms and conditions and accordingly the lock-in period for such investment was one year and also two years and the dividends for the investments to be payable to the investors once in a month. It is also stated that many investors of the 1st petitioner company have earned more dividends than the actual capital amount which they invested with the company.
It is stated that few months prior to filing of the complaints by the investors there was a delay for payment of the dividends due to the fact that there is some unexpected down flow in the market, as a result of which, the 1st petitioner company has decided to pay the dividends to its investors once in three months and the said factum has been intimated to the respective investors. In view of the delay in payment of dividends, some hyper-sensitive investors demanded for refund of the investment made by them with the 1st petitioner company.
As per the arrangement and contracted terms and conditions, the investment cannot be refunded to its customers after the expiry of the lock-in period and the investors have to make an application as per the terms and conditions of the agreement entered with the 1st petitioner company and then only the investments will be refunded. But, some of the investors decided not to follow the terms of the agreement i.e., insofar as the people, who have invested are concerned, from Telangana only nine persons lodged complaints to the various police stations i.e., respondent Nos.6 to 10 in W.P.No.5449 of 2019 and respondent No.5 in W.P.No.7950 of 2019. It is also stated that on receipt of the said complaints, the aforesaid crimes came to be registered.
In view of registration of aforesaid crimes the news was spread over in other States of India and other investors lodged various complaints in various police stations in various States i.e., State of Andhra Pradesh, State of Karnataka, State of Maharashtra and State of Kerala etc. By virtue of the aforesaid false complaints, which were lodged and registered by the police, the 1st petitioner company is not able to function its day-to-day affairs as the Managing Director, who is the 2nd petitioner herein, was arrested on 15.10.2018 in Crime No.170 of 2018 and languished in Chenchalguda Jail.
It is also submitted that no single pie has been misused by the 1st petitioner company nor any misappropriation has been done and it is functioning smoothly, but by virtue of lodging false complaints, the 1st petitioner company is not in a position to look after the day-to-day affairs and functions.
It is also stated that the 2nd petitioner got bail in one case, and before releasing from the said crime, the police has shown her arrest in another crime under P.T. Warrant, which is quite contrary to Cr.P.C. It is stated that the bail has been granted to the 2nd petitioner in Crime No.170 of 2018 and even before her being released from the jail, the 2nd petitioner was once again arrested in other case, therefore, she was not in a position to come out from the jail for one reason or the other and the 2nd petitioner is not in a position to make any bail application in the case. It is also stated that the aim of the 1st petitioner company is social good and the income which was derived by the 1st petitioner company was used for the purpose of education, habitation, food and other basic necessities of orphan Muslim girls and that scholarships were also given to the students, who are brilliant and belong to poor families.
The 1st petitioner company is located at Hyderabad and 2nd petitioner is permanent resident of H.No.9-4-134/A/5/23/1, 5th Floor, HS Residency, Vali Colony, Golconda, Hyderabad, and she is a law abiding citizen, social worker and she has been working for the uplift of minority Muslim women and she is also the President of Madarsa-e-Niswan- Isha-Atul-Islam-Urdu, an Arabic Development Society. It is also stated that the 2nd petitioner launched a political party by name All India Mahila Empowerment Party in the State of Telangana, by virtue of good reputation in the Muslim Community.
The existing Muslim leader, who belongs to political party AIMIM namely Asaduddin Owaisi, lodged a false complaint vide F.I.R.No.154 of 2012 dated 14.08.2012 on the file of the Additional Director General of Police, Law and Order, for the offences punishable under Sections 420 and 406 of I.P.C., and ultimately the police has filed a report stating that it is a false complaint.
It is stated that if the party launched by the 2nd petitioner contest in the State General Elections in 2018, it would be an impediment to the AIMIM party and this would divide the votes between both the parties, in which event the said AIMIM party may be defeated. However, as against the said complaint, the 2nd petitioner filed a suit for defamation vide O.S.No.835 of 2017, which is pending before the Chief Judge, City Civil Court, Hyderabad.
Therefore, the complaints, which were filed by respondent Nos.12 to 15 in W.P.No.5449 of 2019 and respondent Nos.8 to 10 in W.P.No.7950 of 2019, with various police stations are not entertainable as the police have no jurisdiction to register the said complaints, investigate into the matters and to arrest the 2nd petitioner. All the complaints describe the company and investor relationship, therefore, if any investor has any grievance with regard to the investment made by him, he should have approached the appropriate and competent authority i.e., Registrar of Companies only and if assuming that any fraud has been done by the 1st petitioner company, the investor should have approached the Serious Fraud Investigation Office, therefore, the police has no authority to entertain and register the complaint, which fall under the purview of the Companies Act, 2013. Hence, the present writ petitions are filed aggrieved by the action of the police in registering the aforesaid crimes.
On behalf of the plaintiffs it was contended that the emails sent by the defendant were distinctly obscene, vulgar, abusive, intimidating, humiliating and defamatory in nature. Counsel further argued that the aim of sending the said emails was to malign the high reputation of the plaintiffs all over India and the world.
He further contended that the acts of the defendant in sending the emails had resulted in invasion of legal rights of the plaintiffs. Further the defendant is under a duty not to send the aforesaid emails. It is pertinent to note that after the plaintiff company discovered the said employ could be indulging in the matter of sending abusive emails, the plaintiff terminated the services of the defendant.
After hearing detailed arguments of Counsel for Plaintiff, Hon'ble Judge of the Delhi High Court passed an ex-parte ad interim injunction observing that a prima facie case had been made out by the plaintiff. Consequently, the Delhi High Court restrained the defendant from sending derogatory, defamatory, obscene, vulgar, humiliating and abusive emails either to the plaintiffs or to its sister subsidiaries all over the world including their Managing Directors and their Sales and Marketing departments. Further, Hon'ble Judge also restrained the defendant from publishing, transmitting or causing to be published any information in the actual world as also in cyberspace which is derogatory or defamatory or abusive of the plaintiffs.
This order of Delhi High Court assumes tremendous significance as this is for the first time that an Indian Court assumes jurisdiction in a matter concerning cyber defamation and grants an ex-parte injunction restraining the defendant from defaming the plaintiffs by sending derogatory, defamatory, abusive and obscene emails either to the plaintiffs or their subsidiaries.
Parliament Attack Case
Bureau of Police Research and Development at Hyderabad had handled some of the top cyber cases, including analyzing and retrieving information from the laptop recovered from terrorist, who attacked Parliament. The laptop which was seized from the two terrorists, who were gunned down when Parliament was under siege on December 13 2001, was sent to Computer Forensics Division of BPRD after computer experts at Delhi failed to trace much out of its contents.
The laptop contained several evidences that confirmed of the two terrorists' motives, namely the sticker of the Ministry of Home that they had made on the laptop and pasted on their ambassador car to gain entry into Parliament House and the fake ID card that one of the two terrorists was carrying with a Government of India emblem and seal.
The emblems (of the three lions) were carefully scanned and the seal was also craftily made along with residential address of Jammu and Kashmir. But careful detection proved that it was all forged and made on the laptop.
Andhra Pradesh Tax Case
Dubious tactics of a prominent businessman from Andhra Pradesh was exposed after officials of the department got hold of computers used by the accusedperson. The owner of a plastics firm was arrested and Rs 22 crore cash was recovered from his house by sleuths of the Vigilance Department.
They sought an explanation from him regarding the unaccounted cash within 10 days. The accused person submitted 6,000 vouchers to prove the legitimacy of trade and thought his offence would go undetected but after careful scrutiny of vouchers and contents of his computers it revealed that all of them were made after the raids were conducted. It later revealed that the accused was running five businesses under the guise of one company and used fake and computerized vouchers to show sales records and save tax.
Sony.Sambandh.Com Case
India saw its first Cyber crime conviction recently. It all began after a complaint was filed by Sony India Private Ltd, which runs a website called www.sony-sambandh.com, targeting Non Resident Indians. The website enables NRIs to send Sony products to their friends and relatives in India after they pay for it online.
The company undertakes to deliver the products to the concerned recipients. In May 2002, someone logged onto the website under the identity of Barbara Camp and ordered a Sony Color Television set and a cordless head phone.
She gave her credit card number for payment and requested that the products be delivered to ArifAzim in Noida. The payment was duly cleared by the credit card agency and the transaction processed. After following the relevant procedures of due diligence and checking, the company delivered the items to ArifAzim. At the time of delivery, the company took digital photographs showing the delivery being accepted by ArifAzim.
The transaction closed at that, but after one and a half months the credit card agency informed the company that this was an unauthorized transaction as the real owner had denied having made the purchase. The company lodged a complaint for online cheating at the Central Bureau of Investigation which registered a case under Section 418, 419 and 420 of the Indian Penal Code.
The matter was investigated into and ArifAzim was arrested. Investigations revealed that ArifAzim, while working at a call center in Noida gained access to the credit card number of an American national which he misused on the company's site.CBI recovered the colour television and the cordless head phone.
In this matter, the CBI had evidence to prove their case and so the accused admitted his guilt. The court convicted ArifAzim under Section 418, 419 and 420 of the Indian Penal Code — this being the first time that a Cyber crime has been convicted.
The court, however, felt that as the accused was a young boy of 24 years and a first-time convict, a lenient view needed to be taken. The court therefore released the accused on probation for one year.
The judgment is of immense significance for the entire nation. Besides being the first conviction in a Cyber crime matter, it has shown that the Indian Penal Code can be effectively applied to certain categories of Cyber crimes which are not covered under the Information Technology Act 2000. Secondly, a judgment of this sort sends out a clear message to all that the law cannot be taken for a ride.
Nasscom vs. Ajay Sood & Others
In a landmark judgment in the case of National Association of Software and Service Companies vs. Ajay Sood& Others, delivered in March, '05, the Delhi High Court declared `phishing' on the internet to be an illegal act, entailing an injunction and recovery of damages.
Elaborating on the concept of 'phishing', in order to lay down a precedent in India, the court stated that it is a form of internet fraud where a person pretends to be a legitimate association, such as a bank or an insurance company in order to extract personal data from a customer such as access codes, passwords, etc. Personal data so collected by misrepresenting the identity of the legitimate party is commonly used for the collecting party's advantage. Court also stated, by way of an example, that typical phishing scams involve persons who pretend to represent online banks and siphon cash from e-banking accounts after conning consumers into handing over confidential banking details.
The Delhi HC stated that even though there is no specific legislation in India to penalise phishing, it held phishing to be an illegal act by defining it under Indian law as a misrepresentation made in the course of trade leading to confusion as to the source and origin of the e-mail causing immense harm not only to the consumer but even to the person whose name, identity or password is misused. The court held the act of phishing as passing off and tarnishing the plaintiff's image. The plaintiff in this case was the National Association of Software and Service Companies (Nasscom), India's premier software association.
The defendants were operating a placement agency involved in head-hunting and recruitment. In order to obtain personal data, which they could use for purposes of head- hunting, the defendants composed and sent e-mails to third parties in the name of Nasscom. The high court recognized the trademark rights of the plaintiff and passed an ex-parte ad- interim injunction restraining the defendants from using the trade name or any other name deceptively similar to Nasscom. The court further restrained the defendants from holding themselves out as being associates or a part of Nasscom.
The court appointed a commission to conduct a search at the defendants' premises. Two hard disks of the computers from which the fraudulent e-mails were sent by the defendants to various parties were taken into custody by the local commissioner appointed by the court. The offending e-mails were then downloaded from the hard disks and presented as evidence in court.
During the progress of the case, it became clear that the defendants in whose names the offending e-mails were sent were fictitious identities created by an employee on defendants' instructions, to avoid recognition and legal action.
On discovery of this fraudulent act, the fictitious names were deleted from the array of parties as defendants in the case. Subsequently, the defendants admitted their illegal acts and the parties settled the matter through the recording of a compromise in the suit proceedings. According to the terms of compromise, the defendants agreed to pay a sum of Rs1.6 million to the plaintiff as damages for violation of the plaintiff's trademark rights. The court also ordered the hard disks seized from the defendants' premises to be handed over to the plaintiff who would be the owner of the hard disks.
This case achieves clear milestones: It brings the act of phishing into the ambit of Indian laws even in the absence of specific legislation; It clears the misconception that there is no damages culture in India for violation of IP rights; This case reaffirms IP owners' faith in the Indian judicial system's ability and willingness to protect intangible property rights and send a strong message to IP owners that they can do business in India without sacrificing their IP rights.
Ritu Kohli Case
Ritu Kohli Case, being India's first case of cyber stalking, was indeed an important revelation into the mind of the Indian cyber stalker. A young Indian girl being cyber stalked by a former colleague of her husband, RituKohli's case took the imagination of India by storm. The case which got cracked however predated the passing of the Indian Cyber law and hence it was just registered as a minor offence under Section 509 the Indian Penal Code.
State of Maharashtra v. Anand Ashok Khare
This case related to the activities of the 23-year-old Telecom engineer Anand Ashok Khare from Mumbai who posed as the famous hacker Dr.Neuker and made several attempts to hack the Mumbai police Cyber Cell website.
state of Uttar Pradesh v. Saket Sanghania
This case which was registered under Section 65 of the IT Act, related to theft of computer source code. SaketSinghania an engineer was sent by his employer to America to develop a software program for the company. Singhania, instead of working for the company, allegedly sold the source code of the programme to an American client of his employer by which his employer suffered losses.
State v. Amit prasad
State v/s Amit Prasad, was India's first case of hacking registered under Section 66 of the Information Technology Act 2000. A case with unique facts, this case demonstrated how the provisions of the Indian Cyber law could be interpreted in any manner, depending on which side of the offence you were on.
State of Chattisgarh v. Prakash Yadav and Manoj Singhania
This was a case registered on the complaint of State Bank of India, Raigarh branch. Clearly a case of Spyware and Malware, this case demonstrated in early days how the IT Act could be applicable to constantly different scenarios.
State of Delhi v. Aneesh Chopra
State of Delhi v/s Aneesh Chopra Case was a case of hacking of websites of a corporate house.
The Arzika Case
Pornography and obscene electronic content has continued to engage the attention of the Indian mind. Cases pertaining to online obscenity, although reported in media, often have not been registered. The Arzika case was the first in this regard.
The Air Force Bal Bharti School Case
The Air Force BalBharti School case demonstrated how Section 67 of the Information Technology Act 2000 could be applicable for obscene content created by a school going boy.
State of Tamil Nadu v. Dr L. Prakash
State of Tamilnadu v/s Dr L. Prakash was the landmark case in which Dr L. Prakash was sentenced to life imprisonment in a case pertaining to online obscenity. This case was also landmark in a variety of ways since it demonstrated the resolve of the law enforcement and the judiciary not to let off the hook one of the very educated and sophisticated professionals of India.
Arif Azim Case
Arif Azim case was India's first convicted Cyber crime case. A case pertaining to the misuse of credit cards numbers by a Call Centre employee, this case generated a lot of interest. This was the first case in which any cyber criminal India was convicted. However, keeping in mind the age of the accused and no past criminal record, Arif Azim the accused was sentenced to probation for a period of one year.
Conclusion And Suggestion
No one can deny the positive role of the cyber law in today's world either it be political, economic, or social sphere of life. But everything has its pro's and corns, cyber terrorists have taken over the technology to their advantage. To curb their activities, the Information Technology Act 2000 came into existence which is based on UNICITRAL model of Law on e-commerce.
It has many advantages as it gave legal recognition to electronic records, transactions, authentication and certification of digital signatures, prevention of computer crimes etc. but at the same time is inflicted with various drawbacks also like it doesn't refer to the protection of Intellectual Property rights, domain name, cybersquatting etc. This inhibits the corporate bodies to invest in the Information technology infrastructure.
Cases like Dawood and Quattrochi clearly reveals the problem of enforceability machinery in India. Cryptography is new phenomenon to secure sensitive information. There are very few companies in present date which have this technology. Other millions of them are still posed to the risk of Cyber crimes.
There is an urgent need for unification of internet laws to reduce the confusion in their application. For e.g. for publication of harmful contents or such sites, we have Indian Penal Code (IPC), Obscenity Law, Communication Decency law, self-regulation, Information Technology Act 2000, Data Protection Act, Indian Penal Code, Criminal Procedure Code etc. but as they deal with the subject vaguely therefore lacks efficient enforceability mechanism. Due to numerous Laws dealing with the subject there lays confusion as to their applicability, and none of the Law deals with the subject specifically in Toto.
To end the confusion in applicability of Legislation picking from various laws to tackle the problem, i would suggest unification of laws by taking all the internet laws to arrive at Code which is efficient enough to deal with all the problems related to internet crimes. Although these legislations talk about the problem but they don't provide an end to it. There's need for a one Cyber legislation which is co-ordinated to look after Cyber crimes in all respects. With passage of time and betterment of technology in the present date, has also resulted in numerous number of Information technology related crimes therefore changes are suggested to combat the problem equally fast.
Crucial aspect of problem faced in combating crime is that, most of the countries lack enforcement agencies to combat crime relating to internet and bring some level of confidence in users. Present law lacks teeth to deter the terrorist groups for committing Cyber crimes if you see the punishment provides by the Act it's almost ineffective, inefficient and only provides punishment of 3 years at the maximum.
Harsher laws are required at this alarming situation to deal with criminals posing threat to security of funds, information, destruction of computer systems etc. Data protection, by promotion of general principles of good information practice with an independent supervisory regime, would enable the law to maintain sufficient flexibility to achieve an appropriate balance between the need to protect the rights of the individuals and to have a control over the way their personal information have been used would be helpful in this increasingly networked economy. Just having two provisions in the Information Technology Act, 2000 for protection of data without any proper mechanism for to tackle the crime makes their mention in the Act redundant.
Information Technology Act is applicable to all the persons irrespective of their nationalities (i.e. to non-citizens also) who commits offence under the Information Technology Act outside India, provided the act or conduct constituting the offence or contravention involves computer, computer systems, or computer networks located in India under Section 1 and Section 75 of the Information Technology Act, but this provision lacks practical value until and unless the person can be extradited to India. Therefore it's advised that we should have Extradition treaties among countries. To make such provisions workable.
It's like eye for an eye kind of situation where the technology can be curbed only by an understanding of the technology taken over by cyber terrorists. Even if the technology is made better enough to curb the computer related crime there is no guarantee if that would stay out of reach of cyber terrorists. Therefore Nations need to update the Law whether by amendments or by adopting sui generic system. Though Judiciary continues to comprehend the nature of computer related crimes there is a strong need to have better law enforcement mechanism to make the system workable.
The ICT Trends of India 2009 have proved that India has failed to enact a strong and stringent Cyber Law in India. On the contrary, the Information Technology Act 2008 (IT Act 2008) has made India a safe haven for cyber criminals, say cyber law experts of India. The problem seems to be multi- faceted in nature.
Firstly, the cyber law of India contained in the IT Act, 2000 is highly deficient in many aspects. Thus, there is an absence of proper legal enablement of ICT systems in India.
Secondly, there is a lack of cyber law training to the police, lawyers, judges, etc. in India.
Thirdly, the cyber security and cyber forensics capabilities are missing in India.
Fourthly, the ICT strategies and policies of India are deficient and needs an urgent overhaul.
Fifthly, the Government of India is indifferent towards the ICT reforms in India. This results in a declining ranking of India in the spheres of e-readiness, e-governance, etc..
While International communities like European Union, ITU, NATO, Department of Homeland Security, etc. are stressing for an enhanced cyber security and tougher cyber laws, India seems to be treading on the wrong side of weaker regulatory and legal regime. Praveen Dalal, Managing Partner of Perry4Law and the leading Techno-Legal Expert of India sent an open letter to the Government of India including the Prime Minister of India, President of India, Supreme Court of India, Ministry of Parliamentary Affairs, etc. and brought to their attention the growing menace of Cyber crimes in India.
At last, somebody in the government has shown some concern regarding the growing menace of Cyber crimes in India. However, the task is difficult since we do not have trained lawyers, judges and police officers in India in respect of Cyber crimes. However, at least a step has been taken in the right direction by the law minister of India. Police in India are trying to become Cyber crime savvy and hiring people who are trained in the area. The pace of the investigation however can be faster, judicial sensitivity and knowledge needs to improve. Focus needs to be on educating the Police and district judiciary.
IT Institutions can also play an integral role in this area. We need to sensitize our prosecutors and judges to the nuances of the system. Since the law enforcement agencies find it easier to handle the cases under IPC, IT Act cases are not getting reported and when reported are not dealt with under the IT Act. A lengthy and intensive process of learning is required. A whole series of initiatives of cyber forensics were undertaken and cyber law procedures resulted out of it. This is an area where learning takes place every day as we are all beginners in this area.
We are looking for solutions faster than the problems are invented. We need to move faster than the criminals. The real issue is how to prevent Cyber crime. For this there is a need to raise the probability of apprehension and conviction. India has a law on evidence that considers admissibility, authenticity, accuracy and completeness to convince the judiciary. The challenges in Cyber crime cases include getting evidence that will stand scrutiny in a foreign court.
