8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 1/26
Information Technology Act 2000
Connectivity via the Internet has greatly abridged geographical distances and
made communication even more rapid. While activities in this limitless new universeare increasing incessantly, laws must be formulated to monitor these activities. Some
countries have been rather vigilant and formed some laws governing the net. In order
to keep pace with the changing generation, the Indian Parliament passed the much-
awaited Information echnology !ct, "### .!s they say,
"Its better late than never".
$owever, even after it has been passed, a debate over certain controversial
issues continues. ! large portion of the industrial community seems to be dissatisfied
with certain aspects of the !ct. %ut on the whole, it is a step in the right direction for
India.
The Information Technology Act 2000, regulates the transactions relating to
the computer and the Interne.
he ob&ectives of the !ct as reflected in the Preamble to the !ct are'
(. he Preamble to the !ct states that it aims at providing legal recognition
for transactions carried out by means of electronic data interchange and
other means of electronic communication, commonly referred to as
)electronic commerce), which involve the use of alternatives to paper-
based methods of communication and storage of information and aims at
facilitating electronic filing of documents with the *overnment agencies.
". o facilitate electronic filing of the document with the government of India.
he *eneral !ssembly of the +nited ations had adopted the odel aw on
/lectronic Commerce adopted by the +nited ations Commission on International
rade aw 0+CI1!2 in its *eneral !ssembly 1esolution !31/S34(3(5" dated
6anuary 7#, (889. he Indian !ct is in keeping with this resolution that recommended
that member nations of the + enact and modify their laws according to the odel
aw.
hus with the enactment of this !ct, Internet transactions will now be
recogni:ed, on-line contracts will be enforceable and e-mails will be legally
1
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 2/26
acknowledged. It will tremendously augment domestic as well as international trade
and commerce.
he Infromation echnology !ct e;tends to the whole of India and, save as
otherwise provided in this Act, it applies also to any offence or contravention
thereunder committed outside India by any person.
$owever he !ct does not apply to'
(. a negotiable instrument as defined in section (7 of the egotiable
Instruments !ct,(<<(=
". a power-of-attorney as defined in section (! of the Powers-of-!ttorney
!ct, (<<"=
7. a trust as defined in section 7 of the Indian rusts !ct, (<<"=
>. a will as defined in clause 0h2 of section " of the Indian Succession !ct,
(8"4including any other testamentary disposition by whatever name
called=
4. any contract for the sale or conveyance of immovable property or any
interest insuch property=
5. any such class of documents or transactions as may be notified by the
Central*overnment in the ?fficial *a:ette.Some of the Important Definition
(. )Ad!dicating officer ) means an ad&udicating officer appointed under
subsection of section >5=
". )Affi#ing digital signatre) with its grammatical variations and cognate
e;pressions means adoption of any methodology or procedure by a person for
the purpose of authenticating an electronic record by means of digital signature=
7. )Appropriate $overnment) means as respects any matter,@
0i2 /numerated in ist II of the Seventh Schedule to the Constitution=
0ii2 relating to any State law enacted under ist III of the Seventh
Schedule to the Constitution, the State *overnment and in any other
case, the Central *overnment=
2
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 3/26
>. )Asymmetric crypto system) means a system of a secure key pair consisting
of a private key for creating a digital signature and a public key to verify the
digital signature=
4. )%ertifying Athority) means a person who has been granted a licence to issue
a Aigital Signature Certificate under section ">=
5. )%ertification practice statement) means a statement issued by a Certifying
!uthority to specify the practices that the Certifying !uthority employs in issuing
Aigital Signature Certificates=
9. )%yber Appellate Tribnal) means the Cyber 1egulations !ppellate ribunal
established under sub-section 0(2 of section ><=
<. )Digital signatre) means authentication of any electronic record by a
subscriber by means of an electronic method or procedure in accordance with
the provisions of section 7=
8. )Digital Signatre %ertificate) means a Aigital Signature Certificate issued
under subsection of section 74=
(#.)&lectronic form) with reference to information means any information
generated, sent, received or stored in media, magnetic, optical, computer
memory, micro film, computer generated micro fiche or similar device=
((.)&lectronic $a'ette) means the ?fficial *a:ette published in the electronicform=
(".)Secre system) means computer hardware, software, and procedure that@
0a2 are reasonably secure from unauthorised access and misuse=
0b2 provide a reasonable level of reliability and correct operation=
0c2 are reasonably suited to performing the intended functions= and
0d2 adhere to generally accepted security procedures=
(egitimacy and )se of Digital Signatres
he !ct has adopted the Public Bey Infrastructure for securing electronic
transactions. !s per Section 7 of the !ct, a digital signature means an authentication of
any electronic record by a subscriber by means of an electronic method or procedure in
accordance with the other provisions of the !ct. hus a subscriber can authenticate an
3
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 4/26
electronic record by affi;ing his digital signature. ! private key is used to create a digital
signature whereas a public key is used to verify the digital signature and electronic
record. hey both are uniue for each subscriber and together form a functioning key
pair.
