Cyber Crime & Security in India

Index
Topic Page Number

Meaning 4

History 5

Evolution 6-7

Types of crime 8

Crime against Individual 9-14

Crime against Property 15-19

Crime against organisation 20-21

 Index
Topic Page Number

Crime against society 22- 23

Case laws 24-29

Cyber Law 30-33

Jurisprudence 34-60

IT offense 61-78

Digital Signature & Electronic Signature 79-83

Meaning of cyber crime & cyberspace

 Any criminal activity that involves a

computer, networked device, or any
other related device can be considered a
cyber crime.
 Cyber crimes can be profit-driven criminal
activities and they can be perpetrated,
such as ransom ware attacks, email and
internet fraud, identity theft, and frauds
involving financial accounts, credit cards
or any other payment card.

 The theft and resale of personal and

corporate data could be the goal of
cybercriminals.
 Evolution of cyber crimes
Year Types of Cyber attacks
1980 (Network Based) Email spoofing and infecting user’s computer was by
displaying pop-up advertisements on a website the
user would visit.
1997(Email application Cyber crimes and viruses initiated, that includes
based) Morris Code worm and other.
2004(Hacker financial gain) Malicious code, Torjan, Advanced worm etc.
2007(Focus companies, Identification theft, Phishing etc.
agencies)
2010(Exploit mass users) DNS Attack, Rise of Botnets, SQL
attacks etc
2013 Social Engineering, DOS Attack,
Bot Nets, Malicious Emails,
Ransomware attack etc.
Present Banking Malware, Keylogger , Bitcoin wallet, Phone
hijacking, Anroid hack, Cyber warfare etc.
 History of cyber crime
 The first recorded cyber crime took place in the
year 1820
 Computer did exist since 3500 BC in India, China
and Japan
 One of the first case of computer fraud involved
equity-funding Corporation was in US, fraud was
simple because the auditors and regulators
accepted computer printouts as definitive
evidence of policies.
 Evolution of cyber law
Year Types of Cyber attacks
2008 Data privacy – sec 43,43A (civil Liability) and sec 66,
66B, 66C, 66D (Criminal liability) for data theft.

2008 Sec 66F – Cyber Terrorism

2012 POCSO Act - Punish any person who uses a child or

children for pornographic purposes

IPC,1860 Sec 464 – False electronic record,

Sec 465 – Punish for forgery ,
sec 468 – Forgery for cheating ,
sec 469 - harming reputation and
sec 471 – Forging electronic record.
 Classification of cyber crime

 Crime against Individual

 Crime against Property
 Crime against organisation
 Crime against Society
Cyber Crime against individuals

Few cyber crime

against individuals
are:
Crimes that are • Email spoofing
committed by the • Spamming
cyber criminals • Cyber
against an
defamation
individual or a • IRC Crime
person.
(Internet Relay
Chat)
• Phishing
Cyber Crime against individuals

1.Email spoofing
This technique is a forgery of an email header.
This means that the message appears to have
received from someone or somewhere other
than the genuine or actual source.

These tactics are usually used in spam campaigns or

in phishing, because people are probably going to
open an electronic mail or an email when they think
that the email has been sent by a legitimate source
Cyber Crime against individuals

II.Spamming:
Recipient’s email addresses are obtained by
spam bots, which are automated programs that
crawls the internet in search of email addresses.
They to create email distribution lists.

With the expectation of receiving a few number of

respond a spammer typically sends an email to
millions
of email addresses.
Cyber Crime against individuals

III. Cyber defamation

Cyber defamation means the harm that is

brought on the reputation of an individual in the
eyes of other individual through the cyber space .

The purpose of making defamatory

statement is to bring down the
reputation of the individual.
Cyber Crime against individuals

IV. Phishing

The attackers tries to gain information such as login

information or
account’s information by masquerading as a reputable
individual or entity in various communication channels
or in email.

Some other cyber crimes against individuals includes-

Net extortion, Hacking, Indecent exposure, Trafficking,
Distribution, Posting, Credit Card, Malicious code etc.
 Case law
 Poona Auto Ancillaries Pvt. Ltd., Pune v. Punjab National Bank, HO
New Delhi & Others (2018), Rajesh Aggarwal of Maharashtra’s IT
department (representative in the present case) ordered Punjab
National Bank to pay Rs 45 lakh to Manmohan Singh Matharu, MD
of Pune-based firm Poona Auto Ancillaries. In this case, a fraudster
transferred Rs 80.10 lakh from Matharu’s account at PNB, Pune
after the latter answered a phishing email. Since the complainant
responded to the phishing mail, the complainant was asked to share
the liability. However, the bank was found negligent because there
were no security checks conducted against fraudulent accounts
opened to defraud the Complainant.
 Sec 66 will apply to any conduct described in Section 43 that is
dishonest or fraudulent. There can be up to three years of
imprisonment in such instances, or a fine of up to Rs. 5 lakh.
 Cyber Crime against Property

These types of crimes includes vandalism of computers, Intellectual (Copyright,

patented, trademark etc) Property Crimes, Online threatening etc.

