SlideShare a Scribd company logo

Legal aspects of handling cyber frauds

Download as PPT, PDF
Sagar Rahurkar
Sagar Rahurkar
LawTechnology
1 of 66
Legal aspects of Handling Cyber Frauds IT ACT LEGAL LAW LIABILITY
What is a Cyber Crime? An unlawful act wherein the “Cyberspace” is used either as:- – a tool or – a target or – both
“CYBERSPACE”
Cyber Laws
Recent Rules under IT Act
Aims behind enactment
Jurisdiction
Virtual World Population Explosion : 1 Billion Leading to Changing Face of Crime…… Affecting…. Individuals Governments Organisations
1 Dirty SMS = 3 Years of Jail Case Study 1 WHY r u sending me DIRTY SMS ? ---------------------- Don’t lie UR cell no has flashed on my screen SORRY !!! But I don’t know you. You are lying!!!
Threatening email was sent from this cyber café. Cyber Café has 100 machines & so many customers. HOW do I Investigate. ? 1 Threatening Email = 3 Years of Jail Case Study 2
Accounting Software worth crores is stolen. Interested in buying Accounting Software at a cheap cost ? Call 100-999-9999-22Location :India SALE!! SALE !! SALE!! Accounting Software Location: Finland Case Study 3
Case Study 4 Stake Holders Fake complaint via E-mail Employee upset with management Demand an ImmediateDemand an Immediate Explanation ?????Explanation ?????
Case Study 5 LOSS LOSS LOSS ????? I am losing all my tenders. SERVER CRIME SERVERCRIME SERVER Scenario at the officeScenario at the office
Where is the evidence ? Mobile Tower / Phones Finland OR Indian Server Cloud Internet How to Investigate ? Employees / People How to PROVE the CRIME? How to decipher 010101 ? Can I submit the media in Court ? VEXING Questions
Forensics is the process of using scientific knowledge for collecting, analyzing, and presenting evidence to the courts. (The word forensics means “to bring to the court.” ) Computer Forensics as the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law. Source : http://www.us-cert.gov/reading_room/forensics.pdf Forensics & Computer Forensics
Digital Evidence Digital evidence is information and data of value to an investigation that is stored on, received, or transmitted by an electronic device. This evidence is acquired when data or electronic devices are seized and secured for examination. Computer Forensics process Subjected To Storage Media DIGITAL EVIDENCE Acquires Sample illustrationSample illustration
May be found in: Can be hidden in: Can relate to : Digital Evidence
Office Setup Cyber Cafe Home PC Scene of Acquisition
Computer Forensics process would involve….. Forensic analysis of digital information Identifying network computer intrusion evidence Identifying & examining  malicious files. Employing techniques to  crack file & system passwords. Detecting  steganography Recovering deleted, fragmented & corrupted data Maintaining evidence custody procedures Courtroom Presentation
Steps in Computer Forensics 1.Identification of Digital Evidence 2.Acquisition of Media 3.Forensic Analysis of Media 4.Documentation & Reporting
THE A TEAM  Domain Expert  Computer Forensics expert  Forensics Accounting expert  Software expert  Lawyer
Acquisition of Media Authenticate the confiscated media Hash value of the suspect media Hash value of the cloned image file If acquisition hash equals verification hash, image is authentic. SHA 1/256
DOCUMENTATION….
Documentation & Reporting Broad outline of Computer Forensic Report 1.Introduction to the case 2.Background of the issue 3.Details of forensic analysis carried out 4.Certification
Evidence Forms  A detailed sheet about each evidence item  Item serial number  Item detailed description  Type  Make  Model  Date and time collected  Notes  Any serial numbers, labels
Chain of Custody  The movement and location of physical evidence from the time it is obtained until the time it is presented in court  Logs all evidence moves  HANDED BY  HANDED TO  DATE & TIME  Item serial number  Reason
Creating an Image of Media  Image is a bit-for-bit copy of the original  If a disk has 5000 sectors, then the image created will have an exact copy of all 5000 sectors in the same order  Media (evidence) must be protected from accidental writes / alterations Hard disk (media) Write-blocker Device Imaging workstation
Write blockers & alternatives  Write-blocker is a device that sits in between the computer and the media Blocks all write commands Lets through all read commands  Prevents accidental alteration / deletion / addition or data  Alternatives include using a forensic live boot CD or a drive duplicator
Indian Evidence Act  Sec. 3 (a) – Scope of definition of evidence expanded to include electronic records
 Sec. 65B - Admissibility of electronic records The person owning or in-charge of the computer from which the evidence is taken has to give certificate as to the genuineness of electronic record. INDIAN EVIDENCE ACT
