Unit - V

Introduction to Cyber Crime

"The modern thief can steal more with a computer than with a gun. Tomorrow's
terrorist may be able to do more damage with a keyboard than with a bomb".

National Research Council, U S A "Computers at Risk.1991

The first recorded cyber crime took place in the year 1820! That is not surprising considering
the fact that the abacus, which is thought to be the earliest form of a computer, has been around
since 3500 B.C. in India, Japan and China. The era of modern computers, however, began with
the analytical engine of Charles Babbage.

In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom. This
device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted
in a fear amongst Jacquard's employees that their traditional employment and livelihood were
being threatened. They committed acts of sabotage to discourage Jacquard from further use of
the new technology. This is the first recorded cyber crime!

Today computers have come a long way, with neural networks and nano-computing promising
to turn every atom in a glass of water into a computer capable of performing a billion
operations per second.

Cyber crime is an evil having its origin in the growing dependence on computers in modern
life. In a day and age when everything from microwave ovens and refrigerators to nuclear
power plants is being run on computers, cyber crime has assumed rather sinister implications.
Major cyber crimes in the recent past include the Citibank rip off. US $ 10 million were
fraudulently transferred out of the bank and into a bank account in Switzerland. A Russian
hacker group led by Vladimir Kevin, a renowned hacker, perpetrated the attack. The group
compromised the bank's security systems.

Vladimir was allegedly using his office computer at AO Saturn, a computer firm in St.
Petersburg, Russia, to break into Citibank computers. He was finally arrested on Heathrow
airport on his way to Switzerland.

Defining Cyber Crime:

At the onset, let us satisfactorily define "cyber crime" and differentiate it from "conventional
Crime". 166 Computer crime can involve criminal activities that are traditional in nature, such
as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal
Code. The abuse of computers has also given birth to a gamut of new age crimes that are
addressed by the Information Technology Act, 2000.

Defining cyber crimes, as "acts that are punishable by the Information Technology Act" would
be unsuitable as the Indian Penal Code also covers many cyber crimes, such as email spoofing
and cyber defamation, sending threatening emails etc. A simple yet sturdy definition of cyber
crime would be "unlawful acts wherein the computer is either a tool or a target or both".
Let us examine the acts wherein the computer is a tool for an unlawful act. This kind of
activity usually involves a modification of a conventional crime by using computers.

Cyber security means protecting information, equipment, devices, computer, computer

resource, communication device and information stored therein from unauthorized access, use,
disclosure, disruption, modification or destruction

Classification of cyber crimes:

1. Cybercrime against individual:

E-Mail spoofing and other online fraud
Phishing
Spamming
Cyberdefamation
Cyberstalking and harassment
Computer sabotage
Pornographic offenses

2. Cybercrime against property:

Credit card frauds
Intellectual property crime
Internet time theft

3. Cybercrime against organization:

Unauthorized accessing of computer
Password sniffing
Denial-of-service attacks
Virus
E-Mail bombing
Salami attack
Logic bomb
Trojan horse
Data diddling
Industrial spying
Computer network intrusions
Software piracy

4. Cybercrime against society:

Forgery
Cyberterrorism
Web jacking

5. Crimes emanating from Usenet newsgroup:

Usenet group may carry very offensive, harmful, inaccurate or otherwise inappropriate
material or postings that have been misplaced or are deceptive in another way.
Who are cyber Criminals?

Categorized in 3 groups:

Type I: Cybercriminals- hungry for recognition

Hobby hackers
IT professionals
Politically motivated hackers
Terrorist organizations

Type II: Cybercriminals- not interested in recognition

Psychological perverts
Financially motivated hackers
State-sponsored hacking
Organized criminals

Type III: cybercriminals- the insiders

Former employees seeking revenge

Competing companies using employees to gain economic advantage through damage
and/or theft

Need for Cyber Laws:

There are various reasons why it is extremely difficult for conventional law to cope with
cyberspace. Some of these are discussed below.

1. Cyberspace is an intangible dimension that is impossible to govern and regulate using

conventional law.

2. Cyberspace has complete disrespect for jurisdictional boundaries. A person in India could
break into a banks electronic vault hosted on a computer in USA and transfer millions of
Rupees to another bank in Switzerland, all within minutes. All he would need is a laptop
computer and a cell phone.

3. Cyberspace handles gigantic traffic volumes every second. Billions of emails are
crisscrossing the globe even as we read this, millions of websites are being accessed every
minute and billions of dollars are electronically transferred around the world by banks every
day.

4. Cyberspace is absolutely open to participation by all. A ten year-old in Bhutan can have a
live chat session with an eight year-old in Bali without any regard for the distance or the
anonymity between them.

