CHAPTER – I
CYBER USE
The word "cyber" has interesting roots. It started with an old Greek word meaning (roughly) one who guides a boat, such as a pilot or rudder operator. Plato adapted this word to mean something like "governance", on the basis that governing was like steering society. Already in ancient
The most effective method of monitoring Internet use was to create rules that were technology-specific, such as the use of filtering software, restricting e-mail use to a "safe" list or prohibiting instant messaging. Internet aggression seems to be most closely connected to relational aggression in traditional peer contexts.
CHAPTER – II
CYBER CRIME
The internet in
"The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb".
The first recorded cyber crime took place in the year 1820! That is not surprising considering the fact that the abacus, which is thought to be the earliest form of a computer, has been around since 3500 B.C. in
Reasons for Cyber Crime
1. Capacity to store data in comparatively small space:-
The computer has unique characteristic of storing data in a very small space. This affords to remove or derive information either through physical or virtual medium makes it much easier.
2. Easy to access:-
The problem encountered in guarding a computer system from unauthorised access is that there is every possibility of breach not due to human error but due to the complex technology. By secretly implanted logic bomb, key loggers that can steal access codes, advanced voice recorders; retina imagers etc. that can fool biometric systems and bypass firewalls can be utilized to get past many a security system.
3. Complex:-
The computers work on operating systems and these operating systems in turn are composed of millions of codes. Human mind is fallible and it is not possible that there might not be a lapse at any stage. The cyber criminals take advantage of these lacunas and penetrate into the computer system.
4. Negligence:-
Negligence is very closely connected with human conduct. It is therefore very probable that while protecting the computer system there might be any negligence, which in turn provides a cyber criminal to gain access and control over the computer system.
5. Loss of evidence:-
Loss of evidence is a very common & obvious problem as all the data are routinely destroyed. Further collection of data outside the territorial extent also paralyses this system of crime investigation.
Cyber Criminals
The cyber criminals constitute of various groups/ category. This division may be justified on the basis of the object that they have in their mind. The following are the category of cyber criminals-
1. Children and adolescents between the age group of 6 – 18 years: –
The simple reason for this type of delinquent behaviour pattern in children is seen mostly due to the inquisitiveness to know and explore the things. Other cognate reason may be to prove them to be outstanding amongst other children in their group. Further the reasons may be psychological even. E.g. the Bal Bharati (
2. Organised hackers:-
These kinds of hackers are mostly organised together to fulfil certain objective. The reason may be to fulfil their political bias, fundamentalism, etc. The Pakistanis are said to be one of the best quality hackers in the world. They mainly target the Indian government sites with the purpose to fulfil their political objectives. Further the NASA as well as the Microsoft sites is always under attack by the hackers.
3. Professional hackers / crackers: –
Their work is motivated by the colour of money. These kinds of hackers are mostly employed to hack the site of the rivals and get credible, reliable and valuable information. Further they are even employed to crack the system of the employer basically as a measure to make it safer by detecting the loopholes.
4. Discontented employees:-
This group include those people who have been either sacked by their employer or are dissatisfied with their employer. To avenge they normally hack the system of their employee.
Mode and Manner of Committing Cyber Crime
1. Unauthorized access to computer systems or networks / Hacking-
This kind of offence is normally referred as hacking in the generic sense. However the framers of the information technology act 2000 have no where used this term so to avoid any confusion we would not interchangeably use the word hacking for ‘unauthorized access’ as the latter has wide connotation.
2. Theft of information contained in electronic form-
This includes information stored in computer hard disks, removable storage media etc. Theft may be either by appropriating the data physically or by tampering them through the virtual medium.
3. Email bombing-
This kind of activity refers to sending large numbers of mail to the victim, which may be an individual or a company or even mail servers there by ultimately resulting into crashing.
4. Data diddling-
This kind of an attack involves altering raw data just before a computer processes it and then changing it back after the processing is completed. The electricity board faced similar problem of data diddling while the department was being computerised.
5. Salami attacks-
This kind of crime is normally prevalent in the financial institutions or for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed. E.g. the Ziegler case wherein a logic bomb was introduced in the bank’s system, which deducted 10 cents from every account and deposited it in a particular account.
6. Denial of Service attack-
The computer of the victim is flooded with more requests than it can handle which cause it to crash. Distributed Denial of Service (DDoS) attack is also a type of denial of service attack, in which the offenders are wide in number and widespread. E.g. Amazon, Yahoo.
7. Internet time thefts-
Normally in these kinds of thefts the Internet surfing hours of the victim are used up by another person. This is done by gaining access to the login ID and the password. E.g. Colonel Bajwa’s case- the Internet hours were used up by any other person. This was perhaps one of the first reported cases related to cyber crime in
Classification
The subject of cyber crime may be broadly classified under the following three groups. They are-
(A) Against Individuals: –
1. Harassment via e-mails-
Harassment through e-mails is not a new concept. It is very similar to harassing through letters. Recently I had received a mail from a lady wherein she complained about the same. Her former boy friend was sending her mails constantly sometimes emotionally blackmailing her and also threatening her. This is a very common type of harassment via e-mails.
2. Cyber-stalking-
The
3. Dissemination of obscene material/ Indecent exposure/ Pornography (basically child pornography) / Polluting through indecent exposure-
Pornography on the net may take various forms. It may include the hosting of web site containing these prohibited materials. Use of computers for producing these obscene materials. Downloading through the Internet, obscene materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind. Two known cases of pornography are the
4. Defamation
It is an act of imputing any person with intent to lower the person in the estimation of the right-thinking members of society generally or to cause him to be shunned or avoided or to expose him to hatred, contempt or ridicule. Cyber defamation is not different from conventional defamation except the involvement of a virtual medium. E.g. the mail account of Rohit was hacked and some mails were sent from his account to some of his batch mates regarding his affair with a girl with intent to defame him.