 Sec. 88A - Presumption as to electronic messages  The Court may presume that an electronic message forwarded by the originator through an electronic mail server to the addressee to whom the message purports to be addressed corresponds with the message as fed into his computer for transmission; but the Court shall not make any presumption as to the person by whom such message was sent. INDIAN EVIDENCE ACT
The Information Technology Act  Sec. 79A - Central Government to notify Examiner of Electronic Evidence  The Central Government may, for the purposes of providing expert opinion on electronic evidence before any court or other authority specify, by notification in the Official Gazette, any Department, body or agency of the Central Government or a State Government as an Examiner of Electronic Evidence
CIVIL OFFENCES
Section 43  Unauthorised Access  Remedy – Damages by the way of compensation  Amount – Unlimited  What needs to be proved – Amount of damages suffered
Adjudication
Shri. Thomas Raju Vs ICICI Bank  Case decided by – the Adjudicating officer, Government of Tamilnadu  Petitioner suffered a loss of Rs. 1,62,800/- as a result of the phishing attack  Amount was supposed to have been transferred on the account of another customer of ICICI Bank  Petitioner claimed that he had suffered a loss due to unauthorised access to his account  Petitioner further claimed that he had suffered a loss as bank has failed to establish a due diligence and in providing adequate checks and safeguards to prevent unauthorised access into his account. Bank had also not adhered to the KYC norms given by the RBI.
Section 66  Removal of definition of “hacking”  Section renamed as Computer related offences  All the acts referred under Section 43, are covered u/Sec. 66 if they are done “dishonestly” or “fraudulently”
Section 43(A) – Compensation for failure to protect data If body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person  Liability – Damages by the way of Compensation
HSBC - Nadeem Kashmiri case  Based on complaints from customers - HSBC carried internal investigation - registers case  Involvement of Call centre employee (Nadeem Kashmiri)  He was arrested U/Sec. 66 & 72  HSBC also sued Call centre for the loss
Who is liable?
Issues  What is Sensitive Personal Information?  What are Reasonable Security Practices and Procedures?
SENSITIVE PERSONAL DATA OR INFORMATION Rule 8 - Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.
Reasonable Security Practices
Auditing
COMPLIANCE POLICIES
Collection of Information Rule 5 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
Collection of Information
Privacy and Disclosure of Information policy Rule 4 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
Contents of Privacy policy
Disclosure Rule 6 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
Transfer of information Rule 7 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
Sec 72(A) (Criminal offence) Punishment for Disclosure of information in breach of lawful contract - Knowingly or intentionally disclosing “Personal Information" in breach of lawful contract Imprisonment up to 3 years or fine up to 5 lakh or with both (Cognizable but Bailable)
CRIMINAL OFFENCES
Section 66 A • Sending of offensive or false messages • Covers following sent by sms / email:-  grossly offensive messages  menacing messages  false information sent for causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will..  phishing, email spoofing, Spam mails, Threat mails • Punishment – imprisonment upto 3 years and fine
Section 66 B • Dishonestly receiving stolen computer resource or communication device • Covers use of stolen Computers, mobile phones, SIM Cards, etc • Punishment – imprisonment upto 3 years and fine
Section 66 C • Identity theft • Fraudulently or dishonestly using someone else’s electronic signature, password or any other unique identification feature • Punishment - imprisonment upto 3 years and fine
Section 66 D • Cheating by Personation • Cheating by pretending to be some other person • To create an e-mail account, Social networking a/c on someone else's name • Punishment – imprisonment upto 3 years and fine
Investigation Powers  Section 78 Cyber crime cases can now be investigated by Inspector rank police officers (PI)  Earlier such powers were with the “DYSP/ACP”
Sec. 79 Liability of Intermediary  Intermediary is not liable for any third party information, data, or communication link made available or hosted by him –  if his function is limited to providing access to such link  the intermediary does not—  initiate the transmission,  select the receiver of the transmission, and  select or modify the information contained in the transmission;
Sec. 79 Liability of Intermediary  Observing due diligence – The Information Technology (Intermediaries guidelines) Rules, 2011
Compounding of Offences Section 77 (A) Compounding – “Out of court settlement” Offences -  for which less than three years imprisonment has been provided and  Which are not committed against women or children can be compounded
Issues
Possible Solutions
Legal aspects of handling cyber frauds
Legal aspects of handling cyber frauds

