The Impact of Cybercrime on the Indian Economy and Society

S.no Contents 1. Introduction 2. Types of Cybercrime 3. Financial Losses & Economic Impact 4. Threat Towards ‘Digital India’ 5. Business Disruption 6. Data Privacy is a Myth 7. Effects of Cybercrime on Society 8. How Laws Evolved around Cybercrimes in India 9. Conclusion Introduction India has seen a substantial increase in cybercrime recently, posing a growing threat to both culture and economy. Cybercriminals have discovered new ways to take advantage of flaws and carry out their nefarious activities thanks to growing digitization and broad internet usage. Online harassment and cyberstalking are major issues that are becoming increasingly prevalent in today’s digital age. With the widespread use of the internet, type of abuse can have many forms, such as bullying, hate speech, stalking, and revenge porn, and it can cause devastating effects on someone’s life. The internet’s anonymity has made it easier for perpetrators to engage in abusive behaviour and law enforcement often struggles to keep up with the rapidly evolving landscape of online crime. Cybercrime also puts India’s ambitious digital transformation projects in danger. Fear of cyberattacks may prevent individuals and companies from adopting digital technology, halting development and obstructing the potential advantages of a digital economy. Cybercrime also affects data security and violates privacy, with serious social repercussions. People become more susceptible to identity theft, fraud, and harassment, which undermines faith in online platforms and has an adverse effect on mental health. Due to the cross-border nature of cybercrime, it is challenging to identify and capture offenders, necessitating ongoing tool and skill enhancements for efficient investigations. In addition, the legal system encounters challenges when dealing with cybercrime matters, such as delays and the requirement for specialised knowledge, which impedes the administration of justice. Types of Cybercrime It is important to recognize that these crimes are not merely harmless pranks, but heinous criminal acts that have devastating consequences. Financial Losses & Economic Impact This article would explore the vicious impact of cybercrime on the Indian economy, highlighting the challenges it poses and the measures required to address this growing concern. Threat Towards ‘Digital India’ India has placed a lot of emphasis on digital transformation programmes to use technology for governance, e-commerce, online services, and financial inclusion. However, the advancement and effectiveness of these transformational endeavours are seriously threatened by cybercrime. Business Disruption The rise of cybercrimes in India can affect businesses and corporate institutes terribly. They can suffer from financial loss, software disruption, phishing and others. Data Privacy is a Myth To commit, identity, theft and financial fraud, cyber criminals target personal data such as Adhaar or PAN numbers, bank account information, and credit card information. Various illegal activities, such as impersonation, loan fraud, and unauthorised financial transactions, can be committed using stolen identities. Individuals suffer financial losses as a result of these instances, which also reduce confidence in online services and transactions. Privacy and data protection laws are essential for protecting people’s personal information and holding companies accountable. However, regulatory and compliance structures are challenged by cybercrime. Cross-border operations are frequently involved in data breaches, making it challenging to identify and apprehend hackers. To properly address these issues, regulatory frameworks must be strengthened, data privacy laws must be improved, and international cooperation must be encouraged. Businesses in India run the danger of having their proprietary data, trade secrets, and consumer information compromised by data breaches. These hacks may be the result of business espionage to acquire a competitive edge or by hackers looking to make money by selling the stolen data. Financial losses, reputational harm, and a decline in customer trust are all effects. Individuals and companies need to prioritise cybersecurity measures in order to reduce privacy and data security breaches. Implementing robust authentication systems, encryption, and secure data storage procedures are all part of this. Individuals can be equipped to secure their personal information and recognise potential risks by encouraging digital literacy and awareness among them. Businesses should make substantial investments in cybersecurity infrastructure, carry out frequent security assessments, and follow data privacy laws. Effects of Cybercrime on Society Our web presence is constantly growing. Whether we buy food in-store or clothes online, every transaction leaves a digital trail that cybercriminals are always trying to exploit. Globally, there are now more cybercrimes due to increased internet usage. According to a National Crime Records Bureau of India report, from 2018 to 2020, there was an 84% increase in cybercrimes in India. Cybercrime affects both small businesses and huge organisations. The numerous negative repercussions of cybercrimes on society are explained in this article. How Laws Evolved around Cybercrimes in India At first, there were no special provisions for cybercrimes in India. The Indian Judiciary added various aspects of cybercrimes in IPC through some landmark judgments like- Also in, Through various Case Laws, the accountability for cybercrimes expanded- Conclusion In conclusion, the Indian economy and society are significantly impacted by cybercrime. In terms of financial losses, business interruptions, dangers to digital transformation, breaches of privacy and data security, as well as difficulties with law enforcement and justice, it presents considerable hurdles. These effects have wide-ranging repercussions for people, corporations, and society at large. In addition to causing financial losses and identity theft, privacy and data security breaches also erode user confidence in online services, which has an effect on the entire digital ecosystem. Investigation, prosecution, and deterrence of cybercriminal activity are hampered by difficulties in law enforcement and justice, including jurisdictional complications, cybercriminals’ anonymity, and deficiencies in technical expertise. Endnotes: This article is authored by Dibyojit Mukherjee, a student at the Institute of Law, Nirma University.

Laws Ensuring Cybersecurity in India

Computers seem to have made our life easier they could be used for several purposes like online education, online payment of various bills, source of entertainment, and having knowledge of the global world among many others. But we often ignore the threat that it causes to all of us it results in the advanced form of crime terms called ‘Cyber Crime’. Cybercrime is all about the use of a computer either in terms that a computer has been used to commit a crime or a crime committed by targeting a computer. To prevent computer crime, we need a computer-based law called ‘Cyber Law’.