5. Unauthorized control/access over computer system-
This activity is commonly referred to as hacking. The Indian law has however given a different connotation to the term hacking, so we will not use the term "unauthorized access" interchangeably with the term "hacking" to prevent confusion as the term used in the Act of 2000 is much wider than hacking.
6. E mail spoofing-
A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it's origin to be different from which actually it originates.
(B) Against Property:-
The second category of Cyber-crimes is that of Cyber crimes against all forms of property. These crimes include computer vandalism (destruction of others' property), transmission of harmful programmed. A Mumbai-based upstart engineering company lost a say and much money in the business when the rival company, an industry major, stole the technical database from their computers with the help of a corporate cyber spy.
(C) Against Government:-
The third category of Cyber-crimes relate to Cyber crimes against Government. Cyber terrorism is one distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorize the citizens of a country. This crime manifests itself into terrorism when an individual "cracks" into a government or military maintained website.
CHAPTER – III
CYBER SQUATTING
(A) What Is Cybersquatting?
Cyber squatting refers to the bad faith registration of a domain name containing another person’s brand or trademark in a domain name. In one variation of cyber squatting, called typo squatting, cyber squatters register domain names containing variants of popular trademarks. Typo squatters rely on the fact that Internet users will make typographical errors when entering domain names into their web browsers. Once a cyber squatter has registered such a domain name, the cyber squatter can place advertisements on a website linked to that domain name, and collect income any time an Internet user clicks on one of those advertisements. Alternatively, the cyber squatter may seek to sell the domain name to the legitimate trademark holder at a price many times what the cyber squatter paid for it.
Some common examples of cyber squatting include:
- The omission of the “dot” in the domain name: wwwexample.com;
- A common misspelling of the intended site: exemple.com
- A differently phrased domain name: examples.com
- A different top-level domain: example.org
In addition to registering variants of trademarks, cyber squatters also rely on the fact that trademark holders often forget to re-register their domain names. Because domain name registrations last for a fixed period of time, if the owner of a domain name does not re-register the domain name prior to expiration, then the domain name can be purchased by anybody. Cyber squatters will snatch up a domain name as it becomes available. This process is often referred to as “renewal snatching.”
Victims of cyber squatting have several options to combat cyber squatting. These options include: sending cease-and-desist letters to the cyber squatter, bringing an arbitration proceeding under ICANN’s rules (ICANN is the nonprofit organization that oversees the domain name registration system), or bringing a lawsuit in state or federal court. Whatever strategy a victim of cyber squatting elects to use, that person should not dismiss the serious effects that cyber squatting can have if left unchecked
Cybersquatting v. Domain Theft
It is important to distinguish between cyber squatting and domain name theft, which is often called domain name hijacking. While cyber squatting refers to the registration of a domain name containing another person’s trademark, domain name theft refers to the stealing of a domain name that has been properly registered by a trademark owner. In other words, with domain name theft, a trademark holder has legitimately registered a domain name, but then through deception or hacking, a thief is able to steal that domain name.
Domain names, just like any other type of property, can be stolen. Such theft can happen in a variety of ways, and it is much more prevalent than one might initially believe. Domain theft often occurs when a third party obtains unauthorized access to the email account of the administrator of a domain name registration, and changes the domain name registration to list the thief as the owner instead of the trademark owner. This unauthorized access can occur in a variety of ways, including when:
a) The domain name thief hacks into the administrator’s email account,
b) The thief cons the administrator into sending his or her email information and password, or
c) The thief is a friend or colleague of the administrator who abuses a position of trust.
As with cyber squatting, victims of domain name theft may rely on a variety of legal arguments to recover their stolen domain names. The most relevant of these methods, perhaps, is the common law tort of conversion of property, which makes it illegal for a person to exercise the right of ownership over the property of another person. Other legal arguments that may also offer relief to victims include breach of fiduciary duty (if the thief is a business partner), breach of contract, or unfair business competition.
In certain situations, the victims of domain name theft may not be able to identify who stole their domain names. In such contexts, the victims may still be able to obtain relief through the federal Anti cyber squatting Consumer Protection Act, which has a special provision dealing with situations where a domain name registrant cannot be located.
(B) Who Are Cybersquatters?
You might think that the typical cybersquatter is a lonely teenager working from his bedroom. Actually, some cybersquatters are large, profitable, and savvy businesses with massive domain name holdings.
Cybersquatters frequently own thousands—or even hundreds of thousands or millions—of domain names, which are typically misspellings or variations of others’ trademarks. Cybersquatters don’t acquire these domain names out of spite or for amusement. Rather, they acquire these domain names to make money. It’s all about the income stream, and if the income isn’t there, the cybersquatter will drop the domain name.
This is how it works: The cybersquatter registers a domain name containing another’s trademark and sets up a website. The cybersquatter displays advertisements on the website on behalf of advertisers willing to pay the cybersquatter anywhere from a few pennies to a few dollars each time somebody clicks on one of the ads. The cybersquatter then counts on the fact that Internet users will type in the cybersquatted domain name into their web browser and click on the ads. Multiply this by a hundred clicks per day, and multiply that by a thousand domain names, and suddenly we’re talking about a lot of money.