5. Cyberspace offers enormous potential for anonymity to its members. Readily available
encryption software and steganographic tools that seamlessly hide information within image
and sound files ensure the confidentiality of information exchanged between cyber-citizens.
6. Cyberspace offers never-seen-before economic efficiency. Billions of dollars worth of
software can be traded over the Internet without the need for any government licenses,
shipping and handling charges and without paying any customs duty.

7. Electronic information has become the main object of cyber crime. It is characterized by
extreme mobility, which exceeds by far the mobility of persons, goods or other services.
International computer networks can transfer huge amounts of data around the globe in a
matter of seconds.

8. A software source code worth crores of rupees or a movie can be pirated across the globe
within hours of their release.

9. Theft of corporeal information (e.g. books, papers, CD ROMs, floppy disks) is easily
covered by traditional penal provisions.

However, the problem begins when electronic records are copied quickly, inconspicuously and
often via telecommunication facilities. Here the original information, so to say, remains in
the possession of the owner and yet information gets stolen.

Cyber Law: Cyber Law is the law governing cyber space.

Cyber space includes computers, networks, software's, data storage devices (such as hard
disks, USB disks etc), the Internet, websites, emails and even electronic devices such as cell
phones, ATM machines etc.

Cyber Law Deals with

Cyber Crimes
Electronic or Digital Signatures
Intellectual Property
Data Protection and Privacy

Need of Cyber Law in Indian context:

Internet has dramatically changed the way we think, the way we govern, the way we do
commerce and the way we perceive ourselves.
Information technology is encompassing all walks of life and all the sectors.
Cyber space creates moral, civil and criminal wrongs. It has now given a new way to
express criminal tendencies.
Cyberspace is open to participation by all and most of them doesnt know about right or
Wrong?
IT has brought Transition from paper to paperless world
The laws of real world cannot be interpreted in the light of emerging cyberspace to
include all aspects relating to different activities in cyberspace
Internet requires an enabling and supportive legal infrastructure in tune with the times
 Information Technology act 2000

Information Technology Act 2000, is to provide legal recognition for transactions carried out
by means of electronic data interchange and other means of electronic communication,
commonly referred to as electronic commerce, which involve the use of alternatives to
paper-based methods of communication and storage of information, to facilitate electronic
filing of documents with the Government agencies and further to amend the Indian Penal
Code, the Indian Evidence Act, 1872, the Bankers Books Evidence Act, 1891 and the Reserve
Bank of India Act, 1934 and for matters connected therewith or incidental thereto.

Information Technology Act 2000, is based on UNCITRAL (United Nations Commission on

International Trade Law) Model Law.

Information Technology Act 2000, has 13 chapters, 94 sections and 4 schedules.

First 14 sections deals with some legal aspects concerning digital signature.

Further other sections deal with certifying authorities who are licensed to issue digital
signature certificate.

Sections 43 to 47 provide for penalties and compensation.

Sections 48 to 64 deals with Tribunals a appeal to high court.

Section 65 to 79 of the act deals with offences.

Section 80 to 94 deals with miscellaneous of the Act.

OBJECTIVES:

It shall extend to the whole of India and, save as otherwise provided in this Act, it applies
also to any offence or contravention there under committed outside India by any person.

It shall come into force on such date as the Central Government may, by notification, appoint
and different dates may be appointed for different provisions of this Act and any reference in
any such provision to the commencement of this Act shall be construed as a reference to the
commencement of that provision.

Nothing in this Act shall apply to,

a negotiable instrument as defined in section 13 of the Negotiable Instruments Act, 1881;

a power-of-attorney as defined in section 1A of the Powers-of-Attorney Act, 1882;

a trust as defined in section 3 of the Indian Trusts Act, 1882;

a will as defined in clause (h) of section 2 of the Indian Succession Act, 1925 including any
other testamentary disposition by whatever name called;
 any contract for the sale or conveyance of immovable property or any interest in such
property; any such class of documents or transactions as may be notified by the Central
Government in the Official Gazette.

SECTIONS OF IT ACT 2000

Sections 2(d) of the act defines affixing digital signature as affixing digital signature, with
its grammatical variations and cognate expressions means adoption of any methodology or
procedure by a person for the purpose of authenticating an electronic record by means of
digital signature.

Section 2(i) computer is defined as any electronic, magnetic, optical or high speed data
proceeding device or systems which performs logical, arithmetic and memory functions by
manipulations of electronic, magnetic or optical impulses and includes all input, output,
proceedings, storage, computer software or communication facilities which are concerned or
related to the computer in a computer system or computer network.

Section 2(zc) defines private key as the key of a key pair used to create a digital signature.

Section 2(zd) defines public key as the key of a key pair used to verify a digital signature and
listed in Digital Signature Certificate.

