Beruflich Dokumente
Kultur Dokumente
BACKGROUNDER
(i)
November 2016
All rights reserved. No part of this book may be translated or copied in any
form or by any means without the prior written permission of The Institute of
Company Secretaries of India.
Published by :
THE INSTITUTE OF COMPANY SECRETARIES OF INDIA
ICSI House, 22, Institutional Area, Lodi Road
New Delhi - 110 003
Phones : 45341005, 41504444; Fax : 24626727
E-mail : info@icsi.edu ; Website : www.icsi.edu
ISBN : 978-93-82207795
(iii)
CONTEN TS
Ch ap t er – 1
In t r o d u ct i o n 1
1.1 Int roduct ion 1
1.2 Cyber Crime: M eaning and Def init ion 4
1.2.1 M eaning of Crime 5
1.2.2 M eaning of Cyber Crime 6
Ch ap t er – 2
Cl assi f i cat i o n o f Cy b er Cr i m es 9
(vi)
Chapt er 1
In t r o d u ct i o n
1.1 In t r o d u ct i o n
The daw n of Inf ormat ion and Communicat ion Technology
(‘ICT’ i n sh o r t ) h as w i t n essed an em er g en ce o f a
revolut ionised t ransf ormat ion in t he f orm of advancement
and development of t he civilized societ y. ICT has gradually
rep laced t h e co nven t ion al syst ems of communicat ion,
aut hent icat ion and submission. Alongside, it has creat ed
p ace, ease, sw if t ness an d con ven ien ce in con clu din g
transactions. Thus, it may not be w rong to say that wit h such
an increasing pace of use of ICT, t he World is get t ing shrunk
like a palm. This is also cont ribut ing t ow ards a const ant
growth of our society in almost all imperative sect ors. Among
ot hers t hings, t he businesses t oo are going global w it h t he
prospect of ease and sw if t ness rendered by t he ICT.
The advancement s made by t he modern t echnology have
f acilit at ed t he communit y t o develop and expand t heir
communicat ion net w orks t hus enabling f ast er and easier
net w orking along wit h inf ormation exchange. In short , t he
ICT has shaped a commendable plat f orm f or t he societ y
enabling it t o grow by leaps and bounds.
In t he w orld t oday, technology has become an essent ial part
of our day to day lif e and has virt ually got imbedded int o it .
Wit h t he expansion of use of t echnology in almost every
sphere of human lif e, t here is virtually no room lef t f or us t o
t h i n k o f a li f e w i t h o u t t h e b lessi n g s o f t ech n o lo g y.
Fort uit ously, India is also advancing in t he mat t er of use of
ICT and at a pace w hich is helping t o st ave of f st agnat ion.
UN Int ernat ional Telecommu nicat ions Union’s f lagship
1
2 Cy b er Cr i m e - Law an d Pr act i ce
net w orks. The inst ances of dif f erent cyber crimes being
commit t ed include t he f inancial scams carried out t hrough
t he mode of comput er, comput er hacking, dow nloading
pornographic images f rom the internet , virus att acks, e-mail
st alking and creat ing w ebsit es t hat promot e racial hat red.
The f irst major inst ance of a cyber crime being commit t ed
w as report ed in t he late 90’s, when a computer virus mailed
t o t he masses af f ect ed nearly 45 million comput er users
worldwide.
As in t he developed w orld, in developing economies t oo,
the cyber crimes have increased manifold, owing to the rapid
dif f usion of Int ernet and t he digit isat ion of economic
act ivit ies. Thanks t o t he huge penet rat ion of t echnology in
almost all areas of operat ion of societ y, f rom corporat e
governance and st at e administ rat ion t o t he level of pet t y
shop keepers comput erizing t heir billing syst em, w e f ind
comput ers and ot her elect ronic devices pervading t he
human lif e. The penet ration is so deep t hat we cannot think
of operat ing w it hout being associat ed w it h comput ers.
The term ‘Crime’has neither been defined in the Information
Technology Act , 2000 nor in t he Inf ormat ion Technology
(Amendment ) Act , 2008 nor in any other legislat ion in India.
In f act , it is quit e dif f icult , if not impossible, t o def ine t he
w ord Crime. The w ord ‘Of f ence’ has been def ined under
t he Indian Penal Code, 1860 and also in quit e a f ew ot her
legislat ions t oo. In order t o def ine Cyber Crime, w e can say,
it is a crime associat ed w it h or commit t ed w it h t he help of
comput ers. To put it in simple w ords ‘an off ence or a crime
in w hich a computer is used can be said t o be a cyber crime’.