Cybersquatters recognize that a single domain name can bring in hundreds of dollars a day, and they capitalize on this by acquiring domain names that will yield substantial user traffic. Often, these are domain names that incorporate misspellings or variations of the best known trademarks. As an example, cybersquatters register more than 2000 domain names every day containing the trademark Microsoft. As another example, over 10,000 domain names exist containing variations of the trademark Coke/Coca-Cola.
While some of these businesses have re-branded themselves as “domainers” in an effort to legitimize their operations, the line between lawful domain name ownership and cybersquatting is not always so clear. And for every supposedly legitimate domainer, there are several outright cybersquatters operating from safe havens in the former Soviet Union or parts of
(C) The Harmful Effects Of Cybersquatting
Trademark owners should not underestimate the harmful effects that cybersquatting has on their business and on the goodwill associated with their trademarks. Cybersquatters hope that trademark owners will simply ignore their misconduct as a minor problem. In reality, however, the problem is much more severe.
Cybersquatters count on Internet users going to their websites by mistake. Unfortunately, this is not a rare occurrence. A cybersquatted domain name can easily attract in excess of 10,000 visitors a month. And these are 10,000 people who intended to go to the legitimate website, but ended up at the cybersquatter’s website instead. The cybersquatted website presents these 10,000 people with advertisements, typically for competitors of the legitimate trademark owner. As a single example, the cybersquatted website www.Macyss.com—a clear infringement on the department store chain Macys—displays ads for
Nor should trademark owners count on Internet users to re-enter the correct domain name once they have arrived at a cybersquatted website. The fact that a cybersquatter retains a domain name, in of itself demonstrates that consumers are not only visiting the cybersquatted website, but are also clicking on the advertisements. Cybersquatters buy domain names because they are profitable. If users are not consistently clicking on the advertisements, the cybersquatter will drop the domain name from its portfolio.
Moreover, data suggests that users become frustrated with the trademark owner when the user lands on a cybersquatted website. Users expect trademark owners to police the cybersquatting of their trademarks, to acquire domain names containing common variations of their trademarks, and to adopt easy-to-remember domain names. Users become frustrated when trademark owners have not followed these steps. The fact that a user has arrived at a cybersquatted website indicates that the trademark holder has not undertaken these efforts—and does not respect the user’s business.
Finally, trademark owners must worry about the effects of cybersquatting on the value of their trademarks. A failure to police such misuse can result in the abandonment of the claim against the cybersquatter, and even the abandonment of trademark rights generally. As such, trademark holders should not downplay the serious harmful effects of allowing cybersquatters to misuse their trademarks. Rather, trademark holders should actively police potential cybersquatting and take corrective action when such misuse is discovered.
(D) Legal Actions Against Cybersquatters and Domain Names
Victims of cybersquatting have several options they can choose from to stop a cybersquatter’s misconduct and recover their domain names. Initially, a trademark holder may simply wish to send a cease-and-desist letter to the cybersquatter, demanding that the cybersquatter return the domain name immediately. Such a cease-and-desist letter may state that if the cybersquatter does not comply with the letter, the trademark holder will file a lawsuit, which could result in serious consequences to the cybersquatter. The cease-and-desist letter is an inexpensive approach, which can often bring positive results.
Once a cybersquatting victim decides that he or she needs to adopt a more aggressive approach, there are two primary domain name rules providing legal channels for recovering a domain name: the Anticybersquatting Consumer Protection Act (“ACPA”) and ICANN’s Uniform Domain Name Dispute Resolution Policy (“UDRP”).
The ACPA allows trademark holders to file lawsuits against cybersquatters in the
ICANN, the nonprofit organization that oversees the domain name registration system, has also promulgated rules governing domain name disputes. When anyone registers a domain name, that person is required to submit to binding arbitration in the event of a dispute concerning that domain name, including an allegation of cybersquatting. This binding arbitration is conducted according to ICANN’s Uniform Domain-Name Dispute Resolution Policy (“UDRP”). UDRP proceedings are intended to offer an efficient process, where the issues are decided without a trial or oral hearing. Unlike a lawsuit brought under ACPA, however, UDRP does not allow for the recovery of damages, costs, or fees.
1. Suing A Cybersquatter Personally (In Personam Claims Under Anticybersquatting Consumer Protection Act)
Where a trademark owner has identified the cybersquatter, and that cybersquatter is located in the
- Ownership of the trademark;
- Ownership of a trademark may be demonstrated through a federal, state, or foreign registration trademark registration. Where no registration exists, common-law trademark rights can be demonstrated through the continuous use of the trademark in commerce.
- Ownership of a trademark may be demonstrated through a federal, state, or foreign registration trademark registration. Where no registration exists, common-law trademark rights can be demonstrated through the continuous use of the trademark in commerce.
- The trademark is distinctive or famous;
- A trademark is distinctive if it identifies the trademark owner’s goods or services. Courts consider several factors when determining whether a trademark is distinctive or famous, including but not limited to: the length of time the mark has been in use; the amount of investment made in promoting the mark; the geographic region where the mark is used; and whether there are similar trademarks in use.
- A trademark is distinctive if it identifies the trademark owner’s goods or services. Courts consider several factors when determining whether a trademark is distinctive or famous, including but not limited to: the length of time the mark has been in use; the amount of investment made in promoting the mark; the geographic region where the mark is used; and whether there are similar trademarks in use.
- The domain name and trademark are either identical or confusingly similar (or dilutive for famous trademarks); and
- The domain name registrant acted in bath faith to profit from the trademark.
Courts consider several factors when determining whether a domain name registrant acted in bad faith, including but not limited to: the registrant’s trademark or other intellectual property rights (if any) in the domain name; the registrant’s prior use (if any) of the domain name in connection with the bona fide offering of goods or services; the registrant’s intent to divert consumers from the trademark owner’s website to a website accessible under the domain name, creating a likelihood of confusion as to the source of the website; and the registrant’s offer to sell the domain name for financial gain without having used the domain name in for the bona fide offering of any goods or services.