Intellectual property crime includes:

Software Piracy

Copyright Infringement

Trademark Infringement
 Softwar
e piracy
Software piracy has It can be describes as
such a big influence, the copying of software
it's crucial to unauthorized. Software
comprehend what it piracy is the illegal
is and the risks it copying, distribution,
poses. or use of software.

If they are unaware A hacker or

of the software laws, experienced
any common person programmer is not
with a computer can necessary for
end up as a software software piracy.
pirate.
 Cyber Crime against Property

 Copyright infringement (at times referred to

as piracy) is the use of work protected
by copyright without permission for a usage.
 It can be described as the infringements of an
individual or organization's copyright. In simple
term it can also be described as the using of
copyright materials unauthorized such as
music, software, text etc

.
 Cyber Crime against
Property
 When a trademark's exclusive rights are
violated without the owner or any licensees'
consent, this is known as trademark
infringement.
 Trademark infringement: It can be described
as the using of a service mark or trademark
unauthorized
c) Cyber Crime against
organization
The following list of cybercrimes against organizations:

Data modification or deletion without authorization.

Illegal reading or copying of private information that doesn't involve any

modification or deletion of the material.

In a denial-of-service (DoS) attack, the attacker saturates the victim's servers,

systems, or networks with traffic in an effort to overburden their resources and
render their use by users impossible or challenging .

Email bombing is a form of online abuse in which a large volume of emails are sent
to a single address in an effort to overwhelm the mailbox, flood the server hosting
the address, or bot
 Cyber Crime against
organization
Salami attack: The other name of Salami attack is Salami slicing. In this attack, the
attackers use an online database in order to seize the customer’s information
like bank details, credit card details etc

. Attacker deduces very little amounts from every account over a

period of time.

In this attack, no complaint is file and the hackers remain free from detection as the
clients remain
unaware of the slicing .

Some other cyber crimes against organization includes- Logical bomb, Torjan horse,
Data diddling etc
 d) Cyber Crime against society
Forgery

Forgery means making of false document, signature, currency, revenue stamp etc.
Eg.That is an attack trying to fabricate a digital signature for a message without having
access to the respective signer's private signing key.

Web jacking

The term Web jacking has been derived from hi jacking.

In this offence the attacker creates a fake website and when the victim opens the link a
new page appears with the message and they need to click another link. If the victim
clicks the link that looks real he will redirected to a fake page. These types of attacks
are done to get entrance or to get access and controls the site of another. The attacker
may also change the information of the victim’s webpage.
 Cambridge Analytica data scandal

 In the 2010s, personal data belonging to millions of Facebook users was collected without their
consent by British consulting firm Cambridge Analytica, predominantly to be used for political
advertising

 This data was collected through an app called "This Is Your Digital Life", developed by data
scientist Aleksandr Kogan and his company Global Science Research in 2013.

 This app consisted of a series of questions to build psychological profiles on users, and collected
the personal data of the users’ Facebook friends via Facebook's Open Graph platform.

 The app harvested the data of up to 87 million Facebook profiles. Cambridge Analytica used the
data to provide analytical assistance to the 2016 presidential campaigns of Ted Cruz and Donald
Trump

 In July 2019, it was announced that Facebook was to be fined $5 billion by the Federal Trade
Commission due to its privacy violations.In October 2019, Facebook agreed to pay a £500,000
fine to the UK Information Commissioner's Office for exposing the data of its users to a "serious
risk of harm"
 Parliament attack Case
The Bureau of Police Research and Development, Hyderabad had handled
this case. A laptop was recovered from the terrorist who attacked the
Parliament. The laptop which was detained from the two terrorists, who
were gunned down on 13th December 2001 when the Parliament was
under siege, was sent to Computer Forensics Division of BPRD. The laptop
contained several proofs that affirmed the two terrorist’s motives, mainly
the sticker of the Ministry of Home that they had created on the laptop
and affixed on their ambassador car to achieve entry into Parliament House
and the fake ID card that one of the two terrorists was carrying with a
Government of India emblem and seal. The emblems (of the 3 lions) were
carefully scanned and additionally the seal was also craftly created
together with a residential address of Jammu and Kashmir.
However careful detection proved that it was all forged and made on
the laptop
 Andra Pradesh Tax Case
The owner of the plastics firm in Andhra Pradesh was
arrested and cash of Rs. 22 was recovered from his house
by the Vigilance Department. They wanted evidence from
him concerning the unaccounted cash. The suspected
person submitted 6,000 vouchers to prove the legitimacy
of trade, however when careful scrutiny the vouchers and
contents of his computers it unconcealed that every one of them were
made after the raids were conducted. It had
been concealed that the suspect was running 5 businesses
beneath the presence of 1 company and used fake and
computerized vouchers to show sales records and save
tax. So the dubious techniques of the businessman from
the state were exposed when officials of the department
got hold of computers utilized by the suspected person.
 Sony.Sambandh.Com Case