Section 4 provides that when any information or other matter needs to be
authenticated by the signature of a person, the same can be authenticated by means of
the digital signature affi;ed in a manner prescribed by the Central *overnment.
+nder Section (#, the Central *overnment has powers to make rules
prescribing the type of digital signature, the manner in which it shall be affi;ed, the
procedure to identify the person affi;ing the signature, the maintenance of integrity,
security and confidentiality of electronic records or payments and rules regarding any
other appropriate matters.
Durthermore, these digital signatures are to be authenticated by Certifying
!uthorities 0C!Es2 appointed under the !ct. hese authorities would inter alias= have the
license to issue Aigital Signature Certificates 0ASCEs2. he applicant must have a
private key that can create a digital signature. his private key and the public key listed
on the ASC must form the functioning key pair.
?nce the subscriber has accepted the ASC, he shall generate the key pair byapplying the security procedure. /very subscriber is under an obligation to e;ercise
reasonable care and caution to retain control of the private key corresponding to the
public key listed in his ASC. he subscriber must take all precautions not to disclose
the private key to any third party. If however, the private key is compromised, he must
communicate the same to the Certifying !uthority 0C!2 without any delay.
*riting re+irements
Section > of the !ct states that when under any particular law, if any information
is to be provided in writing or typewritten or printed form, then notwithstanding that law,
the same information can be provided in electronic form, which can also be accessed
for any future reference. his non-obstinate provision will make it possible to enter into
legally binding contracts on-lineF
4
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 5/26
Attribtion, Acnowledgement and Dispatch of &lectronic -ecords
/;plicates the manner in which electronic records are to be attributed,
acknowledged and dispatched. hese provisions play a vital role while entering into
agreements electronically.
Section (( states that an electronic record shall be attributed to the originator as
if it was sent by him or by a person authori:ed on his behalf or by an information
system programmed to operate on behalf of the originator.
!s per Section (", the addressee may acknowledge the receipt of the electronic
record either in a particular manner or form as desired by the originator and in the
absence of such reuirement, by communication of the acknowledgement to the
addresses or by any conduct that would sufficiently constitute acknowledgement.
ormally if the originator has stated that the electronic record will be binding only on
receipt of the acknowledgement, then unless such acknowledgement is received, the
record is not binding. $owever, if the acknowledgement is not received within the
stipulated time period or in the absence of the time period, within a reasonable time,
the originator may notify the addressee to send the acknowledgement, failing which the
electronic record will be treated as never been sent.
Section (7 specifies that an electronic record is said to have been dispatchedthe moment it leaves the computer resource of the originator and said to be received
the moment it enters the computer resource of the addressee.
)tility of electronic records and digital signatres in $overnment Adits
Agencies
!ccording to the provisions of the !ct, any forms or applications that have to be
filed with the appropriated *overnment office or authorities can be filed or any license,
permit or sanction can be issued by the *overnment in an electronic form. Similarly, the
receipt or payment of money can also take place electronically.
oreover, any documents or records that need to be retained for a specific
period may be retained in an electronic form provided the document or record is easily
accessible in the same format as it was generated, sent or received or in another
5
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 6/26
format that accurately represents the same information that was originally generated,
sent or received. he details of the origin, destination, date and time of the dispatch or
receipt of the record must also be available in the electronic record.
Durthermore, when any law, rule, regulation or byelaw has to be published in the
?fficial *a:ette of the *overnment, the same can be published in electronic form. If the
same are published in printed and electronic form, the date of such publication will be
the date on which it is first published.
$owever, the above-mentioned provisions do not give a right to anybody to
compel any inistry or Aepartment of the *overnment to use electronic means to
accept issue, create, retain and preserve any document or e;ecute any monetary
transaction. evertheless, if these electronic methods are utili:ed, the *overnment will
definitely save a lot of money on paperF
-eglation of %ertifying Athorities %As/
! C! is a person who has been granted a license to issue digital signature
certificates. hese C!s are to be supervised by the Controller of C!s appointed by the
Central *overnment. Aeputy or !ssistant Controllers may also assist the Controller.
he Controller will normally regulate and monitor the activities of the C!s and lay down
the procedure of their conduct.he Controller has the power to grant and renew licenses to applicants to issue
ASCs and at the same time has the power to even suspend such a license if the terms
of the license or the provisions of the !ct are breached. he C!s has to follow certain
prescribed rules and procedures and must comply with the provisions of the !ct.
Issance, Sspension and -evocation of Digital Signatre %ertificates DS%s/
!s per Section 74, any interested person shall make an application to the C! for
a ASC. he application shall be accompanied by filing fees not e;ceeding 1s. "4,###
and a certification practice statement or in the absence of such statement= any other
statement containing such particulars as may be prescribed by the regulations. !fter
scrutinising the application, the C! may either grant the ASC or re&ect the application
furnishing reasons in writing for the same.
