Вы находитесь на странице: 1из 54

INTRODUCTION TO

CYBER LAW

JITENDER VIG

27/01/2011
1
INTRODUCTION
Pre 1990: People are not connected

1990: Connecting People to Information

2000: Connecting People to People

2010: Everything is connected


We are now living in e-world dominated by
numbers of e.
e-friende-musice-networke-tickete-
commerce and very soon e-service of notice in
commercial matters of our supreme court.
Recently, our Supreme Court had decided to serve
email notice in commercial matters in addition to
the regular notice by R. P. A. D. in order to cut
down the delay in the servicing notice.
In my opinion, right to life includes right to e-life.
Technology is growing at lightening speed. While
the technology brings lot of good things, it also
brings equal amount of risks and challenges.

Every day, we read in the newspapers about the


various cyber crimes, like Credit card cloning,
spoofing, phishing, stalking, etc.

Some of the youngsters indulge in misusing the


technology and get caught by the Police
Authorities.
A recent study revealed that 80 percent of the
cyber crimes in the Corporate Houses are
committed by the insiders.

More than 95 percent of the cases do not get


reported to the Police Authorities.

Only 3% of cyber crime complaints filed in


Mumbai are being converted in FIR.
CYBERSPACE
Cyberspace is the electronic medium of computer
networks, in which online communication takes
place.
It is readily identified with the interconnected
information technology required to achieve the
wide range of system capabilities associated with
the transport of communication and control
products and services.
The term cyberspace was first used by
the cyberpunk science fiction author William
Gibson.
Now, the term has become a conventional means
to describe anything associated with computers,
information technology, the internet and the
diverse internet culture.
Cyberspace includes
The Internet, websites
computers, networks
software, data storage devices, emails
electronic devices (cell phones, ATM machines etc)
Cyber Law governs cyberspace
Cyber space is an intangible and provides an
extreme mobility
events taking place on the internet are not happening in
the locations where participants or servers are physically
located, but "in cyberspace".
Cyber space offers great economic efficiency.
Billions of dollars worth of software can be traded over
the Internet without the need for any government
licenses, shipping and handling charges and without
paying any customs duty.
Cyber space has Complete disrespect for national
boundaries.
A person in India could break into a banks electronic
vault hosted on a computer in USA and transfer millions
of Rupees to another bank in Switzerland, all within
minutes. All he would need is a laptop computer and a
cell phone.
Cyber space is absolutely open to participation by
all.
A ten year-old to an eighty year-old grand mother
without any regard for the distance or the anonymity
between them.
Cyber space offers enormous potential for
anonymity to its members.
"On the Internet, nobody knows you're a dog" is an
adage which began as the caption of a cartoon by Peter
Steiner published by The New Yorker on July 5, 1993.
The cartoon features two dogs: one sitting on a chair in
front of a computer, speaking the caption to a second
dog sitting on the floor.
http://www.unc.edu/depts/jomc/academics/dri/idog.html
On the Internet, it is very easier to create several
copies and transmitting the same in different
locations of world in few minutes. For these
reasons, the Internet has been described as the
worlds biggest copy machine.
Its the Worlds Biggest Copy Machine, PC week (January 27, 1997).
The IT Act gives legal recognition to electronic records
and digital and electronic signature.

Where any law provides that information or any other


matter shall be authenticated by affixing the signature or
any document should be signed or bear the signature of
any person then, notwithstanding anything contained in
such law, such requirement shall be deemed to have been
satisfied, if such information or matter is authenticated by
means of electronic/digital signature affixed in such
manner as may be prescribed by the Central Government.

Use of Electronic Records and Electronic Signature in


Government and its agencies
Penalty, Compensation
and Offences
If any person without permission of the owner
or any other person who is in charge of a
computer, computer system or computer
network -
(a) to (j)
Then he shall be liable to pay unlimited
damages to affected the person.

22
If any person, dishonestly or fraudulently, does any
act referred to in section 43,

Punishment: Jailed upto three years and/or fine upto five


lakh rupees.

