INTRODUCTION TO CYBERSECURITY LAWS OF INDIA: PROVISION, PROCEDURE & CASES

Author: KRUTTIKA KARALE, DES SHRI NAVALMAL FIRODIA LAW COLLEGE

Edited By: Ritesh Singh Shekhawat, MJRPU, Jaipur

INTRODUCTION

With the fast pacing and advancing technology, the usage of the internet is increasing rapidly and so is the rate of cybercrime. The rise of cybercrime, often known as e-crimes (electronic crimes), is a major challenge confronting today’s society and poses a threat to nations, companies, and individuals all across the world. As a result, the need for cyber laws is increasing to govern the new virtual world. The cyber laws aim to protect people from cybercrime like hacking, phishing, data breaches, etc. With such increasing cases of cybercrime, it has become necessary that each individual has the knowledge about the cyber security majors to protect themselves against such crimes.

KEYWORDS

Cybercrime, Cyberlaw, IT acts, Data protection, Hacking, BNS laws

MEANING DEFINITION AND EXPLANATION

Cyber Crime: Cybercrime is an illegal activity involving computers, the internet, or network devices. These crimes can target individuals, businesses, government, etc. Cybercriminals commit identity theft, initiate phishing scams, spread malware, and instigate other digital attacks like hacking.

Cyber Security: Cyber security involves protecting computer systems, networks, and data from cyber-attacks. It aims to safeguard against unauthorized access, data breaches, and other cyber threats.

HISTORICAL BACKGROUND AND EVOLUTION

• It all started in France in 1834 where the attackers accessed the French telegraph system and stole important financial market
• In 1962, Allen Scherr made a new history in cyber-crime by executing a cyber-attack on the
• MIT computer networks by stealing passwords from their punch card
• In 1971, Bob Thomas created the first Computer Virus known as The Creeper Virus. It was a self-replicating program that spread through the ARPANET network.
• In 1981, Ian Murphy was the first person who was officially found guilty of committing a crime by hacking into AT&T’s internal system and changing the computer clocks which caused
• The first major cyber-attack on the internet took place in 1988, by Robert Morris with the help of Morris Worm. It infected computer systems at prestigious institutions, demonstrating the vulnerability of interconnected networks.
• In the 1990s, a significant increase in cybercrime was observed, and the infamous Melissa virus was a notable cyber incident during this period which infected over 100,000 computers from all over the world.
• Further advancement in cybercriminal advancement was observed in the early 2000s and cyber criminals started launching denial-of-service (DDOS) attacks and spamming

TYPES OF CYBERCRIME

Hacking: Without permission taking access to someone else’s computer systems or networks to steal or gain information or modify data.

Web Hijacking: Web hacking means taking control of another person’s website, with the consent of the owner, and eventually the owner loses control.

Malware: In malware, harmful software has been made to sneak around on someone else’s computer systems. This includes viruses, spyware, worms, etc. It can be used to gain bank details, sensitive business data, or information to conduct social engineering attacks.

Identity Theft: To act like some other individual by Stealing their information such as their name, social security number, or financial details, for financial gain to commit fraud or crimes.

Cyber Stalking And Harassment: Cyber Stalking means repeating the acts of harassing, threatening, or intimidating individuals by sending repeated or unwanted messages or distributing the personal information of the individual without the consent of the person by using the internet. Both kinds of Stalkers i.e., Online & Offline – have the desire to control the victim’s life.

Online Scams And Fraud: Many Fraudulent schemes were conducted over the internet time such as investment scams, scams of lottery, fee fraud of advance rupees, fake websites, romance scams, credit card frauds, etc. to take money or valuable information.

Data Breaches: People get the information without the permission of the owner of the website and get access to sensitive data stored by the person or institution such as personal information, financial records, or corporate secrets, resulting in the exposure of personal or financial information.