India saw its 1st cybercrime conviction.

This is the case where Sony India Private Limited filed a complaint that runs a website .The
website allows NRIs to send Sony products to their friends and relatives in India after they pay
for it online.
In May 2002, somebody logged onto the web site underneath the identity of Barbara
Campa and ordered a Sony colour television set and a cordless head phone. She requested to
deliver the product to Arif Azim in Noida and gave the number of her credit card for payment.
The payment was accordingly cleared by the credit card agency and the transaction
processed. The items were delivered to Arif Azim by the company. The transaction closed at
that, but after one and a half months the credit card agency informed the company that this
was an unauthorized transaction as the real owner had denied having made the purchase. The
company had filed a complaint for online cheating at the CBI that registered a case under the
Section 418, Section 419 and Section 420 of the IPC (Indian Penal Code). Investigations
discovered that Arif Azim, whereas acting at a call centre in Noida did gain access to the
number of the credit card of an American national which he misused on the company’s site.
The court had convicted Arif Azim under the Section 418, Section 419 and Section 420 of the
IPC, this being the first time that a cybercrime has been convicted.
 Case Law
Bank NSP Case

In this case a management trainee of a bank got engaged

to a marriage. The couple used to exchange many emails
using the company’s computers. After some time they had
broken up their marriage and the young lady created some fake email
ids such as “Indian bar associations” and sent mails to the boy‘s
foreign clients.

She used the banks computer to do this. The boy‘s company lost a
huge number of clients and took the bank to court.

The bank was held liable for the emails sent using the bank‘s system.
 Case Law

Bazee.com
In December 2004 the Chief Executive Officer
of Bazee.com was arrested because he was
selling a compact disk (CD) with offensive
material on the website, and even CD was
also conjointly sold-out in the market of
Delhi. The Delhi police and therefore the
Mumbai Police got into action and later the
CEO was free on bail.
 Safety in cyberspace

 If possible always use a strong password and enable 2 steps or Two-

step authentication in the webmail. It is very important in order to
make your webmail or your socialmedia account secured.

 Guideline of strong password: Password should be of minimum

eight characters.

 One or more than one of lower case letter, upper case

letter, number, and symbol should be included.

 Replace the alike character.

Example- instead of O we can use 0, instead of lower case l
we can use I etc. Example of strong password: HelL0 (%there %)
 Cyber Law
 Cyber Law took birth in order to take control over the crimes
committed through the internet or the cyberspace or
through the uses of computer resources.

 Description of the lawful issues that are related to the uses of

communication or computer technology can be termed as
Cyber Law.

 Every activities and transactions that take place either on the

internet or other communication devices.
 Information Technology ,2000
 Some key points of the Information Technology (IT) Act 2000 are as follows:
 E-mail is now considered as a valid and legal form of communication.
 Digital signatures are given legal validity within the Act.
 Act has given birth to new business to companies to issue digital certificates by
becoming the Certifying Authorities.
 This Act allows the government to issue notices on internet through e-governance.
 The communication between the companies or between the company and the
government can be done through internet.
 Addressing the issue of security is the most important feature of this Act. It
introduced the construct of digital signatures that verifies the identity of an
individual on internet.
 In case of any harm or loss done to the company by criminals, the Act provides
remedy in the form of money.
Jurisdiction in Information Technology act

 The legislative enactments primarily reflect its prescriptive

jurisdiction. For example, the IT Act, 2000 provides for
prescriptive jurisdiction as it states:
 “The provisions of this Act shall apply also to any offence or
contravention committed outside India by any person
irrespective of his nationality.”
 Further this Act shall apply to an offence or contravention
committed outside India by any person if the act or conduct
constituting the offence or contravention involves a computer,
computer system or computer network located in India.
 It is the legislative function of the Government to enact laws
and judicial and/or administrative function to enforce those
laws.
 Thus, the principles of jurisdiction followed by a country must
not exceed the limits which international law places upon its
jurisdiction
 International Law
International law governs relations between independent sovereign countries .
It is the body of rules, which are legally binding on countries in their intercourse
with each other. The rules are not meant only for the States but also for the
international organizations and individuals.
i. Types of International Law
• International law can be studied under following 2 broad headings:
a. Public International law - International law is also referred to as ‘public
international law’ as it governs the relations of states.

b. Private International law - Private international law is that body of law,

which comes into operation whenever a domestic country is faced with a claim
that contains a foreign element. Private international law the rules of a legal
system governing which rules are to be applied in cases with an international
dimension, as where one party is French and one German and the subject of the
transaction is in Africa.
 Jurisdiction in cyber space

Internet has no jurisdiction

• To what extent court is legally competent to entertain a cross border dispute?

