Lehar Ajwani Mehul Jain Shweta Singh Puneet Vyas Subodh Mallya

Background
y Drew inspiration from Model Law on Electronic

Commerce adopted by the United Nations Commission of International Trade Law (UNCITRAL).
y The said resolution recommends inter alia that all states

give favorable consideration to to the said Model Law when they enact or revise their laws.
y This is in view of need of uniformity

Objective
y Seeks to address two different aspects of technological

revolution.
y Providing legal recognition to electronic transactions and

use of alternatives to paper-based communications and storage etc. offences.

methods

of

y Regulation and control of Cyber Crime and other

y Seeks to define various offences arising out of use of

Digital Signatures
y Lays guidelines for regulating these offences.

Structure of the Act
y Consists of 13 Chapters.
y Chapter 1: Describes the scope and applicability of the act and

the definitions clause.
y Chapter

2: Authentication using digital signatures and asymmetric cryptosystem

y Chapter 3: Legal recognition of electronic records and digital

signatures.
y Chapter 4: Contractual aspects of use of electronic records

such as attribution, acknowledgement, time and place of dispatch and receipt.
y Chapter 5: presumptions available to secure electronic records y Chapter 6,7,& 8: legal frame work within which DS can be

issued and used.

Structure Of The Act (contd¶«) (contd¶«)
y Chapter 9,10 & 11: contraventions offences and penalties y Chapter 12: single provision directed towards issue of

network service provider liability
y Chapter 13: miscellaneous provisions

Transactions
y Transaction: An action or a set of actions occurring between two

or more persons relating to the conduct of the business, commercial or governmental affairs.
y Automated Transactions: A transaction conducted or performed,

in whole or in part, by electronic means or electronic records in which the acts of one or both the parties are not reviewed by an individual in the ordinary course of forming a contract, performing under existing contract or fulfilling an obligation required by the transaction.

Paperless Contract
y IT Act read in conjunction with the Contract Act. y There has to be an offer. y There has to be an acceptance of the said offer. y There has to be some consideration for the contract.

Legal issues in e-commerce eThough the Internet is a goldmine, without adequate legal protection it could become a landmine E-commerce is the mode of conducting business through electronic means. All business activity conducted using a combination of electronic

communications and information processing technology. Total transaction volume of e-commerce in India is expected to grow rapidly to Rs. 1,950 crore by 2008

CORE LEGAL ISSUES
A. Offer and Acceptance B. Click wrap contracts C. Online Identity D. Security : Security over the Internet is of immense importance to promote ecommerce. E. Authentication :Though the Internet eliminates the need for physical contact, it does not do away with the fact that any form of contract or transaction would have to be authenticated

PRIVACY & DATA PROTECTION
No legislation in India that upholds the privacy rights of an individual

Dissemination of sensitive and confidential medical, financial and personal records of individuals and organisations; Sending spam (unsolicited) e-mails; Tracking activities of consumers by using web cookies Unreasonable check and scrutiny on an employee s activities, including their email correspondence.

Intellectual Property Rights 

The Internet is a boundless and unregulated medium  ("IPRs") is a challenge and a growing concern amongst most e-businesses  Ascertaining novelty I originality:

ISSUES IN E-COMMERCE TRANSACTIONS E Preventing unauthorised hyper linking and meta tagging  Protection against unfair competition

1. Interactive marketing practices 2. Spamming 3. Immersive marketing
. 

Domain Names :If the company chooses a domain name that is similar to some

domain name or some existing trademark of a third party, the company could be held liable for cybersquatting.

Electronic payment issues
Secure Credit Card Transactions Recognition of digital currencies Determining the relevant jurisdiction Risk of Regulatory Change Transaction risks Consumer-oriented risks

JURISDICTION

For example, XYZ, a company in London, having its server in USA, may sell its products to customers in India or other countries. If you receive defective goods or if you regret having made the purchase, the question would arise as to which jurisdiction can you sue the company or claim damages or withdrawal respectively. The company, onthe other hand, might find itself confronted with foreign laws

REGULATORY MEASURES
1. 2. ECMS - Electronic Copyright Management System WIPO - World Intellectual Property Organisation

E-commerce Taxation Realising the potential of earning tax revenue from such sources, tax authorities world over are examining the tax implications of e-commerce transactions and resolving mechanisms to tax such transactions.

Concept of Keys
A key comprises of a series of binary digits Locking / Unlocking of Keys Key Pairs consist of two keys
Public Key Private Key

What is Cryptography? Hashing Algorithm RSA used for encryption/decryption Where does my computer store my private key? Who needs a key pair? For how long does a key stay valid? What happens when a key expires?