Recommended

Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 

Recommended

Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Digital Forensic
Digital ForensicDigital Forensic
Digital ForensicCleverence Kombe
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Cyber forensics ppt
Cyber forensics pptCyber forensics ppt
Cyber forensics pptRoshiniVijayakumar1
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
First Responder Officer in Cyber Crime
First Responder Officer in Cyber CrimeFirst Responder Officer in Cyber Crime
First Responder Officer in Cyber CrimeApplied Forensic Research Sciences
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsgaurang17
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imagingDINESH KAMBLE
 
Cyber crime - and digital device.pptx
Cyber crime - and digital device.pptxCyber crime - and digital device.pptx
Cyber crime - and digital device.pptxAlAsad4
 
Incident response process
Incident response processIncident response process
Incident response processBhupeshkumar Nanhe
 
Legal aspects of digital forensics
Legal aspects of digital forensics Legal aspects of digital forensics
Legal aspects of digital forensics KakshaPatel3
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsVidoushi B-Somrah
 
computer forensics
computer forensicscomputer forensics
computer forensicsVaibhav Tapse
 

More Related Content

What's hot

Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedurenewbie2019
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsgaurang17
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic pptSuchita Rawat
 
Cyber crime - and digital device.pptx
Cyber crime - and digital device.pptxCyber crime - and digital device.pptx
Cyber crime - and digital device.pptxAlAsad4
 
Legal aspects of digital forensics
Legal aspects of digital forensics Legal aspects of digital forensics
Legal aspects of digital forensics KakshaPatel3
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxBhupeshkumar Nanhe
 

What's hot (20)

Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic Investigations
 
Digital forensic principles and procedure
Digital forensic principles and procedureDigital forensic principles and procedure
Digital forensic principles and procedure
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
 
Cyber forensics ppt
Cyber forensics pptCyber forensics ppt
Cyber forensics ppt
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
First Responder Officer in Cyber Crime
First Responder Officer in Cyber CrimeFirst Responder Officer in Cyber Crime
First Responder Officer in Cyber Crime
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifacts
 
Digital Forensic ppt
Digital Forensic pptDigital Forensic ppt
Digital Forensic ppt
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imaging
 
Cyber crime - and digital device.pptx
Cyber crime - and digital device.pptxCyber crime - and digital device.pptx
Cyber crime - and digital device.pptx
 
Incident response process
Incident response processIncident response process
Incident response process
 
Legal aspects of digital forensics
Legal aspects of digital forensics Legal aspects of digital forensics
Legal aspects of digital forensics
 
L6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptxL6 Digital Forensic Investigation Tools.pptx
L6 Digital Forensic Investigation Tools.pptx
 

Viewers also liked

Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays Worldgueste0d962
 
Cyberwar poster english
Cyberwar poster englishCyberwar poster english
Cyberwar poster englishAbbas Badran
 
Chapter 3 cmp forensic
Chapter 3 cmp forensicChapter 3 cmp forensic
Chapter 3 cmp forensicshahhardik27
 
Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...GarethKnight
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 

Viewers also liked (9)

Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
 
Cyberwar poster english
Cyberwar poster englishCyberwar poster english
Cyberwar poster english
 
Chapter 3 cmp forensic
Chapter 3 cmp forensicChapter 3 cmp forensic
Chapter 3 cmp forensic
 
Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...Watching the Detectives: Using digital forensics techniques to investigate th...
Watching the Detectives: Using digital forensics techniques to investigate th...
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 

Similar to Legal aspects of handling cyber frauds

Neeraj aarora cyber_lawyer_current trends in cyber crime scenario
Neeraj aarora cyber_lawyer_current trends in cyber crime scenarioNeeraj aarora cyber_lawyer_current trends in cyber crime scenario
Neeraj aarora cyber_lawyer_current trends in cyber crime scenarioNeeraj Aarora
 
Current trends in cyber crime scenario
Current trends in cyber crime scenarioCurrent trends in cyber crime scenario
Current trends in cyber crime scenarioNeeraj Aarora
 
Cyber law
Cyber law Cyber law
Cyber law Arshad_A
 
cyber crime in india and law related to cyber crime
cyber crime in india and law related to cyber crimecyber crime in india and law related to cyber crime
cyber crime in india and law related to cyber crimeSumedhaBhatt2
 
CYBERCRIMES AND DUE DILIGENCE
CYBERCRIMES AND DUE DILIGENCECYBERCRIMES AND DUE DILIGENCE
CYBERCRIMES AND DUE DILIGENCEanthony4web
 
Cyber law sections under itc act 2000 &cases
Cyber law sections under itc act 2000 &casesCyber law sections under itc act 2000 &cases
Cyber law sections under itc act 2000 &casesPadmaja Naidu
 
Prashant and team cyber law
Prashant and team cyber lawPrashant and team cyber law
Prashant and team cyber lawPrashant Angadi
 
Prashant and team cyber law
Prashant and team cyber lawPrashant and team cyber law
Prashant and team cyber lawPrashant Angadi
 
Cyber law cases
Cyber law casesCyber law cases
Cyber law casesSnavi
 
CYBER CRIME JUDICIAL PERSPECTIVE (1).ppt
CYBER CRIME JUDICIAL PERSPECTIVE (1).pptCYBER CRIME JUDICIAL PERSPECTIVE (1).ppt
CYBER CRIME JUDICIAL PERSPECTIVE (1).pptAdityaRanjan789094
 

Similar to Legal aspects of handling cyber frauds (20)

Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Neeraj aarora cyber_lawyer_current trends in cyber crime scenario
Neeraj aarora cyber_lawyer_current trends in cyber crime scenarioNeeraj aarora cyber_lawyer_current trends in cyber crime scenario
Neeraj aarora cyber_lawyer_current trends in cyber crime scenario
 
Current trends in cyber crime scenario
Current trends in cyber crime scenarioCurrent trends in cyber crime scenario
Current trends in cyber crime scenario
 
Cuber crime and its investigation
Cuber crime and its investigationCuber crime and its investigation
Cuber crime and its investigation
 
Shilpa
ShilpaShilpa
Shilpa
 
Vipul pdf
Vipul pdfVipul pdf
Vipul pdf
 
Cyber Law
Cyber LawCyber Law
Cyber Law
 
Cyber law
Cyber law Cyber law
Cyber law
 
Cyber law01
Cyber law01Cyber law01
Cyber law01
 
cyber crime in india and law related to cyber crime
cyber crime in india and law related to cyber crimecyber crime in india and law related to cyber crime
cyber crime in india and law related to cyber crime
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
CYBERCRIMES AND DUE DILIGENCE
CYBERCRIMES AND DUE DILIGENCECYBERCRIMES AND DUE DILIGENCE
CYBERCRIMES AND DUE DILIGENCE
 
Cyber law
Cyber lawCyber law
Cyber law
 
Cyber law sections under itc act 2000 &cases
Cyber law sections under itc act 2000 &casesCyber law sections under itc act 2000 &cases
Cyber law sections under itc act 2000 &cases
 
Prashant and team cyber law
Prashant and team cyber lawPrashant and team cyber law
Prashant and team cyber law
 
Prashant and team cyber law
Prashant and team cyber lawPrashant and team cyber law
Prashant and team cyber law
 