Protection of “Non- Personal Data” in India: Need of the Hour

INTRODUCTION We can see the continuous usage of the term “non-personal data” (aka NPD) in the article. Hence, the definition of the term should be known. According to a report submitted by PRS Legislative Research, “non-personal” data can be referred to as “any data which is not personal data (data pertaining to characteristics, traits or attributes of identity, which can be used to identify an individual) is categorised as non-personal data”[1]. Such data does not possess any kind of information that would lead to the identification of a person. NPD can be any sort of data, for example, it might be something that is not all related to an individual, or it can be personal data that had been anonymised later[2]. Discussions regarding the protection of “non-personal data” began very late. This article deals primarily with “non-personal data” and the reasons to protect them. The importance of “non-personal data” had also been mentioned in this article. IMPORTANCE OF “NON-PERSONAL DATA” “Non-personal data” has significant importance. These uses can be political, economic, or security-related. The key to expanding India’s economic opportunities is to strike the right balance between effective information privacy, security, and development[3]. Today’s world is very much technology-oriented. Hence, it can be concluded that in near future almost everything will be data-based. In such a situation, “non-personal data” would come to great use. TYPES OF “NON-PERSONAL DATA” NPD can be divided into sub categories like “public non-personal data”, “community non-personal data”, “private non-personal data”. “Public non-personal data” is referred to those data which is obtained by a government or governmental agencies during public-funded works. Anonymised data from land records, vehicle license data, and so on are examples. “Private non-personal data” are obtained from private sources (just like the name suggests), and the “community non-personal data” are obtained from community of natural persons[4]. Examples of private NPD include data/insights derived through the use of algorithms, and data sources collected by municipal authorities, other database systems, and so on are examples of community NPD. In the year 2019, an expert committee[5] was constituted in order to address the issues related to “non-personal data”. The abovementioned divisions have been made by the committee itself. WHY DOES “NON-PERSONAL DATA” NEED PROTECTION Although technically, no private information can be disclosed under “non-personal data”, there are some matters of concern. Often there is an overlap between personal and “non-personal data”[6], and this overlap is quite inevitable at times. The importance and vulnerability of data cannot be overstated. The time for data governance has arrived, just as the “Internet and cloud computing” had become accepted parts of doing business in the past. While customers’ personal data is protected by a lot of privacy laws around the world, “non-personal data” (NPD) is totally untapped. “Non-personal data” has financial value, which should be capitalised on by Indian businesses. These data can also be used to improve governance. For example, traffic patterns compiled by commercial vehicles can aid in better traffic control. This proves how important regulation of NPD can be. INDIA’S LATEST FRAMEWORK ON “NON-PERSONAL DATA” An expert committee is known as the “Gopalakrishnan committee” was formed by “Ministry of Electronics and Information Technology”, in the year 2020 in July. The main objective of this committee was to study and address the issues regarding “non-personal data”. The following observations were made by this expert committee: “NPD should be regulated to enable a data-sharing framework to tap the economic, social, and public value of such data, and to address concerns of harm arising from the use of such data.” The abovementioned expert committee had also suggested that the PDP or the “Personal Data Protection Bill” should be amended. According to the committee, the rules regarding NPD should be scraped off from this bill and should be incorporated under a separate one. This was recommended in order to avoid any kind of overlaps. As per Amar Patnaik, a member of the “Joint Parliamentary Committee” (JPC) on “Personal Data Protection” (PDP), rules to regulate non-personal data are essential, but at the same time, the Indian market should be given chances to grow. JPC has come up with some recommendations regarding the PDP Bill 2019. These recommendations would be discussed in the Parliament in the approaching winter session[7]. One of the major recommendations had been that the term “personal” should be removed, and both personal data, as well as NPD, should be regulated using the same regulator. CONCLUSION It can be concluded that it is extremely important to safeguard the “non-personal data”. At the very least, the NPD landscape in India is perplexing. There is little clarity about how “non-personal data” regulations and regulators would interact with personal data regulations and regulators. This article has also talked about how important NPD can be. It holds economic, as well as security-related importance. Unlike personal data, NPD hardly had any kind of regulations, hence, a solid set is absolutely necessary. Artificial intelligence has become a major thing these days. Therefore, it can be accomplished that NPD needs to be regulated largely. Proper full-fledged regulation of non-personal data in India has a long way to go. ENDNOTES  “Non-Personal Data Governance Framework”, https://prsindia.org/policy/report-summaries/non-personal-data-governance-framework.  “India: Revamped framework proposed for non-personal data regulation”, [January 2021], https://www.dataguidance.com/opinion/india-revamped-framework-proposed-non-personal-data Piyush Sharma, “Non-personal data: Unlocking value for public good”, [July 27, 2020], https://www.fortuneindia.com/opinion/non-personal-data-unlocking-value-for-public-good/104665. Supra note 1. Tanmay Mohanty, “India: Non-Personal Data Governance Framework”, [September 16, 2020], https://www.mondaq.com/india/privacy-protection/985574/non-personal-data-governance-framework. Vidushi Marda, “Non-personal data: the case of the Indian Data Protection Bill, definitions and assumptions”, [October 15, 220], https://www.adalovelaceinstitute.org/blog/non-personal-data-indian-data-protection-bill/. Sreenidhi Srinivasan and Anirudh Rastogi, “Why non-personal, what’s critical … & snooping? JPC report on data protection raises questions for privacy, business & regulation”, [November 26, 2021], https://timesofindia.indiatimes.com/blogs/toi-edit-page/why-non-personal-whats-critical-snooping-jpc-report-on-data-protection-raises-questions-for-privacy-business-regulation/. This article is written by Aaratrika Bal student at National Law University Odisha

