Legal aspects of Handling Cyber
Frauds
IT ACT
LEGAL
LAW
LIABILITY
What is a Cyber Crime?
An unlawful act wherein the “Cyberspace” is used either as:-
– a tool or
– a target or
– both
“CYBERSPACE”
Cyber Laws
Recent Rules under IT Act
Aims behind enactment
Jurisdiction
Virtual World Population
Explosion : 1 Billion
Leading to Changing Face of Crime……
Affecting….
Individuals Governments Org...
1 Dirty SMS = 3 Years of Jail
Case Study 1
WHY r u sending me
DIRTY SMS ?
----------------------
Don’t lie UR cell no
has ...
Threatening email was
sent from this cyber café.
Cyber Café has 100 machines & so many
customers.
HOW do I Investigate. ?
...
Accounting Software worth
crores is stolen.
Interested in buying Accounting
Software at a cheap cost ?
Call 100-999-9999-2...
Case Study
4
Stake Holders
Fake complaint via E-mail
Employee upset with
management
Demand an ImmediateDemand an Immediate...
Case Study 5
LOSS LOSS LOSS ?????
I am losing all my tenders.
SERVER
CRIME SERVERCRIME SERVER
Scenario at the officeScenar...
Where is the
evidence ?
Mobile Tower / Phones
Finland OR Indian Server
Cloud
Internet
How to Investigate ?
Employees / Peo...
Forensics is the process of using scientific
knowledge for collecting, analyzing, and
presenting evidence to the courts. (...
Digital Evidence
Digital evidence is information and data of
value to an investigation that is stored on,
received, or tra...
May be found in:
Can be hidden in:
Can relate to :
Digital Evidence
Office Setup
Cyber Cafe
Home PC
Scene of Acquisition
Computer Forensics process would involve…..
Forensic analysis of
digital information
Identifying network computer
intrusio...
Steps in Computer Forensics
1.Identification of Digital Evidence
2.Acquisition of Media
3.Forensic Analysis of Media
4.Doc...
THE A TEAM
 Domain Expert
 Computer Forensics expert
 Forensics Accounting expert
 Software expert
 Lawyer
Acquisition of Media
Authenticate the confiscated media
Hash value of the
suspect media
Hash value of the
cloned image fil...
DOCUMENTATION….
Documentation & Reporting
Broad outline of Computer Forensic Report
1.Introduction to the case
2.Background of the issue
3...
Evidence Forms
 A detailed sheet about each evidence item
 Item serial number
 Item detailed description
 Type
 Make
...
Chain of Custody
 The movement and location of physical evidence from the
time it is obtained until the time it is presen...
Creating an Image of Media
 Image is a bit-for-bit copy of the original
 If a disk has 5000 sectors, then the image crea...
Write blockers & alternatives
 Write-blocker is a device that sits in between the
computer and the media
Blocks all writ...
Indian Evidence Act
 Sec. 3 (a) – Scope of definition of evidence
expanded to include electronic records
 Sec. 65B - Admissibility of electronic records
The person owning or in-charge of the computer
from which the evidence is...
 Sec. 88A - Presumption as to electronic messages
 The Court may presume that an electronic message
forwarded by the ori...
The Information Technology Act
 Sec. 79A - Central Government to notify
Examiner of Electronic Evidence
 The Central Gov...
CIVIL OFFENCES
Section 43
 Unauthorised Access
 Remedy – Damages by the way of compensation
 Amount – Unlimited
 What needs to be pro...
Adjudication
Shri. Thomas Raju Vs
ICICI Bank
 Case decided by – the Adjudicating officer, Government of Tamilnadu
 Petitioner suffere...
Section 66
 Removal of definition of “hacking”
 Section renamed as Computer related offences
 All the acts referred und...
Section 43(A) – Compensation for failure to
protect data
If body corporate, possessing, dealing or handling any
sensitive ...
HSBC - Nadeem Kashmiri case
 Based on complaints from customers - HSBC carried
internal investigation - registers case
 ...
Who is liable?
Issues
 What is Sensitive Personal Information?
 What are Reasonable Security Practices and
Procedures?
SENSITIVE
PERSONAL
DATA OR
INFORMATION
Rule 8 - Information Technology (Reasonable security practices
and procedures and s...