• When should a court or tribunal is entitled on dispute of private parties ?
• When parties belong to different countries, where court action should be brought ?

Easy to access from any corner of the world

Issues in Cyber Jurisdiction

 Jurisdiction in cyberspace
 Cyber jurisdiction is the extension of principles of international jurisdiction into the
cyberspace.
 Cyberspace has no physical (national) boundaries. It is an ever-growing exponential
and dynamic space. With a ‘click of a mouse’ one may access any website from
anywhere in the world. Since the websites come with ‘terms of service’ agreements,
privacy policies and disclaimers – subject to their own domestic laws, transactions
with any of the websites would bind the user to such agreements. And in case of a
dispute, one may have recourse to the ‘private international law. In case the
“cyberspace offences” are either committed against the integrity, availability and
confidentiality of computer systems and telecommunication networks or commit
traditional offences, then one may find oneself in the legal quagmire.
 The question is not only about multiple jurisdictions but also of problems of
procedural law connected with information technology. The requirement is to have
broad based convention dealing with criminal law matters, criminal procedural
questions as well as with international criminal law procedure and agreements.
 Budapest Convention
 The Convention on Cyber crime was opened at Budapest on 23rd
November, 2001 for signatures. It was the first ever-international
treaty on criminal offences committed against or with the help of
computer networks such as the Internet.
 The Convention deals in particular with offences related to
infringement of copyright, computer-related fraud, child
pornography and offences connected with network security. It
also covers a series of procedural powers such as searches of and
interception of material on computer networks. Its main aim is to
pursue “a common criminal policy aimed at the protection of
society against cyber crime, inter alia by adopting appropriate
legislation and fostering international co-operation.
 Extraditable Offences
 Extradition procedures are designed not only to ensure that
criminals are returned from one country to another but also to
protect the rights of those who are accused of crimes by the
requesting country. Thus, sufficient evidence has to be produced
to show a prima facie case against the accused and the rule of
specialty protects the accused from being tried for any crime
other than that for which he was extradited.
 Daya Singh Lahoria v. Union of India, the Supreme Court
observed that: “A fugitive brought into this country under an
Extradition Decree can be tried only for the offences mentioned in
the Extradition decree and for no other offences and the criminal
courts of India will have no jurisdiction to try such fugitive for any
other offence
 Extraditable Offences
 There is no rule of international law which imposes any duty on a
country to surrender a fugitive in the absence of extradition
treaty. The law of extradition, therefore, is a dual law. It is
ostensibly a domestic law; yet it is a part of international law also,
inasmuch as it governs the relations between two sovereign
States over the question of whether or not a given person should
be handed over by one sovereign State to another sovereign
State.
 R v. Governor of Braxton Prison and another, ex parte Levin, a
Russian hacker has hacked in the US territory using a Russian
computer but because as his activities constituted various crimes
under British law and the conduct had effect within the American
territory. He was arrested in England and extradited to the US.
 India not signatory to convention

India is still not a signatory to the Cyber Crime Convention

and the bilateral extradition treaties. It do not mention
‘cyber crime’ as extraditable offences. But it may not deter
the Indian government from granting extradition,

Rambabu Saxena v. State, that “if the treaty does not

enlist a particular offence for which extradition was sought,
but authorizes the Indian government to grant extradition
for some additional offences by inserting a general clause
to this effect, extradition may still be granted
 European Approach

 The European approach to personal jurisdiction in

cross- border dispute is rather different from the
American approach. The rules determining which
country’s courts have jurisdiction over a defendant are
set out in a regulation issued by the Council of the
European Union, known as the ‘Brussels Regulation’.
This new regulation is an update of a 1968 treaty
among European countries, known as the Brussels
Convention on Jurisdiction and the Enforcement of
Judgments in Civil and Commercial matters.
U.S. Approach to Personal Jurisdiction

US Constitution have principle have been used by various courts to resolve

e-commerce related disputes.
Computer crimes because of their transitional nature involve certain difficult
jurisdictional questions. Suppose a hacker operating from a computer in
country A, enters a database in country B, and after routing the information
through several countries causes a consequence in C. here at least three
jurisdictions are involved and who shall try him? The dilemma was described
very appropriately by La Forest, J., in Libman v. The Queen, in following
words: “one is to assume that the jurisdiction lies in the country where the
crime is planned or initiated. Other possibilities include the impact of the
offence is felt, where it is initiated, where it is completed or again where the
gravamen or the essential element of the offence took place. It is also
possible to maintain that any country where any substantial or any part of
the chain of events constituting an offence takes place may take jurisdiction.
 Personal Jurisdiction
 Personal Jurisdiction is the competence of a court to determine
a case against a particular category of persons (natural as well as
juridical). It requires a determination of whether or not the
person is subject to the court in which the case is filed.

 Personal jurisdiction looks into an issue from the point of

‘physical presence’, whether the person was a resident or a non-
resident. If he is a resident, then there is no doubt about his
being subject to domestic laws. The problem arises, if he is a
non- resident, what laws would be applicable –Local laws of the
state where he is residing or domesticlaws of the state whose
laws he has transgressed?
 Types of Jurisdiction

1. Personal Jurisdiction

2. Subject matter jurisdiction

3. Original Jurisdiction

4. Appellate Jurisdiction
 Jurisdiction Theories

Subjective Objective Nationality

Universality –
Jurisdiction based
territoriali territoriality It applies when universally by the
Crimes which the alleged international law
ty takes effect even person is a to be heinous
Crimes cross borders. national of the crime i.e child
[ This principle pornography ,cy
state. [In India ,
which are has emerged
an Indian
ber terrorism
into widely [Cyber criminal
physical accepted test to national is also can be
committed determine prosecuted in prosecuted by
jurisdiction India any country
within known as effects committed in a based on
territorial Jurisdiction/test foreign universal
jurisdiction
] country]
borders principles]
Test to determine Jurisdiction

Minimum Contact
Theory

Sliding Scale
Effect Theory
Theory
 Test to determine Jurisdiction
 Minimum Contact Theory

• This theory comes when either or both of the

parties seems to be from outside the court
jurisdiction.

• It is used a method to establish courts jurisdiction

over the parties to a court to a case by determining
the quality and intensity of their contacts.

• In India, it has been incorporated by giving a liberal

interpretation to Section 20(c) of the Code of Civil
Procedure, to expand jurisdiction especially in cases
of trademark infringement, passing off of
trademarks, domain name infringements.
 Test to determine Jurisdiction

Passive (For eg
blog, articles)
This Theory Interactive
have been Active – users
divided in three involved in
part putting and
exchange of
information )
 Case law

 International shoe Company vs Washington

It was held landmark judgment of supreme
court of united states in which court held that
a party, particularly a corporation must be
subject to jurisdiction of state court if it has
minimum contract with the state.
 Held : Suit cannot be brought against an
individual unless they have minimum contact
with the state.
 Test to determine Jurisdiction
 Effect test for jurisdiction :
1. Sliding Scale Test/ Zipo Test

• This test has been generally accepted in deciding

personal jurisdiction in internet cases.

• Court primarily decide based on a determination of

website interaction.

• Courts held that greater the commercial nature

and level of interactivity associated from website
more likely is the website operator has
purposefully availed itself on that state jurisdiction
 Case Law

SIL Import v. Exim Aides Silk Importers :

In this case the court successfully highlighted the need of
interpretation of the statute by judiciary in the light of
technological advancement that has occurred so far . Until
there is specific legislation in regard to the jurisdiction of the
Indian Courts with respect to Internet disputes, or unless
India is a signatory to an International Treaty under which
the jurisdiction of the national courts and circumstances
under which they can be exercised are spelt out, the Indian
courts will have to give a wide interpretation to the existing
statutes, for exercising Internet disputes.
Indian Approach to Personal Jurisdiction

 It is within the power of the Indian courts to grant injunction or anti-suit injunction
to a party over whom it has personal jurisdiction, in an appropriate case. This is
because courts of equity exercise jurisdiction in personam. This power is to be
used sparingly as thought it is directed against a person, but may cause
interference in the exercise of jurisdiction by another court
 “The recognition which one nation allows within its territory to the legislative,
executive, or judicial acts of another nation, having due regard both to
international duty and convenience, and to the rights of its own citizens or of
other persons who are under the protection of its law.”
 Keeping in view the nature of the online commerce involving business- to-
business (B2B) or business-to-consumer (B2C) contracts, it is important that the
issue of personal jurisdiction should be looked into from all possible sources: (a)
forum of choice, (b) Civil Procedure Code, 1908, (c) choice of law, and (d) Criminal
Procedure Code.
 These sources do not constitute mutually exclusive categories. In fact they are
dependent upon each other
Jurisdiction Based on Forum of Choice

 The parties may themselves agree beforehand that for resolution of their disputes,
they would either approach any of the available courts of natural jurisdiction or to have
the disputes resolved by a foreign court of their choice as a neutral forum according to
the law applicable to that court.

 It is open for a party for his convenience to fix the jurisdiction of any competent court
to have their dispute adjudicated by that court alone

 In case parties under their own agreement expressly agree that their dispute shall be
tried by only one of them then the parties can only file the suit in that court alone to
which they have so agreed

 In Modi Entertainment Network v. W.S.G. Cricket Pvt. Ltd., it was held that it is a
well-settled principle that by agreement the parties cannot confer jurisdiction where
none exists, on a court to which CPC applies, but this principle does not apply when the
parties agree to submit to the exclusive or non-exclusive jurisdiction of a foreign court.
 Jurisdiction under IPC ,1860
 Sec 3 – Punishment of offense committed beyond but which
by law may be tried within India - Any person liable, by any Indian
law to be tried for an offence committed beyond shall be dealt with according to
the provisions of this Code for any act committed beyond 3 [India] in the same
manner as if such act had been committed within 1 [India].

 Sec 4 - Extension of Code to extra-territorial offence

• Any citizen of India in any place without and beyond India
• Any person in any place without and beyond India committing offence targeting
a computer resource located in India
• Any person on any ship or aircraft registered in India
Personal Jurisdiction under CPC 1908

 It provide a forum to the plaintiff to put forth his grievance against the defendant
in whose local jurisdiction, the cause of action has arisen either wholly, or in part

 Under CPC, one or more courts may have jurisdiction to deal with a subject matter
having regard to the location of immovable property, place of residence or work of
a defendant or place where cause of action has arisen. Where only one court has a
jurisdiction, it is said to have exclusive jurisdiction; where more courts than one
have jurisdiction over a subject matter, they are called courts of available or
natural jurisdiction.

 The jurisdiction of the courts to try all suits of civil nature is very expansive as is
evident from the provisions of CPC.

 BASIS OF JURISDICTION i. Pecuniary ii. Subject-matter iii. Territory and iv. Cause
of action
Application of personal jurisdiction test by
Indian court
 Casio India co limited v. Ashita Tele system pvt ltd

The plaintiff was aggrieved by the registration of the domain name www.casioindia.com by the
defendant with its registered office in Mumbai. It filed a suit for trademark infringement in the Delhi
High Court under the relevant provisions of the trademarks Act, 1999 .On the issue of territorial
jurisdiction, the defendant contended that it carried on business in Mumbai only and no cause of
action arose in Delhi.

The plaintiff, however, averred that the website could be accessed from Delhi also. After referring
to Gutnick, Justice Sarin observed that “once access to the impugned domain name website could
be has from anywhere else, the jurisdiction in such matters cannot be confined to the territorial
limits of the residence of the defendants.” Hence, it was held that ‘the fact that the website of the
defendant can be access from Delhi is sufficient to invoke the territorial jurisdiction of this court.’

In Satya v. Teja Singh, the Supreme Court held that “every case which comes before an Indian
court must be decided in accordance with Indian law. It is another matter that the Indian conflict of
laws may require that the law of a foreign country ought to be applied in a given situation for
deciding a case, which contains a foreign element.
 Jurisdiction based on the Criminal
Procedure Code, 1973
 The Cr.P.C. lays down that the ordinary place of trial and inquiry is the court in
whose jurisdiction the crime has been committed. However, the subsequent
provisions of the Cr.P.C. dilute the strict necessity of territorial jurisdiction.

 The place of commission of an offence is uncertain, the offence is continuing or it

has been committed partly in one and partly in another or it is several acts in
several places, a court having jurisdiction in any place may try the case.

 An offence can be tried where the consequence ensues. These provisions are very
relevant with regard to computer offences, in which the place of commission is
very difficult to locate.
 In case of offence by letters or telecom messages, jurisdiction lay with the court
where the message was sent or received. Thus, this provision shall be resorted to
in case of offences involving an e-mail.

 Further the Cr.P,C. provides that no sentence or order of a criminal court can be
set aside for wrong jurisdiction
Application of personal jurisdiction
tests by Indian courts
Independent News Service pvt ltd v Indian Broadcast live Lic and
ors

Suit was passing off initiated by the plaintiff to injunct the from using the domain
name www.indiaatlive.com wherein the defendant were neither residing within
teritorrial jurisdiction of the court.
where the website was interactive one,as opposed to one merely conveying
information and where target audience and large customer basis of the website was
located the court was exercise jurisdiction over the matter ,irrespective of the location
of the defendant.
The court held that the website indiatvlive.com of defendant is not wholly of a passive
character
Application of personal jurisdiction
tests by Indian courts
 Banyan Tree holding limited v A Murali krishna reddy and Anr

 Suit was passing off was filed by the plaintiff by using the word mark Banyan Tree
and website.The most striking peculiarity case was that neither of the parties
were located within territorial jurisdiction of the court.

 Issue : whether accessibility of website in particular place may itself be sufficient of

the court of that place to exercise personal jurisdiction over the owner of the
website

 The court held that merely accessing a website in Delhi would not statisfy the
exercise of jurisdiction by the delhi court.
 Court held that following questions need to be addressed :
 Sliding scale test What was the degree of interactive of the website? Effect Test: ?
Did the specific targeting of the forum state result in injury or harm to the
plaintiff ?
 IT Offense
 Section 65 –Tampering with computer
source documents
If a person knowingly or intentionally conceals,
destroys or alters or intentionally or knowingly
causes another to conceal, destroy or alter any
computer source code used for a computer,
computer programme, computer system or
computer network, when the computer source
code is required to be kept or maintained by law
for the time being in force.
 Penalty - Imprisonment up to three years, or/and
with fine up to RS 200,000
 IT Offense
 Section 66 – Hacking with computer
system
If a person with the intent to cause or
knowing that he is likely to cause wrongful
loss or damage to the public or any person
destroys or deletes or alters any
information residing in a computer
resource or diminishes its value or utility or
affects it injuriously by any means,
commits hack.
 Penalty - Imprisonment up to three years,
or/and with fine up to RS 500,000
 IT Offense
 Section 66A- Sending offensive messages through any communication
services .
Any information or message sent through any communication
services this is offensive or has threatening characters.

Any information that is not true or is not valid and is sent with the end
goal of annoying, inconvenience, danger, insult, obstruction, injury,
criminal intention, enmity, hatred or ill will. Any electronic mail or email
sent with the end goal of causing anger, difficulty or mislead or to
deceive the address about the origin of the messages.

 Punishment:
Any individual found to commit such crimes under this section could
be sentenced upto 3years of imprisonment along with a fine.
 IT Offense
 Section 66B- Receiving stolen computer’s
resources
or communication devices dishonestly
Receiving or retaining any stolen computer,
computer’s resources or any communication
devices knowingly or having the reason to
believe the same.
Punishment:
Any person who involves in such crimes could be
sentenced either description for a term that may
extend
upto 3 years of imprisonment or with a fine of
rupee 1
lakh or both.
 IT Offense
 Section 66C – Using password of
another person
A person fraudulently uses the
password, digital signature or other
unique identification of another
person.
 Penalty - Imprisonment up to three
years, or/and with fine up to RS
100,000
 IT Offense
 Section 66D – Cheating using
computer resource
If a person cheats someone using a
computer resource or
communication.

 Penalty - Imprisonment up to
three years, or/and with fine up to
RS 100,000
 IT Offense

 Section 66E – Publishing

private images of others
If a person captures, transmits
or publishes images of a
person's private parts without
his/her consent or knowledge.
 Penalty - Imprisonment up to
three years, or/and with fine
up to RS 200,000
 IT Offense
 Section 66F – Act of cyber
terrorism
If a person denies access to
authorized personnel to a
computer resource, accesses a
protected system or introduces
contaminant into a system, with
the intention of threatening the
unity, integrity, sovereignty or
security of India, then he commits
cyber terrorism.
 Penalty - Imprisonment up to life.
 IT Offense
 Section 67 - Publishing information which
is obscene in e-form
If a person publishes or transmits or
causes to be published in the electronic
form, any material which is lascivious or
appeals to the prurient interest or if its
effect is such as to tend to deprave and
corrupt persons who are likely, having
regard to all relevant circumstances, to
read, see or hear the matter contained or
embodied in it.
 Penalty - Imprisonment up to five years,
or/and with fine up to RS 1,000,000
 IT Offense

 Section 67A - Publishing

images containing sexual
acts
If a person publishes or
transmits images
containing a sexual explicit
act or conduct.
 Penalty- Imprisonment up
to seven years, or/and with
fine up to RS 1,000,000
 IT Offense
 Section 67B – Publishing child porn or
predating children online
If a person captures, publishes or
transmits images of a child in a sexually
explicit act or conduct. If a person
induces a child into a sexual act. A child
is defined as anyone under 18.
 Penalty- Imprisonment up to five years,
or/and with fine up to RS 1,000,000 on
first conviction. Imprisonment up to
seven years, or/and with fine up to RS
1,000,000 on second conviction.
 IT Offense

Section 67C - Failure to

maintain records
Persons deemed as
intermediary (such as an ISP)
must maintain required
records for stipulated time.
Failure is an offence.