2.Sue The Domain Name And Not The Cybersquatter (In Rem Claims Under ACPA)
The federal Anticybersquatting Consumer Protection Act (“ACPA”) enables cybersquatting victims to recover their domain names even when the cybersquatter is located in another country, or where the cybersquatter cannot be identified at all. Such actions are referred to as in rem actions. While cybersquatting victims cannot recover damages, costs, or fees with an in rem action, they can recover their domain names. To succeed with an in rem action under the ACPA, the trademark owner must show:
- Ownership of the trademark;
- The trademark is distinctive or famous;
- The domain name and trademark are either identical or confusingly similar (or dilutive for famous marks);
- The plaintiff has tried to inform the registrant of the domain name of the violation and the plaintiff’s intent to file an in rem action; and
- The court does not have jurisdiction over the registrant, or the plaintiff was unable to find the registrant, despite a good faith effort to do so.
To date, it is unclear whether the definition of cybersquatting is narrower for in rem claims under ACPA, as compared with in personam actions. Specifically, ambiguity continues to exist as to whether a plaintiff in an in rem action must demonstrate the registrant's “bad faith.”
3. Actions Under ICANN’s Uniform Domain Name Dispute Resolution Policy
When a domain is registered, the person registering that domain name is required to submit to mandatory arbitration in the event of a future dispute concerning the domain, including an allegation of cybersquatting. ICANN—the nonprofit organization that oversees the domain name registration system—has implemented a streamlined process for resolving cybersquatting disputes, which tends to be quicker and less expensive than federal litigation. While ICANN’s Uniform Dispute Resolution Policy does not permit cybersquatting victims to recover damages, costs, or fees, it does enable them to recover a cybersquatted domain name. A petitioner seeking to use ICANN’s Uniform Dispute Resolution Policy ("UDRP"), must demonstrate three elements to recover a domain name:
- Ownership of a trademark;
- A domain name that is identical or confusingly similar to the trademark owned;
- The registrant has no legitimate interest or rights in the domain name, which may be demonstrated through: showing a lack of a bona fide intent to use the disputed domain to offer goods or services, and showing common knowledge of the trademark owner’s ownership of the mark; and
- The registrant’s registration and use has been conducted in bad faith, which may include evidence that: a) that the domain was acquired primarily to sell to the trademark owner, c) the domain name was acquired to disrupt business of a competitor, d) the domain name was acquired to make money through consumer confusion.
An administrative panel of one or three people selected from an international body of Internet law practitioners serves as both the judge and the jury in a UDRP proceeding. A UDRP proceeding is relatively quick: A decision is typically issued less than 45 days after the complaint is filed. Notably, a party that files a UDRP complaint and loses may bring another legal action against a cybersquatter, including an action under the Anticybersquatting Consumer Protection Act.
4. Class Actions Against Cybersquatters
While the idea of a class action against cybersquatters has not been tested, legal authorities indicate that such an action may prove viable. A class action is a lawsuit that is brought by a small number of plaintiffs (“representative plaintiffs”) on behalf of larger group (the “class”). Thus, for example, a single trademark holder could theoretically bring a lawsuit against a cybersquatter on behalf of both itself and other trademark holders who have been injured by the cybersquatter’s misconduct. A class action may be an effective tool against a cybersquatter because it threatens the cybersquatter with liability for numerous lawsuits within a single legal proceeding.
Class actions are possible where: 1) the class is so numerous as to make separate lawsuits impractical, 2) there are questions of law or fact common to the class, 3) the claims and defenses of the representative plaintiff is typical of the claims and defenses of the class, and 4) the representative plaintiff will fairly and adequately protect the interests of the class. In the context of cybersquatting, it is quite possible that trademark holders would satisfy these standards. Specifically, a cybersquatter may have infringed upon the rights of a class of trademark holders by registering numerous domain names infringing on their trademarks. Unlike a traditional anti-cybersquatting action, with a class action, the cybersquatter could be forced to turn over a major portion of its domain portfolio, as well as potentially pay significant damages.
In the same vein, legal authorities have postulated that a class action may be possible where the class is composed of consumers rather than trademark holders. Under this conception of the class action, a single consumer could bring a lawsuit on behalf of other consumers who have been mistakenly led to the cybersquatted website. Again, the benefit of such a class action is that the cybersquatter will face potential liability for its misconduct as to all consumers, and not merely to the representative plaintiff.
While the cybersquatting class action remains a new concept, attorneys who are experienced in anti-cybersquatting law have expressed a vigorous interest in pursuing these claims.
CHAPTER – IV
CYBER LAWS IN
(A) Information Technology Act 2000
Information technology bill passed by Indian Parliament in May 2000 notified as the IT Act 2000 has received the assent of the President on the 9th June, 2000.
This Act provides legal recognition for electronic commerce and accords stringent punishments to cyber criminals.
65. Tampering with computer source documents
Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer Programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the being time in force, shall be punishable with imprisonment up to three year, or with fine which may extend up to two lakh rupees, or with both.
Explanation.- For the Purpose of this section, "computer source code" means the listing of programmes, computer commands, design and layout and Programme analysis of computer resource in any form..
66. Hacking with computer system
(1) Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means, commits hacking.
(2) Whoever commits hacking shall be punished with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both.
67. Publishing of information which is obscene in electronic form
Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstance, to read see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees.
