Obstacles to cybercrime investigations include anonymity afforded by technology, difficulties with attribution, challenges with backtracking or tracing crimes to their source, identifying responsible internet service providers, lack of harmonized cybercrime laws, technical challenges, limited abilities of law enforcement agencies, "brain drain" of skilled investigators, issues with sovereignty and jurisdiction in cyberspace. Jurisdiction over cybercrimes is complicated, as national laws may not apply to foreign citizens committing crimes outside a country. International cooperation on legal standards and law enforcement is needed to address these obstacles.
This document discusses cyber defamation under Indian law. It provides an overview of cyber crimes and defamation, and examines the liabilities, remedies, and damages available. The Information Technology Act of 2000 is the primary legislation covering cyber crimes, though it does not specifically address cyber defamation. Defamation cases can be civil or criminal in nature. The document analyzes several relevant court cases and discusses challenges around key concepts like publication and the liability of internet service providers.
Cyber crime lecture one definition and natureDr. Arun Verma
This document discusses the meaning, definitions, and nature of cyber crimes. It begins by defining cyber crimes as any crimes involving computers and networks, where the computer may be used to commit the crime or be the target. Two common definitions of cyber crime are provided - one defining it as a crime using computer technology as a tool or where the computer is the object, and the other referring to it as computer crime. Indian law defines several cyber crimes like intentionally altering computer source code, hacking by unauthorized computer access, and transmitting obscene materials. Examples of common cyber crimes like identity theft, fraud, hacking, piracy, and storing illegal information are also outlined. The challenges of investigating and preventing cyber crimes through technology, investigation, and legal
Historical genesis and evolution of cyber crimes newDr. Arun Verma
Cyber crimes have evolved significantly since the first recorded cyber crime in 1820. Early cyber crimes were typically committed by individuals and involved sabotage of new technologies or stealing long distance phone services. As computers and the internet became more advanced and widely used through the late 20th century, cyber crimes grew to include hacking, computer viruses, identity theft, and financial crimes. Law enforcement struggled to keep up with the evolving nature of cyber crimes until new laws and agencies were established to address these new threats. Cyber crimes now encompass a wide range of illegal online activities targeting individuals, businesses, and governments.
An FIR is a First Information Report filed with the police when they learn about a cognizable criminal offense. It initiates the criminal justice process by allowing the police to begin an investigation. Anyone who is aware of a cognizable crime can file an FIR, whether they are a victim or witness. The FIR must contain key details like the names of those involved, date/time/location of the incident. If the police refuse to register an FIR, one can file a complaint with higher-ranking police officials to compel the investigation.
This document discusses sentencing policy in India. It begins by defining the criminal justice system and its goals of punishing criminals, rehabilitating offenders, and supporting victims. It then explains that sentencing occurs after a determination of guilt. The document outlines the differences between sentencing and punishment, and the significance of sentencing policy in ensuring just and proportional punishments. It discusses the goals of sentencing policy in India, the types of sentences, factors considered in sentencing, and the roles and powers of lower courts, high courts, and the Supreme Court in sentencing.
Electronic Evidence is found in all computer and multimedia as well as communication devices. Increasingly most of the business transactions are done in paperless mode but when the disputes arise, then where to look for evidence? This presentation will help you in this field.
Digital forensics involves recovering and investigating material from digital devices, often related to computer crimes. The process includes seizing devices, imaging their contents, analyzing the data, and producing a report of evidence. Digital forensics has evolved over 30 years to address evolving crimes and now analyzes data from computers, networks, and mobile devices using specialized tools and methodologies. Skills required for digital forensics experts include technical, analytical, and legal expertise.
This document discusses cyber defamation under Indian law. It provides an overview of cyber crimes and defamation, and examines the liabilities, remedies, and damages available. The Information Technology Act of 2000 is the primary legislation covering cyber crimes, though it does not specifically address cyber defamation. Defamation cases can be civil or criminal in nature. The document analyzes several relevant court cases and discusses challenges around key concepts like publication and the liability of internet service providers.
Cyber crime lecture one definition and natureDr. Arun Verma
This document discusses the meaning, definitions, and nature of cyber crimes. It begins by defining cyber crimes as any crimes involving computers and networks, where the computer may be used to commit the crime or be the target. Two common definitions of cyber crime are provided - one defining it as a crime using computer technology as a tool or where the computer is the object, and the other referring to it as computer crime. Indian law defines several cyber crimes like intentionally altering computer source code, hacking by unauthorized computer access, and transmitting obscene materials. Examples of common cyber crimes like identity theft, fraud, hacking, piracy, and storing illegal information are also outlined. The challenges of investigating and preventing cyber crimes through technology, investigation, and legal
Historical genesis and evolution of cyber crimes newDr. Arun Verma
Cyber crimes have evolved significantly since the first recorded cyber crime in 1820. Early cyber crimes were typically committed by individuals and involved sabotage of new technologies or stealing long distance phone services. As computers and the internet became more advanced and widely used through the late 20th century, cyber crimes grew to include hacking, computer viruses, identity theft, and financial crimes. Law enforcement struggled to keep up with the evolving nature of cyber crimes until new laws and agencies were established to address these new threats. Cyber crimes now encompass a wide range of illegal online activities targeting individuals, businesses, and governments.
An FIR is a First Information Report filed with the police when they learn about a cognizable criminal offense. It initiates the criminal justice process by allowing the police to begin an investigation. Anyone who is aware of a cognizable crime can file an FIR, whether they are a victim or witness. The FIR must contain key details like the names of those involved, date/time/location of the incident. If the police refuse to register an FIR, one can file a complaint with higher-ranking police officials to compel the investigation.
This document discusses sentencing policy in India. It begins by defining the criminal justice system and its goals of punishing criminals, rehabilitating offenders, and supporting victims. It then explains that sentencing occurs after a determination of guilt. The document outlines the differences between sentencing and punishment, and the significance of sentencing policy in ensuring just and proportional punishments. It discusses the goals of sentencing policy in India, the types of sentences, factors considered in sentencing, and the roles and powers of lower courts, high courts, and the Supreme Court in sentencing.
Electronic Evidence is found in all computer and multimedia as well as communication devices. Increasingly most of the business transactions are done in paperless mode but when the disputes arise, then where to look for evidence? This presentation will help you in this field.
Digital forensics involves recovering and investigating material from digital devices, often related to computer crimes. The process includes seizing devices, imaging their contents, analyzing the data, and producing a report of evidence. Digital forensics has evolved over 30 years to address evolving crimes and now analyzes data from computers, networks, and mobile devices using specialized tools and methodologies. Skills required for digital forensics experts include technical, analytical, and legal expertise.
Cyber Crime and its Jurisdictional Issue'sDhurba Mainali
This document discusses cyber crime and issues of jurisdiction. It begins with background on the growth of internet usage and the rise of cyber crime. It then defines cyber crime and outlines its history. The document describes several common types of cyber crimes such as hacking, identity theft, cyber stalking, theft, and spoofing. It discusses the challenges of jurisdiction for cyber crimes, distinguishing between subject matter and personal jurisdiction. An example case involving jurisdiction is provided. The conclusion emphasizes the need for international cooperation and evolving cyber laws to address new forms of cyber crime.
Police officers have several powers to investigate cases in India according to the Code of Criminal Procedure. [1] Officers can investigate cognizable cases without a court order. They can examine witnesses and request their attendance. [2] For non-cognizable cases, a magistrate's order is required. Police must submit investigation reports detailing facts and witnesses. [3] If further evidence is found, additional reports can be submitted. Searches and arrests can occur based on reasonable grounds. Overall the document outlines police investigation procedures in India according to the Code of Criminal Procedure.
This document discusses Indian laws related to outraging the modesty of women and other related offenses. It outlines six main provisions under the law: 1) outraging the modesty of a woman, 2) sexual harassment, 3) disrobing, 4) voyeurism, 5) stalking, and 6) insulting the modesty of a woman. It provides details on the punishments and definitions for each provision. It also summarizes several court cases related to these laws as examples.
Cyberspace jurisdiction meaning and conceptgagan deep
Cyberspace refers to the global, online world of computer networks and the internet. Jurisdiction over cybercrimes is complex due to the borderless nature of cyberspace. Under Indian law, criminal courts have jurisdiction over offenses committed within India. The Civil Procedure Code and Code of Criminal Procedure establish jurisdiction based on location and nationality. International law principles like universal jurisdiction provide some guidance but are insufficient on their own. Conflicting laws between countries pose challenges, though treaties and conventions can help resolve disputes. Overall, determining proper legal jurisdiction for crimes committed via cyber networks remains unclear.
1. The document discusses the right to a fair trial in India, including the origins and basic attributes of fair trial. It outlines the key aspects of a fair trial like presumption of innocence, an independent and impartial judiciary, and protection from torture.
2. It examines various stages of criminal proceedings like FIR registration, police investigation, framing of charges, trial procedures, and conviction. It highlights the importance of an independent public prosecutor.
3. The document also analyzes problems that can undermine fair trial such as custodial torture, deaths in police custody as shown by NHRC reports, and the need for strict protection against third degree methods of investigation.