IT Rules and Liability of Intermediaries

The present article is written by Sanjana Suman, a student of Amity Law School, Amity University Jharkhand Ranchi. Introduction The Ministry of Electronics and Information Technology recently released a draft of the Information Technology (Intermediary Guidelines) Rules 2018 and solicited feedback. A review of the proposed rules reveals the same issues that have plagued the Information Technology Act of 2000 since its start, namely, excessive delegation to subordinate legislation, vague wording, and difficult-to-implement restrictions. With respect to any given electronic message, the term “intermediary” has been defined under the Information Technology Act of 2002 (“IT Act”) as any person that receives, stores, or transmits such a message on behalf of another person or offers any service with respect to that message. This is not a complete list, but it does include Internet Service Providers (“ISPs”) as well as any website that hosts user-generated material. As a result of intermediary responsibility, which is founded on the legal idea of vicarious liability, service providers are held liable for any criminal acts committed by users on their platform. As Rebecca MacKinnon has said, “Intermediary liability means that the intermediary, a service that acts as ‘intermediate’ conduit for the transmission or publication of information, is held liable or legally responsible for everything its users do.” Development of “intermediary liability” in India Intermediary regulation is covered by a number of laws and sub-legislations in India. In addition, there has been a slew of instances in India, and the Indian courts have been quick to rule on these problems.  IT ACT (2000) Only network service providers were initially protected under the IT Act “for any third party information or data made available by him if he proves that the offense or contravention was committed without his knowledge or that he had exercised all due diligence to prevent the commission of such offense or contravention” As a result, intermediaries had little or no safe harbor protection under the original IT Act. Avnish Bajaj v. State and the Amendment to the IT Act (2008) For content spread by a third party on its e-commerce platform, the Managing Director (rather than the company Baazee.com) was charged with criminal penalties under the Indian Penal Act and the IT Act. The Managing Director, on the other hand, was exempt from accountability because the corporation was not named as a defendant in either the High Court or the Supreme Court. Furthermore, the Delhi High Court stated that if the content posted bypasses the filters designed to prohibit pornographic content, corporations risk gaining knowledge. In this case, it was also determined that the breadth of protection provided to intermediaries needed to be expanded, therefore the IT Act was changed in 2008 to incorporate a safe harbour regime under Section 79 of the IT Act, as well as to change the definition of intermediaries (as it reads presently). The modified Section 79 of the IT Act protects internet intermediaries from “any unlawful conduct,” rather than only offences or contraventions, and includes a requirement for due diligence when claiming safe harbour. It is an exemption provision that grants intermediaries conditional immunity as long as they abide by the section’s rules and restrictions. The Legal Provision  Section 2 (w) of the Information Technology Act,2000 (IT Act, 2000) defines Intermediaries as – “intermediary”, with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes Telecom service providers, network service providers, internet service providers, web hosting companies, search engines, online payment sites, online auction sites, online marketplaces, and cyber cafes. The Information Technology (Intermediaries Guidelines) Rules, 2011  The Government of India published the Intermediary Guidelines after amending the IT Act in 2008, which were mandatory for all intermediaries claiming safe harbor protection. These should be read in accordance with the IT Act, as well as the due diligence requirements for intermediaries set forth in Rule 3: Rules and regulations, as well as a privacy policy and a user agreement, must be published by intermediaries. All prohibited acts, such as those that belong to other people, are grossly harmful, harassing, or unlawful, harm minors, infringe on intellectual property rights, violate any law, are deceiving or misleading, contain a virus, or threaten India, will be specified in the rules and regulations, terms and conditions, or user agreement and Users should be informed that any violation of the terms will result in their access being terminated by the intermediary. Intermediaries must not knowingly host or disseminate information as defined in this sub-rule (2),  Intermediaries must deactivate such data within 36 hours and save it for 90 days for investigation purposes.  To assist authorized government agencies, intermediaries are needed. Intermediaries are required to take all necessary precautions to protect their computer resources.  Intermediaries must notify the Indian Computer Emergency Response Team (ICERT) about cybersecurity incidents.  Intermediaries must establish a Grievance Officer and post the details of that officer on their website. However, several difficulties such as ambiguity in prohibited content and coerced decisions by intermediaries flooded the IT Act and the Intermediary Guidelines. Furthermore, anyone can ask the middlemen to remove the illegal content. These difficulties, however, were essentially settled in the Shreya Singhal judgement. Shreya Singhal v. Union of India (2015) The Supreme Court recognised the Indian citizen’s right to freedom of speech on the Internet and cyberspace for the first time in the historic Shreya Singhal v UOI decision in 2015. It overturned Section 66A of the Information Technology Act, which imposed harsh penalties for delivering offensive material through computer. The Court held that “Section 79 is valid subject to Section 79(3)(b) being read down to mean that an intermediary fails to promptly remove or disable access to such material after receiving actual knowledge from a court order or being notified by the appropriate government or its agency that unlawful acts relatable to Article 19(2) are going to be committed.” Similarly, the 2011 Information Technology “Intermediary Guidelines” RulesRead More

The Information Technology (Intermediary Guidelines and Digital Ethics Code) Rules, 2021