SECTION 5

Section 5 of the Act gives legal recognition to digital signatures.

Where any law provides that information or any other matter shall be authenticated by
affixing the signature or any document shall be signed or bear the signature of any person then,
notwithstanding anything contained in such law, such requirement shall be deemed to have
been satisfied, if such information or matter is authenticated by means of digital signature
affixed in such manner as may be prescribed by the Central Government.

SECTION 15 SECURE DIGITAL SIGNATURE

If, by application of a security procedure agreed to by the parties concerned, it can be verified
that a digital signature, at the time it was affixed, was

unique to the subscriber affixing it;

capable of identifying such subscriber;

created in a manner or using a means under the exclusive control of the subscriber and is
linked to the electronic record to which it relates in such a manner that if the electronic record
was altered the digital signature would be invalidated,

then such digital signature shall be deemed to be a secure digital signature.

SECTION 43 PENALTY FOR DAMAGE TO COMPUTER

 If any person without permission of the owner or any other person who is incharge of a
computer, computer system or computer network,

accesses or secures access to such computer, computer system or computer network;

downloads, copies or extracts any data, computer data base or information from such
computer, computer system or computer network including information or data held or stored
in any removable storage medium;

introduces or causes to be introduced any computer contaminant or computer virus into any
computer, computer system or computer network;

damages or causes to be damaged any computer, computer system or computer network,

data, computer data base or any other programmes residing in such computer, computer system
or computer network;

disrupts or causes disruption of any computer, computer system or computer network;

denies or causes the denial of access to any person authorised to access any computer,
computer system or computer network by any means;

provides any assistance to any person to facilitate access to a computer, computer system or
computer network in contravention of the provisions of this Act, rules or regulations made
there under;

charges the services availed of by a person to the account of another person by tampering
with or manipulating any computer, computer system, or computer network,

he shall be liable to pay damages by way of compensation not exceeding one crore rupees to
the person so affected.

SECTION 61 CIVIL COURT NOT TO HAVE JURISDICTION

No court shall have jurisdiction to entertain any suit or proceeding in respect of any matter
which an adjudicating officer appointed under this Act or the Cyber Appellate Tribunal
constituted under this Act is empowered by or under this Act to determine and no injunction
shall be granted by any court or other authority in respect of any action taken or to be taken in
pursuance of any power conferred by or under this Act.

SECTION 62 APPEAL TO HIGH COURT.

Any person aggrieved by any decision or order of the Cyber Appellate Tribunal may file an
appeal to the High Court within sixty days from the date of communication of the decision or
order of the Cyber Appellate Tribunal to him on any question of fact or law arising out of such
order

Provided that the High Court may, if it is satisfied that the appellant was prevented by
sufficient cause from filing the appeal within the said period, allow it to be filed within a
further period not exceeding sixty days.
SECTION 63 COMPOUNDING OF CONTRAVENTIONS

It states that any contraventions under this Act either before or after the institution of
adjudication proceedings, be compounded by the Controller or such other officer as may be
specially authorised by him in this behalf or by the adjudicating officer, as the case may be,
subject to such conditions as the Controller or such other officer or the adjudicating officer
may impose.

SECTION 64 RECOVERY OF PENALTY

A penalty imposed under this Act, if it is not paid, shall be recovered as an arrear of land
revenue and the licence or the Digital Signature Certificate, as the case may be, shall be
suspended till the penalty is paid.

SECTION 65 TAMPERING WITH COMPUTER SOURCE DOCUMENTS

Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly

causes another to conceal, destroy or alter any computer source code used for a computer,
computer programme, computer system or computer network, when the computer source code
is required to be kept or maintained by law for the time being in force, shall be punishable with
imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with
both.

SECTION 66 HACKING WITH COMPUTER SYSTEM

Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or
damage to the public or any person destroys or deletes or alters any information residing in a
computer resource or diminishes its value or utility or affects it injuriously by any means,
commits hack:

Whoever commits hacking shall be punished with imprisonment up to three years, or with
fine which may extend upto two lakh rupees, or with both.

SECTION 67 PUBLISHING OF OBSCENE INFORMATION

Whoever publishes or transmits or causes to be published in the electronic form, any material
which is lascivious or appeals to the prurient interest or if its effect is such as to tend to
deprave and corrupt persons who are likely, having regard to all relevant circumstances, to
read, see or hear the matter contained or embodied in it, shall be punished on first conviction
with imprisonment of either description for a term which may extend to five years and with
fine which may extend to one lakh rupees and in the event of a second or subsequent
conviction with imprisonment of either description for a term which may extend to ten years
and also with fine which may extend to two lakh rupees.