Int erest ingly, even a pet t y off ence like st ealing or pick-
pocket can be brought w it hin the broader purview of cyber
crime if t he basic dat a or aid t o such an of f ence is given
through a computer or the information stored in a computer
used (or misused) by t he off ender. The I.T. Act , 2000 does
def in e w ords like comput er, co mput er n et w ork, dat a,
inf ormat ion and all ot her associat ed t erms t hat form a part
of t he t erm cyber crime, about w hich w e w ill now be
discussing in det ail.
8 Cy b er Cr i m e - Law an d Pr act i ce
***
Cy b er Cr i m e - Law an d Pr act i ce 9
Chapt er 2
Cl assi f i cat i o n o f Cy b er Cr i m es
2.1 Tax o n o m y o f Cy b er Cr i m e
Wit h an en o rmo u s gro w t h w it n essed in t h e f ield o f
communication technology and with the ease of transactions
under it , t here is swif t growt h as w ell as development in the
w orld. The World Wide Web (w w w ) sounds like a vast
phenomenon but surprisingly one of it s qualit ies is t hat it
has brought the w orld closer which has also made it a closely
linked place t o live in f or it s users.
However, it has also resulted in creation of a major challenge
in t he f orm of Cyber Crimes.
Cyber crime is an int ricat e concept t o be def ined in a simple
and in layman’s language. However, it can be said t hat when
any crime is commit t ed over t he Int ernet it can be ref erred
t o as a Cyber Crime.
There are dif f erent cyber crimes w hich are t aking place in
t he present w orld w hich is dominat ed by t he Inf ormat ion
an d Co mmu n icat io n Tech n olo g y. It co u ld b e h ack ers
vandalizing your website, viewing confident ial information,
st ealing t rade secret s or int ellect ual propert y w it h t he use
of int ernet . It can also include ‘denial of services’and virus
at t acks prevent ing regular t raf f ic f rom reaching yo ur
w ebsit e. Cyber crimes are not limit ed t o out siders except in
case of viruses and w it h respect t o securit y relat ed cyber
crimes t hat are usually commit t ed by t he employees of
part icular company/organisat ion w ho can easily access t he
passw ord and t he dat a st orage of t he company f or t heir
illegal purposes. Cyber crimes also include criminal act ivit ies
carried o u t w it h t h e use o f co mp ut ers w hich f u rt her
perpet uat es dif f erent crimes, e.g. f inancial crimes, sale of
9
10 Cy b er Cr i m e - Law an d Pr act i ce
(iv) M alw are : M alware is sof t ware t hat t akes cont rol of any
individual’s comput er t o spread a bug t o ot her people’s
devices or social net w orking prof iles. Such sof t w are can
also b e u sed t o creat e a ‘b o t n et ’— a n et w o rk o f
comput ers cont rolled remot ely by hackers, know n as
‘herders,’— t o spread spam or viruses.
(x) Carding : It means f alse ATM cards, i.e., Debit and Credit
cards used by criminals f or t heir monet ary benef it s
t hrough w it hdraw ing money f rom t he vict im’s bank
account mala-f idely. There is alw ays unaut horized use
of ATM cards in t his t ype of cyber crimes.
(ii) Softw are piracy : Many people do not consider sof t ware
piracy t o be t hef t . They w ould never st eal a rupee f rom
someone but would not think tw ice bef ore using pirat ed
sof tware. There is a common perception amongst normal
comput er users t o not consider sof t w are as “propert y”.
This has led t he sof t w are piracy t o become a f lourishing
business.
The sof t ware pirat e sells the pirat ed soft w are in physical
media (usually CD ROM s) t hrough a close net w ork of
dealers.
The suspect uses high speed CD duplicat ion equipment
t o creat e mult iple copies of t he pirat ed sof t w are. This
so f t w ar e is so l d t h ro u g h a n et w o rk o f co mp u t er
hardw are and sof t w are vendors
(iii) Cyber Squatting : It means w here t w o persons claim f or
t he same Domain Name eit her by claiming that they had
regist ered t he name f irst on by right of using it bef ore
t he ot her or using somet hing similar t o t hat previously.
For example two similar names, i.e., w ww.yahoo.com and
ww w.yaahoo.com.
(iv) Cyb er Van d al ism : Van d ali sm m ean s d el ib er at el y
dest roying or damaging propert y of anot her. Thus cyber
vandalism means destroying or damaging t he data when
a net w ork service is st opped or disrupt ed. It may include
w it hin its purview any kind of physical harm done t o the
comput er of any person. These act s may t ake t he f orm
of the t hef t of a comput er, some part of a comput er or a
peripheral at t ached t o t he comput er.
