Professional Documents
Culture Documents
Introduction to Information
Technology and Cyber
Laws
SYNOPSIS
Information Technology and Cyber Evolution of Cyber Law...
Space. ***°*°°°******°******°***** Early Cyber Laws: The Computer
Concept of Information Technology.. Misuse Act, 1990 of Great
Concept of Cyber Space.. Britain.International
Uniform
*ussane**************************
Standards for
The Proliferation of IT and the Need for
Regulation of Cyber Space. Cyber Law: UNCITRAL Model Law
on Electronic Commerce, 1996.. **** 7
Cyber Crimes. * * * * * * *
9
Limitations of Traditional Law and Information Technology Act, 2000...
* 12
Need for a Separate Law for Cyber Other International Cyber Laws.
***°°*********°*°*°******°°°*°° 3
Crime..... saasamas sungsa*ancaa naer*****aaana
. .
CYBER SPACE
INFORMATION TECHNOLOGY AND
Technology
Concept of Information their hardware, software
and
to computer systems, is broadly
n e technology relating on the internet,
applications running defines
internet, and various The Oxford Dictionary
Ctworks, or TT".
Information Technology
to as
TCd and other
IT as: telecommunication
systems,
computers,
use of information.
ne study
or transmitting
retrieving
and
uevices forstoring,
Tec
Information
Cyber Law of
CYBER CRIMES
Cybercrime encompasses any crime involving a computer system or network
where such system or network is
) A Victim of Crime
Where the computer system or its network is the target of the
For example: theft, physical sabotage, violation of offenc
rights, destruction of information, etc. intellectual prope
(i) A Tool of Crime
Where a
computer
commit crime. Forsystem
or network
is being used nt t0
example:
as an
illegal transactions online, instrumo
frauds, etc. creant
card
ii) A
Repository of Evidence Related to
the Crime
Where the computer can help
investigation and prosecution of theobtain information, which assi
erime.
1, Cvher o
TT has made life easier. It has also made crime easier. 'IT'
obliterates the
need for actual physical contact to commit a crime. Crime may be
committed
anywhere from any place through the internet. Another problem is that of
anonymity. Cybercriminals can maintain anonymity with ease. It requires highly
sophisticated equipment and a specialised skill set to identify anonymnous cyber
criminals. Cyber criminais Tace low entry barriers due to the low cost of IT, and
the ease with which the commission of cybercrimes can be learnt. For example,
malware toolkits are now easily available.
IT has also given birth to new kinds of criminal activity. Criminals use IT' to
commit both traditional crimes (embezzlement, cheating, theft, etc.) and new age
crimes (denial of service attacks, computer hacking and data theft, etc.). The
involvement of the computer is not limited to the basic computer crimes only but
used a
it also
is widely in broadrange of other crimes such
as organised
white collar crimes, drug trafficking, frauds, forgeries, kidnappings. extortion,
crimes
gambling, software piracy etc.
Yet another problem for legislation is the moral ambiguity of some of the
crimes or bad behaviour. Many a time, the criminals (and also the victims) are
not even aware that they are committing a crime. Email spamming, identity theft
with no financial implications and cyber stalking are examples of such kind of
behaviour.
Misuse of IT' has given rise to various risks to individuals, organisations and
governments alike:
(1) Financial Risks: through credit card fraud, phishing and salami attacks.
ii) Risk to Information: through hacking.
(111) Individual Risk: through net extortion, online defamation. cyber
stalking, identity theft and cyber bullying.
Gv) IPR Violations: software piracy, cybersquatting, copynght and
trademark infringement.
etc.: through denial of service
(V) Risk to Computers/ Computer Systems,
attacks, viruses and e-mail spamming
items like drugs, online
(V1) Rise in Online Illegal Activity: sale of illegal
gambling and pornography.
terrorism, cyber warfare, cyber
) Risk to Government: through cyber
of websites.
spying and hacking government
CYBER LAws
and Need for a Separate Law for
mitations of Traditional Law
Cyber Crime
Traditional
i o n a l laws
laws pose several
constraints in dealing with eyber-crimes:
A
Issues: Cyberspace has no geographic boundaries.
) Jurisdictional
other country or it
may be commilled by a person in any
cybercrime or network located in
be committed using a computer systemn
may
Code, 1860 provides for bos
another country. While the Indian Penal
territorial and extra-territorial jurisdiction. Its extra-territoria
Indian citizens. Th
extra-territorial
committed by
Jurisdiction is limited to offences
applicability of the penal code to cyber offen
leaves ambiguity in the in a way the
nationals overseas, but,
that may be committed by foreign
This 'transnational' element of cybercrime al
in India.
impact is felt Investigation of offences
international cooperation.
requires greater
other countries and arrest of
cybercriminals of other nationalities wi
established extradition treaties
and special permissions.
