INTRODUCTION Focus of the IT Act 2000 was recognition of electronic records and facilitation of e –commerce The amended IT Act 2008 focuses on Cyber Terrorism and Cyber Crime Issues related to electronic transactions, digital signatures, hacking and network service providers are covered
CYBER CRIME‘Cyber Crime is any criminal activity done using computer and a network AS ALSO ‘Criminal exploitation of the internet’
MOST COMMON CYBER CRIMES Phishing Hacking Publishing of Obscene Content Cyber Squatting Cyber Defamation
DIGITAL SIGNATURES• It is a mathematical scheme for demonstrating the authenticity of a digital message or document• Section 3A: Any subscriber may authenticate electronic records by Electronic Signatures• Now ‘Digital Signature’ has been made a subset of ‘Electronic Signature’• Ensures Authentication, Integrity and Non-repudiation
LICENSED CAs IN INDIA Safescrypt (www.safescrypt.com) NIC (www.nic.in) IDRBT (www.idrbtca.org.in) TCS (www.tcs-ca.tcs.co.in) MTNL Trustline (www.mtnltrustline.com) GNFC (www.ncodesolutions.com) e-Mudhra CA (www.e-Mudhra.com)
CASE STUDYON DIGITAL SIGNATURES ICICI Bank ‘Phishing’ Case
RELEVANT SECTIONS OF THE IT ACT• Section 66 : • Hacking and gaining unauthorized access • Any person who dishonestly, fraudulently indulges in actions like unauthorized access, theft/misuse of data, etc.• Caselet: • Mphasis BPO – Citibank Theft Case• Section 67 : • Publishing content in electronic form which is obscene • Any person who circulates/publishes sexually explicit/pornographic content in electronic form• Caselet: • Delhi Public School MMS Scandal Case
VALIDITY OUTSIDE INDIA• Section 75 : • Act to apply for offence or contravention committed outside India • The provision for the act shall also apply to any offence or contravention committed outside India by any person irrespective of his nationality• Caselet: • State Bank of India Cyber-Squatting Case.
NETWORK PROVIDERS• Section 79 : • Network Service providers not to be liable in certain cases • An intermediary shall not be liable for any third party information data or communication link made available or hosted by him; subject to some conditions.• Caselet: • Insulting images of Warrior Shivaji on Google’s Orkut.
OFFENCES BY COMPANIES• Section 85: • Company shall be liable • Director, Manager or Secretary or any other official shall be liable• Caselet: • The Bank NSP Case.
ADVANTAGES OF THE ACT Empowers the government departments to accept filing, creating and retention of official documents in the digital format The Act legalizes the e-mail as a mode of communication Digital Signatures and Digital Records can be used as legal and valid proof for launching litigation in a court of law Provides statutory remedy to corporates in case the crime against the accused for breaking into their computer systems or network and damaging and copying the data is proven
LOOPHOLES IN THE ACT Inapplicability Digital Signatures: Recognizes only PKI System Misuse of Police Powers No IPR Protection Guaranteed ISP not held liable.
AWARENESS SURVEY ANALYSISReceived Spam Mail? What did you do about it? No Deleted 13% Marked it after as spam opening 29% it 21% Deleted Yes it 87% without opening it 50% Do you check for Secured Connections? No 10% Unaware of such a concept 17% Yes 73%
NASSCOM• A consortium that serves as an interface to the Indian Software industry & the Indian BPO industry.• Role• Objective: To build a growth led and sustainable technology and business services sector in the country.• Functions: • Partnership with the government • Research on IT and ITES • Protection of Intellectual Property Rights • Reinforce the brand equity of Indian IT and ITES industries
ROLE OF IT IN INDIAN BANKING SECTOR• Post liberalization, increasing competition & emergence of new banks led to a paradigm shift.• Crucial Landmarks: • Committee on Computerisation in Banks (1988) headed by Dr. C.R. Rangarajan, Deputy Governor of RBI. (MICR – Standardized cheque forms and encoders & centralized clearing systems) • Committee on Technology Issues (1994) headed by Mr. W.S. Saraf, ED, RBI. (EFT systems)• The Information Technology Act, 2000 has given legal recognition to creation, transmission and retention of an electronic (or magnetic) data to be treated as valid proof in a court of law.
ADVANTAGES TO BANKING SECTOR• Improved the factors in service quality like: responsiveness, communication and access.• Provides 24 hour access• Allows access to one’s account from virtually anywhere• Enhances speed and reliability of financial operations• Facilitates newer delivery channels like: • ATMs • Mobile Banking• Use of De-mat accounts helps users trade shares online
COMBATING CYBER CRIME• Spam – Filters for E-mails• Regular Backup of Important data• Periodic Virus Scan, Malware Scan & Spyware Scan.• Avoid publishing personal details online.• While transacting online: • Check for Valid SSL Certificate • Check for secured connection (HTTPS)• In case of any attack or suspicion, do not hesitate to lodge a complaint with the Cyber Crime Investigation Cell in your city. • Visit: http://infosecawareness.in/cyber-crime-cells-in-india to find your nearest CCIC.
CONCLUSION The IT Act is a comprehensive piece of legislation which aims at policing some of the activities over the Internet Biggest challenges are lack of awareness & non-compliance Overhaul of judicial system and entire mechanism to deliver justice at quick speed Stringent punishments to kill the motive of the criminals The Act is not the end but only a beginning to a plethora of legislation that still needs to be formed.