Cybercrime
INTRODUCTION:
With the daily evolution of the human mind, ways to commit the offense is changing dramatically. Criminals are getting smarter every day and apply there minds in this context, to commit crimes and escape undetected. With the advent of computers, nobody thought that way or become a source of committing a crime. Charles Babbage, who is well known as the father of the computer would never have dreamed that the car is giving the world can become a source of crime and never influence society in a negative way.
When we talk about cyber crime can do something that is about an injustice was a computer system is involved.
The term ‘cyber crime’ is a misnomer. This term has been defined anywhere in any of the laws / Law approved or issued by the Parliament of India. The concept of computer crime is not radically different from the concept of conventional crime. Both include conduct whether act or omission giving rise to a violation of the law and offset by the sanction of the State. Although computer crime is a new type of crime came into force shortly after the advent of computers and the scenario was further aggravated with the “influence of the Internet in our daily lives.
CONVENTIONAL crime
Crime is a social and economic phenomenon and is as old as human society. Delinquency is a legal concept and has the sanction of law. The crime is defined as “a legal error that may be followed by criminal proceedings which may result in punishment..” A crime can be considered a performance accompanied by an act or omission forbidden by law and the consequent violation of which is visited by its consequences.
CYBER CRIME:
Cybercrime is more recent and perhaps the most complicated problem of cyber world. “Cybercrime can say that these species, which generally conventional crime, and where the computer is an object or subject of the conduct constituting the crime. Cybercrime in general can be defined as” illegal acts that the computer is a tool or target or both. ”
The computer can be used as a tool in crime rates following financial assets, the sale of illegal goods, pornography, online gambling, crime, intellectual property, e-mail spoofing, forgery, cyber defamation, cyber harassment . The team, however, could be a target for unlawful acts in the following instances of unauthorized access to computer system / equipment / computer networks, stealing information in electronic format
e-mail bombing, salami attacks, logic bombs, Trojan attacks, theft of time, internet, web lifting, computer theft, physical damage to computer systems.
DISTINCTION BETWEEN CONVENTIONAL AND CYBER-CRIME
Apparently there is no distinction between computer and conventional crime, and the results of the crimes in a kind of loss of any of the parties. However, in deep introspection, we can say that there is a fine line between conventional and computer crime, which is sensitive. The dividing line is involved in half of cases of cyber crime.
Road and how to commit cybercrime:
1. Hacking:
This type of crime is typically known as hacking into a generic sense. However, the architects of the Law on Information Technology 2000 will not have to use this term to avoid confusion, do not use the word interchangeably hacker “unauthorized access” in that it has wider significance.
2. Theft of information by electronic means:
This information stored on your hard disk, removable storage media may be suitable for handling or physical data theft through virtual means.
3. EMAIL attack:
This type of activity relates to the dispatch of a large number of emails to the victim, who can be an individual or a company or mail servers from there resulting in system failures.
4. The data handled:
This type of attack involves altering raw data just before a computer processes it and then change again after the transformation is complete.
5. SalAMI ATTACKS:
This type of crime is often the case in financial institutions or to commit financial crimes. An important feature of this type of crime is that change is so small that usually go unnoticed.
6. Denial of service:
victim’s computer is flooded with more requests it can handle causing the accident. Distributed Denial of Service (DDoS) is a type of denial of service attack in which criminals are found in large numbers and widespread.
7. Virus or worm attacks:
Viruses are programs that attach to a computer or a file and then transmitted to other files and other computer network. It usually affects the data in a computer, or by altering or deleting it. Worms, unlike viruses do not need to adhere to the host. They merely make functional copies of themselves and do this several times until they eat all the available space in a computer memory. E. g. love bug virus, which affected at least 5% of computers worldwide. The losses accounted for $ 10 million. world’s most famous worm was the Internet worm unleashed on the Internet by Robert Morris, once in 1988. Almost all of the development of the Internet has led to a complete halt.
8. Logic Bomb:
These programs are dependent events. This means that these programs are designed to do something only when a certain event (known as a trigger event) occurs. E. g. Some viruses can also be called logic bombs because they sleep all year round and are activated only by a certain date (for example, the Chernobyl virus).
9. TROJAN ATTACKS:
This term comes from the word “Trojan horse”. In the field of software, this means that an unauthorized program, which earns more than passively monitors other system of representation of himself as an approved program. The most common installation of a Trojan is through email. E. g. a Trojan is installed on the computer of a woman filmmaker in the United States during the chat. Criminals in cyberspace through the web cam installed on the team got its photos of nude. also harassed this lady.
10. Internet time theft:
Normally in these kinds of thefts hours surfing the Internet of the victim are used by another person. This is done to access the user ID and password. E. g. Colonel Bajwa case of the Internet, the hours have been used by anyone else. This was perhaps one of the first cases involving cyber crimes in India. However, in this case the police famous for their lack of understanding of the nature of the crime.
