Professional Documents
Culture Documents
By
Dayal Legal Associates
Website: www.dayallegal.in
Litigation office
THE VIEWS EXPRESSED IN THIS PUBLICATION ARE PURELY PERSONAL OPINIONS OF THE
AUTHORS AND ARE NOT INTENDED TO HURT ANY SENTIMENTS OR BE BIASED IN FAVOR OF OR
AGAINST ANY PARTICULAR PERSON, COMMUNITY, SOCIETY, SEX, GENDER, RACE, CREED,
NATION, RELIGION AND SUCH REMOTELY AND PROXIMATELY RELATED TERMS. THOUGH ALL
EFFORTS ARE MADE TO ENSURE THE ACCURACY AND CORRECTNESS OF THE INFORMATION
PUBLISHED, DAYAL LEGAL ASSOCIATES SHALL NOT BE RESPONSIBLE FOR ANY ERRORS
CAUSED DUE TO OVERSIGHT OR OTHERWISE. THIS DISCLAIMER MAY CHANGE FROM TIME TO
TIME WITHOUT NOTICE, AND YET WILL ALWAYS BE APPLICABLE. PLEASE CHECK ALWAYS
EDITOR IN CHIEF
EDITOR
KUMAR UTSAV
PREDICAMENT.
2 Index 5
3 Introduction 6-8
1. INTRODUCTION
Man has always been a social animal and more so now with the internet and the social media.
Human beings are now with the internet and the social media. Human beings are now Cyber
beings, choosing to spend a considerable amount of time in the cyber world. The rapid change
occurring in the present era of Information technology and the computer has gained popularity
in every aspect of our lives. This includes the use of Computer by persons involved in the
commission of crimes. Today, Computers play a major role in almost every crime that is
Cyber law is the area of law that deals with the internet’s relationship to technological and
electronic elements, including computers, software, hardware and information systems. In
short, cyber law is the law governing computers and the internet. Its legislation focused on the
acceptable behavioral use of technology including computer hardware and software, the
internet and networks. Cyber law helps protect users from harm by enabling the investigation
and prosecution of online criminal activity. It applies to the actions of individuals, groups, the
public, government, and private organizations.2 Cyber law is the law governing this cyber space
and is important for anyone using the internet, be it organizations or individuals.
Cyber law is the part of the overall legal system that deals with the internet, cyberspace, and
their respective legal issues. Cyber law covers a fairly broad area covering several subtopics
including freedom of expression, access to and usage of the internet, and online privacy.
Generally Cyber law is referred to as law of internet3.
Cyber crimes include fraud, forgery, money laundering, theft, and other illegal activities
performed via computer hardware and software, the internet, and networks. Cyber law
investigates crimes perpetrated in the physical world but enabled in cyberspace. For example,
organized crime syndicates may face prosecution under cyber laws. In business, cyber law
protects companies from unlawful access and theft of their intellectual property.
Cyber law is important because it touches almost all aspects of transactions and activities on
and involving the internet, World Wide Web and cyberspace. Every action and reaction in
1
Indian Journal of Law [Manupatra]
2
https://online.norwich.edu/academic-programs/resources/cyber-law-definition
3
https://ciso.economictimes.indiatimes.com/amp/news/importance-of-cyber-law-
opinion/72450598
The primary source of cyber law in India is the Information Technology Act, 2000 which came
into force on 17th October 2000. This Act provided legal recognition to electronic commerce
and was intended to facilitate filing of electronic records with the Government. The term
electronic commerce or Ecommerce is used to refer to electronic data used in commercial
transactions. Electronic commerce laws usually address issues of data authentication by
electronic or digital signatures.
Intellectual Property rights, as we traditionally know them, have undergone a sea change with
the development of new technology and the reach of the Internet. This includes copyright law
in relation to computer software, computer source code, websites, cell phone content etc.
Software and source code licenses come under the ambit of this law. Trademark law with
relation to domain names, meta tags, mirroring, framing, linking, etc. and patent law in relation
to computer hardware and software.
Data protection refers to the policies and laws which aim to curtail intrusion into privacy which
is caused mainly by the collection, storage and dissemination of one’s personal data. All the
information or data which relate to a person, who can be identified from that information or
data, is known as personal data of that individual. Privacy refers to the right of an individual
where one can choose the extent to which he or she would like to disclose information/data
which pertains to him or her. Some examples of sensitive personal data or information include
passwords, financial information such as bank account or credit card or debit card or other
payment instrument details; physical, physiological and mental health condition; sexual
orientation, medical records and history, biometric information, etc. The Supreme Court
recognizes that the right of privacy is a fundamental right.