68. Power of Controller to give directions
(1) The Controller may, by order, direct a Certifying Authority or any employee of such Authority to take such measures or cease carrying on such activities as specified in the order if those are necessary to ensure compliance with the provisions of this Act, rules or any regulations made thereunder.
(2) Any person who fails to comply with any order under sub-section (1) shall be guilty of an offence and shall be liable on conviction to imprisonment for a term not exceeding three years or to a fine not exceeding two lakh rupees or to both.
69. Directions of Controller to a subscriber to extend facilitates to decrypt information
(1) If the Controller is satisfied that it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, the security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence; for reasons to be recorded in writing, by order, direct any agency of the Government to intercept any information transmitted through any computer resource.
(2) The subscriber or any person incharge of the computer resource shall, when called upon by any agency which has been directed under sub-section (1), extend all facilities and technical assistance to decrypt the information.
(3) The subscriber or any person who fails to assist the agency referred to in subsection
(2) shall be punished with an imprisonment for a term which may extend to seven years.
70. Protected system
(1) The appropriate Government may, by notification in the Official Gazette, declare that any computer, computer system or computer network to be a protected system.
(2) The appropriate Government may, by order in writing, authorise the persons who are authorised to a access protected systems notified under sub-section (1).
(3) Any person who secures access or attempts to secure access to a protected system in contravention of the provision of this section shall be punished with imprisonment of either description for a term which may extend to ten years and shall also be liable to fine.
71. Penalty for misrepresentation
(1) Whoever makes any misrepresentation to, or suppresses any material fact from, the Controller or the Certifying Authority for obtaining any license or Digital Signature Certificate, as the case may be, shall be punished with imprisonment for a term which may extend to two years, or which fine which may extend to one lakh rupees, or with both.
72. Penalty for breach of confidentiality and privacy
Save as otherwise provide in this Act or any other law for the time being in force, any person who, in pursuance of any of the powers conferred under this Act, rules or regulation made thereunder, has secured assess to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
73. Penalty for publishing Digital Signature Certificate false in certain particulars
(1) No person shall publish a Digital Signature Certificate or otherwise make it available to any other person with the knowledge that-
(a) the Certifying Authority listed in the certificate has not issued it; or
(b) the subscriber listed in the certificate has not accepted it; or
(c) the certificate has been revoked or suspended, unless such publication is for the purpose of verifying a digital signature created prior to such suspension or revocation.
(2) Any person who contravenes the provisions of sub-section (1) shall be
punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
74. Publication for fraudulent purpose
Whoever knowingly creates, publishes or otherwise makes available a Digital Signature Certificate for any fraudulent or unlawful purpose shall be punished with imprisonment for a term which may extend to two years, or with fine which extend to one lakh rupees, or with both.
75. Act to apply for offence or contravention committed outside
(1) Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any offence or contravention committed outside
(2) For the purposes of sub-section (1), this Act shall apply to an offence or
contravention committed outside
76. Confiscation
Any computer, computer system, floppies, compact disks, tape drives or any other accessories related thereto, in respect of which any provisions of this Act, rules, orders or regulations made thereunder has been or is being contravened, shall be liable to confiscation :
Provided that where it is established to the satisfaction of the court adjudicating the confiscation that the person in whose possession, power or control of any such computer, computer system, floppies, compact disks, tape drives or any other accessories relating thereto is found is not responsible for the contravention of the provisions of this Act, rules orders or regulations made thereunder, the court may, instead of making an order for confiscation of such computer, computer system, floppies, compact disks, tape drives or any other accessories related thereto, make such other order authorised by this Act against the person contravening of the provisions of this Act, rules, orders or regulations made thereunder as it may think fit.
77. Penalties or confiscation not to interfere with other punishments
No penalty imposed or confiscation made under this Act shall prevent the imposition of any other punishment to which the person affected thereby is liable under any other law for the time being in force.
78. Power to investigate offences
Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer not below the rank of Deputy Superintendent of Police shall investigate any offence under this Act.
80. Power of police officer and other officers to enter, search, etc.
(1) Notwithstanding anything contained in the Code of Criminal Procedure, 1973, any police officer, not below the rank of a Deputy Superintendent of Police, or any other officer of the Central Government or a State Government authorised by the Central Government in this behalf may enter any public place and search and arrest without warrant any person found therein who is reasonably suspected or having committed or of committing or of being about to commit any offence under this Act Explanation.—For the purposes of this sub-section, the expression "public place" includes any public conveyance, any hotel, any shop or any other place intended for use by, or accessible to the public. (2) Where any person is arrested under sub-section (1) by an officer other than a police officer, such officer shall, without unnecessary delay, take or send the person arrested before a magistrate having jurisdiction in the case or before the officer-in-charge of a police station. (3) The provisions of the Code of Criminal Procedure, 1973 shall, subject to the provisions of this section, apply, so far as may be, in relation to any entry, search or arrest, made under this section.
(B) Offenses covered under IPC and Special Laws
1. Sending threatening messages by email
Sec.503 IPC
Section 503. Criminal intimidation
Whoever threatens another with any injury to his person, reputation or property, or to the person or reputation of any one in whom that person is interested, with intent to cause alarm to that person, or to cause that person to do any act which he is not legally bound to do, or to omit to do any act which that person is legally entitled to do, as the means of avoiding the execution of such threat, commits criminal intimidation.
Explanation-A threat to inure the reputation of any deceased person in whom the person threatened is interested, is within this section.
2. Sending defamatory messages by email
Sec. 499 IPC
Section 499. Defamation
Whoever, by words either spoken or intended to be read, or by signs or by visible representations, makes or publishes any imputation concerning any person intending to harm, or knowing or having reason to believe that such imputation will harm, the reputation of such person, is said, except in the cases hereinafter expected, of defame that person.
