CYBERCRIME IN

INDIA-

AN OVERVIEW

by

Deep Sharma
MCSE, CCNA, Diploma in Cyber Law
 TENTATIVE CONTENTS

1. What is a cyber crime

2. Reasons of crime

3. Cyber criminals

4. Mode & manner of committing cyber crime

5. Classification of cyber crime

6. Prevention of cyber crime

7. Effects on evidence act of cyber crime

8. Effects on IPC

9. Effects on CrPC

10. Conclusion
BIBLIOGRAPHY
 Cyber Crime – An Indian Scenario (Overview)
As India is marching towards its development, many new technologies have
entered into the nook and corner of the country. Of these, Information Technology with
computers has paved a way to Internet, e-Banking, e-Commerce and other types of
communication systems. This has reduced the cost, increased the sophistication, more
speed, efficient and reduced the manpower. These technologies has emerged as a blessing
for the present pace of life but at the same time also resulted in various threats to the
consumers and other institutions for which it proved to be most beneficial. It even did not
spare the security of the country when this crime reached its pinnacle.

In a Cyber Crime the criminals use computes as a tool, target or both for their
unlawful act either to gain information which result in heavy loss or damage to the owner
of that intangible sensitive information. They can launch an attack from any corner of the
world without any fear of being traced or prosecuted. This is an international problem
with no national boundaries.

Though the pattern of cyber crime is similar through out the world there are some
difference in few countries according to the technology, culture and economy of that
country. The scenario in India is also different from the rest of the world. Here very high
technology cyber crimes like Hacking, virus attack etc., are in the budding stage where as
pornography, forgery, fraud etc., are spreading like a wild fire.

Reasons for Cyber Crime:

Hart in his work “The Concept of Law” has said ‘human beings are vulnerable so
rule of law is required to protect them’. Applying this to the cyberspace we may say that
computers are vulnerable so rule of law is required to protect and safeguard them against
cyber crime. The reasons for the vulnerability of computers may be said to be:
1. Capacity to store data in comparatively small space-
The computer has unique characteristic of storing data in a very small space. This affords
to remove or derive information either through physical or virtual medium makes it much
easier.

2. Easy to access-
The problem encountered in guarding a computer system from unauthorised access is that
there is every possibility of breach not due to human error but due to the complex
technology. By secretly implanted logic bomb, key loggers that can steal access codes,
advanced voice recorders; retina imagers etc. that can fool biometric systems and bypass
firewalls can be utilized to get past many a security system.

3. Complex-
The computers work on operating systems and these operating systems in turn are
composed of millions of codes. Human mind is fallible and it is not possible that there
might not be a lapse at any stage. The cyber criminals take advantage of these lacunas
and penetrate into the computer system.

4. Negligence-
Negligence is very closely connected with human conduct. It is therefore very probable
that while protecting the computer system there might be any negligence, which in turn
provides a cyber criminal to gain access and control over the computer system.

5. Loss of evidence-
Loss of evidence is a very common & obvious problem as all the data are routinely
destroyed. Further collection of data outside the territorial extent also paralyses this
system of crime investigation.

Cyber Criminals

The cyber criminals constitute of various groups/ category. This division may be
justified on the basis of the object that they have in their mind. The following are the
category of cyber criminals :
1. Children and adolescents between the age group of 6 – 18 years –
The simple reason for this type of delinquent behaviour pattern in children is seen mostly
due to the inquisitiveness to know and explore the things. Other cognate reason may be
to prove them to be outstanding amongst other children in their group. Further the
reasons may be psychological even. E.g. the BAL Bahrain (Delhi) case was the outcome
of harassment of the delinquent by his friends.

2. Organised hackers-
These kinds of hackers are mostly organised together to fulfil certain objective. The
reason may be to fulfil their political bias, fundamentalism, etc. The Pakistanis are said to
be one of the best quality hackers in the world. They mainly target the Indian government
sites with the purpose to fulfil their political objectives. Further the NASA as well as the
Microsoft sites is always under attack by the hackers.

3. Professional hackers / crackers –

Their work is motivated by the color of money. These kinds of hackers are mostly
employed to hack the site of the rivals and get credible, reliable and valuable information.
Further they are van employed to crack the system of the employer basically as a measure
to make it safer by detecting the loopholes.

4. Discontented employees-
This group include those people who have been either sacked by their employer or are
dissatisfied with their employer. To avenge they normally hack the system of their
employee.

Mode / Type of committing Cyber Crime and Prevention

Cyber Pornography

Cyber Pornography is believed to be one of the largest businesses on the Internet

today. The hundreds of pornographic websites with Indian contents have flourish on the
Internet are testimony to this. They operate from across the nation and there agents will
upload the pornography contents from India. While pornography per se is not illegal in
many countries, child pornography is strictly illegal in most nations today.

They accept online payments and allows paying customers to view or download
pornographic pictures, videos etc., from that website. There were also some website
which offers pornographic pictures and videos free of cost. They are mainly responsible
for the spread of pornography through out the country. The major victims for this type of
crime are children and youth especially teen ages. It is very easy to keep these contents in
one’s cell phone and pass on to others.

Hacking with Computer System

Computer Hacking

Hacker is a computer expert who uses his knowledge to gain unauthorized access
to the computer network. He is not any person who intends to break through the system
but also includes one who has no intent to damage the system but intends to learn more
by using one’s computer. IT Act 2000 doesn’t make hacking per se an offence but looks
into factor of means era. Crackers on the other hand use the information cause disruption
to the network for personal or political motives. Hacking by an insider or an employee is
quite prominent in present days.