(v) Hacking Computer System : Hackt ivism at t acks t hose
i n cl u d ed Fam o u s Tw i t t er, b l o g g i n g p l at f o r m b y
unaut horized access/cont rol over t he comput er. Due t o
t he hacking act ivit y t here w ill be loss of dat a as w ell as
comput er. Also research especially indicat es t hat t hose
at t acks w ere not mainly int ended f or f inancial gain t oo
and t o diminish t he reput at ion of part icular person or
company.
A hacker is an unaut horized user w ho at t empt s t o or
16 Cy b er Cr i m e - Law an d Pr act i ce
w i t h an o t h er p ag e (u su al l y p o r n o g r ap h i c o r
def amat ory in nat ure) by a hacker.
Religious and government sites are regularly target ed
by hackers in order t o display polit ical or religious
belief s. Under t h e scenario, t he homepag e of a
w eb si t e i s r ep l aced w i t h a p o r n o g r ap h i c o r
def amat ory page. In case of Government w ebsit es,
t his is most commonly done on symbolic days (e.g.,
t he Independence Day of t he count ry).
The def acer may exploit t he vulnerabilit ies of t he
operat ing syst em or applicat ions used t o host t he
website. This will allow him to hack into the web server
an d ch an g e t h e h o me p ag e an d o t h er p ag es.
A lt ern at i vel y h e m ay l au n ch a b r u t e f o rce o r
d ict i o n ary at t ack t o o b t ain t h e ad m in i st r at o r
passw ords f or t he w ebsit e. He can t hen connect t o
t he w eb server and change t he WebPages.
(iii) Cyber Warfare : It ref ers t o polit ically mot ivat ed
hacking t o conduct sabot age and espionage. It is a
f orm o f inf ormat ion w arf are somet imes seen as
analogous t o convent ional w arf are alt hough t his
analogy is cont roversial f or bot h it s accuracy and it s
polit ical motivation.
(iv) Use of Internet and Computers by terrorists : M any
t errorist s are using virt ual as w ell as physical st orage
media for hiding information and records of their illicit
business. They also use emails and chat rooms t o
communicat e w it h t heir count erpart s around t he
globe. The suspects carry laptops wherein information
relat ing t o t heir act ivit ies is st ored in encrypt ed and
passw ord prot ect ed f orm. They also creat e email
account s using f ict it ious det ails. In many cases, one
email account is shared by many people. E.g., one
t errorist composes an email and saves it in t he draf t
f older. Anot her t errorist logs int o t he same account
from another city / country and reads t he saved email.
He t hen composes his reply and saves it in t he draf t
f older. The emails are not act ually sent . This makes
20 Cy b er Cr i m e - Law an d Pr act i ce
on comput ers, net w orks, and t he inf ormat ion t hese are
used t o st ore and preserve, t he risk of being subject ed
t o cyber-crime is high. Some of the surveys conducted in
the past have indicated as many as 80% of the companies’
surveyed acknowledged f inancial losses due to comput er
breaches. As t he economy increases it s reliance on t he
int ernet , it is exposed t o all t he t hreat s posed by cyber-
cr i m i n al s. St o ck s ar e t r ad ed vi a i n t er n et , b an k
t ransact ions are perf ormed via int ernet , purchases are
made using credit card via int ernet. All instances of f raud
in such t ransact ions impact t he f inancial st at e of t he
aff ect ed company and hence t he economy.
(iii) Wasted Time
Anot her major ef f ect or consequence of cyber crime is
t he t ime t hat is w ast ed w hen IT personnel must devot e
great port ions of t heir day handling such incidences.
Rat her t han w orking on product ive measures f or an
organizat ion, many IT st af f members spend a large
percent age of t heir t ime handling security breaches and
ot her problems associat ed w it h cyber crime.
(iv) Damaged Reputations
In cases w here cust omer records are compromised by a
securit y breach associat ed wit h cyber crime, a company's
reput at ion can t ake a major hit . Customers w hose credit
cards or ot her f inancial dat a become int ercept ed by
h ackers o r ot her in f ilt rat ors lo se con f idence in an
organizat ion and of t en begin t aking t heir business
elsew here. The impact of t he damaged reput at ion can
be clearly underst ood by t he example of t he hacking of
Walmart server making a huge loss of reput at ion t o t he
one of t he biggest ret ailer of t he US and Europe.
