All You Need To Know About Cyber Offences In India

Coverage of this Article

Key Takeaways

-Cyber Crime could be directed against an Individual, a Property, an Organisation, or a Society.

Introduction

-The Internet Boom has been a boon for several Industries as it has disrupted the markets and created new avenues for business.

Classification

1. Cyber Crimes against Individuals

-Email Spoofing – In it, the sender impersonates another ‘legitimate’ person or entity and using that identity, sends an e-mail to the victim..

2. Cyber Crime against Property

Software piracy – This is a very widespread crime in the cyber world. In it, the criminal illegally copies, distributes, sells or uses legally protected software. It causes loss to the organisations that develop such products and it is also a threat for the users, as such pirated software may contain a virus.

3. Cyber Crime against Organizations

-Denial of Service (DOS) Attack–Internet websites and apps have a specific limit up to which they can handle users. .

4. Cyber Crime against Society

-Web jacking–In it, the criminals hijack the domain name of a website and then point it to a fake website.

Legal Provisions relating to Cyber Offences

Information Technology Act, 2000

1. Damage to Computer, Computer System etc. (Section 43)

-Accesses such a computer.

2. Hacking with Computer System, Data alteration, etc. (Section 66)

-This Section provides punishment for a person who, dishonestly or fraudulently, does any of theacts mentioned in Section 43 of the IT Act.

3. Tempering with the Computer Source Documents (Section 65)

-This Section punishes the act of intentionally concealing, destroying or altering the source code of any computer, or computer programme when such source code is required to be maintained by law.

4. Sending offensive messages through any communication Services (Section 66A)

-This Section provides punishment for an act of a person who sends grossly offensive, false, insulting, or misleading information to another person through a computer.

5. Receiving stolen computer resources or communication devices dishonestly (Section 66B)

-This Section provides punishment for a person who dishonestly receives or retains a stolen computer or communication device.

6. Identity Theft (Section 66C)

-This Section provides punishment for a person who fraudulently or dishonestly uses an electronic signature, password or any other unique identification feature of another person.

7. Cheating by personation by the use of computer resources (Section 66D)

-This Section provides punishment for a person who impersonates another person by using a computer or a communication device for cheating.

8. Violation of Privacy (Section 66E)

-This Section provides punishment for a person who intentionally captures, publishes or transmits the image of a private area of another person without his or her consent.

9. Cyber Terrorism (Section 66F)

-This section provides punishment for any person who with the intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people:

10. Transmitting or publishing obscene materials in electronic form (Section 67)

-that is lascivious,

11. Transmitting or publishing materials that contain sexually explicit contents, acts, etc. in electronic form (Section 67A)

-This Section provides punishment for a person who publishes or transmits any material in the electronic form that contains a sexually explicit act or conduct.

12. Transmitting or publishing materials that depict children in sexually explicit acts etc. in electronic form (Section 67B)

-Publishes or transmits child pornography in any electronic form.

13. Un-authorised access to a protected system (Section 70)

-This Section provides punishment for a person who secures access to a computer resource, that has been declared to be a ‘Protected System’ by the Government.

14. Failure to comply with a call for information from CERT (Section 70B)

-This Section provides that the Indian Computer Emergency Response Team (CERT) can call for information from service providers, intermediaries, data centres, body corporate or any other person, for the purpose of:

15. Penalty for misrepresentation (Section 71)

-This Section provides punishment for a person who makes any misrepresentation or suppresses any material fact for obtaining a license or electronic signature certificate from the Controller or the Certifying Authority.

16. Breach of confidentiality and privacy (Section 72)

-Secures access to any electronic record, book, or other material without the consent of the concerned authority,

17. Punishment for Disclosure of information in Breach of Lawful Contract (Section 72A)

-While providing services under a lawful contract or while acting as an intermediary,

18. Publishing False Digital Signature Certification (Section 73)

-This Section provides punishment for a person who publishes an electronic signature certificate, with the knowledge that such certificate is forged, or has been revoked by the Certifying Authority.