Cyber law cases
Cyber law casesCyber law cases
Cyber law cases
 
IT Act 2000
IT Act 2000IT Act 2000
IT Act 2000
 
CYBER CRIME JUDICIAL PERSPECTIVE (1).ppt
CYBER CRIME JUDICIAL PERSPECTIVE (1).pptCYBER CRIME JUDICIAL PERSPECTIVE (1).ppt
CYBER CRIME JUDICIAL PERSPECTIVE (1).ppt
 

Recently uploaded

一比一原版(OhioStateU毕业证书)美国俄亥俄州立大学毕业证如何办理
一比一原版(OhioStateU毕业证书)美国俄亥俄州立大学毕业证如何办理一比一原版(OhioStateU毕业证书)美国俄亥俄州立大学毕业证如何办理
一比一原版(OhioStateU毕业证书)美国俄亥俄州立大学毕业证如何办理e9733fc35af6
 
一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理Airst S
 
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理Airst S
 
Code_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptCode_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptJosephCanama
 
The Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in SpainThe Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in SpainBridgeWest.eu
 
一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理Airst S
 
Understanding the Role of Labor Unions and Collective Bargaining
Understanding the Role of Labor Unions and Collective BargainingUnderstanding the Role of Labor Unions and Collective Bargaining
Understanding the Role of Labor Unions and Collective Bargainingbartzlawgroup1
 
Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Nilendra Kumar
 
Police Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. SteeringPolice Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. SteeringSteering Law
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYJulian Scutts
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdfSUSHMITAPOTHAL
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in LawNilendra Kumar
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsAurora Consulting
 
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.tanughoshal0
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理Airst S
 
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理Airst S
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxelysemiller87
 
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理bd2c5966a56d
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentationKhushdeep Kaur
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...SUHANI PANDEY
 

Recently uploaded (20)

一比一原版(OhioStateU毕业证书)美国俄亥俄州立大学毕业证如何办理
一比一原版(OhioStateU毕业证书)美国俄亥俄州立大学毕业证如何办理一比一原版(OhioStateU毕业证书)美国俄亥俄州立大学毕业证如何办理
一比一原版(OhioStateU毕业证书)美国俄亥俄州立大学毕业证如何办理
 
一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理
 
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
 
Code_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptCode_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.ppt
 
The Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in SpainThe Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in Spain
 
一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理
 
Understanding the Role of Labor Unions and Collective Bargaining
Understanding the Role of Labor Unions and Collective BargainingUnderstanding the Role of Labor Unions and Collective Bargaining
Understanding the Role of Labor Unions and Collective Bargaining
 
Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.
 
Police Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. SteeringPolice Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. Steering
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in Law
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction Fails
 