What is digital evidence? , sources of digital evidence, types of digital evidence, the procedure for collecting digital evidence, records, digital vs physical evidence, controlling contamination.
Important sections of IPC - By Abirami.GSchin Dler
This document provides an overview of important sections of the Indian Penal Code (IPC). It lists various sections of the IPC and in some cases provides brief 1-2 sentence descriptions of the offenses covered in those sections. The sections outlined relate to offenses such as waging war against the government of India, unlawful assembly, rioting, promoting enmity between groups, fabricating false evidence, theft, robbery, forgery, and possession of counterfeit currency. In total, over 30 sections of the IPC are listed and in some cases briefly described.
Procedure of investigation (Indian Perspective)Vaibhav Laur
The document summarizes the key sections of the Code of Criminal Procedure (CrPC) relating to investigation procedures in India. It explains that under Section 154, a First Information Report (FIR) must be filed for a cognizable offense, while a magistrate's order is required for a non-cognizable offense under Section 155(2). For a cognizable offense, a police officer has the power to investigate under Section 156, while Sections 157-173 outline the investigation process and requirements for submitting investigation reports. The document also discusses important investigation techniques like crime scene sketching and inspection.
This document provides an overview of computer forensics. It defines computer forensics as identifying, preserving, analyzing and presenting digital evidence in a legally acceptable manner. The objective is to find evidence related to cyber crimes. Computer forensics has a history in investigating financial fraud, such as the Enron case. It describes the types of digital evidence, tools used, and steps involved in computer forensic investigations. Key points are avoiding altering metadata and overwriting unallocated space when collecting evidence.
Introduction to Cyber Forensics Module 1Anpumathews
This document provides an introduction to cyber forensics. It discusses computer forensics techniques used to determine and reveal technical criminal evidence, often involving extracting electronic data for legal purposes. The document outlines several modules that will be covered, including information security investigations, corporate cyber forensics, the scientific method in forensic analysis, and investigating large scale data breach cases. It also discusses advantages and disadvantages of cyber forensics and some common cyber forensic techniques.
This document provides an overview of cyber security laws and guidelines in India under the Information Technology Act 2000. It discusses the motivation for having cyber security legislation, common cyber crimes, and ensures technology is used legally and ethically. The key learning objective is for participants to understand the adequate laws in place in India to deal with cyber security offenses. It covers various cyber crimes and offenses defined under the IT Act, including hacking, data theft, computer tampering. Sections 43, 65, and 66 which deal with penalties for computer damage, tampering with source code, and computer related offenses are explained in detail through case studies. The size and future of cyber crimes in India is also highlighted.
Presentation made by Dr Tabrez Ahmad in Biju Pattanaik State Police Academy Bhubaneswar. To train DSP,s on Cyber Crime Investigation and Cyber Forensics.
INTRODUCTION TO COMPUTER FORENSICS
Introduction to Traditional Computer Crime, Traditional problems associated with Computer Crime. Introduction to Identity Theft & Identity Fraud. Types of CF techniques – Incident and incident response methodology – Forensic duplication and investigation. Preparation for IR: Creating response tool kit and IR team. – Forensics Technology and Systems – Understanding Computer Investigation – Data Acquisition.
Admissibility of forensic evidence in the court of lawRajshree Sable
This document discusses the admissibility and constitutional validity of various forensic evidence techniques in Indian courts. It begins by defining evidence and forensic evidence. It then outlines certain fundamental rights from the Indian Constitution that relate to admissibility, including protections against self-incrimination (Article 20), the right to life and personal liberty (Article 21), and the right against arbitrary arrest or detention (Article 22). The document goes on to analyze the constitutional validity of specific forensic techniques like narco-analysis, DNA fingerprinting, and polygraph testing. It finds that narco-analysis and polygraph testing violate constitutional protections against self-incrimination, while DNA fingerprinting is acceptable if collected and used properly. The conclusion is
The document discusses the police's power of investigation in India according to the Code of Criminal Procedure (CrPC). It provides an overview of the police's role in enforcing law and ensuring public safety. The key aspects of police investigation covered are gathering evidence, analyzing information, making reasonable conclusions, and arresting or charging suspects. The CrPC chapters and sections governing information given to police, their powers to investigate cognizable and non-cognizable cases, and the procedures around investigation, questioning witnesses, searches, and submitting investigation reports are summarized.
This document discusses the trial procedure for summons cases under the Code of Criminal Procedure in India. Summons cases involve less serious offenses punishable by up to 2 years imprisonment. The trial procedure for summons cases is simpler and less formal than for warrant cases. Key aspects of the summons case trial procedure include: recording a plea of guilty from the accused, allowing conviction in absentia for petty cases, acquitting the accused if the complainant does not appear, and case law rulings related to questioning of the accused and disclosure of defense. The discussion concludes that police need modification and social awareness training to fulfill objectives of protecting human rights and serving the welfare state.
This document provides an overview of cyber forensics and digital forensics. It defines cyberforensics as a technique used to determine and reveal technical criminal evidence from electronic data, and discusses how cyberforensics is gaining traction as an evidence interpretation method. The document then discusses digital forensics and its definition, process, history, types including disk, network and wireless forensics, challenges, example uses, advantages, and disadvantages. It also covers cyber criminals and their types, mobile forensics, electronic evidence laws in India, and computer forensics.
Cyber Crime and its Jurisdictional Issue'sDhurba Mainali
This document discusses cyber crime and issues of jurisdiction. It begins with background on the growth of internet usage and the rise of cyber crime. It then defines cyber crime and outlines its history. The document describes several common types of cyber crimes such as hacking, identity theft, cyber stalking, theft, and spoofing. It discusses the challenges of jurisdiction for cyber crimes, distinguishing between subject matter and personal jurisdiction. An example case involving jurisdiction is provided. The conclusion emphasizes the need for international cooperation and evolving cyber laws to address new forms of cyber crime.
Police officers have several powers to investigate cases in India according to the Code of Criminal Procedure. [1] Officers can investigate cognizable cases without a court order. They can examine witnesses and request their attendance. [2] For non-cognizable cases, a magistrate's order is required. Police must submit investigation reports detailing facts and witnesses. [3] If further evidence is found, additional reports can be submitted. Searches and arrests can occur based on reasonable grounds. Overall the document outlines police investigation procedures in India according to the Code of Criminal Procedure.
This document discusses Indian laws related to outraging the modesty of women and other related offenses. It outlines six main provisions under the law: 1) outraging the modesty of a woman, 2) sexual harassment, 3) disrobing, 4) voyeurism, 5) stalking, and 6) insulting the modesty of a woman. It provides details on the punishments and definitions for each provision. It also summarizes several court cases related to these laws as examples.
Cyberspace jurisdiction meaning and conceptgagan deep
Cyberspace refers to the global, online world of computer networks and the internet. Jurisdiction over cybercrimes is complex due to the borderless nature of cyberspace. Under Indian law, criminal courts have jurisdiction over offenses committed within India. The Civil Procedure Code and Code of Criminal Procedure establish jurisdiction based on location and nationality. International law principles like universal jurisdiction provide some guidance but are insufficient on their own. Conflicting laws between countries pose challenges, though treaties and conventions can help resolve disputes. Overall, determining proper legal jurisdiction for crimes committed via cyber networks remains unclear.
1. The document discusses the right to a fair trial in India, including the origins and basic attributes of fair trial. It outlines the key aspects of a fair trial like presumption of innocence, an independent and impartial judiciary, and protection from torture.
2. It examines various stages of criminal proceedings like FIR registration, police investigation, framing of charges, trial procedures, and conviction. It highlights the importance of an independent public prosecutor.
3. The document also analyzes problems that can undermine fair trial such as custodial torture, deaths in police custody as shown by NHRC reports, and the need for strict protection against third degree methods of investigation.
What is digital evidence? , sources of digital evidence, types of digital evidence, the procedure for collecting digital evidence, records, digital vs physical evidence, controlling contamination.
Important sections of IPC - By Abirami.GSchin Dler
This document provides an overview of important sections of the Indian Penal Code (IPC). It lists various sections of the IPC and in some cases provides brief 1-2 sentence descriptions of the offenses covered in those sections. The sections outlined relate to offenses such as waging war against the government of India, unlawful assembly, rioting, promoting enmity between groups, fabricating false evidence, theft, robbery, forgery, and possession of counterfeit currency. In total, over 30 sections of the IPC are listed and in some cases briefly described.
Procedure of investigation (Indian Perspective)Vaibhav Laur
The document summarizes the key sections of the Code of Criminal Procedure (CrPC) relating to investigation procedures in India. It explains that under Section 154, a First Information Report (FIR) must be filed for a cognizable offense, while a magistrate's order is required for a non-cognizable offense under Section 155(2). For a cognizable offense, a police officer has the power to investigate under Section 156, while Sections 157-173 outline the investigation process and requirements for submitting investigation reports. The document also discusses important investigation techniques like crime scene sketching and inspection.