This article is written by Bhargavi Nimje, a 1st year student at Firodia Law College, Pune. This article discusses the new regulations imposed by the government on OTT platform, social media and digital media and the issues with new regulations. INTRODUCTION Whether it is, social media or Over The Top (OTT) platforms, they have been hitting the headlines for their content or misuse for a long time. OTT platforms are replacing traditional media. Regulations of OTT platforms and social media has been a widely debated topic over the regulation of content and interference with privacy rights. Government has been contemplating the idea of a regulatory body for OTT platforms, digital media. Citing the reason of public interest, the government has decided to frame regulation for Over the top (OTT) platforms, digital media and social media. Why the Need Felt In the last few years, many controversies have come up regarding content on OTT platforms and inciting violence through social media. Government claimed that OTT platforms do not have censorship and so any content was published on platforms that was hurting viewers sentiments as in the case of ‘Tandav’ or depicting the particular city in a wrong way as in the case of ‘Mirzapur’ To curb the incidents of violence, assassination of character, prohibiting spreading of false message, protecting sentiments of viewers, government decided to have censorship. Defaming, harassing, stocking others on social media are some of the crimes which go unpunished. To bring an end to these issues, the government decided to have stricter regulation. However, a big push came when there were violent incidents at the Red Fort on Jan 26, 2021 and certain accounts were removed from social media on the ground that these accounts were involved in inciting violence through social media. The government felt the need to have stricter regulation for addressing such issues. Prior to Regulations There was no such rule for OTT platforms and digital news media. Whereas, for movies, The Central Board of Film Certification (CBFC), a film-certification body, reviewed the content before the release of a movie. There were no regulations on broadcasting and transmission of content on OTT platforms. OTT platforms were under the purview of the Ministry of Electronics and Information Technology but didn’t have any rules. After a lot of criticism OTT platforms are brought under the purview of the Information and Broadcasting Ministry. To curb the issue of content and to avoid coming of OTT platforms under Information and Broadcasting ministry, Internet and Mobile Association Of India (IAMAI), a representative body of OTT platforms proposed the self regulatory model ‘Code of Best Practices for Online Curated Content Providers’ which was signed by major OTT players like Netflix, Amazon Prime, but Information and Broadcasting ministry has not agreed to this model stating that IAMAI wanted to address grievances internally and there was no appeal mechanism which wasn’t acceptable to the government.  When it comes to digital news media, the government has claimed that many digital news media don’t have even basic information on their office address. To map out the digital news media, guidelines are required. For the regulation of social media, there were certain sections under IT Act 2000,  but they were applicable to very specific cases of data breaches and privacy. Also, there was an issue with some ‘terms’ which was not defined clearly and can be interpreted in various ways. New Regulation Social Media  The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 regulates social media, digital media and OTT platform. It also envisages a category of significant social media intermediaries for social media platforms. Intermediaries that host user generated content have an immense role to play as per the new guidelines.  The government has classified intermediaries into 2 categories, i.e., social media intermediary and the significant social media intermediary. Social media intermediary means a provider who allows its user to interact online with other users using the providers’ platform. Platforms with over 50 lakh registered users are to be considered as ‘significant social media intermediaries The social media intermediary should have Grievance redressal mechanisms for receiving and resolving complaints from users in which a grievance officer had to deal with complaints, and must acknowledge the complaint within 24 hours, and resolve it within 15 days of receipt. If the court or government authority passes an order to remove a prohibited content from the intermediary’s website, the said content shall be removed within 36 hours. When it comes to significant social media intermediary, they have an additional obligation. The significant social media intermediary have to  Appoint Chief Compliance Officer residing in India who will be responsible for ensuring platform’s compliance with the rules. appoint a nodal contact person for 24×7 for coordination with law enforcement  Appoint a resident Grievance Officer to handle the grievance redressal Mechanism.  To know what the situation is, the significant social media intermediaries will need to publish a monthly report mentioning the details of complaints received, action taken and the details of contents removed proactively.  They have to identify the first originator of the information of the mischievous tweet or message and have to disclose the name upon being asked by the court or by a government authority. However, disclosing of name is required only for prevention, detection, investigation, prosecution or punishment of an offence related to sovereignty and integrity of India, the security of the State, friendly relations with foreign States, or public order”.   Intermediaries are protected by Section 79 of the Information Technology Act, which provides a “safe harbour” to intermediaries and exempts them from liability for the actions of users if they adhere to government-prescribed guidelines. If an intermediary fails to observe the rules, they will be liable for punishment “under any law for the time being in force, including the provisions of the IT Act and the Indian Penal Code OTT Platforms, Digital Media   Centre had amended (Allocation of Business) Rules, 1961 to bring OTT platforms, digital news under the purview of InformationRead More