6
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 7/26
While issuing the ASC, the C! must inter alias, ensure that the applicant holds a
private key which is capable of creating a digital signature and corresponds to the
public key to be listed on the ASC. %oth of them together should form a functioning key
pair.
he C! also has the power to suspend the ASC in public interest on the reuest
of the subscriber listed in the ASC or any person authorised on behalf of the
subscriber. $owever, the subscriber must be given an opportunity to be heard if the
ASC is to be suspended for a period e;ceeding fifteen days. he C! shall
communicate the suspension to the subscriber.
here are two cases in which the ASC can be revoked. Dirstly, as per Section 7<
0(2, it may be revoked either on the reuest or death of the subscriber or when the
subscriber is a firm or company, on the dissolution of the firm or winding up of the
company. Secondly, according to Section 7<0"2, the C! may sue moto revoke it if some
material fact in the ASC is false or has been concealed by the subscriber or the
reuirements for issue of the ASC are not fulfilled or the subscriber has been declared
insolvent or dead et al.
! notice of suspension or revocation of the ASC must be published by the C! in
a repository specified in the ASC.
enalties for %ompter %rimes
!s per the !ct, civil liability and stringent criminal penalties may be imposed on
any person who causes damage to a computer or computer system. he offender
would be liable to pay compensation not e;ceeding 1s. ( Crore 0(# million2 for gaining
unauthori:ed access to a computer or computer system, damaging it, introducing a
virus in the system, denying access to an authori:ed person or assisting any person in
any of the above activities.
Durthermore, the !ct also defines specific penalties for violation of its provisions
or of any rules or regulations made there under. $owever, if any person contravenes
any rules or regulations framed under the !ct for which no specific penalty is
prescribed, he will be liable to pay compensation not e;ceeding 1s. "4,###.
7
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 8/26
oreover, any person who intentionally or knowingly tampers with computer
source documents would be penali:ed with imprisonment up to three years or a fine of
up to 1s. " lakhs or both. In simpler terminology, hacking is made punishable.
he !ct also disallows the publishing and dissemination of obscene information
and material. he introduction of this provision should curtail pornography over the net.
!ny person who disobeys this provision will be punishable with imprisonment of two
years and a fine of 1s. "4,### for the first conviction. In the event of a subseuent
conviction, the imprisonment is five years and the fine doubles to 1s. 4#,###.
he Controller has the power to issue directions for complying with the
provisions of the !ct. Dailure to comply with his directions is punishable. oreover, the
interference with protected systems or the reluctance to assist a *overnment !gency to
intercept information in order to protect state sovereignty and security is also made
punishable.
he ad&udicating court also has the powers to confiscate any computer,
computer system, floppies, compact disks, tape drives or any accessories in relation to
which any provisions of the !ct are being violated. o penalty or confiscation made
under this !ct will affect the imposition of any other punishment under any other law in
force.
If penalties that are imposed under the !ct are not paid, they will be recovered,as arrears of land revenue and the licence or ASC shall be suspended till the penalty is
paid.
Ad!dicating 1fficers
he Central *overnment shall appoint an officer not below the rank of Airector to
the *overnment of India or euivalent officer of the State *overnment as an
ad&udicating officer to ad&udicate upon any inuiry in connection with the contravention
of the !ct. Such officer must have the legal and &udicial e;perience as may be
prescribed by the Central *overnment in that behalf.
he !d&udicating ?fficer must give the accused person an opportunity to be
heard and after being satisfied that he has violated the law, penalise him according to
8
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 9/26
the provisions of the !ct. While ad&udicating, he shall have certain powers of a Civil
Court.
%yber -eglations Appellate Tribnal %-AT/
! Cyber 1egulations !ppellate ribunal 0C1!2 is to be set up for appeals from
the order of any ad&udicating officer. /very appeal must be filed within a period of forty-
five days from the date on which the person aggrieved receives a copy of the order
made by the ad&udicating officer. he appeal must be the appropriate form and
accompanied by the prescribed fee. !n appeal may be allowed after the e;piry of forty-
five days if sufficient cause is shown.
he appeal filed before the Cyber !ppellate ribunal shall be dealt with by it as
e;peditiously as possible and endeavor shall be made by it to dispose of the appeal
finally within si; months from the date of receipt of the appeal. he C1! shall also
have certain powers of a civil court.
!s per Section 5(, no court shall have the &urisdiction to entertain any matter that
can be decided by the ad&udicating officer or the C1!. $owever, a provision has been
made to appeal from the decision of the C1! to the $igh Court within si;ty days of the
date of communication of the order or decision of the C1!. he stipulated period may
be e;tended if sufficient cause is shown. he appeal may be made on either anyuestion of law or uestion of fact arising from the order.
olice owers
! police officer not below the rank of deputy superintendent of police has the
power to enter any public place and arrest any person without a warrant if he believes
that a cyber crime has been or is about to be committed. his provision may not turn to
be very effective for the simple reason that most of the cyber crimes are committed
from private places such as ones own home or office. Cyber-cafGs and public places
are rarely used for cyber crimes. $owever, if the !ct did give the police department
powers to enter peopleEs houses without search warrants, it would amount to an
invasion of the right to privacy and create pandemonium. Beeping this in mind, the
9
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 10/26
egislature has tried to balance this provision so as to serve the ends of &ustice and at
the same time, avoid any chaos.