For this India needs total international cooperation with specialized agencies of different countries. Police has to ensure that they have seized exactly what was there at the scene of crime, is the same that has been analysed and reported in the court based on this evidence. It has to maintain the chain of custody. The threat is not from the intelligence of criminals but from our ignorance and the will to fight it.
Thus, Criminal Justice systems all over the world, must remember that because of certain inherent difficulties in the identification of the real cybercriminal, cyber law must be applied so as to distinguish between the innocent and the deviant. A restraint must be exercised on the general tendency to apply the principle of deterrence as a response to rising Cyber crime, without being sensitive to the rights of the accused. Our law makers and the criminal law system must not forget the basic difference between an accused and a convict. There is only a delicate difference between the need to ensure that no innocent is punished and the need to punish the cybercriminal.
Bibliography
Statutes
Newspapers & Magazines
Webliography
End-Notes:
[1] Barney, Prometheus Wired: The Hope for Democracy in the Age of Network Technology, 2001
[2]The oxford English dictionary
[3] Ganesh traders v. district collector, Karimnagar, 2002 Cri LJ 1105.
[4] http://www.cyberlawsindia.net/howworks.html
[5] R Nagpal, what is cyber crime?, new era publications, Chennai,2003, p786.
[6] Brett Burney, the concept of cyber crimes – is it right to analyse a physical crime to cyber crime ? www.cyberguard.com
[7] Regarding the impact of ICT on society, see the report Sharpening Europe's Future Through ICT – Report from the information society technologies advisory group, 2006, available at: ftp://ftp.cordis.europa.eu/pub/ist/docs/istagshaping-europe-future-ict-march-2006-en.pdf.
[8] UNGA Resolution: Creation of a global culture of cyber security and taking stock of national efforts to protect critical information infrastructure, A/RES/64/211.
[9] For more information, references and links, see: the ITU Cyber security Work Programme to Assist Developing Countries (2007-2009), 2007, available at: www.itu.int/ITU-D/cyb/cybersecurity/ docs/ itu-cybersecurity-work-programmedeveloping-countries.pdf.
[10]Other terminology used includes information technology crime and high-tech crime. See, in this context: Goodman/Brenner, The Emerging Consensus on Criminal Conduct in Cyberspace, International Journal of Law and Information Technology, 2002, Vol. 10, No. 2, page 144.
[11]Regarding this relationship, see also: Sieber in Organised Crime in Europe: The Threat of Cybercrime, Situation Report 2004, page 86.
[12]The same typology is used by the ITU Global Cyber security Agenda / High-Level Experts Group, Global Strategic Report, 2008. The report is available at: www.itu.int/osg/csd/cybersecurity/ gca/global_strategic_report/index.html.
[13]Art. 2 (Illegal access), Art. 3 (Illegal interception), Art. 4 (Data interference), Art. 5 (System interference), Art. 6 (Misuse of devices). For more information about the offences, see below: § 6.2.
[14] Art. 7 (Computer-related forgery), Art. 8 (Computer-related fraud). For more information about the offences, see below: § 6.2.
[15]Art. 9 (Offences related to child pornography). For more information about the offences, see below: § 6.2.
[16]Art. 10 (Offences related to infringements of copyright and related rights). For more information about the offences, see below: § 6.2.
[17]Regarding the related challenges, see: Slivka/Darrow; Methods and Problems in Computer Security, Journal of Computers and Law, 1975, page 217 et seq.
[18] Simon/Slay, Voice over IP: Forensic Computing Implications, 2006.
[19] Velasco San Martin, Jurisdictional Aspects of Cloud Computing, 2009; Gercke, Impact of Cloud Computing on Cybercrime Investigation, published in Taeger/Wiebe, Inside the Cloud, 2009, page 499 et seq.
[20] Collier/Spaul, Problems in Policing Computer Crime, Policing and Society, 1992, Vol.2, page, 308, available at: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.66.1620&rep= rep1&type =pdf. Visit on 5-2-2020
[21] Law on Cyber Crimes, Book Enclaves, New Delhi, 2007.
[22] Computer Crime, Lexington books, Toronto, 1978.
[23] Computer Crime : Concept, Control and prevention, Sysman Computers Pvt Ltd., Bombay, 1994.
[24] Cyber Crimes, Electronic Evidence and Investigation: Legal Issues, Nabhi Publications, New Delhi, 2010.
[25] Legal Dimensions of Cyber Crimes and preventive laws with Special Reference to India, Central Law Agency Publications, Allahabad, 2010.
[26] Maura Conway, What is Cyber Terrorism; The current History, December 2002. (AIRC) p. 436.
[27] https://www.thehindubusinessline.com/specials/india-file/cyber-crime-cops-and-the-law/article 26502097.ece visit on 12-2-2020
[28] Turing's man : Western culture in the computer age. London; Bolter J.D. 1984, Duckworth pp.32, 11.
[29] https://www.thehindubusinessline.com/specials/india-file/cyber-crime-cops-and-the-law/article 26502097.ece visit on 12-2-2020
[30] Turing's man : Western culture in the computer age. London; Bolter J.D. 1984, Duckworth pp.32, 11.
[31] Bata india ltd. v. Pyarelal and co.AIR(1985),242
[32] Turing's man : Western culture in the computer age. London; Bolter J.D. 1984, Duckworth pp.32, 11.
[33] Nirex industries v. Manchandafootwear,PTC(1984),97
[34] Bata india ltd. v. Pyarelal and co.AIR(1985),242
[35] Turing's man : Western culture in the computer age. London; Bolter J.D. 1984, Duckworth pp.32, 11.
[36] https://www.thehindubusinessline.com/specials/india-file/cyber-crime-cops-and-the-law/article
26502097.ece visit on 12-2-2020
[37] Ibid
[38] Offences & Penalties under the IT Act,2000; http://www.legalservicesindia.com/article/article/ offences-&-penalties-under-the-it-act-2000-439-1.html Criminal Liability for misuse of Information Technology; http://www.sethassociates.com/criminal-liability-for-misuse-of-information-technology.html
[39] https://www.thehindubusinessline.com/specials/india-file/cyber-crime-cops-and-the-law/article 26502097.ece visit on 12-2-2020
[40] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[41] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[42] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[43] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[44] Civil Liberties and the amended Information Technology Act, 200; https://cis-india.org/internet-governance/blog/information-technology-act
[45] B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
[46] Cyber Law in India; http://www.iibf.org.in/documents/Cyber-Laws-chapter-in-Legal-Aspects-Book.pdf
[47] Seth Associates (Advocate & Legal consultants); http://www.sethassociates.com/criminal-liability-for-misuse-of-information-technology.html
[48] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[49] B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
[50] B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
[51] B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
[52] https://www.cyberswachhtakendra.gov.in/index.html
[53] http://www.livemint.com/Companies/Aml3SbCIL5SsgxpipR1ltM/Cyber-security-among-top-5-
risks- identified-by-79-organisat.html (visit at 20-1-2020)
[54] https://www.cyberswachhtakendra.gov.in/index.html
[55] http://www.livemint.com/Companies/Aml3SbCIL5SsgxpipR1ltM/Cyber-security-among-top-5-
risks- identified-by-79-organisat.html (visit at 20-1-2020)
[56] Avtarsingh v. State of Panjab AIR(SC 1965),666
[57] Bengal immunity co. ltd. v. State of Bihar,AIR(1955),661
[58] Bharat Bank Ltd. v. Employees,AIR(1950),188
[59] C.C.E. v. Ambalal Sarabhai,SCC(1989),112
[60] G.A. Manterio v. State of Ajmer,AIR SC(1957),13
[61] https://economictimes.indiatimes.com/news/company/corporate-trends/indian-firms-look-for-cyber-
security-cover/printarticle/62978210.cms visit at 10-1-2020
[62] Arm group enterprises ltd. v. WaldrofRestaurant,Scc(2003)6,423
[63] Cibageigy Ltd. v. SurenderSingh,AIR(1999)DEL,49
[64] CS(OS) No. 1279/2001
[65] R/CR.MA/4344/2020
[66] H.C.P.(MD)No.1083 of 2019
[67] MCRC-54513-2019
[68] MCRC-7196-2020
[69] M/s Spentex Industries Ltd. & Anr. Vs. Pulak Chowdhary CS No. 219/18
[70] H.C.P.(MD)No.578 of 2019
[71] (2011) 5 SCC 244
[72] WRIT PETITION Nos. 5449 and 7950 of 2019
[73] WRIT PETITION Nos. 5449 and 7950 of 2019
The cyber world in itself has a virtual reality where anyone can hide or even fake this identity, the gift of internet is used by the criminally minded to commit wrongful acts and then hide under the blanket provided by the internet. Digital India is the result of many innovations and advances in technology. More than half of the population is not in the habit of using computers, the internet and other devices most commonly used are social media sites Facebook, Chatrooms, Skype, Whatsapp, dating sites etc.[1]
Crime
A crime is something more than an act of mere disobedience to law. It is an act which is both forbidden by law and revolting to the moral sentiments of society. Here again, one has to be cautious because moral sentiments of society are flexible from time to time and place to place. In fact criminal offences are the creation of policies of the powerful and astute society or community who safeguard their interest and security.Crime is defined as an act punishable by law as forbidden by statute or injurious to the public welfare.[2] It is a very wide definition. Anything which is injurious to public welfare is a crime. In modern complex society things maybe against the public welfare.
According to Bentham:
offences are whatever the legislature has prohibited for good or for bad reasons. If the questions relate to theoretical research for the discovery of the best possible laws according to the principle of utility, we give the name of offence to every act which we think ought to be prohibited by reasons of some evil which it produce or tends to produce.
According to Blackstone crime is an act in violation of public law.
In Austinian sense public law is identical with constitutional law. That being so, the crime would then mean an act done in violation of constitutional law. the definition would thus cover only political offences leaving aside a vest area of other criminal behavior. Blackstone also defines crime as violation of the public rights and duties due to the whole community, considered as a community, in its social aggregated capacity.
Stephan, the editor of Blackstone has slightly modified this definition in the following form. a crime is a violation of crime, considered in reference to the evil tendency of such violation as regard the community at large.
According to Kenny:
crimes are wrong whose sanctions is punitive and is in no way remissible by any private person but is remissible by crown alone, if remissible at all.[3]
Concept Of Cyber Crime
Cyber crime is a latest and perhaps the most complicated problem in the cyber world. cyber crime maybe said to be those species, of which, genies is a conventional crime, and where either the computer is an object or subject of the conduct constituting crime.[4]A generalized definition of cyber crime unlawful acts where in the computer is either a tool or target or both.[5] Before evaluating the concept of cyber crime it is obvious that the concept of conventional crime be discussed and the points of similarity and greviences between both these forms maybe discussed.
There is apparently no distinction between cyber and conventional crime. However on a deep introspections we may say that there exist a final line demarcation between the conventional and cyber crime, which is appreciable the demarcation lies in the involvement of in the cases of cyber crime. There is much more to the internet than physically wired network computers.[6]
The influence of ICTs on society goes far beyond establishing basic information infrastructure. The availability of ICTs is a foundation for development in the creation, availability and use of network-based services.[7] The Fight against cyber crime needs a comprehensive approach. Only investigation against cyber crime cannot solemnly bring out the perspective of crime rather a strong step is required to bring out the offender.
Cyber Security And Cyber Crime
Cyber security and cybercrime are issues that can be hardly separated in an interconnected environment. The fact that 2010 AN UN general assembly resolutions on cyber security[8] address cybercrime as one major challenge underline this. Cyber security plays an important role in the ongoing development of information technology as well as internet services enhancing cyber security and protecting and critical information infrastructure are essential to each nation security and economic well-being. Making the internet safer (and protecting internet users) has become integral to the development of new services and as well as government policy.Deterring cybercrime is an integral component of a national cyber security and critical information infrastructure protection strategy. in particular, this include the adoption of appropriate legislation against the misuse of ICTs for criminal or other purposes and other activity intended to affect the integrity of national critical infrastructure. The Formulation and implementation of national framework of strategy for cyber security thus crime thus as a comprehensive approach.[9]
The Phenomena Of Cybercrime
Most reports, guides or publication on cybercrime begin by defining the terms10 computer crime and cybercrime[10] In this context, various approaches have been adopted in recent decades to develop a precise definition for both terms. Before proving an overview of the debate and evaluating the approaches, it is useful to determine the relationship between cybercrime and computer crime[11] without going into detail at this stage, During the 10th united nations congress on the prevention of crime and the treatment of offenders, two definitions are related with work shops.Cybercrime is a narrow sense cover any illegal behavior committed by means of, in relation to a computer system or network, including any such crimes are illegal possession and offering or distributing information by means of a computer system or network. One common definition describe cybercrime as any activity in which computers or network are a tool, a target or a place of different activity.
Typology Of Cybercrime
The term cybercrime is used to cover a wide variety of criminal conduct as recognized crimes include a broad range of different offences, it is difficult to develop a typology or classification system for cybercrime which distinguish between four different types of offences[12]- Offences against confidentiality, integrity and availability of computer data and systems[13]
- Computer –related offences[14]
- Content-related offences[15]
- Copy right related offences[16]
Development Of Computer Crime And Cybercrime
The criminal abuse of information technology and the necessary legal response are issues that have been discussed ever since the technology was introduced. Over the last 50 years, various solutions have been implemented at the national and regional levels. one of the reasons why the topic remains challenging is the constant technical development, as well as changing methods and ways in which the offences are committed. In the 1960s, the introduction of transistor-based computer system, which were smaller and less expensive than vacuum –tube based machines, led to an increase in the use of computer technology[17]. At this early this stage, offences focused on physical damage to computer systems and stored data.The 21st Century
As in each Preceding decade, new trends in the computer crime and cybercrime continued to be discovered in 21st century.the first decade of the new millennium was dominated by new, highly sophisticated methods of committing crimes, such as phishing and the emerging use of technology that is more difficult for law enforcement to handle the investigate, such as voice-over-IP Communications[18] and cloud computing.[19]
Extent And Impact Of Cybercrime Offences
Crimes statistics can be used by academia and policymakers as a basis for discussion and for the ensuring decision making process.20 Such data can in general be taken from crime statistics and surveys, but both these sources comes with challenges when it comes to using them formulating police recommendations.Computer Related Offences
This category covers a number of offences that need a computer system to be committed.unlike previous categories, these board offences are often not as stringent in the protection of legal principles The category includes computer related fraud, Computer related forgery, identity theft and misuse of devices- Computer related fraud is one of the most popular crime on the internet.
- Computer related forgery describes the manipulation of digital document
- Identity theft which is neither consistently defined nor consistently used
Objective
- The objective of the India cybercrime will be to coordinate various efforts pertaining to cybercrime prevention and regulation in India
- To increase its preventive capabilities in the fight against cybercrime
- To provide a general awareness of cybercrime
- To learn how to keep away from being a victim
- To recognize cyber-crime methods
- To gain more knowledge about cybercrime
- To create awareness about cyber crime to the mass
- Today issue for providing compensation to victim
Scope Of Study
The researcher has focused on accessing the procedure of investigation under the law and the investigating agencies that have been entrusted with the responsibility of curbing this form of crime. The focus of this research is to evolve the ways for identifying the stalker so that he can be at the earliest subjected to the due process of law.
Review Of Literature
No research work can possibly be taken up without consulting literature available on the topic under study.Before starting up the work on the problem the present research aims to review the existing literature on the subject. The review of the existing literature would provide clarity of concept, understanding of different aspects, and would help in identifying problem zones and formulating research methodology.[20] Pramod kumar singh, (2007)[21] traces the origin of the term cyber space as coined by William Gibson in the science fiction novel November in 1984. Basically, it denotes the virtual location within which the electronic activities take place. Cyber space is a borderless environment it has no territorial based boundaries.
The internet address has no relation to the physical location of the computers and individual accessing to them thus render geographic borders of nations meaningless. Cyber space, thus, challenges the well established principle of international law that control over the physical space and people is an attribute of Sovereign and statehood. Bequal (1979)[22] brings out the necessity of cyber laws relating to the use of information technology that the problem has been aggravated by the antiquated and over bureaucratized legal apparatus.
At stake is the very form of government, and if there is a failure to adapt the legal systems to the needs and demand of an ever growing technology, the entire system of governance would collapse. According to Ghokale and Pawar (1994)[23] have suggested that it is imperative for a developing country like India to focus their attention on this phenomenon, and introduce necessary amendments to the existing laws, so that computer crime can be tackled in time.
This also facilitates the expanding horizons of traditional criminology.the argument is that law in not a solution in itself to such problems. VIVEK SOOD in his book Cyber Crimes, Electronic evidence and investigation: legal issues (2010)[24] suggested various strategies to curb cyber-crimes. He says that since cyber crime are technology based, so the best answer to these crimes is security technology.
Fire –Walls, anti-virus software and anti-intrusion system are some of the effectively used security technologies. He concluded that protect yourself is the best mantra against cyber-crimes. According to him, effective cooperation between the law enforcement agencies within the country and between nations is also necessary to challenge cyber criminals and bring them before the law. Dr.Vishwanath Paranjpee in his book legal dimension of cyber crimes and preventive laws with special reference to India(2010)[25] has pointed out that with the rapid development of computer technology and internet over the years, the problem of cyber-crime has assumed gigantic proportions and emerged as a global issue. cyber-crime along with the municipal cyber legislation of different countries like UK, USA, India, Canada, china, Japan, France, etc.
The Challenges
Recent developments in ICTs have not only resulted in new cybercrimes and new criminals methods, but also new method of investigating cybercrime. Advances in ICTs have greatly expanded the abilities of law-enforcement agencies. Conversely, offenders may use new tools to prevent identification and hamper investigation. This chapters focuses on the challenges of fighting cybercrime.
Opportunities
Law enforcement agencies can now use the increasing power of computer systems and complex forensic software to speed up investigations and automate search procedures. It can prove difficult to automate investigation processes. while a keyboard-based search for illegal content can be carried out easily, the identification of illegal pictures is more problematic.hash –value based approaches are only successful if pictures have been rated previously, hash value based approaches are only successful if pictures have been rated previously, the hash value is stored in a database and the picture that was analysed has not been modified.
General Challenges
Many everyday communications depend on internet based services, including calls or email communications. It has made responsible for the control and management functions in building car and aviation services. The supply of energy water and communication services depend on ICTs. Existing technical infrastructure has a number of weakness such as the monoculture of operating system.
Legal Challenges
Proper legislation is the foundation for the investigation and prosecution of cybercrime. However, law-makers must continuously respond to the internet developments and monitor the effectiveness of existing provisions, especially given the speed of developments in network technology. The main challenge for national criminal legal system is the delay between the recognition of potential cybercrime.
Identification of gaps in penal code
To ensure effective legislative foundations, it is necessary to compare the status of criminal legal provisions in the national law with requirements arising from the new kind of criminal offence.it many cases, existing case laws may be able to cover new varieties of existing crimes(e.g law addressing forgery)
Legal Aspects
IPC Theft
According to sec 378 of ipc whoever, intending to take dishonestly any movable property out of the possession of any person without that person's consent, move that property in order to such taking, is said to commit theft. When an individual steals the data of another person through electronic means is said to commit theft.
Fraud
According to sec 421 of ipc whoever dishonestly or fraudulently removes, conceals or delivers to any person, or transfer or causes to be transferred to any person, without adequate consideration, any property, intending thereby to prevent i.e is called fraud
Forgery
According to sec 463 of ipc whoever makes any false document or false electronic record with intent to cause damage, to the public or to any other person or enter in to any express or implied contract, is called forgery
Defamation
According to sec 499 of ipc.Whoever, by words or spoken or intended to be read, or by signs or by visible representations, makes or publishes any imputation concerning any person intending to harm i.e is called defamation
Mischief
According to sec 425 of Ipc whoever with intent to cause, or knowing that he is likely to cause, wrongful loss or damage to the public or to any person, causes the destruction of any property i.e called mischief.
Information Technology Act 2000
In 1996,The united nations commissions on international trade law adopted the model law on electronic commerce to being uniformity in the law in different countries.India became the 12 century to enable cyber law after it passed the information technology act 2000.
Offences Under The Act:
- Hacking with computer system.
- Tampering with computer source document
- Protected system
- Penalty for misrepresentation
- Confiscation
- Publication for fraudulent purpose
- Power of controller to give directions
- Penalty for breach of penalty
- Power to investigate offences
- Direction of controller to subscribe
- Penalty for publishing digital signature
- Penalties or confiscation not to interfere with other punishments
- Hacking with computer system - This section tells about the hacking activity. whoever commit hacking shall be punished with imprisonment up to three years with fine or with both.