Wal m ar t Case St u d y
In year 2006, WALM ART became t he vict im of a serious
secu r i t y b r each i n w h i ch h ack er s t ar g et ed t h e
development team in charge of the chain’s point -of -sale
syst em and siphoned source code and ot her sensit ive
dat a t o t he company’s server in Europe7.
24 Cy b er Cr i m e - Law an d Pr act i ce
He gave t hat inf ormat ion t o Kale. Kale in ret urn passed
t h is i n f o rm at io n t o h is f rien d Lu k k ad . Usi n g t h e
inf ormation obt ained from Kale, Lukkad booked t ickets.
He used t o sell t hese tickets t o cust omers and get money
f or t he same. He had given f ew t icket s t o various ot her
inst it ut ions.
Cyber Cell was involved in eight days of invest igat ion and
f inally caught t he culprit s.
In t his regard various Banks have been cont act ed; also
f our airline indust ries w ere cont act ed and alert ed.
5. Pune Citibank M phasis Call Center fraud
It is a case of sourcing engineering. US$ 3,50,000 f rom
City bank accounts of four US cust omers were dishonest ly
transf erred to bogus account s in Pune, t hrough int ernet.
Some employees of a call cent re gained t he conf idence
of t he US cust omers and obt ained t heir PIN numbers
under t he guise of helping the cust omers out of diff icult
sit uat ions. Lat er t hey used t hese numbers t o commit
f raud. Highest securit y prevails in t he call cent res in India
as t hey know t hat t hey w ill lose t heir business. The call
cent re employees are checked w hen t hey go in and out
so t hey cannot copy dow n numbers and t heref ore t hey
could not have not ed t hese dow n. They must have
remembered t hese numbers, gone out immediately to a
cyber caf é and accessed t he Cit ibank account s of t he
cust omers. All account s w ere opened in Pune and t he
cu st omers co mplain ed t hat t h e mon ey f ro m t h eir
account s w as t ransf erred t o Pune account s and t hat ’s
how t he criminals w ere t raced. Police has been able t o
prove t he honest y of t he call cent re and has f rozen t he
account s w here t he money w as t ransf erred.
6. Parliament Attack case
Bu r eau o f Po l i ce Resear ch an d Devel o p m en t at
Hyderabad had handled some of t he t op cyber cases,
including analyzing and ret rieving informat ion f rom the
laptop recovered from seized from the two terrorists, who
w ere gunned dow n w hen Parliament w as under siege
Cy b er Cr i m e - Law an d Pr act i ce 29
***
Cy b er Cr i m e - Law an d Pr act i ce 33
Chapt er 3
In f o r m at i o n Tech n o l o g y Law : A
Bi r d ’s Ey e Vi ew
The Unit ed Nat ions Commission on Int ernat ional Trade Law
(UNCITRAL) adopted the Model Law on e-commerce in 1996.
The General Assembly of Unit ed Nat ions passed a resolution
in January 1997 int er alia, recommending all St at es in t he
Unit ed Nat ions t o give f avourable considerat ions t o the said
M odel Law, w hich provides f or recognit ion t o elect ronic
records and according it t he same t reat ment like a paper
communicat ion and record.
***
42 Cy b er Cr i m e - Law an d Pr act i ce
Chapt er 4
Leg al Pr o t ect i o n ag ai n st
Cy b er Cr i m es
Cybercrimes are a new class of crimes w hich are increasing day
by day due t o ext ensive use of int ernet t hese days. To combat t he
crimes relat ed t o int ernet t he Inf ormat ion Technology Act , 2000
w as en act ed w it h p r im e o b ject i ve t o cr eat e an en ab l in g
environment f or commercial use of I.T. The IT Act specif ies t he act s
w hich have been made punishable. The Indian Penal Code, 1860
has also been amended t o t ake int o it s purview cybercrimes. The
various of f enses relat ed t o int ernet w h ich have been made
punishable under t he IT Act and t he IPC are enumerat ed below :
4.1 Cr i m i n al Li ab i l i t i es u n d er In f o r m at i o n Tech n o l o g y
A ct , 2000
• Sec.65: Tampering w it h Comput er source document s
• Sec.66: Hacking with Comput er syst ems, Data alt eration and
ot her comput er relat ed Of f ences
• Sec. 66A: Pu nishment f o r sen din g of f ensive messag es
t hrough communicat ion service et c.