?n being arrested, the accused person must, without any unnecessary delay, be
taken or sent to the magistrate having &urisdiction or to the officer-in-charge of a police
station. he provisions of the Code of Criminal Procedure, (897 shall apply in relation
to any entry, search or arrest made by the police officer.
etwor Service roviders not liable in certain cases
o uote Section 9<, it states'
)Dor the removal of doubts, it is hereby declared that no person providing any
service as a network service provider shall be liable under this !ct, rules or regulations
made there under for any third party information or data made available by him if he
proves that the offence or contravention was committed without his knowledge or that
he had e;ercised all due diligence to prevent the commission of such offence or
contravention.)
)/;planation. Dor the purposes of this section,
0a2 etwork service provider means an intermediary=
0b2 hird party information means any information dealt with by anetwork service provider in his capacity as an intermediary.)
hus a plain reading of the section indicates that if the network service provider
is unable to prove its innocence or ignorance, it will be held liable for the crime.
ossible )ses of &3$overnance3
he future of e-governance is very bright. With the help of information technology,
the daily matters can be effectively taken care of irrespective of the field covered by it.
Dor instance, the Aelhi Police $eaduarter has launched a website, which can be used
for lodging a Dirst Information 1eport. Similarly, the Patna $igh Court has taken a bold
step of granting bail on the basis of an online bail application. he educational
institutions, including universities, are issuing admission forms electronically, which can
be downloaded from their respective websites. he results of e;aminations of various
10
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 11/26
educational institutions, both school level and university level, are available online,
which can be obtained without any trouble. hese are but some of the instances of the
use of technology for a better e-governance. he beneficial concept of e-governance
can be utili:ed for the following purposes'
• o have access to public documents.
• Dor making online payments of various bills and dues.
• o file statutory documents online.
• o file the complaints, grievances and suggestions of citi:ens online.
• he online facility can be used to enter into a partnership the appropriate
government in cases of government contracts.
•
he citi:ens can use the online facility to file their income ta; returns.
• he citi:ens will en&oy the facility of online services.
Digital Signatre
Aigital Signature means authentication of any electronic record by a subscriber
by means of an electronic method or procedure
1apid developments in e-business pose a growing need for online security and
authentication. any emerging technologies are being developed to provide online
authentication. he ma&or concern in e-business transactions is the need for the
replacement of the hand-written signature with an onlineE signature. he traditional e-
mail system, which has problems of message integrity and non-repudiation, does not
fulfil the basic reuirements for an online signature. Durther, since the Internet
communication system is prone to various types of security breaches, the discussion of
robust and authenticated e-business transactions is incomplete without consideration of
HsecurityE as a prominent aspect of Honline signaturesE.
?ne may consider an e-signature as a type of electronic authentication. Such
authentication can be achieved by means of different types of technologies. ! Aigital
Signature 0AS2 can be considered as a type of e-signature, which uses a particular kind
of technology that is AS technology. AS technology involves encrypting messages in
11
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 12/26
such a way that only legitimate parties are able to decrypt the message. wo separate
but interrelated HkeysE carry out this process of encryption and decryption.
?ne party in the transactions holds the secret key, or the private key, and the
other party holds the public key or the key with wide access. he selection and use of
an encryption techniue plays a crucial role in the design and development of keys. In
short, a AS satisfies all the functions, such as authenticity, non-repudiation, and
security, of a hand-written signature. Such a HsignatureE can be viewed as a means of
authentication and can be owned by an individual. While using this technology, there
must be third party involvement order to handle the liability issues that may be raised
by bilateral transactions. With this e;isting legal infrastructure and the rapid emergence
of software security products, it is important to understand the role of emerging
technologies like AS in e-business. ?ne of the ma&or indicators of technological
improvements is the market development and commerciali:ation of that technology.
12
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 13/26
4acts and 4igres
In "##5, this number more than doubled to "## incidents. ot only were attacks
being launched in India but "##5 saw the ma;imum phishing attacks being launched
from India on other countries as well.
Security e;pert, Surinder Singh says, !s per Websense Security ab, we find
that at any given point in time in "##5, there were " to 7## websites being hosted.
here was a spurt in ?ctober where we identified 98# websites which were hosted in
India and being used to carry out attacks.J
he +nited States remains at the top with "<.9<K of all phishing sites located
out of the +nited States and ((.85K out of China. Borea, *ermany, !ustralia, Canada,
6apan, +nited Bingdom, Italy and India are the other countries where phishing attacks
are prevalent. !s of now, ".((K of the phishing sites are located in India.