Most business organization stores their sensitive information in computer

systems. This information is targeted by rivals, criminals and sometimes disgruntled
employees. The skilled hackers were employed to obtain the vital information from the
rival company. In one case a very good looking woman was sent to meet the system
administrator of a large company, she interviewed the administrator for a “Magazine
Article”. During the interview she flirted a lot with the administrator and while leaving
she left her pen drive at the system administrator’s room. The system administrator
accessed the pen drive and saw that it contained many photographs of the lady. He did
not realize that the photographs were Trojanized. Once the Trojan was in place, a lot of
sensitive information was stolen very easily.
 Email Hacking

Email Hacking is the new trend of crime that is emerging all over India now.
Emails are increasingly being used for social interaction, business communication and
online transactions etc. Most email account holders do not take basic precautions to
protect their email account passwords. Cases of theft of emails passwords and subsequent
misuse of email accounts are becoming very common.

In one case the victim’s email account password is stolen and the account is then
misused for sending out malicious code (virus, worm, Trojan etc.) to people in the
victim’s address book. The recipients of these viruses believe that the email is coming
from a known person and run the attachments. This in turn infects their computer with the
malicious code. In another incident the victim’s email account password is stolen and
obscene emails are sent to the people in the victim’s address book or request for money is
made to from the victim’s friends who are in the address book.

Fake Profile in Social Networking Website

Yahoo messenger, MSN messenger and Orkut are some of the famous social
networking websites. Of these Orkut is a very popular online community website. This
website is very familiar to school and college students as they can search for and interact
with people who share the same hobbies and interests. They can create and join a wide
variety of online community. Profile of a person can be created using any email account.
These profiles of the members are publicly viewable.

A fake profile of a women can be created by create a free email account where
there is no need to give correct name or address. Then the profile displays her correct
name and contact information (such as address, residential phone number, cell phone
number etc.). Sometimes it can even have her obscene photograph. In some cases the
profile describes her as a prostitute or a woman of “loose character” who wants to have
sexual relations with anyone. Other members see this profile and start calling her at all
hours of the day asking for sexual favors. This leads to a lot of harassment for the victim
and also defames her in society.

Using this fake email account an online hate community can be created. This
community displays objectionable information against a particular country, religious or
ethnic group or even against national leaders and historical figures. In some cases the
victim will not come forward to report the case as it may aggravate the problem faced by
them. Most of the offenders in this type of crime are from school going children. Still
some of the crimes could not be traced as there is no proof of address of the offenders.

Cyber Frauds and Forgeries

Credit Card Fraud

Credit cards are commonly being used for online booking of airline and railway
tickets and for others e-commerce transactions. Although most of the e-commerce
website have implemented strong security measure (such as SSl, secure web servers etc.),
instance of credit card frauds are increasing. The offender would install key loggers in
public computers (such as cyber cafes, airport lounges etc.) or the computers of the
victim. Unsuspecting victims would use these infected computers and the card
information of the victim would be emailed to the offender.

Offenders also use the Social Engineering methods to collect the important
information about the card, CVV or CVC number, PIN number etc. Innocent women and
people with no knowledge on these types of offence become an easy target to this crime.
There is an urgent need to create a awareness among the people about the protection of
the passwords and other secret numbers.

Online share trading fraud

With the advent of dematerialization of shares in India, it has become mandatory

for investors to have demat accounts. In most cases an online banking account is linked
with the share trading account. This has led to a high number of online share trading
frauds. This is done by using the victim’s stolen account passwords and misusing his
accounts for making fraudulent bank transfers or doing unauthorized transactions that
result in the victim making losses.

Tax Evasion and Money laundering Fraud

Many unscrupulous businessmen and money launders are using virtual as well as
physical storage media for hiding information and records of their illicit business. They
use both physical and or virtual storage media for hiding the information, ex. USB dirves,
mobile phone memory cards, iPods, email accounts, online briefcases, FTP sites etc.

Fraud Digital Signature Certificate

Digital Signature Certificates are used to confirm the receipt of the information
and for the secure transfer of the data from one computer to another computer. One has to
pay fees and proper residential proof in order to obtain a Digital Signature Certificate
from the Registering Authority. This Digital Certificate is must for all kinds of
e-Commerce so, the offenders try to get it by giving false information. According to
Crime in India 2007 there is a 300 % increase in this type of crime.

Forgery and Criminal Breach of Trust

Using a computer and the advanced software one can create any kind of duplicate
document or stamp paper or counterfeit currency. Indians are were very much talented in
art and artistic work, so with the help of computers he can create all kinds of ID’s and
Certificates. This can fetch more money if it feels in the hands of criminal minded
person. As per Crime in India 2007 record Majority of the crimes out of total 339 cases
registered under IPC falls under 2 categories viz. Forgery (217) and Criminal Breach of
Trust or Fraud (73).

Although such offences fall under the traditional IPC crimes, these cases had the
cyber overtones wherein computer, Internet or its enabled services were present in the
crime and hence they were categorized as Cyber Crimes under IPC. The Cyber Forgery
(217 cases) accounted for 0.33% out of 65,326 cases reported under cheating. The Cyber
Fraud (73) accounted for 0.47% of the total Criminal Breach of Trust cases (15,531)
 A total of 429 persons were arrested in the country for Cyber Crimes under IPC
during 2007. 61.5% offenders (264) of these were taken into custody for offences under
“Cyber Forgery”, 19.8% (85) for “Criminal Breach of Trust or Fraud” and 11.4% (49) for
“Counterfeiting Currency or Stamps”. The offenders arrested under Cyber Crime (IPC)
for the year 2007 revealed that offenders involved in Forgery cases were more in the age-
group of 30 – 45 (54.9%) (145 out of 264). 57.6% of the persons arrested under Criminal
Breach of Trust or Cyber Fraud offence were in the age group of 30 – 45 years (49 out of
85).