This document provides an overview of computer forensics. It defines computer forensics as identifying, preserving, analyzing and presenting digital evidence in a legally acceptable manner. The objective is to find evidence related to cyber crimes. Computer forensics has a history in investigating financial fraud, such as the Enron case. It describes the types of digital evidence, tools used, and steps involved in computer forensic investigations. Key points are avoiding altering metadata and overwriting unallocated space when collecting evidence.
Introduction to Cyber Forensics Module 1Anpumathews
This document provides an introduction to cyber forensics. It discusses computer forensics techniques used to determine and reveal technical criminal evidence, often involving extracting electronic data for legal purposes. The document outlines several modules that will be covered, including information security investigations, corporate cyber forensics, the scientific method in forensic analysis, and investigating large scale data breach cases. It also discusses advantages and disadvantages of cyber forensics and some common cyber forensic techniques.
This document provides an overview of cyber security laws and guidelines in India under the Information Technology Act 2000. It discusses the motivation for having cyber security legislation, common cyber crimes, and ensures technology is used legally and ethically. The key learning objective is for participants to understand the adequate laws in place in India to deal with cyber security offenses. It covers various cyber crimes and offenses defined under the IT Act, including hacking, data theft, computer tampering. Sections 43, 65, and 66 which deal with penalties for computer damage, tampering with source code, and computer related offenses are explained in detail through case studies. The size and future of cyber crimes in India is also highlighted.
Presentation made by Dr Tabrez Ahmad in Biju Pattanaik State Police Academy Bhubaneswar. To train DSP,s on Cyber Crime Investigation and Cyber Forensics.
INTRODUCTION TO COMPUTER FORENSICS
Introduction to Traditional Computer Crime, Traditional problems associated with Computer Crime. Introduction to Identity Theft & Identity Fraud. Types of CF techniques – Incident and incident response methodology – Forensic duplication and investigation. Preparation for IR: Creating response tool kit and IR team. – Forensics Technology and Systems – Understanding Computer Investigation – Data Acquisition.
Admissibility of forensic evidence in the court of lawRajshree Sable
This document discusses the admissibility and constitutional validity of various forensic evidence techniques in Indian courts. It begins by defining evidence and forensic evidence. It then outlines certain fundamental rights from the Indian Constitution that relate to admissibility, including protections against self-incrimination (Article 20), the right to life and personal liberty (Article 21), and the right against arbitrary arrest or detention (Article 22). The document goes on to analyze the constitutional validity of specific forensic techniques like narco-analysis, DNA fingerprinting, and polygraph testing. It finds that narco-analysis and polygraph testing violate constitutional protections against self-incrimination, while DNA fingerprinting is acceptable if collected and used properly. The conclusion is
The document discusses the police's power of investigation in India according to the Code of Criminal Procedure (CrPC). It provides an overview of the police's role in enforcing law and ensuring public safety. The key aspects of police investigation covered are gathering evidence, analyzing information, making reasonable conclusions, and arresting or charging suspects. The CrPC chapters and sections governing information given to police, their powers to investigate cognizable and non-cognizable cases, and the procedures around investigation, questioning witnesses, searches, and submitting investigation reports are summarized.
This document discusses the trial procedure for summons cases under the Code of Criminal Procedure in India. Summons cases involve less serious offenses punishable by up to 2 years imprisonment. The trial procedure for summons cases is simpler and less formal than for warrant cases. Key aspects of the summons case trial procedure include: recording a plea of guilty from the accused, allowing conviction in absentia for petty cases, acquitting the accused if the complainant does not appear, and case law rulings related to questioning of the accused and disclosure of defense. The discussion concludes that police need modification and social awareness training to fulfill objectives of protecting human rights and serving the welfare state.
This document provides an overview of cyber forensics and digital forensics. It defines cyberforensics as a technique used to determine and reveal technical criminal evidence from electronic data, and discusses how cyberforensics is gaining traction as an evidence interpretation method. The document then discusses digital forensics and its definition, process, history, types including disk, network and wireless forensics, challenges, example uses, advantages, and disadvantages. It also covers cyber criminals and their types, mobile forensics, electronic evidence laws in India, and computer forensics.
This document provides an overview of cyber security and cyber crimes. It defines cybercrime as any illegal act involving computers or networks, and outlines several types of cybercrimes including those against individuals, property, society, and organizations. The document also discusses who commits cybercrimes, including hobby hackers, financially motivated hackers, and disgruntled employees. It covers topics such as cyber terrorism, cyberbullying, hacking, and the motivation and classification of different cyber crimes.
Cyber forensics involves applying scientific methods to digital evidence for legal purposes. It includes preserving, acquiring, analyzing, discovering, documenting, and presenting digital evidence. Common goals are to determine if unauthorized activity or crimes occurred using computer systems and networks. Cyber crimes are growing and can include hacking, cyber stalking, spamming, and intellectual property theft. Forensic investigations follow standard procedures including seizing evidence, making copies, and analyzing to find relevant information for legal cases.
The document discusses information technology law (also called cyber law) and cyber forensics. It explains that cyber law concerns the legal aspects of computing and the internet, including intellectual property, contracts, privacy, and jurisdiction. Cyber forensics involves examining digital evidence from computers and storage devices in a forensically sound manner to identify, preserve, recover, analyze and present digital information in a legal context.
This document discusses computer crimes and cybersecurity issues, with a focus on the human element. It provides definitions and examples of various computer crimes like computer fraud, internet fraud, and modernizing traditional crimes using computers. It also discusses social engineering frauds like pretexting and phishing. For cybersecurity, it covers topics such as firewalls, intrusion detection, denial of service attacks, malware, ransomware, and how to protect against threats. The overall message is that while technology plays a role, human behaviors and decisions are often the weak link exploited in crimes and attacks.
This document summarizes common computer crimes and cybersecurity issues. It discusses how computer crimes are defined and prosecuted, as well as types of computer-aided fraud such as manipulating computer inputs, programs, and outputs. Cybersecurity topics covered include firewalls, intrusion detection, denial of service attacks, dictionary attacks, and different types of malware like viruses, worms, Trojan horses, rootkits, botnets, and ransomware. The document also discusses social engineering frauds like pretexting and various forms of phishing.
Cyber crime refers to criminal activity involving computers or networks, where they are tools, targets, or places of crime. Common cyber crimes in India include phishing, fraud, and intellectual property theft. The document outlines several types of cyber crimes such as hacking, cyber stalking, and phishing. It also discusses Indian cyber laws and prevention methods. Overall, the document provides an overview of cyber crimes in India, the relevant laws, and importance of prevention through security measures and awareness.
This document discusses cybercrime, including definitions, instruments, objectives, and legislation. It defines cybercrime as the use of computers or technology to commit illegal acts. Cybercrime can target computers themselves through malware or use computers as an intermediary to commit property, economic, personal, or political crimes. The document outlines international cooperation efforts and legal instruments addressing cybercrime, such as the Council of Europe's Convention on Cybercrime. The International Telecommunication Union works to develop model cybercrime laws and facilitate capacity building and international cooperation around combating cybercrime. Creating universally applicable international cybercrime legislation faces challenges due to the nature of cybercrime and political tensions between countries.
Computer Forensics-An Introduction of New Face to the Digital Worldrahulmonikasharma
This document provides an introduction to computer forensics. It discusses what computer forensics is, where and when it is used, how it works, and why it is important. Computer forensics is the process of preserving, identifying, extracting and documenting digital evidence from computer systems, networks and digital storage devices so that it can be presented in a court of law. It is used in cases involving intellectual property theft, fraud investigations, and inappropriate computer use. The process involves collecting evidence from computer systems without altering the original data. This allows reconstruction of computer activities, which is important for criminal investigations.
Cyber crime is a growing issue in India due to the country's rapidly growing internet user base. Common cyber crimes in India include phishing, fraud, and data theft. The document discusses the types of cyber crimes, relevant laws and prevention methods. It emphasizes the need for greater public awareness, law enforcement training, and coordination between authorities to combat cyber crime in India.
Cyber crime is a growing issue in India due to the country's rapidly growing internet user base. Common cyber crimes in India include phishing, fraud, and data theft. The document discusses the types of cyber crimes, relevant laws and prevention methods. It emphasizes the need for greater public awareness, law enforcement training, and coordination between authorities to address cyber crime challenges in India.
This document provides an overview of cyber ethics, legal and privacy issues related to cyber technology. It defines key concepts like cyberethics, computer ethics, and discusses ethical standards and codes from professional organizations. It also covers topics like open source ethics, net neutrality, digital rights, e-democracy, privacy law, and the impact of computer technology on privacy. The document references laws and regulations in Tanzania related to privacy and restrictions. It discusses expectations of privacy and challenges posed by new technologies.
Cyber Crimes Overview with special focus on Cyber crimes in India. Discussion related to some different types of Cyber Crimes. The presentation states the act about the growing concerns of Cyber Crime and also shows Statistical Data.
INTRODUCTION TO COMPUTER FORENSICS
Introduction to Traditional Computer Crime, Traditional problems associated with Computer Crime. Introduction to Identity Theft & Identity Fraud. Types of CF techniques – Incident and incident response methodology – Forensic duplication and investigation. Preparation for IR: Creating response tool kit and IR team. – Forensics Technology and Systems – Understanding Computer Investigation – Data Acquisition.
Introduction to Cyber Crime is very necessary and useful for Forensic Science students serving in the cybercrime field and also useful for the general public. Types and Examples of Cyber Crime, How to prevent and report cybercrime, investigating cybercrime.
The presentation provides an overview of digital/computer forensics. It defines key concepts like digital evidence and the forensic process. The objectives are to introduce forensic concepts, understand investigation goals and tools, and how forensics is used for cybercrime. The presentation outlines include topics like rationale for forensics, the investigator's role, comparing cybercrime and evidence, challenges, and open-source tools available in Kali Linux.
Because the technology is used largely in the last decades; cybercrimes have become a significant
international issue as a result of the huge damage that it causes to the business and even to the ordinary
users of technology. The main aims of this paper is to shed light on digital crimes and gives overview about
what a person who is related to computer science has to know about this new type of crimes. The paper has
three sections: Introduction to Digital Crime which gives fundamental information about digital crimes,
Digital Crime Investigation which presents different investigation models and the third section is about
Cybercrime Law.
Similar to Obstacles to Cybercrime Investigations (20)
This document contains C code examples for various programming concepts like functions, loops, arrays, structures, unions, file handling etc. There are a total of 30 code snippets showing how to use different data types, control structures and functions in C programming language. The code snippets range from simple Hello World program to more complex examples demonstrating concepts like recursion, structures, file handling etc.
The document discusses 12 financial functions in Microsoft Excel: FV, ACCRINT, COUPDAYBS, CUMIPMT, CUMPRINC, DB, DDB, DISC, DURATION, EFFECT, FVSCHEDULE, and INTRATE. Each function is described, including what it calculates and its syntax and required/optional arguments. Examples are provided for some of the functions.
This document describes several text functions in Excel including joining strings with the & operator, extracting portions of strings with LEFT, RIGHT, MID, and FIND functions, getting the length of a string with LEN, and replacing text within a string using SUBSTITUTE.
The document discusses various lookup functions in Microsoft Excel, including LOOKUP, HLOOKUP, INDEX, MATCH, and CHOOSE. It provides the syntax and purpose of each function. LOOKUP returns a value from a range based on a lookup value. HLOOKUP looks up a value in the top row and returns the value from the same column in a specified row. INDEX returns a value based on row and column numbers. MATCH locates the position of a lookup value. CHOOSE returns a value from a list using a given index position.
This document provides information on using date and time functions in Excel. It describes how to enter dates using "/" or "-" and times using ":" in a cell. Functions like YEAR, MONTH, DAY, NOW, TODAY, HOUR, MINUTE and SECOND are used to extract individual components from dates or times. The DATE and TIME functions allow adding or subtracting specific numbers of years, months, days, hours, minutes and seconds to dates or times.
This document describes 11 statistical and financial functions in Excel including AVERAGE, AVERAGEIF, MEDIAN, MODE, STEDV, MIN, MAX, LARGE, SMALL, FV, and COUNT. These functions allow users to calculate averages, find median, mode, standard deviation, minimum, maximum, future values, and counts of numbers in a dataset. The FV function specifically returns the future value of an investment given periodic payments and interest rate.
Subtotals in Excel allow you to summarize different groups of data in worksheets to make the information easier to understand. You can insert subtotals that use functions like SUM, COUNT, and AVERAGE to total subsets of values and create an outline to display or hide detail groups. To add a subtotal, select the data, click the Subtotal button on the Data tab, and choose a subtotal function.
Mathematical functions in Excel are used to perform arithmetic operations like sum, average, count, max, min. The SUM function adds the values within a cell range. For example, SUM(C1:C3)=15 adds the values in cells C1 through C3. The AVERAGE function calculates the average of a range of cells. COUNT counts the number of cells that contain numbers. Other common functions include ROUND, RAND, MOD, INT, ABS, ARABIC, and CEILING.MATH.
1) The document discusses methods of resolving cybersquatting disputes in India, including policies from international bodies like ICANN and WIPO, as well as national bodies and judicial precedents.
2) It outlines ICANN's Uniform Domain Name Dispute Resolution Policy and WIPO's domain name dispute resolution services. In India, disputes can be resolved through the .IN Dispute Resolution Policy or trademark infringement lawsuits.
3) Key court cases that helped define cybersquatting in India are discussed, such as Rediff Communication v. Cyberbooth and Aroon Purie v. Kautilya Krishan Pandey. The conclusion is that India needs specific cyberlaws to better handle domain name disputes
India: Meta-Tagging Vis-À-Vis Trade Mark Misuse: An OverviewDr. Prashant Vats
This document discusses meta-tagging and trademark misuse related to meta-tagging under Indian law. It begins by explaining what meta-tags are and how they can be used to manipulate search engine results. It then discusses legal cases where misleading meta-tags containing competitors' trademarks were found to cause initial interest confusion and violate trademark law. The document outlines exceptions for descriptive, comparative and consumer review uses of trademarks in meta-tags that constitute fair use. It concludes that while India recognizes issues with meta-tagging abuse, concrete laws are still needed to properly regulate meta-tags and intellectual property on the internet.
METHODS OF RESOLVING CYBERSQUATTING DISPUTE IN INDIADr. Prashant Vats
1) The document discusses methods of resolving cybersquatting disputes in India, including policies from international bodies like ICANN and WIPO, as well as national bodies and judicial precedents.
2) It outlines ICANN's Uniform Domain Name Dispute Resolution Policy and WIPO's domain name dispute resolution services. In India, disputes can be resolved through the .IN Dispute Resolution Policy or trademark infringement lawsuits.
3) Key court cases that helped define cybersquatting in India are discussed, such as Rediff Communication v. Cyberbooth and Aroon Purie v. Kautilya Krishan Pandey. The conclusion is that India needs specific cyberlaws to better deal with cybers
This document provides information about various topics related to computer software and intellectual property rights, including:
- Definitions of property, intellectual property, patents, copyrights, and software patents.
- The classification of intellectual property into industrial property and literary property.
- Criteria for patentability such as novelty, inventive step, and industrial applicability.
- A list of patentable and non-patentable inventions.
- An overview of the patenting process and timelines for protection of different intellectual property rights.
- Discussion of software patents, copyright protections, and differences between patents and copyrights for software.
- Examples of computer-aided inventions and fields that
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000Dr. Prashant Vats
This document outlines amendments made to the Indian Evidence Act of 1872 by the Information Technology Act of 2000 regarding electronic records and digital signatures. Some key points:
- It defines electronic terms like digital signature and includes electronic records in definitions of evidence and documents.
- It allows electronic records and documents produced from computers to be considered admissible as evidence if certain conditions are met regarding the computer system and record keeping.
- It establishes provisions for proving digital signatures and verifying them, including allowing courts to request digital signature certificates from individuals, controllers or certifying authorities.
- It creates presumptions that electronic records of official gazettes, electronic agreements containing digital signatures, and secure digital records and signatures are valid unless proven
This document discusses trademark issues related to domain names in the digital era. It begins by explaining how domain names have become important business identifiers online and discusses some of the structure and purpose of domain name systems. It then explains how disputes can arise over domain name ownership between trademark holders operating in different regions. The document outlines the domain name assignment procedure and some available legal remedies for disputes, including the Uniform Domain Name Dispute Resolution Policy (UDRP) established by ICANN. It provides details on the UDRP process and notes that India has its own dispute resolution policy for .IN domain names as well. In conclusion, it states that domain name dispute resolution has proven an effective alternative to litigation for resolving conflicts.
Trade-Related Aspects of Intellectual Property Rights (TRIPS)Dr. Prashant Vats
The TRIPS agreement is an international agreement administered by the WTO that introduced intellectual property law into the multilateral trading system. It requires WTO members to provide minimum standards of protection for copyrights, trademarks, patents, and other intellectual property. TRIPS was negotiated at the end of the Uruguay Round between 1989-1990 and remains the most comprehensive agreement on IP. It has provisions for enforcement and allows for compulsory licensing of medicines under certain conditions. However, many nations have adopted even higher "TRIPS-plus" standards through bilateral agreements.
How to Copyright a Website to Protect It under IPR and copyright actDr. Prashant Vats
- A website is a collection of interconnected web pages located on the same server and maintained by an organization. The content on a website, such as writing, images, and videos, can be copyrighted but not the website structure itself.
- To copyright a website, the content must be original, owned by the applicant, and clearly described. Copyright protection applies automatically when content goes live but registering the copyright provides additional legal protections.
- Parts of a website that cannot be copyrighted include domain names, website layout/design, links to other sites, public domain works, and common symbols/icons. Employees' work is owned by the business but contractors retain ownership unless assigned in a contract.
- To protect a website
The document discusses several international treaties related to intellectual property protection administered by the World Intellectual Property Organization (WIPO). It provides details on the Beijing Treaty on Audiovisual Performances, the Berne Convention for the Protection of Literary and Artistic Works, and the principles and minimum standards of protection established by the Berne Convention. The Berne Convention deals with protecting works and author's rights, establishing the principles of national treatment, automatic protection without formalities, and independence of protection across countries.
CapTechTalks Webinar Slides June 2024 Donovan Wright.pptxCapitolTechU
Slides from a Capitol Technology University webinar held June 20, 2024. The webinar featured Dr. Donovan Wright, presenting on the Department of Defense Digital Transformation.
Information and Communication Technology in EducationMJDuyan
(𝐓𝐋𝐄 𝟏𝟎𝟎) (𝐋𝐞𝐬𝐬𝐨𝐧 2)-𝐏𝐫𝐞𝐥𝐢𝐦𝐬
𝐄𝐱𝐩𝐥𝐚𝐢𝐧 𝐭𝐡𝐞 𝐈𝐂𝐓 𝐢𝐧 𝐞𝐝𝐮𝐜𝐚𝐭𝐢𝐨𝐧:
Students will be able to explain the role and impact of Information and Communication Technology (ICT) in education. They will understand how ICT tools, such as computers, the internet, and educational software, enhance learning and teaching processes. By exploring various ICT applications, students will recognize how these technologies facilitate access to information, improve communication, support collaboration, and enable personalized learning experiences.
𝐃𝐢𝐬𝐜𝐮𝐬𝐬 𝐭𝐡𝐞 𝐫𝐞𝐥𝐢𝐚𝐛𝐥𝐞 𝐬𝐨𝐮𝐫𝐜𝐞𝐬 𝐨𝐧 𝐭𝐡𝐞 𝐢𝐧𝐭𝐞𝐫𝐧𝐞𝐭:
-Students will be able to discuss what constitutes reliable sources on the internet. They will learn to identify key characteristics of trustworthy information, such as credibility, accuracy, and authority. By examining different types of online sources, students will develop skills to evaluate the reliability of websites and content, ensuring they can distinguish between reputable information and misinformation.
Level 3 NCEA - NZ: A Nation In the Making 1872 - 1900 SML.pptHenry Hollis
The History of NZ 1870-1900.
Making of a Nation.
From the NZ Wars to Liberals,
Richard Seddon, George Grey,
Social Laboratory, New Zealand,
Confiscations, Kotahitanga, Kingitanga, Parliament, Suffrage, Repudiation, Economic Change, Agriculture, Gold Mining, Timber, Flax, Sheep, Dairying,
🔥🔥🔥🔥🔥🔥🔥🔥🔥
إضغ بين إيديكم من أقوى الملازم التي صممتها
ملزمة تشريح الجهاز الهيكلي (نظري 3)
💀💀💀💀💀💀💀💀💀💀
تتميز هذهِ الملزمة بعِدة مُميزات :
1- مُترجمة ترجمة تُناسب جميع المستويات
2- تحتوي على 78 رسم توضيحي لكل كلمة موجودة بالملزمة (لكل كلمة !!!!)
#فهم_ماكو_درخ
3- دقة الكتابة والصور عالية جداً جداً جداً
4- هُنالك بعض المعلومات تم توضيحها بشكل تفصيلي جداً (تُعتبر لدى الطالب أو الطالبة بإنها معلومات مُبهمة ومع ذلك تم توضيح هذهِ المعلومات المُبهمة بشكل تفصيلي جداً
5- الملزمة تشرح نفسها ب نفسها بس تكلك تعال اقراني
6- تحتوي الملزمة في اول سلايد على خارطة تتضمن جميع تفرُعات معلومات الجهاز الهيكلي المذكورة في هذهِ الملزمة
واخيراً هذهِ الملزمة حلالٌ عليكم وإتمنى منكم إن تدعولي بالخير والصحة والعافية فقط
كل التوفيق زملائي وزميلاتي ، زميلكم محمد الذهبي 💊💊
🔥🔥🔥🔥🔥🔥🔥🔥🔥
Temple of Asclepius in Thrace. Excavation resultsKrassimira Luka
The temple and the sanctuary around were dedicated to Asklepios Zmidrenus. This name has been known since 1875 when an inscription dedicated to him was discovered in Rome. The inscription is dated in 227 AD and was left by soldiers originating from the city of Philippopolis (modern Plovdiv).
How to Download & Install Module From the Odoo App Store in Odoo 17Celine George
Custom modules offer the flexibility to extend Odoo's capabilities, address unique requirements, and optimize workflows to align seamlessly with your organization's processes. By leveraging custom modules, businesses can unlock greater efficiency, productivity, and innovation, empowering them to stay competitive in today's dynamic market landscape. In this tutorial, we'll guide you step by step on how to easily download and install modules from the Odoo App Store.
How to Manage Reception Report in Odoo 17Celine George
A business may deal with both sales and purchases occasionally. They buy things from vendors and then sell them to their customers. Such dealings can be confusing at times. Because multiple clients may inquire about the same product at the same time, after purchasing those products, customers must be assigned to them. Odoo has a tool called Reception Report that can be used to complete this assignment. By enabling this, a reception report comes automatically after confirming a receipt, from which we can assign products to orders.
4. 1. Anonymity
• There are several obstacles that may be encountered during cybercrime
investigations.
• One such obstacle is created by the anonymity that information and
communication technology affords to users.
• Anonymity enables individuals to engage in activities without revealing themselves
and/or their actions to others.
• There are several anonymization techniques that cybercriminals use One such
technique is the use of proxy servers.
• A proxy server is an intermediary server that is used to connect a client (i.e., a
computer) with a server that the client is requesting resources from.
• Anonymizers, or anonymous proxy servers, hide users' identity data by masking
their IP address and substituting it with a different IP address.
• Cybercriminals can also use anonymity networks to encrypt (i.e. block access)
traffic and hide Internet Protocol address (or IP address), "a unique identifier
assigned to a computer [or other Internet-connected digital device] by the Internet
service provider when it connects to the Internet" , in an effort to conceal their
Internet activities and locations.
• Well-known examples of anonymity networks are Tor , Freenet , and the Invisible
Internet Project (known as I2P ).
• These anonymity networks not only "mask users' identities, but also host their
websites via their 'hidden services' capabilities, which mean[s] [that these] sites
can only be accessed by people on" these anonymizing networks.
• These anonymity networks are thus used to access darknet (or Dark Web) sites
5. 2. Attribution
• Attribution is another obstacle encountered during cybercrime
investigations.
• Attribution is the determination of who and/or what is responsible
for the cybercrime.
• This process seeks to attribute the cybercrime to a particular digital
device, user of the device, and/or others responsible for the
cybercrime (e.g., if the cybercrime is state-sponsored or directed).
• The use of anonymity-enhancing tools can make the identification
of the devices and/or persons responsible for the cybercrime
difficult.
• Attribution is further complicated through the use of malware-
infected zombie computers (or botnets;) or digital devices
controlled by remote access tools (i.e., malware that is used to
create a backdoor on an infected device to enable the distributor of
the malware to gain access to and control of systems).
• These devices can be used, unbeknownst to the user whose device
is infected, to commit cybercrimes.
6. 3. Backtracking or Tracing
• Back-tracing (or traceback) is the process of tracing illicit acts back to the
source (i.e., perpetrator and/or digital device) of the cybercrime.
• Traceback occurs after a cybercrime has occurred or when it is detected.
• A preliminary investigation is conducted to reveal information about the
cybercrime through an examination of log files (i.e., event logs, which are
files systems produce of activity), which can reveal information about the
cybercrime (i.e., how it occurred).
• For instance, event logs "automatically record… events that occur within a
computer to provide an audit trail that can be used to monitor,
understand, and diagnose activities and problems within the system“
• Examples of these logs are application logs, which record "events that are
logged by programs and applications," and security logs that "record all
login attempts (both valid and invalid) and the creation, opening or
deletion of files, programmes or other objects by a computer user“.
• These event logs may reveal the IP address used in the cybercrime.
• Traceback can be time-consuming. The time it takes to complete this
process depends on the knowledge, skills, and abilities of the preparators
and the measures they have taken to conceal their identities and
activities.
• Depending on the tactics used by cybercriminals to perpetrate the illicit
acts, tracing may not lead to a single identifiable source.
7. 4. Identifying the Internet service provider (ISP)
• To identify the Internet service provider (ISP) associated with the IP
address, the cybercrime investigator can use ICANN's WHOIS query tool .
• The Internet Corporation For Assigned Names and Numbers '
(ICANN) Internet Assigned Number Authority (IANA) manages the
allocation of IP addresses, among other things, to Regional Internet
Registries (RIRs), which are responsible for overseeing the registration of
IP address in their regions.
• RIRs provide access to WHOIS services via their websites.
• WHOIS data is the registration information that has been provided by
individuals, corporations, organizations, and governments when
registering domain names (e.g., gmail.com), which includes names and
contact information (e.g., phone numbers, addresses, and emails) (ICANN
WHOIS, n.d.).
• The WHOIS query tool can be used to identify the contact information and
location of the organization associated with a domain name .
• The WHOIS query tool can also be used to identify the contact information
and location of the organization associated with an IP address.