- Tampering with computer source document
According to sec 65 of this act tampering with computer source document knowingly or intentionally destroying, shall be punishable with imprisonment up to three years or with fine - Protected system
According to sec 70 of this act the appropriate government, by notification in official gazette, declare that any computer network to be protected system. - Penalty for misrepresentation
According to sec 71 whoever makes any misrepresentation or to suppresses any material act form shall be punishable with which may extend to one lakh rupees. - Confiscation
According to sec76 any computer system flopies or any other accessories disk compact disk shall be liable to confiscation - Publication for fraudulent purpose
According to section74 of this act this section prescribed punishment for the following acts fraudulent purpose or unlawful purpose. - Power of controller to give directions
According to sec78 of this act a police officer not below the rank of deputy police shall investigate any offence
- Substantive criminal law this requires first of all the necessary
substantive criminal-law provisions to criminalize act such as computer
fraud illegal assess, data interference, and child pornography. The fact
that provisions exists in the criminal code that are applicable to similar
acts committed outside the network does not mean that they can be applied to
acts committed over the internet as well therefore, a through analysis of
current national laws to vital to identify any possible gaps.
- Criminal procedural law:
apart from substantive criminal law provisions law enforcement agencies need the necessary tools and investigate cybercrime. such investigations due to the international dimension of cybercrime it is in addition necessary to develop the legal national framework to be able to corporate with law enforcement agencies abroad.
- Electronic evidence:
when dealing with cybercrime the competent investigation authorities as well as courts, need to deal with electronic evidence. Dealing with such presents a number of challenges. But also opens up new possibilities for investigation and for the work of experts and courts. In those cases where no other sources of evidence.
International Perspective Of Cybercrime
International law is a body of law which is composed of principle and rule of conduct, bound by each state. They include:- The governance of international institutions
- Rules of law relating to individuals.
Thus international law is primarily a system regulating the rights and duties of states inter se popularly known as the 'LAW OF NATIONS' Basic primary aim is securing justice for human beings. The history of international law dates back to the earliest times to the beginning of the period of antiquity.
During the period of Rome's dominance were rules governing the relations between Rome and various nations with which it had commercial relations. In the 19th century this law further expanded the reason being the emergence of powerful states within and outside Europe.
Development of International law
The present day century has witnessed a greater impetus to the development of international law, the reason being growing interdependence of states and of vastly increase intercourse between them due to all kinds of inventions that overcame the difficulties of time, space and intellectual communications.
Source of International law
John Austin (1970-1859) he was the foremost protagonists of international law.
The material source of international law:
- Custom –a custom, in international of law, is such a usage as hath obtained the source of law
- Treaties-is between two or more or only a few states.it is the direct source of international law.
- Decision of judicial or arbitral tribunals-source being the international court of justice earlier known as permanent court of international justice.
- Juristic work- lead to the formation of and development of international law.
This was adopted by the ministry of Europe on 8-11-2001,it further was signed on 23-11-2001 in budapest. And it come in to force in 2004 in the month of july.it was further signed by 11 states. This was the first global agreement on cybercrime which used internet and a computer as a tool to commit the offence.
This agreement includes the following types of cybercrime:
- Unlawful access
- Unlawful interception
- Data intrusion
- System intrusion
- Computer-related counterfeit
- Offences related to child pornography
- Offences related to copy right.
Real Cost Of Cyber Crime
Cybercrime is a type of crime that not only destroys the security system of country but also its financial system.Punishment
Cybercrime must be dealt with very seriously because it causes a lot of damage to businesses and the actual punishment should depend on the type of fraud used. The penalty for illegally accessing a computer system ranges from 6months to 5 years. The penalty for the unofficial modification on a computer ranges from 5 to 10 years. Others penalties are listed below:
- Telecommunication service theft: the theft of telecommunication service is a very common theft and is a very common theft and is punished with a heavy fine and imprisonment.
- Communications intercept crime. This is a class – Crime which is followed by severe punishment of 1 to 5 years of imprisonment with a fine.
- Information technology act-2000 : according to this act. Different penalties are available for different crimes. Some of the penalties are as follow:
- Computer source document tampering :the person who changes the source code on the website or any computer program will get a punishment up to 3years of imprisonment or fine.
- Penalties relating to cyber crime will vary depending on the country and legislation in place.
Offences
Cyber offences are the illegitimate actions, which are carried out in a classy manner where either the computer is the tool or target or both.Cyber-crime usually includes the following:
- Unauthorized access of the computers.
- Data diddling
- Theft of computer system
- Hacking
- Denial of attacks
- Logic bombs
- Trojan attacks
- Internet time theft
- Web jacking
- Email bombing
- Physically damaging computer system.
Compounding of offences
As per section 77-A Of the act, any court of competent jurisdiction may compound offences, other than offences for which the punishment for life or imprisonment for a term exceeding three years has been provided under the act.
1. No offence shall be compounded if-
- Offence affects the socio economic condition of the country.
- Offences has been committed against a child below the age of 18 years.
- Offences has been committed against a woman
The Offences Included In The I.T Act 2000 Are As Follows:
- Tampering with the computer source documents.
- Hacking with computer system
- Power of controller to give directions
- Protected system
- Penalty for misrepresentation
- Power to investigate offences
Sections Offences Punishment Bail Ability
- 65 . Tampering with computer source code imprisonment up to 3 years bailable offence
- 66. computer related offences imprisonment upto 3years offence is bailable cognizable
- 66-c dishonestly receiving stolen computer resource imprisonment upto 3years offence is bailable
- 66-b Identity theft imprisonment of either description upto 3years Bailable offences
Internet Challenges
The impact of the internet on the existing legal regime can be well appreciated by the fact that the US congress more than 50 bills pertaining to internet and e-commerce, in the first three months of 1999 alone.
The issues which need to be addressed urgently are security of transactions, privacy, property, protection of children, jurisdiction, and validity of contracts, procedural rules of evidence and other host of issues.
To answer the simple question of what is computer crime, or computer related crime, or cyber crime, it is necessary to understand the different types or classifications of crime that can be linked to computers. for example, hacking into a long-distance telephone service to enjoy free telephone calls is a type of computer related crime. whatever from computer crimes take, the characteristics that make computer system, particularly computer banking system.
So attractive for legitimate purposes make them similarly for illegitimate purposes such as money laundering.
Federal law enforcement and regulatory agencies are particularly concerned about three issues. first, the effectiveness of current operating requirement against cyber baking system. why? the current regulatory system depends on regulated financial institutions acting as a pass-through or intermediary between two parties, thus facilitating the transactions.what are known as peer to peer transactions. The intermediary is simply the internet.
Research Methodology
Researchers need to consider the sources on which to base and confirm their research and findings. They have a choice between primary data and secondary sources and the use of both, Which is termed triangulation, or dual methodology. primary research involves collecting direct data about a given subject directly from the real world. Primary data is the data collected by researcher themselves .i.e. interview observations, action research, case studies life histories questionnaire etc.
Secondary source consist of data that has already been produced and can be contemporary or historical, qualitative or quantitative. for example previous research, official statistics, mass media products, diaries letters, government reports, web information and historical data and information.legal research, therefore, takes into its ambit the research by analyzing secondary source of data.
It is a research into legal rules, principles, concept or doctrines.it involves a rigorous systematic exposition relationship. it arranges the existing law in order and provide thematic parameters for such an order.it also concern with critical review of legislation and of decisional by the researcher in carrying out this research work.
Is purely criminal. an exhaustive and critical study has been made all available relevant statutes, texts and case law on cyber-crimes. The research materials, for the present discretions, consist of various books on the subject, relevant case law from various reports, different articles published in various journals, various communications reports on the subject and relevant statutes. published articles in national in the dissertation at appropriate place.
Research Design
The research design used for this study is of descriptive type i.e studies which describe the characteristics of particular group and individuals.
Research Approach
In the research survey method used for collection of data and prepare questionnaire to draw the conclusion.
Questionnaire Schedule
Question are framed in such a way that the answer reflect the ideas and thought of respondents.
The scale is as:
- Yes
- No
- Partial agree
- Partial disagree
- Neither agree or disagree
Questions
- Do you known the concept of crime?
- Are you aware of your rights?
- How aware are you about cyber crime?
- How safe do you feel about your information, when you are online?
- Do you have an antivirus software installed on your PC?
- Have you ever lost money due to cyber crime?
- Do you feel it is essential to feel online?
- How many times have you been a victim of a cybercrime?
- Do you think that the laws in effect are able to control cyber criminals?
- In a day how many hours do you spend browsing on the internet?
Hypothesis
Computer and cyber space are usually used to commit crimes on the premise that the incidents are rarely detected due to anonymity. Cyber stalking is mainly committed for pleasure, revenge or out of fun on the intended victim. Victim do not readily come forward to report cyber stalking especially,for the reason of loss of reliability; futility of the whole process, as the crime has trans-national dimensions and there is no law to act beyond the sovereign boundaries.
The information technology act 2008 is casually enforced unlike other penal legislations; the act requires amendment changes in the technology and types of usage of cyber space. The procedure and the process of implementation need to be secured through the appointment of cyber officers so that it preventable to a great extent.
Cyber Crime Prevention
- Use antivirus software
- Insert firewalls
- Uninstall unnecessary software
- Maintain backup
- Check security setting
- Keep up to date on major security breaches
- Use a full –service internet security suite
- Keep your software update
- Use strong passwords
- Strengthen your home network
- Manage your social media setting
- Avoid being scammed
- Protect your e- identity
- Install the latest operating system updates
Preventive Legal Mesaures Against Cyber Crime
Laws are generally meant for meeting the needs of society and it is, therefore a dynamic concept which undergoes changes with the changing need of society. The modern information technology evolution has enabled human society to prosper and make tremendous progress. But at the same time given rise to new problem hereto unknown to mankind and cyber criminality is one such grave area. The progressive trend of computer technology has accelerated transfer of information and telecommunicate and increased our capacity to store search and retrieve and communicate data over the world in shortest possible time.In India which ranks fifth in the world in incidence of cybercrime there has been hacking of 9000 websites in the proceeding three years with five percent increase in cybercrime each year. Cyber criminals are now moving beyond computers and attacking mobile- held devices such as smart phones and tablets.
For the purpose of speedy exchange of information in cyber crime related cases,india has asked U.S For setting up an Indo-American alert watch and warn network of participating law enforcement agencies of both the countries for prompt time sharing of information which would go long way in reducing time in investigation of cyber crime and apprehending the prepetrators of these crimes.
Cyber Defamation
Cyber defamation is not different from conventional defamation except that in involves the use of cyber space medium. Any derogatory except that in involves the use of cyber space medium. Any derogatory statements means which is intended to injure a person name or reputation on a web site or sending e-mail. Containing defamatory information to some other person constitute the offence of cyber defamation.E- Mail Frauds
E-mail is an inexpensive and popular device for disturbing fraudulent messages to potential victims. This techniques not only helps to assume someone else identity. But also helps to hide one's own. therefore, the person committing the e-mail has title chance of being detected or identified. The most common email fraud is phishing. Personal information fraud.The purpose of such spam is to trick the person for divulging his personal information so that the offender can steal his identity and commit crime in that person's name. since of transactions being intercepted or diverted. Now a days valid credit card numbers can be intercepted electronically as well as physically the digital information stored on a card can be counterfeited.section 74 of the copyright act makes internet fraud as an offence punishable with imprisonment up to two years or with fine which may extend to rupees one lakh.
Money Laundering
It is a kind of cyber crime in which money is illegally download in transit. There is phenomenal increase in the incidence of this cyber offence. Out of 146 seizures made by enforcement directorate in money laundering cases in the year 2005 recoveries were made in 106 cases involving seizure of about 9.5crores of rupees.Data Diddling
This offence involves changing or erasing of data in subtle ways which makes it difficult to put the data back or be certain of its accuracy.this is resorted to for the purpose of illegal monetary gains or for committing a fraud or financial scam.In data diddling, the perpetrator of offence changes the data prior to or during input into a computer. It also includes automatic change in the financial information for some time before processing and then restoring it in original form.
Intellectual Property Crimes
Intellectual property consist of bundle of rights which may be violated by committing software piracy, copyright infringement, trademark, and service mark violations.theft of computer source code etc. internet being the fastest tele-communication and information system, it has become a most convenient media to conduct business transactions. The explosion of digitalization and the internet have further facilitated the intellectual property right violators to copy and illegally distribute trade-marks logos theft of computer source code etc. it is a punishable offence under the copyright. The various acts to which copyright act, 1957 extends the enumerated in section 14 of the act.Trade mark is also one of the intellectual property right and protect the goodwill and reputation of trader and businessman. These marks are intended to be differentiate goods of a trader from other traders who are in same stream of trade and business. Passing off actions are also covered under the trade-marks act wherein in a trader passes off his inferior quality goods in nature of some reputed trader who is selling the same commodity or article. Thus if a particular logo is in relation to product B Would be infringement of trademark right and an or internet. It will attract the provisions of information technology act 2000.
Infringement of copyright is defined in section 51 of the copyright act. It not only give rise to civil action but also imposes criminal liability. civil remedies are provided under Ch X11 of the act where as penal consequences of infringement of copyright are contained in chapter X111 of the act.
Section 63 of the act, provides that a person infringing or abetting the infringement is liable to imprisonment up to three years and fine, which may extend to two lakh rupees. There in enhanced penalty for second or subsequent conviction.
Section 63 B of act further provides that knowingly making use of an infringing copy of computer software on a computer is a separate offences punishable with imprisonment for not less than seven days and which may extend to rupees one lakh.
Significantly, many areas where information technology has an impact have been rendered justiciable by the information technology act, 2000. They include e-commerce, jurisdictional issues, security measures, evidence, e-banking etc.
It may noted that just as the legitimate business organisations in the private or public sector rely upon information system for communication or record deeping, so also the cyber criminal organisations carry on their illegal activities using enhanced cyber space technology.commenting on this aspect has predict that information technology is not only reshaping the mode of corporate functioning and emerging new business strategies but it is dramatically increasing the number of potential cyber criminals. according to him, there is bound to be simultaneous increase in the incidence of cybercrime with the new internet sites and users which currently total around 40 million worldwide.
Reasons For Cyber Crimes
Before embarking upon the various types of cyber crimes and the modes of committing them, it would be appropriate to dwell upon the main reasons for unprecedented them.it would be appropriate to dwell upon the main reasons may briefly be stated as follow:- The computer has the unique characteristics of storing data in a
relatively very small space. This affords to derive and remove information
either through physical or virtual medium more easily.
- Computer are easy to access and therefore, unauthorized access by the
use of complex cyber space technology is easily possible by passing security
system.
- The computer work on operating system which are complex and are composed
of million of codes. The cyber offenders take advantage of the fallibility
of human mind and penetrate in to computer system.
- One of the significant features of computer system is that evidence is
destroyed in no time. the criminals find it easy to destroy the evidence soon
after the crime is committed which makes it difficult for the investigating
agencies to collect relevant material evidence for prosecuting the offender.
- Slightest negligence on the part of computer user in ensuring security of the computer system may lead to catastrophic consequences as the cyber criminals may gain illegal access and unauthorised control over the computer system to accomplish his evil design.
Categories
- Against person
- Against government
- Against property
- Against person, harassment via emails, cyber stalking, as assault by threat
- The potential harm of such a crime to humanity can hardly be overstated.
- Against property cybercrimes against all forms of property.
Plan Of The Study
The whole work is divided into different chapters in order to achieve the logical conclusion on the basis of systematic study.
Introduction
In this chapter objective, significance and scope of study will be introduced.the concept and nature of cyber-crime is also discussed.it describe the aim and objective, importance, scope, hypothesis, research problem in the hand.it also describes the research methodology employed for conducting research.
International Perspective
This chapter deals with initiatives taken by various countries like U.S.A, U.K etc. and other international organization worldwide from time to time to control the growing menace of cyber-crime.Cyber Law In India
This chapter introduces the different enactment related to cyber-crime.it also discusses the effectiveness of the information technology act 2000.Role Of Judiciary
This chapters brings out the conclusion and various suggestions relating to prevention of cyber-crime.Conclusion And Suggestion
Indian laws are well drafted and are capable of handling all kinds of challenges as posed by cyber criminals. however, the enforcement agencies are required to be well versed with the changing technologies and laws.
As internet technology advances so does the threat of cyber crime.in times like these we must protect ourselves from cyber-crime.anti virus software, firewalls and security patches are just the beginning. Government surveillance under cyber law has gone through Amendment to the IT Act in 2008 gave the government wide powers of interception, encryption, and blocking. The amendment made in sec66-A made sending 'offensive' message through a computer or any other communication service. Such as cell phone or tablet, a punishable offence.
However, the supreme court struck down the provision of sec66-a as infringing the constitutional right of freedom of speech by its judgment in Shreya Singhal v. Union of India.
The section 66a had been widely misused by police in various states to arrest innocent person for posting critical comments on social and political issue on social networking site.
Almost every nation is confronted with the dilemma to balance its national security with privacy and freedom of expression.
With a view to strengthening the national security, sec69 as amended given power to the state to issue directions for interception or monitoring or decryption of any information through any computer resource.
Though the supreme court in shreya case struck down sec66-a of the information technology act, 2000 in its entirely being violative of article 19(1) (a) and not saved by reasonable restrictions laid down in art 19(2). It has no proximate connection with incitement to commit an offence. the court further clarified that 69-A. the reason being that section 69-a provides several safeguards as follow:
- Blocking the public access of any information through computer resource can only be resorted to where the central government is satisfied that it is necessary to do so.
- Such necessity is relatable only to some of the subjects set out in article 19(2)
- Reasons have to be regarded in writing such blocking order so that they may be assailed that in a writ petition under article 226 of the constitution.
International Perspective
International Organisations And International Cyber Law Treaty And India
The global world network which united millions of computers located in different countries and opened broad opportunities to obtain and exchange information is used for criminal purpose more often nowadays.The introduction of electronic money and virtual banks, exchanges and shops became one of the factors of the appearance of a new kind of crime transnational computer crimes. Today law enforcements face tasks of counteraction and investigation of crimes in a sphere of computer technologies and Cyber crimes. Still, the definition of Cyber crimes remains unclear to law enforcement, through criminal action on the Internet pose great social danger. Transnational characters of these crimes give the ground today in the development of a mutual policy to regulate a strategy to fight Cyber crime.
One of the most serious steps to regulate this problem was the adoption of Cyber Crimes Convention by European Council on 23rd November 2001, the first ever agreement on juridical and procedural aspects of investigating and Cyber crimes. It specifies efforts coordinated at the national and international levels and directed at preventing illegal intervention into the work of computer systems. The convention stipulates actions targeted at national and international level, directed to prevent unlawful infringement of computer systems functions.
The convention divides Cyber crimes into four main kinds: hacking of computer systems, fraud, forbidden content and breaking copyright laws.By ways and measures these crimes are specific, have high latency and low exposure levels.[26]
There is another descriptive feature of these crimes, they are mostly committed only with the purpose to commit other more gravy crimes, for example, theft from bank accounts, getting restricted information, counterfeit of money or securities, extortion, espionage, etc.
There are various initiatives taken by the organization worldwide from time to time to control the growing menace of Cyber crime. Some of the initiatives taken by various organizations are:
The United Nation
A resolution on combating the criminal misuse of information technologies was adopted by the General Assembly on December 4th, 2000(A/res/55/63), including the following:- States should ensure that their laws and practice eliminates safe havens for those who criminally misuse information technologies.
- Legal systems should protect the confidentiality, integrity and availability of data and computer systems from unauthorized impairment and ensure that criminal abuse is penalized.[27]
The Council Of Europe
Convention on Cyber Crime of 2001 is a historic milestone in the combat against Cyber crime. Member states should complete the ratification and other states should consider the possibility of acceding to the convention or evaluate the advisability of implementing the principles of the convention. The council of Europe established a Committee of experts on crime in Cyber-space in 1997. The committee prepared the proposal for a convention on Cyber-crime, and the Council of Europe convention on Cyber Crime was adopted and opened for signatures at a conference in Budapest, Hungary in 2001. The total no. of ratifications/ accessions at present is 21.The European Union
In the European Union, the Commission of the European Communities presented on April 19, 2002 was a proposal for a council framework decision on attacks against information systems. The proposal was adopted by the Council in 2005 and includes Article 2: Illegal access to Information Systems, Article 3: Illegal Systems Interference and Article 4: Illegal Data Interference.ASEAN
The Association of South East Asian Nations (ASEAN) had established a high level ministerial meeting on Transnational Crime. ASEAN and China would jointly pursue a joint actions and measure and formulate a cooperative and emergency response procedures for purposes of maintaining and enhancing cyber-security and preventing and combating Cyber crime.APEC
The Ministers and leaders of the Asia Pacific Economic Cooperation (APEC) had made a commitment at a meeting in 2002 which included, Anendeavour to enact a comprehensive set of laws relating to cyber-security and Cyber crime that are consistent with the provisions of international legal instruments, including United Nations General Assembly Resolution 55/63 and the Convention on Cyber Crime by October 2003.G-8 States
At the Moscow meeting in 2006 for the G8 Justice and Home Affairs Ministers discussed Cyber crime and issues of Cyber crime. In a statement it was emphasized, We also discussed issues related to sharing accumulated international experience in combating terrorism, as well as comparative analysis of relevant pieces of legislation on that score. We discussed the necessity of improving effective countermeasures that will prevent IT terrorism and terrorist acts in this sphere of high technologies. For that it is necessary to set a measure to prevent such possible criminal acts, including on the sphere of telecommunication.That includes work against the selling of private data, counterfeit information and application of viruses and other harmful computer programs. We will instruct our experts to generate unified approaches to fighting cyber criminality, and we will need an international legal base for this particular work, and we will apply all of that to prevent terrorists from using computer and internet sites for hiring new terrorist and the recruitment of other illegal actors.[28]
International Cyber Law Treaty And India
Cyber law is an important part of information technology related regulations. Till now cyber law is a regional issue with various countries having different legislations. We need new progressive international legal frameworks in this regard. A new set of harmonised legal frameworks to combat cyber crime through increased international cooperation is the need of the hour. However, this requires a much more integrative approach involving not only governments, but also the private sector, civil society, and non-government sector to be successful.[29]Till there is an acceptable model for International cyber law, countries would keep on refusing to be part of the same. For example, India chose not to join the European Convention on Cyber Crime because it would have introduced a completely alien legal framework into the Indian legislative process.