 Penalty- Imprisonment up to
three years, or/and with fine.
 IT Offense

 Section 68 - Failure/refusal to comply with

orders
The Controller may, by order, direct a
Certifying Authority or any employee of
such Authority to take such measures or
cease carrying on such activities as specified
in the order if those are necessary to ensure
compliance with the provisions of this Act,
rules or any regulations made there under.
Any person who fails to comply with any
such order shall be guilty of an offence.

 Penalty- Imprisonment up to three years,

or/and with fine up to RS 200,000
 IT Offense
 Section 69 - Failure/refusal to decrypt data
If the Controller is satisfied that it is necessary or expedient so to do
in the interest of the sovereignty or integrity of India, the security of
the State, friendly relations with foreign States or public order or for
preventing incitement to the commission of any cognizable offence,
for reasons to be recorded in writing, by order, direct any agency of
the Government to intercept any information transmitted through
any computer resource. The subscriber or any person in charge of
the computer resource shall, when called upon by any agency which
has been directed, must extend all facilities and technical assistance
to decrypt the information. The subscriber or any person who fails to
assist the agency referred is deemed to have committed a crime.
 Penalty- Imprisonment up to seven years and possible fine.
 IT Offense
 Section 70 - Securing access to a protected
system
The appropriate Government may, by
notification in the Official Gazette, declare that
any computer, computer system or computer
network to be a protected system. The
appropriate Government may, by order in
writing, authorize the persons who are
authorized to access protected systems. If a
person who secures access or attempts to secure
access to a protected system, then he is
committing an offence.
 Penalty- Imprisonment up to ten years, or/and
with fine.
 IT Offense
 Section 71 – Misrepresentation
If anyone makes any misrepresentation
to, or suppresses any material fact
from, the Controller or the Certifying
Authority for obtaining any license or
Digital Signature Certificate.

 Penalty - Imprisonment up to three

years, or/and with fine up to RS 100,000
Digital Signature & Electronic Signature
Digital Signature
Digital signature makes reference to a
series of cryptographic methods
Digital signature is used to secure the
documents and it is used by the
certification authorities.
Digital signature prevents identity
impersonation and allows
authentication and identification
Digital signatures cannot be tampered
with by any person because of the high
level of security
Electronic Signature
Electronic signature is of a
fundamentally legal nature, since it
confers a regulatory framework to the
signature that gives it legal validity.
Electronic signature is mainly used to
sign the electronic documents where
the signatory has got an intention to
sign the document with his e-signature
Electronic signatures serve as an
acknowledgment that the signee
accepts the terms of an agreement
through electronic means
Electronic signatures can be tampered
with by any person because of their low
security. 
Digital Signature
Digital Signature & Electronic Signature
Digital Signature
It has been defined under
Section 2(1)(ta) of the
Information Technology Act,
2000.
Digital signature is used to
secure a document
Digital signature is of two
types – Microsoft and Adobe
pdf.
Digital signature is regulated
by the certification authority
Electronic Signature
It has been defined under
Section 2(1)(p) of the
Information Technology Act,
2000.
Electronic signature is used to
verify a document.
Electronic signature is of four
types – basic electronic
signature, click-to-sign
signature, advanced electronic
signature, and qualified
signature
Acts and regulations are
applied to the electronic
signature to validate it.
Digital Signature
Digital Signature & Electronic Signature
Digital Signature
Digital signature is also authorised by
the government or non
government certification provider
authority
Digital signature is used to secure a
document
digital signature is comprised of more
security features which makes it more
secure.
Digital signature is a signature with
public-key based cryptography.
Electronic Signature
Electronic signatures are authorised by
the specific vendors, document creator
or the participating parties.
Electronic signature is used to verify a
document.
Electronic signature is comprised of less
security features, so it is less secure to
use
Electronic signature is a generic
expression and much broader regarding
electronic data
Digital Signature in IT act,2000
 Section – 35
Any person who wishes to get a Digital Signature Certificate may file an
application to the certifying authority for issuance of the Electronic Certificate
along with the submission of the required amount of fees not exceeding Rs.
25,000, including a statement of certification practice or stating such particulars as
prescribed.

 Section 36
Representations upon issuance of the DSC.

 Section 37
Suspension in public interest, not more than 15 days, unless given the
opportunity to present the case.

 Section 38
Revocation on death or request of a subscriber, dissolution of a company