Explanation 1-It may amount to defamation to impute anything to a deceased person, if the imputation would harm the reputation of that person if living, and is intended to be hurtful to the feelings of his family or other near relatives.
Explanation 2-It may amount to defamation to make an imputation concerning a company or an association or collection of persons as such.
Explanation 3-An imputation in the form of an alternative or expressed ironically, may amount to defamation.
Explanation 4-No imputation is said to harm a person's reputation, unless that imputation directly or indirectly, in the estimation of others, lowers the moral or intellectual character of that person, or lowers the character of that person in respect of his caste or of his calling, or lowers the credit of that person, or causes it to be believed that the body of that person is in a loathsome state, or in a state generally considered as disgraceful.
3. Forgery of electronic records , Email spoofing
Sec 463, 464, 468, 469 IPC
Section 463. Forgery.
1[Whoever makes any false documents or electronic record part of a document or electronic record with, intent to cause damage or injury], to the public or to any person, or to support any claim or title, or to cause any person to part with property, or to enter into any express or implied contract, or with intent to commit fraud or that fraud may be committed, commits forgery.
Section 464. Making a false document
1[A person is said to make a false document or false electronic record-
First-Who dishonestly or fraudulently-
(a) Makes, signs, seals or executes a document or part of a document;
(b) Makes or transmits any electronic record or part of any electronic record;
(c) Affixes any digital signature on any electronic record;
(d) Makes any mark denoting the execution of a document or the authenticity of the digital signature,
With the intention of causing it to be believed that such document or part of document, electronic record or digital signature was made, signed, sealed, executed, transmitted or affixed by or by the authority of a person by whom or by whose authority he knows that it was not made, signed, sealed, executed or affixed; or
Secondly- Who, without lawful authority, dishonestly or fraudulently, by cancellation or otherwise, alters a document or an electronic record in any material part thereof, after it has been made, executed or affixed with digital signature either by himself or by any other person, whether such person be living or dead at the time of such alteration; or
Thirdly- Who dishonestly or fraudulently causes any person to sign, seal, execute or alter a document or an electronic record or to affix his digital signature on any electronic record knowing that such person by reason of unsoundness of mind or intoxication cannot, or that by reason of deception practised upon him, he does not know the contents of the document or electronic record or the nature of the alterations.]
Section 468. Forgery for purpose of cheating
Whoever commits forgery, intending that the 1[document or Electronic Record forged] shall be used for the purpose of cheating, shall be punished with imprisonment of either description for a term which may extend to seven years, and shall also be liable to fine.
Section 469. Forgery for purpose of harming reputation
Whoever commits forgery, 1[intending that the document or Electronic Record forged] shall harm the reputation of any party, or knowing that it is likely to used for that purpose, shall be punished with imprisonment of either description for a term which may extend to three years, and shall also be liable to fine.
4. Bogus websites, cyber frauds
Sec 420 IPC
Section 420. Cheating and dishonestly inducing delivery of property
Whoever cheats and thereby dishonestly induces the person deceived any property to any person, or to make, alter or destroy the whole or any part of a valuable security, or anything which is signed or sealed, and which is capable of being converted into a valuable security, shall be punished with imprisonment of either description for a term which may extend to seven years, and shall also be liable to fine.
5. Web-Jacking
Sec. 383 IPC
Section 383. Extortion
Whoever intentionally puts any person in fear of any injury to that person, or to any other, and thereby dishonestly induces the person so put in fear to deliver to any property or valuable security, or anything signed or sealed which may be converted into a valuable security, commits "extortion".
6. E-Mail Abuse, Online Defamation
Sec.500, 509 IPC
Section 500. Punishment for defamation
Whoever defames another shall be punished with simple imprisonment for a term which may extend to two years, or with fine, or with both.
Section 509. Word, gesture or act intended to insult the modesty of a woman
Whoever, intending to insult the modesty of any woman, utters any word, makes any sound or gesture, or exhibits any object, intending that such word or sound shall be heard, of that such gesture or object shall be seen, by such woman, or intrudes upon the privacy of such woman, shall be punished with simple imprisonment for a term which may extend to one year, or with fine, or with both.
7. Criminal Intimidation by E-mail or Chat
Sec. 506, 507 IPC
Section 506. Punishment for criminal intimidation
Whoever commits, the offence of criminal intimidation shall be punished with imprisonment of either description for a term which may extend to two years, or with fine, or with both;
If threat be to cause death or grievous hurt, etc.: -And if the threat be to cause death or grievous hurt, or to cause the destruction of any property by fire, or to cause an offence punishable with death or 1[imprisonment for life], or with imprisonment for a term which may extend to seven years, or to impute, unchastity to a woman, shall be punished with imprisonment of either description for a term which may extend to seven years, or with fine, or with both.
Section 507. Criminal intimidation by an anonymous communication
Whoever commits the offence of criminal intimidation by an anonymous communication, or having taken precaution to conceal the name or abode of the person form whom the threat comes, shall be punished with imprisonment of either description for a term which may extend to two years, in addition to the punishment provided for the offence by the last preceding section.