Source Code Theft

Computer source code is the most important asset of software companies. Simply
put, source code is the programming instructions that are compiled into the executable
files that are sold by software development companies. As is expected, most source code
thefts take place in software companies. Some cases are also reported in banks,
manufacturing companies and other organizations that get original software developed
for their use. This is being done by copying the code in virtual or small physical storage
devices.

Piracy

Software Piracy

Many people do not consider software piracy to be theft. They would never steal a
rupee from someone but would not think twice before using pirated software. There is a
common perception amongst normal computer users not to consider software as
“Property”. This has led to software piracy becoming a flourishing business. The most
common type of piracy is creating duplicate CDs by using high speed CD duplication
equipment. This pirated software is sold through a network of computer hardware and
software vendors.
 In other method the offender registers a domain name using a fictitious name and
then hosts his website using a service provider that is based in a country that does not
have cyber laws. Anybody can download the required software by paying either by credit
Card or through Pay Pal. Such service providers do not divulge client information to law
enforcement officials of other countries

Audio and Video Piracy

There are so many music and movie lovers in our country. Each and Every day
there may be new relies of music and movie in some part of the country. It will give a
huge profit if it is sold in the market without purchasing the right to copy and sale. Due to
Piracy many entertainment companies are suffering huge loss. Though there were many
law enforcing agencies like Anti pirate CD cell the pirated CDs still reaches the end user
without any difficulty. The offenders sell this or circulate this through websites, bulletin
boards, newsgroups, spam emails etc.

Email Scams

Criminals are using emails extensively for their illicit activities. Most of the
offenders operate from abroad and all the victims are educated people who fell in the
offenders trap. The offender convinces the victim that the victim is going to get a lot of
many. They offer this by way of a lottery or from a corrupt African bureaucrat who wants
to transfer his ill gotten gains out of his home country. In order to convince the victim,
the suspect sends emails that contain official looking documents as attachment which are
forged using software.

Once the victim believes this story, the suspect asks for a small fee to cover the
legal expenses or courier charges. If the victim pays up the money the suspect stops all
contact or ask to arrange some credit card details from which they swindle all the money
from the victim’s card.

Phishing
 With the tremendous country wide increase in the use of online banking, online
share trading and e-Commerce and there has been a corresponding growth in the
incidents of phishing being used to carry out financial frauds. It involves fraudulently
acquiring sensitive information (e.g. passwords, credit card details etc) by masquerading
as a trusted entity.

The victim receives an email that appears to have been sent from his bank. The
email urges the victim to click on the link in the email. When the victim does so, he is
taken to “an anther page of the bank’s website”. The victim believes the web page to be
authentic and he enters his username, password and other information. In reality, the
website is a fake and the victim’s information is stolen and misused.

The offender registers a domain name using fictitious details. The domain name is
usually such that it can be misused for spoofing eg. Noodle Bank has its website at
www.noodle.org. The offender then sends spoofed emails to the victims e.g. the emails
may appear to come from genuine website but it may be from different domain name like
info@noodle.com. The fake website is designed to look exactly like the original website.

Online Sale of Illegal Articles

It is becoming increasingly common to find cases where sale of narcotics drugs,

weapons, wildlife etc. is being facilitated by the Internet. Information about the
availability of the products for sales is being posted on auction websites, bulletin boards
etc. which has a server in some other country where there is no proper law for cyber
crime. If the buyer and seller trust each other after their email and or telephonic
conversation, the actual transaction can be concluded. In March 2007, the Pune rural
police cracked down on an illegal rave party and arrested hundreds of illegal drug users.

Virus Attacks

Computer Viruses are malicious programs that destroy electronic information. As

the world is increasingly becoming networked, the threat and damage caused by viruses
is growing by leaps and bounds. A highly skilled programmer creates a new type of strain
of virus and releases it on the Internet so that it can spread all over the world. Anti virus
companies are usually able to find a solution after 8 to 48 hours. In India though there is
no record of such a high skilled virus programmer some young computer engineers create
such small programs for fun and it gets detected by anti virus program very soon. So they
did not get caught to law enforcing agents.

Indian computer are the victims to the virus attacks that were programmed from
abroad. There some illegal website which installs some Ad-ware and compels the victim
to purchase the product to remove the particular virus.

Web Defacement

Web defacement is usually the substitution of the original home page of a website
with another page usually pornographic or defamatory in nature by a hacker. Religious
and government sites are regularly targeted by hackers in order to display political or
religious beliefs. Disturbing images and offensive phrases might be displayed in the
process as well as a signature of sorts, to show who was responsible for the defacement.
Even they insert some links to pornographic website which could not be found to normal
view.

Use of Internet and Computers by Terrorists

Many terrorists are using virtual as well as physical storage media for hiding
information and records of their illicit business. They also use emails and chat rooms to
communicate with their counterparts around the globe. One terrorist composes an email
and saves it in the draft folder. Another terrorist logs into the same account from another
city or country and reads the saved draft mail. He then composes his reply and saves it in
that draft folder. The emails are not actually sent. This makes email tracking and tracing
almost impossible.

The also use the encryption and other ways of secrete communication methods
like Steganography and decoders. It has been found in the parliament attack case that
they use steganography to send secrete message which were embedded in images. They
also use GPS and Internet phones to execute the plan as the terrorist did in the Mumbai
attack. The devices seized from the terrorist helped the investigator to trace the origin of
these attackers and the method of their operation.