Reasonable Security Practices
Auditing
COMPLIANCE POLICIES
Collection of Information
Rule 5 - IT (Reasonable security practices and procedures and
sensitive personal data or informa...
Collection of Information
Privacy and Disclosure of Information
policy
Rule 4 - IT (Reasonable security practices and procedures and sensitive
perso...
Contents of Privacy policy
Disclosure
Rule 6 - IT (Reasonable security practices and procedures and sensitive
personal data or information) Rules, 20...
Transfer of information
Rule 7 - IT (Reasonable security practices and procedures and sensitive
personal data or informati...
Sec 72(A) (Criminal offence)
Punishment for Disclosure of information in breach of
lawful contract -
Knowingly or intent...
CRIMINAL OFFENCES
Section 66 A
• Sending of offensive or false messages
• Covers following sent by sms / email:-
 grossly offensive message...
Section 66 B
• Dishonestly receiving stolen computer
resource or communication device
• Covers use of stolen Computers,
mo...
Section 66 C
• Identity theft
• Fraudulently or dishonestly using someone
else’s electronic signature, password or any
oth...
Section 66 D
• Cheating by Personation
• Cheating by pretending to be some other person
• To create an e-mail account, Soc...
Investigation Powers
 Section 78
Cyber crime cases can now be investigated by
Inspector rank police officers (PI)
 Earli...
Sec. 79
Liability of Intermediary
 Intermediary is not liable for any third party information, data, or
communication lin...
Sec. 79
Liability of Intermediary
 Observing due diligence –
The Information Technology (Intermediaries guidelines)
Rules...
Compounding of Offences
Section 77 (A)
Compounding – “Out of court settlement”
Offences -
 for which less than three year...
Issues
Possible Solutions
Legal aspects of handling cyber frauds
Legal aspects of handling cyber frauds
Legal aspects of handling cyber frauds
Upcoming SlideShare
Loading in...5
×

Legal aspects of handling cyber frauds

580

Published on

Published in: Law, Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
580
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
96
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide
  • Acquisition method:
    Acquired image name:
    Software with version number used for acquisition:
    The Chain of Custody file also has a running log that tracks evidence movement. Every time evidence is handed from one person to another an entry must be created here.
  • Electronic records – Sec. 2(1)(t) - "electronic record" means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche.
  • Rule 3. Sensitive personal data or information.— Sensitive personal data or information
    of a person means such personal information which consists of information relating
    to;―
    (i) password;
    (ii) financial information such as Bank account or credit card or debit card or
    other payment instrument details ;
    (iii) physical, physiological and mental health condition;
    (iv) sexual orientation;
    (v) medical records and history;
    (vi) Biometric information;
    (vii) any detail relating to the above clauses as provided to body corporate for
    providing service; and
    (viii) any of the information received under above clauses by body corporate
    for processing, stored or processed under lawful contract or otherwise:
    provided that, any information that is freely available or accessible in public
    domain or furnished under the Right to Information Act, 2005 or any other law for the
    time being in force shall not be regarded as sensitive personal data or information for
    the purposes of these rules.
  • Transcript of "Legal aspects of handling cyber frauds"

    1. 1. Legal aspects of Handling Cyber Frauds IT ACT LEGAL LAW LIABILITY
    2. 2. What is a Cyber Crime? An unlawful act wherein the “Cyberspace” is used either as:- – a tool or – a target or – both
    3. 3. “CYBERSPACE”
    4. 4. Cyber Laws
    5. 5. Recent Rules under IT Act
    6. 6. Aims behind enactment
    7. 7. Jurisdiction
    8. 8. Virtual World Population Explosion : 1 Billion Leading to Changing Face of Crime…… Affecting…. Individuals Governments Organisations
    9. 9. 1 Dirty SMS = 3 Years of Jail Case Study 1 WHY r u sending me DIRTY SMS ? ---------------------- Don’t lie UR cell no has flashed on my screen SORRY !!! But I don’t know you. You are lying!!!
    10. 10. Threatening email was sent from this cyber café. Cyber Café has 100 machines & so many customers. HOW do I Investigate. ? 1 Threatening Email = 3 Years of Jail Case Study 2
    11. 11. Accounting Software worth crores is stolen. Interested in buying Accounting Software at a cheap cost ? Call 100-999-9999-22Location :India SALE!! SALE !! SALE!! Accounting Software Location: Finland Case Study 3
    12. 12. Case Study 4 Stake Holders Fake complaint via E-mail Employee upset with management Demand an ImmediateDemand an Immediate Explanation ?????Explanation ?????
