CYBER LAW

CYBERCRIME DEFINITIONCybercrime refers to all the activities done

with criminal intent in cyberspace or using the medium of Internet.

These could be either the criminal activities in the conventional sense or may be activities newly evolved with the growth of the new medium.

GROSS UNDER REPORTINGFOR EVERY 500 INSTANCES OF

CYBERCRIMES THAT OCCUR IN INDIA,

ONLY 50 ARE REPORTED AND

OUT OF THE SAME, ONLY ONE CASE GETS REGISTERED BY THE POLICE.

UNDER REPORTING DOES NOT EQUAL TO ABSENCE OF CYBERCRIME

CYBERCRIME IMPACT ON ITCybercrime adversely impacts various

activities in the electronic medium using computers, computer systems and computer networks

Effect is not just destruction or adverse impact on data.

Cybercrimes also have the ability to disrupt or damage computers, computer systems and computer networks as also data or information resident therein

Cybercrimes directly inhibit e-commerce and the free use of the Internet and computers.

CYBERCRIME CATEGORIESCybercrimes can be basically divided into 3 major categories being Cybercrimes against personsagainst property against Government

STATISTICSThe Asian School of Cyberlaws’ Computer

Crime and Abuse Report (India) 2001-02 reports that Data Theft at 33% makes up largest category of reported incidents of Cybercrime.

Of this 37% of data stolen is the Source/Object Code.

INFORMATION TECHNOLOGY ACT, 2000 & CYBERCRIME

Various cyber offences defined

Cyber offences to be investigated only by a

Police Officer not below the rank of the

Deputy Superintendent of Police.

CYBER OFFENCES UNDER THE IT ACT

Tampering with computer source documents – Section 65

Hacking - Section 66 Publishing of information which is

obscene in electronic form - Section 67

SECTION 65Tampering with computer source documentsKnowingly or intentionally concealing,

destroying or altering or intentionally or knowingly causing another to conceal, destroy or alter any computer source code used for computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force

PUNISHMENT FOR TAMPERING COMPUTER SOURCE DOCUMENTSImprisonment up to three years, or with

fine which may extend up to two lakh rupees, or with both.

SECTION 66Hacking with computer systemOccurs when there is intent to cause or

knowledge that one is likely to cause wrongful loss or damage to the public or any person by destroying or deleting or altering any information residing in a computer resource or diminishing its value or utility or affecting it injuriously by any means

PUNISHMENT FOR HACKING

Imprisonment up to three years, or with fine which may extend upto two lakh rupees, or with both.

SECTION 67Publishing of information which is

obscene in electronic formPublishing or transmitting or causing to

be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it

PUNISHMENT FOR PUBLISHING OBSCENE INFORMATION IN ELECTRONIC FORMOn first conviction - imprisonment of

either description for a term which may extend to five years and with fine which may extend to one lakh rupees

Second or subsequent conviction - imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees.

CYBER OFFENCES UNDER THE IT ACT (contd)

Breach of confidentiality and privacyMisrepresentation Publishing Digital Signature Certificate

false in certain particulars and publication for fraudulent purposes.

NEW MANIFESTATIONSNEW FORMS AND MANIFESTATIONS

OF CYBERCRIMES EMERGING EVERYDAY.

IT ACT DEFICIENTThe offences defines in the IT Act are by no

means exhaustive.However, the drafting of the relevant

provisions of the IT Act make it appear as if the offences detailed in the said IT Act are the only Cyber offences possible and existing.

NEED FOR INGENUITY

Just as human mind is ingenious enough to devise new ways for perpetuating crime, similarly, human ingenuity needs to be channelised into developing effective legal and regulatory mechanisms to control and prevent Cybercrimes.

BREACH OF SECURITYBreach of security attracts

consequences of civil liability. If a person without the permission of

owner or any other person in charge of a computer, computer system or computer network, accesses or secures access to such computer, computer system or computer network, he is liable to pay statutory damages by way of compensation, not exceeding one crore rupees to the person so affected.

CIVIL LIABILITYDownloading, copying or extracting any

data, computer database or information from such system or introducing any computer virus into the same or damaging, destructing or causing to be damaged or disruption of the same or denying the access to any authorized person of the same, and providing any assistance to any person for doing any of the acts mentioned above, would also attract the civil liability of damages by way of compensation not exceeding rupees one crore.

BREACH OF SECURITY (contd.)

Breach of security is also implicitly recognized as a penal offence in the form of hacking.

This offence is declared as a penal offence punishable with three years imprisonment and two lakh rupees fine.

INVESTIGATIONFor the purpose of investigating the

offences detailed under the IT Act, 2000, police officers not below the rank of Deputy Superintendent of Police have been duly authorized and who have also been given the power of entry, search and arrest without warrant in public places.

Section 79For the removal of doubts, it is hereby

declared that no person providing any service as a network service provider shall be liable under this Act, rules or regulations made thereunder for any third party information or data made available by him if he proves that the offence or contravention was committed without his knowledge or that he had exercised all due diligence to prevent the commission of such offence or contravention.

Network Service Providers:When Not LiableExplanation.—For the purposes of this

section, —

(a) "network service provider" means an intermediary;

(b) "third party information" means any information dealt with by a network service provider in his capacity as an intermediary.

OFFENCES BY COMPANIES

Where a person committing a contravention of any of the provisions of this Act or of any rule, direction or order made thereunder is a company, every person who, at the time the contravention was committed, was in charge of, and was responsible to, the company for the conduct of business of the company as well as the company, shall be guilty of the contravention and shall be liable to be proceeded against and punished accordingly:

OFFENCES BY COMPANIES(contd)

Provided that nothing contained in this sub-section shall render any such person liable to punishment if he proves that the contravention took place without his knowledge or that he exercised all due diligence to prevent such contravention.

CLAUSE 49, SEBIFOR LISTED COMPANIESCERTIFICATIONS BY CEO AND THE

COMPLAINCE OFFICERCERTIFICATION OF DATA ,

INFORMATION, COMPUTERS, COMPUTER SYSTEMS AND COMPUTER NETWORKS

NEED FOR CYBER LEGAL DUE DILIGENCE

DUE DILIGENCECompliance with IT Act, IT Rules,

notifications etc.

Compliance with Indian Evidence Act.

Information Technology Security Policy

Legal Authentication of E- records.

Retention of E-records as per law.

CONCLUSIONTechno-Legal Risks in today’s Business

Environment.

Need to have a systematic plan for to

measure risk of exposure to the same.

Due Diligence and Compliance only

mantra of survival in today’s E- world.

CONCLUSION(contd)Limiting your liability for criminal

activities done on your computers,

computers and computer networks by

others is absolutely essential lest we face

some unpleasant situations.

CONCLUSION(contd)CYBERLAW AUDIT OF YOUR OPERATIONS

USING COMPUTERS, COMPTUER SYSTEMS

AND COMPUTER NETWORKS CRITICAL FOR

YOUR CONTINUED GROWTH.

PAVAN DUGGAL ASSOCIATES UNDERTAKES

CYBERLAW AUDITS FOR CLIENTS FOR

LIMITING THEIR LIABILITY