require
of Conventional Definitions: Most crimes in
(i) Inapplicability
cyberspace involve intangible objects. This creates problems wher
conventional definitions of crimes are involved. For instance, the
definition of trespass requires actual physical entry for conviction'
Constructive entry upon the property is not within the meaning of this
section. In the case of cyber trespass, or hacking, where there is n
actual entry into the physical territory where the computer is located
this definition would fail. Similarly, the offence of theft is made ou
when there exists an intent to remove from possession. Therefore, for
data to be stolen, it would have to be removed from the
the owner. If the offender were to possession o
without erasing or
simply copy data onto a pen drive
the
modifying the original data in any way, then it may
constitute theft' under the traditional definition
not
of the term.
ii) Creation of New Crimes:
crimes which are not Cyber space has given birth to several ne
website can handle
recognised by conventional laws. For example,
only
a fixed number
information) given point of time. A of viewers or requests (
at a
website from
functioning by cyber-criminal can prevent
denial of service overloading it with requests (known as
an
attack°). This
online business, but, there
kind of attack can
would be
cause huge losses
no clear remedy under ordinu
4. Section 4. Indian Penal Code, 1860.
Extension of Code to Extra-
"The Territorial Offences:
provisions
() any citizen
of this Code
apply also to any offence
(2) any person onof ndia in any
place without and committed by:
5. Section 441. Ibid. any ship or aircraft registered beyond
in India
India;
Criminal Trespass: wherever it may be."
"Whoever enters into
offence or 1o intimidate,or insuli
upon property in
the
lawfully entered into or or possession of another with intent
annoy any person intent to
o commil
niimidate, insult or
'criminal trespass.
upon such
property,
in
possession of such
6. Rash
annoy any such
person, unlawfully remains there
ere propery reby
with intent ther
Behari or withintent
1960 Chatterjee
Cal 189;
See Fagu Shaw & Ors.
v.
to commit an offence,
d 18 aid t
c o m n
or
connection with any other intended to be used causes
any of their purposes of the Government for the defense
compel the agencies, detains any person and of India, any State of
to or
Government or any other person to
threatens
do
to kill Government
injure such person
or
or
abstain from doing any act,..." in order
Cyber L
data may he
oversight by
courts or
Parliament. The
other
intercepted
dete
a u t o m a t e d tests to detect
ubjea
otiona
and
to pattern
recognition
compassion
different forms of
o r intent, and different
markers, such
as hate,
are obligated law to by give
operators
in India access
dissent. Telecom enforcement agency.
networks to every legal
to their
c o n c e r n s raised by
experts is the sheer 1ac of
One of the primary icial word from
There is no offici th
from the
on the project.
bodies or agencies wil1 use thi
information
public how government this
about
government
of population will be
under surveillane
nce
information; what percentage
for a citizen whose personal detail
no legal recourse
etc. There is also
or leaked from
the central or regional database
are being misused
under which surveillance orders are
Unlike America's PRISM project
courts, CMS does not any have judicial oversight'", There
approved by on surveillance.
is thus need for extensive legislation
value of Electronic Information: The extensive use of
(vii) Evidentiary
documentation raised a new question on
IT" for communication and
was being stalked
the admissibility of electronic evidence. If a person
online, can of e-mails or screenshots of chat room messages by
copies
the stalker be admissible as evidence? The pre-amendmended Indian
Evidence Act, 1872 recognised of evidence'
only two types
documentary evidence (i.e., paper based evidence) and oral
evidence
(testimonials of witnesses).
(vii) Validity of Online Transactions: Traditional law does not deal wit
the validity of e-contracts, digital signatures, e-commerce, etc. o
example, 1S a contract entered into through e-mails legally valid? Can
be enforced in a court of law?
Thus, the need was felt to promulgate specialised 1laws to provide for the
following:2
(i) Sening clear standards of behavior for the use of computer devices.
(ii) Deterring perpetrators and
protecting citizens;
(ii) Enabling law enforcement investigations
privacy;
while protecting nav
(iv) Providing fair and effective criminal justice
(v) Requiring minimum protection standardsprocedures
in areas such as l
handling and retention; and
11.
analysis/ndias-central-monitoring-system-security-cant-come-at-cost-of-privacya
Accessed on 23
Sectuon 3, IndianAugust, 2014.
12. Draft Evidence Act, 1872.
Report titled Ca
-2144
recommended that:
This Resolution
consideration to the UNCITRAL Model Law on
"all States give favourable view of the
enact or revise their laws, in
Electronic Commerce when they alternatives to paper-based forms
uniformity of the law applicable to
needfor
and storage of information.
ofcommunication
2000
India's First Cyber Law: The Information Technology Act,
electronic transactions and its'
view of the international recognition of
In
Indian legislature felt the need for providing legal
a
use within India, the
growing It led to the enactment of
framework for e - c o m m e r c e and digital signatures.
Act, 2000 (the IT
India's first legislation: the Information Technology
cyber
Act).
Preamble to the IT Act' states as
1. Objectives of the IT Act': The
follows
transactions carried out
An Act to provide legal recognition for the
and other means of
by means of electronic data interchange "Electronic
electronicc communication, commonly referred to as
thereto.