8. Online sale of Drugs
-NDPS Act
9. Online sale of Arms
-Arms Act
10. Piracy
-Sec. 51, 63, 63 B Copyright act
51.When copyright infringed:- Copyright in a work shall be deemed to be infringed ---
(a) when any person, without a licence granted by the owner of the Copyright or the Registrar of Copyrights under this Act or in contravention of the conditions of a licence so granted or of any condition imposed by a competent authority under this Act ---
( i ) does anything, the exclusive right to do which is by this Act conferred upon the owner of the copyright, or
( ii ) permits for profit any place to be used for the performance of the work in public where such performance constitutes an infringement of the copyright in the work unless he was not aware and had no reasonable ground for believing that such performance would be an infringement of copyright, or
(b) when any person ---
( i ) make for sale or hire, or sells or lets for hire, or by way of trade displays or offers for sale or hire, or
( ii ) distributes either for the purpose of trade or to such an extent as to affect prejudicially the owner of the copyright, or
( iii ) by way of trade exhibits in public, or
( iv ) imports (except for the private and domestic use of the importer) into
any infringing copies of the work.
Explanation.--- For the purposes of this section, the reproduction of a literary, dramatic, musical or artistic work in the form of a cinematograph film shall be deemed to be an "infringing copy".
63. Offence of infringement of copyright or other rights conferred by this Act. Any person who knowingly infringes or abets the infringement of-
(a) the copyright in a work, or
(b) any other right conferred by this Act, 125[except the right conferred by section 53A]
shall be punishable with imprisonment for a term which shall not be less than six months but which may extend to three years and with fine which shall not be less than fifty thousand rupees but which may extend to two lakh rupees :
Provided that where the infringement has not been made for gain in the course of trade or business the court may, for adequate and special reasons to be mentioned in the judgement, impose a sentence of imprisonment for a term of less than six months or a fine of less than fifty thousand rupees.
Explanation.-Construction of a building or other structure which infringes or which, if completed, would infringe the copyright in some other work shall not be an offence under this section.
63A. Enhanced penalty on second and subsequent covictions. -
Whoever having already been convicted of an offence under section 63 is again convicted of any such offence shall be punishable for the second and for every subsequent offence, with imprisonment for a term which
shall not be less than one year but which may extend to three years and with fine which shall not be
less than one lakh rupees but which may extend to two lakh rupees :
Provided that where the infringement has not been made for gain in the course of trade or
business] the court may, for adequate and special reasons to be mentioned in the judgment impose a
sentence of imprisonment for a term of less than one year or a fine of less than one lakh rupees:
Provided further that for the purposes of this section, no cognizance shall be taken of any conviction
made before the commencement of the Copyright (Amendment) Act, 1984.
63B. Knowing use of infringing copy of computer programme to be an offence.
Any person who knowingly makes use on a computer of an infringing copy of a computer programme shall be punishable with imprisonment for a term which shall not be less than seven days but which may extend to three years and with fine which shall not be less than fifty thousand rupees but which may extend to two lakh rupees:
Provided that where the computer programme has not been used for gain or in the course of trade or business, the court may, for adequate and special reasons to be mentioned in the judgment, not impose any sentence of imprisonment and may impose a fine which may extend to fifty thousand rupees."
11. Obscenity
Sec. 292,293,294 IPC, Indecent Representation of Women Act
Section 292. Sale, etc., or obscene books, etc.
(1) For the purposes of sub-section (2), a book, pamphlet, paper, writing, drawing, painting, representation, figure or any other object, shall be deemed to be obscene if it is lascivious or appeals to the prurient interest or if its effect, or (where it comprises two or more distinct items) the effect of any one of its items, is, if taken as a whole, such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it.]
3(2) Whoever-
(a) Sells, lets to hire, distributes, publicly exhibits or in any manner puts into circulation, or for purposes of sale, hire, distribution, public exhibition or circulation, makes, produces or has in his possession any obscene book, pamphlet, paper, drawing, painting, representation or figure or any other obscene object whatsoever, or
(b) Imports, exports or conveys any obscene object for any of the purposes aforesaid, or knowing or having reason to believe that such object will be sold, let to hire, distributed or publicly exhibited or in any manner put into circulation, or
(c) Takes part in or receives profits from any business in the course of which he knows or has reason to believe that any such obscene objects are, for any of the purposes aforesaid, made, produced, purchased, kept, imported, exported, conveyed, publicly exhibited or in any manner put into circulation, or
(d) Advertises or makes known by any means whatsoever that any person is engaged or is ready to engage in any act which is an offence under this section, or that any such obscene object can be procured from or through any person, or
(e) Offers or attempts to do any act which is an offence under this section,
Shall be punished 4[on first conviction with imprisonment of either description for a term which may extend to two years, and with fine which may extend to two thousand rupees, and, in the event of a second or subsequent conviction, with imprisonment of either description for a term which may extend to five years, and also with fine which may extend to five thousand rupees].
5Exception-This section does not extend to-
(a) Any book, pamphlet, paper, writing, drawing, painting, representation or figure-
(i) The publication of which is proved to be justified as being for the public good on the ground that such book, pamphlet, paper, writing, drawing, painting, representation or figure is in the interest of science, literature, art of learning or other objects of general concern, or
(ii) Which is kept or used bona fide for religious purposes;
(b) Any representation sculptured, engraved, painted or otherwise represented on or in-
(i) Any ancient monument within the meaning or the Ancient Monuments and Archaeological Sites and Remains Act, 1958 (24 of 1958), or
(ii) Any temple, or on any car used for the conveyance of idols, or kept or used for any religious purpose.