11. CATS WEB:
This term comes from the high elevation. In this type of crime that the attacker gains access and control of another website. You can also cut or modify information on the site. This can be done to achieve political objectives or for money. E. g. Recently, the site of MIT (Ministry of Information Technology) has been compromised by hackers and Pakistani obscene material was placed in it. Also the site of the crime branch has also jacked web Bombay. Another case of site elevation is the case, the “fool’s gold.” In this case, the site was hacked and information about the goldfish has changed. Learn a ransom of $ 1 million ransom demanded. This web jacking is a process in which a control on another site with the support of some considerations for it.
Classification of cybercrime:
The issue of cybercrime in general can be classified into three groups. Son-1. Against persons:
Other against personb. have the property of an individual
2. Organization Against:
Other Governmentc. Business, Society, a group of individuals. 3. Against society in general
Against the person: –
It can be: i. Harassment via email. ii. Cyber-bullying. iii. The dissemination of obscene material. iv. Defamation. see unauthorized control / access to a computer system. vi. Fraud and scam
Offences against private property: –
i. Computer vandalism. ii. The transmission of the virus. iii. Netrespassiv. unauthorized control / access to a computer system. V. Crimesvi intellectual property. Time theft
Organization against: –
i. unauthorized control / access to the system through the computer. Possession of unauthorized information. iii. Cyber terrorism against the government organization. iv. Distribution of pirated software, etc.
Against society in general: –
i. Pornography (basically child pornography). ii. Contaminants youth through indecent exposure. iii. Traffickingiv. Crimesv Financial. articlesvi illegal sale. Online gamblingvii. Forgery
Some of the crimes mentioned above can be discussed in brief as follows:
1. Harassment-mail
Harassment via e-mail is not a new concept. It is very similar to harassing through letters.
2. Cyber-stalking
The Oxford Dictionary defines harassment as “pursuing stealthily”. Cyber bullying involves tracking the movements of a person over the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat room frequented by the victim, constantly bombarding the victim with emails, etc.
3. The dissemination of obscene material ”
Pornography on the network can take different forms. You can include the holding of the website containing banned substances. Using a computer to produce these materials obscene. Download via the Internet, obscene materials. These obscene matters may damage the minds of teenagers and tend to corrupt or damage their minds. Two known cases of pornography are the Delhi and Mumbai Bal Bharati case in which two Swiss couples used to force children from slums obscene photographs. Bombay police came to his arrest.
4. Defamation
It is an act of attribution of each person with the intent of reducing the person in the estimation of right-thinking members of society in general or to cause him to be prevented or avoided or expose to hatred, contempt or ridicule. Cyber defamation is not different from the conventional ones, except for defamation involving virtual environment. E. g. The email account has been compromised and some Rohit mail sent from your account for some of his bandmates for his relationship with a girl with the intention of defaming him.
5. unauthorized control / access to a computer-system
This activity is commonly known as piracy. The Indian law has however given a different connotation to the term hacking, so do not use the term “unauthorized access” interchangeably with the term “piracy” to avoid confusion that the term used by law 2000 is broader hacking.
6. PC-vandalism
Vandalism means deliberately destroying or damaging property of another. Thus computer vandalism may include within its scope of any physical damage caused to a person’s computer. These acts may take the form of theft of a computer, a portion of a computer or device connected to your computer or physical damage to a computer or its peripherals.
8. Intellectual Property crimes / Distribution of pirated software,
Intellectual property consists of a set of rights. Any unlawful act under which the owner is deprived of all or part of their rights is a crime. The common form of violation of intellectual property rights that can be called software piracy, infringement of copyright, trademark and service mark infringement, theft of computer source code, etc.
9. Cyber terrorism against the government organization
At this point, a need that we perceive what is the need to distinguish between terrorism and cybercrime. Both are criminal acts. However, there is an urgent need to distinguish between these two crimes. A cybercrime is usually a national problem that could have international consequences, however cyber terrorism is a global concern, which has domestic and international implications.
The common form of these terrorist attacks on the Internet is distributed denial of service, hate websites and hate emails, attacks on sensitive computer networks, cyber terrorism etc. can be defined as “the premeditated use of disruptive activities, or threat thereof, in cyberspace, with the intention to achieve social, ideological, religious, political or similar purposes, or to intimidate people in support of these objectives ”
Another definition might be tempted to cover within its scope all acts of computer terrorism.
A terrorist is a person who is given to the indiscriminate killing of people or of violence or disruption of services or means of communication vital to the community or property damage, in order to –
(1) to the public or a section of the public to fear,
(2) undermine the harmony between different religious, racial, linguistic or regional, caste or communities
(3) intimidate the forces or the government has established statutory or
(4) endanger the sovereignty and integrity of the nation
and a cyber-terrorist is the person using the computer system or as a means to achieve those objectives. Each act done in pursuance thereof is an act of cyberterrorism.
10. Traffic
Trafficking takes many forms. May be trafficking drugs, human beings, weapons, etc. These forms of trafficking in weapons unmarked van, and carried out under pseudonyms. A racket was arrested in Chennai, where drugs are sold under the name of honey.