Prevention methods:
1. Firewalls
2. Frequent password changing
3. Safe surfing
4. Frequent virus checks
5. Email filters

Firewalls:
These are programs, which protect a user from unauthorized access attacks while on a
network. They provide access to only known users, or people who the user permits.

Frequent password changing:

With the advent of multi-user systems, security has become dependent on passwords.
Thus one should always keep passwords to sensitive data secure. Changing
them frequently, and keeping them sufficiently complex in the first place can do this.

Safe surfing:
This is a practice, which should be followed by all users on a network. Safe surfing
involves keeping ones e-mail address private, not chatting on open systems, which do not
have adequate protection methods, visiting secure sites. Accepting data from only known
users, downloading carefully, and then from known sites also minimizes risk.

Frequent virus checks:

One should frequently check ones computer for viruses and worms. Also any external
media such as floppy disks and CD ROMS should always be virus checked before
running.

Email filters:
These are programs, which monitor the inflow of mails to the inbox and delete
automatically any suspicious or useless mails thus reducing the chances of being bombed
or spoofed.

Effects on evidence act of Cyber Crime

Legal framework on Cyber Crime

The information Technology (IT) Act, 2000, specifies the acts which are
punishable. Since the primary objective of this Act is to create an enabling environment
for commercial use of I.T., certain omissions and commissions of criminals while using
computers have not been included. Several offence have bearing on cyber-arena are also
registered under the appropriate sections of the IPC with the legal recognition of
Electronic Records and the amendments made in several sections of the IPC vide the IT
Act, 2000.

1. In section 3 (a) in the definition of "Evidence", for the words "all documents
produced for the inspection of the Court", the words "all documents including
electronic records produced for the inspection of the Court" shall be substituted;
(b) after the definition of "India", the following shall be inserted, namely:- 'the
expressions "Certifying Authority", "digital signature", "Digital Signature Certificate",
"electronic form", "electronic records", "information", "secure electronic record",
"secure digital signature" and "subscriber" shall have the meanings respectively
assigned to them in the Information Technology Act, 2000.

(2) In section 17, for the words "oral or documentary,", the words "oral or documentary
or contained in electronic form" shall be substituted.

(3) After section 22, the following section shall be inserted, namely: -
"22A. When oral admission as to contents of electronic records are relevant? Oral
admissions as to the contents of electronic records are not relevant, unless the
genuineness of the electronic record produced is in question."
(4) In section 34, for the words "Entries in the books of account", the words "Entries
in the books of account, including those maintained in an electronic form" shall be
substituted.

(5) In section 35, for the word "record", in both the places where it occurs, the words
"record or an electronic record" shall be substituted.

(6) For section 39, the following section shall be substituted, namely: -
"39. What evidence to be given when statement forms part of a conversation, document,
electronic record, book or series of letters or papers. - When any statement of which
evidence is given forms part of a longer statement, or of a conversation or pan of an
isolated document, or is contained in a document which forms part of a book, or is
contained in part of electronic record or of a connected series of letters or papers,
evidence shall be given of so much and no more of the statement, conversation,
document, electronic record, book or series of letters or papers as the Court considers
necessary in that particular case to the full understanding of the nature and effect of the
statement, and of the circumstances under which it was made."

(7) After section 47, the following section shall be inserted, namely: -
"47A. Opinion as to digital signature where relevant. When the Court has 10 form an
opinion as to the digital signature of any person, the opinion of the Certifying Authority
which has issued the Digital Signature Certificate is a relevant fact.".
(8) In section 59, for the words "contents of documents" the words "contents of
documents or electronic records" shall be substituted.

(9) After section 65, the following sections shall be inserted, namely: -
"65A. Special provisions as to evidence relating to electronic record. The contents
of electronic records may be proved in accordance with the provisions of section 65B".
65B. Admissibility of electronic records. (1) Notwithstanding anything contained in this
Act, any information contained in an electronic record which is printed on a paper,
stored, recorded or copied in optical or magnetic media produced by a computer
(hereinafter referred to as the computer output) shall be deemed to be also a document, if
the conditions mentioned in this section are satisfied in relation to the information and
computer in question and shall be admissible in any proceedings, without further proof or
production of the original, as evidence of any contents of the original or of any fact stated
therein of which direct evidence would be admissible.

(2) The conditions referred to in sub-section (1) in respect of a computer output shall be
the following, namely: -
(a) the computer output containing the information was produced by the
computer during the period over which the computer was used regularly to store
or process information for the purposes of any activities regularly carried on
over that period by the person having lawful control over the use of the
computer;
(b) during the said period, information of the kind contained in the electronic
record or of the kind from which the information so contained is derived was
regularly fed into the computer in the ordinary course of the said activities;
(c) throughout the material part of the said period, the computer was operating
properly or, if not, then in respect of any period in which it was not operating
properly or was out of operation during that part of the period, was not such as to
affect the electronic record or the accuracy of its contents; and
(d) the information contained in the electronic record reproduces or is derived
from such information fed into the computer in the ordinary course of the said
activities.
(3) Where over any period, the function of storing or processing information for the
purposes of any activities regularly carried on over that period as mentioned in clause (a)
of sub-section (2) was regularly performed by computers, whether-

(a) by a combination of computers operating over that period; or

(b) by different computers operating in succession over that period; or
 (c) by different combinations of computers operating in succession over that
period; or
(d) in any other manner involving the successive operation over that period, in
whatever order, of one or more computers and one or more combinations of
computers, all the computers used for that purpose during that period shall be
treated for the purposes of this section as constituting a single computer; and
references in this section to a computer shall be construed accordingly.