Similarly, there is an urgent need to maintain a balance between civil liberties and national security and law enforcement requirements. The clash of civil liberties like free speech and expression with cyber security will also need to be studied carefully.
Recently Alexander Seger, Head of Economic Crime Division, Council of Europe, asked India to be a part of the Convention on Cyber crime. Although the intentions seem to be good yet the end result would be a big failure. This is so because an action without proper planning and preparation can never fetch the desired result. India is presently suffering from weak cyber law, ignored cyber security and absence of cyber forensics capabilities.
The Information Technology Act, 2000 (IT Act, 2000) is the sole cyber law of India that is regulating all the aspects of cyber law, cyber security and cyber forensics. Undoubtedly, the legal enablement of ICT systems in India is missing. Surprisingly, Seger thinks that the Information Technology (Amendment) Bill, 2008 now provides with a "fairly complete" legal framework.
He opined that now the most important step is to follow it up with steps that will enable India to cooperate internationally in an effective manner. According to Praveen Dalal, the Leading Techno-Legal Specialist of India and managing partner of Perry4 Law, India is currently not equipped to sign any International Convention or Treaty regarding Cyber Law and Cyber Crimes. If the very base is defective we cannot get the result we are carving for. The IT Act, 2000 is weak, cyber security is missing and cyber forensics capabilities do not exist. There are no efforts in these directions in India except by private sector.
Private Initiatives like Cyber Security Research Centre of India (CSRCI) of Perry4Law is very important for bringing Harmonisation of cyber law. Perry4Law and PTLB have been trying to leverage the opinion and expertise of specialists in their respective fields. Further, among many laudable objectives of CSRCI, one of it pertains to providing assistance in the formulation of International Cyber Law Treaty. CSRCI, Perry4Law and PTLB are in the process of formulating a draft that must be considered by the Indian government before acceding to any Convention in this regard.
It is clear that India is not yet ready to sign any international treaty or convention. Signing of the same would only increase pressure upon the law enforcement and Indian government. The proper course of actions is to improve its position regarding cyber law, cyber security and cyber forensics. Once that is achieved, we must proceed towards analysing the draft of European Union or any other institution[30]
Cyber Law In India
The cyber law, in any country of the World, cannot be effective unless the legal system of country is not well. To make cyber law effective in country there are the following three pre requisites:Firstly, A Sound Cyber Law regime: The Cyber law in India can be found in the form of IT Act, 2000. Now the IT Act, as originally enacted, was suffering from various loopholes and lacunas. These grey areas were excusable since India introduced the law recently and every law needs some time to mature and grow. It was understood that over a period of time it will grow and further amendments will be introduced to make it compatible with the International standards. It is important to realise that we need qualitative law and not quantitative laws. In other words, one single Act can fulfil the need of the hour provided we give it a dedicated and futuristic treatment.
The dedicated law essentially requires a consideration of public interest as against interest of few influential segments. Further, the futuristic aspect requires an additional exercise and pain of deciding the trend that may be faced in future. This exercise is not needed while legislating for traditional laws but the nature of cyber space is such that we have to take additional precautions. Since the Internet is boundary less, any person sitting in an alien territory can do havoc with the computer system of India. For instance, the Information Technology is much more advanced in other countries.
If India does not shed its traditional core that it will be vulnerable to numerous cyber threats in the future. The need of the hour is not only to consider the contemporary standards of the countries having developed Information Technology standards but to anticipate future threats as well in advance. Thus, a futuristic aspect of the current law has to be considered. Now the big question is whether India is following this approach? Unfortunately, the answer is in NEGATIVE.[31]
Secondly, Sounds enforcement machinery: A law might have been properly enacted and may be theoretically effective too but it is useless unless enforced in its true letter and spirit. The law enforcement machinery in India is not well equipped to deal with cyber law offences and contraventions. They must be trained appropriately and should be provided with suitable technological support.
Establishing a Suitable framework:
There is a dire need for the emergence of a well-defined framework of Cyber Laws, which should be able to do the following:
- Create and implement a minimum set of guiding rules of conduct that
would facilitate efficient Communications and reliable Commerce through the
use of Electronic medium.
- Define, punishment and prevent wrongful actions that attack the
electronic medium or harm others. One of the greatest concerns of the field
of Cyber Laws has been the absence (or rather delay) of a well-defined and
comprehensive framework of law across the globe.
Today's Internet was born in the early 1960's while the initial efforts for its regulation could only surface in the late 1990's. This problem has been further aggravated by the steep rise in usage of Internet in the recent years all over the world and that too in the absence of any appropriate legal framework.
Surely, the Cyber Law scenario is globally more complicated than traditional laws owing to the reason that the range of activities which are to be governed by these laws are largely technology driven, an area which is dynamically changing and is beyond anyone's control. However enactment of these laws poses opportunities for nations to carve model Cyber Societies for the future thereby taking a lead in becoming Global IT Powers.[32]
Effective Implementation of any law is as critical an exercise as its enactment.
A law implementing agency has to focus on the following major areas to be effective:
- Creating a suitable climate thereby Inducing Self Compliance by the Society.
- Regular monitoring of the scenario for reliable feedback.
- Offering Openness and Flexibility to accept and incorporate necessary modifications at appropriate times.
- Distinctly establishing the Authority-Responsibility guidelines for the Implementing Agency. In order to be effective, it has to be ensured that the Law is Simple, fair and full of clarity. Failing this, the law may be misused to harass individuals resulting in its defiance. The implementing agency will then be compelled to take corrective actions to ensure implementation. This whole process may result in spread of corruption and polluting of the overall sentiments in society making the job of law implementing agencies more difficult.
Cyber Legislations Worldwide
To meet the challenge posed by new kinds of crime made possible by computer technology including telecommunication, many countries have also reviewed their respective domestic criminal laws so as to prevent computer related crimes. Some of these countries are USA, Austria, Denmark, France Germany, Greece, Finland, Italy, Turkey, Sweden, Switzerland, Australia, Canada, India, Japan, Spain, Portugal, UK, Malaysia and Singapore.
However, no country has fully resolved all the issues such as legal, enforcement and prevention of crime. The legislations enacted by different countries cover only few of the classified computer related offences. However, looking to the dynamic and fast changing technology, new types of offences may pop-up frequently[33].
Some of the major types of offences against which many countries across the globe have enacted various Acts (mostly at preliminary levels) are as follows:
- Unlawful access to data in computers,
- Damaging data in computer etc.
- Possession of device to obtain unauthorised telephone facilities,
- Unauthorised access to computer and computer material
- Committing mischief with data.
- Data spying,
- Computer fraud,
- Forgery of prohibitive data
- Alteration of data,
- Computer sabotage.
- False entry in an authentic deed
- False entry in permit licence or passport
- Electronic record made wrongfully
- Electronic record made wrongfully by public servant
- Interferences with business by destruction or damage of computer
- Interferences with computer
- Destruction of public document
- Destruction of private document
- Unauthorised access with intention to commit offences/ computer crimes
- Unauthorised use and interception of computer services
- Knowingly access of computer without authorisation related to national defence or foreign relation.[34]
- Intentional access of computer without authorisation to obtain financial information
- Unauthorised access of computer of a Govt. Dept. Or agency
- Knowingly causing transmission of data/program to damage a computer network, data or program or withhold or deny use of computer, network etc.
- Knowingly causing transmission of data/program with risk that transmission will damage a computer network, data or program or withhold or deny use of computer, network etc., an unauthorised access of computer with intent to defraud.
The IT Law 2000, though appears to be self-sufficient, it takes mixed stand when it comes to many practical situations.
It loses its certainty at many places like:
- The law misses out completely the issue of Intellectual Property Rights,
and makes no provisions whatsoever for copyrighting, trade marking or
patenting of electronic information and data. The law even doesn't talk of
the rights and liabilities of domain name holders, the first step of
entering into the e-commerce.
- The law even stays silent over the regulation of electronic payments
gateway and segregates the negotiable instruments from the applicability of
the IT Act, which may have major effect on the growth of e-commerce in
India. It leads to make the banking and financial sectors irresolute in
their stands.
- The act empowers the Deputy Superintendent of Police to look up into the
investigations and filling of charge sheet when any case related to cyber
law is called. This approach is likely to result in misuse in the context of
Corporate India as companies have public offices which would come within the
ambit of "public place" under the Act. As a result, companies will not be
able to escape potential harassment at the hands of the DSP.
- Internet is a borderless medium; it spreads to every corner of the world where life is possible and hence is the cyber-criminal. Then how come is it possible to feel relaxed and secured once this law is enforced in the nation?
The IT Act is silent on filming anyone's personal actions in public and then distributing it electronically. It holds ISPs (Internet Service Providers) responsible for third party data and information, unless contravention is committed without their knowledge or unless the ISP has undertaken due diligence to prevent the contravention.[35]
For example, many Delhi based newspapers advertise the massage parlours; and in few cases even show the 'therapeutic masseurs' hidden behind the mask, who actually are prostitutes. Delhi Police has been successful in busting out a few such rackets but then it is not sure of the action it can take…should it arrest the owners and editors of newspapers or wait for some new clauses in the Act to be added up?? Even the much hyped case of the arrest of Bajaj, the CEO of Bazee.com, was a consequence of this particular ambiguity of the law. One cannot expect an ISP to monitor what information their subscribers are sending out, all 24 hours a day.
Cyber law is a generic term, which denotes all aspects, issues and the legal consequences on the Internet, the World Wide Web and cyber space. India is the 12th nation in the world that has cyber legislation apart from countries like the US, Singapore, France, Malaysia and Japan.
But can the cyber laws of the country be regarded as sufficient and secure enough to provide a strong platform to the country's e-commerce industry for which they were meant? India has failed to keep in pace with the world in this respect, and the consequence is not far enough from our sight; most of the big customers of India's outsourcing company have started to re-think of carrying out their business in India.Bajaj's case has given the strongest blow in this respect and have broken India's share in outsourcing market as a leader.[36]
If India doesn't want to lose its position and wishes to stay as the world's leader forever in outsourcing market, it needs to take fast but intelligent steps to cover the glaring loopholes of the Act, or else the day is not far when the scenario of India ruling the world's outsourcing market will stay alive in the dreams only as it will be overtaken by its competitors.
The Effectiveness of cyber law in India–The Information Technology Act, 2000 and critical analysis:
The IT Act, 2000 came at a time when cyber-specific legislation was much needed. It filled up the lacunae for a law in the field of e-commerce. Taking cue from its base-document, i.e. the UNICITRAL Model Law53 on electronic commerce, adopted in 1996, a law attuned to the Indian needs has been formulated.
Apart from e-commerce related provisions, computer crimes and offences along with punishments have been enumerated and defined. The powers of the police to investigate and power of search and seizure, etc. have been provided for. However, certain points need a re-working right from the scratch or require revamping.[37]
At the first instance, though the IT Act, 2000 purports to have followed the pattern of the UNICITRAL Model Law on Electronic Commerce, yet what took people by surprise is its coverage not only of e-commerce, but something more, i.e. computer crime and amendments to the Indian Penal Code. The UNICITRAL Model Law did not cover any of the other aspects.
Therefore in a way, the IT Act, 2000 has been an attempt to include other issues relating to cyber world as well which might have an impact on the ecommerce transactions and its smooth functioning. Though, that of course is not reflected even from the Statements of Objectives and reasons or the preamble of the Statute. Amendments to the Indian evidence Act are evidently made to permit electronic evidence in court. This is a step in the right direction.
Secondly, a single section devoted to liability of the Network Service Provider is highly inadequate. The issues are many more. Apart from classification of the Network Service provider itself there can be various other instances in which the Provider can be made liable specially under other enactments like the Copyright Act or the Trade Marks Act. However the provision in the IT Act, 2000 devoted to ISP protection against any liability is restricted only to the Act or rules or regulations made there under. The section is not very clear as to whether the protection for the ISPs extends even under the other enactments.
It has been argued that the Act of this nature would divide the society into digital haves and digital have-nots. This argument is based on the premise that with an extremely low PC penetration, poor Internet connectivity and other poor communication infrastructure facilities, a country like India would have islands of digital haves surrounded by digital have-nots. Logically speaking, such an argument is untenable as the „digital core has been expanding horizontally and everyday communication connectivity is rising across India.
An Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.
Criminal Liabilities Under I.T. Act, 2000
Offences & Penalties under the Information Technology Act, 2000[38]The introduction of the internet has brought the tremendous changes in our lives. People of all fields are increasingly using the computers to create, transmit and store information in the electronic form instead of the traditional papers, documents. Information stored in electronic forms has many advantages, it is cheaper, easier to store, easier to retrieve and for speedier to connection.
Though it has many advantages, it has been misused by many people in order to gain themselves or for sake or otherwise to harm others. The high and speedier connectivity to the world from any place has developed many crimes and these increased offences led to the need of law for protection.
Some countries have been rather been vigilant and formed some laws governing the net. In order to keep in pace with the changing generation, the Indian Parliament passed the law Information Technology Act 2000. The IT Act 2000 has been conceptualized on the United Nations Commissions on International Trade Law (UNCITRAL) Model Law.
The increase rate of technology in computers has led to enactment of Information Technology Act 2000. The converting of the paper work into electronic records, the storage of the electronic data, has led tremendous changed the scenario of the country. The Act further amends the Indian Penal Code, 1860, The Evidence Act, 1872, The Banker's Book's Evidence Act, 1891 and The Reserve Bank of India Act, 1934.
Section 65: Tampering with computer source documents
Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the being time in force, shall be punishable with imprisonment up to three year, or with fine which may extend up to two lakh rupees, or with both.
Penalties: Section 65 is tried by any magistrate.
This is cognizable and non-bailable offence.
Penalties: Imprisonment up to 3 years and / or
Fine: Two lakh rupees.
Section66: Hacking with the computer system
- Whoever with the intent to cause or knowing that he is likely to cause
wrongful loss or damage to the public or any person destroys or deletes or
alters any information residing in a computer resource or diminishes its
value or utility or affects it injuriously by any means, commits hacking.
[39]
- Whoever commits hacking shall be punished with imprisonment up to three
years, or with fine which may extend up to two lakh rupees, or with both.
Penalties:
Punishment: Imprisoned up to three years and Fine:
This may extend up to two lakh rupees or with both. Section 67: Publishing of obscene information in electronic form Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstance, to read see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees.
Penalties: Punishment:
On first conviction- imprisonment which may extend up to five years. Fine: up to on first conviction which may extend to one lakh rupees.
On second conviction-imprisonment up to which may extend to ten years and Fine which may extend up to two lakh rupees. [40]
Section 68: Power of controller to give directions
The Controller may, by order, direct a Certifying Authority or any employee of such Authority to take such measures or cease carrying on such activities as specified in the order if those are necessary to ensure compliance with the provisions of this Act, rules or any regulations made there under.
Any person who fails to comply with any order under sub-section (1) shall be guilty of an offence and shall be liable on conviction to imprisonment for a term not exceeding three years or to a fine not exceeding two lakh rupees or to both.
Explanation: Any person who fails to comply with any order under sub section (1) of the above section, shall be guilty of an offence and shall be convicted for a term not less than three years or to a fine exceeding two lakh rupees or to both. The under this section is non-bailable & cognizable.
Penalties:
Punishment: imprisonment up to a term not exceeding three years
Fine: not exceeding two lakh rupees.
Section 69: Directions of Controller to a subscriber to extend facilities to decrypt information
- If the Controller is satisfied that it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, the security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence; for reasons to be recorded in writing, by order, direct any agency of the Government to intercept any information transmitted through any computer resource.
- The subscriber or any person in charge of the computer resource shall, when called upon by any agency which has been directed under sub-section (1), extend all facilities and technical assistance to decrypt the information.
- The subscriber or any person who fails to assist the agency referred to in sub section (2) shall be punished with an imprisonment for a term which may extend to seven years. [41]
Penalties:
Punishment: imprisonment for a term which may extend to seven years. The offence is cognizable and non- bailable.
Section 70: Protected System
The appropriate Government may, by notification in the Official Gazette, declare that any computer, computer system or computer network to be a protected system.
The appropriate Government may, by order in writing, authorize the persons who are authorized to access protected systems notified under sub-section (1).
Any person who secures access or attempts to secure access to a protected system in contravention of the provision of this section shall be punished with imprisonment of either description for a term which may extend to ten years and shall also be liable to fine.
Penalties:
Punishment: the imprisonment which may extend to ten years and fine.
Section 71: Penalty for misrepresentation
Whoever makes any misrepresentation to, or suppresses any material fact from, the Controller or the Certifying Authority for obtaining any license or Digital Signature Certificate, as the case may be, shall be punished with imprisonment for a term which may extend to two years, or which fine which may extend to one lakh rupees, or with both.
Penalties:
Punishment: imprisonment which may extend to two years
Fine: may extend to one lakh rupees or with both.
Section 72: Penalty for breach of confidentiality and privacy
Save as otherwise provide in this Act or any other law for the time being in force, any person who, in pursuance of any of the powers conferred under this Act, rules or regulation made there under, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both. [42]
Penalties:
Punishment: term which may extend to two years.
Fine: one lakh rupees or with both.
Section 73: Penalty for publishing Digital Signature Certificate false in certain particulars
No person shall publish a Digital Signature Certificate or otherwise make it available to any other person with the knowledge that:
- The Certifying Authority listed in the certificate has not issued it; or
- The subscriber listed in the certificate has not accepted it; or
- The certificate has been revoked or suspended, unless such publication is for the purpose of verifying a digital signature created prior to such suspension or revocation.
Penalties:
Punishment: imprisonment of a term of which may extend to two years.
Fine: fine may extend to 1 lakh rupees or with both
Section 74: Publication for fraudulent purpose
Whoever knowingly creates publishes or otherwise makes available a Digital Signature Certificate for any fraudulent or unlawful purpose shall be punished with imprisonment for a term which may extend to two years, or with fine which extend to one lakh rupees, or with both.
Penalties:
Punishment: imprisonment for a term up to two years.
Fine: up to one lakh or both.
Section 75: Act to apply for offence or contravention committed outside India
Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any offence or contravention committed outside India by any person irrespective of his nationality. For the purposes of sub-section (1), this Act shall apply to an offence or Contravention committed outside India by any person if the act or conduct constituting the offence or contravention involves a computer, computer system or computer network located in India.[43]
Section 76: Confiscation
Any computer, computer system, floppies, compact disks, tape drives or any other accessories related thereto, in respect of which any provisions of this Act, rules, orders or regulations made there under has been or is being contravened, shall be liable to confiscation
Provided that where it is established to the satisfaction of the court adjudicating the confiscation that the person in whose possession, power or control of any such computer, computer system, floppies, compact disks, tape drives or any other accessories relating thereto is found is not responsible for the contravention of the provisions of this Act, rules orders or regulations made there under, the court may, instead of making an order for confiscation of such computer, computer system, floppies, compact disks, tape drives or any other accessories related thereto, make such other order authorized by this Act against the person contravening of the provisions of this Act, rules, orders or regulations made there under as it may think fit.
Section 77: Penalties or confiscation not to interfere with other punishments
No penalty imposed or confiscation made under this Act shall prevent the imposition of any other punishment to which the person affected thereby is liable under any other law for the time being in force.
Explanation: The aforesaid section lays down a mandatory condition, which states the Penalties or confiscation not to interfere with other punishments to which the person affected thereby is liable under any other law for the time being in force.
Section 78: Power to investigate offences
Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer not below the rank of Deputy Superintendent of Police shall investigate any offence under this Act.