11. Fraud and deception
Online fraud and deception is one of the most profitable businesses that are growing now in cyberspace. It may take several forms. Some cases of online fraud and scams that have surfaced are those related to credit card crimes, contract crimes, offering jobs, etc.
Legal Provisions:
The Parliament of India considers it necessary to implement the decision of the General Assembly adopted the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law. As a result of which the Law on Information Technology 2000 was approved and executed May 17, 2000. The preamble of this law states its objective to legalize electronic commerce and a new amendment to the Penal Code of India 1860, Indian Evidence Act 1872, Evidence Act1891 banker Book and Reserve Bank of India Act 1934. The basic objective of introducing the changes in these acts is to make them compatible with the law of 2000. In order to regulate and control the affairs of the cyber world effectively.
CONCLUSION:
Capacity of the human mind is unfathomable. You can not eliminate crime from cyberspace. It is quite possible that control them. History is witness that no law has been able to eliminate all crimes in the world. The only possible step is to make people aware of their rights and obligations (to report crime as a collective duty of society) and then make the application of more stringent laws to control crime. Without doubt, the law is a historic step in the cyber world. Learn all together do not deny that there is a need for changes in the Law on Information Technology to make more effective the fight against cybercrime. Let me conclude with a word of caution from school for legislation to be taken into account the provisions of cyber laws are not made in a rigorous manner, which could slow the growth of the industry and be counterproductive.
Posts Tagged ‘Crimes’
Cyber Crimes
Wednesday, June 30th, 2010Cyber Crimes, Space and so Forth -a Concept of Cyber Laws
Monday, January 4th, 2010Cyber law is a generic term, which refers to all the legal and regulatory aspects of Internet and the World Wide Web. This cyber law governs a boundless, timeless, space less, medium which has emerged to environ the future business, known as “cyber medium or cyber spaceâ€. The electronic medium that is being discussed here is the “internetâ€. The popularity of internet raised many critical questions about the regulations and the governance of various aspects. Internet grew in a completely unplanned and unregulated manner and continuing grow rapidly. With the population of Internet multiplying about every 100 days; the internet is becoming the new chosen atmosphere of the world. As the internet users are increasing day to day, the scope for committing crimes also increases. Therefore a need for a Law that would govern this medium was seen.
Â
Under the laws for cyber space certain acts have been identified and classified as cyber crimes. A cyber crime is an offence whereby the mode of committing the offence is a computer system and the means is the internet. The psychological factors behind the person committing such cyber crimes can identified as greed, revenge, frustration, grievance and mismanagement. The acts classified as offences under the cyber law are; Hacking, Cyber stalking, Denial of service attack, Virus dissemination, Software piracy, Phishing, & Child Pornography etc. These crimes are real and are affecting everyone, individuals, business organizations, nation states & the international communities. These cyber crimes may be committed against Individuals, Organization, Company, Group of Individuals and Society at large. As the times pass by evolution of almost every thing tales place, so did an evolution take place in the cyber crimes. With the emergence of “Cyber Terrorism†this was evident.
Â
Cyber Terrorism can be said to be the act of controlling a victim’s computers, allied information technology, particularly through the cyber space (Internet), to cause physical, real-world harm or severe disturbance. As the Internet continues to expand, and computer systems continue to be allocating more responsibility and while becoming more & more complex and interdependent, disruption or terrorism via cyberspace may become a more grave danger.
Â
In the ordinary course of time, when an offence is committed by an individual, the subsequent action is either police report of the offence or investigation. On the successful completion of the investigation the offence is adjudicated by the judiciary, same is the case with Cyber Crimes. There are some techniques prescribed for investigation of such cyber crimes and there are also adjudicating authorities or courts established in order to hear and dispose these cases of cyber crimes.
Â
Investigations into cyber crimes can be done through Computer Forensics and Time Stamping. Computer forensics is the process of Identifying, Procuring, Analyzing, & Presenting Digital Evidence in a manner that is legally acceptable in the court of law. Computer forensics is used to conduct investigations into computer related incidents whether the incident is an external intrusion into your systems, internal frauds or staff breaching your security policy. The most important factor in the investigation of cyber crimes is to prove the “Time†of the occurrence of the crimes, as time stands to be most important factor in computer forensics it is very important. Under the concept of time stamping crimes are synchronized as events of an accurate clock. In the case of cyber crimes it is almost impossible to commit a crime without leaving a time trail.  The results of the time stamping are regarded as to be as undisputable evidence.  Time stamping speeds up the investigation and dissuades the cyber criminals.
Â
Adjudication of offences under any law is very important in order to penalize the offender. Adjudication is the legal process by which the Judge reviews the evidence and the arguments, including legal reasoning set forth by parties or litigants to come to a decision or judgment which determines rights and obligations between the parties involved, or in other common sense adjudication is the normal court procedure. The courts in United States of America have already begun taking cognizance of various kinds of fraud and crimes being committed in the internet. The victims of such Cyber crimes have found no healing remedy, they can either claim for civil damages or wait for the culprits to be caught and be tried under provisions, made for such offences committed in cyberspace.
Â
In India, with the Information Technology Act, 2000 being in force the establishment an adjudicating authority is clearly visible under the Section 46, Chapter IX. This provision states that the Central Government may establish one or more cyber regulation appallet tribunals / cyber appallet tribunals, in order to adjudicate upon the matters of cyber crimes. It is further stated that all matters in such context may be referred to the High Court only through appeal. The statutes like Information Technology Act, 2000 and Indian Penal Code, 1860 lay certain provisions classify certain acts done through internet as offences under the law.
Â
Globalization has caused a tremendous increase in the IT sector, resulting in the increase of cyber crimes in each and every corner of the world including the developing countries like India, Japan etc. These nations have opted for their own measures against such internet related offences. Â It is a very evident fact about the growth and evolution of laws through out the world, as the world grew larger so did the necessity of governing rules and regulations in the form of law were seen at a high priority. Today, same shall be the case with growing cyberspace and its allied difficulties.
Cyber Crimes – an Overview and the Measures
Friday, December 18th, 20091. Synopsis Of The Article. Information Technology solutions have paved a way to a new world of internet, business networking and e-banking, budding as a solution to reduce costs, change the sophisticated economic affairs to more easier, speedy, efficient, and time saving method of transactions. Internet has emerged as a blessing for the present pace of life but at the same time also resulted in various threats to the consumers and other institutions for which it’s proved to be most beneficial. Various criminals like hackers, crackers have been able to pave their way to interfere with the internet accounts through various techniques like hacking the Domain Name Server (DNS), Internet Provider’s (IP) address, spoofing, phishing, internet phishing etc. and have been successful in gaining “unauthorised access†to the user’s computer system and stolen useful data to gain huge profits from customer’s accounts.
Intentional use of information technology by cyber terrorists for producing destructive and harmful effects to tangible and intangible property of others is called “cyber crimeâ€. Cyber crime is clearly an international problem with no national boundaries. Hacking attacks can be launched from any corner of the world without any fear of being traced or prosecuted easily. Cyber terrorist can collapse the economic structure of a country from a place where that country might not have any arrangements like “extradition treaty†to deal with that criminal. The only safeguard would be better technology to combat such technology already evolved and known to the Hackers. But that still has threat of being taken over by the intellect computer criminals.
This paper contributes an understanding of the effects of negative use of Information technology, and how far the present law in India is successful in dealing with the issue, and what way is the legal structure lagging to curb the crime. Possible changes needed in the system and the ways to combat cyber terrorism having safe and trustworthy transactions.
Though there are many techniques evolved to curb the criminal activities by cyber terrorists but still the problem persists in legal structure and has failed to produce a deterring effect on the criminals. If the suggestions are undertaken in light of conclusion there can be a better co-ordination among various national and international agencies to make the system more efficient, and Information Technology Act 2000 more secured and trustworthy. It can still be held good for the objects it had existed to provide the benefits to the society. This paper is contributive of the fact that the till the crime rate is not curbed technology cannot produce adequate benefits for which it’s been created.
2. What Is Cyber Crime?Cyber terrorists usually use the computer as a tool, target, or both for their unlawful act either to gain information which can result in heavy loss/damage to the owner of that intangible sensitive information. Internet is one of the means by which the offenders can gain such price sensitive information of companies, firms, individuals, banks, intellectual property crimes (such as stealing new product plans, its description, market programme plans, list of customers etc. ), selling illegal articles, pornography etc. this is done through many methods such as phishing, spoofing, pharming, internet phising, wire transfer etc. and use it to their own advantage without the consent of the individual.
Many banks, financial institutions, investment houses, brokering firms etc. are being victimised and threatened by the cyber terrorists to pay extortion money to keep their sensitive information intact to avoid huge damages. And it’s been reported that many institutions in US, Britain and Europe have secretly paid them to prevent huge meltdown or collapse of confidence among their consumers.
2. 2. Emergence Of Information Technology Act, 2000. In India, the Information Technology Act 2000 was enacted after the United Nation General Assembly Resolution A/RES/51/162, dated the 30th January, 1997 by adopting the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law. This was the first step towards the Law relating to e-commerce at international level to regulate an alternative form of commerce and to give legal status in the area of e-commerce. It was enacted taking into consideration UNICITRAL model of Law on e- commerce 1996.