Dishonestly- the intention of causing wrongful gain to


one person or wrongful loss to another person

Fraudulently the intention to defraud but not


otherwise
If any person without permission of the owner or any
other person who is in charge of a computer, computer
system or computer network -
(a) accesses or secures access to
such computer, computer system or
computer network or computer
resource
Access means
Gaining entry into,
Instructing with the logical, arithmetical, or
memory function resources of
Communicating with the logical,
arithmetical, or memory function resources
of
a computer, computer system or computer
network (widely defined to cover every with a
computer chip)
Access means
Gaining entry into a computer, computer
system or computer network (widely defined
to cover
Applies to physical access too
Examples
Unauthorized access to a room storing a
server/super computers
Unscrews the cabinet of computer
Access means
Instructing or communicating with the
logical, arithmetical, or memory function
resources of a computer, computer system
or computer network (widely defined to
cover
Instructing means giving order or directing
(one way process)
Communicating means exchange of
information (one way process)
Examples (instructing or communicating )
Remotely shutting down computer by sending SMS
Port scanning??
A port scanner is a software application designed to
probe a server or host for open ports. This is often used
by administrators to verify security policies of
their networks and by attackers to identify running
services on a host with the view to compromise it.
Section 43 (a) covers access or secures access
Secure means to make certain
To make certain that access can be achieved as
and when desired by the person seeking to
access.
Example
X, network administrator of ABC Limited, stores
passwords of main servers in his personal laptop. Y,
a friend of X, with X permission, access Xs laptop
and note down passwords of main server. Y secured
access to main servers of ABC Limited.
If any person without permission of the owner or any
other person who is incharge of a computer, computer
system or computer network -
(g) provides any assistance to any
person to facilitate access to a
computer, computer system or
computer network in contravention of
the provisions of this Act, rules or
regulations made thereunder,
Assistances is act of helping or aiding
Facilitate to make easier or to make less
difficult or to assist in the progress of

Examples
Handing over password by the existing officer
Deliberately ignoring warnings of IDS
Putting firewall on disable mode
Secured access or attempts to secure access to a
protected system
Punishment : jailed upto 10 years and/or fine
Protected system declared by the Government
Examples: Computers of India Army, Mumbai Police,
Forest Dept of Government etc.
Examples (attempts)
Unsuccessful attempt to break password
Unsuccessful DOS attack
Unsuccessful attempt to send a Trojan
If any person without permission of the owner or any
other person who is incharge of a computer, computer
system or computer network -
(b) downloads, copies or extracts any
data, computer data base or information
from such computer, computer system
or computer network including
information or data held or stored in any
removable storage medium;
To download is to transfer information from one
computer to another
To copy is to imitate or reproduce an exact
replica of the original
To extract is to take out, distil, deduce, derive or
quote from any source
If any person without permission of the owner or any
other person who is incharge of a computer, computer
system or computer network -
(c) introduces or causes to be introduced
any computer contaminant or computer
virus into any computer, computer
system or computer network;
If any person without permission of the owner or any
other person who is incharge of a computer, computer
system or computer network
(d) damages or causes to be damaged
any computer, computer system or
computer network, data, computer data
base or any other programmes residing
in such computer, computer system or
computer network;
Damage means to destroy, alter, delete, add,
modify or rearrange any computer resource by
any means
Examples
Changing an image from .gif format to .jpg format
Deleting/changing of code/URL/ excel file
If any person without permission of the owner or any
other person who is incharge of a computer, computer
system or computer network -
(e) disrupts or causes disruption of any
computer, computer system or
computer network;
Disruption- could be total or partial
To prevent the normal continuance of
To throw into confusion or disorder
To interupt or impede the progress of
Examples of Disruption
Spreading worms in a global
networkslowing down of the network

Switching off the wi-fi modem

Using the slow internet connection for heavy


downloadit is not available to other
legitimate users.
If any person without permission of the owner or any
other person who is incharge of a computer, computer
system or computer network -
(f) denies or causes the denial of
access to any person authorised to
access any computer, computer
system or computer network by any
means;
Examples: DOS and DDOS attacks
If any person without permission of the owner or any
other person who is incharge of a computer, computer
system or computer network -
(h) charges the services availed of by a
person to the account of another person
by tampering with or manipulating any
computer, computer system, or
computer network,
Examples: internet time theft, misuse of
credit card etc
If any person without permission of the owner or
any other person who is incharge of a computer,
computer system or computer network -
(j) Steals, conceals, destroys or alters or
causes any person to steal, conceal,
destroy or alter any computer source
code used for a computer resource with
an intention to cause damage,
Any person knowingly or intentionally conceals,
destroys or alters or intentionally or knowingly
causes another to conceal, destroy or alter
any computer source code used for a computer,
computer programme, computer system or computer
network, when the computer source code is required
to be kept or maintained by law for the time being in
force,
Punishment: jailed up to three years and/or fine up to two lakh rupees.
Case-Law: Syed Asifuddin & others v/s State of A. P
and another
Where a body corporate, possessing, dealing or
handling any sensitive personal data or
information in a computer resource which it
owns, controls or operates, is negligent in
implementing and maintaining reasonable
security practices and procedures and thereby
causes wrongful loss or wrongful gain to any
person, such body corporate shall be liable to pay
damages by way of compensation, to the person
so affected.
Example: BPO outsourcing contract
Save as otherwise provided in this Act or any other law
for the time being in force, any person including an
intermediary who,
while providing services under the terms of lawful contract,
has secured access to any material containing personal
information about another person,
with the intent to cause or knowing that he is likely to
cause wrongful loss or wrongful gain
discloses, without the consent of the person concerned, or
in breach of a lawful contract, such material to any other
person,
Punishment: Jailed upto three years, or/and fine upto
five lakh rupees
Any person who sends, by means of a computer
resource or a communication device,-

a) any information that is grossly offensive or


has menacing character; or

Punishment: Jailed upto three years, or/and fine


Any person who sends, by means of a computer
resource or a communication device,-

b) any information which he knows to be false,
but for the purpose of causing annoyance,
inconvenience, danger, obstruction, insult,
injury, criminal intimidation, enmity, hatred,
or ill will, persistently makes by making use of
such computer resource or a communication
device,

Punishment: Jailed upto three years, or/and fine


Any person who sends, by means of a computer
resource or a communication device,-

c) any electronic mail or electronic mail


message for the purpose of causing
annoyance or inconvenience or to deceive or
to mislead the addressee or recipient about
the origin of such messages

Punishment: Jailed upto three years, or/and fine

Examples: SPAM, spoofing


67. Punishment for publishing or transmitting
obscene material in electronic form
67 A Punishment for publishing or transmitting of
material containing sexually explicit act, etc. in
electronic form
67 B Punishment for publishing or transmitting of
material depicting children in sexually explicit
act, etc. in electronic form
If any person, intentionally or knowingly captures,
publishes or transmits the image of a private area
of any person without his or her consent, under
circumstances violating the privacy of that
person,
Punishment: Jailed upto three years, or/and fine upto
two lakhs
private area means the naked or undergarment
clad genitals, pubic area, buttocks or female
breast
66 B. Punishment for dishonestly receiving stolen
computer resource or communication device
66C. Punishment for identity theft
66D. Punishment for cheating by personation by
using computer resource
66F. Punishment for cyber terrorism
Sec 75 Act to apply for offence or contraventions
committed outside India by any person
irrespective of his nationality.
if the act or conduct constituting the offence or
contravention involves a computer, computer
system or computer network located in India.
1. PReSENSE, Issue No 32 Oct 2008
(http://www.primepointfoundation.org/presense/presense1008.pdf accessed on
27-09-2009)
2. Introduction to Indian Cyber Law, Rohas Nagpal, Asian School of Cyber Laws
(http://www.asianlaws.org/library/cyber-laws/intro-indian-cyber-law.pdf
accessed on 27-09-2009)
3. A False Bargain: The Los Angeles County Economic consequences of counterfeit
Product, prepared by Gregory Freeman, Nancy D Sidhu and Michael Montoya
(February 2007)
4. Its the Worlds Biggest Copy Machine, PC week (January 27, 1997).
5. Wikipedia
http://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you're_a_dog
(Accessed on 15-09-2010)
http://en.wikipedia.org/wiki/Cyberspace (Accessed on 15-09-2010)
http://en.wikipedia.org/wiki/Port_scanner (Accessed on 27-01-2011)
1. presentation on Digital DNA & Digital Augmentation (how technology and new
economic force are changing business) by Martin Deinoff
(http://www.slideshare.net/MartinDeinoff/digital-dna-digital-augmentation-
5162852 Accessed on 13-09-2010)
Thank You

Вам также может понравиться