Cyber Crimes: Are Indian Laws Outdated for Such Laws

This article is written by Arshdeep Bedi ( Student of the final year -Punjabi University, Patiala)                           INTRODUCTION The internet, computers, mobiles, and other forms of technology have revolutionized every aspect of human life from decades including how we communicate, shop, obtain news, entertain our self etc. This technological advancement has also created innumerable opportunities for offenders to commit various forms of crime. Online crimes are often referred to as cybercrime.  The main cause of cybercrimes is our dependency on it, of which the perpetrator takes advantage and uses his special knowledge of cyberspace for committing the crime. The first case of cybercrime has appeared in Yahoo!, Inc. vs Akash Arora & Anr, 1999 What is a Cybercrime Cybercrime can be defined as any type of illegal activity that takes place via digital means.  Cybercrime is a Criminal activity that either targets individuals, or organizations, or society. Some of the examples of cybercrime are cyberstalking, cyber terrorism against a government organization, online gambling, committing fraud, trafficking in child pornography, intellectual property, stealing identities or violating the privacy, etc. Types of Cybercrime HACKING:  It is unauthorized access or control over a computer or someone’s network security systems for some illegal purpose.  PHISHING: It is a practice where a person having fraudulent intent of sending emails creating fake web pages to be from a known company or a a well-known company in order to induce an individual to get some personal information or some passwords such as credit cards, etc.  IDENTITY THEFT: The fraudulent exercise of using personal information in order to obtain credit, loans etc.  LAWS RELATED TO CYBERCRIME   Our Indian laws have not defined the term cybercrime but an act has been introduced to tackle types of cyber crimes and such act is INFORMATION TECHNOLOGY ACT 2000 and IPC can also be used to prosecute against cybercrimes or to supplement provisions to the IT act. For instance:  offences like hacking, data theft and virus attack could be prosecuted under sec 6 read with sec 43 of the IT act. Some of the provisions stated in the act are:  Sec 65: Tampering with computers source and code documents:  This section applies to people who intentionally conceals, alters or destroy any computer source and code using any network or program. Punishment for such crime is imprisonment for 3 years or 2 lakh fine or both. Sec 67: Penalizes publication and transmission of obscene material or material containing sexually explicit acts and of material depicting children in sexually explicit acts in electronic form.  Punishment can be up to 7 years or fine that can be up to 10 lakh. Sec 72:  Breach of confidentiality and privacy: A person with secured access to any electronic record, information, or any other material discloses it with other people without their consent.  Punishment imprisonment up to 2 years or fine up to 1 lakh. ARE INDIAN LAWS ARE STRICT ENOUGH TO CURB THE CYBER CRIMES? NO, Indian laws are not strict enough to curb cybercrimes.   There are provisions related to various cyber crimes but there are few loopholes in those provisions which are not strict enough to deal with cybercrime.  For instance:  sec 66E of IPC wherein it as mentioned that capturing should be nonconsensual and as opposed to that, it has been seen in most of the cases where images are taken with consent in the past, of which convicted person will take advantage of it and publishes on the internet, this is also called revenge porn.  In the modern era, people are using technology for revenge if these types of laws exist then it’s difficult to stop cybercrimes and cybercrime has expanded its roots to almost every aspect of the life of netizens.   Even in  Shreya Singhal V Union of India, 2015 it was contended that any matter posted on the internet is universally accessible than any other media to the netizens, it is not confined to any particular boundary, unlike any other media. It, therefore, becomes obvious that this requires more and strict regulations because there is a growth of scammers, phishing, money laundering, etc. If we compare Indian cyber laws with any other country then our laws are not strict enough to deal with the crimes. For instance:  in Indian punishment for child pornography under the protection of children from sexual offences (POSCO) act 2012 is imprisonment up to 5 years for a first conviction whereas in USA imprisonment up to 15 to 30 years for the first conviction.     As per the data, the conviction in cases cybercrime in India continues to less.  If systems continue in the same manner means it will become difficult to tackle the growing crime rate.  Apart from all the legal aspect, the important thing to be done is awareness on the individual level. According to the reports, most of the government officials are not aware of their adjudicating powers under IT act. Unless each person doesn’t become aware and cautious it will be difficult to regulate the crimes. Issues yet to be covered under the Information and Technology Act Information and Technology Act and Amendment Act are the landmark first step and milestone in the technological growth of the nation. But at the same time, the existing law is not sufficient. It would not be a new thing to say that our laws are not so efficiently to provide proper protection. Even in the act, there are many issues which are still to be touched or are completely untouched. Territorial Jurisdiction TerritorialJurisdiction is the major issue which has not been properly addressed by the legislation. Jurisdiction of the officer as per Sections 46, 48, 57 and 61 in the relation to adjudication process and the appellate procedure under Section 80 is not sufficient as though they provide the police officers with the powers to enter, search a public place for a cybercrime etc. But since cyber crimes which are computer-based crimes and if the mail of one is hacked in one place by accusedRead More

Defamation in the Digital World

This Article is Written by Manav Sony from Amity University, Kolkata. The article throws light on defamation and electronic defamation which is taking place these days in various social media sites. INTRODUCTION A man’s Reputation is considered as the most valuable thing and everyone has the right to protect his/her reputation. Reputation is the only thing which matters the most in this world these days. Even when you apply for a job, the boss first checks your reputation and also your background and then only you are considered for it. The right to protect reputation is an inherent personal right which is also known as jus in rem i.e. a right good against all the other persons in this entire world. Talking about defamation, it means any sort of oral or written statement which is made by a person which results in damaging the reputation of some other person. According to Black’s Law Dictionary, defamation is any sort of offence that injures the character of a person and also fame, reputation by giving false and malicious statements. If the statement is written, it is known as “libel” and if the statement is spoken, it is known as “slander”. In order to prove any statement defamatory in nature, there are certain essential elements which have to be considered. They are enumerated as follows: A statement should be made either spoken or through any expressions, signs etc. The statement should refer to the plaintiff The Statement must be Defamatory in nature There must be an intention of the wrongdoer The statement should be false The statement should not at all be privileged The statement must be published somewhere The third-party must believe that the defamatory matter is to be true The statement must cause injury to the plaintiff When one person or group of persons try to agree in order to write or utter some defamatory words of another and one of the persons writes or utters the words when the others are present who all had agreed earlier, would be sued under the charges of joint tortfeasor provided in the defamatory matter to the persons rather than those who were acting all together or the plaintiff. Usually, the person who makes a defamatory statement first is not all liable if that particular statement is republished by another person although he expressly stated that he was reproducing what he heard from some other source. But no person has the right to repeat any sort of slanderous statements against anyone without any proper justification of the statement. If any person is aware of the fact that a statement is defamatory in nature and still repeats to spread it or communicates further, then he can be held liable for defamation at that instant. There may be publication by omission. If in any case the failure by a defendant was authorised and was also able to remove any sort of defamatory matter which is the work of some other person is the publication made by him. For suppose, if anybody tries to put up any sort of a defamatory letter on the notice board of an office or club and the person who is the in-charge has not removed the letter from the board within a reasonable time then that person also would be liable for defamation.  Defences Available Against Defamation Talking about the defences that are available against defamation, there are certain points which are enumerated as follows: – Justification by truth Fair and Bona fide Comment Fair Comment and Justification distinguished Absolute Privilege or absolute statement Parliamentary Privilege as per Indian Constitution Qualified Privilege or a legal statement Opinion Statement Consent Censure passed by a person in good faith having lawful authority The accusation made to the person in good faith Defamation in the Digital World Our world has actually progressed a lot. From having pagers to having keypad mobile phones to having touch screen phones, the technology has earned a lot of progress during these recent times. The progress in digitalisation has also led to rise in various sort of crimes. One such crime is known as Cyber Defamation. This particular theory means publishing of any false statement by a person against any other person in cyberspace i.e. social media sites that can actually harm the reputation of that particular person and also cause injury too. In our country, defamation is treated as a civil and criminal offence. Cyber Defamation is entirely a new type of concept. The defamatory statements must refer to the plaintiff and the intention must be to lower the reputation against the others which is done through by using modern technological devices like computers or the internet. If any person publishes any sort of defamatory statements on a website or sends any E-Mails which contains defamatory materials to that particular person to whom the statement has been made would lead to cyber defamation.   Referring to the Liabilities of our country, there are certain sections which come under this particular heading. They are as follows: Section 499 of The Indian Penal Code which gives the definition of defamation Section 500 of IPC that gives the punishment which is two years of imprisonment or fine or both Section 469 of IPC which deals with forgery Section 503 of IPC which deals with criminal intimidation through electronic methods Apart from all these, there was a section which was section 66A of the Information Technology Act, 2000. That particular section has been struck down by the Supreme Court in the year 2015. It talked about offences made through electronic means.  Cases 1. Kalandi Charan Lenka v. State of Odisha: In this particular case, the petitioner was being stalked continuously by someone and also a fake account of hers was prepared by the culprit in which some obscene messages and pictures were sent to the friends. Also, a morphed naked picture of the plaintiff was posted on the walls of the hostel where the plaintiff used to stay. After a clear- cutRead More

Laws related to Cyber Hacking

This article is written by Gaurav Lall pursuing BBA LL.B. (Hons.) at United World School of Law. The article speaks about the brief explanation of cyber hacking and the laws for the protection of humans from hackers.  INTRODUCTION Cyber Hacking is identifying weakness in computer systems or networks to exploit its weaknesses to gain access. Example of Hacking: Using password cracking algorithm to gain access to a system. Computers have become mandatory to run a successful business. It is not enough to have isolated computers systems; they need to be networked to facilitate communication with external businesses. It is ironical to see that the most trusted source of information and a store for data can turn out to be a wide platform for some to steal information. It means using computers to commit fraudulent acts such as fraud, privacy invasion, stealing corporate/personal data, etc. Cybercrimes cost many organizations millions of dollars every year. Businesses need to protect themselves against such attacks. Unlike the majority of computer crimes which are regarded as clear cut in terms of legality issues, computer hacking is somewhat ambiguous and difficult to define. In all forms, however, computer hacking will involve some degree of infringement on the privacy of others or the damaging of a computer-based property such as web pages, software, or files.  As a result of this definition, the impact of computer hacking will vary from a simple invasive procedure to an illegal extraction of confidential or personal information. Different forms of Cyber Hacking One of the most frequent threats of hacking is those faced by the websites. It is very common to see a particular website or online account being hacked open intentionally using unauthorized access and its contents being changed or made public. The web sites of political or social organizations are the frequent targets by groups or individuals opposed to them. It is also not uncommon to see governmental or national information website being hacked. Some of the well-known methods in website hacking are: Phishing This implies replicating the original website so that the unsuspecting user enters the information like account password, credit card details, which the hacker seizes and misuses. The banking websites are the frequent target for this. Virus These are released by the hacker into the files of the website once they enter into it. The purpose is to corrupt the information or resources on the website. UI redress In this method, the hacker creates a fake user interface and when the user clicks with the intent of going to a certain website, they are directed to another site altogether. Cookie theft Hackers access the website using malicious codes and steal cookies which contain confidential information, login passwords etc. DNS Spoofing This uses the cache data of a website or domain that the user might have forgotten about. It then directs the data to another malicious website. Laws on Hacking in India Section 43 and Section 66 of the Information Technology Act (IT) Act cover the civil and criminal offences of data theft or hacking respectively. Under Section 43, a simple civil offence where a person without the permission of the owner accesses the computer and extracts any data or damages the data contained therein will come under civil liability. The cracker shall be liable to pay compensation to the affected people. Under the ITA 2000, the maximum cap for compensation was fine at Rs 1 crore. However, in the amendment made in 2008, this ceiling was removed. Section 43A was added in the amendment in 2008 to include corporate shed where the employees stole information from the secret files of the company. Section 66B covers punishment for receiving stolen computer resource or information. The punishment includes imprisonment for one year or a fine of rupees one lakh or both. Mens rea is an important ingredient under section 66A. Intention or the knowledge to cause wrongful loss to others i.e. the existence of criminal intention and the evil mind i.e. the concept of mens rea, destruction, deletion, alteration or diminishing in value or utility of data are all the major ingredients to bring any action under this Section. The jurisdiction of the case in cyber laws is mostly disputed. Cybercrime does not happen in a particular territory. It is geography less and borderless. So it gets very difficult to determine the jurisdiction under which the case has to be filed. Suppose a person works from multiple places and his data gets stolen from a city while he resides in some other city, there will be a dispute as to where the complaint should be filed. CONCLUSION It can be seen that the threat of computer crime is not as big as the authority claim. This means that the methods that they introduce to combat, it represents an unwarranted attack on human rights and is not proportionate to the threat posed by cyber-criminals. Part of the problem is that there are no reliable statistics on the problem; this means that it is hard to justify the increased powers that the Regulation of Investigatory Powers Act has given to the authorities. These powers will also be ineffective in dealing with the problem of computer. The international treaties being drawn up to deal with it are so vague that they are bound to be ineffective in dealing with the problem. It will also mean the civil liberties will be unjustly affected by the terms of the treaties since they could, conceivably, imply that everybody who owns a computer fitted with a modem could be suspected of being a hacker. The attempts to outlaw the possession of hacking software could harm people who trying to make the internet more secure as they will not be able to test their systems. The cyber hacking is protected under the IT Act which performs as prevention not cure.  Latest Posts Archives

