Tag: #ITAct

The Impact of Cybercrime on the Indian Economy and Society

Posted on
S.noContents
1.Introduction
2.Types of Cybercrime
3.Financial Losses & Economic Impact
4.Threat Towards ‘Digital India’
5.Business Disruption
6.Data Privacy is a Myth
7.Effects of Cybercrime on Society
8.How Laws Evolved around Cybercrimes in India
9.Conclusion

Introduction

India has seen a substantial increase in cybercrime recently, posing a growing threat to both culture and economy. Cybercriminals have discovered new ways to take advantage of flaws and carry out their nefarious activities thanks to growing digitization and broad internet usage. Online harassment and cyberstalking are major issues that are becoming increasingly prevalent in today’s digital age. With the widespread use of the internet, type of abuse can have many forms, such as bullying, hate speech, stalking, and revenge porn, and it can cause devastating effects on someone’s life. The internet’s anonymity has made it easier for perpetrators to engage in abusive behaviour and law enforcement often struggles to keep up with the rapidly evolving landscape of online crime.

Cybercrime also puts India’s ambitious digital transformation projects in danger. Fear of cyberattacks may prevent individuals and companies from adopting digital technology, halting development and obstructing the potential advantages of a digital economy. Cybercrime also affects data security and violates privacy, with serious social repercussions. People become more susceptible to identity theft, fraud, and harassment, which undermines faith in online platforms and has an adverse effect on mental health. Due to the cross-border nature of cybercrime, it is challenging to identify and capture offenders, necessitating ongoing tool and skill enhancements for efficient investigations. In addition, the legal system encounters challenges when dealing with cybercrime matters, such as delays and the requirement for specialised knowledge, which impedes the administration of justice.

Types of Cybercrime

It is important to recognize that these crimes are not merely harmless pranks, but heinous criminal acts that have devastating consequences.

  1. Online bullying- This involves the use of electronic communication to harass or intimidate someone.
  2. Doxxing- This is the practice of publishing personal information, such as a person’s address or phone number, with the intent of causing harm.
  3. Revenge porn- This involves the distribution of sexually explicit images or videos without the victim’s consent.
  4. Trolling- This involves deliberately posting inflammatory or offensive comments online to provoke a reaction.
  5. Cyberstalking- This is the persistent and unwanted pursuit or harassment of a person through electronic communication, such as emails, texts, and social media messages.
  6. Impersonation- This involves creating a fake social media account or website to impersonate someone else.
  7. Hacking- This involves gaining unauthorized access to a person’s computer or online accounts with the intent of stealing personal information or causing harm.
  8. Salami Attack- Attackers or hackers frequently utilise the salami attack technique in order to perpetrate financial crimes online. One at a time, cybercriminals take resources or money from a system’s bank accounts. This attack happens when a number of weaker attacks combine to form a more powerful attack.
  9. Script Kiddies- Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of internet security weaknesses.
  10.  Cyber Laundering- Cyber laundering is when criminals use the internet to establish anonymity or non-traceability for laundering money. It happens in two ways- Instrumental Digital Laundering and Integral Digital Laundering.

Financial Losses & Economic Impact

This article would explore the vicious impact of cybercrime on the Indian economy, highlighting the challenges it poses and the measures required to address this growing concern.

  • Intellectual Property Theft- The unauthorised use, exploitation, or outright theft of creative works, ideas, trade secrets, and confidential information is known as intellectual property (IP) theft and is otherwise protected by intellectual property laws. There are many different types of IP theft, such as trademark infringement, copyright infringement, and patent infringement. Cyber espionage poses a threat to Indian firms, particularly those operating in the technology and innovation industries. This reduces the value of research, innovation, and competitive advantage, diminishing these industries’ capacity for economic growth.
  • Online Financial Frauds- Financial Fraud happens when someone deceives you and takes your money or any other kind of assets through illegal means. And when the usurper uses the cyberspace or Internet to conduct its fraudulent measures, it is called online fraud. Cybercriminals target people and steal money from their bank accounts using a variety of strategies, including phishing, identity theft, and credit card fraud. Individuals directly lose money as a result of these fraudulent operations, which undermines their trust in online transactions and electronic payment systems.
  • Financial Sector Vulnerabilities- Due to the possibility of significant financial gain, the financial industry is a top target for cybercriminals. Attacks on financial institutions, such as banks, payment gateways, and stock exchanges, cause financial losses as well as a decline in public confidence in the banking system. This can undermine economic stability and hinder the flow of investments. These monetary losses have a huge cumulative impact. In India, the cost of cybercrime was predicted to reach over $4 billion per year in 2019 by the Indian Council for Research on International Economic Relations (ICRIER). This sum accounts for both the direct financial losses and the indirect expenses related to reducing the effects of cyberattacks.
  • Ransomware Attack- In a ransomware attack, the user’s data, folders, or entire device is taken over by the attacker until a ‘ransom’ cost is paid. It is a form of malware from the crypto virology family that threatens to leak the victim’s private information or completely bar access to it if a ransom is not paid. More sophisticated malware employs a method termed cryptoviral extortion, whereas other simple ransomware may just lock the system without deleting any files.  By using phishing attacks or malicious websites to infect a PC or a network, ransomware attacks take advantage of unpatched security flaws. Though just simple ransom paying doesn’t ensure data recovery, and furthermore, the cost of data restoration can lead to more financial burdens.
  • Data Breaches- Sensitive information about people and businesses has been compromised in a number of high-profile data breaches that have occurred in India. These violations have long-term effects in addition to acute pecuniary ones. Businesses may experience negative effects on their income and growth prospects due to legal repercussions, reputational harm, and a loss of customer trust.

Threat Towards ‘Digital India’

India has placed a lot of emphasis on digital transformation programmes to use technology for governance, e-commerce, online services, and financial inclusion. However, the advancement and effectiveness of these transformational endeavours are seriously threatened by cybercrime.

  • Erosion of Consumer Confidence- Consumer trust in digital platforms, e-commerce, and online services is damaged by cyberattacks. Data breaches, financial fraud, and identity theft occur often, which raises questions about the security of personal and financial data. Consumer behaviour is impacted by the decline in trust, and people are less willing to deal online and divulge personal information. The advantages of digital transformation will not be fully realised without a strong digital ecosystem based on trust.
  • Compliance & Regulatory Challenges- Regulation and legal frameworks that handle growing threats and safeguard digital transformation projects are needed to combat cybercrime. Effective cybersecurity legislation, data protection laws, and privacy standards must be developed and put into place. Regulating bodies face difficulties keeping up with the rapid growth of cyber threats and establishing a safe and favourable environment for digital transformation. This entails making substantial investments in cybersecurity defences, encouraging digital literacy and awareness, establishing public-private partnerships, and creating a cybersecurity culture within businesses.
  • Service Disruption- Critical digital services may be interfered with by cyberattacks, putting users through inconvenience and irritation. For instance, a successful DDoS attack on online service platforms or government websites can make them inaccessible, preventing citizens from using vital services. Such interruptions jeopardise the dependability and accessibility of digital platforms, impeding the advancement of initiatives for digital transformation.

Business Disruption

The rise of cybercrimes in India can affect businesses and corporate institutes terribly. They can suffer from financial loss, software disruption, phishing and others.

  • Financial Implications- Costs associated with recovering from a cyber-attack are substantial. To restore systems and secure data, businesses must spend money on incident response, forensics, and remediation activities. Furthermore, failure to appropriately protect customer data may have legal and regulatory repercussions, such as fines and penalties. Small and medium-sized businesses (SMEs), who may lack the means and knowledge to adequately address cyber risks, may find it particularly difficult to deal with these financial pressures.
  • Business Resilience- The importance of solid business continuity and disaster recovery planning is highlighted by cyberattacks. Businesses must spend money on preventative measures to safeguard their vital infrastructure, create secure data backups, and establish incident response procedures. If these precautions are not taken, cyberattacks will continue to interrupt business operations and have a greater overall impact.
  • Downtime and Loss of Productivity- Cyberattacks that cause considerable downtime to corporate activities include distributed denial-of-service (DDoS) attacks and ransomware outbreaks. This downtime results in a loss of productivity and money. Even a small interruption can have a negative impact on supply chains, customer services, and overall operational effectiveness for firms that rely significantly on technology.

Data Privacy is a Myth

To commit, identity, theft and financial fraud, cyber criminals target personal data such as Adhaar or PAN numbers, bank account information, and credit card information. Various illegal activities, such as impersonation, loan fraud, and unauthorised financial transactions, can be committed using stolen identities. Individuals suffer financial losses as a result of these instances, which also reduce confidence in online services and transactions. Privacy and data protection laws are essential for protecting people’s personal information and holding companies accountable. However, regulatory and compliance structures are challenged by cybercrime. Cross-border operations are frequently involved in data breaches, making it challenging to identify and apprehend hackers. To properly address these issues, regulatory frameworks must be strengthened, data privacy laws must be improved, and international cooperation must be encouraged. Businesses in India run the danger of having their proprietary data, trade secrets, and consumer information compromised by data breaches. These hacks may be the result of business espionage to acquire a competitive edge or by hackers looking to make money by selling the stolen data. Financial losses, reputational harm, and a decline in customer trust are all effects. Individuals and companies need to prioritise cybersecurity measures in order to reduce privacy and data security breaches. Implementing robust authentication systems, encryption, and secure data storage procedures are all part of this. Individuals can be equipped to secure their personal information and recognise potential risks by encouraging digital literacy and awareness among them. Businesses should make substantial investments in cybersecurity infrastructure, carry out frequent security assessments, and follow data privacy laws.

Effects of Cybercrime on Society

Our web presence is constantly growing. Whether we buy food in-store or clothes online, every transaction leaves a digital trail that cybercriminals are always trying to exploit. Globally, there are now more cybercrimes due to increased internet usage. According to a National Crime Records Bureau of India report, from 2018 to 2020, there was an 84% increase in cybercrimes in India. Cybercrime affects both small businesses and huge organisations. The numerous negative repercussions of cybercrimes on society are explained in this article.

  • Effects of Cybercrime on Infrastructure- Cyberterrorism is another serious danger to society. Millions of lives are at risk when cyberterrorists breach infrastructure-controlling systems like air traffic control. The risk of cyberterrorism increases with a country’s level of technological development. Healthcare websites are a target for cybercriminals. Sensitive information about patients and healthcare workers may be exposed. These online crimes can include denial-of-service attacks and malware. Cyberattacks on the healthcare sector could result in more than just monetary losses; they might also endanger the lives of patients.
  • Effects of cybercrime on Businesses– Assume that when a customer purchases something online, an e-commerce company records their credit card information. Millions of people do business with this enormous company. Let’s imagine that at least 70% of their consumers use debit cards, credit cards, UPIs, digital wallets, etc. to make purchases. This indicates that the company has amassed a sizable online customer database. Hackers can gain access to internal systems if the organisation does not take the necessary precautions to secure and encrypt the sensitive financial information of its clients. Customers’ card information can be accessed, followed back to their bank accounts, and money was stolen. Many people may suffer financial losses as a result, which will produce a huge commotion in society.
  • Effects on Individuals- Cyberbullying is the practice of using bogus information leak threats to extort online users. The effects of cybercrime extend beyond monetary damage, much like attacks on healthcare facilities. Victims may experience mental health issues like anxiety and depression, which can cause suicidal thoughts. Not only have our phones become smarter as a result of digitization. Smart homes are now possible thanks to artificial intelligence (AI) and the Internet of things (IoT), where you can turn on any device with a voice command. Your modern smart TV enables you to sign up for a variety of streaming services, but in the absence of a reliable security solution, it exposes your payment information to hacking.

How Laws Evolved around Cybercrimes in India

At first, there were no special provisions for cybercrimes in India. The Indian Judiciary added various aspects of cybercrimes in IPC through some landmark judgments like-

  1. State of Tamil Nadu v. Suhas Katti[1]: In this case, the Supreme Court held that the offense of hacking under Section 66 of the IT Act requires proof of mens rea or criminal intent.
  2. Shreya Singhal v. Union of India[2]: In this case, the Supreme Court struck down Section 66A of the IT Act, which criminalized the sending of offensive messages through communication services, as it violated the right to freedom of speech and expression.
  3. K. Srinivas v. State of Karnataka: In this case, the Supreme Court held that the offense of cyberstalking under Section 354D of the IPC includes online stalking and harassment.
  4. Sabu Mathew George v. Union of India[3]: In this case, the Supreme Court held that the offense of publishing or transmitting obscene material in electronic form under Section 67 of the IT Act requires the intention to arouse sexual desire.

Also in,

  1. Anvar P.V. v. P.K. Basheer[4], the Supreme Court of India observed that the increase in cybercrime requires formulating new laws and strengthening existing ones to prevent and prosecute such crimes. The court also emphasized the need for awareness and education programs to inform citizens about the risks of cybercrime and how to protect themselves.
  2. Sharat Babu Digumarti v. Government of NCT of Delhi[5], the Delhi High Court held that the prevention of cybercrime requires the development of technological solutions and the cooperation of law enforcement agencies and internet service providers.
  3. K.M. Shareef v. State of Kerala, the Kerala High Court emphasized the need for strict punishment for cybercrime offenders to deter others from committing such crimes.

Through various Case Laws, the accountability for cybercrimes expanded-

  1. State of Karnataka v. Sri Raghavendra S. Navalgund: In this case, the accused was found guilty of unauthorized access to a computer system and stealing confidential data. The court held that the offense of hacking under Section 66 of the IT Act, 2000 requires proof of criminal intent and dishonesty.
  2. Avnish Bajaj v. State: In this case, the founder of a popular online marketplace was arrested for hosting objectionable content on his website. The court held that the intermediary protection under Section 79 of the IT Act, 2000 can be availed of only if the intermediary takes reasonable steps to remove or disable access to the objectionable content.
  3. Sanjeev Mishra v. State of Uttar Pradesh: In this case, the accused was found guilty of creating a fake social media profile to defame a woman. The court held that the offense of defamation under Section 499 of the IPC also applies to online statements.
  4. Ramkumar v. State of Tamil Nadu: In this case, the accused was found guilty of using a fake identity to stalk and harass a woman online. The court held that the offense of stalking under Section 354D of the IPC includes online stalking and harassment.

Conclusion

In conclusion, the Indian economy and society are significantly impacted by cybercrime. In terms of financial losses, business interruptions, dangers to digital transformation, breaches of privacy and data security, as well as difficulties with law enforcement and justice, it presents considerable hurdles. These effects have wide-ranging repercussions for people, corporations, and society at large. In addition to causing financial losses and identity theft, privacy and data security breaches also erode user confidence in online services, which has an effect on the entire digital ecosystem. Investigation, prosecution, and deterrence of cybercriminal activity are hampered by difficulties in law enforcement and justice, including jurisdictional complications, cybercriminals’ anonymity, and deficiencies in technical expertise.

Endnotes:

  1. State of Tamil Nadu v. Suhas Katti, C No. 4680 of 2004
  2. Shreya Singhal v. Union of India, AIR 2015 SC 1523; Writ Petition (Criminal) No. 167 OF 2012
  3. Sabu Mathew George vs Union Of India And Ors., (2018) 3 SCC 229
  4. Anvar P.V. v. P.K. Basheer, 2014 10 SCC 473
  5. Sharat Babu Digumarti v. Govt. of NCT of Delhi, 2016 SCC OnLine SC 1464

This article is authored by Dibyojit Mukherjee, a student at the Institute of Law, Nirma University.

ARE CAR SEAT MANUFACTURER’S ELIGIBLE FOR DEDUCTION UNDER INCOME TAX ACT?

Posted on

-Report by Akshita Singh

The Supreme Court, in M/S POLYFLEX (INDIA) PVT. LTD. V THE COMMISSIONER OF INCOME TAX & ANR, held and has appropriately set aside the request passed by the ITAT and has indeed restored the proposal passed by the assessing official denying the deduction asserted under Section 80-IB of the IT Act, henceforth declaring the appeal declared to be dismissed.

FACTS OF THE CASE:  

 In its production facility in Pune, the appellant produces “polyurethane foam,” which is ultimately used to make car seats. Deduction was requested under Income Tax Act (also known as the “IT Act”) Section 80-IB in the appellant’s income tax return for the assessment year 2003–2004. Because the appellant is a “manufacturer of polyurethane foam seats,” which is covered by entry 25 of the IT Act’s Eleventh Schedule, the assessing officer denied the appellant’s request for deduction under Section 80-IB of the IT Act. As a result, the appellant was declared ineligible for the deduction. Although different sizes/designs of polyurethane foam are used to make car seats, it is the appellant’s stance that the finished product—an automobile seat—is distinct from the polyurethane foam and does not, therefore, fall under entry 25 to the Eleventh Schedule of the IT Act. The assessing officer rejected the claim, noting that because “polyurethane foam” is made of polyol, isocyanate, and other ingredients, Section 80-IB(2)(iii) of the IT Act prohibits the appellant-company from receiving the benefit of the deduction as it manufactures or produces the items listed in the list in the Eleventh Schedule of the IT Act.

To challenge the assessment order, the appellant filed an appeal with the Commissioner of Income Tax (Appeals) (abbreviated “CIT(A)”). The CIT(A) upheld the assessing officer’s decision. The CIT(A) noted that because the two chemicals, Polyol and Isocyanate, employed in the production of polyurethane foam seat assemblies were the essential components of polyurethane foam, the case would naturally come under the guidelines enumerated in the Eleventh Schedule. The Appellant filed an appeal with the Income Tax Appellate Tribunal (also known as “ITAT”) in opposition to the CIT(A)’s ruling. The ITAT overturned the assessment order as well as the CIT(A) order and granted the appellant’s appeal, noting that polyurethane foam was used as an automobile seat and was neither produced as a final product nor an intermediate product nor a by-product by the appellant, so it does not fall under entry 25 to the Eleventh Schedule of the IT Act. As a result, the appellant was eligible to claim a deduction under Section 80-IB. The High Court specifically noted in the impugned judgment and order that what the appellant manufactures is polyurethane foam in different sizes/designs and that there is no further process undertaken by the appellant to convert it into automobile seats, so polyurethane foam being manufactured by the appellant falls in entry 25 to Eleventh Schedule, therefore, the appellant shall not be entitled to any relief under the ITAT order.

APPELLANT’S CONTENTION: 

When the ITAT allowed the appeal and determined that the appellant was entitled to claim a deduction under Section 80-IB of the IT Act after appreciating all of the evidence on file, taking into account the process used by the appellant, and considering the fact that the end product was an automobile seat, Shri Preetesh Kapur, appearing on behalf of the appellant, has argued that this decision did not require interference from the High Court. He further asserted that entry 25 of the Eleventh Schedule refers to “latex foam sponge and polyurethane foam” and did not refer to “latex foam sponge and polyurethane foam preparations” or items or articles made from the aforementioned foam. There is a specific entry for that, such as entries 2 and 3, where it is specifically mentioned “tobacco and tobacco preparations and cosmetics and toilet preparations,” according to the argument made. Therefore, it was proposed that the appellant shall be entitled to a deduction under Section 80-IB of the IT Act because the polyurethane foam used as an ingredient in the end product, an automotive seat, loses some of its original properties.

RESPONDENT’S CONTENTION:

When speaking on behalf of the revenue, Shri Balbir Singh vehemently asserted that the appellant manufactures and sells polyurethane foam in a diverse range of sizes and designs, which is ultimately used by the assembly operator to manufacture seats of cars and other vehicles as an ingredient after going through the moulding and other manufacturing processes, therefore, the appellant cannot be producing and selling car seats. It was asserted that the polyurethane foam that was being produced and sold was made utilizing the chemicals polyol and isocyanate.

DECISION:

The court held that the final product manufactured by the appellant was automobile seats merely because the appellant uses the chemicals and ultimately what was being manufactured is polyurethane foam and the same is used by assembly workers after the process of moulding as car seats. The appellant itself must carry out a further step in the car seat manufacturing process. Other than providing or selling polyurethane foam in various sizes, forms, and shapes that may ultimately be used as end products by others as car seats or automobile seats, the appellant does not appear to have engaged in any additional processes therefore, according to Section 80-IB(2)(iii), the appellant is not eligible for the benefit under Section 80-IB of the IT Act. 

Mathura Court Drops Charges of Breach of Peace Against Journalist Siddique Kappan and 3 Others 

Posted on

As the police failed to complete an inquiry within 6monThs of the prescribed period against the journalist Siddique Kappan & 3 others, who were accused of breaching the peace after their arrest on Oct 5/20. The Mathura local court decided to stop the proceedings against them.

Kappan who is a Kerala-based Journalist was arrested with his associates when they were on the way to meet the family of a Dalit girl involved in Hathras case who was raped, murdered, and cremated by UP police in secrecy. They are also activists of the Popular Front of India (PFI), which is a Kerala-based Islamic organization, they were charged with threats to peace by UP police and further booked under sedition, violation of UAPA and IT Act. This year, in April, a charge sheet against 8 of them including Kappan was filed in a local court in Mathura, sub-division Magistrate.

Maant, Ram Datt on Tuesday discharged accused Atikurrahman, Aalam, Kappan, and Masood. They have been discharged from charges under Criminal Procedure Code (CrPc) Sections 151 (Arrest to prevent the commission of cognizable offences), 107 (Security for keeping the peace in other cases), and 116 (Inquiry as to the truth of information). They were in jail since October 7/20 under Sections 153A (promoting enmity between groups), 295A (outraging religious feelings), 124A (sedition), 120B (conspiracy) of IPC, 17/18 of UAPA (raising funds for the terrorist act), and under the IT Act.

Kappan’s family and the Kerala Union of Working Journalists (KUWJ) said that the accusations were false and frivolous. This year in April, the family moved to the Supreme Court pleading that he was being mistreated in a hospital in UP where he was admitted due to Covid-19.

-Report by Saksham Srivastava