19. Publication for Fraudulent Purpose (Section 74)

-This Section provides punishment for a person who creates or publishes anelectronic signature certificate for a fraudulent or unlawful purpose.

Learn the practical aspects of Cyber Law HERE.

Indian Penal Code, 1860

-Some Cyber Offences are not adequately covered by the Information Technology Act, 2000. So, the Law Enforcement Agencies (like Police, etc.) employ the provisions of the Indian Penal Code, 1860 to deal with such offences.

1. Sending threatening messages by e-mail (Section 506)

-Criminal Intimidation has been defined under Section 503 of the IPC, whereas its punishment has been provided under Section 506 of this Code.

2. Sending defamatory messages by e-mail (Section 500)

-The offence of Defamation has been defined under Section 499 of the IPC, and punishment for this offence has been mentioned under Section 500.

3. Bogus websites, Cyber Frauds (Section 420)

-An offence under Section 420 is committed if a person cheats and thereby induces the deceived person to deliver some property to another person.

4. E-mail Spoofing(Section 465)

E-mail spoofing falls within the meaning of forgery, which has been defined under Section 463 of the IPC. Section 465 provides punishment for this offence.

NDPS Act – Online Sale of Drugs

The Narcotic Drugs and Psychotropic Substances Act, 1985 provides detailed provisions relating to the Sale & Purchase of Drugs in Chapter IV where the sale and purchase taking place on the Internet are included. Sections 15 to 22 specifically provide punishments for the sale, and purchase of various Narcotic and Psychotropic Substances, including poppy straw, coca plant & leaves, opium, poppy, cannabis, etc..

Arms Act, 1959 – Online Sale & Purchase of Arms

-Section 25 of the Arms Act, 1959 states that it is an offence to obtain, procure, sell, transfer, or offer for sale/transfer, any arms or ammunition unless a license has been obtained according to provisions of Section 5 of this Act in that regard.

Conclusion

Most of the offences that have been discussed in this article are Cognizable. So, we can directly approach the Cyber Cell of our Local Police Station and register a complaint.

Key Takeaways

• Cyber Crime could be directed against an Individual, a Property, an Organisation, or a Society.
• Provisions relating to Cyber Offences have been primarily provided in the Information Technology Act, 2000.
• NDPS Act prohibits the sale and purchase of prohibited Drugs. This Act even covers the acts of sale &purchase that take place on the Internet.
• Cyber Offence complaints can be reported to the Cyber Cell of our Local Police Station.

Introduction

The Internet Boom has been a boon for several Industries as it has disrupted the markets and created new avenues for business. But this Boom has resulted in an exponential rise in the number of Cyber Offences. Due to a lack of awareness, these offences usually go unreported. Offences against Women and Children are of particular concern. Legislature has done its job by enacting stringent laws. Now, the Law Enforcement Agencies have been working day and night to tackle this difficult situation.In this article, I will discuss the Cyber Crimes that are considered offences in India.

Classification

1. Cyber Crimes against Individuals

• Email Spoofing – In it, the sender impersonates another ‘legitimate’ person or entity and using that identity, sends an e-mail to the victim. The intention of the sender is to trick the receivers into thinking that the message came from a ‘legitimate’ person or entity. The victims, as they trust the ‘legitimate’ person or entity, usually click the malware attachments or send sensitive data.
• Spamming–These are mass-emailed or mass-texted advertisements sent to the receivers, prompting them to buy a product or a service. It is a threat because usually the receivers never sign up for such emails or texts and when they receive them, it becomes challenging to distinguish between legitimate & illegitimate.
• Cyber defamation – This involves sending emails or texts containing defamatory material about a person, to his relatives, friends, colleagues, etc. It can get really hard to trace the source of the Cyber Defamation as the sender could use various proxies to hide his identity.
• Internet Relay Chat (IRC) Crime–Paedophiles use Online Chat services to allure children for various offences. These chats are even used for harassment and bullying of adults. Considering the encrypted nature of such chats, it becomes impossible for the Law Enforcement Agencies to trace such offenders unless the victim reaches out.
• Phishing–It is largely similar to E-mail spoofing. In it, the criminals contact their targets by posing aslegitimate entities, using an electronic medium (email, telephone, text, etc.), and lure their victims to give sensitive data such as Credit Card Details, Passwords, etc.
• Salami Attack – In it, small amounts of money are deducted from the accounts of the victims, these small amounts usually go untraced by the victims and hence the attacker is saved from detection.