• Once an ISP has been identified, cybercrime investigators may contact the
ISP associated with the IP address to retrieve the information about the
subscriber using that IP address
8. 5. Lack of harmonized national cybercrime law
• The lack of harmonized national cybercrime laws,
international standardization of evidentiary requirements
(both in terms of admissibility in a court of law, and in
terms of international state responsibility), mutual legal
assistance on cybercrime matters, and timely collection,
preservation, and sharing of digital evidence between
countries, also serve as obstacles to cybercrime
investigations.
• In regard to certain types of cybercrime, especially
cybercrimes that are politically motivated, a general lack of
will of countries to cooperate in these cases has been
observed ( in case of Hacktivism, Terrorism, Espionage,
Disinformation Campaigns, and Warfare in Cyberspace).
9. 6. Technical Challenges
• Cybercrime investigators also face technical challenges.
For example, numerous digital devices have proprietary
operating systems and software that require the use of
specialized tools to identify, collect, and preserve
digital evidence for Digital Forensics for further
information about digital evidence, digital devices, and
digital forensics tools.
• What is more, investigators may not have the
necessary equipment and digital forensics tools needed
to adequately conduct cybercrime investigations
involving digital devices against Cybercrime.
10. 7. limited abilities of law enforcement agencies
• Other obstacles to cybercrime investigations include the
existing limited abilities of law enforcement agencies to
conduct these investigations .
• In countries where national specialized units exist, they
only investigate a limited number of cybercrime cases. The
prevalence of information and communication technology
in criminal investigations makes such a practice ineffective.
• The training of national law enforcement officers in non-
specialized areas of policing and non-technical specialized
units (e.g., drug crime, organized crime, crimes against
children) on cybercrime, ICT-related investigations, and
digital forensics is one way to strengthen national capacity
and the ways in which to deal with the current deficits in
national capacity to investigate cybercrimes.
11. 8. Brain Drain of highly trained and skilled cybercrime
investigators
• Specifically, information and communication technology is
continuously evolving.
• Because of this, cybercrime investigators must be "lifelong
learners," continuously training to remain current on
technologies, cybercriminals, and their motives, targets,
tactics, and methods of operation (M.O.).
• Furthermore, government and national security agencies
are experiencing what is known as a "brain drain," whereby
highly trained and skilled cybercrime investigators are
leaving these agencies to join the private sector, which
provides better financial compensation for their
knowledge, skills, and abilities.
• These capacity and staffing issues need to be considered by
countries as they serve as significant obstacles to
cybercrime investigations
13. Sovereignty and jurisdiction
• Territorial sovereignty refers to the state's complete and exclusive exercise
of authority and power over its geographic territory.
• The safeguarding of sovereignty factors prominently in international and
regional cybercrime instruments.
• Territorial sovereignty can be applied to cyberspace, particularly to states'
information and communications technology (ICT) infrastructure.
• State sovereignty can be violated when third parties gain unauthorized
access to ICT in foreign countries without the knowledge and permission
of the host country and/or its law enforcement agents.
• This violation happens even if this unauthorized access occurs pursuant to
an investigation of a cybercrime committed in a different country in an
effort by that country to locate the source of the cyberattack and/or stop
the cyberattack from occurring (a tactic known as hackback or hacking
back).
• Jurisdiction, which is linked to sovereignty (UNODC, 2013, note 9, p. 184),
provides states with the power and authority to define and preserve the
duties and rights of people within its territory, enforce laws, and punish
violations of laws.
• Cybercrime jurisdiction is established by other factors, such as the
nationality of the offender ( principle of nationality; active personality
principle), the nationality of the victim ( principle of nationality; passive
personality principle), and the impacts of the cybercrime on the interests
and security of the state ( protective principle)
14. Jurisdiction Issues
• Jurisdiction is one of the debatable issues in the case of cyber crime
due to the very universal nature of the cyber crime.
• With the ever-growing arm of the cyber space the territorial
concept seems to vanish.
• New Methods dispute resolution should give way to the
conventional methods.
• Thus, the Information Technology Act, 2000 is silent on these issues
• Though S. 75 provides for extra-territorial operations of this law, but
they could be meaningful only when backed with provisions
recognizing orders and warrants for Information issued by
competent authorities outside their jurisdiction and measure for
cooperation‘s for exchange of material and evidence of computers
crimes between law enforcement agencies.
15. Jurisdiction over cyber crime and
national laws
• Jurisdiction is the power or authority of the
court to hear and determine the cause and
adjudicate upon the matter that are litigated
before it or the power of the court to take
cognizance of the matter brought before it but
when it comes to determine the jurisdiction in
context of cyber space it becomes strenuous
part of law.
16. In common parlance Jurisdictions is of two types:
• Subject jurisdiction allows the court to decide cases of
a particular category and to check whether the claim is
actionable in the court where the case has been filed.
• Personal jurisdiction allows a court to decide on
matters related to citizens or people of its territory, the
person having some connection to that territory,
irrespective of where the person is presently located.
Every state exercises the personal jurisdiction over the
people within its territory
17. • Section 20 serves important ingredients for the purpose of institution of other suit
in a court within the local limits of whose jurisdiction'[1]:
• the defendant or each of the defendants resides, or carries on business, or
personally works for gain at the time of the commencement of suit.
• Any of the defendants, where there are more than one defendants resides, or
carries on business, or personally works for gain at the time of the commencement
of suit provided that in such cases either the leave of the court is given, or the
defendants who do not reside, or carry on business, or personally works for gain,
as aforesaid, acquiesce in such institution or, the cause of action wholly or partially
arises.
• However, this section doesn't seem to be fit in virtual world. The issue with the
cyber space jurisdiction is the presence of multiple parties across various part of
the globe who only have virtual connections among them therefore we cannot
have a clear idea about the parties and the place of suing so that the jurisdiction of
the court could be determined to try such cases.
• The substantive source of cyber law in India is the Information Technology Act,
2000 (IT Act) which came into force on 17 October 2000. The objective of the Act
is to provide legal recognition to e- commerce and to facilitate storage of
electronic records with the Government.
• The IT Act also penalizes various cybercrimes and provides strict punishments. In
pursuant to this there are certain provision under this act which renders the idea
of jurisdiction of court for the trial of cases pertaining cyber crimes in India as well
as outside India.
18. • Sec (48) of the act provides for the Establishment of
Cyber Appellate Tribunal[4].
(1) The Central Government shall, by notification,
establish one or more appellate tribunals to be known
as the Cyber Regulations Appellate Tribunal.
Comment- This tribunal is established by the
government under this Act and the government itself
decides the matters and places as to where the
tribunal would exercise its jurisdiction. It is considered
as the first appellate tribunal where the appeal from
the orders of control board or the adjudicating officers
is preferred. Further any person aggrieved by the
decision of appellate tribunal may prefer appeal in High
Court within sixty days from the date of
communication of such decision or order.
19. • The Information Technology Act 2000 seems exhaustive when it comes to
adjudicate the matter where the parties are Indian citizen and the offence
or any contravention has been committed in India as the Indian Courts
follow the Principle of lex foris that means the law of the country but it
still creates confusion in order to exercise its extra territorial jurisdiction
where the offence has been committed outside India or by any non-
citizen.
• For instance, if an American citizen damaged the reputation of one of the
Indian Politician by publishing lewd comments through the social media
and the aggrieved person approached to Indian court for the justice. It is
obvious that IT act, 2000 provides for extra territorial jurisdiction but the
issue arises here that how far would it be effective to bring the American
citizen to India to be prosecuted for cyber defamation as the IT Act is not
applicable to the American citizen.
• Apart of IT Act 2000, there are other relevant legislation under Indian laws
that gives the authority to India Courts to adjudicate the matters related
to cyber-crimes such as:
• Sec 3 and 4 of Indian penal code 1882 also deals with the extra territorial
jurisdiction of Indian courts.
• Section 188 of CrPC 1973 provides that even if a citizen of India outside
the country commits the offence, the same is subject to the jurisdiction of
courts in India. Section 178 deals with the crime or part of it committed in
India and Section 179 deals with the consequences of crime in Indian
Territory.
20. • Relevant cases laws:
• SMC Pneumatics (India) Pvt. Ltd. v. Jogesh Kwatra[7]
This is a case related to cyber defamation. This is first case of its kind from India. In
this case, the defendant was an employee of the plaintiff's company who used to
send derogatory, obscene, vulgar, and abusive emails to his employers and also to
different subsidiaries of the said company all over the world. The motive behind
sending those emails was to malign the reputation of the company and its
Managing Director all over the world.
• The High Court of Delhi assumed jurisdiction over a matter of defamation of
reputation of corporate through e-mails. An ex-parte injunction was granted by the
court.
• SIL Import v. Exim Aides Silk Importers
• In this case the court successfully highlighted the need of interpretation of the
statute by judiciary in the light of technological advancement that has occurred so
far . Until there is specific legislation in regard to the jurisdiction of the Indian
Courts with respect to Internet disputes, or unless India is a signatory to an
International Treaty under which the jurisdiction of the national courts and
circumstances under which they can be exercised are spelt out, the Indian courts
will have to give a wide interpretation to the existing statutes, for exercising
Internet disputes.