There are three major categories of cybercrime; against individuals, against property and
against the Government. Crimes against individuals include cyber harassment and stalking,
various types of spoofing, credit card fraud, human trafficking, identity theft etc. Some online
crimes happen against property, such as a computer or server. These crimes include DDOS
attacks, hacking, virus transmission, cyber and typo squatting, computer vandalism etc. When a
cybercrime is committed against the government, it is considered an attack on that nation's
The importance and scope of Cyber law is ever increasing as we become more and more
dependent on the internet and the related technologies, for our day to day functioning as
individuals and as a society4.
4
http://www.meity.gov.in/content/cyber-laws
5
The Information Technology Act, Author: S.R. Bhansali
The IT Act, 2000 addresses the gamut of new-age crimes. Computer technology, mobile
devices, software and the internet are both medium and target of such crimes. All traditional
criminal activities such as theft, fraud, forgery, defamation, and mischief are part of
cyberspace. These were already addressed in Indian Penal Code7.
6
https://www.myadvo.in/blog/what-is-the-cyber-law-in-india/
7
Internet Law, Author: Rodney D. Ryder
8
Curtis P A., Cowell L. " Cyber Crime": "The Next Challenge" in seminar at School of Law
Enforcement Supervision in November 12, 2000
9
Patil S V "Computer forensic Science" The proceeding of conference on E-security, February
18-19, 2004.
Internet has dramatically changed the way we think, the way we govern, the way we do
commerce and the way we perceive ourselves. Information technology is encompassing all
CYBER LAW Page 10
walks of life all over the world. Cyber space creates moral, civil and criminal wrongs. It has
now given a new way to express criminal tendencies. “IT” has brought transition from paper to
paperless world. The laws of real world cannot be interpreted in the light of emerging
cyberspace to include all aspects relating to different activities in cyberspace. Internet requires
an enabling and supportive legal infrastructure in tune with the times. In today’s digital world
the world is becoming more and more digitally sophisticated and so are the crimes. Initially
Internet was developed as a research and information sharing tool and was in an unregulated
manner, as the time passed it became more transactional with e-business, e-commerce, e-
governance and e-procurement etc. All legal issues related to internet crime are dealt with
cyber laws. As the number of internet users is on rise, the need for cyber laws and their
application has also gathered great momentum. In today’s highly digitalized world, almost
everyone is affected by cyber law. For example almost all transactions in share are in demat
form. Almost all companies extensively depend upon their computer networks and keep their
valuable data in electronic form. Government forms including income tax returns, company
law forms etc. are now filled in electronic form. Consumers are increasingly using online
payment for transfer or money and shopping. Technology per se is never a disputed issue but
for whom and at what cost has been the issue in the ambit of governance. The cyber revolution
holds the promise of quickly reaching the masses as opposed to the earlier technologies, which
had a trickledown effect. Such a promise and potential can only be realized with an appropriate
legal regime based on a given social economic matrix.
10
Information Technology ACT, 2002
The Information Technology Act 2000 has tried to assimilate legal principles available in
several such laws (relating to information technology) enacted earlier in several other
countries, as also various guidelines pertaining to information technology law. The Act gives
legal validity to electronic contracts, recognition of electronic signatures. This is a modern
legislation which makes acts like hacking, data theft, spreading of virus, identity theft,
defamation (sending offensive messages) pornography, child pornography, cyber terrorism, a
criminal offence.
The Act is supplemented by a number of rules which includes rules for cyber cafes, electronic
service delivery, data security, blocking of websites. It also has rules for observance of due
diligence by internet intermediaries (ISP's, network service providers, cyber cafes, etc.). Any
person affected by data theft, hacking, spreading of viruses can apply for compensation from
Adjudicator appointed under Section 46 as well as file a criminal complaint. Appeal from
adjudicator lies to Cyber Appellate Tribunal11.
The main purpose of this act is to give legal recognition to electronic commerce and to
facilitate filing of electronic records with the government. Till now the Indian Law has not
given any definition to the term “Cyber Crime” and “Cyber fraud”. In fact the IPC does not use
the term “Cyber crime” at any point even after its amendment by the IT Act.
11
Information Technology ACT, 2008
Section 66A and Restriction of Free Speech: From its establishment as an amendment to the
original act in 2008, Section 66A attracted controversy over its unconstitutional nature.
Any person who sends by any means of a computer resource any information that is grossly
offensive or has a menacing character; or any information which he knows to be false.
Penalty- The purpose of causing annoyance, inconvenience, danger, obstruction, insult shall be
punishable with imprisonment for a term which may extend to three years and with fine.
A person fraudulently uses the password, digital signature or other unique identification of
another person.
If a person captures, transmits or publishes images of a person's private parts without his/her
consent or knowledge.
If a person publishes or transmits or causes to be published in the electronic form, any material
which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave
and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or
hear the matter contained or embodied in it.
Persons deemed as intermediary (such as an ISP) must maintain required records for stipulated
time. Failure is an offence.