(4) In any proceedings where it is desired to give a statement in evidence by virtue of this
section, a certificate doing any of the following things, that is to say, -
(a) identifying the electronic record containing the statement and describing the
manner in which it was produced;
(b) giving such particulars of any device involved in the production of that
electronic record as may be appropriate for the purpose of showing that the
electronic record was produced by a computer;
(c) dealing with any of the matters to which the conditions mentioned in
subsection (2) relate, and purporting to be signed by a person occupying a
responsible official position in relation to the operation of the relevant device or
the management of the relevant activities (whichever is appropriate) shall be
evidence of any matter stated in the certificate; and for the purposes of this sub-
section it shall be sufficient for a matter to be stated to the best of the knowledge
and belief of the person stating it.

(5) For the purposes of this section, -

(a) information shall be taken to be supplied to a computer if it is supplied
thereto in any appropriate form and whether it is so supplied directly or (with or
without human intervention) by means of any appropriate equipment;
(b) whether in the course of activities carried on by any official, information is
supplied with a view to its being stored or processed for the purposes of those
activities by a computer operated otherwise than in the course of those activities,
 that information, if duly supplied to that computer, shall be taken to be supplied
to it in the course of those activities;
(c) a computer output shall be taken to have been produced by a computer
whether it was produced by it directly or (with or without human intervention)
by means of any appropriate equipment. Explanation. -For the purposes of this
section any reference to information being derived from other information shall
be a reference to its being derived therefrom by calculation, comparison or any
other process.
(10) After section 67, the following section shall be inserted, namely: - Proof as to
digital signature. "67A. Except in the case of a secure digital signature, if the digital
signature of any subscriber is alleged to have been affixed to an electronic record the fact
that such digital signature is the digital signature of the subscriber must be proved."

(11) After section 73, the following section shall be inserted, namely: -
Proof as to verification of digital signature. '73A. In order to ascertain whether a digital
signature is that of the person by whom it purports to have been affixed, the Court may
direct-
(a) that person or the Controller or the Certifying Authority to produce the
Digital Signature Certificate;
(b) any other person to apply the public key listed in the Digital Signature
Certificate and verify the digital signature purported to have been affixed by that
person.
Explanation.-For the purposes of this section, "Controller" means the Controller
appointed under sub-section (1) of section 17 of the Information Technology
Act, 2000.
(12) After section 81, the following section shall be inserted, namely: - "81 A. The
Court shall presume the genuineness of every electronic record purporting to be the
Official Gazette, or purporting to be electronic record directed by any law to be kept by
any person, if such electronic record is kept substantially in the form required by law and
is produced from proper custody."
(13) After section 85, the following sections shall be inserted, namely: - "85A. The
Court shall presume that every electronic record purporting to be an agreement
containing the digital signatures of the parties was so concluded by affixing the digital
signature of the parties. "85B Presumption as to electronic records and digital signatures.
85B. (1) In any proceedings involving a secure electronic record, the Court shall presume
unless contrary is proved, that the secure electronic record has not been altered since the
specific point of time to which the secure status relates.

(2) In any proceedings, involving secure digital signature, the Court shall presume
unless the contrary is proved that:-
(a) The secure digital signature is affixed by subscriber with the intention of
signing or approving the electronic record;
(b) Except in the case of a secure electronic record or a secure digital
signature, nothing in this section shall create any presumption relating to
authenticity and integrity of the electronic record or any digital signature.
Presumption as to Digital Signature Certificates. 85C.

Presumption as to Digital Signature Certificates.-The Court shall presume,

unless contrary is proved, that the information listed in a Digital Signature
Certificate is correct, except for information specified as subscriber information
which has not been verified, if the certificate was accepted by the subscriber.
(14)After section 88, the following section shall be inserted, namely: - '88A. The
Court may presume that an electronic message forwarded by the originator
through an electronic mail server to the addressee to whom the message purports
to be addressed corresponds with the message as fed into his computer for
transmission; but the Court shall not make any presumption as to the person by
whom such message was sent.
Explanation--For the purposes of this section, the expressions "addressee" and
"originator" shall have the same meanings respectively assigned to them in clauses (b)
and (za) of sub-section (1) of section 2 of the Information Technology Act, 2000.
(15) After section 90 , the following section shall be inserted, namely :
90A. Presumption as to electronic records five years old.- Where any electronic record,
purporting or proved to be five years old, is produced from any custody which the Court
in the particular case considers proper, the Court may presume that the digital signature
which purports to be the digital signature of any particular person was so affixed by him
or any person authorised by him in this behalf.
Explanation. -Electronic records are said to be in proper custody if they are in the place in
which, and under the care of the person with whom, they naturally be; but no custody is
improper if it is proved to have had a legitimate origin, or the circumstances of the
particular case are such as to render such an origin probable. This Explanation applies
also to section 81A."

(16) For section 131, the following section shall be substituted, namely: - Production
of documents or electronic records which another person, having possession, could refuse
to produce. "131. No one shall be compelled to produce documents in his possession or
electronic records under his control, which any other person would be entitled to refuse to
produce if they were in his possession or control, unless such last-mentioned person
consents to their production."

Effects on IPC (Offenses covered under IPC and Special Laws)

1. Sending threatening messages by email

Sec.503 IPC

Section 503. Criminal intimidation

Whoever threatens another with any injury to his person, reputation or property,
or to the person or reputation of any one in whom that person is interested, with intent to
cause alarm to that person, or to cause that person to do any act which he is not legally
bound to do, or to omit to do any act which that person is legally entitled to do, as the
means of avoiding the execution of such threat, commits criminal intimidation.

Explanation-A threat to inure the reputation of any deceased person in whom the person
threatened is interested, is within this section.
2. Sending defamatory messages by email

Sec. 499 IPC

Section 499. Defamation

Whoever, by words either spoken or intended to be read, or by signs or by visible

representations, makes or publishes any imputation concerning any person intending to
harm, or knowing or having reason to believe that such imputation will harm, the
reputation of such person, is said, except in the cases hereinafter expected, of defame that
person.

Explanation 1-It may amount to defamation to impute anything to a deceased person, if

the imputation would harm the reputation of that person if living, and is intended to be
hurtful to the feelings of his family or other near relatives.

Explanation 2-It may amount to defamation to make an imputation concerning a

company or an association or collection of persons as such.

Explanation 3-An imputation in the form of an alternative or expressed ironically, may

amount to defamation.

Explanation 4-No imputation is said to harm a person's reputation, unless that imputation
directly or indirectly, in the estimation of others, lowers the moral or intellectual
character of that person, or lowers the character of that person in respect of his caste or of
his calling, or lowers the credit of that person, or causes it to be believed that the body of
that person is in a loathsome state, or in a state generally considered as disgraceful.

3. Forgery of electronic records , Email spoofing

Sec 463, 464, 468, 469 IPC

Section 463. Forgery.

1[Whoever makes any false documents or electronic record part of a document or

electronic record with, intent to cause damage or injury], to the public or to any person,
or to support any claim or title, or to cause any person to part with property, or to enter
into any express or implied contract, or with intent to commit fraud or that fraud may be
committed, commits forgery.

Section 464. Making a false document

1[A person is said to make a false document or false electronic record-

First-Who dishonestly or fraudulently-

(a) Makes, signs, seals or executes a document or part of a document;

(b) Makes or transmits any electronic record or part of any electronic record;

(c) Affixes any digital signature on any electronic record;

(d) Makes any mark denoting the execution of a document or the authenticity of
the digital signature,

With the intention of causing it to be believed that such document or part of document,
electronic record or digital signature was made, signed, sealed, executed, transmitted or
affixed by or by the authority of a person by whom or by whose authority he knows that
it was not made, signed, sealed, executed or affixed; or

Secondly- Who, without lawful authority, dishonestly or fraudulently, by cancellation or

otherwise, alters a document or an electronic record in any material part thereof, after it
has been made, executed or affixed with digital signature either by himself or by any
other person, whether such person be living or dead at the time of such alteration; or

Thirdly- Who dishonestly or fraudulently causes any person to sign, seal, execute or alter
a document or an electronic record or to affix his digital signature on any electronic
record knowing that such person by reason of unsoundness of mind or intoxication
cannot, or that by reason of deception practised upon him, he does not know the contents
of the document or electronic record or the nature of the alterations.]

Section 468. Forgery for purpose of cheating

Whoever commits forgery, intending that the 1[document or Electronic Record forged]
shall be used for the purpose of cheating, shall be punished with imprisonment of either
description for a term which may extend to seven years, and shall also be liable to fine.
Section 469. Forgery for purpose of harming reputation

Whoever commits forgery, 1[intending that the document or Electronic Record

forged] shall harm the reputation of any party, or knowing that it is likely to used for that
purpose, shall be punished with imprisonment of either description for a term which may
extend to three years, and shall also be liable to fine.

4. Bogus websites, cyber frauds

Sec 420 IPC

Section 420. Cheating and dishonestly inducing delivery of property

Whoever cheats and thereby dishonestly induces the person deceived any property to any
person, or to make, alter or destroy the whole or any part of a valuable security, or
anything which is signed or sealed, and which is capable of being converted into a
valuable security, shall be punished with imprisonment of either description for a term
which may extend to seven years, and shall also be liable to fine.

5. Web-Jacking

Sec. 383 IPC

Section 383. Extortion

Whoever intentionally puts any person in fear of any injury to that person, or to any
other, and thereby dishonestly induces the person so put in fear to deliver to any property
or valuable security, or anything signed or sealed which may be converted into a valuable
security, commits "extortion".

6. E-Mail Abuse, Online Defamation

Sec.500, 509 IPC

Section 500. Punishment for defamation

Whoever defames another shall be punished with simple imprisonment for a term which
may extend to two years, or with fine, or with both.

Section 509. Word, gesture or act intended to insult the modesty of a woman
Whoever, intending to insult the modesty of any woman, utters any word, makes any
sound or gesture, or exhibits any object, intending that such word or sound shall be heard,
of that such gesture or object shall be seen, by such woman, or intrudes upon the privacy
of such woman, shall be punished with simple imprisonment for a term which may
extend to one year, or with fine, or with both.

7. Criminal Intimidation by E-mail or Chat

Sec. 506, 507 IPC

Section 506. Punishment for criminal intimidation

Whoever commits, the offence of criminal intimidation shall be punished with

imprisonment of either description for a term which may extend to two years, or with
fine, or with both;

If threat be to cause death or grievous hurt, etc.: -And if the threat be to cause death or
grievous hurt, or to cause the destruction of any property by fire, or to cause an offence
punishable with death or 1[imprisonment for life], or with imprisonment for a term which
may extend to seven years, or to impute, unchastity to a woman, shall be punished with
imprisonment of either description for a term which may extend to seven years, or with
fine, or with both.

Section 507. Criminal intimidation by an anonymous communication

Whoever commits the offence of criminal intimidation by an anonymous communication,

or having taken precaution to conceal the name or abode of the person form whom the
threat comes, shall be punished with imprisonment of either description for a term which
may extend to two years, in addition to the punishment provided for the offence by the
last preceding section.

8. Online sale of Drugs

-NDPS Act

9. Online sale of Arms

-Arms Act

10. Piracy
-Sec. 51, 63, 63 B Copyright act

51.When copyright infringed:- Copyright in a work shall be deemed to be infringed

---

(a) when any person, without a licence granted by the owner of the Copyright or the
Registrar of Copyrights under this Act or in contravention of the conditions of a licence
so granted or of any condition imposed by a competent authority under this Act ---

( i ) does anything, the exclusive right to do which is by this Act conferred upon
the owner of the copyright, or

( ii ) permits for profit any place to be used for the performance of the work in
public where such performance constitutes an infringement of the copyright in the
work unless he was not aware and had no reasonable ground for believing that
such performance would be an infringement of copyright, or

(b) when any person ---

( i ) make for sale or hire, or sells or lets for hire, or by way of trade displays or
offers for sale or hire, or

( ii ) distributes either for the purpose of trade or to such an extent as to affect

prejudicially the owner of the copyright, or

( iii ) by way of trade exhibits in public, or

( iv ) imports (except for the private and domestic use of the importer) into India,

any infringing copies of the work.

Explanation.--- For the purposes of this section, the reproduction of a literary, dramatic,
musical or artistic work in the form of a cinematograph film shall be deemed to be an
"infringing copy".

63. Offence of infringement of copyright or other rights conferred by this Act. Any
person who knowingly infringes or abets the infringement of-

(a) the copyright in a work, or

(b) any other right conferred by this Act, 125[except the right conferred by section 53A]
shall be punishable with imprisonment for a term which shall not be less than six months
but which may extend to three years and with fine which shall not be less than fifty
thousand rupees but which may extend to two lakh rupees :

Provided that where the infringement has not been made for gain in the course of
trade or business the court may, for adequate and special reasons to be mentioned in the
judgement, impose a sentence of imprisonment for a term of less than six months or a
fine of less than fifty thousand rupees.

Explanation.-Construction of a building or other structure which infringes or which, if

completed, would infringe the copyright in some other work shall not be an offence under
this section.

63A. Enhanced penalty on second and subsequent covictions. -

Whoever having already been convicted of an offence under section 63 is again

convicted of any such offence shall be punishable for the second and for every
subsequent offence, with imprisonment for a term which

shall not be less than one year but which may extend to three years and with fine which
shall not be less than one lakh rupees but which may extend to two lakh rupees : Provided
that where the infringement has not been made for gain in the course of trade orbusiness
the court may, for adequate and special reasons to be mentioned in the judgment impose a
sentence of imprisonment for a term of less than one year or a fine of less than one lakh
rupees: Provided further that for the purposes of this section, no cognizance shall be
taken of any conviction made before the commencement of the Copyright (Amendment)
Act, 1984.

63B. Knowing use of infringing copy of computer programme to be an offence.

Any person who knowingly makes use on a computer of an infringing copy of a

computer programme shall be punishable with imprisonment for a term which shall not
be less than seven days but which may extend to three years and with fine which shall not
be less than fifty thousand rupees but which may extend to two lakh rupees: Provided that
where the computer programme has not been used for gain or in the course of trade or
business, the court may, for adequate and special reasons to be mentioned in the
judgment, not impose any sentence of imprisonment and may impose a fine which may
extend to fifty thousand rupees."

11. Obscenity

Sec. 292,293,294 IPC, Indecent Representation of Women Act

Section 292. Sale, etc., or obscene books, etc.

(1) For the purposes of sub-section

(2) a book, pamphlet, paper, writing, drawing, painting, representation, figure or any
other object, shall be deemed to be obscene if it is lascivious or appeals to the prurient
interest or if its effect, or (where it comprises two or more distinct items) the effect of any
one of its items, is, if taken as a whole, such as to tend to deprave and corrupt persons
who are likely, having regard to all relevant circumstances, to read, see or hear the matter
contained or embodied in it.]

3(2) Whoever-

(a) Sells, lets to hire, distributes, publicly exhibits or in any manner puts into
circulation, or for purposes of sale, hire, distribution, public exhibition or
circulation, makes, produces or has in his possession any obscene book, pamphlet,
paper, drawing, painting, representation or figure or any other obscene object
whatsoever, or

(b) Imports, exports or conveys any obscene object for any of the purposes
aforesaid, or knowing or having reason to believe that such object will be sold, let
to hire, distributed or publicly exhibited or in any manner put into circulation, or

(c) Takes part in or receives profits from any business in the course of which he
knows or has reason to believe that any such obscene objects are, for any of the
purposes aforesaid, made, produced, purchased, kept, imported, exported,
conveyed, publicly exhibited or in any manner put into circulation, or
 (d) Advertises or makes known by any means whatsoever that any person is
engaged or is ready to engage in any act which is an offence under this section, or
that any such obscene object can be procured from or through any person, or

(e) Offers or attempts to do any act which is an offence under this section,

Shall be punished 4[on first conviction with imprisonment of either description

for a term which may extend to two years, and with fine which may extend to two
thousand rupees, and, in the event of a second or subsequent conviction, with
imprisonment of either description for a term which may extend to five years, and
also with fine which may extend to five thousand rupees].

Exception-This section does not extend to-

(a) Any book, pamphlet, paper, writing, drawing, painting, representation or figure-

(i) The publication of which is proved to be justified as being for the public good
on the ground that such book, pamphlet, paper, writing, drawing, painting,
representation or figure is in the interest of science, literature, art of learning or
other objects of general concern, or

(ii) Which is kept or used bona fide for religious purposes;

(b) Any representation sculptured, engraved, painted or otherwise represented on or in-

(i) Any ancient monument within the meaning or the Ancient Monuments and
Archaeological Sites and Remains Act, 1958 (24 of 1958), or

(ii) Any temple, or on any car used for the conveyance of idols, or kept or used
for any religious purpose.

