Cyber Law

IT ACT, 2000
Cyber Law

 Cyberlaw is the area of law that deals with the Internet's relationship to technological and electronic
elements, including computers, software, hardware and information systems (IS).
 Cyber law is also known as Internet Law.
 Cyberlaws prevent or reduce large scale damage from cybercriminal activities by protecting
information access, privacy, communications, intellectual property (IP) and freedom of speech related to
the use of the Internet, websites, email, computers, cell phones, software and hardware, such as data
storage devices.
Background of Information Technology Act,
2000

 The United Nations Commission on International Trade Law in 1996 adopted a model law on e-
commerce and digital intricacies. It also made it compulsory for every country to have its own
laws on e-commerce and cybercrimes.
 In order to protect the data of citizens and the government, the Act was passed in 2000, making
India the 12th country in the world to pass legislation for cyber crimes.
 It is also called the IT Act and provides the legal framework to protect data related to e-commerce
and digital signatures. It was further amended in 2008 and 2018 to meet the needs of society.
Objectives of Information Technology Act,
2000
 The Act seeks to protect all transactions done through electronic means.
 It also gives legal protection to communication and the exchange of information through electronic
means.
 It protects the digital signatures that are used for any sort of legal authentication.
 It regulates the activities of intermediaries by keeping a check on their powers.
 It defines various offences related to data privacy of citizens and hence protects their data.
 It also regulates and protects the sensitive data stored by social media and other electronic
intermediaries.
 It provides recognition to books of accounts kept in electronic form regulated by the Reserve Bank of
India Act, 1934.
 Features of Information Technology Act, 2000

 The Act is based on the Model Law on e-commerce adopted by UNCITRAL.

 It has extra-territorial jurisdiction.
 It defines various terminologies used in the Act like cyber cafes, computer systems, digital signatures,
electronic records, data, asymmetric cryptosystems, etc. under Section 2(1).
 It protects all the transactions and contracts made through electronic means and says that all such contracts
are valid. (Section 10A)
 It also gives recognition to digital signatures and provides methods of authentication.
 It contains provisions related to the appointment of the Controller and its powers.
 It recognizes foreign certifying authorities (Section 19).
 It also provides various penalties in case a computer system is damaged by anyone other than the owner of
the system.
Features of Information Technology Act, 2000

 The Act also provides provisions for an Appellate Tribunal to be established under the Act. All the
appeals from the decisions of the Controller or other Adjudicating officers lie to the Appellate tribunal.
 Further, an appeal from the tribunal lies with the High Court.
 The Act describes various offences related to data and defines their punishment.
 It provides circumstances where the intermediaries are not held liable even if the privacy of data is
breached.
 A cyber regulation advisory committee is set up under the Act to advise the Central Government on all
matters related to e-commerce or digital signatures.
 Scheme of I.T Act

 The I.T. Act contains 13 chapters and 90 sections. The last four sections namely sections 91 to 94 in the I.T. Act
2000 deals with the amendments to the Indian Penal Code 1860, The Indian Evidence Act 1872, The Bankers’
Books Evidence Act 1891 and the Reserve Bank of India Act 1934 were deleted.
 It commences with Preliminary aspect in Chapter 1, which deals with the short, title, extent, commencement
and application of the Act in Section 1. Section 2 provides Definition.
 Chapter 2 deals with the authentication of electronic records, digital signatures, electronic signatures, etc.
 Chapter 11 deals with offences and penalties. A series of offences have been provided along with punishment in
this part of The Act.
 Thereafter the provisions about due diligence, role of intermediaries and some miscellaneous provisions are been
stated.
 The Act is embedded with two schedules. The First Schedule deals with Documents or Transactions to which
the Act shall not apply. The Second Schedule deals with electronic signature or electronic authentication
technique and procedure. The Third and Fourth Schedule are omitted.
Cyber Crime

Cyber Crime?
 Any crime with the help of computer and telecommunication technology.
 Any crime where either the computer is used as an object or subject. [1]

Categories of Cyber Crime

 Cybercrimes against persons
 Cybercrimes against property
 Cybercrimes against government
Against a Person

 Cyber stalking
 Impersonation
 Loss of Privacy
 Transmission of Obscene Material
 Harassment with the use of computer
Against Property

 Unauthorized Computer Trespassing

 Computer vandalism
 Transmission of harmful programmes
 Siphoning of funds from financial institutions
 Stealing secret information & data
 Copyright
Against Government

 Hacking of Government websites

 Cyber Extortion
 Cyber Terrorism
 Computer Viruses
Some Other Crimes

 Logic Bombs
 Spamming
 Virus, worms, Trojan Horse
 E-Mail Bombing
 E-Mail abuse etc.
Cybercrime Attack Types

 Hacking: It is an act of gaining unauthorized access to a computer system or network.