WHEREAS the General Assembly of the United Nations by
resolution A/RES/51/162, dated the 30th January, 1997 has adopted
the United
the Model Law on Electronic Commerce adopted by
Nations Commission on International Trade Law:
recommends inter alia that all
AND WHEREAS the said resolution
said Model Law when
States give favourable consideration to the
view of the need for uniformity of
they enact o r revise their laws, in
the law applicable to alternatives to paper-based methods of
communication and storage of information;
receipt, time of
(iv) To provide for a
issue of
Controller of
Certifying Authorities
digital signature certificates". in relation to
(v) To define offences
and
(vi) To establish a Cyber prescribes penalties
(vii) To lay down Appellate Tribunal,
(Vil) To liability of intermediaries
prescribe extra territorial
The
provisions of this Act are not jurisdiction for cyber offences.
28
G) A
negotiable applicable to the following
i) instrument,
A power-of-attorney, instruments
i) Atrust,
(iv) A will,
(v) including any other
Any contract for the
interest in such testamentary
sale or disposition,
21. property, and conveyance of
immovable
Chapter 1l, IT Act, rty r any
22.
23. Chapter 1ll. Ibid. 2000. prope
24. Chapter
25. Chapter VIIN. andIbid.
26. Chapter IX and VII. Ibid.
27. Chapter X. Ibid. XI. Ibid.
28. Chapter
Section XIl. Ibid
29.
Section 75. Ibid.
14). Ibid
Chapter
(vi) Any such class of documents or transactions as may be notified by the
Central Government in the Official Gazette.
3. Legislations Amended by the IT Act': In order to fully achieve the
objectives of the IT Act', corresponding changes were required in
other laws. For instance, the Model Law requires that there should be
no discrimination between electronic
records and normal documents.
to be amended to
This means that the law of evidence would have
evidence. Therefore, the IT
recognise electronic records as admissible
Act made amendments to the following Acts:
verification of
admissibility of electronic records, proofand evidence".
as to electronic
digital signatures and presumptions
ii) Banker's Book Evidence Act, 1891
books"*and 'certified copies were
The definitions of 'bankers
electronic devices and printouts
amended to include data stored in
certifications to accompany such
of such data. A section on
printouts was also inserted".
Reserve Bank of India Act, 1934
(iv) to include
The powers to make regulations were amended 41
electronic means "
regulations on fund transfer through
The
issued under the IT Act':
4. Various Rules and Notifications issues rules and
Electronics and Information Technology
Department of of the important
notifications on various issues
from time to time. Some
rules are:
1T (Reasonable
Securily
(ii) 20111
Data or Information) Rules,
Personal sensitive personal data
responsibility for
Rules regarding corporate of
collection of information, disclosure
such as privacy policies,
information, etc.
2011
(ii) IT (lntermediaries Guidelines) Rules,
Rules regarding due diligence to be observed by intermediaries in
the discharge of their duties.
(iv) IT (Guidelines for Cyber Cafe) Rules, 2011
Rules regarding registration of cyber cafes, identification and log
requirements for cyber café users, inspection of cyber cafes, etc.
(v) IT (The Indian Computer
Emergency Response Team and
Manner of Performing Functions and
Duties) Rules, 2013
Rules with respect to the
functioning of the Computer Emergency
Response Team, such as- coordinating
action
emergencies, providing incident during cyber security
publishing alerts response services to users,
offering informationconcerningg
to help
vulnerabilities and threats, and
and
Other International improve cyber security.
1.
Cyber Laws
UNCITRAL Model Law on
signatures were increasingly Electronic Signatures (2001):
Electronic
signatures. This law sets out being used as a substitute for hand
down the same
fundamental international standards for writte
discrimination, principles as the their use. It 1ays
technological
key provisions are: Model Law,
neutrality and functional namely, no
) Criteria
establishing equivalence. 1
i)
written signatures
Equal treatment of
equivalence between electronic
ii) and hand
Duties and methods of
liabilities of the creating electronic
cerification service provider
(GV)
Recognition of foreign signatory , the signatures
relying
43
2.
United
Nations certificates and party and the
anu
42. Article
Communieations in Convention
International on electronic
the signatures
Use of
47
43. 6.
UNCITRAL Model Law
Article 3. Ibid. Contracts (New of Electroni
Ee his
44. Aricle 8. Ibid. on York, 200> This
45. Article Electronic
46. Article 11. Ibid.
9. Signatures.
47.
Article 12.Ibid.
Ibid.
Chapter 1 ntroduction to Information Technology and Cyber Laws 13
convention was made to remove the obstacles faced due to the use of
electronic communications in international trade. It makes electronic
communications and contracts concluded thereby equivalent in their
legality and enforceability to paper based communications. Its' key
provisions are:
48
(i) Place of business and related presumptions"".
ii) Recognition of legality of electronic communications"
49
and
electronic contracts
(ii) Criteria establishing equivalence between electronic
communications/ contracts and paper- based communications/
contracts.
(iv) Time and place of dispatch and
communications.
receipt of electronic
(v) Effect of error in electronic
communications".
*,
Articles 1 and 6, United Nations
International Contracts. Convention on the Use of
49. Article 8. Electronic Communications in
50. Article Ibid.
12.
51. Article 9. Ibid.
Ibid.
S2. Article 10.
S3. Article 14 Ibid.
hid