Explanation: The police officer not below the rank of Deputy Superintendent of police shall investigate the offence.
Civil Liabilities Under I.T. Act, 2000 [44]
The Information Technology Act, 2000 basically deals with the legal recognition of electronic documents and that of digital signatures. This Act incorporates a separate Chapter XI entitled Offences to deal with various cybercrimes and contraventions. This act also deals with Justice Dispensation systems for various cybercrimes.The act was widely criticized on various fronts and due this criticism detailed amendments were brought in the form of IT Amendment Act, 2008. Major of such amendments were the focus on data privacy and information security. Even though legal recognition of digital signatures was already included under the original Act of 2000, but the Amendment Act, 2008 made the digital signature technology-neutral. Along with, the defining of reasonable security practices to be followed by the Corporate, the role of intermediaries was also redefined.
Very importantly, the term cyber cafe was defined under this Act. Offences like child pornography and cyber terrorism were also included is the forms of cybercrimes. Cyber terrorism has been made a heinous cybercrime under this Act and has been defined in the widest possible terms and made punishable with imprisonment which may extend to imprisonment for life and fine.
An important change that has been brought forth by the Amendment Act is that the new amendment has replaced Section 43 with Section 66. Under Section 66 the Word hacking has been removed, but that does not mean that hacking as an offence has been removed; instead hacking still remains an offence by the name of data theft in this section. This section has further been widened in the form of Sections 66A to 66F. 66A deals with the sending of offensive messages through communication service, and causing annoyance to any electronic communication, and also includes the offence of misleading the recipient of the origin of such messages.
Such offences can be punished with imprisonment for 3 years or fine. 66B deals with dishonestly receiving stolen computers or other communication device and such a crime can be punished with three years of imprisonment or fine of Rs.1 Lakh or both. 66C deals with stealing electronic signature or identity such as using another person's password or electronic signature, such an offence can be punished with three years of imprisonment or fine of Rs. 1 lakh or both. Similar is the punishment under section 66D for cheating by personating through computer resource or a communication device. 66E covers the offences relating to privacy violation such as publicly publishing the information about any person's location without prior permission or consent. 66F is great importance as it deals with cyber terrorism.
This Section covers a wide range of offences which can be termed as terrorism; Such as, any act denying access to any authorized person to access the computer in order to hamper the unity, integrity, security or sovereignty of the nation. Further, this section also includes the acts of access to a commuter resource without authorization. It also covers such acts which can lead to any injury to any person or result in damage or destruction of any property, while trying to contaminate the computer through any virus like Trojan etc.
All the offences that are covered under this Section can be punished with life imprisonment. Very importantly, the offences which are covered under section 66 are cognizable and non-bailable.[45]
The major transformation from section 43 of the original act to Section 66 of the Amendment Act is that, that all the offences that were covered under Section 43 gave rise to civil liability which had its remedy in either compensation or damages. But under Section 66 of the Amendment Act if such act is done with criminal intention that is mensrea, then it will attract criminal liability having remedy in imprisonment or fine or both.
Moreover, under Sections 71, 72, 73 of the Information Technology Act 2000 some acts or omissions have been made criminally liable with strict liability e.g. Penalty for breach of confidentiality and privacy, penalty for misrepresentation etc. Section 67 of the original Act dealt with publishing or transmitting obscene material in electronic form but the scope of this section was widened by the amendment which included child pornography under section 67-B and also the act of retention of records by the intermediaries.
And such offences under section 67-A will be punished with conviction of a term up to 3 years and fine of Rs.5 lakh and in case it is the second conviction then conviction will be for five years and fine of Rs.10 Lack or both. But for offence under section 67-B the provision is for stricter conviction which is for 5 years and fine of Rs. 10 lakh or both in case of first conviction, and the same will be increased to 7 years and fine of Rs. 10 lakh in case of second conviction.
An important set of well-intentioned but woefully inadequate provisions are those relating to the protection of data. The absence of a specific law on data protection had, in itself, garnered much criticism both within the country as well as in the context of international transactions and outsourcing. The old Act offered the feeble protection of a single provision (section 43) that dealt with unauthorized access and damage to data. In an attempt to meet industry demands and international market standards, the ITA introduced two sections that address civil and criminal sanctions.
While this exercise understandably falls far short of a comprehensive law relating to data (being squeezed into an omnibus piece of technology related legislation, rather than one geared up only to deal with data), there was considerable anticipation of its role in papering over the existing cracks and provide a workable, if temporary, data protection regime.
The Indian Penal Code, 1860 [46]
Normally referred to as the IPC, this is a very powerful legislation and probably the most widely used in criminal jurisprudence, serving as the main criminal code of India. Enacted originally in 1860 and amended many time since, it covers almost all substantive aspects of criminal law and is supplemented by other criminal provisions. In independent India, many special laws have been enacted with criminal and penal provisions which are often referred to and relied upon, as an additional legal provision in cases which refer to the relevant provisions of IPC as well.
The Indian Penal Code was amended by inserting the word electronic thereby treating the electronic records and documents on a par with physical records and documents. The Sections dealing with false entry in a record or false document etc (e.g. 192, 204, 463, 464, 464, 468 to 470, 471, 474, 476 etc) have since been amended as 'electronic record and electronic document' thereby bringing within the ambit of IPC.
Now, electronic record and electronic documents has been treated just like physical records and documents during commission of acts of forgery or falsification of physical records in a crime. After the above amendment, the investigating agencies file the cases/ charge-sheet quoting the relevant sections from IPC under section 463,464, 468 and 469 read with the ITA/ITAA under Sections 43 and 66 in like offences to ensure the evidence and/or punishment can be covered and proved under either of these or under both legislation.
Offences covered under IPC and Special Laws[47]
Sec.503 IPC: Sending threatening messages by email
Section 503 - Criminal intimidation
Whoever threatens another with any injury to his person, reputation or property, or to the person or reputation of any one in whom that person is interested, with intent to cause alarm to that person, or to cause that person to do any act which he is not legally bound to do, or to omit to do any act which that person is legally entitled to do, as the means of avoiding the execution of such threat, commits criminal intimidation.
Explanation- A threat to insure the reputation of any deceased person in whom the person threatened is interested, is within this section.
Sec. 499 IPC: Sending defamatory messages by email
Section 499 - Defamation
Whoever, by words either spoken or intended to be read, or by signs or by visible representations, makes or publishes any imputation concerning any person intending to harm, or knowing or having reason to believe that such imputation will harm, the reputation of such person, is said, except in the cases hereinafter expected, of defame that person.
Explanation - It may amount to defamation to impute anything to a deceased person, if the imputation would harm the reputation of that person if living, and is intended to be hurtful to the feelings of his family or other near relatives.
Forgery of electronic records, Email spoofing
Sec 463, 464, 468, 469 IPC
Section 463: Forgery
Whoever makes any false documents or electronic record part of a document or electronic record with, intent to cause damage or injury, to the public or to any person, or to support any claim or title, or to cause any person to part with property, or to enter into any express or implied contract, or with intent to commit fraud or that fraud may be committed, commits forgery.
Section 464: Making a false document
A person is said to make a false document or false electronic record-
First-Who dishonestly or fraudulently-
- Makes, signs, seals or executes a document or part of a document;
- Makes or transmits any electronic record or part of any electronic record;
- Affixes any digital signature on any electronic record;
- Makes any mark denoting the execution of a document or the authenticity of the digital signature,
Secondly- Who, without lawful authority, dishonestly or fraudulently, by cancellation or otherwise, alters a document or an electronic record in any material part thereof, after it has been made, executed or affixed with digital signature either by himself or by any other person, whether such person be living or dead at the time of such alteration; or
Thirdly- Who dishonestly or fraudulently causes any person to sign, seal, execute or alter a document or an electronic record or to affix his digital signature on any electronic record knowing that such person by reason of unsoundness of mind or intoxication cannot, or that by reason of deception practiced upon him, he does not know the contents of the document or electronic record or the nature of the alterations.
Section 468: Forgery for purpose of cheating
Whoever commits forgery, intending that the 1[document or Electronic Record] forged shall be used for the purpose of cheating, shall be punished with imprisonment of either description for a term which may extend to seven years, and shall also be liable to fine.
Section 469: Forgery for purpose of harming reputation
Whoever commits forgery, 1[intending that the document or Electronic Record forged] shall harm the reputation of any party, or knowing that it is likely to use for that purpose, shall be punished with imprisonment of either description for a term which may extend to three years, and shall also be liable to fine.
4. Bogus websites, cyber frauds
Sec 420 IPC
Section 420: Cheating and dishonestly inducing delivery of property
Whoever cheats and thereby dishonestly induces the person deceived any property to any person, or to make, alter or destroy the whole or any part of a valuable security, or anything which is signed or sealed, and which is capable of being converted into a valuable security, shall be punished with imprisonment of either description for a term which may extend to seven years, and shall also be liable to fine.
Web-Jacking
Sec. 383 IPC
Section 383: Extortion
Whoever intentionally puts any person in fear of any injury to that person, or to any other, and thereby dishonestly induces the person so put in fear to deliver to any property or valuable security, or anything signed or sealed which may be converted into a valuable security, commits "extortion".
E-Mail Abuse, Online Defamation
Sec.500, 509 IPC
Section 500: Punishment for defamation
Whoever defames another shall be punished with simple imprisonment for a term which may extend to two years, or with fine, or with both.
Section 509: Word, gesture or act intended to insult the modesty of a woman
Whoever, intending to insult the modesty of any woman, utters any word, makes any sound or gesture, or exhibits any object, intending that such word or sound shall be heard, of that such gesture or object shall be seen, by such woman, or intrudes upon the privacy of such woman, shall be punished with simple imprisonment for a term which may extend to one year, or with fine, or with both.
Criminal Intimidation by E-mail or Chat
Sec. 506, 507 IPC
Section 506: Punishment for criminal intimidation
Whoever commits, the offence of criminal intimidation shall be punished with imprisonment of either description for a term which may extend to two years, or with fine, or with both;
If threat be to cause death or grievous hurt, etc.: -And if the threat be to cause death or grievous hurt, or to cause the destruction of any property by fire, or to cause an offence punishable with death or 1[imprisonment for life], or with imprisonment for a term which may extend to seven years, or to impute, unchastity to a woman, shall be punished with imprisonment of either description for a term which may extend to seven years, or with fine, or with both.
Section 507: Criminal intimidation by an anonymous communication
Whoever commits the offence of criminal intimidation by an anonymous communication, or having taken precaution to conceal the name or abode of the person form whom the threat comes, shall be punished with imprisonment of either description for a term which may extend to two years, in addition to the punishment provided for the offence by the last preceding section.
Online sale of Drugs
NDPS Act
Online sale of Arms
Arms Act
Piracy
Sec. 51, 63, 63 B Copyright act
Section 51: When copyright infringed
Copyright in a work shall be deemed to be infringed:
- when any person, without a license granted by the owner of the Copyright
or the Registrar of Copyrights under this Act or in contravention of the
conditions of a license so granted or of any condition imposed by a
competent authority under this Act:
- Does anything, the exclusive right to do which is by this Act conferred upon the owner of the copyright, or
- Permits for profit any place to be used for the performance of the work
in public where such performance constitutes an infringement of the
copyright in the work unless he was not aware and had no reasonable ground
for believing that such performance would be an infringement of copyright,
or
- When any person:
- Make for sale or hire, or sells or lets for hire, or by way of trade displays or offers for sale or hire, or
- Distributes either for the purpose of trade or to such an extent as to affect prejudicially the owner of the copyright, or
- By way of trade exhibits in public, or
- Imports (except for the private and domestic use of the importer) into India, any infringing copies of the work. [48]
Section 63: Offence of infringement of copyright or other rights conferred by this Act.
Any person who knowingly infringes or abets the infringement of:
- The copyright in a work, or
- Any other right conferred by this Act, 125[except the right conferred by section 53A]shall be punishable with imprisonment for a term which shall not be less than six months but which may extend to three years and with fine which shall not be less than fifty thousand rupees but which may extend to two lakh rupees:
Explanation-Construction of a building or other structure which infringes or which, if completed, would infringe the copyright in some other work shall not be an offence under this section.
Section 63A: Enhanced penalty on second and subsequent convictions
Whoever having already been convicted of an offence under section 63 is again convicted of any such offence shall be punishable for the second and for every subsequent offence, with imprisonment for a term which shall not be less than one year but which may extend to three years and with fine which shall not be less than one lakh rupees but which may extend to two lakh rupees:
Provided that where the infringement has not been made for gain in the course of trade or business the court may, for adequate and special reasons to be mentioned in the judgment impose a sentence of imprisonment for a term of less than one year or a fine of less than one lakh rupees: Provided further that for the purposes of this section, no cognizance shall be taken of any conviction made before the commencement of the Copyright (Amendment) Act, 1984.
Section 63B: Knowing use of infringing copy of computer programme to be an offence
Any person who knowingly makes use on a computer of an infringing copy of a computer programme shall be punishable with imprisonment for a term which shall not be less than seven days but which may extend to three years and with fine which shall not be less than fifty thousand rupees but which may extend to two lakh rupees:
Provided that where the computer programme has not been used for gain or in the course of trade or business, the court may, for adequate and special reasons to be mentioned in the judgment, not impose any sentence of imprisonment and may impose a fine which may extend to fifty thousand rupees."
Obscenity
Sec. 292,293,294 IPC, Indecent Representation of Women Act [49]
Section 292: Sale, etc., or obscene books, etc
- For the purposes of sub-section
- a book, pamphlet, paper, writing, drawing, painting, representation,
figure or any other object, shall be deemed to be obscene if it is
lascivious or appeals to the prurient interest or if its effect, or (where
it comprises two or more distinct items) the effect of any one of its items,
is, if taken as a whole, such as to tend to deprave and corrupt persons who
are likely, having regard to all relevant circumstances, to read, see or
hear the matter contained or embodied in it.
- (2) Whoever-
- Sells, lets to hire, distributes, publicly exhibits or in any manner
puts into circulation, or for purposes of sale, hire, distribution, public
exhibition or circulation, makes, produces or has in his possession any
obscene book, pamphlet, paper, drawing, painting, representation or figure
or any other obscene object whatsoever, or
- Imports, exports or conveys any obscene object for any of the purposes
aforesaid, or knowing or having reason to believe that such object will be
sold, let to hire, distributed or publicly exhibited or in any manner put
into circulation, or
- Takes part in or receives profits from any business in the course of
which he knows or has reason to believe that any such obscene objects are,
for any of the purposes aforesaid, made, produced, purchased, kept,
imported, exported, conveyed, publicly exhibited or in any manner put into
circulation, or
- Advertises or makes known by any means whatsoever that any person is
engaged or is ready to engage in any act which is an offence under this
section, or that any such obscene object can be procured from or through any
person, or
- Offers or attempts to do any act which is an offence under this section, Shall be punished 4[on first conviction with imprisonment of either description for a term which may extend to two years, and with fine which may extend to two thousand rupees, and, in the event of a second or subsequent conviction, with imprisonment of either description for a term which may extend to five years, and also with fine which may extend to five thousand rupees.[50]
- Sells, lets to hire, distributes, publicly exhibits or in any manner
puts into circulation, or for purposes of sale, hire, distribution, public
exhibition or circulation, makes, produces or has in his possession any
obscene book, pamphlet, paper, drawing, painting, representation or figure
or any other obscene object whatsoever, or
Section 292A: Printing etc. of grossly indecent or scurrilous matter or matter intended for blackmail
Whoever:
- Prints or causes to be printed in any newspaper, periodical or circular,
or exhibits or causes to be exhibited, to public view or distributes or
causes to be distributed or in any manner puts into circulation any picture
or any printed or written document which is grossly indecent, or in
scurrilous or intended for blackmail, or
- Sells or lets for hire, or for purposes of sale or hire makes, produces
or has in his possession, any picture or any printed or written document
which is grossly indecent or is scurrilous or intended for blackmail; or
- Conveys any picture or any printed or written document which is grossly
indecent or is scurrilous or intended for blackmail knowing or having reason
to believe that such picture or document will be printed, sold, let for hire
distributed or publicly exhibited or in any manner put into circulation; or
- Takes part in, or receives profits from, any business in the course of
which he knows or has reason to believe that any such newspaper, periodical,
circular, picture or other printed or written document is printed,
exhibited, distributed, circulated, sold, let for hire, made, produced,
kept, conveyed or purchased; or
- Advertises or makes known by any means whatsoever that any person is
engaged or is ready to engage in any Act which is an offence under this
section, or that any such newspaper, periodical, circular, picture or other
printed or written document which is grossly indecent or is scurrilous or
intended for blackmail, can be procured from or through any person; or
- Offers or attempts to do any act which is an offence under this section *[shall be punished with imprisonment of either description for a term which may extend to two years, or with fine, or with both.
Section 293: Sale, etc., of obscene objects to young person
Whoever sells, lets to hire, distributes, exhibits or circulates to any person under the age of twenty years any such obscene object as is referred to in the last preceding section, or offers or attempts so to do, shall be punished 2[on first conviction with imprisonment of either description for a term which may extend to three years, and with fine which may extend to two thousand rupees, and, in the event of a second or subsequent conviction, with imprisonment of either description for a term which may extend to seven years, and also with fine which may extend to five thousand rupees.
Section 294: Obscene acts and songs
Whoever, to the annoyance of others:
- Does any obscene act in any public place, or
- Sings, recites or utters any obscene song, balled or words, in or near any public place, Shall be punished with imprisonment of either description for a term which may extend to three months, or with fine, or with both.
Sec. 378, 379 IPC
Section 378: Theft
Whoever intending to take dishonestly any moveable property out of the possession of any person without that person's consent, moves that property in order to such taking, is said to commit theft.
Section 379: Punishment for theft
Whoever commits theft shall be punished with imprisonment of either description for a term which may extend to three years, or with fine, or with both.
Role Of Judiciary
A sound judicial system is the backbone for preserving the law and order in a society. It is commonly misunderstood that it is the sole responsibility of the Bench alone to maintain law and order. That is a misleading notion and the Bar is equally responsible for maintaining it. This essentially means a rigorous training of the members of both the Bar and the Bench. The fact is that the cyber law is in its infancy stage in India hence not much Judges and Lawyers are aware of it.Thus, a sound cyber law training of the Judges and Lawyers is the need of the hour. In short, the dream for an Ideal Cyber Law in India requires a considerable amount of time, money and resources. In the present state of things, it may take five more years to appreciate its application. The good news is that Government has sanctioned a considerable amount as a grant to bring e-governance within the judicial functioning. The need of the hour is to appreciate the difference between mere computerisation and cyber law literacy.
The judges and lawyers must be trained in the contemporary legal issues like cyber law so that their enforcement in India is effective. With all the challenges that India is facing in education and training, e- learning has a lot of answers and needs to be addressed seriously by the countries planners and private industry alike. E-learning can provide education to a large population not having access to it.[52]
The IT Act 2000 attempts to change out-dated laws and provides ways to deal with Cyber crimes. Let's have an overview of the law where it takes a firm stand and has got successful in the reason for which it was framed:
- The E-commerce industry carries out its business via transactions and
communications done through electronic records. It thus becomes essential
that such transactions be made legal. Keeping this point in the
consideration, the IT Act 2000 empowers the government departments to accept
filing, creating and retention of official documents in the digital format.
The Act also puts forward the proposal for setting up the legal framework
essential for the authentication and origin of electronic records /
communications through digital signature.
- The Act legalizes the e-mail and gives it the status of being valid form
of carrying out communication in India. This implies that e-mails can be
duly produced and approved in a court of law, thus can be a regarded as
substantial document to carry out legal proceedings.
- The act also talks about digital signatures and digital records. These
have been also awarded the status of being legal and valid means that can
form strong basis for launching litigation in a court of law. It invites the
corporate companies in the business of being Certifying Authorities for
issuing secure Digital Signatures Certificates.
- The Act now allows Government to issue notification on the web thus heralding e-governance.[53]
- It eases the task of companies of the filing any form, application or document by laying down the guidelines to be submitted at any appropriate office, authority, body or agency owned or controlled by the government. This will help in saving costs, time and manpower for the corporate.
- The act also provides statutory remedy to the corporates in case the crime against the accused for breaking into their computer systems or network and damaging and copying the data is proven. The remedy provided by the Act is in the form of monetary damages, not exceeding Rs. 1 crore ($200,000).
- Also the law sets up the Territorial Jurisdiction of the Adjudicating Officers for Cyber crimes and the Cyber Regulations Appellate Tribunal.
- The law has also laid guidelines for providing Internet Services on a license on a non-exclusive basis.[54]
In the present global situation where cyber control mechanisms are important we need to push cyber laws. Cyber Crimes are a new class of crimes to India rapidly expanding due to extensive use of internet. Getting the right lead and making the right interpretation are very important in solving a Cyber crime. The 7 stage continuum of a criminal case starts from perpetration to registration to reporting, investigation, prosecution, adjudication and execution.