21. • Impresario Entertainment & Hospitality Pvt. Ltd. vs S&D
Hospitality
• Facts – in this case the plaintiff's company offers restaurant services
which has its registered office in Mumbai and is carrying its
business in New Delhi and a restaurant under the name and style of
'SOCIAL' which it has trademark and has various branches as well.
The plaintiff came to know about the defendant's restaurant in
Hyderabad under the name 'SOCIAL MONKEY.
• Also, it has a popular beverage by the name A GAME OF SLING and
the defendant has named a beverage as Hyderabad Sling which is
identical or deceptively similar to the plaintiff's beverage. Both
these outlets had entered into contract with websites like Zomato
and Dine Out and so the information of both, along with menu and
contact info was made available on the websites of Zomato and
Dine Out.
22. India and international convention over cyber
jurisdiction:
• Convention on Cyber crime, 2001 also known as the Budapest Convention, is the
first international treaty which discusses about the Internet and cybercrime by
considering national laws, increasing cooperation among nations and improving
investigative techniques.
• It was signed by the Council of Europe in Strasbourg, France, Canada, Japan,
Philippines, South Africa and the United States.
• However, countries like India and Brazil have declined to adopt the Convention on
the grounds that they didn't participate in its drafting but due to increasing
incident of cyber crimes India has been reconsidering its stand on the convention
since 2018.
• Article 22 The Convention on Cyber Crime, 2001 allows the country to have
jurisdiction if the cyber crime is committed:
• In its territory;
• On board a ship flying the flag of the country;
• On board an aircraft registered under the laws of the country
• By one of the countries nationals, if the offence is punishable under criminal law
where it was committed or if the offence is committed outside the territorial
jurisdiction of any State.
23. United Nations Convention against Transnational
Organized Crime (UNTOC):
• this treaty was adopted by resolution of the UN General
Assembly in November 2000.
• India being a signatory to this joined in 2002.
• UNTOC is also known as the Palermo Convention, under
this the state parties are obliged to enact domestic criminal
offences that target organized criminal groups and to adopt
new frameworks for extradition, mutual legal assistance,
and law enforcement cooperation.
• Although the treaty does not explicitly address cyber-crime,
its provisions are highly relevant.
• In pursuant to this treaty Indian Parliament enacted the
Information Technology Act 2000.
24. For more on cyber jurisdiction issues
please search
• Sec 20 of code of civil procedure 1908
• Information technology Act 2000
• ibid
• Supra note 2
• Sec 3 and 4 Indian penal code,1860
• Section 178, 179 and 188 of Code of Criminal Procedure, 1973.
• Being Suit No. 1279/2001 available at
https://indiankanoon.org/doc/(Accessed on 31ST January, 2020)
• (1999) 4 SCC 567
• CS(COMM) 111/2017
• CS (OS) No 894 of 2008
• ETS185–Cybercrime (Convention) budapest, 23.XI.2001
• General Assembly resolution 55/25 of 15 November 2000
26. Handling of digital evidence
• In the private sector, the response to cybersecurity incidents (e.g., a
distributed denial of service attack, unauthorized access to systems, or
data breach) includes specific procedures that should be followed to
contain the incident, to investigate it and/or to resolve the cybersecurity
incident (Cyber Security Coalition, 2015).
• There two primary ways of handling a cybersecurity incident:
• recover quickly or gather evidence
• The first approach, recover quickly, is not concerned with the preservation
and/or collection of data but the containment of the incident to minimize
harm.
• Because of its primary focus on swift response and recovery, vital evidence
could be lost.
• The second approach, monitors the cybersecurity incident and focuses on
digital forensic applications in order to gather evidence of and information
about the incident.
• Because of its primary focus of evidence collection, the recovery from the
cybersecurity incident is delayed.
• These approaches are not exclusive to the private sector. The approach
taken by the private sector varies by organization and the priorities of the
organization.
27. • Digital evidence is volatile and fragile and the improper handling of
this evidence can alter it.
• Because of its volatility and fragility, protocols need to be followed
to ensure that data is not modified during its handling (i.e., during
its access, collection, packaging, transfer, and storage).
• These protocols delineate the steps to be followed when handling
digital evidence.
• There are four phases involved in the initial handling of digital
evidence:
• identification,
• collection,
• acquisition, and
• preservation
• ISO/IEC 27037 ;
Handling of digital evidence
28. ISO/IEC 27037:2012
(Information technology — Security techniques — Guidelines for
identification, collection, acquisition and preservation of digital evidence)
• ISO/IEC 27037:2012 provides guidelines for
specific activities in the handling of digital
evidence, which are identification, collection,
acquisition and preservation of potential digital
evidence that can be of evidential value.
• It provides guidance to individuals with respect to
common situations encountered throughout the
digital evidence handling process and assists
organizations in their disciplinary procedures and
in facilitating the exchange of potential digital
evidence between jurisdictions.
29. ISO/IEC 27037:2012
(Information technology — Security techniques — Guidelines for
identification, collection, acquisition and preservation of digital evidence)
• ISO/IEC 27037:2012 gives guidance for the following
devices and circumstances:
• Digital storage media used in standard computers like hard
drives, floppy disks, optical and magneto optical disks, data
devices with similar functions,
• Mobile phones, Personal Digital Assistants (PDAs), Personal
Electronic Devices (PEDs), memory cards,
• Mobile navigation systems,
• Digital still and video cameras (including CCTV),
• Standard computer with network connections,
• Networks based on TCP/IP and other digital protocols, and
• Devices with similar functions as above.
30. Protocols for the collecting volatile evidence.
• There are protocols for the collecting volatile evidence.
• Volatile evidence should be collected based on the order of
volatility; that is, the most volatile evidence should be collected
first, and the least volatile should be collected last. T
• The Request for Comments (RFC) 3227 document provides the
following sample of the order of volatile data (from most to least
volatile) for standard systems):
• registers, cache
• routing table, ...[address resolution protocol or ARP] cache, process
table, kernel statistics, memory
• temporary file systems
• disk
• remote logging and monitoring data that is relevant to the system
in question
• physical configuration, network topology
• archival media
31. Identification of Digital Evidence
• In the identification phase, preliminary information is obtained
about the cybercrime case prior to collecting digital evidence.
• This preliminary information is similar to that which is sought
during a traditional criminal investigation.
• The investigator seeks to answer the following questions:
• Who was involved?
• What happened?
• When did the cybercrime occur?
• Where did the cybercrime occur?
• How did the cybercrime occur?
• The answers to these questions will provide investigators with
guidance on how to proceed with the case. For example, the
answer to the question "where did this crime occur?" - that is,
within or outside of a country's - will inform the investigator on how
to proceed with the case (e.g., which agencies should be involved
and/or contacted).
32. • In the identification phase, cybercrime investigators use many traditional
investigative techniques, especially with respect to information and
evidence gathering.
• For example, victims, witnesses, and suspects of a cybercrime are
interviewed to gather information and evidence of the cybercrime under
investigation.
• Undercover law enforcement investigations have also been conducted to
identify, investigate, and prosecute cybercriminals.
• Additionally, cybercrime investigators have conducted covert surveillance.
This tactic is a "particularly intrusive method for collecting evidence.
• The use of covert surveillance measures involves a careful balancing of a
suspect's right to privacy against the need to investigate serious
criminality.
• Provisions on covert surveillance should fully respect "the rights of the
suspect. There have been various decisions of international human rights
bodies and courts on the permissibility of covert surveillance and the
parameters of these measures“
• Even malware has been used by law enforcement agencies to conduct
surveillance in order to gather information about and evidence of
cybercrime. For example, US law enforcement agencies are using
networking investigation techniques (NITs), "specially designed exploits or
malware," in their investigations of online child sexual exploitation and
abuse.
33. • Before digital evidence collection begins, the investigator must
define the types of evidence sought.
• Digital evidence can be found on digital devices, such as computers,
external hard drives, flash drives, routers, smartphones, tablets,
cameras, smart televisions, Internet-enabled home appliances (e.g.,
refrigerators and washing machines), and gaming consoles (to name
a few), as well as public resources (e.g., social media platforms,
websites, and discussion forums) and private resources (e.g.
Internet service providers logs of user activity; communication
service providers business records; and cloud storage providers
records of user activity and content).
• Many applications, websites, and digital devices utilize cloud
storage services. Users' data can thus be stored wholly or in
fragments by many different providers in servers in multiple
locations.
• Because of this, retrieving data from these providers is challenging .
• The evidence sought will depend on the cybercrime under
investigation.
• If the cybercrime under investigation is identity-related fraud, then
digital devices that are seized will be searched for evidence of this
crime (e.g., evidence of a fraudulent transactions or fraudulent
transactions).
34. 2. Collection of Digital Evidence
• With respect to cybercrime, the crime scene is not limited to the physical
location of digital devices used in the commissions of the cybercrime
and/or that were the target of the cybercrime.
• The cybercrime crime scene also includes the digital devices that
potentially hold digital evidence, and spans multiple digital devices,
systems, and servers.
• The crime scene is secured when a cybercrime is observed, reported,
and/or suspected.
• The first responder identifies and protects the crime scene from
contamination and preserves volatile evidence by isolating the users of all
digital devices found at the crime scene (e.g., holding them in a separate
room or location).