Section 292A. Printing etc. of grossly indecent or scurrilous matter or matter intended for blackmail
Whoever, -
(a) Prints or causes to be printed in any newspaper, periodical or circular, or exhibits or causes to be exhibited, to public view or distributes or causes to be distributed or in any manner puts into circulation any picture or any printed or written document which is grossly indecent, or in scurrilous or intended for blackmail, or
(b) Sells or lets for hire, or for purposes of sale or hire makes, produces or has in his possession, any picture or any printed or written document which is grossly indecent or is scurrilous or intended for blackmail; or
(c) Conveys any picture or any printed or written document which is grossly indecent or is scurrilous or intended for blackmail knowing or having reason to believe that such picture or document will be printed, sold, let for hire distributed or publicly exhibited or in any manner put into circulation; or
(d) Takes part in, or receives profits from, any business in the course of which he knows or has reason to believe that any such newspaper, periodical, circular, picture or other printed or written document is printed, exhibited, distributed, circulated, sold, let for hire, made, produced, kept, conveyed or purchased; or
(e) Advertises or makes known by any means whatsoever that any person is engaged or is ready to engage in any Act which is an offence under this section, or that any such newspaper, periodical, circular, picture or other printed or written document which is grossly indecent or is scurrilous or intended for blackmail, can be procured from or through any person; or
(f) Offers or attempts to do any act which is an offence under this section *[shall be punished with imprisonment of either description for a term which may extend to two years, or with fine, or with both.
Provided that for a second or any subsequent offence under this section, he shall be punished with imprisonment of either description for a term which shall not be less than six months and not more than two years.
Explanation I-For the purposes of this section, the word scurrilous shall be deemed to include any matter which is likely to be injurious to morality or is calculated to injure any person:
Provided that it is not scurrilous to express in good faith anything whatever respecting the conduct of-
(i) A public servant in the discharge of his public functions or respecting his character, so far as his character appears in that conduct and no further; or
(ii) Any person touching any public question, and respecting his character, so far as his character appears in that conduct and no further.
Explanation II-In deciding whether any person has committed an offence under this section, the Court shall have regard inter alia, to the following considerations-
(a) The general character of the person charged, and where relevant the nature of his business;
(b) The general character and dominant effect of the matter alleged to be grossly indecent or scurrilous or intended for blackmail;
(c) Any evidence offered or called by or on behalf of the accused person as to his intention in committing any of the acts specified in this section.
Section 293. Sale, etc., of obscene objects to young person
Whoever sells, lets to hire, distributes, exhibits or circulates to any person under the age of twenty years any such obscene object as is referred to in the last preceding section, or offers or attempts so to do, shall be punished 2[on first conviction with imprisonment of either description for a term which may extend to three years, and with fine which may extend to two thousand rupees, and, in the event of a second or subsequent conviction, with imprisonment of either description for a term which may extend to seven years, and also with fine which may extend to five thousand rupees.
Section 294. Obscene acts and songs
Whoever, to the annoyance of others-
(a) Does any obscene act in any public place, or
(b) Sings, recites or utters any obscene song, balled or words, in or near any public place,
Shall be punished with imprisonment of either description for a term which may extend to three months, or with fine, or with both.
12. Theft of Computer Hardware
Sec. 378, 379 IPC
Section 378. Theft
Whoever intending to take dishonestly any moveable property out of the possession of any person without that person's consent, moves that property in order to such taking, is said to commit theft.
Explanation1. -A thing so long as it is attached to the earth, not being movable property, is not the subject of theft; but it becomes capable of being the subject of theft as soon as it is severed from the earth.
Explanation 2. -A moving effected by the same act which affects the severance may be a theft.
Explanation3. -A person is said to cause a thing to move by removing an obstacle which prevented it from moving or by separating it from any other thing, as well as by actually moving it.
Explanation 4. -A person, who by any means causes an animal to move, is said to move that animal, and to move everything which, in consequence of the motion so caused, is moved by that animal.
Explanation 5. -The consent mentioned in the definition may be express or implied, and may be given either by the person in possession, or by any person having for the purpose authority either express or implied.
Section 379. Punishment for theft
Whoever commits theft shall be punished with imprisonment of either description for a term which may extend to three years, or with fine, or with both.
CHAPTER – V
CONCLUSION AND SUGGESTIONS
Capacity of human mind is unfathomable. It is not possible to eliminate cyber squatting. It is quite possible to check them. History is the witness that no legislation has succeeded in totally eliminating crime from the globe. The only possible step is to make people aware of their rights and duties (to report crime as a collective duty towards the society) and further making the application of the laws more stringent to check crime. Undoubtedly the Act is a historical step in the cyber world. Further we all together do not deny that there is a need to bring changes in the Information Technology Act to make it more effective to combat cyber crime. We would conclude with a word of caution for the pro-legislation school that it should be kept in mind that the provisions of the cyber law are not made so stringent that it may retard the growth of the industry and prove to be counter-productive.
1. To prevent cyber squatting avoid disclosing any information pertaining to oneself. This is as good as disclosing your identity to strangers in public place.
2. Always avoid sending any photograph online particularly to strangers and chat friends as there have been incidents of misuse of the photographs.
3. Always use latest and up date anti virus software to guard against virus attacks.
4. Always keep back up volumes so that one may not suffer data loss in case of virus contamination
5. Never send your credit card number to any site that is not secured, to guard against frauds.
6. Always keep a watch on the sites that your children are accessing to prevent any kind of harassment or depravation in children.
7. It is better to use a security programme that gives control over the cookies and send information back to the site as leaving the cookies unguarded might prove fatal.
8. Web site owners should watch traffic and check any irregularity on the site. Putting host-based intrusion detection devices on servers may do this.
9. Use of firewalls may be beneficial.
10. Web servers running public sites must be physically separate protected from internal corporate network.
Join LAWyersClubIndia's network for daily News Updates, Judgment Summaries, Articles, Forum Threads, Online Law Courses, and MUCH MORE!!"
Tags :Others