 Denial Of Service Attack: In this cyberattack, the cyber-criminal uses the bandwidth of the victim’s
network or fills their e-mail box with spammy mail. Here, the intention is to disrupt their regular
services.
 Software Piracy: Theft of software by illegally copying genuine programs or counterfeiting. It also
includes the distribution of products intended to pass for the original.
 Phishing: Phishing is a technique of extracting confidential information from the bank/financial
institutional account holders by illegal ways.
 Spoofing: It is an act of getting one computer system or a network to pretend to have the identity of
another computer. It is mostly used to get access to exclusive privileges enjoyed by that network or
computer.
Example of Cybercrime

 The fraud did by manipulating computer network

 Unauthorized access to or modification of data or application
 Intellectual property theft that includes software piracy
 Industrial spying and access to or theft of computer materials
 Writing or spreading computer viruses or malware
 Digitally distributing child pornography
Sections and Punishments under Information
Technology Act, 2000

 Section 43 - states that any act of destroying, altering or stealing computer

system/network or deleting data with malicious intentions without authorization from
owner of the computer is liable for the payment to be made to owner as compensation for
damages.
 Section 43A - states that any corporate body dealing with sensitive information that fails
to implement reasonable security practices causing loss of other person will also be liable
as convict for compensation to the affected party.
 Section 66 - Hacking of a Computer System with malicious intentions like fraud will be
punished with 3 years imprisonment or the fine of Rs.5,00,000 or both.
Sections and Punishments under Information
Technology Act, 2000
 Section 66 B, C, D - Fraud or dishonesty using or transmitting information or identity theft is punishable
with 3 years imprisonment or Rs. 1,00,000 fine or both.
 Section 66 E - This Section is for Violation of privacy by transmitting image or private data is
punishable with 3 years imprisonment or 2,00,000 fine or both.
 Section 66 F - This Section is on Cyber Terrorism affecting unity, integrity, security, sovereignty of India
through digital medium is liable for life imprisonment.
 Section 67 - This section states publishing obscene information or pornography or transmission of
obscene content in public is liable for imprisonment up to 5 years or fine of Rs. 10,00,000 or both.
Digital Signature

 According to section 2(1)(p) of the Information Technology Act, 2000 digital signature means
the authentication of any electronic record by a person who has subscribed for the digital
signature in accordance with the procedure mentioned under section 3 (Central Government
may, by notification) of the same act.
 Section 5 of the Information Technology Act, 2000 gives legal recognition to digital signatures.
Usage of Digital Signature

 Personal Use- It is at the liberty of the individual to use the signature personally without creating the
hassle to personally be at the given place.
 Business– Professions such as Architecture, Construction and Engineering Companies require to sign
the tenders, market procurements or even biddings, Digital signature can prove to be a great way to
provide the assent.
 Return filing for GST– GST filing, and E-filing causes the individuals to compulsory opt for Digital
Signatures.
 Filing for Income Tax– Some corporations require the business to file the tax all over India, thus
saving the light of the day.
 For ROC E-filing– Filing with registrar of Companies and filing for various documents has caused
enough leverage for individuals to opt for Digital Signature.
Working of Digital Signature
Digital Signature Certificate (DSC)

 A method to prove the authenticity of an electronic document.

 It can be presented electronically to prove the identity, to access information or sign certain documents
digitally.
 The Central Government has appointed a Controller of Certifying Authorities who grants a license to
the Certifying Authorities to issue digital signature certificates to the subscriber.
Electronic signature

 Electronic Signature provides an electronic representation of the individual’s identity that provides
the proof of consent and assents to the facts of the given signature.
 In toto, it’s an approval from the signatory that he assents to the written format of the same
electronically.
 It is important to ensure that it is coming from the authorized signatory and has made no
modifications to the document.
Highlights of the Amended Act

The newly amended act came with following highlights −

 It stresses on privacy issues and highlights information security.

 It elaborates Digital Signature.
 It clarifies rational security practices for corporate.
 It focuses on the role of Intermediaries.
 New faces of Cyber Crime were added.
Thank you KNOWLEDGE IS POWER