3. Some Noteworthy Provisions Under The Information Technology Act, 2000.
Sec. 43
Sec. 66
Sec. 67
4. Types Of Attacks By Hackers. Hacker is computer expert who uses his knowledge to gain unauthorized access to the computer network. He’s not any person who intends to break through the system but also includes one who has no intent to damage the system but intends to learn more by using one’s computer. Information Technology Act 2000 doesn’t make hacking per se an offence but looks into factor of mens rea. Crackers on other hand use the information cause disruption to the network for personal and political motives. Hacking by an insider or an employee is quite prominent in present date. Section 66 (b) of the Information Technology Act 2000, provides punishment of imprisonment for the term of 3 years and fine which may extent to two lakhs rupees, or with both
Banks and other financial institutions are threatened by the terrorist groups to use their sensitive information resulting in heavy loss and in turn ask for ransom amount from them. There are various methods used by hackers to gain unauthorised access to the computers apart from use of viruses like Trojans and worms etc.
Therefore if anyone secures access to any computer without the permission of the owner shall be liable to pay damages of one crore rupees under Information Technology Act, 2000. Computer system here means a device including input and output support devices and systems which are capable of performing logical, arithmetical, data storage and retrieval, communication control and other functions but excludes calculators. Unauthorised access under Section 43 of the Information Technology Act 2000 is punishable regardless of the intention or purpose for which unauthorised access to the computer system was made. Owner needn’t prove the facto of loss, but the fact of it been used without his authorisation. Case of United States v. Rice would be important in this regard where defendant on the request of his friend (who was been under investigation by IRS officer) tried to find the status of his friend’s case by using officer’s computer without his consent. Though it didn’t cause any damage/loss to the plaintiff (officer) but was convicted by the Jury for accessing the computer system of a Government without his authority and his conviction was later on confirmed. Even if one provides any assistance to the other to gain any unauthorised access to the computer he shall be liable to pay damages by way of compensation of Rupees 1 crore.
Does turning on the computer leads to unauthorized access? The mens rea under section 1 of the Computer misuse Act, 1990 comprises of two elements there must be an intent to secure an access to any programme or data held in any computer, and the person must know that he intends to secure an unauthorized access. e. g. When defendants went to his former employee to purchase certain equipments and the sales person was not looking he was alleged to have keyed in certain commands to the computerized till granting himself substantial discount. Though section 1 (1) (a) requires “that second computer must be involved†but the judiciary in the case of R v. Sean Cropp, believed that the Parliament would have intended to restrict the offence even if single computer system was involved.
A) Computer Viruses: Viruses are used by Hackers to infect the user’s computer and damage data saved on the computer by use of “payload†in viruses which carries damaging code. Person would be liable under I. T Act only when the consent of the owner is not taken before inserting virus in his system. The contradiction here is that though certain viruses causes temporary interruption by showing messages on the screen of the user but still it’s not punishable under Information Technology Act 2000 as it doesn’t cause tangible damage. But, it must be made punishable as it would fall under the ambit of ‘unauthorised access’ though doesn’t cause any damage. Harmless viruses would also fall under the expression used in the provision “to unsurp the normal operation of the computer, system or networkâ€. This ambiguity needs reconsideration.
B) Phishing: By using e-mail messages which completely resembles the original mail messages of customers, hackers can ask for verification of certain information, like account numbers or passwords etc. here customer might not have knowledge that the e-mail messages are deceiving and would fail to identify the originality of the messages, this results in huge financial loss when the hackers use that information for fraudulent acts like withdrawing money from customers account without him having knowledge of it
C) Spoofing: This is carried on by use of deceiving Websites or e-mails. These sources mimic the original websites so well by use of logos, names, graphics and even the code of real bank’s site.
D) Phone Phishing: Is done by use of in-voice messages by the hackers where the customers are asked to reveal their account identification, and passwords to file a complaint for any problems regarding their accounts with banks etc.
E) Internet Pharming: Hacker here aims at redirecting the website used by the customer to another bogus website by hijacking the victim’s DNS server (they are computers responsible for resolving internet names into real addresses – “signposts of internet), and changing his I. P address to fake website by manipulating DNS server. This redirects user’s original website to a false misleading website to gain unauthorised information.
F) Risk Posed On Banks And Other Institutions: Wire transfer is the way of transferring money from one account another or transferring cash at cash office. This is most convenient way of transfer of cash by customers and money laundering by cyber terrorists. There are many guidelines issued by Reserve Bank of India (RBI) in this regard, one of which is KYC (Know Your Customer) norms of 2002. Main objective of which is to: 1) Ensure appropriate customer identification, and 2) Monitor the transaction of suspicious nature and report it to appropriate authority every day bases.
G) Publishing Pornographic Material In Electronic Form: Section 67 of the Information Technology Act, 2000 in parallel to Section 292 of Indian Penal Code, 1860 makes publication and transmission of any material in electronic that’s lascivious or appeals to the prurient interest a crime, and punishable with imprisonment which may extend to 5 years and fine of 1 lakh rupees and subsequent offence with an imprisonment extending to 10 years and fine of 2 lakhs.