SECTION 71 PENALTY FOR MISREPRESENTATION Whoever makes any

misrepresentation to, or suppresses any material fact from, the Controller or the Certifying
Authority for obtaining any licence or Digital Signature Certificate, as the case may be, shall
be punished with imprisonment for a term which may extend to two years, or with fine which
may extend to one lakh rupees, or with both.

SECTION 72 PENALTY FOR BREACH OF PRIVACY

Save as otherwise provided in this Act or any other law for the time being in force, any person
who, in pursuance of any of the powers conferred under this Act, rules or regulations made
there under, has secured access to any electronic record, book, register, correspondence,
information, document or other material without the consent of the person concerned is closes
such electronic record, book, register, correspondence, information, document or other material
to any other person shall be punished with imprisonment for a term which may extend to two
years, or with fine which may extend to one lakh rupees, or with both.

SECTION 73 - PENALTY FOR PUBLISHING FALSE DIGITAL SIGNATURE

CERTIFICATE

No person shall publish a Digital Signature Certificate or otherwise make it available to any
other person with the knowledge that

the Certifying Authority listed in the certificate has not issued it; or

the subscriber listed in the certificate has not accepted it; or

the certificate has been revoked or suspended,

unless such publication is for the purpose of verifying a digital signature created prior to such
suspension or revocation.

Any person who contravenes the provisions of sub-section (1) shall be punished with
imprisonment for a term which may extend to two years, or with fine which may extend to one
lakh rupees, or with both.

SECTION 74 PUBLICATION FOR FRAUDULENT PURPOSE

Whoever knowingly creates, publishes or otherwise makes available a Digital Signature

Certificate for any fraudulent or unlawful purpose shall be punished with imprisonment for a
term which may extend to two years, or with fine which may extend to one lakh rupees, or with
both.

SECTION 75 - ACT TO APPLY FOR OFFENCE OR CONTRAVENTION COMMITTED

OUTSIDE INDIA

Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any
offence or contravention committed outside India by any person irrespective of his nationality.

For the purposes of sub-section (1), this Act shall apply to an offence or contravention
committed outside India by any person if the act or conduct constituting the offence or
contravention involves a computer, computer system or computer network located in India.

THE CYBER REGULATIONS APPELLATE TRIBUNAL

 Cyber Appellate Tribunal are created to regulate and supervise the Certifying Authorities
who issue Digital Signature certificates.

Cyber Appellate Tribunal provide for appeal by person aggrieved against an order made by
the Adjudicating Officer under the Information Technology Act.

Section 48 to 64 of Information Technology Act 2000 contains provisions relating to Cyber

Appellate Tribunal.

SECTION 48 ESTABLISHMENT OF CYBER APPELLATE TRIBUNAL

The Central Government shall, by notification, establish one or more appellate tribunals to be
known as the Cyber Regulations Appellate Tribunal.

The Central Government shall also specify, in the notification referred to in subsection(1), the
matters and places in relation to which the Cyber Appellate Tribunal may exercise jurisdiction.

SECTION 49 COMPOSITION OF CYBER APPELLATE TRIBUNAL

A Cyber Appellate Tribunal shall consist of one person only (hereinafter referred to as the
Residing Officer of the Cyber Appellate Tribunal) to be appointed, by notification, by the
Central Government

SECTION 50 - QUALIFICATIONS FOR APPOINTMENT AS PRESIDING OFFICER

A person shall not be qualified for appointment as the Presiding Officer of a Cyber Appellate
Tribunal unless he

is, or has been. or is qualified to be, a Judge of a High Court; or

is or has been a member of the Indian Legal Service and is holding or has held a post in
Grade I of that Service for at least three years.

SECTION 51 - TERM OF OFFICE

The Presiding Officer of a Cyber Appellate Tribunal shall hold office for a term of five years
from the date on which he enters upon his office or until he attains the age of sixty- five years,
whichever is earlier.

SECTION 52 - SALARY, ALLOWANCES AND OTHER TERMS AND CONDITIONS OF

PRESIDING OFFICER

The salary and allowances payable to, and the other terms and conditions of service including
pension, gratuity and other retirement benefits of. the Presiding Officer of a Cyber Appellate
Tribunal shall be such as may be prescribed:

Provided that neither the salary and allowances nor the other terms and conditions of service
of the Presiding Officer shall be varied to his disadvantage after appointment.

SERVICE 53 - FILLING UP OF VACANCIES

 If, for reason other than temporary absence, any vacancy occurs in the office n the Presiding
Officer of a Cyber Appellate Tribunal, then the Central Government shall appoint another
person in accordance with the provisions of this Act to fill the vacancy and the proceedings
may be continued before the Cyber Appellate Tribunal from the stage at which the vacancy is
filled.