The Controller may, by order, direct a Certifying Authority or any employee of such Authority
to take such measures or cease carrying on such activities as specified in the order if those are
The appropriate Government may, by notification in the Official Gazette, declare that any
computer, computer system or computer network to be a protected system. The appropriate
Government may, by order in writing, authorize the persons who are authorized to access
protected systems. If a person who secures access or attempts to secure access to a protected
system, then he is committing an offence.
If anyone makes any misrepresentation to, or suppresses any material fact from, the Controller
or the Certifying Authority for obtaining any license or Digital Signature Certificate.
Computer forensic is a science of acquiring, preserving, retrieving and presenting data that has
been processed electronically and stored on computer media and according to Department Of
Justice Federal Bureau of Investigation (FBI),computer forensic includes formalized and
approved methodology to collect, analyze and present data in a court of law12.
12
Patil S V "Computer forensic Science" The proceeding of conference on E-security, February
18-19, 2004.
As a result of e-commerce transactions and email communications over the internet, a new type
of virtual evidence has been created. Computer related investigations can involve the review of
email folder achieves to determine internet policy abuses in businesses or government
agencies. Using computer forensics procedures, processes and tools, the computer forensics
specialist can identify fragments of email messages that were dumped from computer memory
during past work sessions.
Since DOS and WINDOWS were never designed to be secure, Computer Scientists & Law
Enforcement personnel could easily obtain information about internet content, web browsing
and other activities from windows system. Even after data has been deleted, much information
remains available for discovery of the Windows swap file. Windows swap files are
dynamically created during the web session & then erased. These same files are then left
behind as a large erased file in unallocated spaces. Unless specifically defragmented and
written over, these erased swap files can be retrieved and archived for analysis.
The Encyclopedia Britannica defines Cyber crime as any crime that is committed by means of
special knowledge or expert use of computer technology. United Nation Manual on prevention
& Control of computer crime and Oxford Reference Online gives list of cyber crimes
committed over internet13. Cyber crime includes a wide variety of criminal offenses and
activities Because of lack of physical evidences investigating a cyber crime become very
13
Curtis P A., Cowell L. " Cyber Crime": "The Next Challenge" in seminar at School of Law
Enforcement Supervision in November 12, 2000
In the present era of information technology, the technology in World has become more
advanced; law enforcement agencies must provide their computer crime investigators with the
technology required to conduct complex computer investigations. Besides access to
technology, law enforcement agencies must also be given Forensic Computer support as many
computer crimes leave “footprints” on the computer as well as on the internet 14 Most
prosecutors also lack the training and specialization to focus on the prosecution of criminals
14
National ICT Security and Emergency Response Centre (NISER) "Is Cyber Crime reigning on
a no Man's land".
A good example is a recent case in UK where a teenager was acquitted after being charged in
court for Distribution Denial of Service (DDOS) attack that crippled the Port of Houston, a US
web-based computer system. Denial of Service (DoS) attacks and more particularly the
distributed ones (DDoS) are one of the latest and most powerful threats that have appeared in
the world of networking. The wildly publicized DDoS attacks against Yahoo, eBay,
Amazon.com and the White House websites have revealed the vulnerability of well-equipped
networks.
There are two principal classes of attacks: Logic attacks & Flooding attacks. The logic attacks,
such as the “Ping of Death” exploit the existing software flaws to substantially degrade
network performance; the flooding attacks such as “Smurf” overwhelm the victim's CPU,
memory and network resources by sending a large number of spurious requests. In this paper,
we will focus only on flooding attacks15.
1. The Internet
The internet is joy for members of the law enforcement community. On one hand, it facilitates
one's ability to communicate and gather information. On the other hand, it enables the criminal
element to do the same. The criminal element actually embraced the benefits of the Internet
long before the law enforcement community did it and in some ways, the latter have resisted
15
Tomar P, "Defense & Solution against Denial of Services Attacks: A Challenges" Proceeding
of Second National Conference on Advanced Images Processing and Networking, organized by
Department of Computer Science and Engineering & IT, National Engineering College,
Kovilpatti, Tamilnadu , February 11th-12th,2005,page 201.
2. Data Theft
Law enforcement is charged with the investigation of the theft of data from companies, but the
main concern of the law enforcement community is the protection of their own data and
unauthorized access to their files. This may require law enforcement agencies to bring in a
security consultant to be sure that their own data is secure from unauthorized access. The only
way to ensure that their system is totally safe is to not to have outside access to it [2]. If they
are connected to the Internet through phone lines through a network or a modem, one cannot
assume that their system will not be compromised at some point. Agencies can install fairly
simple monitoring systems on their systems that will signal them when there has been a
“knock” at the door. These security measures will also alert them to an actual intrusion.
3. Child Pornography
Child pornography distribution is a natural for the Internet. It offers anonymity and ease of
transferring images and text. Child Pornographers trade images of very young children,
depending on their preferences, to other pornographers that will trade them to others or simply
keep them for their own collection.
RECOMMENDATIONS
To avoid the cyber crime some improvement are suggested here to protect the nations: