23
PRESENTATION ON PRESENTATION ON CYBER LAWS CYBER LAWS
PRESENTATION PRESENTATION ONON
CYBER LAWSCYBER LAWS
CONTENTSCONTENTS
• INTRODUCTIONINTRODUCTION• NEED FOR CYBER LAWS NEED FOR CYBER LAWS • CYBER LAWS IN INDIACYBER LAWS IN INDIA• CYBER CRIMESCYBER CRIMES• OFFENCES AND LAWS IN CYBER OFFENCES AND LAWS IN CYBER
SPACE SPACE • CYBER LAWS AMENDMENTSCYBER LAWS AMENDMENTS• CONCLUSIONCONCLUSION
INTRODUCTIONINTRODUCTION
• GROWTH OF GROWTH OF CYBER SPACE CYBER SPACE
• ONSET OF ONSET OF INTERNETINTERNET
• CYBER LAW OR CYBER LAW OR LAW OF LAW OF INTERNET INTERNET
NEED FOR CYBER LAWSNEED FOR CYBER LAWS
• TACKLING TACKLING CYBER CRIMESCYBER CRIMES
• INTELLECTUAL INTELLECTUAL PROPERTY PROPERTY RIGHTS AND RIGHTS AND COPYRIGHTS COPYRIGHTS PROTECTION PROTECTION ACTACT
CYBER LAWS IN INDIACYBER LAWS IN INDIA
• ITACT PASSED IN ITACT PASSED IN 20002000
• INTERNET IN INTERNET IN INDIAINDIA
• IMPLEMENTATIOIMPLEMENTATION OF CYBER LAWN OF CYBER LAW
• REASONS FOR REASONS FOR DELAY IN DELAY IN IMPLEMENTATIOIMPLEMENTATION OF CYBER LAWS N OF CYBER LAWS IN INDIAIN INDIA
IT ACT PROVISIONSIT ACT PROVISIONS• email would now be a valid and legal email would now be a valid and legal
form of communication in our country form of communication in our country that can be duly produced and approved that can be duly produced and approved in a court of law.in a court of law.
• Companies shall now be able to carry Companies shall now be able to carry out electronic commerce using the out electronic commerce using the legal infrastructure provided by the Act.legal infrastructure provided by the Act.
• Digital signatures have been given legal Digital signatures have been given legal validity and sanction in the Act.validity and sanction in the Act.
IT ACT PROVISIONSIT ACT PROVISIONS
• The Act now allows Government The Act now allows Government to issue notification on the web to issue notification on the web thus heralding e-governance thus heralding e-governance
• statutory remedy in case if anyone statutory remedy in case if anyone breaks into companies computer breaks into companies computer systems or network and causes systems or network and causes damages or copies data damages or copies data
CYBER CRIMESCYBER CRIMES
• CYBER CRIMES AGAINST CYBER CRIMES AGAINST PERSONSPERSONS
eg ‘melissa’and ‘lovebug’ eg ‘melissa’and ‘lovebug’ virusvirus
• CYBER CRIMES AGAINST CYBER CRIMES AGAINST PROPERTYPROPERTY
eg computer vandalismeg computer vandalism• CYBER CRIMES AGAINST CYBER CRIMES AGAINST
GOVERNMENT GOVERNMENT
• eg ‘Al-Qaeda’eg ‘Al-Qaeda’
OFFENCES AND LAWS IN OFFENCES AND LAWS IN CYBER SPACECYBER SPACE
• TAMPERING WITH TAMPERING WITH COMPUTER COMPUTER DOCUMENTSDOCUMENTS
• HACKING WITH HACKING WITH COMPUTER SYSTEMCOMPUTER SYSTEM
• PUBLISHING PUBLISHING OBSCENE MATERIAL OBSCENE MATERIAL ON INTERNETON INTERNET
• BREACHING OF BREACHING OF CONFIDENTIALITY CONFIDENTIALITY AND PRIVACYAND PRIVACY
CYBER LAWS CYBER LAWS AMENDMENTSAMENDMENTS
• INDIAN PENAL CODE,1860 INDIAN PENAL CODE,1860
• INDIAN EVIDENCE ACT,1872INDIAN EVIDENCE ACT,1872
• BANKER’S BOOK EVIDENCE BANKER’S BOOK EVIDENCE ACT,1891ACT,1891
• GENERAL CLAUSES ACT,1897GENERAL CLAUSES ACT,1897
Salient features of the ActSalient features of the ActThe salient features of the Information Technology Act, The salient features of the Information Technology Act,
2000 are as follows:— 2000 are as follows:—
(i) (i) Extends to the whole of India (Section 1) Extends to the whole of India (Section 1) (ii)(ii) Authentication of electronic records (Section 3) Authentication of electronic records (Section 3) (iii)(iii)Legal Framework for affixing Digital signature by Legal Framework for affixing Digital signature by
use of asymmetric crypto system and hash function use of asymmetric crypto system and hash function (Section 3) (Section 3)
(iv)(iv) Legal recognition of electronic records (Section 4) Legal recognition of electronic records (Section 4) (v)(v) Legal recognition of digital signatures (Section 5) Legal recognition of digital signatures (Section 5) (vi)(vi) Retention of electronic record (Section 7) Retention of electronic record (Section 7) (vii)(vii) Publication of Official Gazette in electronic Publication of Official Gazette in electronic
form (Section 8) form (Section 8) (viii)(viii) Security procedure for electronic records Security procedure for electronic records
and digital signature (Sections 14, 15, 16) and digital signature (Sections 14, 15, 16) (ix) (ix) Licensing and Regulation of Certifying Licensing and Regulation of Certifying
authorities for issuing digital signature certificates authorities for issuing digital signature certificates (Sections 17-42) (Sections 17-42)
(x)(x) Functions of Controller (Section 18) Functions of Controller (Section 18)
ContdContd....(xi)(xi) Appointment of Certifying Authorities and Controller of Certifying Appointment of Certifying Authorities and Controller of Certifying
Authorities, including recognition of foreign Certifying Authorities (Section Authorities, including recognition of foreign Certifying Authorities (Section 19) 19)
(xii)(xii) Controller to act as repository of all digital signature certificates (Section 20) Controller to act as repository of all digital signature certificates (Section 20) (xiii)(xiii) Data Protection (Sections 43 & 66) Data Protection (Sections 43 & 66) (xiv)(xiv) Various types of computer crimes defined and stringent penalties provided Various types of computer crimes defined and stringent penalties provided
under the Act (Section 43 and Sections 66, 67, 72) under the Act (Section 43 and Sections 66, 67, 72) (xv)(xv) Appointment of Adjudicating officer for holding inquiries under the Act Appointment of Adjudicating officer for holding inquiries under the Act
(Sections 46 & 47) (Sections 46 & 47) (xvi)(xvi) Establishment of Cyber Appellate Tribunal under the Act (Sections 48-56) Establishment of Cyber Appellate Tribunal under the Act (Sections 48-56) (xvii)(xvii) Appeal from order of Adjudicating Officer to Cyber Appellate Tribunal and Appeal from order of Adjudicating Officer to Cyber Appellate Tribunal and
not to any Civil Court (Section 57) not to any Civil Court (Section 57) (xviii)(xviii) Appeal from order of Cyber Appellate Tribunal to High Court (Section 62) Appeal from order of Cyber Appellate Tribunal to High Court (Section 62) (xix)(xix) Interception of information from computer to computer (Section 69) Interception of information from computer to computer (Section 69) (xx)(xx) Protection System (Section 70) Protection System (Section 70) (xxi)(xxi) Act to apply for offences or contraventions committed outside India (Section Act to apply for offences or contraventions committed outside India (Section
75) 75) (xxii)(xxii) Investigation of computer crimes to be investigated by officer at the DSP Investigation of computer crimes to be investigated by officer at the DSP
(Deputy Superintendent of Police) level(Deputy Superintendent of Police) level(xxiii)(xxiii) Network service providers not to be liable in certain cases (Section 79) Network service providers not to be liable in certain cases (Section 79) (xxiv)(xxiv) Power of police officers and other officers to enter into any public place and Power of police officers and other officers to enter into any public place and
search and arrest without warrant (Section 80) search and arrest without warrant (Section 80) (xxv)(xxv) Offences by the Companies (Section 85) Offences by the Companies (Section 85) (xxvi)(xxvi) Constitution of Cyber Regulations Advisory Committee who will advice the Constitution of Cyber Regulations Advisory Committee who will advice the
Central Government and Controller (Section 88) Central Government and Controller (Section 88)
New Provisions added through New Provisions added through AmendmentsAmendments
• New Section to address technology neutrality from New Section to address technology neutrality from Section 3ASection 3Aits present “technology specific” form its present “technology specific” form (i.e. Digital Signature to Electronic Signature) (i.e. Digital Signature to Electronic Signature)
• New Section to address promotion of e-Governance New Section to address promotion of e-Governance Section 6ASection 6A& other IT application & other IT application – Delivery of ServiceDelivery of Service– Outsourcing – Public Private PartnershipOutsourcing – Public Private Partnership
• New Section to address electronic contractNew Section to address electronic contract Section 10ASection 10A
• New Section to address data protection and privacy New Section to address data protection and privacy Section 43Section 43
• Body corporate to implement best security practicesBody corporate to implement best security practices Sections 43A Sections 43A &&
72A72A
• Multimember Appellate Tribunal Multimember Appellate Tribunal Sections 49-52Sections 49-52
ContdContd..• New Section to address new forms of computer misuseNew Section to address new forms of computer misuse
– Impersonation Impersonation Section 419ASection 419A– Identity theft and E-commerce frauds Identity theft and E-commerce frauds Section Section
417A417Alike phishing like phishing
– Video voyeurism Video voyeurism Section 502A Section 502A– Offensive messages and Spam Offensive messages and Spam Section Section
66A66A– Pornography Pornography Section 67A Section 67A
• Preservation and Retention of Data/Information Preservation and Retention of Data/Information Section 67CSection 67C