Various tests were laid down gradually in course of time to determine the actual crime in case of obscene material published in electronic form on net. Hicklin test was adopted in America in the case of Regina v. Hicklin wherein it was held that “if the material has tendency is to deprive and corrupt those whose minds are open to such immoral influences, and into whose hands a publication of this sort may fallâ€. In Indian scenario the case of Ranjeet D. Udeshi v. State of Maharashtra the Supreme Court admitted that Indian Penal Code doesn’t define obscenity though it provides punishment for publication of obscene matter. There’s very thin line existing between a material which could be called obscene and the one which is artistic. Court even stressed on need to maintain balance between fundamental right of freedom of speech and expression and public decency and morality. If matter is likely to deprave and corrupt those minds which are open to influence to whim the material is likely to fall. Where both obscenity and artistic matter is so mixed up that obscenity falls into shadow as its insignificant then obscenity may be overlooked.
In the case of Miller v. California it was held that local community standard must be applied at the time of determination of the offence. As it can traverse in many jurisdictions and can be accessed in any part of the globe. So wherever the material can be accessed the community standards of that country would be applicable to determine the offence of publication of obscene material posted in electronic form. Though knowledge of obscenity under Information Technology Act 2000 and Indian Penal Code may be taken as mitigating factor but doesn’t take the case out of the provision.
Section 72 of Information Technology Act, 2000 provides punishment for an unauthorised access or, disclosure of that information to third person punishable with an imprisonment upto 2 years or fine which may extend to 1 lakh rupees or with both. English courts have also dealt with an issue as to what activities would constitute crime under existing legislation, in the case of R. v. Fellows and Arnold it was held that the legislation before the 1994 amendment would also enable computer data to be considered a ‘copy of an indecent photograph’ and making images available for downloading from the website would constitute material being ‘distributed or shown’. Statute is wide enough to deal with the use of computer technology.
(H) Investment Newsletter: Â We usually get newsletter providing us free information recommending that investment in which field would be profitable. These may sometimes be a fraud and may cause us huge loss if relied upon. False information can be spread by this method about any company and can cause huge inconvenience or loss through junk mails online.
(I) Credit Card Fraud: Huge loss may cause to the victim due to this kind of fraud. This is done by publishing false digital signatures. Most of the people lose credit cards on the way of delivery to the recipient or its damaged or defective, misrepresented etc.
4. Measures To Curb The Crime. Though by passage of time and improvement in technology to provide easier and user friendly methods to the consumer for make up their daily activities, it has lead to harsh world of security threats at the same time by agencies like hackers, crackers etc. various Information technology methods have been introduced to curb such destructive activities to achieve the main objects of the technology to provide some sense of security to the users. Few basic prominent measures used to curb cyber crimes are as follows:
A) Encryption: This is considered as an important tool for protecting data in transit. Plain text (readable) can be converted to cipher text (coded language) by this method and the recipient of the data can decrypt it by converting it into plain text again by using private key. This way except for the recipient whose possessor of private key to decrypt the data, no one can gain access to the sensitive information. Not only the information in transit but also the information stored on computer can be protected by using Conventional cryptography method. Usual problem lies during the distribution of keys as anyone if overhears it or intercept it can make the whole object of encryption to standstill. Public key encryptograpy was one solution to this where the public key could be known to the whole world but the private key was only known to receiver, its very difficult to derive private key from public key.
B) Syncronised Passwords: These passwords are schemes used to change the password at user’s and host token. The password on synchronised card changes every 30-60 seconds which only makes it valid for one time log-on session. Other useful methods introduced are signature, voice, fingerprint identification or retinal and biometric recognition etc. to impute passwords and pass phrases
C) Firewalls: It creates wall between the system and possible intruders to protect the classified documents from being leaked or accessed. It would only let the data to flow in computer which is recognised and verified by one’s system. It only permits access to the system to ones already registered with the computer.
D) Digital Signature: Are created by using means of cryptography by applying algorithms. This has its prominent use in the business of banking where customer’s signature is identified by using this method before banks enter into huge transactions.
5. Investigations And Search Procedures. Section 75 of Information Technology Act, 2000 takes care of jurisdictional aspect of cyber crimes, and one would be punished irrespective of his nationality and place of commission of offence. Power of investigation is been given to police officer not below the rank of Deputy Superintendent of police or any officer of the Central Government or a State Government authorised by Central Government. He may enter any public place, conduct a search and arrest without warrant person who is reasonably expected to have committed an offence or about to commit computer related crime. Accused has to be produced before magistrate within 24 hours of arrest. Provisions of Criminal Procedure Code, 1973 regulate the procedure of entry, search and arrest of the accused.
5. 1. Problems Underlying Tracking Of Offence. Most of the times the offenders commit crime and their identity is hard to be identified. Tracking cyber criminals requires a proper law enforcing agency through cyber border co-operation of governments, businesses and institutions of other countries. Most of the countries lack skilled law enforcement personnel to deal with computer and even broader Information technology related crimes. Usually law enforcement agencies also don’t take crimes serious, they have no importance of enforcement of cyber crimes, and even if they undertake to investigate they are posed with limitation of extra-territorial nature of crimes.