The system cannot be stronger than the weakest link in the chain.In India; there are 30 million policemen to train apart from 12,000 strong Judiciary. Police in India are trying to become Cyber crime savvy and hiring people who are trained in the area. Each police station in Delhi will have a computer soon which will be connected to the Head Quarter. The pace of the investigations however can be faster; judicial sensitivity and knowledge need to improve. Focus needs to be on educating the police and district judiciary. IT Institutions can also play a role in this area.
Technology nuances are important in a spam infested environment where privacy can be compromised and individuals can be subjected to become a victim unsuspectingly. We need to sensitize our investigators and judges to the nuances of the system. Most cyber criminals have a counter part in the real world. If loss of property or persons is caused the criminal is punishable under the IPC also. Since the law enforcement agencies find it is easier to handle it under the IPC, IT Act cases are not getting reported and when reported are not necessarily dealt with under the IT Act. A lengthy and intensive process of learning is required. [55]
A whole series of initiatives of cyber forensics were undertaken and cyber law procedures resulted out of it. This is an area where learning takes place every day as we are all beginners in this area. We are looking for solutions faster than the problems can get invented. We need to move faster than the criminals.
The real issue is how to prevent Cyber crime. For this, there is need to raise the probability of apprehension and conviction. India has a law on evidence that considers admissibility, authenticity, accuracy, and completeness to convince the judiciary. The challenge in Cyber crime cases includes getting evidence that will stand scrutiny in a foreign court.
For this India needs total international cooperation with specialized agencies of different countries. Police has to ensure that they have seized exactly what was there at the scene of crime, is the same that has been analyzed and the report presented in court is based on this evidence. It has to maintain the chain of custody. The threat is not from the intelligence of criminals but from our ignorance and the will to fight it. The law is stricter now on producing evidence especially where electronic documents are concerned.
The computer is the target and the tool for the perpetration of crime. It is used for the communication of the criminal activity such as the injection of a virus/worm which can crash entire networks.
The Information Technology (IT) Act, 2000, specifies the acts which have been made punishable. Since the primary objective of this Act is to create an enabling environment for commercial use of I.T., certain omissions and commissions of criminals while using computers have not been included. With the legal recognition of Electronic Records and the amendments made in the several sections of the IPC vide the IT Act, 2000, several offences having bearing on cyber-arena are also registered under the appropriate sections of the IPC.
Survey regarding Cyber crime:
During the year 2003, 60 cases were registered under IT Act as compared to 70 cases during the previous year thereby reporting a decline of 14.3 percent in 2003 over 2002. Of the total 60 cases registered under IT Act 2000, around 33 percent (20 cases) relate to Obscene Publication / Transmission in electronic form, normally known as cases of cyber pornography. 17 persons were arrested for committing such offences during 2003[56].
There were 21 cases of Hacking of computer systems wherein 18 persons were arrested in 2003. Of the total (21) Hacking cases, the cases relating to Loss/Damage of computer resource/utility under Sec 66(1) of the IT Act were to the tune of 62 percent (13 cases) and that related to Hacking under Section 66(2) of IT Act were 38 percent (8cases).
During 2003, a total of 411 cases were registered under IPC Sections as compared to 738 such cases during 2002 thereby reporting a significant decline of 44 percent in 2003 over 2002[57. Andhra Pradesh reported more than half of such cases (218 out of 411) (53 percent).
Though, these offences fall under the traditional IPC crimes, the cases had the cyber tones wherein computer, Internet or its related aspects were present in the crime and hence they were categorized as Cyber Crimes under IPC.
During 2003, number of cases under Cyber Crimes relating to Counterfeiting of currency/Stamps stood at 53 wherein 118 persons were arrested during 2003. Of the 47,478 cases reported under Cheating, the Cyber Forgery (89) accounted for 0.2 per cent. Of the total Criminal Breach of Trust cases (13,432), the Cyber frauds (269) accounted for 2 percent. Of the Counterfeiting offences (2,055), Cyber Counterfeiting (53) offences accounted for 2.6 percent.
A total of 475 persons were arrested in the country for Cyber Crimes under IPC during 2003. Of these, 53.6 percent offenders (255) were taken into custody for offences under Criminal Breach of Trust/Fraud (Cyber) and 21.4 percent (102) for offences under Cyber Forgery.
The age-wise profile of the arrested persons showed that 45 percent were in the age-group of 30-45 years, 28.5 percent of the offenders were in the age-group of 45-60 years and 11 offenders were aged 60 years and above. Gujarat reported 2 offenders who were below 18 years of age[58].
Cyber crime is not on the decline. The latest statistics show that Cyber crime is actually on the rise. However, it is true that in India, Cyber crime is not reported too much about. Consequently there is a false sense of complacency that Cyber crime does not exist and that society is safe from Cyber crime. This is not the correct picture. The fact is that people in our country do not report Cyber crimes for many reasons. Many do not want to face harassment by the police. There is also the fear of bad publicity in the media, which could hurt their reputation and standing in society. Also, it becomes extremely difficult to convince the police to register any Cyber crime, because of lack of orientation and awareness about Cyber crimes and their registration and handling by the police.
A recent survey indicates that for every 500 Cyber crime incidents that take place, only 50 are reported to the police and out of that only one is actually registered. These figures indicate how difficult it is to convince the police to register a Cyber crime. The establishment of Cyber crime cells in different parts of the country was expected to boost Cyber crime reporting and prosecution[59]. However, these cells haven't quite kept up with expectations. Netizens should not be under the impression that Cyber crime is vanishing and they must realize that with each passing day, cyberspace becomes a more dangerous place to be in, where criminals roam freely to execute their criminals intentions encouraged by the so- called anonymity that internet provides.
The absolutely poor rate of Cyber crime conviction in the country has also not helped the cause of regulating Cyber crime. There have only been few Cyber crime convictions in the whole country[60], which can be counted on fingers. We need to ensure that we have specialized procedures for prosecution of Cyber crime cases so as to tackle them on a priority basis,. This is necessary so as to win the faith of the people in the ability of the system to tackle Cyber crime. We must ensure that our system provides for stringent punishment of Cyber crimes and cyber criminals so that the same acts as a deterrent for others.[61]
Threat Perceptions
UK has the largest number of infected computers in the world followed by the US and China. Financial attacks are 16 events per 1000, the highest among all kinds of attacks. The US is the leading source country for attacks but this has declined. China is second and Germany is third. It is hard to determine where the attack came from originally.
The number of viruses and worm variants rose sharply to 7,360 that is a 64% increase over the previous reporting period and a 332% increase over the previous year. There are 17,500 variants of Win.32 viruses[62]. Threats to confidential information are on the rise with 54% of the top 50 reporting malicious code with the potential to expose such information[63]. Phishing messages grew to 4.5 million from 1 million between July and December 2004.
Some Indian Case Studies:
There have been various cases that have been reported in India and which have a bearing upon the growth and revolution of Cyber law in India. The present page encapsulates some of the important landmark cases that have impacted the evolution and growth of Cyber law jurisprudence in India.
The following are some of the important cases impacting the growth of Cyber law in India:
Pune Citibank Mphasis Call Center Fraud
US $ 3,50,000 from accounts of four US customers were dishonestly transferred to bogus accounts. This will give a lot of ammunition to those lobbying against outsourcing in US. Such cases happen all over the world but when it happens in India it is a serious matter and we cannot ignore it. It is a case of sourcing engineering. Some employees gained the confidence of the customer and obtained their PIN numbers to commit fraud. They got these under the guise of helping the customers out of difficult situations. Highest security prevails in the call centers in India as they know that they will lose their business. There was not as much of breach of security but of sourcing engineering.
The call center employees are checked when they go in and out so they cannot copy down numbers and therefore they could not have noted these down. They must have remembered these numbers, gone out immediately to a cyber café and accessed the Citibank accounts of the customers.
All accounts were opened in Pune and the customers complained that the money from their accounts was transferred to Pune accounts and that's how the criminals were traced. Police has been able to prove the honesty of the call center and has frozen the accounts where the money was transferred.
There is need for a strict background check of the call center executives. However, best of background checks cannot eliminate the bad elements from coming in and breaching security. We must still ensure such checks when a person is hired. There is need for a national ID and a national data base where a name can be referred to. In this case preliminary investigations do not reveal that the criminals had any crime history. Customer education is very important so customers do not get taken for a ride. Most banks are guilt of not doing this.
Bazee.com case
CEO of Bazee.com was arrested in December 2004 because a CD with objectionable material was being sold on the website. The CD was also being sold in the markets in Delhi. The Mumbai city police and the Delhi Police got into action. The CEO was later released on bail. This opened up the question as to what kind of distinction do we draw between Internet Service Provider and Content Provider. The burden rests on the accused that he was the Service Provider and not the Content Provider. It also raises a lot of issues regarding how the police should handle the Cyber crime cases and a lot of education is required.
State of Tamil Nadu VsSuhasKatti
The Case of SuhasKatti is notable for the fact that the conviction was achieved successfully within a relatively quick time of 7 months from the filing of the FIR. Considering that similar cases have been pending in other states for a much longer time, the efficient handling of the case which happened to be the first case of the Chennai Cyber Crime Cell going to trial deserves a special mention.
The case related to posting of obscene, defamatory and annoying message about a divorcee woman in the yahoo message group. E-Mails were also forwarded to the victim for information by the accused through a false e-mail account opened by him in the name of the victim.
The posting of the message resulted in annoying phone calls to the lady in the belief that she was soliciting.
Based on a complaint made by the victim in February 2004, the Police traced the accused to Mumbai and arrested him within the next few days. The accused was a known family friend of the victim and was reportedly interested in marrying her. She however married another person.
This marriage later ended in divorce and the accused started contacting her once again. On her reluctance to marry him, the accused took up the harassment through the Internet. On 24-3-2004 Charge Sheet was filed u/s 67 of IT Act 2000, 469 and 509 IPC before The Hon'ble Addl. CMM Egmore by citing 18 witnesses and 34 documents and material objects.
The same was taken on file in C.C.NO.4680/2004. On the prosecution side 12 witnesses were examined and entire documents were marked as Exhibits. The Defense argued that the offending mails would have been given either by ex-husband of the complainant or the complainant herself to implicate the accused as accused alleged to have turned down the request of the complainant to marry her.
Further the Defence counsel argued that some of the documentary evidence was not sustainable under Section 65 B of the Indian Evidence Act. However, the court relied upon the expert witnesses and other evidence produced before it, including the witnesses of the Cyber Cafe owners and came to the conclusion that the crime was conclusively proved.
The Ld. Additional Chief Metropolitan Magistrate, Egmore, delivered the judgment on 5-11-04 as follows:
The accused is found guilty of offences under section 469, 509 IPC and 67 of IT Act 2000 and the accused is convicted and is sentenced for the offence to undergo RI for 2 years under 469 IPC and to pay fine of Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1 year Simple imprisonment and to pay fine of Rs.500/- and for the offence u/s 67 of IT Act 2000 to undergo RI for 2 years and to pay fine of Rs.4000/- All sentences to run concurrently.
The accused paid fine amount and he was lodged at Central Prison, Chennai. This is considered as the first case convicted under section 67 of Information Technology Act 2000 in India.
The Bank NSP Case
The Bank NSP case is the one where a management trainee of the bank was engaged to be married. The couple exchanged many emails using the company computers. After some time the two broke up and the girl created fraudulent email ids such as Indian bar associations and sent emails to the boy's foreign clients. She used the banks computer to do this. The boy's company lost a large number of clients and took the bank to court. The bank was held liable for the emails sent using the bank's system.
SMC Pneumatics (India) Pvt. Ltd. v. JogeshKwatra[64]
In India's first case of cyber defamation, a Court of Delhi assumed jurisdiction over a matter where a corporate's reputation was being defamed through emails and passed an important ex-parte injunction. In this case, the defendant Jogesh Kwatra being an employ of the plaintiff company started sending derogatory, defamatory, obscene, vulgar, filthy and abusive emails to his employers as also to different subsidiaries of the said company all over the world with the aim to defame the company and its Managing Director Mr. R K Malhotra. The plaintiff filed a suit for permanent injunction restraining the defendant from doing his illegal acts of sending derogatory emails to the plaintiff.
Gaurav Rajeshkumar Sharma vs State Of Gujarat (2020)[65] The present application is filed under Section 439 of the Code of Criminal Procedure, 1973, for regular bail in connection with FIR being C.R.No.I3 of 2019 registered with Cyber Crime Police Station, Surat City for offence under Sections 406, 419, 420, 465, 467, 468, 471, 120B of the Indian Penal Code and Sections 66C, 66D of the Information Technology (Amendment) Act.
Learned Advocate appearing on behalf of the applicant submits that considering the nature of the offence, the applicant may be enlarged on regular bail by imposing suitable conditions. Learned Public Prosecutor appearing on behalf of the respondent State has opposed grant of regular bail looking to the nature and gravity of the offence. Learned Advocates appearing on behalf of the respective parties do not press for further reasoned order.
Muniyasamy vs The Principal Secretary (2020)[66] The detaining authority on being satisfied with the materials placed by the sponsoring authority that the activities of the detenu are prejudicial to the maintenance of public order and public health, clamped the order of detention and making a challenge to the same, the present Habeas Corpus Petition has been filed by the petitioner.
We have heard Mr.R.Alagumani, learned counsel appearing for the petitioner and Mr.K.Dinesh Babu, learned Additional Public Prosecutor appearing for the respondents and perused the materials available on record. Learned counsel appearing for the petitioner has drawn the attention of this Court to Paragraph No.5 of the grounds of detention and would submit that the detenu Santhanam has been granted conditional bail in the first and second adverse cases in Madurai City Prohibition Enforcement and in the ground case in Madurai City Prohibition Enforcement Wing Crime No.568 of 2019 by the learned Judicial Magistrate No.IV, Madurai, in Cr.M.P.No.3952 of 2019, on 09.09.2019 and he is still in remand in the said case, as he has not produced the required sureties before the Courts concerned as ordered in the bail orders.
However, in order to scuttle the grant of bail by the Judicial Magistrate Courts and to defeat the order passed by the Judicial Magistrate Courts, the impugned order of detention has been passed, which is unjustified and impermissible in law, hence, the impugned order of detention is liable to be quashed. In support of his submission, the learned counsel appearing for the petitioner has relied upon an unreported decision of this Court dated 05.07.2018 made in H.C.P.(MD) No.948 of 2018 in the matter of Selvakumar v. The Secretary to Government, State of Tamil Nadu and two others.
The relevant portion of the order runs thus: The order of detention reflects a most blatant attempt to scuttle the grant of bail by this Court to the detenu and defeat the order passed by this Court. The detention order dated 27.06.2018 informs that the detenu has been granted bail on the very same date under orders in Crl.O.P.(MD) No.9959 of 2018, on 27.06.2018 and thereafter proceeds to state that the detenu has not produced sureties, as ordered by this Court.
Ritesh Kanojiya vs The State Of Madhya Pradesh (2020)[67] This is first application under Section 439 of the Cr.P.C. for grant of bail. Applicant Ritesh Kanojiya was arrested on 09/12/2019 in connection with Crime No.270/2019 registered at Police Station State Cyber Crime Zone, Rampur, District Jabalpur (M.P.) for the offence punishable under Sections 419, 465, 471, 120-B of the IPC and Section 66-C, 66-D of the I.T. Act.
As per the prosecution case, complainant Mohd. Imranulahak filed a written complaint on 05/12/2019 before Superintendent of Police, Jabalpur averring that he is a resident of Ansar Nagar, Chopda Gohalpur Jabalpur and does the business of photocopy and railway tickets in the name of I.A. Services. His shop is situated at Adhartal near ICICI Bank. He also procured a shop Establishment Certificate from Jabalpur Municipal Corporation in the year 2016.
He never did the business of selling mobile SIMs. Somebody had stolen his identification document and by using that document got 50 SIMs of Vodafone company. On that, police inquired about the matter. During the inquiry, it was found that co-accused Ashfaq Ahmed acquired the copy of the shop Establishment Certificate of complainant's shop and the copy of his Aadhar Card. Thereafter, co-accused Ashfaq Ahmed in connivance with co-accused Rohit Bajaj wrongly issued SIMs in the name of complainant Mohd. Imranulahak based on those documents.
Thereafter, co-accused Ashfaq Ahmed sold those SIMs to co-accused Akash Ahirwar and Amit Soni. It is further averred that co-accused Amit Soni also made a fake firm in Digitally signed by ANURAG SONI Date: 25/02/2020 16:02:31 2 MCRC-54513-2019 the name of Amit Mobile Agency and also got the shop Establishment Certificate in the name of that firm from Municipal Corporation, Jabalpur.
Applicant Ritesh Kanojiya wrongly gave a certificate to the effect that he physically verified that shop while that shop was not in existence and issued SIMs of Vodafone company to Amit Mobile Agency. Co-accused Amit Soni and Akash Ahirvar sold those SIMs to co-accused Nishant Patel and he sold those SIMs to various persons. It is also alleged that those SIMs were used by the criminals in cyber crimes for committing fraud with the various persons. On that Police arrested the applicant 09/12/2019.
Amit Soni vs The State Of Madhya Pradesh (2020)[68]
This is second application under Section 439 of the Cr.P.C. for grant of bail. Applicant Amit Soni was arrested on 09/12/2019 in connection with Crime No.270/2019 registered at Police Station State Cyber Crime Zone, Rampur, District Jabalpur (M.P.) for the offence punishable under Sections 419, 465, 471, 120-B of the IPC and Section 66-C, 66-D of the I.T. Act.
The earlier bail application filed by the applicant was dismissed on merit by this Court vide order dated 29/01/2020 passed in M.Cr.C.No.53797/2019. As per the prosecution case, complainant Mohd. Imranulahak filed a written complaint on 05/12/2019 before Superintendent of Police, Jabalpur averring that he is a resident of Ansar Nagar, Chopda Gohalpur Jabalpur and does the business of photocopy and railway tickets in the name of I.A. Services. His shop is situated at Adhartal near ICICI Bank. He also procured a shop Establishment Certificate from Jabalpur Municipal Corporation in the year 2016. He never did the business of selling mobile SIMs. Somebody had stolen his identification document and by using that document got 50 SIMs of Vodafone company.
On that, police inquired about the matter. During the inquiry, it was found that co-accused Ashfaq Ahmed acquired the copy of the shop Establishment Certificate of complainant'€™s shop and the copy of his Aadhar Card. Thereafter, co-accused Ashfaq Ahmed in connivance with co-accused Rohit Bajaj wrongly issued SIMs in the name of complainant Mohd. Imranulahak based on those documents.
M/S Spentex Industries Ltd. & Anr. vs. Pulak Chowdhary (2019)[69] send you the D&B; downgrading their report now don't worry I told you they are not eligible for any kindness. The mobile transcripts, SMS copies, audio tapes, Mr. Mukund's Handwritten letter, Confessions of various agencies in writing, Emails from Mr. Sanjay, and Mr. Mukund, Security register of our society, attempt to murder of mine I have tons od evidence which are sufficient to book these people even they have violated the privacy and secrecy of mine in front of you in Bumi International hotel, I am still in no mood to harm the entire group but to this few individual who acted over smart (they should not take it my weakness first commercially try to finish my organisation I will see how many people they will buy) breach the service contract from day one and all the Press brief have full proprietary rights of Parul Sona International and you need not to scare them with all my commercial, professional and security and safety I requested to send it.
I will see now who will come for their rescue trying to my nokia cell phone to detet the SMS, all feedback report from day one to day last I have copied even they hacked by password of id [email protected] an offence in IT act 2000.
Gundu vs The Principal Secretary (2020)[70] The Hon'ble Apex Court in Rekha v. State of T.N. [71]reported in (2011) 5 SCC 244 has ruled that the preventive detention is, by nature repugnant to democratic ideas and an anathema to the rule of law. No such law exists in the USA and in England (except during war time). It may be mentioned herein that in cases of preventive detention no offence is proved and the justification of such detention is suspicion or reasonable probability, and there is no conviction, which can only be warranted by legal evidence.
When the detaining authority passes the order of detention on subjective satisfaction, as per clause (3) of Article 22 the detenu is not entitled to a lawyer or the right to be produced before a Magistrate within 24 hours arrest. Such Article excludes the applicability of clauses (1) and (2). However, to prevent misuse of this potentially dangerous power the law of preventive detention has to be strictly construed and meticulous compliance with the procedural safeguards, however technical, is, in our opinion, mandatory and vital.
The exclusion of applicability of clauses (1) and (2) of Article 22 does not mean that the arrest of detenu should not be informed to his family members, which is sine qua non, therefore, the non-compliance would vitiate the very detention itself. Applying this ratio here, we hold that the non- compliance of the mandatory condition that the family members of the detenu should be informed of his arrest having not been done in this case, would vitiate the very detention itself.