• Revision of existing Section 69 to empower Central Revision of existing Section 69 to empower Central Section 69 Section 69Government to designate agencies and issue direction Government to designate agencies and issue direction for interception and safeguards for monitoring and decryptionfor interception and safeguards for monitoring and decryption
• Blocking of Information for public accessBlocking of Information for public accessSection 69ASection 69A
ContdContd..• Monitoring of Traffic Data and Information for Monitoring of Traffic Data and Information for Section Section
69B69BCyber SecurityCyber Security
• New section for designating agency for protection New section for designating agency for protection Section 70ASection 70Aof Critical Information Infrastructureof Critical Information Infrastructure
• New Section for power to CERT-In to call and New Section for power to CERT-In to call and Section Section 70B70Banalyse information relating to breach in cyber analyse information relating to breach in cyber space and cyber securityspace and cyber security
• Revision of existing Section 79 for prescribing liabilities Revision of existing Section 79 for prescribing liabilities Section Section 7979of service providers in certain cases and to Empower of service providers in certain cases and to Empower Central Government to prescribe guidelines to be observed Central Government to prescribe guidelines to be observed by the service providers for providing services. It also by the service providers for providing services. It also regulate cyber cafes. regulate cyber cafes.
• New Section for Examiner of Digital Evidence New Section for Examiner of Digital Evidence Section Section 79A79A
• New Section for power to prescribe modes of EncryptionNew Section for power to prescribe modes of Encryption Section Section 84A84A
• Punishment for most of offences were reduced from three Punishment for most of offences were reduced from three years to two years years to two years
Encryption:Encryption:
• Transformation of data to Prevent Transformation of data to Prevent information being read by information being read by unauthorised parties.unauthorised parties.
• Sender and Receiver have to know Sender and Receiver have to know the rules which have been used to the rules which have been used to encrypt the data.encrypt the data.
Document Document
to be sentto be sent
Document Document
to be sentto be sentEncodedEncoded
DocumentDocumentEncodedEncoded
DocumentDocumentEncodedEncoded
DocumentDocumentEncodedEncoded
DocumentDocumentReceivedReceived
DocumentDocument
ReceivedReceived
DocumentDocument
Symmetric
key
Symmetric
Key
Encryption TechnologiesSymmetric Key Cryptography
•Identical keys are used for encryption and decryption.
• Requires both parties to a digital conversation to know the key
Public key cryptographyPublic key cryptography
• Each party is assigned a pair of keys –Each party is assigned a pair of keys –private – known only by the ownerprivate – known only by the ownerpublic - known by everyonepublic - known by everyone
• Information encrypted with the private Information encrypted with the private key can only be decrypted by the key can only be decrypted by the corresponding public key & vice versacorresponding public key & vice versa
• Fulfils requirements of confidentiality, Fulfils requirements of confidentiality, integrity, authenticity and non-integrity, authenticity and non-repudiabilityrepudiability
• No need to communicate private keys No need to communicate private keys
Digital SignaturesDigital Signatures
– Pair of keys for every entityPair of keys for every entity
One One PublicPublic key – known to everyonekey – known to everyone
One One PrivatePrivate key – known only to the key – known only to the possessorpossessor
Digital SignaturesDigital Signatures• To To digitally signdigitally sign an electronic an electronic
document the signer uses his/her document the signer uses his/her PrivatePrivate key. key.
• To To verifyverify a digital signature the a digital signature the verifier uses the signer’s verifier uses the signer’s PublicPublic key.key.
Digital Signature
•The message is encrypted with the sender’s private key
• Recipient decrypts using the sender’s public key
Private
SKA
DocumentDocumentDocumentDocument
Digital Digital SignatureSignatureDigital Digital
SignatureSignature
DocumentDocumentDocumentDocument
Public
CONFIRMEDCONFIRMEDDigital Digital
SignatureSignature
CONFIRMEDCONFIRMEDDigital Digital
SignatureSignature
DocumentDocumentDocumentDocument DocumentDocumentDocumentDocument
Digital Digital SignatureSignatureDigital Digital
SignatureSignature
PKA
CONCLUSIONCONCLUSION
• CYBER LAWS_ ESSENTIAL CYBER LAWS_ ESSENTIAL FEATURE IN TODAYS WORLD OF FEATURE IN TODAYS WORLD OF INTERNETINTERNET
• ACHIEVING GLOBAL PEACE ACHIEVING GLOBAL PEACE AND HARMONYAND HARMONY
THANK YOUTHANK YOU
• QUERIES WELCOMEDQUERIES WELCOMED