Phishing: Phishing is the sending of fraudulent messages that appear as real entities in emails and messages. That email directs the user to visit that website where they have to update certain sensitive information such as passwords, credit card numbers, or social security numbers which will be used for identity theft.

Child Pornography: The usage of the Internet for Child exploitation became a common practice. Child pornography and engaging minors in sexual activities and provided on the internet on various platforms.

PREVENTIVE MEASURES FOR CYBERCRIME

Use Encryption: In this method, the plain text (readable) can be converted to cipher text (coded language) by this method and the recipient of the data can decrypt it by converting it into plain text again by using the private key.

Search using a Firewall: It creates a wall between the system and possible intruders to protect the classified documents from being leaked or accessed. It only permits access to the system to ones already registered with the computer.

• Keep software and operating system
• Use any anti-virus software and keep it updated from time to
• Use strong
• Never open attachments in spam
• Do not click on links in spam mail or untrusted
• Be mindful of which website URLs you
• Keep an eye on bank

CYBER LAWS OF INDIA

Legal Provisions

The Information Technology Act, of 2000 is the most significant; as it directs all Indian legislation to strictly regulate cybercrime:

• Section 43 [Penalty and compensation] for damage to the computer, computer system, etc.–If any person without the permission of the owner or any other person who is in charge of a computer, computer system, or computer
• Section 66 Computer-related offenses – If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to three years or with a fine which may extend to five lakh rupees or with
• Section 66(B) Punishment for dishonestly receiving stolen computer resource or communication device – Whoever dishonestly receives or retains any stolen computer resource or communication device knowing or having reason to believe the same to be stolen computer resource or communication device, shall be punished with imprisonment of either description for a term which may extend to three years or with fine which may extend to rupees one lakh or with both.
• Section 66C Punishment for identity theft– Whoever, fraudulently or dishonestly makes use of the electronic signature, password, or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.
• Section 66D Punishment for cheating by personation by using computer resource-Whoever, by means of any communication device or computer resource cheats by personation, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees.
• Section 66E Privacy violation Whoever, intentionally or knowingly captures, publishes, or transmits the image of a private area of any person without his or her consent, under circumstances violating the privacy of that person, shall be punished with imprisonment which may extend to three years or with fine not exceeding two lakh rupees, or with
• Section 66F Cyber terrorism – Intent to threaten the unity, integrity, security, or sovereignty of the nation and contradicting access to any person’s lawful access to the computer resource or attempting to breach or access a computer resource without endorsement. Such acts of causing compute contaminants that are likely to cause death or harm to other persons. Punishment is life
• Section 67 Whoever publishes or transmits or causes to be published or transmitted in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to three years and with fine which may extend to five lakh rupees and in the event of second or subsequent conviction with imprisonment of either description for a term which may extend to five years and also with fine which may extend to ten lakh rupees.
• The Bharatiya Nyaya Sanhita, 2023 also punishes the acts of identity theft and cyber The sections under BNS are as follows:
• Section 335 Making a false document or false electronic record.
• Section 336(2) Punishment for
• Section 336(3) Forgery (electronic record) for the purpose of cheating.
• Section 336(4) Forgery (of an electronic record) for the purpose of harming
• Section 340(2) Forged document or electronic

LEGAL CASES

Avnish Balaji vs State (N.C.T) of Delhi, 2004:

The Bazee.com case. The chief executive of Bazee.com was arrested because a CD with offensive material was sold on his website. It was also sold in the markets of Delhi. The Mumbai and the Delhi Police took action against it. The accused was charged under section 67 of the IT Act, and section 292 of the IPC, but later he was released on bail. This gave rise to a query about the difference between Internet Service Providers and Content Providers. The burden was on the accused, he was the Service Provider and not the Content Provider. It also advances a lot of issues regarding how the police should handle cybercrime cases.

Shreya Singhal vs Union of India [1]

In this case, the validity of section 66A of the Information Technology Act was challenged before the Supreme Court. The Supreme Court held that section 66A of the Information Technology Act is unconstitutional and violates article 19(1)(a) of the Indian constitution and the court upheld the importance of freedom of speech and expression. It also held the need for clearly defined laws to prevent misuse and guarantee the protection of citizen’s rights in the digital era. This judgment set a significant precedent for online freedom of expression in India.

Shreekanth C. Nair against Licensee/ Developer [3]

In this case, the problem involved an ASCL student who came across a website called ‘www.incometaxpune.com,’ which redirected him to a pornographic site. Therefore, the plaintiff requested a court injunction to prevent access to the offensive site and that the site was clearly pornographic and should be closed down in the public’s best interest. This site was also violating section 67 of the IT Act. The court ruled that websites with inappropriate content should be banned. This ruling indicates that the court aims to ensure the safety of the internet for all users, particularly in regard to dangerous material. The owner was also instructed to monitor their website content and linked pages. This situation is significant as it demonstrates the role of laws in safeguarding individuals on the Internet.

PROCEDURE

Procedure for filing cybercrime complaint: offline cyber-crime cell

The victim of a cybercrime can file a written complaint in the nearest cybercrime cell or in any cybercrime cell established in India. The written complaint shall be addressed to the Head of the Cybercrime Cell and shall be accompanied by the following information about the victim or person registering the complaint:

• Name
• Contact details
• Mailing address

Other documents which are required to be attached to the complaint depend upon the type of cybercrime committed against the victim. It is necessary to attach these documents with the offline as well as with the online complaint.

PROCEDURE FOR FILING CYBERCRIME COMPLAINT ONLINE:NATIONAL CYBERCRIME REPORTING PORTAL

Cybercrime complaints can be registered on the National Cyber Crime Reporting Portal which is the initiative of the Government of India to facilitate nationwide cybercrime complaints and to make it feasible for the victims/complainants to have access to the cybercrime cells and to all the information related to cybercrimes at their fingertips. It deals with all types of cybercrimes. There are two types of complaints that can be registered on the portal:

Report Crime related to Women or Children

• Child Pornography (CP)
• Child Sexual Abuse Material (CSAM)- Material containing sexually explicit images (in any form) of a child who is abused or exploited
• Sexually explicit content (such as Rape/Gang rape)

Report Other Cybercrimes

• Mobile crimes
• Social Media crimes
• Online financial fraud
• Cyber trafficking
• Ransomware
• Hacking

CONCLUSION

Cybercrimes exist in almost all countries, and the respective governments are taking measures to safeguard against cybercrimes. There has been a rapid increase seen since 2020, due to the Covid-19 pandemic, everyone from children to elders all started using the internet almost daily and got connected with this digital world. And there has been a rapid rise in cybercrimes during this period. The issues like cyberbullying, defamation, cyber fraud, etc., have become the most common crimes nowadays.

The reason that these cybercrimes take place is because of the easy access of the devices, and sometimes the negligence of the users. In India, many people are not aware of such crimes, and when they are hacked, they suffer huge losses and don’t even know how it happened. So first it’s very important to be aware of such crimes and their rights in digital space.

The Indian government has taken various measures and initiatives to prevent such cybercrimes and made it easy for citizens to report such crimes with the help of E-portals which can be easily accessed sitting at home. The government is also making sure that the victims are compensated or provided justice.

REFERENCES

• https://theredteamlabs.com/a-brief-history-of-cybercrime/
• https://shodhganga.inflibnet.ac.in/
• https://lawfoyer.in/cyber-crime-meaning-history-types-security-measures-and-important- cases/
• https://bprd.nic.in/
• https://www.indiacode.nic.in/
• https://indiankanoon.org/

Cases Referred

• Avnish Balaji vs State (N.C.T) of Delhi, 2004:
• Shreya Singhal vs Union of India [1]
• Shreekanth Nair against Licensee/ Developer [3]

Statutes Referred

• The Information Technology Act, 2000
• The Bharatiya Nyaya Sanhita, 2023