6. How Efficient Is Information Technology Act 2000?It can’t be disputed that Information Technology Act, 2000 though provides certain kinds of protections but doesn’t cover all the spheres of the I. T where the protection must be provided. Copyright and trade mark violations do occur on the net but Copy Right Act 1976, or Trade Mark Act 1994 are silent on that which specifically deals with the issue. Therefore have no enforcement machinery to ensure the protection of domain names on net. Transmission of e-cash and transactions online are not given protection under Negotiable Instrument Act, 1881. Online privacy is not protected only Section 43 (penalty for damage to computer or computer system) and 72 (Breach of confidentiality or privacy) talks about it in some extent but doesn’t hinder the violations caused in the cyberspace.
Even the Internet Service Providers (ISP) who transmits some third party information without human intervention is not made liable under the Information Technology Act, 2000. One can easily take shelter under the exemption clause, if he proves that it was committed without his knowledge or he exercised due diligence to prevent the offence. It’s hard to prove the commission of offence as the terms “due diligence†and “lack of knowledge†have not been defined anywhere in the Act. And unfortunately the Act doesn’t mention how the extra territoriality would be enforced. This aspect is completely ignored by the Act, where it had come into existence to look into cyber crime which is on the face of it an international problem with no territorial boundaries.
7. Data Protection. Information stored on the owner of the computer would be his property and must be protected there are many ways such information can be misused by ways like ‘unauthorized access, computer viruses, data typing, modification erasures etc. Legislators had been constantly confronted with problem in balancing the right of the individuals on the computer information and other people’s claim to be allowed access to information under Human Rights. The first enactment in this regard was Data Protection Act by Germany in the year 1970. This was widely accepted by the world and also contributed to the Information Technology Act.
The origin of laws on date protection dates back to 1972 when United Kingdom formed a committee on privacy which came up with ten principles, on the bases of which data protection committee was set up. Data Protection Act, 1984 (DPA) was United Kingdom’s response to the Council of Europe Convention 1981, this Act lacked proper enforcement mechanism and has done little to enforce individual’s rights and freedoms. European Union directive in 1995, European Convention of Human Rights (ECHR), Human Rights Acts, and further introduction of Data Protection Act, 1998 have done much in the field of Data protection in today’s date. Data Protection Act has following aims and objectives:
Personal information shall only be obtained for lawful purpose, it shall only be used for that purpose, mustn’t be disclosed or used to effectuate any unlawful activity, and must be disposed off when the purpose is fulfilled.
Though Data Protection Act aims at protecting privacy issues related to the information but still we find no mention of the word “privacy†in the Act, nor is it defined, further the protection comes with various exemptions, including compulsory notification from the Commissioner in certain cases of the personal data. Due to the change in the regime of information technology for the date European Convention came, on which the Act is based amendments in the Act is advised for matching the present situation and curbing the crime in efficient way.
There is no Data Protection Act in India, the only provisions which talks about data protection are Section 72 and Section 43 of Information Technology Act, 2000. There must be a new Law to deal with the situation for a person to know that the Controller is processing his data concerning him and also that he must know the purpose for which it has been processed. It is a fundamental right of the Individual to retain private information concerning him provided under Article 21 of the Indian Constitution, which says: “No person shall be deprived of his life or personal liberty except according to procedure established by lawâ€. And due to the increasing trend of the Crime rate in the field separate legislation is required in this context for better protection of individuals.
8. Conclusion & Suggestions. No one can deny the positive role of the cyber space in today’s world either it be political, economic, or social sphere of life. But everything has its pro’s and corns, cyber terrorists have taken over the technology to their advantage. To curb their activities, the Information Technology Act 2000 came into existence which is based on UNICITRAL model of Law on e-commerce. It has many advantages as it gave legal recognition to electronic records, transactions, authentication and certification of digital signatures, prevention of computer crimes etc. but at the same time is inflicted with various drawbacks also like it doesn’t refer to the protection of Intellectual Property rights, domain name, cyber squatting etc. This inhibits the corporate bodies to invest in the Information technology infrastructure. Cases like Dawood and Quattrochi clearly reveals the problem of enforceability machinery in India. Cryptography is new phenomenon to secure sensitive information. There are very few companies in present date which have this technology. Other millions of them are still posed to the risk of cyber crimes.
There is an urgent need for unification of internet laws to reduce the confusion in their application. For e. g. for publication of harmful contents or such sites, we have Indian Penal Code (IPC), Obscenity Law, Communication Decency law, self regulation, Information Technology Act 2000 ,Data Protection Act, Indian Penal Code, Criminal Procedure Code etc but as they deal with the subject vaguely therefore lacks efficient enforceability mechanism. Due to numerous Laws dealing with the subject there lays confusion as to their applicability, and none of the Law deals with the subject specifically in toto. To end the confusion in applicability of Legislation picking from various laws to tackle the problem, i would suggest unification of laws by taking all the internet laws to arrive at Code which is efficient enough to deal with all the problems related to internet crimes. Although these legislations talk about the problem but they don’t provide an end to it. There’s need for a one Cyber legislation which is co-ordinated to look after cyber crimes in all respects. With passage of time and betterment of technology in the present date, has also resulted in numerous number of Information technology related crimes therefore changes are suggested to combat the problem equally fast.