2. Cyber Crime against Property

• Software piracy – This is a very widespread crime in the cyber world. In it, the criminal illegally copies, distributes, sells or uses legally protected software. It causes loss to the organisations that develop such products and it is also a threat for the users, as such pirated software may contain a virus.
• Intellectual Property (IP) Infringement –Many a time, criminals create websites to sell counterfeit goods online, this amounts to IP infringement. Criminals also distribute illegal copies of e-books and songs. Using images on websites without the permission of the IP owner also amounts to IP infringement.

3. Cyber Crime against Organizations

• Denial of Service (DOS) Attack–Internet websites and apps have a specific limit up to which they can handle users. So, if a criminal uses his computer resources to send so many requests to the targeted website that the said website becomes unable to handle real users, then that amounts to a DOS attack.
• Email Bombing – In it, a large number of emails are sent to the target to overwhelm his email server, so that he is unable to receive any new emails. Email Bombing can even be used for diverting attention from a legitimate email, e.g., an email about a security breach.
• Virus Attacks – Hackers can penetrate the systems of an organisation to initiate virus attacks. These virus attacks usually have a huge impact on customer service and they can even steal data from the company’s computers.

4. Cyber Crime against Society

• Web jacking–In it, the criminals hijack the domain name of a website and then point it to a fake website. These fake websites are then used to steal customer data or to do phishing attacks. It is a type of social engineering attack.
• Child Pornography – Paedophiles and cybercriminals operate child pornographic websites and groups. This type of content is a menace to society as the children used in such content are usually abducted and forced to act.
• Sale of Illegal Items – Cybercriminals engages in the online sale of prohibited Drugs, Arms, etc. These substances corrupt the individuals and lead to the deprivation of society, so they are very serious offences.
• Online Gambling – Gambling is prohibited in India, but many criminals operate online Gambling websites. These websites are usually hosted on foreign servers.
• Cyber Terrorism – These involve cyber-attacks on Power Stations, Government Websites and Critical Industries. Hackers backed by rogue states initiate these attacks with the intention of disrupting the functioning of a country.

Legal Provisions relating to Cyber Offences

Information Technology Act, 2000

1. Damage to Computer, Computer System etc. (Section 43)

Section 43 of the IT Act provides provisions relating to imposition of penalty on a person who, without the permission of the owner/in-charge of a computer:

• Accesses such a computer.
• Copies/Downloads data stored in such a computer or a removable memory card.
• Infects such a computer with a virus.
• Causes damage to such a computer.
• Denies access to use such computer to any person authorized to access it (e.g., DOS attacks).
• Destroys/Alters the data stored in such a computer.
• Tampers such computers for financial gain.

2. Hacking with Computer System, Data alteration, etc. (Section 66)

This Section provides punishment for a person who, dishonestly or fraudulently, does any of theacts mentioned in Section 43 of the IT Act.

Punishment: Imprisonment up to 3 years or fine up to 5 lakh rupees or both.

Classification: Cognizable – Bailable –Triable byJudicial Magistrate of First Class (JMIC).

3. Tempering with the Computer Source Documents (Section 65)

This Section punishes the act of intentionally concealing, destroying or altering the source code of any computer, or computer programme when such source code is required to be maintained by law.

Punishment:Imprisonment up to 3 years, or fine up to 32 lakh rupees, or both.