• The users must not be given the opportunity to further operate the digital
devices. Neither should the first responder nor the investigator seek the
assistance of any user during the search and documentation process.
• The investigator, if different from the first responder, searches the crime
scene and identifies the evidence.
35. • Before evidence is collected, the crime scene is documented.
• Documentation is needed throughout the entire investigative
process (before, during, and after the evidence has been acquired).
• This documentation should include detailed information about the
digital devices collected, including the operational state of the
device - on, off, standby mode - and its physical characteristics, such
as make, model, serial number, connections, and any markings or
other damage.
• In addition to written notes, sketches, photographs and/or video
recordings of the crime scene and evidence are also needed to
document the scene and evidence.
• Collecting volatile data can alter the memory content of digital
devices and data within them.
• The investigator, or crime scene technician, collects the evidence.
• The collection procedures vary depending on the type of digital
device, and the public and private resources where digital evidence
resides (e.g., computers, phones, social media, and cloud; for
different digital forensics practices pertaining to multimedia, video,
mobile).
36. • Law enforcement agencies have standard operating procedures that detail
the steps to be taken when handling digital evidence on mobile devices,
Internet-enabled objects (e.g., watches, fitness trackers, and home
appliances), the cloud, and social media platforms.
• A standard operating procedure (SOP) is designed to assist investigators by
including the policies and sequential acts that should be followed to
investigate cybercrime in a manner that ensures the admissibility of
collected evidence in a court of law, as well as the tools and other
resources needed to conduct the investigation .
• Unique constraints that could be encountered during the investigation
should be identified.
• For instance, cybercrime investigators could encounter multiple digital
devices, operating systems, and complex network configurations, which
will require specialized knowledge, variations in collection procedures, and
assistance in identifying connections between systems and devices (e.g., a
topology of networks).
• Anti-forensics techniques such as steganography (i.e., the stealthy
concealment of data by both hiding content and making it invisible)
and encryption (i.e., "physically blocking third-party access to a file, either
by using a password or by rendering the file or aspects of the file
unusable;"
37. • Because of this, the investigator should be prepared for these
situations and have the necessary human and technical resources
needed to deal with these constraints.
• The actions taken by the investigator in these cases (e.g., the ability
of the investigator to obtain the passwords to those devices and/or
decrypt the files), if any, depends on national laws .
• Digital forensics tools can assist in this endeavour by, for example,
identifying steganography and decrypting files, as well as perform
other critical digital forensics tasks.
• Examples of such tools include Forensic Toolkit (FTK) by Access
Data, Volatile Framework, X-Ways Forensics.
• Along with these resources, a forensic toolkit is needed, which
contains the objects needed to document the crime scene, tools
need to disassemble devices and remove other forms of evidence
from the crime scene, and material needed to label and package
evidence (e.g., for smartphones, a Faraday bag, which blocks
wireless signals to and from the digital device, and a power bank
are needed and used to transport them), among other items .
38. • The actual collection of the evidence involves the preservation of volatile evidence
and the powering down of digital devices.
• The state of operation of the digital devices encountered will dictate the collection
procedures.
• For instance, if a computer is encountered, if the device is on, volatile evidence
(e.g., temporary files, register, cache, and network status and connections, to
name a few) is preserved before powering down the device and collecting.
• If the device is off, then it remains off and is collected.
• There are circumstances where digital devices will not and cannot be collected
(e.g., due to size and/or complexity of the systems and/or their hardware and
software configurations, because these systems provide critical services).
• In these situations, volatile and non-volatile data are collected through special
procedures that require live acquisition
• The type of digital device encountered during an investigation will also dictate the
manner in which digital evidence is collected (see, for example, SWGDE Best
Practices for Mobile Device Evidence Preservation and Acquisition, 2018; SWGDE
Best Practices for the Acquisition of Data from Novel Digital Devices;).
• Commands can be used to obtain volatile data from live systems. For example, for
Windows operating systems the command ipconfig is used to obtain network
information, whereas for Unix operating systems, the command ifconfig is used.
• For both Windows and Unix, the command netstat is used to obtain information
about active network connections.
39. • In addition to digital devices, other relevant items (e.g.,
notes and/or notebooks that might include passwords
or other information about online credentials,
telephones, fax machines, printers, routers, etc.)
should be collected as well.
• The actions taken by the investigator during the
collection of evidence should be documented.
• Each device should be labelled (along with its
connecting cables and power cords), packaged, and
transported back to a digital forensics laboratory.
• Once the items are transported to the laboratory, they
are "inventoried, recorded, and secured in a locked
room…away from extreme temperatures, humidity,
dust, and other possible contaminants".
40. Acquisition of Digital Evidence
• Different approaches to performing
acquisition exist.
• The approach taken depends on the type of
digital device.
• For example, the procedure for acquiring
evidence from a computer hard drive is
different from the procedure required to
obtain digital evidence from mobile devices,
such as smartphones.
41. Preservation of Digital Evidence
• Evidence preservation seeks to protect digital
evidence from modification.
• The integrity of digital evidence should be
maintained in each phase of the handling of
digital evidence.
42. Analysis and Reporting of Digital
evidence
• In addition to the handling of digital evidence, the digital forensics process
also involves the examination and interpretation of digital evidence
( analysis phase), and the communication of the findings of the analysis
( reporting phase).
• During the analysis phase, digital evidence is extracted from the device,
data is analysed, and events are reconstructed.
• The results of the analysis are documented in a report. The reports should
be as clear and precise as possible.
• Demonstrative material (e.g., figures, graphs, outputs of tools) and
supporting documents, such as chain of custody documentation should be
included, along with a detailed explanation of the methods used and steps
taken to examine and extract data .
• The findings should be explained in light of the objectives of the analysis
(i.e., the purpose of the investigation and the case under investigation).
• Information about the limitations of the findings should also be included
in the report. The content of the report varies by jurisdiction depending
on national policies (wherever present) regarding investigations and digital
forensics.
43. India’s Stand on Digital Evidence
• The Information Technology (IT) Act 2000 was amended to allow for the
admissibility of digital evidence. An amendment to the Indian Evidence Act 1872,
the Indian Penal Code 1860 and the Banker's Book Evidence Act 1891 provides the
legislative framework for transactions in electronic world.
• Section 65 of the Evidence Act sets out the situations in which primary evidence of
the document need not be produced, and secondary evidence - as listed in section
63 of the Evidence Act - can be offered. This includes situations when the original
document
• Is in hostile possession.
• Or has been proved by the prejudiced party itself or any of its representatives.
• Is lost or destroyed.
• Cannot be easily moved, i.e. physically brought to the court.
• Is a public document of the state.
• Can be proved by certified copies when the law narrowly permits; and
• Is a collection of several documents.
• New sections 65-A and 65-B are introduced to the Evidence Act, under the Second
Schedule to the IT Act.
• Section 65-A provides that the contents of electronic records may be proved in
accordance with the provisions of Section 65-B. Section 65-B provides that
notwithstanding anything contained in the Evidence Act, any information
contained in an electronic, is deemed to be a document and is admissible in
evidence without further proof of the original's production, provided that the
conditions set out in Section 65-B are satisfied.
44. ELECTRONIC EVIDENCE -CASE LAW'S
• Amitabh Bagchi Vs. Ena Bagchi (AIR 2005 Cal 11) [Sections 65-A and 65-B
of Evidence Act, 1872 were analyzed.] The court held that the physical
presence of person in Court may not be required for purpose of adducing
evidence and the same can be done through medium like video
conferencing. Sections 65-A and 65-B provide provisions for evidences
relating to electronic records and admissibility of electronic records, and
that definition of electronic records includes video conferencing.
• State of Maharashtra vs. Dr Praful B Desai (AIR 2003 SC 2053) [The
question involved whether a witness can be examined by means of a video
conference.] The Supreme Court observed that video conferencing is an
advancement of science and technology which permits seeing, hearing
and talking with someone who is not physically present with the same
facility and ease as if they were physically present. The legal requirement
for the presence of the witness does not mean actual physical presence.
The court allowed the examination of a witness through video
conferencing and concluded that there is no reason why the examination
of a witness by video conferencing should not be an essential part of
electronic evidence.
45. • DHARAMBIR Vs. CENTRAL BUREAU OF INVESTIGATION (148 (2008) DLT
289).
• The court arrived at the conclusion that when Section 65-B talks of an
electronic record produced by a computer referred to as the computer
output) it would also include a hard disc in which information was stored
or was earlier stored or continues to be stored.
• It distinguished as there being two levels of an electronic record.
• One is the hard disc which once used itself becomes an electronic record
in relation to the information regarding the changes the hard disc has
been subject to and which information is retrievable from the hard disc by
using a software program.
• The other level of electronic record is the active accessible information
recorded in the hard disc in the form of a text file, or sound file or a video
file etc.
• Such information that is accessible can be converted or copied as such to
another magnetic or electronic device like a CD, pen drive etc.
• Even a blank hard disc which contains no information but was once used
for recording information can also be copied by producing a cloned had or
a mirror image.