• Sec. 66B: Pu nishmen t f or dish on est ly receiving st olen
comput er resource or communicat ion device
• Sec. 66C: Punishment f or ident it y t hef t
• Sec. 66D: Punishment f or Cheat ing by personat ing by using
comput er resource
• Sec. 66E: Punishment f or Violat ion of Privacy
• Sec. 66F: Punishment f or Cyber Terrorism
• Sec.67: Publishing obscene inf ormat ion
• Sec. 67A: Punishment f or publishing or t ransmit t ing of
mat erial cont aining sexually explicit act , et c. in elect ronic
f orm
42
Cy b er Cr i m e - Law an d Pr act i ce 43
Case Law s
Sandeep Vaghese vs. State of Kerala18
A complaint filed by the represent ative of a Company, which
w as engaged in t he business of t rading and dist ribut ion of
pet rochemicals in India and overseas, a crime w as registered
against nine persons, alleging of f enses under Sect ions 65,
66, 66A, C and D of t he Inf ormat ion Technology Act along
w it h Sect ions 419 and 420 of t he Indian Penal Code.
Th e co mp an y h as a w eb -si t e in t h e n am e an d st yle
`w w w.jayp olychem.co m’ b ut , ano t her w eb sit e `w w w.
jayplychem.org’w as set up in t he int ernet by f irst accused
Samdeep Varghese @ Sam, (w ho w as dismissed f rom t he
company) in conspiracy w ith ot her accused, including Preet i
and Charanjeet Singh, w ho are t he sist er and brot her-in-
law of `Sam’.
Def amatory and malicious mat t ers about t he company and
its directors were made available in that website. The accused
sist er and brot her-in-law were based in Cochin and t hey had
been acting in collusion with know n and unknown persons,
w ho have collect ively cheated the company and commit ted
act s of f orgery, impersonat ion et c.
Tw o of t he accused, Amardeep Singh and Rahul had visit ed
Delhi and Cochin. The f irst accused and ot hers sent e-mails
f rom f ak e e-mail acco unt s o f many of t he cu st o mers,
suppliers, Bank et c. t o malign t he name and image of t he
Company and it s Direct ors. The def amat ion campaign run
by all t he said persons named above has caused immense
damage t o t he name and reput at ion of t he Company.
The Company suf fered losses of several crores of Rupees from
producers, suppliers and cust omers and w ere unable t o do
business.
66E Punishment for violation of privacy
Whoever, intentionally or know ingly captures, publishes or
transmits the image of a private area of any person without
his or her consent, under circumstances violating the privacy
of that person, shall be punished w ith imprisonment w hich
Cy b er Cr i m e - Law an d Pr act i ce 51
4.2 Co m m o n Cy b e r Cr i m e s a n d A p p l i ca b l e Le g a l
Pr o v i si o n s : A Sn ap sh o t
4.3 Ci v i l Li ab i l i t i es u n d er In f o r m at i o n Tech n o l o g y A ct ,
2000
The concept of accrued liabilit y applies only t o subst ant ive
laws and not to procedural laws as no one can claim a vest ed
right in t he procedure. In India w e have bot h subst ant ive
and procedural law s. The Indian Penal Code and Information
Technology Act are subst ant ive law s w hereas t he Indian
Evidence Act , Criminal Procedure Code and Civil procedure
Code are procedural law s. Thus, by a ret rospect ive law t he
procedure can be amended, changed or even repealed.
Similarly, t he prot ect ion of Art icle 20(1) is available f or and
can be seeked against criminal mat t ers only and it does not
extend t o civil matt ers‘. Thus, a civil liabilit y can be enhanced
w it h ret rospect ive eff ect .
Dat a Pr o t ect i o n
According to the Sect ion: 43-w hoever destroys, delet es,
alters and disrupts or causes disruption of any computer w ith
t h e int en t io n of damagin g of t h e w ho le dat a of t he
computer system w ithout the permission of the ow ner of
the computer, shall be liable to pay fine up to 1crore to the
person so affected by w ay of remedy.
Sect i o n 43A w hich is inserted by ‘Information Technology
(Amendment) Act, 2008 states that w here a body corporate
74 Cy b er Cr i m e - Law an d Pr act i ce
***
82 Cy b er Cr i m e - Law an d Pr act i ce
Chapt er 5
Cy b er Cr i m e : Lan d m ar k
Ju d g em en t s i n In d i a
1. San j ay Ku m ar v s. St at e Of Har y an a 25
Under Sect ion Period Fine 420 IPC Tw o years Rs.1,000/- 467
IPC Three years Rs.2,000/- 468 IPC Tw o years Rs.1,000/- 471
IPC Tw o years Rs.1,000/- 65 I.T. Act Tw o years Rs.1,000/- 66
I.T. Act Tw o years Rs.1000/- In def ault of payment of f ine,
t he pet it ioner shall f urt her undergo simple imprisonment
f or a period of t wo mont hs. All the sentences were ordered
t o run concurrent ly.