SECTION 54 RESIGNATION AND REMOVAL

The Presiding Officer of a Cyber Appellate Tribunal may, by notice in writing under his hand
addressed to the Central Government, resign his office:

Provided that the said Presiding Officer shall, unless he is permitted by the Central
Government to relinquish his office sooner, continue to hold office until the expiry of three
months from the date of receipt of such notice or until a person duly appointed as his successor
enters upon his office or until the expiry of his term of office, whichever is the earliest.

The Presiding Officer of a Cyber Appellate Tribunal shall not be removed from his office
except by an order by the Central Government on the ground of proved misbehaviour or
incapacity after an inquiry made by a Judge of the Supreme Court in which the Presiding
Officer concerned has been informed of the charges against him and given a reasonable
opportunity of being heard in respect of these charges.

The Central Government may, by rules, regulate the procedure for the investigation of
misbehaviour or incapacity of the aforesaid Presiding Officer.

SECTION 55 ORDERS CONSTITUTING TRIBUNAL TO BE FINAL AND NOT TO

INVALIDATE ITS PROCEEDINGS

No order of the Central Government appointing any person as the Presiding Officer of a
Cyber Appellate Tribunal shall be called in question in any manner and no act or proceeding
before a Cyber Appellate Tribunal shall be called in question in any manner on the ground
merely of any defect in the constitution of a Cyber Appellate Tribunal.

SECTION 56 STAFF OF THE CYBER APPELLATE TRIBUNAL

The Central Government shall provide the Cyber Appellate Tribunal with such officers and
employees as that Government may think fit

The officers and employees of the Cyber Appellate Tribunal shall discharge their functions
under general superintendence of the Presiding Officer.

The salaries, allowances and other conditions of service of the officers and employees or the
Cyber Appellate Tribunal shall be such as may be prescribed by the Central Government.

SECTION 57 APPEAL CYBER APPELLATE TRIBUNAL

Save as provided in sub-section (2), any person aggrieved by an order made by Controller or
an adjudicating officer under this Act may prefer an appeal to a Cyber Appellate Tribunal
having jurisdiction in the matter.
 No appeal shall lie to the Cyber Appellate Tribunal from an order made by an adjudicating
officer with the consent of the parties.

Every appeal under sub-section (1) shall be filed within a period of only-five days from the
date on which a copy of the order made by the Controller or the adjudicating officer is received
by the person aggrieved and it shall be in such form and be accompanied by such fee as may be
prescribed: Provided that the Cyber Appellate Tribunal may entertain an appeal after the
expiry of the said period of only-five days if it is satisfied that there was sufficient cause or not
filing it within that period.

On receipt of an appeal under sub-section (1), the Cyber Appellate Tribunal may, after giving
the parties to the appeal, an opportunity of being heard, pass such orders thereon as it thinks fit,
confirming, modifying or setting aside the order appealed against.

The Cyber Appellate Tribunal shall send a copy of every order made by it to" the parties to
the appeal and to the concerned Controller or adjudicating officer.

The appeal filed before the Cyber Appellate Tribunal under sub-section (1) shall be dealt with
by it as expeditiously as possible and endeavour shall be made by it to dispose of the appeal
finally within six months from the date of receipt of the appeal.

SECTION 58 PROCEDURE AND POWERS OF THE CYBER TRIBUNAL

The Cyber Appellate Tribunal shall not be bound by the procedure laid down by the Code of
civil Procedure, 1908 but shall be guided by the principles of natural justice and, subject to the
other provisions of this Act and of any rules, the Cyber Appellate Tribunal shall have powers
to regulate its own procedure including the place at which it shall have its sittings.

The Cyber Appellate Tribunal shall have, for the purposes of discharging its functions under
this Act, the same powers as are vested in a civil court under the Code of Civil Procedure,
1908, while trying a suit, in respect of the following matters, namely:

summoning and enforcing the attendance of any person and examining him on oath;

requiring the discovery and production of documents or other electronic records;

receiving evidence on affidavits;

issuing commissions for the examination of witnesses or documents;

reviewing its decisions;

dismissing an application for default or deciding it ex pane;

any other matter which may be prescribed.

Every proceeding before the Cyber Appellate Tribunal shall be deemed to be a judicial
proceeding within the meaning of sections 193 and 228, and for the purposes of section 196 of
the Indian Penal Code and the Cyber Appellate Tribunal shall be deemed to be a civil court for
the purposes of section 195 and Chapter XXVI of the Code of Criminal Procedure, 1973.
SECTION 59 RIGHT TO LEGAL REPRESENTATION

The appellant may either appear in person or authorise one or more legal practitioners or any
of its officers to present his or its case before the Cyber Appellate Tribunal.