Section 292A. Printing etc. of grossly indecent or scurrilous matter or matter

intended for blackmail

Whoever, -

(a) Prints or causes to be printed in any newspaper, periodical or circular, or exhibits or

causes to be exhibited, to public view or distributes or causes to be distributed or in any
manner puts into circulation any picture or any printed or written document which is
grossly indecent, or in scurrilous or intended for blackmail, or
(b) Sells or lets for hire, or for purposes of sale or hire makes, produces or has in his
possession, any picture or any printed or written document which is grossly indecent or is
scurrilous or intended for blackmail; or

(c) Conveys any picture or any printed or written document which is grossly indecent or
is scurrilous or intended for blackmail knowing or having reason to believe that such
picture or document will be printed, sold, let for hire distributed or publicly exhibited or
in any manner put into circulation; or

(d) Takes part in, or receives profits from, any business in the course of which he knows
or has reason to believe that any such newspaper, periodical, circular, picture or other
printed or written document is printed, exhibited, distributed, circulated, sold, let for hire,
made, produced, kept, conveyed or purchased; or

(e) Advertises or makes known by any means whatsoever that any person is engaged or is
ready to engage in any Act which is an offence under this section, or that any such
newspaper, periodical, circular, picture or other printed or written document which is
grossly indecent or is scurrilous or intended for blackmail, can be procured from or
through any person; or

(f) Offers or attempts to do any act which is an offence under this section *[shall be
punished with imprisonment of either description for a term which may extend to two
years, or with fine, or with both.

Provided that for a second or any subsequent offence under this section, he shall be
punished with imprisonment of either description for a term which shall not be less than
six months and not more than two years.

Explanation I-For the purposes of this section, the word scurrilous shall be deemed to
include any matter which is likely to be injurious to morality or is calculated to injure any
person:

Provided that it is not scurrilous to express in good faith anything whatever respecting the
conduct of-

(i) A public servant in the discharge of his public functions or respecting his character, so
far as his character appears in that conduct and no further; or
(ii) Any person touching any public question, and respecting his character, so far as his
character appears in that conduct and no further.

Explanation II-In deciding whether any person has committed an offence under this
section, the Court shall have regard inter alia, to the following considerations-

(a) The general character of the person charged, and where relevant the nature of his
business;

(b) The general character and dominant effect of the matter alleged to be grossly indecent
or scurrilous or intended for blackmail;

(c) Any evidence offered or called by or on behalf of the accused person as to his
intention in committing any of the acts specified in this section.

Section 293. Sale, etc., of obscene objects to young person

Whoever sells, lets to hire, distributes, exhibits or circulates to any person under the age
of twenty years any such obscene object as is referred to in the last preceding section, or
offers or attempts so to do, shall be punished 2[on first conviction with imprisonment of
either description for a term which may extend to three years, and with fine which may
extend to two thousand rupees, and, in the event of a second or subsequent conviction,
with imprisonment of either description for a term which may extend to seven years, and
also with fine which may extend to five thousand rupees.

Section 294. Obscene acts and songs

Whoever, to the annoyance of others-

(a) Does any obscene act in any public place, or

(b) Sings, recites or utters any obscene song, balled or words, in or near any public place,

Shall be punished with imprisonment of either description for a term which may extend
to three months, or with fine, or with both.

12. Theft of Computer Hardware

Sec. 378, 379 IPC

Section 378. Theft

Whoever intending to take dishonestly any moveable property out of the possession of
any person without that person's consent, moves that property in order to such taking, is
said to commit theft.

Explanation1. -A thing so long as it is attached to the earth, not being movable property,
is not the subject of theft; but it becomes capable of being the subject of theft as soon as it
is severed from the earth.

Explanation 2. -A moving effected by the same act which affects the severance may be a
theft.

Explanation3. -A person is said to cause a thing to move by removing an obstacle which

prevented it from moving or by separating it from any other thing, as well as by actually
moving it.

Explanation 4. -A person, who by any means causes an animal to move, is said to move
that animal, and to move everything which, in consequence of the motion so caused, is
moved by that animal.

Explanation 5. -The consent mentioned in the definition may be express or implied, and
may be given either by the person in possession, or by any person having for the purpose
authority either express or implied.

Section 379. Punishment for theft

Whoever commits theft shall be punished with imprisonment of either description for a
term which may extend to three years, or with fine, or with both.

Conclusion

A futuristic approach to control this Cyber Crime

Though there are many techniques evolved to curb the criminal activities by
Cyber Criminals but still the problem persists in legal structure and has failed to produce
a deterring effect on the criminals. Crucial aspect of problem faced in combating crime is
that, most of the countries especially India lack enforcement agencies to combat crime
relating to Internet and bring some level of confidence in users.

Present law lacks teeth to deter the criminal group for committing cyber crimes.
Law has to be created or amended keeping mind the growing trend of cyber crime in
India. In order to control external cyber attacks there is an urgent need to make
Extradition Treaties with all the countries of the globe and instruct the global emailing
service providers to follow the rule otherwise they may be subjected to be blocked on the
Indian cyber space.

A report on Crime in India 2008 shows that the younger generation is very much
prone to the Cyber Crime. They need proper guidance and awareness through education
system on this issue. So, a subject has to be introduced on Cyber Crime and IT Security
in their school curriculum.