Co u r t s’ Ob ser v at i o n
Co n v i ct i o n
The learned Trial Court was wholly justified in convicting the
accused-petitioner and the learned Appellate court, ascan be
clearly seen, CRR No.66 of 2013 (O&M) 9 had not committed
any error in upholding the conviction of the accused petitioner.
Learned counsel for the petitioner failed to point out any
misreading or non-reading of any evidence and could not point
out any infirmity in the judgments of the Courts below. The
findings of guilt, reached against the accused-petitioner does
not, thus, suffer from any infirmity, legal or factual and does
not therefore, warrant interference by this Court in exercise of
this Court's revision jurisdiction.
In view of the above, there isno merit in the contentions raised
by the learned counsel for the petitioner. Dismissed in limine.
2. Fat i m a Ri sw an a v s. St at e Rep . b y A CP, Ch en n ai &
Or s26
(In The High Court of M adras)
The appellant is a prosecut ion w it ness in S.C. No. 9 of 2004
w herein respondent s 2 t o 6 are t he accused f acing t rail f or
of f ences pu nish able un der Sect ion 67 o f Inf ormat ion
Tech n o l o g y A ct , 2000 r /w Sect i o n 6 o f In d ecen t
Represent at ion of Women (prohibit ion) Act , 1986, Under
Sect ion 5 & 6 of Immoral Traff ic (Prevent ion) Act , 1956,
Under Sect ion 27 of Arms Act , 1959 And Sect ions 120(B),
506(ii), 366, 306 & 376 I.P.C. Th e said t rial relat es t o
exploit at ion of cert ain men and w omen by one of t he
accu sed Dr. L. Pr ak ash f o r t h e p u r p o se o f m ak i n g
pornographic phot os and videos in various act s of sexual
int ercourse and thereaf t er selling t hem t o f oreign w ebsit es.
The said session's t rail came t o be allot t ed t o t he f oreign
w ebsit es. The said Session's t rial came t o be allot t ed t o t he
V Fast Track Court , Chennai w hich is presided over by a lay
Judge. When t he said t rail bef ore t he V Fast Track Court
w as pending cert ain criminal revision pet it ions came t o be
f iled by t he accused against t he orders made by t he said
court reject ing t heir applicat ions f or supply of copies of 74
Compact Discs (CDs) cont aining pornographic mat erial on
which the prosecution was relying. The said revision petitions
Cy b er Cr i m e - Law an d Pr act i ce 89
Inf ormat ion Techno logy Act , 2000, as w ell as IPC and
ultimately, it is for the criminal court w hich w ould be seized
of t he mat t er t o decide on t hat . The Sect ion 43(g) of t he
Inf ormat ion Technology Act , 2000, invoked by t he police
and specif ied in t he FIR is declared void. Accordingly, t he
Writ pet it ion is ordered. No cost s, connected M.P. are closed.
5. Sy ed A si f u d d i n an d Or s. v s. Th e St a t e o f A n d h r a
Pr ad esh A n d A n o t h er 29
(In The High Court of Andhra Pradesh)
Fact s
Tat a Indicom employees w ere arrest ed f or manipulat ion of
t he elect ronic 32-bit number (ESN) programmed int o cell
p h o n es t h at w ere excl u sively f ran ch ised t o Rel ian ce
Inf ocomm.
The co u rt h eld t h at su ch manip ulat io n amo u n t ed t o
t ampering w it h comput er source code as envisaged by
sect ion 65 of t he Inf ormat ion Technology Act , 2000.
Case
Reliance Inf ocomm launched a scheme under w hich a cell
phone subscriber w as given a digit al handset w ort h Rs.
10,500/- as w ell as service bundle f or 3 years w it h an init ial
payment of Rs. 3350/- and mont hly outf low of Rs. 600/-. The
subscriber w as also provided a 1 year w arrant y and 3 year
insurance on t he handset .
The condit ion w as t hat t he handset w as t echnologically
locked so t hat it w o uld on ly w o rk w it h t he Reliance
Infocomm services. If the customer want ed t o leave Reliance
services, he w ould have t o pay some charges including t he
t rue price of t he handset . Since t he handset w as of a high
q u al i t y, t h e m ar k et r esp o n se t o t h e sch em e w as
phenomenal.
Unident if ied persons cont acted Reliance customers w it h an
off er t o change t o a low er priced Tat a Indicom scheme. As
part of t he deal, t heir phone w ould be t echnologically
" unlocked" so t hat t he exclusive Reliance handset s could
be used f or t he Tat a Indicom service.
94 Cy b er Cr i m e - Law an d Pr act i ce
def amat ion and grant s an ex-part e injunct ion rest raining
t he def endant f rom def aming t he plaint if f s by sending
derogat ory, def amat ory, abusive and obscene emails eit her
t o t he plaint if f s or t heir subsidiaries.
9. Nassco m v s. A j ay So o d & Ot h er s
(In The High Court of Delhi)
Fact s
In a landmark judgment in t he case of Nat ional Associat ion
of Sof t w are and Service Companies vs Ajay Sood & Ot hers,
delivered in M arch, 2005, t he Delhi High Court declared
‘phishing’on t he int ernet t o be an illegal act , ent ailing an
injunct ion and recovery of damages.
Elaborat ing on t he concept of ‘phishing’, in order t o lay
dow n a precedent in India, t he court st at ed t hat it is a f orm
of internet fraud where a person pret ends t o be a legit imate
associat ion, such as a bank or an insurance company in order
t o ext ract personal dat a f rom a cust omer such as access
co d es, p assw o rd s, et c. Per so n al d at a so co llect ed b y
misrepresent ing t he ident it y of t he legit imat e part y is
commonly used f or t he collect ing part y’s advant age. Court
also st at ed, by w ay of an example, t hat t ypical phishing
scams involve persons who pretend to represent online banks
and siphon cash f rom e-banking account s af t er conning
consumers int o handing over conf ident ial banking det ails.
Ju d g em en t
The Delhi HC st at ed t hat even t hough t here is no specif ic
legislat ion in India t o penalise phishing, it held phishing t o
be an illegal act by def ining it under Indian law as “a
misrepresent at ion made in t he course of t rade leading t o
conf usion as t o t he source and origin of t he e-mail causing
immense harm not only t o t he consumer but even t o t he
person w hose name, ident it y or passw ord is misused”. The
court held t he act of phishing as passing of f and t arnishing
t he plaint iff ’s image.
The plaint if f in t his case w as t he Nat ional Associat ion of
Softw are and Service Companies (NASSCOM), India’s premier
102 Cy b er Cr i m e - Law an d Pr act i ce
sof t w are associat ion. The def endant s w ere operat ing a
p l acem en t ag en cy i n vo l ved i n h ead -h u n t i n g an d
recruit ment . In order t o obt ain personal dat a, w hich t hey
could use f or purposes of head-hunt ing, t he def endant s
composed and sent e-mails t o t hird part ies in t he name of
NASSCOM .
The high court recognised t he t rademark right s of t he
plaint if f and passed an ex-part e ad-int erim injunct ion
rest raining t he def endant s f rom using t he t rade name or
any ot her name decept ively similar t o NASSCOM . The court
f urther rest rained t he def endant s from holding t hemselves
out as being associat es or a part of NASSCOM .
The court appoint ed a commission t o conduct a search at
t he def endant s’premises. Tw o hard disks of t he comput ers
f rom w h ich t he f rau d u len t e-mails w ere sent b y t h e
def endant s t o various part ies w ere t aken int o cust ody by
t he local commissioner appoint ed by t he court .
The offending e-mails w ere t hen downloaded from the hard
disks and present ed as evidence in court .
During t he progress of t he case, it became clear t hat t he
defendants in whose names t he off ending e-mails were sent
w ere f ict it io u s iden t it ies creat ed b y an emplo yee o n
def endant s’ inst ruct ions, t o avoid recognit ion and legal
act ion. On discovery of t his f raudulent act , t he f ict it ious
names were delet ed f rom t he array of part ies as defendant s
in t he case.
Subsequently, t he defendant s admitt ed their illegal acts and
t he part ies set t led t he mat t er t hrough t he recording of a
compromise in t he suit proceedings. According t o t he t erms
of compromise, t he def endant s agreed t o pay a sum of Rs.
1.6 million t o t he plaint if f as damages f or violat ion of t he
plaint iff’s t rademark right s. The court also ordered t he hard
disks seized f rom t he def endant s’ premises t o be handed
over t o t he plaint if f w ho w ould be t he ow ner of t he hard
disks.
This case achieves clear milest ones: It brings t he act of
“phishing” into the ambit of Indian law s even in the absence
Cy b er Cr i m e - Law an d Pr act i ce 103
Ju d g em en t
" It st ands est ablished t hat t he def endant has inf ringed t he
plaintif f's copyright by making illicit copies of t he operat ing
syst ems sof t w are by openly copying w hat ever operat ing
syst em is current ly saleable."