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
 
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
 
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
 

Legal aspects of handling cyber frauds

  • 1. Legal aspects of Handling Cyber Frauds IT ACT LEGAL LAW LIABILITY
  • 2. What is a Cyber Crime? An unlawful act wherein the “Cyberspace” is used either as:- – a tool or – a target or – both
  • 8. Virtual World Population Explosion : 1 Billion Leading to Changing Face of Crime…… Affecting…. Individuals Governments Organisations
  • 9. 1 Dirty SMS = 3 Years of Jail Case Study 1 WHY r u sending me DIRTY SMS ? ---------------------- Don’t lie UR cell no has flashed on my screen SORRY !!! But I don’t know you. You are lying!!!
  • 10. Threatening email was sent from this cyber café. Cyber Café has 100 machines & so many customers. HOW do I Investigate. ? 1 Threatening Email = 3 Years of Jail Case Study 2
  • 11. Accounting Software worth crores is stolen. Interested in buying Accounting Software at a cheap cost ? Call 100-999-9999-22Location :India SALE!! SALE !! SALE!! Accounting Software Location: Finland Case Study 3
  • 12. Case Study 4 Stake Holders Fake complaint via E-mail Employee upset with management Demand an ImmediateDemand an Immediate Explanation ?????Explanation ?????
  • 13. Case Study 5 LOSS LOSS LOSS ????? I am losing all my tenders. SERVER CRIME SERVERCRIME SERVER Scenario at the officeScenario at the office
  • 14. Where is the evidence ? Mobile Tower / Phones Finland OR Indian Server Cloud Internet How to Investigate ? Employees / People How to PROVE the CRIME? How to decipher 010101 ? Can I submit the media in Court ? VEXING Questions
  • 15. Forensics is the process of using scientific knowledge for collecting, analyzing, and presenting evidence to the courts. (The word forensics means “to bring to the court.” ) Computer Forensics as the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law. Source : http://www.us-cert.gov/reading_room/forensics.pdf Forensics & Computer Forensics
  • 16. Digital Evidence Digital evidence is information and data of value to an investigation that is stored on, received, or transmitted by an electronic device. This evidence is acquired when data or electronic devices are seized and secured for examination. Computer Forensics process Subjected To Storage Media DIGITAL EVIDENCE Acquires Sample illustrationSample illustration
  • 17. May be found in: Can be hidden in: Can relate to : Digital Evidence
  • 18. Office Setup Cyber Cafe Home PC Scene of Acquisition
  • 19. Computer Forensics process would involve….. Forensic analysis of digital information Identifying network computer intrusion evidence Identifying & examining  malicious files. Employing techniques to  crack file & system passwords. Detecting  steganography Recovering deleted, fragmented & corrupted data Maintaining evidence custody procedures Courtroom Presentation
  • 20. Steps in Computer Forensics 1.Identification of Digital Evidence 2.Acquisition of Media 3.Forensic Analysis of Media 4.Documentation & Reporting
  • 21. THE A TEAM  Domain Expert  Computer Forensics expert  Forensics Accounting expert  Software expert  Lawyer
  • 22. Acquisition of Media Authenticate the confiscated media Hash value of the suspect media Hash value of the cloned image file If acquisition hash equals verification hash, image is authentic. SHA 1/256
  • 24. Documentation & Reporting Broad outline of Computer Forensic Report 1.Introduction to the case 2.Background of the issue 3.Details of forensic analysis carried out 4.Certification
  • 25. Evidence Forms  A detailed sheet about each evidence item  Item serial number  Item detailed description  Type  Make  Model  Date and time collected  Notes  Any serial numbers, labels
  • 26. Chain of Custody  The movement and location of physical evidence from the time it is obtained until the time it is presented in court  Logs all evidence moves  HANDED BY  HANDED TO  DATE & TIME  Item serial number  Reason
  • 27. Creating an Image of Media  Image is a bit-for-bit copy of the original  If a disk has 5000 sectors, then the image created will have an exact copy of all 5000 sectors in the same order  Media (evidence) must be protected from accidental writes / alterations Hard disk (media) Write-blocker Device Imaging workstation
  • 28. Write blockers & alternatives  Write-blocker is a device that sits in between the computer and the media Blocks all write commands Lets through all read commands  Prevents accidental alteration / deletion / addition or data  Alternatives include using a forensic live boot CD or a drive duplicator
  • 29. Indian Evidence Act  Sec. 3 (a) – Scope of definition of evidence expanded to include electronic records
  • 30.  Sec. 65B - Admissibility of electronic records The person owning or in-charge of the computer from which the evidence is taken has to give certificate as to the genuineness of electronic record. INDIAN EVIDENCE ACT
  • 31.  Sec. 88A - Presumption as to electronic messages  The Court may presume that an electronic message forwarded by the originator through an electronic mail server to the addressee to whom the message purports to be addressed corresponds with the message as fed into his computer for transmission; but the Court shall not make any presumption as to the person by whom such message was sent. INDIAN EVIDENCE ACT