Classification: Cognizable – Bailable – Triable by JMIC

4. Sending offensive messages through any communication Services (Section 66A)

This Section provides punishment for an act of a person who sends grossly offensive, false, insulting, or misleading information to another person through a computer. A person who sends an E-mail for causing annoyance or inconvenience to the recipient about the origin of such E-mail is also covered by this section.

Punishment: Imprisonment up to 3 years, and fine.

Classification: Cognizable – Bailable – Triable by JMIC

5. Receiving stolen computer resources or communication devices dishonestly (Section 66B)

This Section provides punishment for a person who dishonestly receives or retains a stolen computer or communication device. A person who even has a reason to believe that a computer or communication device is stolen is also covered by this Section.

Punishment: Imprisonment up to 3 years, or fine up to 1 lakh rupees or both.

Classification: Cognizable – Bailable – Triable by JMIC

6. Identity Theft (Section 66C)

This Section provides punishment for a person who fraudulently or dishonestly uses an electronic signature, password or any other unique identification feature of another person.

Punishment: Imprisonment up to 3 years, and fine up to 1 lakh rupees.

Classification: Cognizable – Bailable – Triable by JMIC

7. Cheating by personation by the use of computer resources (Section 66D)

This Section provides punishment for a person who impersonates another person by using a computer or a communication device for cheating.

Punishment: Imprisonment up to 3 years, and fine up to 1 lakh rupees.

Classification: Cognizable – Bailable – Triable by JMIC

8. Violation of Privacy (Section 66E)

This Section provides punishment for a person who intentionally captures, publishes or transmits the image of a private area of another person without his or her consent. To be considered an offence, such capture or transmission must be done under circumstances violating the privacy of that other person. For this Section, ‘private area’ means the naked or undergarment clad genitals, pubic area, buttocks or female breast.

Punishment: Imprisonment up to 3 years, or fine up to 2 lakh rupees, or both.

Classification: Cognizable – Bailable – Triable by JMIC

9. Cyber Terrorism (Section 66F)

This section provides punishment for any person who with the intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people:

• Makes a Denial of Service (DOS) attack on a computer resource.
• Attempts to penetrate a computer without getting adequate authorization.
• Inserts virus into a computer.
• Obtains information from a computer that is restricted to the public.

To be considered an offence of Cyber-Terrorism under Section 66F, the aforementioned acts must cause or must be likely to cause death or injuries to persons or damage to property or disruption in essential services of the community.

Punishment: Up to life imprisonment.

Classification: Cognizable – Non-Bailable – Triable by Court of Sessions

10. Transmitting or publishing obscene materials in electronic form (Section 67)

This Section provides punishment for a person who publishes or transmits any material in the electronic form:

• that is lascivious,
• that appeals to prurient interest,
• that tends to deprave or corrupt persons who are likely to read, see or hear such material.

Punishment for First conviction: Imprisonment up to 3 years and fine up to 5 lakh rupees.

Classification for First Conviction: Cognizable –Bailable – Triable by JMIC

Punishment for subsequent conviction: Imprisonment up to 5 years and fine up to 10 lakh rupees.

Classification for subsequent conviction: Cognizable – Non-Bailable –Triable by JMIC

11. Transmitting or publishing materials that contain sexually explicit contents, acts, etc. in electronic form (Section 67A)

This Section provides punishment for a person who publishes or transmits any material in the electronic form that contains a sexually explicit act or conduct.

Punishment for First conviction: Imprisonment up to 5 years and a fine up to 10 lakh rupees.

Classification for First Conviction: Cognizable – Non-Bailable – Triable byJMIC

Punishment for subsequent conviction: Imprisonment up to 7 years and fine up to 10 lakh rupees.

Classification for subsequent conviction: Cognizable – Non-Bailable – Triable by JMIC

12. Transmitting or publishing materials that depict children in sexually explicit acts etc. in electronic form (Section 67B)

This Section provides punishment for any person who:

• Publishes or transmits child pornography in any electronic form.
• Seeks, Browses, and Downloads child pornography in any electronic form.
• Facilities online child abuse.
• Entices children to online relationships with other children for sexually explicit acts.

