Law And Policy In Indian Cyberspace

In the present scenario, the computer and internet play an important role in one’s life. These significant innovations had brought radical changes in one’s life. Besides being an important innovation, it has become a place for committing criminal offences. Cybercrime has become a transnational crime with no physical wall to demarcate the territory in cyberspace.

Cybercrime is defined as the intentional use of technology so as to cause destruction and harm to the tangible or intangible things of others. People involved in these cybercrimes are called as ‘cyber terrorist’ and can cause the economic structure of any country to collapse.

Various criminals like hackers and crackers have been able to intervene in the internet data with the help of techniques like hacking Domain Name Server (DNS), Internet Provider’s address, spoofing, phishing etc. and got ‘unauthorized access’ to the user’s computer system.

India is not the member state of various cyber-crime conventions but has adopted the principle of universal jurisdiction for the inclusion of cyber convention and cyber offenses under the “Information Technology Act, 2000 (IT Act, 2000).” In India, laws relating to cybercrimes are governed by the said act.

This act is applied to the offenses and contraventions which are committed outside India by any person which involves a computer, computer system or computer network located in India[1].

CATEGORIES OF CYBER CRIME

1. Cyber Crimes Against Persons

1. Harassment via E-Mail– It is common harassment taking place by sending letters, attachments of files and folders through E-mails. Now, it is done through social sites like facebook, twitter etc.

2. Cyber-Stalking- It refers to the physical threat which creates fear through use of technology such as internet, phones, text messages, videos etc.

3. Defamation– It is an act with the intention of lowering down the reputation and dignity of the person by hacking his E-mail account and sending emails with abusive languages to an unknown person.

4. Hacking- It refers to the unauthorized access over the computer system and completely destroying the whole data and computer program.

5. Cracking- It is one of the gravest offenses in cybercrime. It is when a stranger has broken into your computer system without consent and had tampered with the confidential data and information.

There are many other cyber crimes against the person such as dissemination of obscene material, spoofing, carding, cheating, fraud, child pornography etc.

2. Cybercrime against Person’s Property

1. Intellectual Property Crimes- It refers to the unlawful acts by which the owner of the intellectual property is deprived completely or partially of the rights. It can be in the form of software piracy, service mark violation, theft of the computer source, etc.

2. Cyber Squatting- It refers to the cases where two-person claims for the same Domain name. For instance, www.yahoo.com and www.yaahoo.com.

3. Cyber Vandalism- It refers to the destroying and damaging of the data when a network service is stopped. It a kind of physical harm done to someone’s computer system.

4. Transmitting Virus- Virus are the worms that attach themselves to the computer or a file and play a major role in affecting the computer system of the individuals.

The other type of cybercrime against the person’s property includes Hacking the computer system, cyber trespass and internet time theft.

3. Cybercrime against Government

1. Cyber Terrorism- The common form of cyber-terrorism attack on the internet takes place through hate websites, hate e-mails etc. These activities endanger the sovereignty and integrity of the nation.

2. Cyber Warfare- It refers to political hacking to conduct sabotage and espionage.

3. Pirated software- It means the distribution of this pirated software from one computer to another with the intention to destroy government official records.

4. Cybercrime against Society at large

1. Child Pornography- It means the use of computers and the internet to create and distribute content with the intention to sexually exploit underage children.

2. Cyber Trafficking- It refers to the trafficking of drugs, human beings, arms, weapons etc. which affects large number of persons.

3. Forgery- It refers to deceiving large number of people by sending threatening e-mails with the help of online business transactions.

Other crime against the society at large includes online gambling, financial crimes etc.

According to the provisions of the Information Technology Act, 2000, whoever intentionally deletes, alters or disrupts any computer so as to damage the whole data of the computer without the consent of the owner of the computer, shall be liable to pay a fine of up to 1crore to the person so affected by the way of remedy.[2]

Also according to the information technology amendment act, 2008, where a body corporate is maintaining and protecting the data provided by the central government and if there is any negligent act or failure in protecting such data then such body corporate is liable to pay compensation to the person affected.[3]

Provisions of the deals with the hacking of the computer system’ and provides for imprisonment up to 3 years or fine, which may extend up to 2 years or both.[4]

Whoever knowingly or intentionally conceals, destroy or alter any computer source code used for a computer program, computer network or computer system, when such code is required to be maintained by the law for the time being in force, such person shall be punishable with imprisonment up to three years or with the fine which may extend to two lakh rupees or both.[5]

In the case of Syed Asifuddin vs. State of Andhra Pradesh[6], some unidentified persons made an offer to the Reliance customers to switch to a lower-priced Tata Indicom telecom services scheme. They also made offers to the customer to unlock the phone so that the exclusive Reliance handsets could be used for Tata Indicom services. On receiving such information of ‘unlocking’ Reliance filed the case under the provisions of IPC, IT Act and Copyrights Act.

The court held that, a cell phone is a computer consisting of unique set of numbers like Electronic Serial Number (ESN) and System Identification Code (SID). Both ESN and SID come under the ambit of section 65 of the IT, Act. Thus, when ESN is altered, the offence under section 65 is said to be committed.

Section 66A of the Information Technology Act, 2000 talk about Punishment for sending offensive messages through communication services etc. (REPEALED)

In the leading case law of Shreya Singhal vs. Union of India[7], the supreme court held section 66A of the Information Technology Act 2000 unconstitutional on the ground that it violates Article 19(1)(a) of the Constitution of India, 1950. The SC observed that every expression used in this provision is vague in meaning. What may be offensive to one may not be the same as another. What may cause inconvenience to one may not cause the same to another. There if no demarcating lines which can be interpreted by this statute. Hence the section is rendered as unconstitutional.

NATIONAL CYBER SECURITY POLICY[8]

National Cyber Security Policy provides framework or roadmap to deal with issues relating to cybersecurity at all levels of country. Strategies made under national cybersecurity policy are as follows:-

  1. Creating a secure cyber ecosystem to ensure that all organizations follow a specific budget for implementing cybersecurity incentives and meeting uncertainty arising out of cyber incidents.
  2. Creating an assurance framework to promote global best practices to enhance cyber security posture.
  3. Encouraging open standard to facilitate interoperability and data exchange among different products or services.
  4. Strengthening the regulatory framework to enable periodic audit and evaluation of effectiveness of security of information infrastructure, with respect to regulatory framework.
  5. Creating mechanisms for security threat early warning, vulnerability management and response to security threats
  6. Securing E-Governance services for implementation of global security practices, cyber crisis management plan for all e-governance.
  7. Promotion of Research & Development in cyber security.
  8. Reducing supply chain risks creating and maintaining infrastructure and facilities for IT security product evaluation and compliance verification as per global standards and practices.

[1] Section 75 of IT Act, 2000.

[2] Section 43

[3] Section 43A

[4] Section 66

[5] Section 65

[6] 2005 Cr.L.J. 4314 AP

[7] AIR 2015 SC 1523

[8] https://nciipc.gov.in/documents/National_Cyber_Security_Policy-2013.pdf

This article is authored by Kartik Jain, Fourth-Year, BBA LL.B (Hons.) student at Vivekananda Institute of Professional Studies.

Also Read – Terrorism And Cyber Crimes in India

Law Corner

Leave a Comment