  • 32. The Information Technology Act  Sec. 79A - Central Government to notify Examiner of Electronic Evidence  The Central Government may, for the purposes of providing expert opinion on electronic evidence before any court or other authority specify, by notification in the Official Gazette, any Department, body or agency of the Central Government or a State Government as an Examiner of Electronic Evidence
  • 34. Section 43  Unauthorised Access  Remedy – Damages by the way of compensation  Amount – Unlimited  What needs to be proved – Amount of damages suffered
  • 36.
  • 37. Shri. Thomas Raju Vs ICICI Bank  Case decided by – the Adjudicating officer, Government of Tamilnadu  Petitioner suffered a loss of Rs. 1,62,800/- as a result of the phishing attack  Amount was supposed to have been transferred on the account of another customer of ICICI Bank  Petitioner claimed that he had suffered a loss due to unauthorised access to his account  Petitioner further claimed that he had suffered a loss as bank has failed to establish a due diligence and in providing adequate checks and safeguards to prevent unauthorised access into his account. Bank had also not adhered to the KYC norms given by the RBI.
  • 38. Section 66  Removal of definition of “hacking”  Section renamed as Computer related offences  All the acts referred under Section 43, are covered u/Sec. 66 if they are done “dishonestly” or “fraudulently”
  • 39. Section 43(A) – Compensation for failure to protect data If body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person  Liability – Damages by the way of Compensation
  • 40. HSBC - Nadeem Kashmiri case  Based on complaints from customers - HSBC carried internal investigation - registers case  Involvement of Call centre employee (Nadeem Kashmiri)  He was arrested U/Sec. 66 & 72  HSBC also sued Call centre for the loss
  • 42. Issues  What is Sensitive Personal Information?  What are Reasonable Security Practices and Procedures?
  • 43. SENSITIVE PERSONAL DATA OR INFORMATION Rule 8 - Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.
  • 47. Collection of Information Rule 5 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
  • 49. Privacy and Disclosure of Information policy Rule 4 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
  • 51. Disclosure Rule 6 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
  • 52. Transfer of information Rule 7 - IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
  • 53. Sec 72(A) (Criminal offence) Punishment for Disclosure of information in breach of lawful contract - Knowingly or intentionally disclosing “Personal Information" in breach of lawful contract Imprisonment up to 3 years or fine up to 5 lakh or with both (Cognizable but Bailable)
  • 55. Section 66 A • Sending of offensive or false messages • Covers following sent by sms / email:-  grossly offensive messages  menacing messages  false information sent for causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will..  phishing, email spoofing, Spam mails, Threat mails • Punishment – imprisonment upto 3 years and fine
  • 56. Section 66 B • Dishonestly receiving stolen computer resource or communication device • Covers use of stolen Computers, mobile phones, SIM Cards, etc • Punishment – imprisonment upto 3 years and fine
  • 57. Section 66 C • Identity theft • Fraudulently or dishonestly using someone else’s electronic signature, password or any other unique identification feature • Punishment - imprisonment upto 3 years and fine
  • 58. Section 66 D • Cheating by Personation • Cheating by pretending to be some other person • To create an e-mail account, Social networking a/c on someone else's name • Punishment – imprisonment upto 3 years and fine
  • 59. Investigation Powers  Section 78 Cyber crime cases can now be investigated by Inspector rank police officers (PI)  Earlier such powers were with the “DYSP/ACP”
  • 60. Sec. 79 Liability of Intermediary  Intermediary is not liable for any third party information, data, or communication link made available or hosted by him –  if his function is limited to providing access to such link  the intermediary does not—  initiate the transmission,  select the receiver of the transmission, and  select or modify the information contained in the transmission;
  • 61. Sec. 79 Liability of Intermediary  Observing due diligence – The Information Technology (Intermediaries guidelines) Rules, 2011
  • 62. Compounding of Offences Section 77 (A) Compounding – “Out of court settlement” Offences -  for which less than three years imprisonment has been provided and  Which are not committed against women or children can be compounded

Editor's Notes

  1. Acquisition method: Acquired image name: Software with version number used for acquisition: The Chain of Custody file also has a running log that tracks evidence movement. Every time evidence is handed from one person to another an entry must be created here.
  2. Electronic records – Sec. 2(1)(t) - "electronic record" means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche.
  3. Rule 3. Sensitive personal data or information.— Sensitive personal data or information of a person means such personal information which consists of information relating to;― (i) password; (ii) financial information such as Bank account or credit card or debit card or other payment instrument details ; (iii) physical, physiological and mental health condition; (iv) sexual orientation; (v) medical records and history; (vi) Biometric information; (vii) any detail relating to the above clauses as provided to body corporate for providing service; and (viii) any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules.