Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
irfhan k cyber law assignment
1. Section 70. Protected System:
(1) The appropriate Government may, by notification in the Official Gazette,
declare that any computer, computer system or computer network to be a
protected system.
(2) The appropriate Government may, by order in writing, authorize the persons
who are authorized to access protected systems notified under sub-section (1).
(3) Any person who secures access or attempts to secure access to a protected
system in contravention of the provision of this section shall be punished with
imprisonment of either description for a term which may extend to ten years and
shall also be liable to fine.
Explanation: This section grants the power to the appropriate government to
declare any computer, computer system or computer network, to be a protected
system. Only authorized person has the right to access to protected system.
Penalties: Punishment: the imprisonment which may extend to ten years and
fine.
Firos vs. State of Kerala., AIR2006 Ker 279, 2006.
Facts of the case :
The Government of Kerala issued a notification u/s 70 of the Information
Technology Act declaring the FRIENDS application software as a protected system.
The author of the application software filed a petition in the High Court against the
said notification. He also challenged the constitutional validity of section 70 of the
IT Act.
The Court upheld the validity of both, section 70 of the IT Act, as well as the
notification issued by the Kerala Government.
Conclusions of the court given on 24.05.2006
1.There is no conflict between the provisions of Copyright Act and Section 70 of IT
Act.
2. 2. Section 70 of the IT Act is not unconstitutional.
3.While interpreting section 70 of the IT Act, a harmonious construction with
Copyright Act is needed.
4.Section 70 of the IT Act is not against but subject to the provisions of the
Copyright Act.
5. Government cannot unilaterally declare any system as "protected" other than
"Government work" falling under section 2(k) of the Copyright Act on which Govt.'s
copyright is recognized under Section 17(d) of the said Act.
Section 71. Penalty for misrepresentation:
(1) Whoever makes any misrepresentation to, or suppresses any material fact
from, the Controller or the Certifying Authority for obtaining any license or Digital
Signature Certificate
as the case may be, shall be punished with imprisonment for a term which may
extend to two years, or which fine which may extend to one lakh rupees, or with
both.
Penalties: Punishment: imprisonment which may extend to two years
Fine: may extend to one lakh rupees or with both.
Facts:
A Dubai based NRI was lured by anonymous women on internet who after
winning his
confidence and love started blackmailing him under the guise that the first
women with
whom the NRI got befriended had committed suicide and police is investigating
the case
3. and seeking NRI’s details. The accused also sent fake copies of the letters from
CBI, High
Court of Calcutta, New York police and Punjab University etc. The NRI by that time
had
paid about Rs. 1.25 crore to the accused.
Investigation: By Mumbai Police
Thankfully, the NRI has saved all the emails which he has so far received from the
strangers he has been communicating with. The I.P. Address embedded in all e-mails
received by complainant reveals the origin of the emails. The man assuming these
various
identities is a single person.
Actions:
Charges framed u/s 292, 389, 420, 465, 467, 468, 469, 471, 474 IPC read with
Section 67
of IT Act.
Facts:
Two BPO employees gained illegal access to their company’s computer
system
by hacking with the passwords. They conspired with son of a credit card holder
and illegally increased the credit limit of the card and changed the communication
address so that credit card statement never reaches the original card holder. The
credit card company was cheated about Rs. 7.2 laks.
4. Investigations: By Chennai police
The computer system of the BPO company were examined along with the
computer logs showing the access to the computer systems by the accused. The
presence of accused was also verified with the attendance register.
Actions:
Charges framed u/s 120(B), 420, 467, 468, 471 IPC and Section 66 of IT Act.
Phishing
Facts:
The defendants were operating a placement agency involved in `head-hunting'
and recruitment. In order to obtain personal data which they could use for
head-hunting, the defendants composed and sent emails to third parties in
NASSCOM's name.
Actions:
Injunction (Anton Piller Order) and Rs. 16 lakhs damages – Nothing in IT Act
Case Law:
National Association of Software and Service Companies vs. Ajay Sood &
Others, Decided by Delhi High Court in 2005
Obscenity – Hosting obscene profiles
¾ Facts:
¾ Some unknown person had created an email ID using the name of a lady and
5. had used this email ID to post messages on five Web pages describing her as a
call girl along with her contact numbers.
¾ Investigation: By Chennai police
¾ The IP address and log details were obtained from ISP which were traced to two
cyber cafes in Mumbai. Complainant revealed that she had refused a former
college mate who had proposed to marry her. Police arrested this person and
examined his SIM card which contained complainant’s number and cyber café
owner also identified this man.
¾ Actions:
¾ Charge Sheet was filed U/S 67 of IT Act 2000, 469 and 509 IPC – Accused is
sentenced for the offence to undergo RI for 2 years {State of Tamil Nadu Vs
Suhas Katti, CMM, Egmore, Chennai in 2004}.
Cyber Defamation
¾ Facts:
¾ A company’s employee started sending derogatory, defamatory and obscene
emails about company’s Managing Director. The emails were anonymous and
frequent and were sent to many company’s business associates to tarnish the
image and goodwill of the company.
¾ Investigation:
¾ The accused was identified by the company by the private computer expert.
6. ¾ Actions:
¾ Delhi High Court granted an injunction and restrained the employee from
sending, publishing and transmitting emails which are defamatory or
derogatory to the plaintiffs {SMC Pneumatics (India) Private Limited v.
Jogesh Kwatra}.Credit Card Frauds – A
Credit Card Frauds – Air Tickets
¾ Facts:
¾ More than 15000 credit cards were fraudulently used to book Air ticket through
the Internet.
¾ Total about Rs. 17 crore.
¾ The fraud had come to light after the of credit card holders approached the
Card Issuing Bank saying they had never booked a ticket. The airline had
charged the amount to the bank, which in turn, had passed on the tab to its
customers.
¾ Investigation:
¾ The gang had booked tickets online using credit card numbers obtained from
restaurants, hotels, shopping malls and other retail outlets. The tickets were
booked from cyber cafes in Mumbai, Delhi, Chennai, Kolkata and Bangalore.
¾ Actions:
¾ Charges framed under IPC.
7. Data Theft
¾ Facts:
¾ 24-year-old Nadeem Hamid Kashmiri employee of HSBC BPO allegedly
accessed personal information, security information and debit card information
of some customers and these details were passed on to the fraudsters who
diverted £233,000 (approx Rs. 2 crores) from the clients' accounts,.
¾ Actions:
¾ A case has been registered under Sections 66 and 72 of the IT Act and 408,
468 and 420 of the Indian Penal Code.
Tampering with computer source code (also a Copyright
Infringement)
Syed Asifuddin
& Ors. v State of Andhra Pradesh & another - 2005 CrLJ 4314
(AP)
¾ A big mobile services company launched a famous scheme wherein this
company
was giving an expensive hand-set at a very low cost but with a lock-in period of 3
years in which the mobile subscriber has to pay a fixed monthly rental and a
premium call charge to such mobile services company.
¾ A special computer program / technology was used by this mobile services
company
8. wherein the hand-set can only be used with this mobile services and not with
other
mobile services.
¾ Employees of a completing mobile services company lured the customers of the
above company to alter / tamper with the special (locking) computer program /
technology so that the hand-set can be used with the competing mobile services.
¾ Held:
¾ Such tampering is an offence u/s 65 of IT Act as well as
¾ Copyright infringement u/s 63 of Copyrights Act.
ILOVEYOU Worm
¾ Facts:
¾ Also know as VBS/Loveletter and Love Bug worm
¾ It began in Philippines on 4th May 2000 and spread over the world in one day
through email
boxes. It infected 10% of all computers connected to the internet. Only Microsoft
windows
operating system effected.
¾ Subject line: “ILOVEYOU”. Attachment LOVE-LETTER-FOR-YOU.TXT.vbs
¾ Damage about Rs. 22,000 Crore
¾ The Pentagon, British Parliament and most of the corporation shut down the
email systems to
get rid of this worm.
9. ¾ Affecting:
¾ The worm search all drives which are connected to the infected computer and
replace files
¾ The worm propagates by sending out copies of itself to all entries in the
Microsoft Outlook
address book
¾ Action:
¾ There was no law against virus writing in Philippines, hence prosecutors
dropped all the charges
against the offender. Govt. of Philippines enacted a Philippines eCommerce Law
on 14th June
2000 to deal with Cyber Crime.
CLAUSES AND SOME INFORMATINS ON CLAUSES
Information Technology Amendment Act 2006
Notes on clauses
Clause 2.—This clause seeks to substitute the words “digital signatures” by the
words
“electronic signatures” as provided in the Table thereunder so as to make it
technology neutral.
Clause 3.—This clause seeks to amend sub-section (4) of section 1 so as to exclude
Negotiable Instruments, power of attorney, trust, will and contract from the
application of the Act and to empower the Central Government to amend the
entries in the First Schedule. Clause 4.—This clause seeks to amend section 2 and
10. to define certain new expressions.
Clause 5.—This clause seeks to substitute heading of Chapter II with new heading
‘DIGITAL SIGNATURE AND ELECTRONIC SIGNATURE’ so as to make the Act
technology neutral.
Clause 6.—This clause seeks to insert a new section 3A which provides for
authentication of electronic record by electronic signature or electronic
authentication technique. It also empowers the Central Government to insert in
the Second Schedule any electronic signature or electronic authentication
technique and prescribe the procedure for the purpose of ascertaining the
authenticity of electronic signature.
Clause 7.—This clause seeks to insert a new section 6A which empowers the
Central Government as well as the State Government to authorise the service
providers for providing efficient services through electronic means to the public
against appropriate service charges. Further the said section empowers the
Central Government as well as the State Government to specify the scale of
service charges.
Clause 8.—This clause seeks to insert a new section 10A to provide for contracts
formed through electronic means.
Clause 9.—This clause seeks to make amendment in sub-section (1) of section 12
which is of a consequential nature.
Clause 10.—This clause seeks to substitute sections 15 and 16 so as to remove
certain inconsistencies in the procedures relating to secure electronic signatures
and to provide for security procedures and practices.
Clause 11.—This clause provides for omission of section 20 with a view to
empower the Certifying Authority under section 30 to act as repository of
electronic signatures.
Clause 12.—This clause seeks to make amendment in sub-section (1) of section 29
with a view to limit the powers of the Controller in respect of access to any
computer system only with reference to the provisions of Chapter VI and not with
11. reference to the provisions of entire Act. The powers with respect to access to
any computer system under other provisions of the Act are proposed to be
entrusted to the Central Government under section 69.
Clause 13.—This clause seeks to amend section 30 with a view to empower the
Certifying Authority to be the repository of all Electronic Signature Certificates
issued under the Act.
Clause 14.—This clause seeks to amend section 34 with a view to make the
provisions of that section technology neutral.
Clause 15.—This clause seeks to amend section 35 with a view to omit the first
proviso to sub-section (4) so as to make the provisions of that section technology
neutral. Clause 16.—This clause seeks to amend section 36 so as to add two more
representations for issuance of digital signature.
Clause 17.—This clause seeks to insert a new section 40A which provides for
duties of the subscriber of Electronic Signature Certificate.
Clause 18.—This clause seeks to make an amendment in the Chapter heading of
Chapter IX with a view to provide for making compensation for damages in
respect of various contraventions.
Clause 19.—This clause seeks to amend section 43 so as to add certain more
contraventions for damaging computer or computer system.
Clause 20.—This clause seeks to insert a new section 43A so as to empower the
Central Goverment to provide for reasonable security practices and procedures
and the sensitive personal data or information and also to provide for
compensation for failure to protect sensitive personal data or information stored
in a computer resource.
Clause 21.—This clause seeks to make amendment in section 46 with a view to
make consequential changes.
Clauses 22 and 23.—These clauses seek to make amendments in the heading of
Chapter X and section 48 with a view to suitably modify the same with the title of
12. the Cyber Appellate Tribunal as mentioned in clause (n) of sub-section (1) of
section 2.
Clause 24.—This clause seeks to substitute sections 49 to 52 and insert new
sections 52A to 52D. Section 49 provides for the establishment of the Cyber
Appellate Tribunal. Sections 50, 51 and 52 provide for qualifications, term of
office, conditions of service and salary and allowances of the Chairperson and
Members of the said Tribunal. Sections 52A to 52 D provide for powers of the
Chairperson and distribution of business among the Benches.
Clauses 25 to 28.—These clauses seek to make amendments in sections 53 to 56
with a view to make the Cyber Appellate Tribunal a multi-member body.
Clause 29.—This clause seeks to insert a proviso in section 61 so as to provide
jurisdiction to courts in certain cases.
Clause 30.—This clause seeks to amend section 64 so as to recover the
compensation also as the arrears of land revenue.
Clause 31.—This clause seeks to substitute sections 66 and 67 and insert new
sections 66A and 67A with a view to make certain more computer related wrong
actions punishable and enhance the penalty. Clause 32.—This clause seeks to
amend section 68 so as to reduce the quantum of punishment and fine.
Clause 33.—This clause seeks to substitute section 69 so as to empower the
Central Government to issue directions to an agency for interception or
monitoring or decryption of any information transmitted through any computer
resource. It also provides for punishment for rendering assistance to such agency.
Clause 34.—This clause seeks to amend section 70 so as to enable the Central
Government as well as the State Government to declare any computer resource
as protected system. It also provides for information security practices and
procedures for such protected system.
Clause 35.—This clause seeks to insert a new section 70A for empowering Indian
Computer Emergency Response Team to serve as a national nodal agency in
respect of Critical Information Infrastructure.
13. Clause 36.—This clause seeks to insert a new section 72A which makes the
disclosure of information in breach of a lawful contract punishable.
Clause 37.—This clause seeks to substitute sections 77 and 78 and to insert new
sections 77A and 77B. Section 77 provides that compensation, penalties or
confiscation under the Act shall not interfere with the award of compensation or
imposition of any other penalty or punishment under any other law for the time
being in force. Section 77A provides for certain offences relating to computer
resources as compoundable offences. Section 77B provides that Court shall take
cognizance only on a complaint and not otherwise. Section 78 provides for power
to investigate offences.
Clause 38.—This clause seeks to substitute Chapter XII and to insert a new
Chapter XIIA which provides for exemption of intermediaries from liability in
certain circumstances and also empowers the Central Government to prescribe
guidelines to be observed by intermediaries for providing services. It also
empowers the Central Government to specify the Examiner of Electronic
Evidence.
Clause 39.—This clause seeks to omit section 80 of the Act with a view to entrust
the powers of search and seizure, etc., to a Police Officer not below the rank of
Deputy Superintendent of Police and for that purpose necessary provisions have
been included in section 78 by substituting the same vide clause 37.
Clause 40.— This clause proposes to insert a proviso to section 81 so that the
rights conferred under this section shall be supplementary to and not in
derogation of the provisions of the Copyright Act or the Patents Act.
Clause 41.—This clause seeks to make amendment in section 82 with a view to
declare the Chairperson, Members, officers and employees as public servants.
Clause 42.—This clause seeks to amend section 84 with a view to make
consequential changes.
Clause 43.—This clause seeks to insert three new sections 84A, 84B and 84C with
a view to empower the Central Government to prescribe the modes and methods
14. of encryption for secure use of electronic media and for promotion of e-governance
and e- commerce applications. Further it provides that abetment of
and attempt to commit any offence shall also be punishable.
Clauses 44 and 45.—These clauses seek to make amendments in sections 87 and
90 respectively, which are of consequential nature.
Clause 46.—This clause seeks to omit sections 91 to 94 for the reason that these
provisions have become redundant as necessary modifications have already been
carried out in the Indian Penal Code and other related enactments.
Clause 47.—This clause seeks to substitute new Schedules for the First Schedule
and the Second Schedule so as to provide for documents or transactions to which
the provisions of the Act shall not apply. It also enables the list of electronic
signature or electronic authentication technique and procedure for affixing such
signature to be specified in the Second Scheudule.
Clause 48.—This clause seeks to omit the Third Schedule and Fourth Schedule as
consequential to the omission of provisions of sections 93 and 94.
Clause 49.—This clause provides for certain amendments in the Indian Penal Code
so as to specify certain offences relating to the computer resource.
Clause 50.—This clause provides for certain consequential amendments in the
Indian Evidence Act pursuant to the changes proposed in the Act.
Clause 51.—This clause provides for amendments in the Code of Criminal
Procedure by inserting new section 198B and amending section 320 so as to make
certain consequential amendments pursuant to the changes proposed in the Act.
SECTIONS WHICH FALLS UNDER IT ACT 2000
Your Action
Section
Applicable.
15. Tampering with computer source Documents Sec.65
Hacking with computer systems , Data Alteration Sec.66
Sending offensive messages through communication service, etc Sec.66A
Dishonestly receiving stolen computer resource or
Sec.66B
communication device
Identity theft Sec.66C
Cheating by personation by using computer resource Sec.66D
Violation of privacy Sec.66E
Cyber terrorism Sec.66F
Publishing or transmitting obscene material in electronic form Sec.67
Publishing or transmitting of material containing sexually explicit
Sec.67A
act, etc. in electronic form
Punishment for publishing or transmitting of material depicting
children in sexually explicit act, etc. in electronic form
Sec.67B
Preservation and Retention of information by intermediaries Sec.67C
Powers to issue directions for interception or monitoring or
Sec.69
decryption of any information through any computer resource
Power to issue directions for blocking for public access of any
information through any computer resource
Sec.69A
Power to authorize to monitor and collect traffic data or
information through any computer resource for Cyber Security
Sec.69B
Un-authorized access to protected system Sec.70
Penalty for misrepresentation Sec.71
Breach of confidentiality and privacy Sec.72
Publishing False digital signature certificates Sec.73
Publication for fraudulent purpose Sec.74
Act to apply for offence or contraventions committed outside
Sec.75
India
16. Compensation, penalties or confiscation not to interfere with
other punishment
Sec.77
Compounding of Offences Sec.77A
Offences with three years imprisonment to be cognizable Sec.77B
Exemption from liability of intermediary in certain cases Sec.79
Punishment for abetment of offences Sec.84B
Punishment for attempt to commit offences Sec.84C
Offences by Companies Sec.85
Sending threatening messages by e-mail
Sec.503
IPC
Word, gesture or act intended to insult the modesty of
a woman
Sec.509
IPC
Sending defamatory messages by e-mail
Sec.499
IPC
Bogus websites , Cyber Frauds
Sec.420
IPC
E-mail Spoofing
Sec.463
IPC
Making a false document
Sec.464
IPC
Forgery for purpose of cheating
Sec.468
IPC
Orgery for purpose of harming reputation
Sec.469
IPC
Web-Jacking
Sec.383
IPC
E-mail Abuse
Sec.500
IPC
17. Punishment for criminal intimidation
Sec.506
IPC
Criminal intimidation by an anonymous communication
Sec.507
IPC
When copyright infringed:- Copyright in a work shall be
deemed to be infringed
Sec.51
Offence of infringement of copyright or other rights
conferred by this Act. Any person who knowingly
infringes or abets the infringement of
Sec.63
Enhanced penalty on second and subsequent covictions Sec.63A
Knowing use of infringing copy of computer programme
Sec.63B
to be an offence
Obscenity Sec.292
IPC
Printing etc. of grossly indecent or scurrilous matter or
matter intended for blackmail
Sec.292A
IPC
Sale, etc., of obscene objects to young person Sec.293
IPC
Obscene acts and songs Sec.294
IPC
Theft of Computer Hardware Sec.378
Punishment for theft
Online Sale of Drugs NDPS Act
Online Sale of Arms Arms Act
Sec.379
Some Indian Case Studies:
1 Cyber Crimes
There is a big rise in the Cyber Crimes (as per
18. Information Technology Act, 2000) in India.
There were 4192 cyber crimes in 2013 which
were 2761 in 2012. If one considers such
crimes as per Indian Penal Code also, the
number of crimes were 5500. Police has
arrested 3301criminals in this regard.
Under Information Technology Act, 2000,
there were 681 and 635 crimes in
Maharashtra and Andhra Pradesh
respectively. In these two states there is 50
per cent rise in cyber crimes. As per National
Crimes Records Bureau (NCRB), in 2013
there was 122 per cent increase in cyber
crimes in India. Such crimes in other states
were : Karnatak (513), Kerala (349), Madhya
Pradesh (282) and Rajasthan (239).
In the state of Gujarat, such crimes were 68
in 2012 and 61 in 2013.
(Gujarat Samachar, Ahmedabad).
3 July, 2014
2 NET NEUTRALITY
Last week, a legislation has been introduced in Senate and House of
Representatives of US to ban deals where web content companies could
pay internet service providers to deliver their traffic to users faster and
more reliably. In US, Federal Communications Commission (FCC) is
collecting public comments on new Net Neutrality rules.
The rules propose to prohibit internet providers from blocking or
slowing down access to web sites. It is required that internet is a
platform for free expression where the services can reach consumers
based on merit rather than based on a financial relationship with a
broad band provider. For real internet freedom, this is a basic
requirement.
19. (Times of India, Ahmedabad)
19 June, 2014
3 Internet cannot override privacy
In a recent judgement, Court of Justice of European Union has opined
that a person has right to instruct the internet search engines like google
to keep certain personal information of individuals as secret. The Hon.
Court opined that to view all the details available on internet, may be
dangerous may a times, therfore, a person has the right to instruct the
search engines to keep certain personal information as secret, and not
accessible. This ruling provides a level of protection against invasion of
privacy.
4 Unsafe Wi-Fi Zones
Usually the internet is assessed through computer or laptop. However,
the use of internet through smart phones is increasing. Also, there are
many open/free Wi-Fi zones in malls, offices, hotels and other places.
This may be accessed by hackers and terrorists. By and large, such Wi-Fi
zones are unsafe and it requires proper security. This is because, many a
times it may be difficult to trace the users since it is openly used by
anyone.
5 BitCoin
Bitcoin was first coined by Santoshi Nakamoto, a Chinese, in 2009. In
2012, its value was $1000. A Bitcoin is mined on a privately owned,
specialized computing equipment and passed around by a global
network of computers. The transactions are traceable, but the parties
are not. In November, 2013, peoples Bank of China objected the use of
Bitcoin and told that it is not a recognized currency. Therefore, its value
dropped tp $345.
Asia's first Bitcoin ATM was installed in Singapore in February, 2014.
However, the reguators and lawmakers have raised a concern that this is
not a recognized currency, and be used for fraudulent purposes.
6 Open Source Licensing
Open source licensing is resorted to by many sites. However this has
20. certain legal issues. Basically there can be an issue of copyright. Other
relevant issues are questions of enforceability on account of clash of
local legislation and international agreement. The rights of a
programmer warranties and software patent also needs to detailed
study.
7 Cyber Jurisdiction
Internet creates virtual world. There are no demarcated boundaries
between the people who utilize the web. The utility extends to
information, e-banking, e-commerce, communication etc. the
technology is open to hacking, pornography, gambling, identity-theft
etc.
This requires understanding of jurisdiction. Various principles have been
evolved to decide the jurisdiction. To mention (1) minimum contest test
(2) personal jurisdiction (3) long arm statutes. With reference to Indian
situation section 75 of Information Technology Act, 2000 contents the
provisions regarding jurisdiction. Section 13(3), (4) and (5) also deal with
cause of action which is of significance in internet transactions.
Jurisdiction can also be decided on the basis of choice of law, location of
server, defendant’s domicile, and place of performance of contract,
plaintiff’s domicile and purposeful availment.
8 Andhra Pradesh Tax Case
Dubious tactics of a prominent businessman from Andhra Pradesh was
exposed after officials of the department got hold of computers used by
the accused person. The owner of a plastics firm was arrested and Rs 22
crore cash was recovered from his house by sleuths of the Vigilance
Department. They sought an explanation from him regarding the
unaccounted cash within 10 days.
The accused person submitted 6,000 vouchers to prove the legitimacy of
trade and thought his offence would go undetected but after careful
scrutiny of vouchers and contents of his computers it revealed that all of
them were made after the raids were conducted.
21. It later revealed that the accused was running five businesses under the
guise of one company and used fake and computerised vouchers to
show sales records and save tax.
SELECTED ASIA / PACIFIC CASES:
The following section provides a selection of actions taken against file-sharing
Web sites and P2P services in the Asia/Pacific region, focusing on
Australia, China, Japan and South Korea.
1. In Australia’s largest copyright infringement case, three university
students received criminal sentences for running a Web site called
MP3/WMA Land, which offered more than 1,800 pirated songs for
download. In light of their age at the time and the fact that they never
profited from their actions, the court warranted 18-month suspended
sentences for two of the students and an additional fine of US$5,000 for
one of them. Moreover, one student and a third participant were given
200 hours of community service.
2. Reportedly, China has become a leading exporter of counterfeit and
pirated goods to the world. The U.S. industry estimates the value of
counterfeit goods in China at US$19 billion to US$24 billion, with losses
to U.S. companies exceeding US$1.8 billion a year. The severe piracy
problems derive from a combination of cultural, historic and economic
factors and are further aggravated by inconsistent, weak enforcement
by officials. File-sharing Web sites and networks such as Jelawat and
Kuro have been developing rapidly, too. The distributors of P2P software
claim that file-sharing falls within the private use exception to copyright,
but the Supreme People’s Court of China rejected this interpretation.
Increasingly, copyright owners and right organizations are challenging
file-sharing Web sites on copyright infringement claims.
3. The Beijing No 1 People’s Court ruled in April 2004 that the Web site
chinamp3.com violated the IP rights of Hong Kong-based entertainment
companies Go East Entertainment and Sony Music Entertainment (Hong
22. Kong), and ordered the site to pay US$19,000 in damages. The suit
concerned the unauthorized distribution of MP3 music files. The
defendant argued that he had merely provided links for download and
not a direct download service, and therefore should not be held
responsible for the IP rights violations. According to observers, the
court’s ruling may prove to be a significant development in the nascent
field of Chinese copyright enforcement in the digital age.
9 PARLIAMENT ATTACK CASE
Bureau of Police Research and Development at Hyderabad had handled
some of the top cyber cases, including analysing and retrieving
information from the laptop recovered from terrorist, who attacked
Parliament. The laptop which was seized from the two terrorists, who
were gunned down when Parliament was under siege on December 13
2001, was sent to Computer Forensics Division of BPRD after computer
experts at Delhi failed to trace much out of its contents.
The laptop contained several evidences that confirmed of the two
terrorists’ motives, namely the sticker of the Ministry of Home that they
had made on the laptop and pasted on their ambassador car to gain
entry into Parliament House and the the fake ID card that one of the two
terrorists was carrying with a Government of India emblem and seal.
The emblems (of the three lions) were carefully scanned and the seal
was also craftly made along with residential address of Jammu and
Kashmir. But careful detection proved that it was all forged and made on
the laptop.
10 State of Tamil Nadu Vs Suhas Katti
The Case of Suhas Katti is notable for the fact that the conviction was
achieved successfully within a relatively quick time of 7 months from the
filing of the FIR. Considering that similar cases have been pending in
other states for a much longer time, the efficient handling of the case
which happened to be the first case of the Chennai Cyber Crime Cell
going to trial deserves a special mention.
The case related to posting of obscene, defamatory and annoying
23. message about a divorcee woman in the yahoo message group. E-Mails
were also forwarded to the victim for information by the accused
through a false e-mail account opened by him in the name of the victim.
The posting of the message resulted in annoying phone calls to the lady
in the belief that she was soliciting.
Based on a complaint made by the victim in February 2004, the Police
traced the accused to Mumbai and arrested him within the next few
days. The accused was a known family friend of the victim and was
reportedly interested in marrying her. She however married another
person. This marriage later ended in divorce and the accused started
contacting her once again. On her reluctance to marry him, the accused
took up the harassment through the Internet.
On 24-3-2004 Charge Sheet was filed u/s 67 of IT Act 2000, 469 and 509
IPC before The Hon’ble Addl. CMM Egmore by citing 18 witnesses and 34
documents and material objects. The same was taken on file in
C.C.NO.4680/2004. On the prosecution side 12 witnesses were
examined and entire documents were marked as Exhibits.
The Defence argued that the offending mails would have been given
either by ex-husband of the complainant or the complainant her self to
implicate the accused as accused alleged to have turned down the
request of the complainant to marry her.
Further the Defence counsel argued that some of the documentary
evidence was not sustainable under Section 65 B of the Indian Evidence
Act. However, the court relied upon the expert witnesses and other
evidence produced before it, including the witnesses of the Cyber Cafe
owners and came to the conclusion that the crime was conclusively
proved. Ld. Additional Chief Metropolitan Magistrate, Egmore, delivered
the judgement on 5-11-04 as follows:
" The accused is found guilty of offences under section 469, 509 IPC and
67 of IT Act 2000 and the accused is convicted and is sentenced for the
offence to undergo RI for 2 years under 469 IPC and to pay fine of
Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1 year
24. Simple imprisonment and to pay fine of Rs.500/- and for the offence u/s
67 of IT Act 2000 to undergo RI for 2 years and to pay fine of Rs.4000/-
All sentences to run concurrently."
The accused paid fine amount and he was lodged at Central Prison,
Chennai. This is considered as the first case convicted under section 67
of Information Technology Act 2000 in India.
11 Baazee.com case
CEO of Baazee.com was arrested in December 2004 because a CD with
objectionable material was being sold on the website. The CD was also
being sold in the markets in Delhi. The Mumbai city police and the Delhi
Police got into action. The CEO was later released on bail. This opened
up the question as to what kind of distinction do we draw between
Internet Service Provider and Content Provider. The burden rests on the
accused that he was the Service Provider and not the Content Provider.
It also raises a lot of issues regarding how the police should handle the
cyber crime cases and a lot of education is required.
12 Pune Citibank MphasiS Call Center Fraud
US $ 3,50,000 from accounts of four US customers were dishonestly
transferred to bogus accounts. This will give a lot of ammunition to
those lobbying against outsourcing in US. Such cases happen all over the
world but when it happens in India it is a serious matter and we can not
ignore it. It is a case of sourcing engineering. Some employees gained
the confidence of the customer and obtained their PIN numbers to
commit fraud. They got these under the guise of helping the customers
out of difficult situations. Highest security prevails in the call centers in
India as they know that they will lose their business. There was not as
much of breach of security but of sourcing engineering.
The call center employees are checked when they go in and out so they
can not copy down numbers and therefore they could not have noted
these down. They must have remembered these numbers, gone out
25. immediately to a cyber café and accessed the Citibank accounts of the
customers.
All accounts were opened in Pune and the customers complained that
the money from their accounts was transferred to Pune accounts and
that’s how the criminals were traced. Police has been able to prove the
honesty of the call center and has frozen the accounts where the money
was transferred.
There is need for a strict background check of the call center executives.
However, best of background checks can not eliminate the bad elements
from coming in and breaching security. We must still ensure such checks
when a person is hired. There is need for a national ID and a national
data base where a name can be referred to. In this case preliminary
investigations do not reveal that the criminals had any crime history.
Customer education is very important so customers do not get taken for
a ride. Most banks are guilt of not doing this.
YBER CRIMES
Hacking
Hacking in simple terms means an illegal intrusion into a computer system and/or network. There is an equivalent term to
hacking i.e. cracking, but from Indian Laws perspective there is no difference between the term hacking and cracking. Every
act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer
programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction.
Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from
various bank accounts to their own account followed by withdrawal of money. They extort money from some corporate giant
threatening him to publish the stolen information which is critical in nature.
Read more...
Child Pornography
The Internet is being highly used by its abusers to reach and abuse children sexually, worldwide. The internet is very fast
be coming a ho useho ld commodity in India . Itâ €™s e xplosion has made the children a viable victim to the cyber crime. As
26. more homes have access to internet, more children would be using the internet and more are the chances of falling victim
to the aggression of pedophiles.
Read more...
Cyber Stalking
Cyber Stalking can be defined as the repeated acts harassment or threatening behavior of the cyber criminal towards the
victim by using internet services. Stalking in General terms can be referred to as the repeated acts of harassment targeting
the victim such as following the victim, making harassing phone calls, killing the victims pet, vandalizing victims property,
leaving written messages or objects. Stalking may be followed by serious violent acts such as physical harm to the victim
and the same has to be treated and viewed seriously. It all depends on the course of conduct of the stalker.
Read more...
Denial of service Attack
T his is a n a ct by the crim inal, who flo ods the ba ndwidth o f the victim’s netwo rk o r fills his e -mail box with spam mail
depriving him of the services he is entitled to a ccess or provide
Read more...
Virus Dissemination
Malicious software that attaches itself to other software. (virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and
Bacterium are the malicious
Read more...
Software Piracy
Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended
to pass for the original.
Read more...
27. IRC Crime
Internet Relay Chat (IRC) servers have chat rooms in which people from anywhere the world can come together and chat
with each other.
Read more...
Credit Card Fraud
The unauthorized and illegal use of a credit card to purchase property.
Read more...
Net Extortion
C o pying the com pa nyâ €™s co nfide ntia l da ta in o rde r to extort said company for huge amount
Read more...
Phishing
The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the
user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site
where they are asked to update personal information, such as passwords and credit card, social security, and bank account
numbers, that the legitimate organization already has.
Read more...
Ref: http://cybercellmumbai.gov.in/html/cyber-crimes/index.html
28. OFFENCE Punishment Cognizable or non
cognizable
Bailable or Non-bailable
Section 65: Tampering
with computer source
documents
Imprisonment upto three
years and/or Fine upto Rs.
2 Lakhs
Cognizable Non bailable
Section 66: Hacking with
Computer system
-do- -do- -do-
Section 67: Publishing
obscene information in
electronic form
First
Conviction:Imprisonment
upto five years and Fine
upto Rs. 1 Lakhs Second
or subsequent
Conviction:Imprisonment
upto Ten years and Fine
upto Rs. 2 Lakhs
-do- -do-
Section 68 (2): Failure to
comply with the
order/direction of
controller
Imprisonment for a term
not exceeding three years
or to a fine not exceeding
two lakh rupees or to both
-do- -do-
Section 69 (3): Failure to
extend facilities to decrypt
information to controller
or any agency of
government
Imprisonment for a term
which may extend to
seven years
-do- -do-
Section 70 : Unauthorized
access to protected
system
Imprisonment up to 10
years and fine
-do- -do-
Section 71: Penalty for
misrepresentation
Imprisonment up to 2
years and/or fine upto Rs.
1 Lakhs
Non Cognizable Bailable
Section 72: Breach of
Confidentiality & privacy
-do- -do- -do-
Section 73: Publishing
false Digital Signature
Certificate
-do- -do- -do-
Section 74: Publication for
fraudulent purpose
-do- -do- -do-
Classification of offences under the Information Technology (Amendment) Bill, 2006
29. Section 77-B has been inserted under the proposed amendment bill as per which the offence punishable
with imprisonment of three years and above shall be cognizable and the offence punishable with
imprisonment of three years shall be bailable. The text of inserted Section 77-B is as follows:
“S-77B Offences with three years imprisonment to be cognizable
(1) Notwithstanding anything contained in Criminal Procedure Code 1973, the offence punishable with
imprisonment of three years and above shall be cognizable and the offence punishable with
imprisonment of three years shall be bailable.”
The operation of 1st Schedule of the Cr.P.C. has been made inapplicable by insertion of this section.
However, with the insertion of this section, the offences can be categorized as under:
OFFENCE Cognizable or non
cognizable
Bailable or Non-bailable
The offence punishable with
imprisonment less than 3 years
Non cognizable Bailable
The offence punishable with
imprisonment of three years
Cognizable Bailable
The offence punishable with
imprisonment of more than three years
Cognizable Non-Bailable
Thus, as per the scheme of the newly inserted Section 77-B, the offences under the
amendment bill can be classified as follows:
OFFENCE Punishment Cognizable or non
cognizable
Bailable or Non-bailable
Section 65: Tampering
with computer source
documents
Imprisonment upto three
years and/or Fine upto Rs.
2 Lakhs
Cognizable Bailable
Section 66: Hacking with
Computer system (if done
dishonestly or
fraudulently)
Imprisonment upto three
years and/or Fine upto Rs.
5 Lakhs
-do- -do-
Section 66A: Punishment
for sending offensive
messages through
communication service,
etc
Imprisonment for a term
which may extend to three
years and with fine
-do- -do-
Section 66B: Punishment
for dishonestly receiving
stolen computer resource
or communication device
Imprisonment upto three
years and/or Fine upto Rs.
1 Lakhs
-do- -do-
30. Section 66C: Punishment
for identity theft
Imprisonment upto three
years and Fine upto Rs. 1
Lakhs
-do- -do-
Section 66D: Punishment
for cheating by
personation by using
computer resource
-do- -do- -do-
Section 66E: Punishment
for violation of privacy
Imprisonment upto three
years and/or Fine upto Rs.
2 Lakhs
-do- -do-
Section 66F: Punishment
for cyber terrorism
May extend to Life
imprisonment
-do- Non bailable
Section 67: Publishing
obscene information in
electronic form
First
Conviction:Imprisonment
upto three years and Fine
upto Rs. 5 LakhsSecond
or subsequent
Conviction :
Imprisonment upto five
years and Fine upto Rs. 10
Lakhs
-do- Bailable in case of first
conviction only. Second
or subsequent conviction
shall be non bailable
Section 67A: Punishment
for publishing or
transmitting of material
containing sexually
explicit act, etc. in
electronic form
First
Conviction:Imprisonment
upto Five years and Fine
upto Rs. 10 Lakhs Second
or subsequent
Conviction :
Imprisonment upto Seven
years and Fine upto Rs. 10
Lakhs
-do- Non-bailable in both first
and second conviction
Section 67B: Punishment
for publishing or
transmitting of material
depicting children in
sexually explicit act, etc.
in electronic form
-do- -do- -do-
Section 67C (2):
Deliberate Failure by the
intermediary to preserve
Imprisonment upto three
years and Fine
-do- Bailable
31. and retain information as
specified by the Central
Government
Section 68 (2): Deliberate
Failure to comply with the
order/direction of
controller
Imprisonment for a
term not exceeding two
years or to a fine not
exceeding one lakh rupees
or to both
Non cognizable -do-
Section 69 (4): Failure
to extend facilities to
decrypt information to
govt. notified agency
Imprisonment for a term
which may extend to
seven years and fine
Cognizable Non bailable
Section 69A (3):
Punishment for failure by
the intermediary to
comply with the order of
the notified agency to
block websites etc.
-do- -do- -do-
Section 69B (4):
Deliberate failure by the
intermediary to provide
the notified agency with
the technical assistance
or online access to the
computer resource
Imprisonment for a term
which may extend to three
years and fine
Non Cognizable bailable
Section 70: Unauthorized
access to protected
system directly or
indirectly affects the
facility of Critical
Information
Infrastructure
Imprisonment up to 10
years and fine
Cognizable Non bailable
Section 72A: Punishment
for Disclosure of
information in breach of
lawful contract
Imprisonment for a term
upto three years or to a
fine upto Rs. 5 Lakhs or to
both
-do- Bailable