    13. 13. Case Study 5 LOSS LOSS LOSS ????? I am losing all my tenders. SERVER CRIME SERVERCRIME SERVER Scenario at the officeScenario at the office
    14. 14. Where is the evidence ? Mobile Tower / Phones Finland OR Indian Server Cloud Internet How to Investigate ? Employees / People How to PROVE the CRIME? How to decipher 010101 ? Can I submit the media in Court ? VEXING Questions
    15. 15. Forensics is the process of using scientific knowledge for collecting, analyzing, and presenting evidence to the courts. (The word forensics means “to bring to the court.” ) Computer Forensics as the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law. Source : http://www.us-cert.gov/reading_room/forensics.pdf Forensics & Computer Forensics
    16. 16. Digital Evidence Digital evidence is information and data of value to an investigation that is stored on, received, or transmitted by an electronic device. This evidence is acquired when data or electronic devices are seized and secured for examination. Computer Forensics process Subjected To Storage Media DIGITAL EVIDENCE Acquires Sample illustrationSample illustration
    17. 17. May be found in: Can be hidden in: Can relate to : Digital Evidence
    18. 18. Office Setup Cyber Cafe Home PC Scene of Acquisition
    19. 19. Computer Forensics process would involve….. Forensic analysis of digital information Identifying network computer intrusion evidence Identifying & examining  malicious files. Employing techniques to  crack file & system passwords. Detecting  steganography Recovering deleted, fragmented & corrupted data Maintaining evidence custody procedures Courtroom Presentation
    20. 20. Steps in Computer Forensics 1.Identification of Digital Evidence 2.Acquisition of Media 3.Forensic Analysis of Media 4.Documentation & Reporting
    21. 21. THE A TEAM  Domain Expert  Computer Forensics expert  Forensics Accounting expert  Software expert  Lawyer
    22. 22. Acquisition of Media Authenticate the confiscated media Hash value of the suspect media Hash value of the cloned image file If acquisition hash equals verification hash, image is authentic. SHA 1/256
    23. 23. DOCUMENTATION….
    24. 24. Documentation & Reporting Broad outline of Computer Forensic Report 1.Introduction to the case 2.Background of the issue 3.Details of forensic analysis carried out 4.Certification
    25. 25. Evidence Forms  A detailed sheet about each evidence item  Item serial number  Item detailed description  Type  Make  Model  Date and time collected  Notes  Any serial numbers, labels
    26. 26. Chain of Custody  The movement and location of physical evidence from the time it is obtained until the time it is presented in court  Logs all evidence moves  HANDED BY  HANDED TO  DATE & TIME  Item serial number  Reason
    27. 27. Creating an Image of Media  Image is a bit-for-bit copy of the original  If a disk has 5000 sectors, then the image created will have an exact copy of all 5000 sectors in the same order  Media (evidence) must be protected from accidental writes / alterations Hard disk (media) Write-blocker Device Imaging workstation
    28. 28. Write blockers & alternatives  Write-blocker is a device that sits in between the computer and the media Blocks all write commands Lets through all read commands  Prevents accidental alteration / deletion / addition or data  Alternatives include using a forensic live boot CD or a drive duplicator
    29. 29. Indian Evidence Act  Sec. 3 (a) – Scope of definition of evidence expanded to include electronic records
    30. 30.  Sec. 65B - Admissibility of electronic records The person owning or in-charge of the computer from which the evidence is taken has to give certificate as to the genuineness of electronic record. INDIAN EVIDENCE ACT
    31. 31.  Sec. 88A - Presumption as to electronic messages  The Court may presume that an electronic message forwarded by the originator through an electronic mail server to the addressee to whom the message purports to be addressed corresponds with the message as fed into his computer for transmission; but the Court shall not make any presumption as to the person by whom such message was sent. INDIAN EVIDENCE ACT
    32. 32. The Information Technology Act  Sec. 79A - Central Government to notify Examiner of Electronic Evidence  The Central Government may, for the purposes of providing expert opinion on electronic evidence before any court or other authority specify, by notification in the Official Gazette, any Department, body or agency of the Central Government or a State Government as an Examiner of Electronic Evidence
    33. 33. CIVIL OFFENCES
    34. 34. Section 43  Unauthorised Access  Remedy – Damages by the way of compensation  Amount – Unlimited  What needs to be proved – Amount of damages suffered
    35. 35. Adjudication
    36. 36. Shri. Thomas Raju Vs ICICI Bank  Case decided by – the Adjudicating officer, Government of Tamilnadu  Petitioner suffered a loss of Rs. 1,62,800/- as a result of the phishing attack  Amount was supposed to have been transferred on the account of another customer of ICICI Bank  Petitioner claimed that he had suffered a loss due to unauthorised access to his account  Petitioner further claimed that he had suffered a loss as bank has failed to establish a due diligence and in providing adequate checks and safeguards to prevent unauthorised access into his account. Bank had also not adhered to the KYC norms given by the RBI.