SECTION 60 LIMITATION

The provisions of the Limitation Act, 1963, shall, as far as may be, apply to an appeal made
to the Cyber Appellate Tribunal.

SECTION 61 CIVIL COURT NOT TO HAVE JURISDICTION

No court shall have jurisdiction to entertain any suit or proceeding in respect of any matter
which an adjudicating officer appointed under this Act or the Cyber Appellate Tribunal
constituted under this Act is empowered by or under this Act to determine and no injunction
shall be granted by any court or other authority in respect of any action taken or to be taken in
pursuance of any power conferred by or under this Act.

SECTION 62 APPEAL TO HIGH COURT

Any person aggrieved by any decision or order of the Cyber Appellate Tribunal may file an
appeal to the High Court within sixty days from the date of communication of the decision or
order of the Cyber Appellate Tribunal to him on any question of fact or law arising out of such
order

Provided that the High Court may, if it is satisfied that the appellant was prevented by
sufficient cause from filing the appeal within the said period, allow it to be filed within a
further period not exceeding sixty days.

SECTION 63 COMPOUNDING OF CONTRAVENTIONS

Any contravention under this Chapter may, either before or after the institution of
adjudication proceedings, be compounded by the Controller or such other officer as may be
specially authorised by him in this behalf or by the adjudicating officer, as the case may be,
subject to such conditions as the Controller or such other officer or the adjudicating officer
may specify:

Provided that such sum shall not, in any case, exceed the maximum amount of the penalty
which may be imposed under this Act for the contravention so compounded.

Nothing in sub-section (1) shall apply to a person who commits the same or similar
contravention within a period of three years from the date on which the first contravention,
committed by him, was compounded.

Where any contravention has been compounded under sub-section (1), no proceeding or
further proceeding, as the case may be, shall be taken against the person guilty of such
contravention in respect of the contravention so compounded.

SECTION 64 RECOVERY OF PENALTY

 A penalty imposed under this Act, if it is not paid, shall be recovered as an arrear of land
revenue and the licence or the Digital Signature Certificate, as the case may be, shall be
suspended till the penalty is paid.

CASE STUDY 1 State Of Tamil Nadu v/s Suhas Katti Conviction Within 7 Months

The case related to posting of obscene, defamatory and annoying message about a divorcee
woman in the yahoo message group. E-Mails were also forwarded to the victim for information
by the accused through a false e-mail account opened by him in the name of the victim. The
posting of the message resulted in annoying phone calls to the lady in the belief that she was
soliciting.

The accused was a known family friend of the victim and was reportedly interested in
marrying her. She however married another person. This marriage later ended in divorce and
the accused started contacting her once again. On her reluctance to marry him, the accused
took up the harassment through the Internet.

The accused is found guilty and convicted for offences under section 469, 509 IPC and 67 of
IT Act 2000 . This is considered as the first case convicted under section 67 of Information
Technology Act 2000 in India.

The accused is found guilty of offences under section 469, 509 IPC and 67 of IT Act 2000
and the accused is convicted and is sentenced for the offence to undergo RI for 2 years under
469 IPC and to pay fine of Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1
year Simple imprisonment and to pay fine of Rs.500/- and for the offence u/s 67 of IT Act
2000 to undergo RI for 2 years and to pay fine of Rs.4000/- All sentences to run concurrently.

The accused paid fine amount and he was lodged at Central Prison, Chennai. This is
considered as the first case convicted under section 67 of Information Technology Act 2000 in
India.

CASE STUDY 2 Forgery - Andhra Pradesh Tax Case

In the explanation of the Rs. 22 Crore which was recovered from the house of the owner of a
plastic firm by the sleuths of vigilance department, the accused person submitted 6000
vouchers to legitimize the amount recovered, but after careful scrutiny of vouchers and
contents of his computers it revealed that all of them were made after the raids were conducted
. All vouchers were fake computerized vouchers.

CASE STUDY 3 Cyber Stalking

Ritu Kohli (first lady to register the cyber stalking case) is a victim of cyber-stalking. A
friend of her husband gave her phone number and name on a chat site for immoral purposes. A
computer expert, Kohli was able to trace the culprit. Now, the latter is being tried for
"outraging the modesty of a woman", under Section 509 of IPC.

CASE STUDY 4 Extortion of Money Through Internet

 The complainant has received a threatening email and demanded protection from unknown
person claiming to be the member of Halala Gang, Dubai. Police registered a case u/s.
384/506/511 IPC.

The sender of the email used the email ID xyz@yahoo.com & abc@yahoo.com and signed as
Chengez Babar.

Both the email accounts were tracked, details collected from ISPs & locations were
identified. The Cyber cafes from which the emails has been made were monitored and the
accused person was nabbed red handed.

