Professional Documents
Culture Documents
net/publication/358797907
CITATION READS
1 5,004
1 author:
Jatin Patil
Narsee Monjee Institute of Management Studies
3 PUBLICATIONS 1 CITATION
SEE PROFILE
All content following this page was uploaded by Jatin Patil on 23 February 2022.
ABSTRACT
Page: 1
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
LITERATURE REVIEW
1. Shubham Kumar et al. (2015) in "Present scenario of cybercrime in INDIA and its
preventions" have discussed various categories and cases of cyber-crime which are
committed due to lack of knowledge or sometimes due to the intention behind it.
Writers have also suggested various preventive measures against these unlawful acts in
day-to-day life. The paper starts with the data where Indian stands second top-most
country in Asia in the number of cybercrimes according to International World Stats
and Kumar's article/paper. Moreover, writers discussed what is cyber-crime in legal
parlance. Furthermore, the paper deals with the types of cyber-crimes which include
email-spoofing, phishing, identity theft, internet fraud, etc. Additionally, authors have
also discussed present trends, cyber-laws in India, the penalty for damages, and basic
practise for prevention.
2. Jigar Shah (2016) in "A Study of Awareness About Cyber Laws for Indian Youth" talks
about a conceptual model explaining how to uphold and implement the awareness
programmes among internet users regarding cybercrimes. The writer starts with a brief
introduction to the topic by providing statistics. Furthermore, Shah discusses the
concept of cybercrimes by giving several definitions. Moreover, the paper talks about
user awareness and then categories of cybercrimes. Additionally, Shah has analysed the
data of every aspect.
The main objectives of the research are to analyse the cybercrimes in India with reference to
the authentic data available. The data thus obtained has been standardised, studied, and
exhaustively analysed. The exclusive objective of this paper is to know:
This paper is divided into three sections. Firstly, I have examined all about cybercrime and
discussed different definitions. Furthermore, paper deals with types of crime which include
hacking, salami attack, phishing, spoofing, email-bombing, logic bomb, trojan attack and many
more other types. Additionally, the paper provides a Mind-map form of types of cyber-crime
in a decent manner and detail. Moreover, the paper talks about Cyber laws in India where
Sections related to IT Act, IPC etc. are discussed along with broad areas covered under cyber
Page: 2
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
law like internet fraud, copyright, defamation, etc. I further have dealt with the future of Cyber
laws. Following section 3 examines the statistical data of Cyber-crimes in India from 2012 to
2019. Additionally, section 3 by concluding mentions the measures to be taken to prevent
cyber-crime.
RESEARCH METHODOLOGY
Documentary and rational methodologies are used in the research. The information was
gathered from both primary and secondary sources. The essential data was gathered from
statutes, reports, and other judicial decisions in terms of original sources. Data will be gathered
through secondary sources such as books, journals, articles, newspapers, magazines, blogs, and
the internet. All of the codes' rules, as well as the information supplied about cybercrime in
India, have been properly evaluated.
SECTION 1
1. Introduction
Cybercrime is a relatively new type of crime in the world. Any illegal behaviour that occurs on
or via the medium of computers, the internet, or other technology recognised by the
“Information Technology Act1” is described as cybercrime. Cybercrime is the most common
crime in modern India, and it has a terrible impact. Criminals not only cause significant
damages to society and the government, but they also disguise their identities to a large extent.
A variety of unlawful acts are carried out by technically proficient criminals over the internet.
In a broader sense, cybercrime can be defined as any illicit conduct in which a computer or the
internet is used as a tool, a target, or both. The term "cybercrime" has been construed by Indian
courts in some cases, although it is not defined in any act or statute passed by the Indian
legislature. Cybercrime is an uncontrollable evil that stems from the misuse of modern society's
growing reliance on technology. The usage of computers and other related technologies in daily
life is fast increasing, and it has evolved into a need that supports user convenience. It is an
unlimited and unquantifiable medium. Cyber-stalking, cyber-terrorism, e-mail spoofing, e-mail
bombing, cyber pornography, cyberdefamation, and other newly emerging cybercrimes are
only a few of the newly emerging cybercrimes. If they are committed using a computer or the
Internet, some traditional crimes may fall under the category of cybercrime.
1
The Information Technology Act, 2000, No. 21, Acts of Parliament, 2000 (India).
Page: 3
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
Cybercrime can be defined as the use of technology to facilitate classic crimes such as robbery,
theft, and misrepresentation, or as a planned strike, such as hacking a warning system before
entering an unapproved area. At the individual, government, or nation-state level, all of this is
feasible. There will be no legislation or law-enforcing agencies in the world ready to provide a
good outcome in the event of a country assault; the major emphasis leads to political, economic,
or military coercion.
Cybercrime can take the form of "virtual only" offences, such as the dissemination of illegal
images, documents, or sensitive data. Professional programmer groups are also included in this
category; they provide digital specific products and ventures to anyone, from unknown persons
to governments, that include denial of administration assaults and responsibility for traded off
systems. As more of our lives are spent online, the cyber-only sort of misbehaviour will only
become more prevalent. Without a doubt, this trend will continue to push law enforcement
further into the internet.
The Indian legislature has not provided a precise definition of cybercrime in any statute; even
the Information Technology Act of 2000, which addresses cybercrime, does not define the
term. However, in general, the term "cybercrime" refers to any illegal behaviour that is carried
out over the internet or through the use of computers.
We do not have a specific definition of cybercrime however the Oxford Dictionary defines
cybercrime as follows:
2
Rashmi Saroha, Profiling a Cyber Criminal, 4 International Journal of Information and Computation
Technology, No. 3 pp. 253-258, (2014).
3
Oxford by Lexico, https://www.lexico.com/definition/cybercrime (last visited 12th July 2021)
Page: 4
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
“Cybercrime can be defined as those species whose genus is traditional crime and where the
computer is either an object or a subject of the criminal conduct.”4
1. Child Pornography
It is one of the most serious offences. Abusers utilise the Internet to reach out to and sexually
abuse youngsters all around the world. The proliferation of the internet has made children a
tempting target for cybercriminals. Paedophiles use their phoney identities to lure children into
their traps, including contacting them in chat rooms where they befriend them and steal
personal information from their helpless victims. These paedophiles lure children onto the
internet in order to sexually attack them or exploit them as a sex object.
2. Hacking
Hacking requires unauthorized device access and the modification of the device so as to enable
continued access, as well as a change of the target machine set-up, purpose, or service, without
awareness or consent of the system owners.
4. Virus dissemination
This illegal activity type requires either direct or non-authorized entry to the operating system
by installing new applications that are classified as ss bugs, worms, or logic bombs. The
unauthorized removal or deletion of machine data or the Internet function, which prohibits
regular device functions, is obviously an illegal offence and is generally referred to as computer
sabotage.
5. Computer forgery
4
Parthasarathi Pati, Cyber Crime, https://www.naavi.org/pati/pati_cybercrimes_dec03.htm (last visited: 12 July
2021)
Page: 5
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
This occurs as data is changed and processed in computerized records. However, machines
may also be used as means to conduct forgery. The availability of computerized colour laser
copies created a new wave of dishonest modification or replication.
Modern companies easily exchange cash with computer machine stored cash, which causes
computer theft. Credit card identification and personal and financial credit card details are often
targeted for organized crime. Assets in data format also have a significantly higher value than
historically economic assets which contribute to a potentially higher economic class.
7. Phishing
Modern companies easily exchange cash with computer machine stored cash, which causes
computer theft. Credit card identification and personal and financial credit card details are often
targeted for organized crime. Assets in data format also have a significantly higher value than
historically economic assets which contribute to a potentially higher economic class.
8. Spoofing
Get one machine on a network to have a separate computer, typically a computer with unique
access rights, such that the other machines are accessed throughout the network.
9. Cyberstalking
Cyberstalking is a modern way of cyber-crime in our culture where a person is being pursued
or monitored online. A cyber-stalker does not physically track his victim; after his online
interaction, he gathers details on stalks, harasses him and utilizes verbal threats to intimidate
him. It is a violation of your anonymity online.
10. Threatening
The suspect sends abusive emails or contacts the survivor in chat rooms.
In such a fraud, the suspect performs subtle modifications in such a way the changes go
unnoticed. Criminal deducts tiny sums as at 2.50 per month from all the bank's customer's
accounts and deposits it into their account. In this situation, no account manager can approach
Page: 6
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
the bank for too little, but fraudulent profits are massive.
Involves altering raw data just before a computer processes it and then changing it back after
the processing is completed.
Viruses are programmes that attach themselves to a computer or a file, then spread to other
files and computers on a network. They usually have an impact on a computer's data by
modifying or removing it. Unlike viruses, worms do not require a host to attach to. They simply
generate working clones of themselves and repeat the process until all of the accessible memory
on a computer has been used.
This crime depends upon a happening of a particular conditional event. The clearest example
is the Chernobyl virus, which was dormant for most of the year and only became active on a
specific date.
This is when an unauthorised person uses Internet hours that have been paid for by another
person. Until the victim reported it, this type of cybercrime had never been heard of. This crime
is normally prosecuted under the Indian Penal Code5 and the Indian Telegraph Act6.
5
Indian Penal Code, 1860, No. 45, Acts of Parliament, 1860 (India).
6
Indian Telegraph Act, 1885, No. 13, Acts of Parliament, 1885 (India).
Page: 7
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
19. Cybersquatting
Obtaining a domain name in order to collect payment from the owner of a trademark (including
a business name, trade name, or brand name) is known as cybersquatting, and it can also include
typo squatting (where one letter is different). A trademark owner can win a cybersquatting case
by proving that the defendant registered a domain name containing the plaintiff's distinctive
trademark in bad faith and with the purpose to profit.
Cyber defamation is defined as any negative statement intended to harm a person's company
or reputation. Libel or slander can be used to defame someone. When defamation is carried out
via computers and/or the Internet, it is known as cyber defamation.
It Is capturing and recording the keystrokes of a user. This kind of tool is used to extract
passwords and encryption keys and thus override security measures.
A type of attack that is disguised as harmless data and performed by a user's or other
programme to launch an attack. A data-driven attack on a firewall is a worry because it could
pass past the firewall in data form and initiate an attack against a system behind the firewall.
A type of spoofing that takes use of the Domain Name Service, which allows networks to
translate textual domain names to the IP numbers used to route data packets.
Page: 8
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
A form of human intelligence (HUMINT) in which cast-off articles and information are
scavenged in an attempt to obtain advantageous data.
Intentional introduction of electromagnetic pulses into transmission pathways in any way with
the goal of fooling or confusing operators.
Page: 9
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
SECTION 2
Indian cyber laws are governed by the Information Technology Act, which was implemented
in 2000. This Act's major purpose is to provide secure legal protection for eCommerce by
making it easy to register real-time records with the government. A number of changes were
made as cyber criminals got cleverer, as well as the human proclivity to misuse technology.
The ITA emphasises the heavy sanctions and penalties that protect the e-governance, e-
banking, and e-commerce businesses, which were passed by India's Parliament. ITA's scope
has been broadened to encompass all of the most contemporary communication devices.
The IT Act is the most significant, as it directs all Indian legislation to strictly regulate
cybercrime:
i. Section 437 [Penalty and compensation] for damage to computer, computer system,
etc.–If any person without permission of the owner or any other person who is in charge
of a computer, computer system or computer network.
ii. Section 668 Computer related offences - If any person, dishonestly or fraudulently,
does any act referred to in section 43, he shall be punishable with imprisonment for a
term which may extend to three years or with fine which may extend to five lakh rupees
or with both.
iii. Section 66B9 Punishment for dishonestly receiving stolen computer resource or
communication device - Whoever dishonestly receive or retains any stolen computer
resource or communication device knowing or having reason to believe the same to be
stolen computer resource or communication device, shall be punished with
imprisonment of either description for a term which may extend to three years or with
fine which may extend to rupees one lakh or with both.
iv. Section 66C10 Punishment for identity theft– Whoever, fraudulently or dishonestly
make use of the electronic signature, password, or any other unique identification
feature of any other person, shall be punished with imprisonment of either description
7
Information Technology Act, 2000, § 43, No. 21, Acts of Parliament, 2000 (India).
8
Ibid § 66,
9
Ibid § 66B.
10
Ibid § 66C
Page: 10
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
for a term which may extend to three years and shall also be liable to fine which may
extend to rupees one lakh.
v. Section 66D11 Punishment for cheating by personation by using computer resource-
Whoever, by means of any communication device or computer resource cheats by
personation, shall be punished with imprisonment of either description for a term which
may extend to three years and shall also be liable to fine which may extend to one lakh
rupees.
The Indian Penal Code (IPC), 1860, and the Information Technology Act of 2000 are both used
to prosecute identity theft and related cyber offences.
Corporate stakeholders refer to the Companies Act of 2013 as the legislative necessity for
everyday operations optimization. The directive of this Act binds all required techno-legal
compliances, putting businesses that are less compliant in a legal bind.
The SFIO (Serious Frauds Investigation Office) was given the jurisdiction to prosecute Indian
firms and their directors under the Companies Act of 2013. Following the notice of the
Companies Inspection, Investment, and Inquiry Rules, 2014, SFIOs have been considerably
more diligent and harsher in this regard.
The bill has adequately addressed all regulatory compliances, including cyber forensics, e-
discovery, and cybersecurity vigilance. The Companies (Management and Administration)
11
Ibid § 66D.
12
The Indian Penal Code, 1860, § 464, No. 45, Acts of Parliament, 1860 (India).
13
Ibid, § 465
14
Ibid, § 468
15
Ibid, § 469
16
Ibid, § 471
Page: 11
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
Rules, 2014 imposes rigorous cybersecurity standards and responsibilities for corporate
directors and representatives.
4. NIST Compliance
The National Institute of Standards and Technology (NIST), as the most trusted global
certifying organisation, has certified the Cybersecurity Framework (NCFS), which provides a
unified approach to cybersecurity.
The “NIST Cybersecurity Framework” includes all the guidance, standards and best practises
for safely managing cyber-related risks. The versatility and cost-effectiveness of this system
are top priorities. It promotes vital infrastructure stability and security by:
Power to issue direction for blocking from Section 69A18 of IT Act, 2000
public access of any information through
any computer’s resources.
17
The Information Technology Act, 2000, § 43, No. 21, Acts of Parliament, 2000 (India).
18
Ibid, § 69A
19
Ibid, § 69B
Page: 12
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
20
Ibid, § 70
21
Ibid, § 71
22
Ibid, § 72
23
Ibid, § 73
24
Ibid, § 74
25
Ibid, § 75
26
Ibid, § 77
27
Ibid, § 77A
28
Ibid, § 85
29
The Indian Penal Code, 1860, § 503, No. 45, Acts of Parliament, 1860 (India).
30
Ibid, § 499
31
Ibid, § 420
Page: 13
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
Cyber laws cover a wide range of applications. Some laws govern how people and corporations
use computers and the internet, while others protect people from becoming victims of crime as
a result of unethical online behaviour. Some of the most important components of cyber law
are as follows:
1. Internet fraud
Cyber laws are relied upon by consumers to protect them from online scams. Legislation has
been passed to combat online identity theft, credit card theft, and other financial crimes.
Identity theft can result in federal, or state criminal charges being brought against the
perpetrator. A legal claim launched by a victim is another possibility. Cyber attorneys fight to
protect and prosecute those who are suspected of committing fraud over the internet.
2. Copyright38
Breaches of copyright have become simpler thanks to the internet. Copyright breaches were all
32
Ibid, § 463
33
Ibid, § 383
34
Ibid, § 500
35
Ibid, § 507
36
Narcotic Drugs and Psychotropic Substances Act, 1985, No. 61, Acts of Parliament, 1985 (India).
37
The Arms (Amendment) Act, 2019, No. 48, Acts of Parliament, 2019 (India).
38
The Copyright Act, 1957, § 14, No. 14, Acts of Parliament, 1957 (India).
Page: 14
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
too common in the early days of online communication. In order to enforce copyright rights,
both businesses and individuals need the assistance of lawyers. Copyright infringement is a
sort of cyber law that safeguards the rights of individuals and corporations to profit from their
own creative works.
3. Defamation39
A number of employees utilise the internet to communicate with one another. When people use
the internet to express things that aren't true, it might be considered slander. Defamation laws
are civil rules that prohibit persons from making false public allegations that can harm the
reputation of a company or an individual. Individuals who use the internet to express statements
that are forbidden under civil law are subject to defamation legislation.
Online posts may often be used to break criminal laws against harassment and stalking. When
someone repeatedly makes threatening comments about another person online, they are
breaking both civil and criminal laws. When harassment happens over the internet or by other
means of electronic communication, cyber lawyers prosecute and defend individuals.
5. Freedom of expression
This is a crucial facet of cyber law. While some online behaviours are prohibited by cyber laws,
freedom of speech rules allow people to express themselves. Clients of cyber attorneys must
be advised on the boundaries of free expression, including legislation prohibiting obscenity.
When there is a dispute on whether their activities are legitimate free expression, cyber lawyers
can be able to protect their clients.
6. Trade secrets
Cyber laws are frequently used by businesses who conduct business online to secure their
confidential information. For example, Google and other internet search engines spend a lot of
effort developing the algorithms that create search results. They also put a lot of effort into
39
The Indian Penal Code, 1860, § 499, No. 45, Acts of Parliament, 1860 (India).
"Whoever, by words either spoken or intended to be read, or by signs or by visible representations, makes or
publishes any imputation concerning any person intending to harm, or knowing or having reason to believe that
such imputation will harm, the reputation of such person, is said, except in the cases hereinafter expected, to
defame that person".
Page: 15
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
developing extra features like maps, intelligent assistance, and flight search services, to
mention a few. These companies may be able to use cyber laws to take legal action to preserve
their trade secrets if necessary.
You have employed cyber law when you click a button indicating that you agree to the terms
and conditions of visiting a domain. Any website contains terms and conditions that are related
to privacy issues in some way.