    37. 37. Section 66  Removal of definition of “hacking”  Section renamed as Computer related offences  All the acts referred under Section 43, are covered u/Sec. 66 if they are done “dishonestly” or “fraudulently”
    38. 38. Section 43(A) – Compensation for failure to protect data If body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person  Liability – Damages by the way of Compensation
    39. 39. HSBC - Nadeem Kashmiri case  Based on complaints from customers - HSBC carried internal investigation - registers case  Involvement of Call centre employee (Nadeem Kashmiri)  He was arrested U/Sec. 66 & 72  HSBC also sued Call centre for the loss
    40. 40. Who is liable?
    41. 41. Issues  What is Sensitive Personal Information?  What are Reasonable Security Practices and Procedures?
    42. 42. SENSITIVE PERSONAL DATA OR INFORMATION Rule 8 - Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.
    43. 43. Reasonable Security Practices
    44. 44. Auditing
    45. 45. COMPLIANCE POLICIES
    46. 46. Collection of Information Rule 5 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
    47. 47. Collection of Information
    48. 48. Privacy and Disclosure of Information policy Rule 4 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
    49. 49. Contents of Privacy policy
    50. 50. Disclosure Rule 6 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
    51. 51. Transfer of information Rule 7 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
    52. 52. Sec 72(A) (Criminal offence) Punishment for Disclosure of information in breach of lawful contract - Knowingly or intentionally disclosing “Personal Information" in breach of lawful contract Imprisonment up to 3 years or fine up to 5 lakh or with both (Cognizable but Bailable)
    53. 53. CRIMINAL OFFENCES
    54. 54. Section 66 A • Sending of offensive or false messages • Covers following sent by sms / email:-  grossly offensive messages  menacing messages  false information sent for causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will..  phishing, email spoofing, Spam mails, Threat mails • Punishment – imprisonment upto 3 years and fine
    55. 55. Section 66 B • Dishonestly receiving stolen computer resource or communication device • Covers use of stolen Computers, mobile phones, SIM Cards, etc • Punishment – imprisonment upto 3 years and fine
    56. 56. Section 66 C • Identity theft • Fraudulently or dishonestly using someone else’s electronic signature, password or any other unique identification feature • Punishment - imprisonment upto 3 years and fine
    57. 57. Section 66 D • Cheating by Personation • Cheating by pretending to be some other person • To create an e-mail account, Social networking a/c on someone else's name • Punishment – imprisonment upto 3 years and fine
    58. 58. Investigation Powers  Section 78 Cyber crime cases can now be investigated by Inspector rank police officers (PI)  Earlier such powers were with the “DYSP/ACP”
    59. 59. Sec. 79 Liability of Intermediary  Intermediary is not liable for any third party information, data, or communication link made available or hosted by him –  if his function is limited to providing access to such link  the intermediary does not—  initiate the transmission,  select the receiver of the transmission, and  select or modify the information contained in the transmission;
    60. 60. Sec. 79 Liability of Intermediary  Observing due diligence – The Information Technology (Intermediaries guidelines) Rules, 2011
    61. 61. Compounding of Offences Section 77 (A) Compounding – “Out of court settlement” Offences -  for which less than three years imprisonment has been provided and  Which are not committed against women or children can be compounded
    62. 62. Issues
    63. 63. Possible Solutions
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×