Crucial aspect of problem faced in combating crime is that, most of the countries lack enforcement agencies to combat crime relating to internet and bring some level of confidence in users. Present law lacks teeth to deter the terrorist groups for committing cyber crimes if you see the punishment provides by the Act it’s almost ineffective, inefficient and only provides punishment of 3 years at the maximum. Harsher laws are required at this alarming situation to deal with criminals posing threat to security of funds, information, destruction of computer systems etc. Data protection, by promotion of general principles of good information practice with an independent supervisory regime, would enable the law to maintain sufficient flexibility to achieve an appropriate balance between the need to protect the rights of the individuals and to have a control over the way their personal information have been used would be helpful in this increasingly networked economy. Just having two provisions in the Information Technology Act, 2000 for protection of data without any proper mechanism for to tackle the crime makes their mention in the Act redundant.
Information Technology Act is applicable to all the persons irrespective of their nationalities (i. e. to non-citizens also) who commits offence under the Information Technology Act outside India, provided the act or conduct constituting the offence or contravention involves computer, computer systems, or computer networks located in India under Section 1 and Section 75 of the Information Technology Act, but this provision lacks practical value until and unless the person can be extradited to India. Therefore it’s advised that we should have Extradition treaties among countries. To make such provisions workable.
It’s like ‘eye for an eye’ kind of situation where the technology can be curbed only by an understanding of the technology taken over by cyber terrorists. Even if the technology is made better enough to curb the computer related crime there is no guarantee if that would stay out of reach of cyber terrorists. Therefore Nations need to update the Law whether by amendments or by adopting sui generic system. Though Judiciary continues to comprehend the nature of computer related crimes there is a strong need to have better law enforcement mechanism to make the system workable.
Referances. Sankar Sen, ‘Human Rights & Law Enforcement’, 1st ed. , 2002, Concept Publishing Co. , New Delhi. Dr. Sub hash Chandra Gupta, ‘Information technology Act, 2000 and its Drawbacks’, National Conference on Cyber Laws & Legal Education, Dec. 22-24th 2001, NALSAR, University of Law, Print House, Hyderabad. Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi. 1992 U. S. App. LEXIS 9562 (4th May 4, 1992)Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi. R v. Sean Cropp, Snearesbrook Crown Court, 4th July 1991. (303)B. R Suri & T. N Chhabra, ‘Cyber Crime’, 1st ed. , 2002, Pentagon Press, Delhi. Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi. Rupam Banerjee, ‘The Dark world of Cyber Crime’, July 7, 2006 can be viewed at http://articles. sakshay. in/index. php?article=15257Prof. Unni, ‘Legal Regulations on Internet Banking’, 2007, NALSAR University of Law, Hyderabad. “Anusuya Sadhuâ€, “The Menace of Cyber Crimeâ€, can be viewed athttp://www. legalserviceindia. com/articles/article+2302682a. htm3 L. R. Q. B. 360, 371 (Q. B. 1868). AIR 1965 SC 881. 413 U. S 15. 24 (1973)Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi. B. R Suri & T. N Chhabra, ‘Cyber Crime’, 1st ed. , 2002, Pentagon Press, Delhi. [1997] 2 All ER 548Justice S. B. Sinha, ‘Cyber Crime in the Information Age’, National Conference on Cyber Laws & Legal Education, Dec. 22-24th 2001, NALSAR, University of Law, Print House, Hyderabad. Prof. V. K Unni, ‘Legal strategies for a Robust I. T Infrastructure’, 2007, NALSAR University of Law Hyderabad. Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi. Sanker Sen, ‘Human Rights & Law Enforcement’, 1st ed. , 2002, Concept Publications, New Delhi. Dr. Farooq Ahmed, ‘Cyber Law in India (Laws on Internet)’, Pioneer Books, Delhi. Ajmal Eddappagath, ‘Cyber Laws and Enforcement’ Can be viewed at http://www. iimahd. ernet. in/egov/ifip/dec2004/article2. htmDr. Subhash Chandra Gupta – Information Technology Act, 2000 and its drawbacks, ‘National Conference on Cyber Laws & Legal Education’, Dec. 22-24th 2001, NALSAR, University of Law, Print House, Hyderabad. C. Suman and Duvva Pavan Kumar, ‘Data Protection – An overview’, National Conference on Cyber Laws & Legal Education, Dec. 22-24th 2001, NALSAR, University of Law, Print House, Hyderabad. Cris Reed and John Angel, ‘Computer Law’, 5th ed. , 2003, Oxford University Press Inc. , New York. S. K Verma and Raman Mittal, ‘Legal Dimensions of Cyber Space, 2004, Indian Law Institute, New Delhi. Cris Reed and John Angel, ‘Computer Law’, 5th ed. , 2003, Oxford University Press Inc. New York.