Accordingly, on this sole ground, the detention order is liable to fall. In the result, the Habeas Corpus Petition is allowed by setting aside the Order of Detention passed by the second respondent herein, namely, the District Magistrate and District Collector, Dindigul District, in Detention Order No.32/2019 dated 18.06.2019. Consequently, the detenu, namely, Maruthupandi, son of Gundu, aged about 23 years.
M/ S. Heera Gold Exim Private... vs The State Of Telangana (2019)[72] Brief facts of the case are that the 2nd petitioner is the Managing Director of the 1st petitioner Company, which was incorporated under the Companies Act, 1956, dealing with Jewellery and articles of gold and investment from the investors in the company and as against the investment made by the investors, they would get 36% of the dividend on the invested amount.
The 1st petitioner company is solvent, it has accepted the investments from the various investors and the same were received by the company through bank and the dividends and payments are usually made after the maturity through bank only to its investors and there is no provision for acceptance of the investment by way of cash under the Memorandum of Articles of the 1st petitioner company.
Since for the last 15 years, the 1st petitioner company has been paying the dividends and the maturity amounts to the respective investors for which there are no complaints whatsoever. It is also stated that the 1st petitioner company also accepted the investment not only from all over India, but also from the investors of the other Countries and the 1st petitioner company has been successfully and honestly dealing with the investors. When the investment was made by the investors, the company issued certificate and enters with an arrangement comprising terms and conditions and accordingly the lock-in period for such investment was one year and also two years and the dividends for the investments to be payable to the investors once in a month.
It is also stated that many investors of the 1st petitioner company have earned more dividends than the actual capital amount which they invested with the company. It is stated that few months prior to filing of the complaints by the investors there was a delay for payment of the dividends due to the fact that there is some unexpected down flow in the market, as a result of which, the 1st petitioner company has decided to pay the dividends to its investors once in three months and the said factum has been intimated to the respective investors. In view of the delay in payment of dividends, some hyper-sensitive investors demanded for refund of the investment made by them with the 1st petitioner company.
As per the arrangement and contracted terms and conditions, the investment cannot be refunded to its customers after the expiry of the lock-in period and the investors have to make an application as per the terms and conditions of the agreement entered with the 1st petitioner company and then only the investments will be refunded. But, some of the investors decided not to follow the terms of the agreement i.e., insofar as the people, who have invested are concerned, from Telangana only nine persons lodged complaints to the various police stations i.e., respondent Nos.6 to 10 in W.P.No.5449 of 2019 and respondent No.5 in W.P.No.7950 of 2019.
It is also stated that on receipt of the said complaints, the aforesaid crimes came to be registered. In view of registration of aforesaid crimes the news was spread over in other States of India and other investors lodged various complaints in various police stations in various States i.e., State of Andhra Pradesh, State of Karnataka, State of Maharashtra and State of Kerala etc.
By virtue of the aforesaid false complaints, which were lodged and registered by the police, the 1st petitioner company is not able to function its day-to-day affairs as the Managing Director, who is the 2nd petitioner herein, was arrested on 15.10.2018 in Crime No.170 of 2018 and languished in Chenchalguda Jail. It is also submitted that no single pie has been misused by the 1st petitioner company nor any misappropriation has been done and it is functioning smoothly, but by virtue of lodging false complaints, the 1st petitioner company is not in a position to look after the day-to-day affairs and functions.
It is also stated that the 2nd petitioner got bail in one case, and before releasing from the said crime, the police has shown her arrest in another crime under P.T. Warrant, which is quite contrary to Cr.P.C. It is stated that the bail has been granted to the 2nd petitioner in Crime No.170 of 2018 and even before her being released from the jail, the 2nd petitioner was once again arrested in other case, therefore, she was not in a position to come out from the jail for one reason or the other and the 2nd petitioner is not in a position to make any bail application in the case.
It is also stated that the aim of the 1st petitioner company is social good and the income which was derived by the 1st petitioner company was used for the purpose of education, habitation, food and other basic necessities of orphan Muslim girls and that scholarships were also given to the students, who are brilliant and belong to poor families.
The 1st petitioner company is located at Hyderabad and 2nd petitioner is permanent resident of H.No.9-4-134/A/5/23/1, 5th Floor, HS Residency, Vali Colony, Golconda, Hyderabad, and she is a law abiding citizen, social worker and she has been working for the uplift of minority Muslim women and she is also the President of Madarsa-e-Niswan- Isha-Atul-Islam-Urdu, an Arabic Development Society.
It is also stated that the 2nd petitioner launched a political party by name All India Mahila Empowerment Party in the State of Telangana, by virtue of good reputation in the Muslim Community. The existing Muslim leader, who belongs to political party AIMIM namely Asaduddin Owaisi, lodged a false complaint vide F.I.R.No.154 of 2012 dated 14.08.2012 on the file of the Additional Director General of Police, Law and Order, for the offences punishable under Sections 420 and 406 of I.P.C., and ultimately the police has filed a report stating that it is a false complaint.
It is stated that if the party launched by the 2nd petitioner contest in the State General Elections in 2018, it would be an impediment to the AIMIM party and this would divide the votes between both the parties, in which event the said AIMIM party may be defeated.
However, as against the said complaint, the 2nd petitioner filed a suit for defamation vide O.S.No.835 of 2017, which is pending before the Chief Judge, City Civil Court, Hyderabad. Therefore, the complaints, which were filed by respondent Nos.12 to 15 in W.P.No.5449 of 2019 and respondent Nos.8 to 10 in W.P.No.7950 of 2019, with various police stations are not entertainable as the police have no jurisdiction to register the said complaints, investigate into the matters and to arrest the 2nd petitioner.
All the complaints describe the company and investor relationship, therefore, if any investor has any grievance with regard to the investment made by him, he should have approached the appropriate and competent authority i.e., Registrar of Companies only and if assuming that any fraud has been done by the 1st petitioner company, the investor should have approached the Serious Fraud Investigation Office, therefore, the police has no authority to entertain and register the complaint, which fall under the purview of the Companies Act, 2013. Hence, the present writ petitions are filed aggrieved by the action of the police in registering the aforesaid crimes.
M/S. Heera Gold Exim Private... vs The State Of Telangana, on 23 December, 2019[73] Brief facts of the case are that the 2nd petitioner is the Managing Director of the 1st petitioner Company, which was incorporated under the Companies Act, 1956, dealing with Jewellery and articles of gold and investment from the investors in the company and as against the investment made by the investors, they would get 36% of the dividend on the invested amount.
The 1st petitioner company is solvent, it has accepted the investments from the various investors and the same were received by the company through bank and the dividends and payments are usually made after the maturity through bank only to its investors and there is no provision for acceptance of the investment by way of cash under the Memorandum of Articles of the 1st petitioner company. Since for the last 15 years, the 1st petitioner company has been paying the dividends and the maturity amounts to the respective investors for which there are no complaints whatsoever.
It is also stated that the 1st petitioner company also accepted the investment not only from all over India, but also from the investors of the other Countries and the 1st petitioner company has been successfully and honestly dealing with the investors. When the investment was made by the investors, the company issued certificate and enters with an arrangement comprising terms and conditions and accordingly the lock-in period for such investment was one year and also two years and the dividends for the investments to be payable to the investors once in a month. It is also stated that many investors of the 1st petitioner company have earned more dividends than the actual capital amount which they invested with the company.
It is stated that few months prior to filing of the complaints by the investors there was a delay for payment of the dividends due to the fact that there is some unexpected down flow in the market, as a result of which, the 1st petitioner company has decided to pay the dividends to its investors once in three months and the said factum has been intimated to the respective investors. In view of the delay in payment of dividends, some hyper-sensitive investors demanded for refund of the investment made by them with the 1st petitioner company.
As per the arrangement and contracted terms and conditions, the investment cannot be refunded to its customers after the expiry of the lock-in period and the investors have to make an application as per the terms and conditions of the agreement entered with the 1st petitioner company and then only the investments will be refunded. But, some of the investors decided not to follow the terms of the agreement i.e., insofar as the people, who have invested are concerned, from Telangana only nine persons lodged complaints to the various police stations i.e., respondent Nos.6 to 10 in W.P.No.5449 of 2019 and respondent No.5 in W.P.No.7950 of 2019. It is also stated that on receipt of the said complaints, the aforesaid crimes came to be registered.
In view of registration of aforesaid crimes the news was spread over in other States of India and other investors lodged various complaints in various police stations in various States i.e., State of Andhra Pradesh, State of Karnataka, State of Maharashtra and State of Kerala etc. By virtue of the aforesaid false complaints, which were lodged and registered by the police, the 1st petitioner company is not able to function its day-to-day affairs as the Managing Director, who is the 2nd petitioner herein, was arrested on 15.10.2018 in Crime No.170 of 2018 and languished in Chenchalguda Jail.
It is also submitted that no single pie has been misused by the 1st petitioner company nor any misappropriation has been done and it is functioning smoothly, but by virtue of lodging false complaints, the 1st petitioner company is not in a position to look after the day-to-day affairs and functions.
It is also stated that the 2nd petitioner got bail in one case, and before releasing from the said crime, the police has shown her arrest in another crime under P.T. Warrant, which is quite contrary to Cr.P.C. It is stated that the bail has been granted to the 2nd petitioner in Crime No.170 of 2018 and even before her being released from the jail, the 2nd petitioner was once again arrested in other case, therefore, she was not in a position to come out from the jail for one reason or the other and the 2nd petitioner is not in a position to make any bail application in the case. It is also stated that the aim of the 1st petitioner company is social good and the income which was derived by the 1st petitioner company was used for the purpose of education, habitation, food and other basic necessities of orphan Muslim girls and that scholarships were also given to the students, who are brilliant and belong to poor families.
The 1st petitioner company is located at Hyderabad and 2nd petitioner is permanent resident of H.No.9-4-134/A/5/23/1, 5th Floor, HS Residency, Vali Colony, Golconda, Hyderabad, and she is a law abiding citizen, social worker and she has been working for the uplift of minority Muslim women and she is also the President of Madarsa-e-Niswan- Isha-Atul-Islam-Urdu, an Arabic Development Society. It is also stated that the 2nd petitioner launched a political party by name All India Mahila Empowerment Party in the State of Telangana, by virtue of good reputation in the Muslim Community.
The existing Muslim leader, who belongs to political party AIMIM namely Asaduddin Owaisi, lodged a false complaint vide F.I.R.No.154 of 2012 dated 14.08.2012 on the file of the Additional Director General of Police, Law and Order, for the offences punishable under Sections 420 and 406 of I.P.C., and ultimately the police has filed a report stating that it is a false complaint.
It is stated that if the party launched by the 2nd petitioner contest in the State General Elections in 2018, it would be an impediment to the AIMIM party and this would divide the votes between both the parties, in which event the said AIMIM party may be defeated. However, as against the said complaint, the 2nd petitioner filed a suit for defamation vide O.S.No.835 of 2017, which is pending before the Chief Judge, City Civil Court, Hyderabad.
Therefore, the complaints, which were filed by respondent Nos.12 to 15 in W.P.No.5449 of 2019 and respondent Nos.8 to 10 in W.P.No.7950 of 2019, with various police stations are not entertainable as the police have no jurisdiction to register the said complaints, investigate into the matters and to arrest the 2nd petitioner. All the complaints describe the company and investor relationship, therefore, if any investor has any grievance with regard to the investment made by him, he should have approached the appropriate and competent authority i.e., Registrar of Companies only and if assuming that any fraud has been done by the 1st petitioner company, the investor should have approached the Serious Fraud Investigation Office, therefore, the police has no authority to entertain and register the complaint, which fall under the purview of the Companies Act, 2013. Hence, the present writ petitions are filed aggrieved by the action of the police in registering the aforesaid crimes.
On behalf of the plaintiffs it was contended that the emails sent by the defendant were distinctly obscene, vulgar, abusive, intimidating, humiliating and defamatory in nature. Counsel further argued that the aim of sending the said emails was to malign the high reputation of the plaintiffs all over India and the world.
He further contended that the acts of the defendant in sending the emails had resulted in invasion of legal rights of the plaintiffs. Further the defendant is under a duty not to send the aforesaid emails. It is pertinent to note that after the plaintiff company discovered the said employ could be indulging in the matter of sending abusive emails, the plaintiff terminated the services of the defendant.
After hearing detailed arguments of Counsel for Plaintiff, Hon'ble Judge of the Delhi High Court passed an ex-parte ad interim injunction observing that a prima facie case had been made out by the plaintiff. Consequently, the Delhi High Court restrained the defendant from sending derogatory, defamatory, obscene, vulgar, humiliating and abusive emails either to the plaintiffs or to its sister subsidiaries all over the world including their Managing Directors and their Sales and Marketing departments. Further, Hon'ble Judge also restrained the defendant from publishing, transmitting or causing to be published any information in the actual world as also in cyberspace which is derogatory or defamatory or abusive of the plaintiffs.
This order of Delhi High Court assumes tremendous significance as this is for the first time that an Indian Court assumes jurisdiction in a matter concerning cyber defamation and grants an ex-parte injunction restraining the defendant from defaming the plaintiffs by sending derogatory, defamatory, abusive and obscene emails either to the plaintiffs or their subsidiaries.
Parliament Attack Case
Bureau of Police Research and Development at Hyderabad had handled some of the top cyber cases, including analyzing and retrieving information from the laptop recovered from terrorist, who attacked Parliament. The laptop which was seized from the two terrorists, who were gunned down when Parliament was under siege on December 13 2001, was sent to Computer Forensics Division of BPRD after computer experts at Delhi failed to trace much out of its contents.
The laptop contained several evidences that confirmed of the two terrorists' motives, namely the sticker of the Ministry of Home that they had made on the laptop and pasted on their ambassador car to gain entry into Parliament House and the fake ID card that one of the two terrorists was carrying with a Government of India emblem and seal.
The emblems (of the three lions) were carefully scanned and the seal was also craftily made along with residential address of Jammu and Kashmir. But careful detection proved that it was all forged and made on the laptop.
Andhra Pradesh Tax Case
Dubious tactics of a prominent businessman from Andhra Pradesh was exposed after officials of the department got hold of computers used by the accusedperson. The owner of a plastics firm was arrested and Rs 22 crore cash was recovered from his house by sleuths of the Vigilance Department.
They sought an explanation from him regarding the unaccounted cash within 10 days. The accused person submitted 6,000 vouchers to prove the legitimacy of trade and thought his offence would go undetected but after careful scrutiny of vouchers and contents of his computers it revealed that all of them were made after the raids were conducted. It later revealed that the accused was running five businesses under the guise of one company and used fake and computerized vouchers to show sales records and save tax.
Sony.Sambandh.Com Case
India saw its first Cyber crime conviction recently. It all began after a complaint was filed by Sony India Private Ltd, which runs a website called www.sony-sambandh.com, targeting Non Resident Indians. The website enables NRIs to send Sony products to their friends and relatives in India after they pay for it online.
The company undertakes to deliver the products to the concerned recipients. In May 2002, someone logged onto the website under the identity of Barbara Camp and ordered a Sony Color Television set and a cordless head phone.
She gave her credit card number for payment and requested that the products be delivered to ArifAzim in Noida. The payment was duly cleared by the credit card agency and the transaction processed. After following the relevant procedures of due diligence and checking, the company delivered the items to ArifAzim. At the time of delivery, the company took digital photographs showing the delivery being accepted by ArifAzim.
The transaction closed at that, but after one and a half months the credit card agency informed the company that this was an unauthorized transaction as the real owner had denied having made the purchase. The company lodged a complaint for online cheating at the Central Bureau of Investigation which registered a case under Section 418, 419 and 420 of the Indian Penal Code.
The matter was investigated into and ArifAzim was arrested. Investigations revealed that ArifAzim, while working at a call center in Noida gained access to the credit card number of an American national which he misused on the company's site.CBI recovered the colour television and the cordless head phone.
In this matter, the CBI had evidence to prove their case and so the accused admitted his guilt. The court convicted ArifAzim under Section 418, 419 and 420 of the Indian Penal Code — this being the first time that a Cyber crime has been convicted.
The court, however, felt that as the accused was a young boy of 24 years and a first-time convict, a lenient view needed to be taken. The court therefore released the accused on probation for one year.
The judgment is of immense significance for the entire nation. Besides being the first conviction in a Cyber crime matter, it has shown that the Indian Penal Code can be effectively applied to certain categories of Cyber crimes which are not covered under the Information Technology Act 2000. Secondly, a judgment of this sort sends out a clear message to all that the law cannot be taken for a ride.
Nasscom vs. Ajay Sood & Others
In a landmark judgment in the case of National Association of Software and Service Companies vs. Ajay Sood& Others, delivered in March, '05, the Delhi High Court declared `phishing' on the internet to be an illegal act, entailing an injunction and recovery of damages.
Elaborating on the concept of 'phishing', in order to lay down a precedent in India, the court stated that it is a form of internet fraud where a person pretends to be a legitimate association, such as a bank or an insurance company in order to extract personal data from a customer such as access codes, passwords, etc. Personal data so collected by misrepresenting the identity of the legitimate party is commonly used for the collecting party's advantage. Court also stated, by way of an example, that typical phishing scams involve persons who pretend to represent online banks and siphon cash from e-banking accounts after conning consumers into handing over confidential banking details.
The Delhi HC stated that even though there is no specific legislation in India to penalise phishing, it held phishing to be an illegal act by defining it under Indian law as a misrepresentation made in the course of trade leading to confusion as to the source and origin of the e-mail causing immense harm not only to the consumer but even to the person whose name, identity or password is misused. The court held the act of phishing as passing off and tarnishing the plaintiff's image. The plaintiff in this case was the National Association of Software and Service Companies (Nasscom), India's premier software association.
The defendants were operating a placement agency involved in head-hunting and recruitment. In order to obtain personal data, which they could use for purposes of head- hunting, the defendants composed and sent e-mails to third parties in the name of Nasscom. The high court recognized the trademark rights of the plaintiff and passed an ex-parte ad- interim injunction restraining the defendants from using the trade name or any other name deceptively similar to Nasscom. The court further restrained the defendants from holding themselves out as being associates or a part of Nasscom.
The court appointed a commission to conduct a search at the defendants' premises. Two hard disks of the computers from which the fraudulent e-mails were sent by the defendants to various parties were taken into custody by the local commissioner appointed by the court. The offending e-mails were then downloaded from the hard disks and presented as evidence in court.
During the progress of the case, it became clear that the defendants in whose names the offending e-mails were sent were fictitious identities created by an employee on defendants' instructions, to avoid recognition and legal action.
On discovery of this fraudulent act, the fictitious names were deleted from the array of parties as defendants in the case. Subsequently, the defendants admitted their illegal acts and the parties settled the matter through the recording of a compromise in the suit proceedings. According to the terms of compromise, the defendants agreed to pay a sum of Rs1.6 million to the plaintiff as damages for violation of the plaintiff's trademark rights. The court also ordered the hard disks seized from the defendants' premises to be handed over to the plaintiff who would be the owner of the hard disks.
This case achieves clear milestones: It brings the act of phishing into the ambit of Indian laws even in the absence of specific legislation; It clears the misconception that there is no damages culture in India for violation of IP rights; This case reaffirms IP owners' faith in the Indian judicial system's ability and willingness to protect intangible property rights and send a strong message to IP owners that they can do business in India without sacrificing their IP rights.
Ritu Kohli Case
Ritu Kohli Case, being India's first case of cyber stalking, was indeed an important revelation into the mind of the Indian cyber stalker. A young Indian girl being cyber stalked by a former colleague of her husband, RituKohli's case took the imagination of India by storm. The case which got cracked however predated the passing of the Indian Cyber law and hence it was just registered as a minor offence under Section 509 the Indian Penal Code.
State of Maharashtra v. Anand Ashok Khare
This case related to the activities of the 23-year-old Telecom engineer Anand Ashok Khare from Mumbai who posed as the famous hacker Dr.Neuker and made several attempts to hack the Mumbai police Cyber Cell website.
state of Uttar Pradesh v. Saket Sanghania
This case which was registered under Section 65 of the IT Act, related to theft of computer source code. SaketSinghania an engineer was sent by his employer to America to develop a software program for the company. Singhania, instead of working for the company, allegedly sold the source code of the programme to an American client of his employer by which his employer suffered losses.
State v. Amit prasad
State v/s Amit Prasad, was India's first case of hacking registered under Section 66 of the Information Technology Act 2000. A case with unique facts, this case demonstrated how the provisions of the Indian Cyber law could be interpreted in any manner, depending on which side of the offence you were on.
State of Chattisgarh v. Prakash Yadav and Manoj Singhania
This was a case registered on the complaint of State Bank of India, Raigarh branch. Clearly a case of Spyware and Malware, this case demonstrated in early days how the IT Act could be applicable to constantly different scenarios.
State of Delhi v. Aneesh Chopra
State of Delhi v/s Aneesh Chopra Case was a case of hacking of websites of a corporate house.