CASE STUDY 5 Fir No. 76/02 PS Parliament Street Mrs. Sonia Gandhi received
threatening e-mails:

E - mail from

missonrevenge84@khalsa.com

missionrevenge84@hotmail.com

The case was referred to Cyber Cell

Accused was traces and found that he had lost his parents during 1984 riots

EMERGING TRENDS & CHALLENGES IN CYBER LAW

Cyber law is likely to experience various emerging trends with the increased usage of digital
technology. The various emerging trends include

A. CHALLENGES IN MOBILE LAWS

B. LEGAL ISSUES OF CYBER SECURITY

C. CLOUD COMPUTING & LAW

D. SOCIAL MEDIA & LEGAL PROBLEMS

E. SPAM LAWS

A. CHALLENGES IN MOBILE LAWS

Today, there are lots of activities in the mobile ecosystem. The increasing competition has
introduced new models of mobile phones, personal digital assistors (pda), tablets and other
communication devices in the global market. The intensive use of mobile devices has widened
the mobile ecosystem and the content generated is likely to pose new challenges for cyber legal
jurisprudence across the world.

There are no dedicated laws dealing with the use of these new communication devices and
mobile platforms in a number of jurisdictions across the world as the usage of mobile devices
for input and output activities is increasing day by day. With the increasing mobile crimes,
there is an increasing necessity to meet the legal challenges emerging with the use of mobile
devices and ensure mobile protection and privacy.

B. LEGAL ISSUES OF CYBER SECURITY

The other emerging cyber law trend is the need for enacting appropriate legal frameworks for
preserving, promoting and enhancing cyber security. The cyber security incidents and the
attacks on networks are increasing rampantly leading to breaches of cyber security which is
likely to have serious impact on the nation.

However, the challenge before a lawmaker is not only to develop appropriate legal regimes
enabling protection and preservation of cyber security, but also to instill a culture of cyber
security amongst the net users.

The renewed focus and emphasis is to set forth effective mandatory provisions which would
help the protection, preservation and promotion of cyber security in use of computers, allied
resources and communication devices.

C. CLOUD COMPUTING AND LAW

With the growth in internet technology, the word is moving towards cloud computing. The
cloud computing brings new challenges to the law makers. The distinct challenges may include
data security, data privacy, jurisdiction and other legal issues. There pressure on the cyber
legislators and stakeholders would be to provide appropriate legal framework that could benefit
the industry and enable effective remedies in the event of cloud computing incidents.

D. SOCIAL MEDIA & LEGAL PROBLEMS

The social media is beginning to have social and legal impact in the recent times raising
significant legal issues and challenges. A latest study indicates the social networking sites
responsible for various problems. Since the law enforcement agencies, intelligence agencies
target the social media sites; they are the preferred repository of all data.

The inappropriate use of social media is giving rise to crimes like cyber harassments, cyber
stalking, identity theft etc. The privacy in social media is going to be undermined to a great
extent despite the efforts by relevant stake holders. The challenge to the cyber legislators
would be to effectively regulate the misuse of social media and provide remedies to the victims
of social media crimes.

Social Media Litigations are also likely to increase concerning the association or nexus with
the output of social media. The litigations regarding defamation, matrimonial actions are
popularly increasing and with the data, information resident on social media networking there
is an emerging trend of various other litigations in the coming years.

E. SPAM LAWS

There is considerable growth of spam in emails and mobiles. Many countries have already
become hot spots for generating spam. As the number of internet and mobile users increase the
spammers make use of innovative methods to target the digital users. It is therefore necessary
to have effective legislative provisions to deal with the menace of spam.

CASE STUDIES

i. Two managers of Chennai based Radiant Software a Computer Education Company were
arrested for an alleged violation of the licensing terms of Software. The top management team
had to obtain anticipatory bail to avoid arrests until a compromise was worked out.

ii. Napster, a very successful E-Venture was hauled to the Court and beaten to death for having
caused violation of Copyright of music companies. Despite willing customers and working
technology, the business of the Company had to be shelved under an enormous loss to the
promoters.

iii. There are many websites in India which could be held to be infringing the Patent rights of
somebody abroad and asked to shut down or pay compensation putting an end to their
entrepreneurial dreams.

These are some of the trends in Cyber Law which are based on the analysis of emerging cyber
law jurisprudence. With the growing pace of technology, it may not possible to overrule any
new trend in the technology which might have direct or indirect impact on Cyber Law.

There may be various interesting and important challenging threats emerging in the
jurisprudence of cyber law.

Cyber crime scenario in India

India is trying to implement the Digital India project to the best of its capabilities. The success
of Digital India project would depend upon maximum connectivity with minimum cyber
security risks. This is also a problem for India as India has a poor track record of cyber
security. According to Home Ministry statistics, as many as 71,780 cyber frauds were reported
in 2013, while 22,060 such cases were reported in 2012. There have been 62,189 incidents of
cyber frauds till June 2014.

