CYBERSPACE AND ITS REGULATION IN INDIA

Ashish Kumar Singh

B.A.LL.B, Law College Dehradun, Uttaranchal University (India)
ABSTRACT
With the emergence of electronic, networking and digital communication in twenty-first
century the term ‘cyberspace’ has originated.Today Cyberspace is used for different purposes
depending upon the requirement such as Communication which is the most important gift
that the cyberspace has given to the common man. Email, social networking sites are some of
the best example of it.
The parent term of Cyber space is ‘cybernetics’ derived from the ancient Greek ‘kybernetes’
meaning steersman, pilot.
Cyber space is basically the notional environment in which communication over computer
networks occurs. The Information technology Act 2000 also defines computer network as
"computer network" means the interconnection of more than one computer through—
the use of arificial satellite, microwave, terrestrial line or other communication media; and
terminals or a complex consisting of more than two interconnected computers whether or not
1
the interconnection is continuously maintained.

Cyberspace is today one of the most important part of our daily life. This is one such gift of
the cyberspace which is cherished by everyone and has made our life easier to much extent.
Also research, education financial transactions, electronic ids, real time updates, blogging,
shopping etc are the boon of cyberspace. Internet is a vast and great resource for
communication; nevertheless, it’s important to remember that we are as vulnerable as any
person around the world as cyberspace has various security and technical threats like
Phishing: It uses the identity of legitimate sites to steal information and for infecting
computers with malware secondly Identity theft: personal data is valuable, it could reach to
criminal’ hands, thirdly Spyware: Programs which monitor and pick up valuable information
which can come from clicking an ad or opening a suspicious email. Spamming: While some
say this is almost harmless, the truth is that these emails can contain harmful things that can
infect your computer, making it vulnerable to other threats. Malware: Worms, Trojans and

1
Sec 2(j) THE INFORMATION TECHNOLOGY ACT, 2000 (No. 21 OF 2000)
 viruses are the most frequent names when it comes to infections of computers, these can
damage your device or just steal information. Beside these there are plenty of cyberspace
threats.

Therefore for combating with these modern cyberspace threats it need to be regulated so that it
cannot be misused by anyone. The possibility of laws rules and regulations designed to mandate
the neutrality of cyberspace has been subject to fierce debate around the world.
Cyberspace regulation is basically restricting or controlling access to certain aspects or
information and consists of: Censorship of data, and controlling aspects of the Internet such as
domain registration, IP address control and more for safe use of internet. Many nations has
promulgated there legislations for regulating cyberspace. Concept of cyber security is not new to
India as the Information technology Act 2000 defines it as "cyber security" means protecting
information, equipment, devices computer, computer resource, communication device and
information stored therein from unauthorised access, use, disclosure, disruption, modification or
destruction.2
Since the magnitude of cyberspace is endless it comprises of both good and bad effects on
human society therefore it cannot be left unregulated and unsupervised thus it must be regulated
through laws and rules for better use of cyberspace towards society.
Cyber space is basically the manmade intangible environment in which communication over
computer networks occurs. The scope and extent of cyberspace is limitless and cannot be
estimated accurately, it crosses nation’s territories, boundaries and laws creating a new realm of
human activity and undermining the feasibility--and legitimacy--of applying laws based on
geographic boundaries. The computer system is indifferent to the physical location of those
machines, and there is no necessary connection between an Internet address and a physical
jurisdiction. The power to control activity in Cyberspace has little connection with physical
location. Many governments respond to electronic communications crossing their territorial
borders by trying to stop or regulate that flow of information as it passes across their borders. But
such protective schemes will likely fail as the determined seeker of prohibited communications
can simply reset his connection so as to appear to reside in a different location, outside the
particular locality, state, or country. Because the internet or networking is designed to work on

2
Sec 2(nb) THE INFORMATION TECHNOLOGY ACT, 2000 (No. 21 OF 2000)
the basis of "logical and virtual," not geographical, locations, any attempt to defeat the
independence of messages from physical locations would be as futile as stopping a mind to think.
The rise of an electronic medium that disregards geographical boundaries also throws the law
backwards by creating entirely new phenomena that need to become the subject of clear legal
rules but that cannot be governed, aptly, by any current territorially-based sovereign. For
example, e-communications create bulk of new quantities of transactional records and pose
serious questions regarding the nature and adequacy of privacy protections. Cyber Interactions
that create these records may pass through or even simultaneously exist in many different
territorial jurisdictions. Substantive law should be applied to protect this new, vulnerable body of
transactional data, but due to cross border complex and distinct laws it is not much practicable to
secure any such electronic records and commercial transactions. Because events on the Net occur
everywhere but nowhere in particular, are engaged in by online persons who are both "real" (
corpus possessing reputations, able to perform services, and deploy intellectual assets) and
"intangible" (animus not necessarily tied to any particular person in the physical sense), and
concern "things" (messages, databases, standing relationships) that are not necessarily separated
from one another by any physical boundaries therefore there is very less relevance of computer
and person’s physical presence.

However sec 75 3of IT Act 2000 deals with relevance of physical location of computer but that
sec too is vague as it clearly talks about cross border jurisdiction of Indian courts and Indian
cyber laws. This jurisdictional problem is not only with India but it is faced by many nations
across the world. Nowadays the cyberspace should be considered as another dimension of real
world and For overcoming with jurisdictional problem the cyberspace should be regulated at
international level by international organizations because in absence of any law regulating
international cyberspace there would be unsafe internet and digital communication breaching
international peace.

3
Act to apply for offence or contravention committed outside India.-
(1) Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any offence
or contravention committed outside India by any person irrespective of his nationality.
(2) For the purposes of sub-section (1), this Act shall apply to an offence or contravention committed
outside India by any person if the act or conduct constituting the offence or contravention involves a
computer, computer system or computer network located in India.
PRIVACY LAW IN THE WORLD OF CLOUD BASED SYSTEMS

Cloud computing means the real practice of using a network of remote servers hosted on the
virtual Internet to store, manage, and process data, rather than a local server or a personal
computer. Cloud computing is a type of computing that is based on sharing resources rather than
having local servers or personal devices to handle applications. In cloud computing, the
word cloud also means as "the cloud" is used for "the Internet," so the phrase cloud
computing means " type of Internet-based computing," where different kind of services such as
servers, storage and applications —are delivered to an organization's computers and devices
through the Internet. It is one of the biggest revolutions in the field of information technology to
have taken place in the recent times. Cloud Computing is a computing service which involves a
bundle of computers and other gadgets which stores, forwards, processes and transmits all the
data into a system and which may further be processed in another system and retained in some
another system by sharing resources such as software storage services in a cloud that maybe
connected through internet despite being separated by vast geographical distance. It is similar to
Local Area Networking wherein a computer network interconnects several computers in a
limited area) but has a wide coverage which enables users to access systems using a web browser
independent of their actual location.

The major advantage of cloud computing is that it can be customized according to the required
necessity and so any back-up information can be arranged easily as many cloud service providers
use open sourced API software that can be easily accessed without issue of portability. The
method is highly cost effective as it reducing the huge amount of money spent on security and
infrastructure, thereby, facilitating all complex transaction in a cost effective manner.

CYBER LAWS AND FRAUD

According to legal dictionary cyber fraud means

“A crime in which the perpetrator develops a scheme using one or more elements of the Internet
to deprive a person ofproperty or any interest, estate, or right by a false representation of a matter
of fact, whether by providing misleadinginformation or by concealment of information.”

Internet fraud is a type of fraud which makes use of the networking web. This type of fraud or
deceitful cheating varies hugely and appears in many forms. It ranges from E-mail spam to
online scams and even online bank robbery. Cyber fraud and Cybercrime, today, have
tremendously emerged as major challenge for nations across the globe. The fact that Internet has
made geographical factor a history has further facilitated cyber criminals to perpetuate the
criminal designs and activities across networks in a virtual place. The transnational or extra
territorial nature of cybercrimes has further complicated the challenges for national governments
to regulate cyber criminal activities at the world level. As such, national governments are
adopting their national legislations for regulating cybercrimes which gives rise to conflict of
laws.
India has come up with its own statutory regime with aimed at cyber fraud and cybercrimes.
Indian Cyber legislation addresses cyber fraud and the various cybercrimes and provides
quantum of punishments for it.

Examples of computer or cyber fraud in action include:

 Advance-fee scam also known as Emails requesting money in return for small
deposits, such as the infamous Nigerian prince scam.
 Emails endeavoring to accumulate individual data, for example, account numbers,
Standardized savings numbers, and passwords; otherwise called phishing.
 Using another person's PC to get to individual data with the plan to utilize such
deceitfully.
 Installing spyware or malware to participate in information mining.
 Violating copyright laws by replicating data with the goal to offer it.
 Hacking into or wrongfully utilizing a PC to change data, for example, grades, work
reports, and so on.
 Sending PC infections or worms with the goal to demolish or destroy another's PC.
 Denial of administration, in which an approved client's entrance to a system is
purposefully intruded.
India enacted its legislation Information Technology Act 2000 with the objectives stating
officially as:

“to provide legal recognition for transactions carried out by means of electronic data
interchange and other means of electronic communication, commonly referred to as “electronic
commerce”, which involve the use of alternatives to paper-based methods of communication and
storage of information, to facilitate electronic filing of documents with the Government agencies
and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers’ Books
Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith
or incidental thereto.”

Following are relevant sections of IT Act 2000 which tries to curb Cyber frauds.

I. Penalties, Compensation and Adjudication sections

Section 43 – Penalty and Compensation for damage to computer, computer system

any individual without consent of the proprietor does following

• Accesses or tries to access to a PC without permission
• Downloads, duplicates or concentrates any information, PC information, PC
database or data from such PC, or PC framework including data or information
held or put away in any removable medium;
• Introduces or tries to introduce any PC contaminant or PC infection into any PC.
• Damages or tries to be damage any PC or programs therein
• Disrupts or causes disturbance of any PC
• Denies or makes the denial of access to any individual to any PC
• Provides any help to any individual to encourage unauthorized access to a PC
• Destroys, erases or changes any data in a PC
• Steals, hides, obliterate or modifies or makes any individual take, devastate or
change any PC source code utilized for a PC asset with a goal to cause harm,
The person can be liable to pay damages by way of compensation to the person so affected.
Section 45 – Residuary Penalty compensation not exceeding twenty-five thousand rupees can
be ordered to be paid to the person affected by any such contravention not mentioned under the
statute
Offences sections
Section 65 – Tampering with Computer Source Documents If any person conceals, destroys
code or alters or causes to do so to any computer, computer program, computer system, or
computer network,he can be made liable for imprisonment up to three years, or for fine up to two
lakh rupees, or for both.
Section – 66 Computer Related Offences Any person doing any act referred to in section 43
with dishonest and fraudulent intention must be punished with imprisonment for a term upto
three years or be fined upto five lakh rupees or both.
Section 66B – Punishment for dishonestly receiving stolen computer resource or
communication device. Whoever dishonestly receives or retains any stolen computer resource
or communication device can be punished with imprisonment upto three years or with fine upto
one lakh rupees or with both.
Section 66C – Punishment for identity theft fraudulently or dishonestly making use of the
electronic signature, password or any other unique identification feature of any other person, is
punishable with imprisonment upto three years and with fine upto one lakh rupees.
Section 66D – Punishment for cheating by personation by using computer resource
is punished with imprisonment upto three years and with fine upto one lakh rupees.
Section 71 – Penalty for misrepresentation making misrepresentation or suppressing any
material fact from the Controller or the Certifying Authority to obtain license or Electronic
Signature Certificate, is punishable with imprisonment for a term upto two years, or with fine
upto one lakh rupees, or with both.
Section 72 – Breach of confidentiality and privacy Any person (having authority under
statute) disclosing electronic record, book, register, correspondence, information, document or
other material to any other person can be punished with imprisonment for a term upto two years,
or with fine upto one lakh rupees, or with both.
Section 72A – Punishment for Disclosure of information in breach of lawful contract Any
person including an intermediary while providing services under the terms of lawful contract,is
discloses with mala fide intent without the consent of the person concerned, or in breach of a
lawful contract, such material to any other person can be punished with imprisonment for a term
upto three years, or with a fine upto five lakh rupees, or with both.
Section 74 – Publication for fraudulent purpose: creating, publishing or otherwise making
available a Electronic Signature Certificate for any fraudulent or unlawful purpose is punishable
with imprisonment for a term upto two years, or with fine upto one lakh rupees, or with both.
Section 77B – Offences with three years imprisonment to be cognizable
the offence punishable with imprisonment of three years and above is made cognizable and the
offence punishable with imprisonment of three years is made bailable.
Section 78 – Power to investigate offences
A police officer above or of equivalent rank of Inspector must investigate any offence under this
Act.