The Arzika Case
Pornography and obscene electronic content has continued to engage the attention of the Indian mind. Cases pertaining to online obscenity, although reported in media, often have not been registered. The Arzika case was the first in this regard.
The Air Force Bal Bharti School Case
The Air Force BalBharti School case demonstrated how Section 67 of the Information Technology Act 2000 could be applicable for obscene content created by a school going boy.
State of Tamil Nadu v. Dr L. Prakash
State of Tamilnadu v/s Dr L. Prakash was the landmark case in which Dr L. Prakash was sentenced to life imprisonment in a case pertaining to online obscenity. This case was also landmark in a variety of ways since it demonstrated the resolve of the law enforcement and the judiciary not to let off the hook one of the very educated and sophisticated professionals of India.
Arif Azim Case
Arif Azim case was India's first convicted Cyber crime case. A case pertaining to the misuse of credit cards numbers by a Call Centre employee, this case generated a lot of interest. This was the first case in which any cyber criminal India was convicted. However, keeping in mind the age of the accused and no past criminal record, Arif Azim the accused was sentenced to probation for a period of one year.
Conclusion And Suggestion
No one can deny the positive role of the cyber law in today's world either it be political, economic, or social sphere of life. But everything has its pro's and corns, cyber terrorists have taken over the technology to their advantage. To curb their activities, the Information Technology Act 2000 came into existence which is based on UNICITRAL model of Law on e-commerce.
It has many advantages as it gave legal recognition to electronic records, transactions, authentication and certification of digital signatures, prevention of computer crimes etc. but at the same time is inflicted with various drawbacks also like it doesn't refer to the protection of Intellectual Property rights, domain name, cybersquatting etc. This inhibits the corporate bodies to invest in the Information technology infrastructure.
Cases like Dawood and Quattrochi clearly reveals the problem of enforceability machinery in India. Cryptography is new phenomenon to secure sensitive information. There are very few companies in present date which have this technology. Other millions of them are still posed to the risk of Cyber crimes.
There is an urgent need for unification of internet laws to reduce the confusion in their application. For e.g. for publication of harmful contents or such sites, we have Indian Penal Code (IPC), Obscenity Law, Communication Decency law, self-regulation, Information Technology Act 2000, Data Protection Act, Indian Penal Code, Criminal Procedure Code etc. but as they deal with the subject vaguely therefore lacks efficient enforceability mechanism. Due to numerous Laws dealing with the subject there lays confusion as to their applicability, and none of the Law deals with the subject specifically in Toto.
To end the confusion in applicability of Legislation picking from various laws to tackle the problem, i would suggest unification of laws by taking all the internet laws to arrive at Code which is efficient enough to deal with all the problems related to internet crimes. Although these legislations talk about the problem but they don't provide an end to it. There's need for a one Cyber legislation which is co-ordinated to look after Cyber crimes in all respects. With passage of time and betterment of technology in the present date, has also resulted in numerous number of Information technology related crimes therefore changes are suggested to combat the problem equally fast.
Crucial aspect of problem faced in combating crime is that, most of the countries lack enforcement agencies to combat crime relating to internet and bring some level of confidence in users. Present law lacks teeth to deter the terrorist groups for committing Cyber crimes if you see the punishment provides by the Act it's almost ineffective, inefficient and only provides punishment of 3 years at the maximum.
Harsher laws are required at this alarming situation to deal with criminals posing threat to security of funds, information, destruction of computer systems etc. Data protection, by promotion of general principles of good information practice with an independent supervisory regime, would enable the law to maintain sufficient flexibility to achieve an appropriate balance between the need to protect the rights of the individuals and to have a control over the way their personal information have been used would be helpful in this increasingly networked economy. Just having two provisions in the Information Technology Act, 2000 for protection of data without any proper mechanism for to tackle the crime makes their mention in the Act redundant.
Information Technology Act is applicable to all the persons irrespective of their nationalities (i.e. to non-citizens also) who commits offence under the Information Technology Act outside India, provided the act or conduct constituting the offence or contravention involves computer, computer systems, or computer networks located in India under Section 1 and Section 75 of the Information Technology Act, but this provision lacks practical value until and unless the person can be extradited to India. Therefore it's advised that we should have Extradition treaties among countries. To make such provisions workable.
It's like eye for an eye kind of situation where the technology can be curbed only by an understanding of the technology taken over by cyber terrorists. Even if the technology is made better enough to curb the computer related crime there is no guarantee if that would stay out of reach of cyber terrorists. Therefore Nations need to update the Law whether by amendments or by adopting sui generic system. Though Judiciary continues to comprehend the nature of computer related crimes there is a strong need to have better law enforcement mechanism to make the system workable.
The ICT Trends of India 2009 have proved that India has failed to enact a strong and stringent Cyber Law in India. On the contrary, the Information Technology Act 2008 (IT Act 2008) has made India a safe haven for cyber criminals, say cyber law experts of India. The problem seems to be multi- faceted in nature.
Firstly, the cyber law of India contained in the IT Act, 2000 is highly deficient in many aspects. Thus, there is an absence of proper legal enablement of ICT systems in India.
Secondly, there is a lack of cyber law training to the police, lawyers, judges, etc. in India.
Thirdly, the cyber security and cyber forensics capabilities are missing in India.
Fourthly, the ICT strategies and policies of India are deficient and needs an urgent overhaul.
Fifthly, the Government of India is indifferent towards the ICT reforms in India. This results in a declining ranking of India in the spheres of e-readiness, e-governance, etc..
While International communities like European Union, ITU, NATO, Department of Homeland Security, etc. are stressing for an enhanced cyber security and tougher cyber laws, India seems to be treading on the wrong side of weaker regulatory and legal regime. Praveen Dalal, Managing Partner of Perry4Law and the leading Techno-Legal Expert of India sent an open letter to the Government of India including the Prime Minister of India, President of India, Supreme Court of India, Ministry of Parliamentary Affairs, etc. and brought to their attention the growing menace of Cyber crimes in India.
At last, somebody in the government has shown some concern regarding the growing menace of Cyber crimes in India. However, the task is difficult since we do not have trained lawyers, judges and police officers in India in respect of Cyber crimes. However, at least a step has been taken in the right direction by the law minister of India. Police in India are trying to become Cyber crime savvy and hiring people who are trained in the area. The pace of the investigation however can be faster, judicial sensitivity and knowledge needs to improve. Focus needs to be on educating the Police and district judiciary.
IT Institutions can also play an integral role in this area. We need to sensitize our prosecutors and judges to the nuances of the system. Since the law enforcement agencies find it easier to handle the cases under IPC, IT Act cases are not getting reported and when reported are not dealt with under the IT Act. A lengthy and intensive process of learning is required. A whole series of initiatives of cyber forensics were undertaken and cyber law procedures resulted out of it. This is an area where learning takes place every day as we are all beginners in this area.
We are looking for solutions faster than the problems are invented. We need to move faster than the criminals. The real issue is how to prevent Cyber crime. For this there is a need to raise the probability of apprehension and conviction. India has a law on evidence that considers admissibility, authenticity, accuracy and completeness to convince the judiciary. The challenges in Cyber crime cases include getting evidence that will stand scrutiny in a foreign court.
For this India needs total international cooperation with specialized agencies of different countries. Police has to ensure that they have seized exactly what was there at the scene of crime, is the same that has been analysed and reported in the court based on this evidence. It has to maintain the chain of custody. The threat is not from the intelligence of criminals but from our ignorance and the will to fight it.
Thus, Criminal Justice systems all over the world, must remember that because of certain inherent difficulties in the identification of the real cybercriminal, cyber law must be applied so as to distinguish between the innocent and the deviant. A restraint must be exercised on the general tendency to apply the principle of deterrence as a response to rising Cyber crime, without being sensitive to the rights of the accused. Our law makers and the criminal law system must not forget the basic difference between an accused and a convict. There is only a delicate difference between the need to ensure that no innocent is punished and the need to punish the cybercriminal.
Bibliography
- A.J.W. Turnere, Kenny's Outlines of Criminal Law (Cambridge University Press, U.K., 1st edn., 1962).
- Ajmal Eddappagath, -'Cyber Laws and Enforcement'. (2014)
- Albert J. Marcellai and Robert S. Greenfield in their book, Cyber Forensics-A Field Manual for Collecting, Examining and Processing Evidence of Computer Crime (Aurebuch Publications, London, 2002).
- Anirudh Rastogi, Cyber Law- Law of Information Technology and Internet, (LexisNexis, Reed Elsevier India Pvt. Ltd, Gurgaon, 1st edn., 2014).
- D.S. Yadav, Foundation of Information Technology (New Age International Publication Ltd., 3rd edn., 2007).
- Dewang Mehta -' Role of Police In Tackling Internet Crimes'. 2001
- Dorothy Denning, Activism, Hactivism and Cyber terrorism: The Internet as a tool for Influencing Foreign Policy (AMC Press, New York, 2001).
- Dr. Farooq Ahmed - 'Cyber Law in India, Pioneer Books', Delhi. (2012)
- Edwin. H. Sutherland., Principles of Criminology (Chicago Lippincott, 1947, 1965).
- Eoghan Casey, Digital Evidence and Computer Crime: Forensic Science, Computer & the Internet (Academic Press, USA, 2000).
- F. Lawrence Street and Mark P. Grant, Law of the Internet (LexisNexis, 2004
- Farooq Ahmed, Cyber Law in India- Law on Internet (New Era Law Publications, Delhi, 2008).
- Frederick B. Cohen,Protection and Security on the Information Superhighway (1995).
- H.L.A. Hart, The Concept of Law (Clarendon Law Series, Oxford University Press, London, 1961).
- J. W. C. Turner, Kenny's Outlines of Criminal Law (University Press, Cambridge, 19th edn., 1966).
- James R. Richards, Transnational Criminal Organizations, Cyber Crime and Money Laundering (CRC Press, New York, 1999).
- Justice S.B. Sinha-'Cyber Crime in the Information Age', Print House, Hyderabad. (2001)
- Krishan Pal Malik, Computer Information Technology Law (Allahabad Law Agency, Faridabad, 1st edn., 2010).
- M. Dasgupta, Cyber Crime in India: A Comparative Study (Eastern Law House Pvt. Ltd., Kolkata, 2009).
- M. Ponnaian, Cyber Crimes, Modern Crimes and Human Rights (2000).
- N.v. Paranjape, Criminology and Penology (Central Law Agency, Allahabad, 2007, 2009).
- Nandan Kamath, Law relating to Computers, Internet and E-Commerce: A Guide to Cyber Laws and the Information Technology Act, 2000 (Universal Law Publishing Co., New Delhi, 2nd edn., 2009).
- PawanDuggal -' The Internet: Legal Dimensions'. (2014)
- R.K. Tewari, P.K.Sastry and K.v. Ravi Kumar, Computer Crime and Computer Forensics (Jain Book Agency, Delhi,2002).
- S.K. Bansal, Cyber Crime (A.P.H. Publishing Corporation, Delhi, 2003).
- S.K. Verma and Raman Mittal, Legal Dimensions of Cyber Space (Indian Law Institute Publication, Delhi, 2004).
- Sallie Spilsbury, Media Law (Routledge Cavendish, 1st edn., 2000).
- Steven Furnell, Cybercrime: Vandalizing the Information Society (Addison Wesley, 2002).
- Suresh T.Vishwanathan, The Indian Cyber Law with Cyber Grossary (Bharat Law House, New Delhi, 2001).
- Talat Fatima, Cyber Crimes (Eastern Book Company, Lucknow, 1st edn., 2011).
- Aligarh Law Journal.
- Andhra Law Times.
- Army Institute of Law Journal.
- Kerla Law Times.
Statutes
- Indian Evidence Act, 1872.
- Indian Penal Code, 1860.
- Information Technology Act, 2000.
Newspapers & Magazines
- The Indian Express
- The Nation
- The Statesman
- The Tribune
- Times of India
Webliography
- http://gov.aoLcom/2011/09/19/cvber-intelligence-
- http://www.iiera.com/papers/Vol2_issue2/AG22202209.pdf
- http://www.oiaswitech.coiTi/india-pune/intemet-penetration-india.php
- http://www.siu.edu.in/Research/pdf/Vishal Dhotre.pdf
- www.cvlab.cmu.edu/files/pdfs/news/
End-Notes:
[1] Barney, Prometheus Wired: The Hope for Democracy in the Age of Network Technology, 2001
[2]The oxford English dictionary
[3] Ganesh traders v. district collector, Karimnagar, 2002 Cri LJ 1105.
[4] http://www.cyberlawsindia.net/howworks.html
[5] R Nagpal, what is cyber crime?, new era publications, Chennai,2003, p786.
[6] Brett Burney, the concept of cyber crimes – is it right to analyse a physical crime to cyber crime ? www.cyberguard.com
[7] Regarding the impact of ICT on society, see the report Sharpening Europe's Future Through ICT – Report from the information society technologies advisory group, 2006, available at: ftp://ftp.cordis.europa.eu/pub/ist/docs/istagshaping-europe-future-ict-march-2006-en.pdf.
[8] UNGA Resolution: Creation of a global culture of cyber security and taking stock of national efforts to protect critical information infrastructure, A/RES/64/211.
[9] For more information, references and links, see: the ITU Cyber security Work Programme to Assist Developing Countries (2007-2009), 2007, available at: www.itu.int/ITU-D/cyb/cybersecurity/ docs/ itu-cybersecurity-work-programmedeveloping-countries.pdf.
[10]Other terminology used includes information technology crime and high-tech crime. See, in this context: Goodman/Brenner, The Emerging Consensus on Criminal Conduct in Cyberspace, International Journal of Law and Information Technology, 2002, Vol. 10, No. 2, page 144.
[11]Regarding this relationship, see also: Sieber in Organised Crime in Europe: The Threat of Cybercrime, Situation Report 2004, page 86.
[12]The same typology is used by the ITU Global Cyber security Agenda / High-Level Experts Group, Global Strategic Report, 2008. The report is available at: www.itu.int/osg/csd/cybersecurity/ gca/global_strategic_report/index.html.
[13]Art. 2 (Illegal access), Art. 3 (Illegal interception), Art. 4 (Data interference), Art. 5 (System interference), Art. 6 (Misuse of devices). For more information about the offences, see below: § 6.2.
[14] Art. 7 (Computer-related forgery), Art. 8 (Computer-related fraud). For more information about the offences, see below: § 6.2.
[15]Art. 9 (Offences related to child pornography). For more information about the offences, see below: § 6.2.
[16]Art. 10 (Offences related to infringements of copyright and related rights). For more information about the offences, see below: § 6.2.
[17]Regarding the related challenges, see: Slivka/Darrow; Methods and Problems in Computer Security, Journal of Computers and Law, 1975, page 217 et seq.
[18] Simon/Slay, Voice over IP: Forensic Computing Implications, 2006.
[19] Velasco San Martin, Jurisdictional Aspects of Cloud Computing, 2009; Gercke, Impact of Cloud Computing on Cybercrime Investigation, published in Taeger/Wiebe, Inside the Cloud, 2009, page 499 et seq.
[20] Collier/Spaul, Problems in Policing Computer Crime, Policing and Society, 1992, Vol.2, page, 308, available at: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.66.1620&rep= rep1&type =pdf. Visit on 5-2-2020
[21] Law on Cyber Crimes, Book Enclaves, New Delhi, 2007.
[22] Computer Crime, Lexington books, Toronto, 1978.
[23] Computer Crime : Concept, Control and prevention, Sysman Computers Pvt Ltd., Bombay, 1994.
[24] Cyber Crimes, Electronic Evidence and Investigation: Legal Issues, Nabhi Publications, New Delhi, 2010.
[25] Legal Dimensions of Cyber Crimes and preventive laws with Special Reference to India, Central Law Agency Publications, Allahabad, 2010.
[26] Maura Conway, What is Cyber Terrorism; The current History, December 2002. (AIRC) p. 436.
[27] https://www.thehindubusinessline.com/specials/india-file/cyber-crime-cops-and-the-law/article 26502097.ece visit on 12-2-2020
[28] Turing's man : Western culture in the computer age. London; Bolter J.D. 1984, Duckworth pp.32, 11.
[29] https://www.thehindubusinessline.com/specials/india-file/cyber-crime-cops-and-the-law/article 26502097.ece visit on 12-2-2020
[30] Turing's man : Western culture in the computer age. London; Bolter J.D. 1984, Duckworth pp.32, 11.
[31] Bata india ltd. v. Pyarelal and co.AIR(1985),242
[32] Turing's man : Western culture in the computer age. London; Bolter J.D. 1984, Duckworth pp.32, 11.
[33] Nirex industries v. Manchandafootwear,PTC(1984),97
[34] Bata india ltd. v. Pyarelal and co.AIR(1985),242
[35] Turing's man : Western culture in the computer age. London; Bolter J.D. 1984, Duckworth pp.32, 11.
[36] https://www.thehindubusinessline.com/specials/india-file/cyber-crime-cops-and-the-law/article
26502097.ece visit on 12-2-2020
[37] Ibid
[38] Offences & Penalties under the IT Act,2000; http://www.legalservicesindia.com/article/article/ offences-&-penalties-under-the-it-act-2000-439-1.html Criminal Liability for misuse of Information Technology; http://www.sethassociates.com/criminal-liability-for-misuse-of-information-technology.html
[39] https://www.thehindubusinessline.com/specials/india-file/cyber-crime-cops-and-the-law/article 26502097.ece visit on 12-2-2020
[40] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[41] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[42] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[43] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[44] Civil Liberties and the amended Information Technology Act, 200; https://cis-india.org/internet-governance/blog/information-technology-act
[45] B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
[46] Cyber Law in India; http://www.iibf.org.in/documents/Cyber-Laws-chapter-in-Legal-Aspects-Book.pdf
[47] Seth Associates (Advocate & Legal consultants); http://www.sethassociates.com/criminal-liability-for-misuse-of-information-technology.html
[48] http://www.helplinelaw.com/employment-criminal-and-labour/CCII/cyber-crimes-in-india-what-is-types-web-hijacking-cyber-stalking.html assessed on 5-2-2020
[49] B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
[50] B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
[51] B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
[52] https://www.cyberswachhtakendra.gov.in/index.html
[53] http://www.livemint.com/Companies/Aml3SbCIL5SsgxpipR1ltM/Cyber-security-among-top-5-
risks- identified-by-79-organisat.html (visit at 20-1-2020)
[54] https://www.cyberswachhtakendra.gov.in/index.html
[55] http://www.livemint.com/Companies/Aml3SbCIL5SsgxpipR1ltM/Cyber-security-among-top-5-
risks- identified-by-79-organisat.html (visit at 20-1-2020)
[56] Avtarsingh v. State of Panjab AIR(SC 1965),666
[57] Bengal immunity co. ltd. v. State of Bihar,AIR(1955),661
[58] Bharat Bank Ltd. v. Employees,AIR(1950),188
[59] C.C.E. v. Ambalal Sarabhai,SCC(1989),112
[60] G.A. Manterio v. State of Ajmer,AIR SC(1957),13
[61] https://economictimes.indiatimes.com/news/company/corporate-trends/indian-firms-look-for-cyber-
security-cover/printarticle/62978210.cms visit at 10-1-2020
[62] Arm group enterprises ltd. v. WaldrofRestaurant,Scc(2003)6,423
[63] Cibageigy Ltd. v. SurenderSingh,AIR(1999)DEL,49
[64] CS(OS) No. 1279/2001
[65] R/CR.MA/4344/2020
[66] H.C.P.(MD)No.1083 of 2019
[67] MCRC-54513-2019
[68] MCRC-7196-2020
[69] M/s Spentex Industries Ltd. & Anr. Vs. Pulak Chowdhary CS No. 219/18
[70] H.C.P.(MD)No.578 of 2019
[71] (2011) 5 SCC 244
[72] WRIT PETITION Nos. 5449 and 7950 of 2019
[73] WRIT PETITION Nos. 5449 and 7950 of 2019
Law Article in India
Legal Question & Answers
Lawyers in India - Search By City
LawArticles
How To File For Mutual Divorce In Delhi
How To File For Mutual Divorce In Delhi Mutual Consent Divorce is the Simplest Way to Obtain a D...
Increased Age For Girls Marriage
It is hoped that the Prohibition of Child Marriage (Amendment) Bill, 2021, which intends to inc...
Facade of Social Media
One may very easily get absorbed in the lives of others as one scrolls through a Facebook news ...
Section 482 CrPc - Quashing Of FIR: Guid...
The Inherent power under Section 482 in The Code Of Criminal Procedure, 1973 (37th Chapter of t...
The Uniform Civil Code (UCC) in India: A...
The Uniform Civil Code (UCC) is a concept that proposes the unification of personal laws across...
Role Of Artificial Intelligence In Legal...
Artificial intelligence (AI) is revolutionizing various sectors of the economy, and the legal i...
Please Drop Your Comments