Punishment for First conviction: Imprisonment up to 5 years and a fine up to 10 lakh rupees.

Classification for First Conviction: Cognizable – Non-Bailable – Triable by JMIC

Punishment for subsequent conviction: Imprisonment up to 7 years and fine up to 10 lakh rupees.

Classification for subsequent conviction: Cognizable – Non-Bailable – Triable by JMIC

13. Un-authorised access to a protected system (Section 70)

This Section provides punishment for a person who secures access to a computer resource, that has been declared to be a ‘Protected System’ by the Government.

Punishment: Imprisonment up to 10 years, and fine.

Classification: Cognizable – Non-Bailable – Triable by Court of Session

14. Failure to comply with a call for information from CERT (Section 70B)

This Section provides that the Indian Computer Emergency Response Team (CERT) can call for information from service providers, intermediaries, data centres, body corporate or any other person, for the purpose of:

• Collection of information on cyber incidents.
• Issuing alerts of cyber-attacks.
• Taking emergency measures for handling cyber-attacks.

If the entity called on to provide information fails to comply with the direction of CERT, then such entity shall be liable for punishment under this Section.

Punishment: Imprisonment up to 1 year,or fine up to 1 lakh rupees, or both.

Classification: Non-Cognizable –Bailable – Triable by any Magistrate

15. Penalty for misrepresentation (Section 71)

This Section provides punishment for a person who makes any misrepresentation or suppresses any material fact for obtaining a license or electronic signature certificate from the Controller or the Certifying Authority.

Punishment: Imprisonment up to 2 years, or fine up to 1 lakh rupees, or Both.

Classification: Non-Cognizable –Bailable – Triable by any Magistrate

16. Breach of confidentiality and privacy (Section 72)

This Section provides punishment for a person, who by using his powers under the IT Act:

• Secures access to any electronic record, book, or other material without the consent of the concerned authority,
• And then discloses such information to any other person.

Punishment: Imprisonment up to 2 years, or fine up to 1 lakh rupees, or both.

Classification: Non-Cognizable –Bailable – Triable by Any Magistrate

17. Punishment for Disclosure of information in Breach of Lawful Contract (Section 72A)

This Section provides punishment for a person who:

• While providing services under a lawful contract or while acting as an intermediary,
• Secured access to personal information of another person,
• And then with the intent of causing wrongful gain or loss, discloses such information to another person.

Such an act is an offence under Section 72A of the IT Act, only if the information was shared without the consent of the person, whose information is being shared or in breach of a lawful contract.

Punishment: Imprisonment up to 3 years, or fine up to 5 lakh rupees, or Both.

Classification: Cognizable – Bailable – Triable by JMIC

18. Publishing False Digital Signature Certification (Section 73)

This Section provides punishment for a person who publishes an electronic signature certificate, with the knowledge that such certificate is forged, or has been revoked by the Certifying Authority.

Punishment: Imprisonment up to 2 years, or fine up to 1 lakh rupees, or Both.

Classification: Non-Cognizable – Bailable – Triable by Any Magistrate

19. Publication for Fraudulent Purpose (Section 74)

This Section provides punishment for a person who creates or publishes anelectronic signature certificate for a fraudulent or unlawful purpose.

Punishment: Imprisonment up to 2 years, or fine up to 1 lakh rupees, or both.

Classification: Non-Cognizable –Bailable – Triable by Any Magistrate

Learn the practical aspects of Cyber Law HERE.

Indian Penal Code, 1860

Some Cyber Offences are not adequately covered by the Information Technology Act, 2000. So, the Law Enforcement Agencies (like Police, etc.) employ the provisions of the Indian Penal Code, 1860 to deal with such offences.