Cyber Pornography

This article has been written by Parul Sharma, pursuing BBA LLB from Centre for legal studies Gitarattan International Business School GGSIPU. In this article, she has tried to explain Cyber Pornography. INTRODUCTION Cyber-crime is a very broad term which includes the offences that are related to computers or the computers network for the use of communication and to send the information to another person easily and quickly. The use of internet and computers are getting people more closure in the modern society for business and e-commerce purposes, hence we understand that there are many advantages for the utilization of computers and internet and our society cannot even function properly without them. Cyber-crime is defined as a crime in which a computer through which crime is committed like in hacking, spamming, etc or is used as a tool to commit an offence like in child pornography, etc. Cybercriminals might use computer technology to get personal information, business secrets or use internet technology for exploitative or vicious purposes. Criminals might as well use computers for the purpose of communication and storage of data or document. These people are usually referred to as hackers and cyber-crime is also called computer crime. The Internet gives the facility to the people to connect worldwide i.e. to communicate with any person irrespective of any place, time. the internet and the computers do not bound any person with the territorial limits and give access to any person in any of the jurisdiction. It allows the people to think of and share their creativity, views and take knowledge about anything they are interested in. The way in which people share their ideas, communicate, do online transactions is one of the big reasons that the internet will continue to contour the world. These kinds of freedom also enable computer experts to indulge in other unlawful cybercriminal activities such as hacking, bugging, cheating, fraud, etc. With the regular use of the internet in the mould of websites and blogging, people engage themselves in chatting on the internet without knowing the other person. There are many elements that have given birth to the sources concerning the society where Pornography has been a major issue in society. Porn today is more freely and widely available on the Internet than ever before. The younger generation is, therefore, able to access it very easily and quickly than ever. This leads to the mentality of unemotional sex. And the reason behind is that we have grown up in a culture where parents feel flustered, they aren’t comfortable to have a healthy conversation about sex with their children. Well, then it’s time to open up and come out of the comfort zone to talk about the most this silent topic i.e. Pornography. Pornography Pornography is defined as the sexual portrayal of persons, in either words or images, created with the basic, direct aim and reasonable hope, of evoking significant sexual arousal on the part of the consumer of the material. There hasn’t been only one definition of the law of the word pornography applied all over the world. The pornography or the pornographic material changes according to the vision and understanding of the people of various culture across the world and it has been a difficult task to define the material/content to be a pornographic content/material. Basically, pornography is nothing but marketing of man or woman sex, shown as an object for those who get involved in sexual acts. Pornographers utilize the internet to sell their material to sex addicts and to the interested parties. Watching and keeping of these kinds of materials is illegal in India. Nowadays pornography has become a kind of a business to the society as people indulge themselves to gain the economic benefits from them. They even put the hidden cameras and violates the privacy of the society ex: hotels, paying guest, hostels, changing rooms in the shopping complex etc. It has been a market for near about $1 trillion. Pornography existed since the pre-historic time as it was seen in the painting or rock arts. Therefore, with emerging of time, there was an invention of photography which gave rise to pornography. The very first law which criminalized pornography was the English Obscene Publications Act 1857. The Act was applied to the UK and Ireland, and it made the sale of obscene material a statutory offence and gave the courts power to seize and destroy offending material. Pornographic film production commenced after the invention of the motion picture in 1895. Sexually explicit films exposed the producers and distributors to prosecution. Pornography is the literature of art which have the portrait of sexuality emphasizing upon emotions and feelings. Pornography is of 2 types that is Softcore and Hardcore, where the pornography work is referred to as the hardcore content and the softcore pornography consists of nudity or partial nudity in sexual situations. Perhaps, both kinds of pornography involve nudity. Child Pornography in India Child pornography is an illegal act in India. Information Technology Act, 2000 & Indian Penal Code, 1860 gives protection against child pornography. Child refers to the person who is below the age of 18 years. The internet has been highly used by the abusers who reach out and abuse children sexually, globally. The internet has become a household commodity in India and its explosion has made children a feasible victim to the cybercrime. As more homes have access to the internet, more children would be using the internet and more are the chances of falling victim to the aggression of paedophiles. The availability of easy access to the contents of pornography quickly and freely over the internet has lowered the inhibitions of the children. Paedophiles attract the children by sharing pornographic material, and then they try to meet them for sex or to take nude photographs containing their engagement in sexual positions. Sometimes Paedophiles communicate with children in the chat room where they pretend to be teenagers or a child same age as theirs, and then they becomeRead More