Message Transfer

I N T E R N E T

REGULATION OF CERTIFYING AUTHORITIES

FUNCTIONS OF CONTROLLER
Exercising supervision over the activities of the Certifying Authorities Certifying public keys Laying down the standards Facilitating the establishment of any electronic system by a Certifying Authority / Certifying Authorities Resolving any conflict of interests between the Certifying Authorities and the subscribers Laying down the duties of the Certifying Authorities

FUNCTIONS OF CONTROLLER
Maintaining a data base containing the disclosure record of every Certifying Authority containing such particulars as may be specified by regulations, which shall be accessible to public. Act as repository Recognition of foreign Certifying Authorities. Recognition of foreign Certifying Authorities. Power to delegate Power to investigate contraventions. Access to data and computer systems

CERTIFYING AUTHORITY FUNCTIONS
Make use of hardware, software and procedures that are secure from intrusion and misuse Provide a reasonable level of reliability in its services To ensure compliance of the Act Disclosure

Demonstration of Use of DSC

Demonstration of Use of DSC

Digital Signature Certificate To Be Attached here

Details for Registering a DSC

Cyber Crime

Offences Under IT Act 2000

Offences Under IT Act 2000
The offence Computer network break-ins Industrial espionage Copyright piracy Software Piracy Child Pornography E-mail bombings Password sniffers Spoofing Credit card fraud Cyber squatting Misleading search words Using an imaginary password and gaining access to a software Changing the information in a file by a regular operator Copying data and selling or giving free to any third party While playing games, a virus enters the system Taking a bribe to permit an offender to gain entry to the office Only after the password is Actually used to hack Offence Not an Offence Conditions 

Only if a computer is involved   

   

Penal Provisions
43. Penalty of damage of computer, computer system, etc. If any person without permission of the owner or any other person who is in charge of a computer, computer or computer network,a) accesses or secures access to such computer, computer system or computer network; b) downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium; c) introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network; d) damages or causes to be damaged any computer, computer system or computer network, data, computer data base or other programmes residing in such computer, computer system or computer network;

Penal Provisions
43. Penalty of damage of computer, computer system, etc. If any person without permission of the owner or any other person who is in charge of a computer, computer or computer network,e) disrupts or causes disruption of any computer, computer system or computer network; f) denies or causes the denial of access to any person authorised to access any computer, or computer network by any means; g) provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made there under; h) charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network, i) he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected

Cyber Appellate Tribunal

Sections 48 64 Deals with the Cyber Appellate Tribunal

Cyber

ellate Tribunal

Cyber
Appeal to Cyber Appellate Tribunal

ellate Tribunal

(1) Save as provided in sub-section (2), any person aggrieved by an order made by Controller or an adjudicating officer under this Act may prefer an appeal to a Cyber Appellate Tribunal jurisdiction in the matter. (2) No appeal shall lie to the Cyber Appellate Tribunal from an order made by an adjudicating officer with the consent of the parties. (3) Every appeal under sub-section (1) shall be filed within a period of forty-five days from the date on which a copy of the order made by the Controller or the adjudicating officer is received by the person aggrieved and it shall be in such form and be accompanied by such fee as may be prescribed: Provided that the Cyber Appellate Tribunal may entertain an appeal after the expiry of the said period of forty-five days if it is satisfied that there was sufficient cause for not filing it within that period.

Cyber
Appeal to Cyber Appellate Tribunal

ellate Tribunal

(4) On receipt of an appeal under sub-section (1), the Cyber Appellate Tribunal may, after giving the parties to the appeal, an opportunity of being heard, pass such orders thereon as it thinks fit, confirming, modifying or setting aside the order appealed against. (5) The Cyber Appellate Tribunal shall send a copy or every order made by it to the parties to the appeal and to the concerned Controller or adjudicating officer. (6) The appeal filed before the Cyber Appellate Tribunal under sub-section (1) shall be dealt with by it as expeditiously as possible and endeavour shall be made by it to dispose of the appeal finally within six months from the date of receipt of the appeal.

Conclusion

y WHERE WE ARE y Fastest growing sector y Contributes more than $30 Billion to India s G.D.P y World leader in outsourcing y DIFFICULTIES y Slow response from govt. y Less support from foreign law enforcement agencies y Slow in adaptability of technology used by criminals

Suggestions
FUTURE COURSE OF ACTION 
Need international co-operation Mutual

co-operation between countries technology between countries criminals 

Transfer of 

Deportation of Educate the

masses about cyber crimes 

Spreading awareness Training and More

educating policemen

and more stringent norms

THANKS QUESTIONS

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.