1. Sending threatening messages by e-mail (Section 506)

Criminal Intimidation has been defined under Section 503 of the IPC, whereas its punishment has been provided under Section 506 of this Code. The offence of Criminal Intimidation is made, if A threatens B,that he will cause injury to the body or reputation or property of B or a person in whom B is interested if B does not engage in an act/omission which A wants him to do.

e.g. – Sam wants to sue Donny for Breach of Contract.Donny threatens Samvia e-mail that he will burn his house if he sues him. Here, Donny has committed the offence of Criminal Intimidation.

Punishment: Imprisonment up to 2 years, or fine, or Both.

Classification:Non-Cognizable –Bailable – Triable by Any Magistrate.

If the threat is to impute unchastity to a woman or cause an offence punishable with imprisonment of 7 or more years, or death –

Punishment: Imprisonment up to 7 years, or fine, or Both.

Classification: Non-Cognizable – Bailable – Triable by JMIC.

2. Sending defamatory messages by e-mail (Section 500)

The offence of Defamation has been defined under Section 499 of the IPC, and punishment for this offence has been mentioned under Section 500. An offence of defamation is made if a person makes or publishes any imputation that causes harm to the reputation of another person. Such imputation can be made verbally, in writing, or through signs or visible representations.

Punishment: Simple Imprisonment up to 2 years, or fine or both.

Classification: Non-Cognizable – Bailable – Triable by JMIC.

The offence of Defamation against the President, the Vice President, a Governor, or a Minister is Triable by Court of Session.

3. Bogus websites, Cyber Frauds (Section 420)

An offence under Section 420 is committed if a person cheats and thereby induces the deceived person to deliver some property to another person.

So, if a website pretends to be a ‘legitimate’ e-commerce portal and induces you to make a transaction on it using your Credit Card, then the offence mentioned under Section 420 would be made.

Punishment: Imprisonment up to 7 years, and fine.

Classification: Cognizable – Non-Bailable – Triable by JMIC.

4. E-mail Spoofing(Section 465)

E-mail spoofing falls within the meaning of forgery, which has been defined under Section 463 of the IPC. Section 465 provides punishment for this offence. An offence of Forgery is made when a person makes a false document or an electronic record, with the intention to cause injury to another person or the public.

Punishment: Imprisonment up to 2 years, or fine, or Both.

Classification: Non-Cognizable – Bailable – Triable by JMIC.

NDPS Act – Online Sale of Drugs

The Narcotic Drugs and Psychotropic Substances Act, 1985 provides detailed provisions relating to the Sale & Purchase of Drugs in Chapter IV where the sale and purchase taking place on the Internet are included. Sections 15 to 22 specifically provide punishments for the sale, and purchase of various Narcotic and Psychotropic Substances, including poppy straw, coca plant & leaves, opium, poppy, cannabis, etc.

The Punishment under this Act for the sale and purchase of prohibited Drugs ranges from Imprisonment of up to 1 year to Life Imprisonment. Even the death penalty can be imposed for certain offences after a previous conviction. The punishment varies by the amount & the type of ‘Drugs’ that have been seized from the convict.

Arms Act, 1959 – Online Sale & Purchase of Arms

Section 25 of the Arms Act, 1959 states that it is an offence to obtain, procure, sell, transfer, or offer for sale/transfer, any arms or ammunition unless a license has been obtained according to provisions of Section 5 of this Act in that regard.

Punishment: Imprisonment from 7 years up to Life, and fine.

Classification: Cognizable –Non-Bailable – Triable by Court of Session.

Arms Act also prohibits the sale or purchase of Prohibited Arms.

Conclusion

Most of the offences that have been discussed in this article are Cognizable. So, we can directly approach the Cyber Cell of our Local Police Station and register a complaint. The Government of India has also started an online portal at https://cybercrime.gov.in for the registration of complaints relating to Cyber Crime. The complaints registered on this portal are later on forwarded to our local police authorities. Apart from the reporting, the best path is that of prevention. So, while using the Internet, we must stay vigilant and avoid clicking on links or email attachments that come from suspicious senders.

Learn the practical aspects of Cyber Law HERE.