Singh says, India on the threshold of having more and more people getting into
online banking or taking online peronal loans. So, it wont be a surpir:se if someday
someone tells me that out of the total si:e of frauds happening - India would be at (K
or "K - but even that would be 1s "## crore.J
Auring the year "##7, 5# cases were registered under I !ct as compared to 9#
cases during the previous year thereby reporting a decline of (>.7 percent in "##7 over
"##". ?f the total 5# cases registered under I !ct "###, around 77 percent 0"# cases2
relate to ?bscene Publication 3 ransmission in electronic form, normally known as
cases of cyber pornography. (9 persons were arrested for committing such offences
during "##7. here were "( cases of $acking of computer systems wherein (< persons
were arrested in "##7. ?f the total 0"(2 $acking cases, the cases relating to
oss3Aamage of computer resource3utility under Sec 550(2 of the I !ct were to the
tune of 5" percent 0(7 cases2 and that related to $acking under Section 550"2 of I !ct
were 7< percent 0<cases2.
13
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 14/26
Auring "##7, a total of >(( cases were registered under IPC Sections as
compared to 97< such cases during "##" thereby reporting a significant decline of >>
percent in "##7 over "##".
!ndhra Pradesh reported more than half of such cases 0"(< out of >((2 047
percent2. > ?f the >(( cases registered under IPC, ma&ority of the crimes fall under 7
categories vi:. Criminal %reach of rust or Draud 0"582, Dorgery 0<82 and Counterfeiting
0472. hough, these offences fall under the traditional IPC crimes, the cases had the
cyber tones wherein computer, Internet or its related aspects were present in the crime
and hence they were categori:ed as Cyber Crimes under IPC.
Auring "##7, number of cases under Cyber Crimes relating to Counterfeiting of
currency3Stamps stood at 47 wherein ((< persons were arrested during "##7. ?f the
>9,>9< cases reported under Cheating, the Cyber Dorgery 0<82 accounted for #." per
cent. ?f the total Criminal %reach of rust cases 0(7,>7"2, the Cyber frauds 0"582
accounted for " percent. ?f the Counterfeiting offences 0",#442, Cyber Counterfeiting
0472 offences accounted for ".5 percent. ! total of >94 persons were arrested in the
country for Cyber Crimes under IPC during "##7. ?f these, 47.5 percent offenders
0"442 were taken into custody for offences under Criminal %reach of rust3Draud
0Cyber2 and "(.> percent 0(#"2 for offences under HCyber DorgeryE.
he age-wise profile of the arrested persons showed that >4 percent were in theage-group of 7#->4 years, "<.4 percent of the offenders were in the age-group of >4-
5# years and (( offenders were aged 5# years and above.
*u&arat reported " offenders who were below (< years of age. Draud3Illegal gain
0("#2 accounted for 5# per cent of the total Cyber Crime motives reported in the
country. *reed3oney 0(4 cases2 accounted for 9.4 percent of the Cyber Crimes
reported. /ve-teasing and $arassment 0< cases2 accounted for around > per cent.
Cyber Suspects include eighbors 3 Driends 3 1elatives 08(2, Aisgrunted
employees 0((2, %usiness Competitors 082, Crackers Students 3 Professional learners
072.
Cyber crime is not on the decline. he latest statistics show that cyber crime is
actually on the rise. $owever, it is true that in India, cyber crime is not reported too
much about. Conseuently there is a false sense of complacency that cyber crime does
14
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 15/26
not e;ist and that 4 society is safe from cyber crime. his is not the correct picture. he
fact is that people in our country do not report cyber crime for many reasons.
any do not want to face harassment by the police. here is also the fear of bad
publicity in the media, which could hurt their reputation and standing in society. !lso, it
becomes e;tremely difficult to convince the police to register any cyber crime, because
of lack of orientation and awareness about cyber crimes and their registration and
handling by the police.
! recent survey indicates that for every 4## cyber crime incidents that take
place, only 4# are reported to the police and out of that only one is actually registered.
hese figures indicate how difficult it is to convince the police to register a cyber crime.
he number of viruses and worm variants rose sharply to 9,75# that is a 5>K
increase over the previous reporting period and a 77"K increase over the previous
year. here are (9,4## variants of Win.7" viruses. hreats to confidential information
are on the rise with 4>K of 5 the top 4# reporting malicious code with the potential to
e;pose such information. Phishing messages grew to >.4 million from ( million between
6uly and Aecember "##>.
%ase Stdy
Delhi School5s crime 0Section 662
15
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 16/26
Schools laygrond for cyber crime7
Crimes on the internet were common but they have now reached school classrooms.
Cyber crimes by school children are disturbingly increasing and while a few are
reported, most are hushed up by the schools themselves.
?ne of the renowned schools in Aelhi - %al %harti School - now hides its face behind
closed doors. wo students of this school were suspended last week for hacking into
the schools official website and morphing their Lice-Principals photograph. $owever,
the school wants to hush up the case with even the principal refusing to talk to the
media.
We tried speaking to a %al %harti School ?fficial= however, he refused to comment on
the matter.
Intimidated by the school authorities and fearing their own e;pulsion, the school
children also talk in hushed tones. Some even blame the Lice-Principal for blowing up
a normal prank. )Mes, our Lice Principal has made the issue very big,) says one senior
student.
$owever, there are many who are not even aware of the issue. )Mes, he &ust switched
on his computer and created some photograph,) says one young student.
Similar cases of delinuent behaviour on the net have surfaced in recent years.
16
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 17/26
1nline delin+ent behavior not new
In "##", a Aelhi school Principal got a threatening e-mail followed by a blast in
the school lobby. In "##4, one student of a Aelhi school was caught creating a website
with offensive te;t on school teachers. !nd in "##5, a student was punished for writing
and circulating an e-mail defaming the school.
Ignoring delinuent behavior on the net, at times, gets serious. heres also a chance
that such behavior can translate into cyber crime. %ut with easy access to the internetand students getting more tech-savvy - some even learning how to hack - school
authorities confess that they can do little.
While Internet was introduced to facilitate e-learning, increasing cyber crimes in schools
like these speak otherwise, thus putting a uestion mark on not &ust unmonitored use of
internet by school children but also on the school authorities who try their best to bury
the case.
DA
%yber crime comes of age as foreign plgs sell secrets
eha Aara
Wednesday, ?ctober (8, "##4 "7'"8 IS
/W A/$I' Cases of data loss from I/S companies may no longer be new
but the arrest of two employees, from an Indian %P? in *urgaon has a twist in the tale.
he two arrests were made on uesday and Wednesday.
17
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 18/26
%ritish national $arish Parmar and Sarita 1awat, both employees of Cybersys
Infotech imited, were arrested by the *urgaon police for stealing confidential data and
selling it to different competitors, special superintendent of police $anif Nureshi said in
a press conference in *urgaon on Wednesday.
$owever, this is no ordinary case of data loss. Cybersys Infotech td had
entered into an e;clusive contract with the %ritish company City Credit anagement.
!s a condition of this e;clusive contract, $arish Parmar was made City Credits
representative on the board of Cybersys.
!s outsourced work dealt with a highly specialised area like mortgage, Cybersys
spent huge amounts developing training manuals and systems. $owever, soon after,
City Credit started outsourcing its call-centre work to other Indian %P?s, in a breach of
the e;clusivity contract.
ot only that, to cut costs, the specially developed manuals and systems were
allegedly stolen through Parmar and 1awat and sold to those %P?s. his saved them
the investment that Cybersys has made in developing the same, and conseuently
saved City Credit money as well. Languard Info-Solutions imited in *urgaon was one
of the %P?s to which this information was sold and which was forthcoming with the
details to the police. he involvement of one other %P? is suspected, but its name, and
the e;tent of the loss incurred by Cybersys, is yet to be established.he complaint with the police was filed by Lineet Banwar, the director of
Cybersys Infotech imited, against employees Sarita 1awat, $arish Parmar who is a
director on the Indian company and the %ritish, his wife, who is also a director of the
%ritish company, and City Credit anagement itself.
!ccording to Supreme Court advocate and cyber law e;pert Pavan Auggal, the
crime in this case is therefore )both of hacking 0covered by section 55 of the I !ct2 and
of breach of trust, because an e;clusive contract was broken 0covered under section 9"
of the I !ct and >#5, >#8 and ("#b of the IPC2.)
Indian I/S companies have recently been haunted by a spate of crimes that
have raised uestions about security of client data. $owever, this is perhaps the first
time when the overseas client itself has been accused of engineering the data loss
18
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 19/26
1rt The new danger Section 68/
?rkut, the online portal, owned by *oogle finds itself at the centre of debate. !
nineteen-year-old student has been accused of making a fake account of a girl. Can we
prevent the misuse of this technology by not posting our numbers and picturesO
!%$IS$/B /L/1 I!*I/A that the prank he played on his classmate would land
him in &ail. !bhishek, a management student and still in his teens, was arrested by the
hane police following a girlEs complaint about tarnishing her image in the public forum
- ?rkut. he report after being published in umbai irror has created a stir among the
?rkutians and opened up a whole new bo; of debate.
he incident
!bhishek had created a fake account in the name of the girl with her mobile number
posted on the profile. he profile has been sketched in such a way that it draws lewd
comments from many who visit her profile. he hane Cyber Cell tracked down
!bhishek from the false e-mail id that he made to open up the account.
he uestion
In this case, the girl has not posted her picture or mobile number in the fake profile. !brief search in the ?rkut profile will reveal many such profiles with pictures of beautiful
girls. y guess is that many of these girls are not even aware of the fact that their
profile e;ists. hese are created by some other people. I will term this as rape of the
imageJ. ow the uestion is Can we really prevent this rapeOJ
he debate
he umbai irrorEs report on the issue came with tips to the ?rkut users. Police Sub-
Inspector 1avindra Chauhan has been uoted as saying, ?rkut users should not put
up their photographs on the site. hey should not reveal personal information in their
profile. !lso no cellphone numbers or identity should be mentioned in the scrap book,
as it is open to all.J %ut whether this really can be a way out, is debatable. What about
the hundreds of CLs I send to the unknown agencies everydayO hey even contain my
19
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 20/26
mobile numberJ, says !diti, a A+ student and a hardcore ?rkut addict. She does have
a point.
he truth is that in todayEs world mobile numbers are far from being personal
information. he proof lies in the numerous sales calls that we receive from credit card
agents. ?n the issue of the photograph, !diti says, When ?rkut gives an opportunity to
show your face to the whole world, then why notOJ When asked about the risks
involved, she replied, Who caresOJ %ut everyone is not as carefree as !diti. ! brief
search in ?rkut once more will reveal profiles that have pictures of film stars, flowers,
animals, sceneries and not the face of the owner. I will never put my picture on ?rkut
profile,J says ansi, whose profile in ?rkut carries the picture of !ishwarya 1ai. ItEs not
safe, anybody and everybody can save it on their computer and can misuse it.J %ut
here again the uestion lies - can we really prevent itO What happens to the hundreds
of passport photographs we send with the application forms all our lifeO !ny of them
can be scanned and put up without our notice. !re we sure that all copies of the digital
pictures taken at our local photography shop are deleted after we leaveO I donEt know,
but there is no harm in being careful,J says ansi.
So perhaps even in this age of globalisation and technical advancements we will holdourselves from showing our face to the entire world for we never know who is misusing
it in what way. !nd as the lawmakers say We cannot do anything, until a complaint is
lodgedJ.
S19.SA:;AD<.%1:
India saw its first cyber crime conviction recently. It all began after a complaint was filed
by Sony India Private td, which runs a website called www.sony-sambandh.com,
targeting on 1esident Indians. he website enables 1Is to send Sony products to
their friends and relatives in India after they pay for it online.
he company undertakes to deliver the products to the concerned recipients. In ay
"##", someone logged onto the website under the identity of %arbara Campa and
ordered a Sony Colour elevision set and a cordless head phone. She gave her credit
20
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 21/26
card number for payment and reuested that the products be delivered to !rif !:im in
oida. he payment was duly cleared by the credit card agency and the transaction
processed. !fter following the relevant procedures of due diligence and checking, the
company delivered the items to !rif !:im. !t the time of delivery, the company took
digital photographs showing the delivery being accepted by !rif !:im. he transaction
closed at that, but after one and a half months the credit card agency informed the
company that this was an unauthori:ed transaction as the real owner had denied
having made the purchase.
he company lodged a complaint for online cheating at the Central %ureau of
Investigation which registered a case under Section >(<, >(8 and >"# of the Indian
Penal Code. he matter was investigated into and !rif !:im was arrested.
Investigations revealed that !rif !:im, while working at a call centre in oida gained
access to the credit card number of an !merican national which he misused on the
companyEs site.
he C%I recovered the colour television and the cordless head phone. In this matter,
the C%I had evidence to prove their case and so the accused admitted his guilt. he
court convicted !rif !:im under Section >(<, >(8 and >"# of the Indian Penal Code @
this being the first time that a cybercrime has been convicted.
he court, however, felt that as the accused was a young boy of "> years and a first-time convict, a lenient view needed to be taken. he court therefore released the
accused on probation for one year.
he &udgment is of immense significance for the entire nation. %esides being the first
conviction in a cybercrime matter, it has shown that the the Indian Penal Code can be
effectively applied to certain categories of cyber crimes which are not covered under
the Information echnology !ct "###. Secondly, a &udgment of this sort sends out a
clear message to all that the law cannot be taken for a ride.
Tamil Tiger credit card racet spreads to %hennai, India
(> Debruary "##9
21
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 22/26
he Sri 1amachandra edical College police at Porur, Chennai, arrested *. /lango, a
amil iger agent carrying a %ritish passport, on Driday and sei:ed "< ! cards in his
possession. he police said /lango illegally withdrew over 1s. 7# lakh from the !
centres of a few nationali:ed banks and a private bank. he amount was then sent to
the +nited Bingdom through unauthori:ed channels.
It is learnt that the Chennai Police was alerted by a civilian who had seen /lango using
several ! cards to withdraw money from an ! centre of a private bank on ount-
Poonamallee 1oad, Porur.
! police team led by the !ssistant Commissioner Police %alasubramaniam caught
/lango red-handed while he was withdrawing money from the ! machine.
*. /lango 07<2 of iddlese;, +nited Bingdom, is a shareholder in HhamiliniE -- a cash
and carry grocery shops operated by the amil igers in +B.
/lango is from Lalvetiturai, a notorious port for smugglers in the north of Sri anka. $e
is the partner of the /Es cash and carry centres of hamilini in ondon suburbs -
one in Croydon and another in Southall.
!fter the arrest Police has found, besides the ! cards, registration certificate books
of two cars, a cellular phone and a passport. amil adu Police is now seeking the
assistance of the Scotland Mard to obtain more information about /lango. he amil
tigers are also under investigation in +B for operating credit card rackets in /urope.
%onclsion
!s we can see that there where so many cyber crimes happening in India before the
amendment of information technology act the rate of crime have not stopped nor it
have come down but it is reaching its high .
22
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 23/26
We have try to find out various reasons that despite of such a tight act and high
penalties and punishments what are the lope holes in the act which is blocking the
proper implementation of such a force full act .
Cyber aw in India is in its infancy stage. ! lot of efforts and initiatives are reuired to
make it a mature legal instrument. aw has been instrumental in giving Cyber aw in
India a shape that it deserves. o make the circle complete we are proudly introducing
another effort in this direction.
Dollowing are some of the lope holes which we have tried to figure out'
(. 1eporting of important matters pertaining to Cyber aw in India'
". !nalysis of Cyber aw scenario in India,
7. Providing a comprehensive database for cases and incidents related to Cyber
aw in India,
>. ! ready reference for problems associated with Cyber aw in India, etc.
he discussion group cum database will analyse Cyber aw of India that suffers from
the following drawbacks'
(. on-inclusion of contemporary Cyber crimes and Contraventions like Phishing,Spamming, Cyber e;tortions, Compromised e-mails, Cyber errorism, etc.
". !n obscure position of Dreedom of speech and e;pression under the I !ct,
"###.
7. !bsence of iability for illegal blocking of websites, blogs, etc.
>. ack of echno-egal compliance under the I !ct, "###.
4. ack of Wireless security under the I !ct, "###.
5. !bsence of legal protection pertaining to IP1s in cyberspace.
9. ! confusion regarding ocus-standi and due diligence.
<. !bsence of Private defence in cyberspace.
8. on-dealing of issues like Cyber terrorism and private defence,
(#./-waste in India must be taken seriously, etc.
23
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 24/26
%esides these grey areas India is also facing problems of lack of Cyber Security in
India as well as IC Security in India. ! techno-legal base is the need of the hour.
+nfortunately, we do not have a sound and secure IC Security %ase in India and
Cyber security in India is still an ignored World. If opening of Cyber Cells and Cyber
+nits is Cyber Security than perhaps India is best in the World at managing Cyber
Security issues. +nfortunately IC Security in India is euated with face saving
e;ercises of false claims and redundant e;ercises. he truth remains that IC Security
in India is a myth and not reality. he Cyber aw in India reuires a dedicated and pro
active approach towards IC and Cyber Security in India. In the absence of a dedicated
and sincere approach, the Cyber aw in India is going to collapse.
ow as we know what are the ma&or lope holes in the act let us try to fine the
possible suggestion to over come these and try to learn form what us3uk are following
inorder to have a virus free cyber.
Sggestion
-ecritment
here is a high need to increase the strength of staff for proper functioning of the
!C.
-ed coding System
Set - up a red coding system, with the help of which the government can keep a
tap on mails, chat, etc. this system will help the government to detect the possibility of
further cyber crime.
24
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 25/26
Training and Development
?ne of the most important reuirements for the proper function of the !C is
that, there should be good uality training programs on a regular base.
Domain
It is necessary, Aomain should be treated as a separate entity rather then
treating it as IP !C .
%yber theft, cyber staling, cyber harassment and cyber defamation are
presently not covered nder the act.
hese crimes need to have specific provisions in the act to enable the police to
take uick action.
=age Definitions
Aefinitions, prescriptions of punishment and certain provisions 0such as that
dealing with hacking2 need specific amendment.
arameters for its implementation
aw enforcement officials need to be trained for effective enforcement.
;ibliography
;oos
Company aw
%y *ulshan Bapur
*ebsites
http'33www.naavi.org3importantlaws3itbill"###3preamble.htm
http'33en.wikipedia.org3wiki3CyberQCrime
http'33www.e;presscomputeronline.com3"##"#<"53cover.shtml
http'33www.e;presscomputeronline.com3"##>#>"53coverstory#(.shtml
http'33www.e;presscomputeronline.com3"##>#9#43newsanalysis#(.shtml
http'33sify.com3finance3fullstory.phpOidR(>7>>94(
http'33www.delhipolice.nic.in3home3pressrel.htm
25
8/12/2019 7241469 Information Technology Act
http://slidepdf.com/reader/full/7241469-information-technology-act 26/26
http'33www.indiaforensic.com3cyberlotto.htm
http'33articles.sakshay.in3inde;.phpOarticleR(4"49
http'33www.cyberlawclinic.org3cyberlaw.htm
http'33www.cio.in3govern3view!rticle3!1IC/IAR"955
http'33www.techtree.com3India3ews3?rgani:edQCyberQCrimeQinQ"##9344(-
998>5-4<".html
http'33www.timesnow.tv3CyberQcrimeQinQschools3articleshow3(<<4"5(.cms
http'33www.businessline.in3cgibin3print.plO
fileR"##5((#5##(>#7##.htmdateR"##53((3#53prdRew
http'33www.bpoindia.org3research3cyber-crime-asia.shtml
http'33www.dnaindia.com3report.aspOewsIAR5>((
http'33www.cidap.gov.in3cybercrimes.asp;
http'33infotech.indiatimes.com3/nterprise3etQlossQ*ettingQawayQwithQcrimeQ3ar
ticleshow3"#95(88.cms
http'33www.dnaindia.com3report.aspOewsIAR(#7<494