In 2013, a total of 28,481 Indian websites were hacked by various hacker groups spread across
the globe. The numbers of hacking incidents were 27,605 in 2012 and 21,699 in 2011. As per
the cyber-crime data maintained by National Cyber Records Bureau, a total of 1,791, 2,876 and
4,356 cases were registered under the Information Technology Act in 2011, 2012 and 2013,
respectively. A total of 422, 601 and 1,337 cases were registered under cyber-crime related
sections of the Indian Penal Code in 2011, 2012 and 2013, respectively.

There has been an annual increase of more than 40 per cent in cyber-crime cases registered in
the country during the past two-three years. According National Crime Records Bureau
(NCRB), a total of 288, 420, 966, 1,791 and 2,876 cyber-crime cases were registered under IT
Act during 2008, 2009, 2010, 2011 and 2012, respectively.
As per the information reported to and tracked by Indian Computer Response Team (CERT-
In), a total number of 308, 371 and 78 government websites were hacked during the years
2011, 2012 and 2013 respectively and 16,035 incidents related to spam, malware infection and
system break-in were reported in 2013.

Cyber crimes reported in India rose 19 times over the last ten years (2005 to 2014), from 481
in 2005 to 9,622 in 2014, and India is now ranked third after the US and China as a source
of malicious activity on the Internet and second as a source of malicious code.

Arrests involving cyber crimes also rose nine times from 569 in 2005 to 5,752 in 2014,
according to National Crime Records Bureau (NCRB) data, even as more Indians logged on to
the Internet. Internet subscribers in India crossed the 400 million mark, and are expected to
reach 462 million by June 2016.

Maharashtra reported the most cyber crimes (1,879) in 2014, double the cases (907) of the
previous year. Uttar Pradesh was second (1,737), followed by Karnataka (1,020), Telangana
(703) and Rajasthan (697). The top five states accounted for 63% of all cases in 2014.

As many as 5,752 people were arrested for cyber crimes in 2014, of which 5,744 were Indians
and eight foreigners. As many as 95 persons were convicted and 276 acquitted for cyber crimes
in 2014.
 Issues and Challenges of cyber crimes

Endless discussion is there regarding the pros and cons of cyber crime. There are many
challenges in front of us to fight against the cyber crime. Some of them here are discussed
below:

A. Lack of awareness and the culture of cyber security, at individual as well as organizational
level.

B. Lack of trained and qualified manpower to implement the counter measures.

C. No e-mail account policy especially for the defense forces, police and the security agency
personnel.

D. Cyber attacks have come not only from terrorists but also from neighboring countries
contrary to our National interests.

E. The minimum necessary eligibility to join the police doesnt include any knowledge of
computers sector so that they are almost illiterate to cyber-crime.

F. The speed of cyber technology changes always beats the progress of govt. sector so that they
are not able to identify the origin of these cybercrimes.

G. Promotion of Research & Development in ICTs is not up to the mark.

H. Security forces and Law enforcement personnel are not equipped to address high-tech
crimes.

I. Present protocols are not self sufficient, which identifies the investigative responsibility for
crimes that stretch internationally.
J. Budgets for security purpose by the government especially for the training of law
enforcement, security personnels and investigators in ICT are less as compare to other crimes.

MEASURES TO PREVENT CYBER CRIME

There is a famous saying-Prevention is always better than cure. It is always better to take
certain preventive measures while working on internet. One should make it a habit of doing
this. Sailesh Kumar Zarkar, technical advisor and network security consultant to the Mumbai
Police Cyber crime Cell, ha given the 5P strategy for cyber security:

Precaution, Prevention, Protection, Preservation and Perseverance. A cyber user should keep in
mind the following things-

1. To prevent cyber stalking one should avoid disclosing any personal information.

2. Always avoid sending any pictures or videos online particularly to unknown people and
online friends as therehave been many incidents of misuse of the personal pictures, videos etc.

3. Always use latest and updated anti virus software to guard against virus attacks.

4. Always keep back up volumes to avoid loss of data in case of virus attacks.

5. Never send your credit card details such as card number to any unsecured, to guard against
frauds.

6. Always keep a watch on the sites that your children are accessing to prevent any kind of
harassment or depravation in children.

7. It is better to use a security programme that gives control over the cookies and send
information back to the site as leaving the cookies unguarded might prove fatal.

8. Web site owners should watch traffic and check any irregularity on the site. Putting host-
based intrusion detection devices on servers may do this.

9. Use of firewalls may be beneficial.

10. Web servers running public sites must be physically separate protected from internal
corporate network.