As cyber law develops around the world, various countries recognise that their laws must be
harmonised, and that worldwide best practises and standards must guide implementation. In
the courts, cyber legislation will need to be developed further. Both substantive and procedural
laws would require revised explication in light sof the knowledge obtained from technical
complexity. The courts will have to adopt a cyber-jurisprudence that is in line with our
constitutional protections.
The new year, 2012, has arrived. Technology and cyberspace are steadily making significant
strides in the forward direction as the planet goes through a distinctly special period in history.
With the economic, political, and social developments of 2011 as a backdrop, 2012 is shaping
up to be a year filled with Cyber law challenges and trends. It's never easy to do crystal gazing,
particularly with such precision.
However, some major Cyber law developments that are expected to emerge in 2012 can be
forecast based on the current state of jurisprudence and evolving trends. The biggest cyber law
theme in 2012 is expected to be increased network attacks and the need for appropriate
legislative frameworks for strengthening, sustaining, and promoting cyber security.
As data security attacks and vulnerabilities are expected to rise sharply in 2012, policymakers
around the world will be challenged to put in place effective facilitating legal frameworks that
not only secure and preserve cyber security, but also help instil a cyber security ethos among
netizen users. Many present cyber laws around the world fall short of addressing critical cyber
security challenges.
This year, there will likely be a renewed focus and emphasis on developing effective mandatory
Page: 16
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
provisions to aid in the protection, preservation, and promotion of cyber security in the context
of the use of computers, computer systems, computer networks, computer resources, and
communication devices. Cyber legislators throughout the world will be faced with the difficult
issue of controlling vested interest’s use of social media while also offering real remedies to
victims of various illegal actions on social media.
SECTION 3
Source: NCRB (India), Number of cyber-crimes reported across India from 2012 to 2019
Statista.
India has seen a considerable increase in cybercrime reports in 2019. Over 44.5 thousand
cybercrime events were reported in that year. During the time period studied, Karnataka and
Uttar Pradesh had the highest proportion.
Page: 17
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
In comparison to the rest of the country, the northern state of Uttar Pradesh had the largest
number of cybercrimes, with over 6,000 incidents reported to authorities in 2018. Karnataka,
India's tech state, followed suit the next year. The majority of these complaints were filed under
the Information Technology Act with the intent of defrauding or sexually exploiting victims.
Due to borderless nature of Cybercrimes, innovative measures are required to curb the issue of
hi-tech crime. Therefore, apart from the Cyber Laws, one should keep the following points in
mind for safety in Cyberspace while surfing the Internet:
i. Awareness should be generated among the students at the grassroot level, i.e.,
knowledge about cybercrimes and cyber laws. Cyber literacy should be given to the
students in Computer Centres, Schools, Colleges and Universities as well. Cyber Law
awareness programme can be organized in any educational institute in order to provide
basic knowledge of Internet and Internet’s security.
ii. Bank and Credit Card statements should be reviewed on regular basis to reduce the
impact of identity theft and crimes committed online.
iii. To keep intruders away from your computer, keep your operating system up to date. By
keeping your computer up to date, you prevent attackers from exploiting software
defects that might otherwise allow them to get access to your system and hack it for
illicit purposes.
iv. Unique and strong passwords of eight characters by using a combination of symbols,
words, and figures, should be kept for online activities like online banking. Avoid using
your email id, login name, last name, date of birth, month of birth or any such personal
information as your passwords that can be traced easily.
v. Same passwords should not be kept for every online service you use. Keep different
Page: 18
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
CONCLUSION
What looks impeccably neat and impenetrable today may not be so tomorrow. Because the
internet is a worldwide phenomenon, it is likely to attract a variety of criminal activities. With
the adoption of the Information Technology Act and the grant of exclusive powers to the police
and other agencies to combat cybercrime, India has made a significant step in reducing
cybercrime.
Page: 19
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
The human mind has unfathomable capabilities. It is impossible to eradicate cybercrime from
the internet. It is possible to examine them. No policy has ever succeeded in completely
eradicating crime across the world, as history has shown. The only way to stop crime is to
educate individuals about their rights and responsibilities (such as reporting crime as a common
responsibility to society) and to make laws more stringently enforced. Without a question, the
Act represents a watershed moment in the history of cyberspace. Furthermore, I do not dispute
those modifications to the Information Technology Act are required to make it more efficient
in combating cybercrime. I'd want to end with a word of warning for the pro-legislation camp:
it's important to remember that the terms of the cyber law aren't made so strict that they stifle
the industry's growth and become counterproductive.
Page: 20
Indian Journal of Law and Legal Research Volume IV Issue I | ISSN: 2582-8878
BIBLIOGRAPHY
Page: 21