CYBER LAWS

Contents:

Cyber crime. Types of cyber crime. Indian Cyber law. Chapters of IT Act, 2000. Why cyber law in India. Whats wrong with our cyber law. Parliament attack case. Suggestions for improvement.

INTRODUCTION

Cyber law is a term used to describe the legal issues related to use of communications & information technology, particularly cyberspace the internet. We can say that, cyber law is an attempt to integrate the challenges presented by human activity on the internet with legacy system of laws applicable to the physical world.

CYBER CRIMES

Introduction:-

defining cyber crimes, as acts that are punishable by the information technology act would be unsuitable as the Indian penal code also covers many cyber crimes. In simply we can say unlawful acts where in the computer is either a tool or a target or both.

TYPES OF CYBER CRIMES

FINANCIAL CRIMES:This would include cheating, credit card frauds, money laundering etc. CYBER PORNOGRAPHY:This would include pornographic website, magazines, produced using computer and the internet to download and transmit pornographic pictures, photos, writings etc.

SALE OF ILLEGAL ARTICLES:This would include sale of narcotics, weapons, & wildlife etc. by posting information on websites, auction websites, and bulletin boards or simply by using email communication. ONLINE GAMBLING:there are million of websites, all hosted on servers abroad, that offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering.

INTELLECTUAL PROPERTY CRIMES:these include software piracy, copyright, trademarks misuse, theft of computer source code etc. EMAIL SPOOFING:A spoofed email is one that appears to originate from one source but actually has been sent from another source .e.g. pooja has an e mail address pooja@sharma.org. her enemy sameer spoofs her email and sends obscene message to all her acquaintances. Since the email appear to have originated from pooja, her friends could take offence and relationships could be spoiled for life.

FORGERY:-

Counterfeit currency notes, postage & revenue stamps, mark sheet etc. by the help of computers, printers, and scanners. E.g. Outside many college across India, one finds touts soliciting the sale of fake mark sheets or even certificates. These are made using computer & high quality scanners and printers.

VIRUS:Viruses are program that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it & also eat up all the available space on a computers memory. LOGIC BOMBS:These are event dependent programs. This implies that these programs are created to do something only when a certain event occurs.

WEB HACKING:This occurs when someone forcefully takes control of a website like by cracking the password and later changing it. THEFT OF COMPUTER SYSTEM:In this involves the theft of a computer, some parts of a computer etc. PHYSICALLY DAMAGING A COMPUTER SYSTEM:This crime is committed by physically damaging of the computer system or internet.

UNAUTHORIZED WAY TO INSIDE THE COMPUTER SYSTEM OR NETWORKS:This activity is commonly to as hacking . THEFT OF INFORMATION CONTAINED IN ELECTRONIC FORM:This includes information stored in computer hard disks, removable storage media etc.

CYBER DEFAMATION:this occurs when defamation take place with the help of internet. E.g. someone publishes defamatory matter about someone on a website or sent e-mails containing defamatory information to all of that persons friend. CYBER STALKING:Cyber stalking involves following a persons movements across the internet by posting message on the bulleting boards frequented by the victim ,entering the chat-room frequented by the victim, constantly bombarding the victim with emails etc.

EMAIL BOMBING:Email bombing refers to sending a large number of emails to victim resulting in the victims email account in case of any individual or mail servers in case of a company or an email service provider crashing. DATA DIDDLING :This kind of an attack involves altering raw data just before it is processed by a computer & than changing it back after the processing is completed .

SALAMI ATTACKS:These attacks are used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed. DENIAL OF SERVICE ATTACK:This involves flooding a computer resource with more requests than it can handle. This causes the resource to crash there by denying authorized users the service offered by the resource.

TROJAN ATTACKS:A Trojan as this program is aptly called is an unauthorized program which functions from inside what seems to be an authorized ,there by concealing what it is actually doing. INTERNET TIME THEFT:This the usage by an unauthorized person of the internet hours paid for by the other person.

INDIAN CYBER LAW

INFORMATION TECNOLOGY ACT 2000

INTRODUCTION
This act aims to provide the legal infrastructure for e-commerce in India and would have a major impact for e-business and the economy in India.

Objectives of the act

To facilitate electronic storage of data To facilitate electronic filing of documents with government department To give legal recognition for keeping books of account by bankers in electronic form To facilitate and give legal sanction to electronic fund transfers between banks and financial institution

HIGHLIGHTS OF IT ACT,2000
Chapter:1
This chapter of IT act defines a contract between 2 parties which is done in Electronic form by any electronic means of communication. Then only the contract should be declared as legal and valid in the eyes of law.

Chapter:2

DIGITAL SIGNATURE

Digital signature is a process of authentication of any electronic records by a subscriber by means of an electronic method in accordance with the provisions. It includes:

Asymmetric crypto system. Electronic record. Digital signature. Hash function. Verification.

Chapter:3

ELECTRONIC GOVERNANCE

Electronic governance means lawful recognition of various electronic records and digital signatures. Under this chapter various rules and laws has been described by government. It includes following aspects: Legal recognition of electronic records. Legal recognition of digital signatures. Retention of electronic records. Publications of rules and regulations in Electronic Gazette.

Chapter:4

ATTRIBUTION,ACKNOWLEDGEMENT AND DISPATCH OF ELECTRONIC RECORDS

This chapter includes these aspects:

Attribution of electronic records. Originator. Acknowledgement of receipt. Time and place of dispatch and receipt of electronic records.

Chapter:5

SECURE ELECTRONIC RECORDS AND SECURE DIGITAL SIGNATURES

It involves the relative aspects:

Secure electronic records. Secure digital signature. Security procedures.

Chapter:6

REGULATION OF CERTIFYING AUTHORITIES

Appointment of controller and other officers. Qualifications, experience etc. Head office. Seal of the officer of the controller. Recognition of foreign certifying authorities. Revocation of recognition. License to issue digital signature certificates. Application for license. Renewal of license. Rejection of license. Suspension of license. Power to delegate. Display of license. Surrender of license.

Chapter:7

DIGITAL SIGNATURE CERTIFICATES

It performs following functions:

Certifying authority to issue digital signature certificates. Grant of certificates. Representation upon issuance of digital signature certificates. Suspension of digital signature certificates. Revocation of digital signature certificate. Notice of suspension or renovation.

Chapter:8

DUTIES OF SUBSCRIBERS

Duties are mentioned as under:

Generating key pair. Acceptance of digital signature. Control of private keys.

Chapter:9

PENALTIES AND ADJUDICATION

Penalty for damage to computer, computer system, etc. Penalty for failure to furnish information, return, etc. Residuary penalty. Power to adjudicate. Factors to be taken into account by the adjudicating officers.

Chapter:10

THE CYBER REGULATIONS APPELLATE TRIBUNAL

Establishment of cyber appellate tribunal. Composition of cyber appellate tribunal. Qualifications for appointment of presiding officers. Filling up of vacancies. Resignation of the presiding officer. Non-removal of the presiding officer. Regulation of procedure. Appeal to cyber appellate tribunal. Period allowed for appeal.

Continued..

Order by cyber appellate tribunal. Disposal of appeal. Procedures and powers of cyber appellate tribunal. Judicial proceeding. Right to legal representation. Appeal to high court. Compounding of contraventions. Subsequent contravention. No proceedings. Recovery of penalty.

Chapter:11

OFFENCES

Tampering with computer source document. Hacking with computer system. Publishing of information which is obscene in electronic form. Power of controller to give directions. Penalty for misrepresentation of facts. Penalty for breach of privacy. Penalty for publishing digital signature certificate false in certain Penalty for publication for fraudulent purposes. Penalties or confiscation not to interfere with other punishments.

particulars.

Why cyber law in India ?

To regulate internet in India The coming of internet led to the emergence of numerous ticklish legal issues and problems which necessitated the enactment of cyber law To give legal validity or sanction to the activities in cyberspace An enabling and supportive legal infrastructure in tune with the time

Whats wrong with our cyber law

Problem of understaffed Implementation Very few amendments Lack of knowledge Cyber crimes are covered under civil procedures

Changes made

Electronic documents are now accepted as evidence in court of law Electronic cheques are now accepted as a valid means

Digital Evidence

Parliament attack case

Several terrorists attacked Parliament House on 13-Dec-01 Digital evidence played an important role during their prosecution. The accused had argued that computers and digital evidence can easily be tampered and hence should not be relied upon.

Parliament attack case

Evidence found on the laptop included:

fake identity cards, video files containing clippings of political leaders with Parliament in background shot from TV news channels, scanned images of front and rear of a genuine identity card,

Parliament attack case

image file of design of Ministry of Home Affairs car sticker, the game 'wolf pack' with the user name 'Ashiq'. Ashiq was the name in one of the fake identity cards used by the terrorists.

Parliament attack case

No forensic backup was taken. Court held that:

Challenges to the accuracy of computer evidence should be established by the challenger. Mere theoretical and generic doubts cannot be cast on the evidence.

Suggestions for improvement

The law should be covered in criminal procedure Jurisdiction problems should be clear Law enforcement officials need to be trained for effective enforcement Cyber theft, cyber harassment etc. are need to have specific provision Need to amendment for prescription of punishment and certain provision

THANK YOU