The Concept of Obscenity: A Comparative Study (US/India)

This article is written by PRANIT BHAGAT pursuing B.A LLB from ILS Law College, Pune. In this article, he has discussed combating cyber obscenity in India and did a comparative analysis with that of the United States of America.   INTRODUCTION WITH THE ADVENT of the technological revolution, the concept of cyberspace also became popular with the people. The development of Information Technology is the mother of cyberspace wherein the internet provides many opportunities to the people equally for accessing any data storage and information etc. by use of high technology. New inventions and discoveries have widened the scientific scope as well as brought new challenges for the legal world. The widespread growth of these technologies has to lead to the commission of new types of crimes in cyberspace and has also become a matter of global concern. Cybercrimes are like the attack on secured information of individuals, corporations, or governments, etc. The popularity of social networking sites is increasing day by day. Due to this one can express his or her feelings very well, connect to old friends, and also make new friends. But there is a misuse of these sites by the cybercriminals for fulfilling their illegal purposes. In today’s world, teenagers are in habit of watching live sex, video clip, MMS clip, etc. Side by side the people have started to spend more and more time on networking sites because of the people’s addiction to them. Most of the time the end-users of the internet view, download, transmit, save and take a printout of obscene materials for themselves and also transmit the same to others. In modern times, the development of Information Technology affects the life of people all around the world. Concept of Obscenity Cyber obscenity is a very sensitive issue. The concept of obscenity changes with time and place. We cannot judge obscenity in isolation. It needs a broader perspective to understand the notion of obscenity. The obscenity is directly related to morality and decency. We can define obscenity with the help of the historical development of ‘test of obscenity’ in various countries. In Regina v. Hicklin case, the court observed that the material which has the likelihood to corrupt and deprave the minds of those persons whose minds are open to such immoral influences and who may read the publication of this type. The U.S Supreme Court in Miller v. California, given three tests for obscenity. But in Pope v. Illinois, it was held that there should be proper inquiry whether the community whose case is in the hand have serious value in that obscene material or whether a common person would find such values in it if taken as a whole. Thus, it can be said that the standards and factors for obscenity vary greatly depending on the norms and values of the state, town, or city for that matter of foreign countries. The term pornography means to describe or to show sexual acts to cause sexual excitement through obscene websites or obscene material produced by using computers, internet and also includes downloading, transmitting pornographic videos, writings, photos, and pictures, etc. Obscenity in cyberspace may be of various forms. The essential characteristics of pornography are the downloading of obscene material by using a computer and internet through the website so it also includes the hosting of websites that contain prohibited and obscene material. The pornographic material is very harmful to the young generation because it can corrupt and deprave the minds of the future of the country. There is no well-settled definition of obscenity. Material considered as a piece of artistic expression or literature in the United States of America may be considered obscene in India. The Government and law enforcement machinery have been trying to restrict the availability of this type of material but the results have not been satisfactory. Statutory Provisions in India Article 19 (2) of the Indian Constitution provides that the state has the power to impose reasonable limitations on freedom of expression to maintain morality and decency. To tackle the problem of obscenity and pornography, we have four major laws. The Indian Penal Code under section 292 comprehensively discusses the circumstances under which ‘obscenity’ may be an offence. In the case of Ranjit D. Udeshi v. the State of Maharastra, Honourable Apex Court interpreted the word “obscene” and stated that obscene may be defined as “offensive to modesty or decency, lewd, filthy and repulsive.” The Court further observed that it constitutes the reasonable limitation on the right of freedom of expression guaranteed by Article 19, clause 2 of the Constitution of India in the interest of morality or decency. Further, the Court in Samaresh Bose v. Amal Mitra held that the standards of morals of the society, the concept of “obscenity” may differ from one country to another country. In this case, the court also differentiated between the term “vulgarity” and “obscenity” by stating that vulgar writing is not always obscene. Indecent Representation of Woman (Prohibition) Act, 1986 prohibits the indecent representation of women by writings, painting, or through publication. It is an offence under this Act and punishable. Indian Parliament enacted The Protection of Children from Sexual Offences Act, 2012. This Act protects the children against offences of pornography, sexual harassment and sexual assault, etc. The case of Kamlesh Vaswani v. Union of India is presently pending in the Indian Supreme Court. The Apex Court has directed State to file a detailed affidavit and posed a question whether the Department of Telecom (DOT hereinafter) or any other department of Indian Government is competent to issue directions to Internet Service Providers Association of India (ISPAI hereinafter) to call off sites showing pornography. In India, the Information Technology Act, 2000 (IT Act hereinafter) contains the issue of online obscenity. Under the Act, storing or a private viewing of obscene material is legal as it does not specifically restrict it. On the other hand, transmitting or publishing obscene material is illegal. Before 2008, section 67 was the only provision ofRead More