Cy b er Cr i m e - Law an d Pr act i ce 113
any explanat ion. This can conf use an ordinary net izen and
can result in associat ing def endant 's port al w it h t hat of t he
plaint iff company. The use of impugned w eb port al by t he
defendant may also jeopardise the reputation of the plaintiff
if t he product s and services w hich are advert ised t hrough
t he w ebsit e lack qualit y. Furt her, as t he def endant did not
appear bef ore t he Court and cont est t he claims of t he
plaint if f , def endant 's conduct w as held t o be in mala f ide.
Considering t he above ment ioned aspect s, t he inst ant
disput e w as held t o be a clear case of “passing of f ”. As t he
plaint if f w as held t o have t he sole right t o use t he w ords
“i n d i at i m es”, d ef en d an t w as d i r ect ed t o t r an sf er
“indiat imest ravel.com” t o plaint iff .
15. Cu b b y, In c v s. Co m p u Ser v e, In c.40
Where CompuServe is an online company providing access
t o over 150 special int erest f orums comprised of elect ronic
bulletin boards, int eract ive online conf erences, and topical
d at ab ases. A n ew slet t er called Ru mo rville w as mad e
avai lab l e vi a t h e b u ll et in b o ard . Th e p l ai n t if f su ed
CompuServe for libel af ter allegedly defamatory statement s
were disseminat ed t hrough the newslet ter against it. Cubby
argued t hat t he court should consider CompuServe t o be a
" publisher" of t he allegedly def amat ory st at ement s, and
t hus hold it liable f or t he st at ement .
The court held t hat CompuServe had " no more edit orial
cont rol over such a publicat ion t han does a public library,
b o o k st o re, o r n ew sst an d " . Th e co u r t i n st ead f o u n d
CompuServe t o be more akin t o a " dist ribut or" rather t han
a " pu b lisher" . Th u s, becau se it w as u n d isp u t ed t h at
CompuServe did not have know ledge of or reason t o know
o f t he alleg edly d ef amat o ry st at ement s made in t h e
p u b l i cat i o n , esp eci al l y g i ven t h e l ar g e n u m b er o f
publications it carries and the speed wit h w hich publicat ions
are uploaded int o it s comput er banks and made available
t o CompuServe subscribers, the court held that CompuServe
could not be held liable t o Cubby f or t he def amat ory
stat ement s. The court not ed that t o impose on CompuServe
t h e d u t y t o examin e every p u b l icat io n i t carries f o r
118 Cy b er Cr i m e - Law an d Pr act i ce
Decisi o n
There is no conflict betw een t he provisions of Copyright Act
and Sect ion 70 of IT Act .
Sect ion 70 of t he IT Act is not unconst it ut ional.
While int erpret ing sect ion 70 of t he IT Act , a harmonious
const ruct ion w it h Copyright Act is needed.
Sect ion 70 of t he IT Act is not against but subject t o t he
provisions of t he Copyright Act .
Government cannot unilat erally declare any syst em as
" prot ect ed" ot her t han " Government w ork" f alling under
sect ion 2(k) of t he Copyright Act on w hich Govt .'s copyright
is recognized under Sect ion 17(d) of t he said Act .
22. St at e o f Tam i l n ad u v s. Dr L. Pr ak ash 47
Su m m ar y o f t h e case
St at e of Tamilnadu v/s Dr L. Prakash w as t he landmark case
in w hich Dr L. Prakash w as sent enced t o lif e imprisonment
in a case pert aining t o online obscenit y. This case w as also
landmark in a variet y of w ays since it demonst rat ed t he
resolve of t he law enf orcement and t he judiciary not t o let
of f t he hook one of t he very educat ed and sophist icat ed
professionals of India.
23. Ben u su san Rest au r an t Co r p . v s. Ki n g 48
Fact s
Where a New York jazz club operat or sued a M issouri club
owner claiming trademark infringement, dilution and unf air
compet ition over t he use of t he name " The Blue Not e" . The
def endant maint ained a w eb sit e promot ing his M issouri
" Blue Not e" club and providing a M issouri t elephone
n u mb er t h ro u g h w h ich t ick et s t o t h e clu b co u l d b e
purchased.
The issue, as f ramed by t he Federal Dist rict Court , w as
w het her t he exist ence of t he w eb sit e, w it hout more, w as
suf f icient t o vest t he court w it h personal jurisdict ion over
t he def endant under New York's long-arm st at ut e.
Cy b er Cr i m e - Law an d Pr act i ce 123
The court held t hat it did not . The court considered w hether
t he exist ence of t he w eb sit e and t elephone ordering
inf ormat ion const it ut ed an " of f er t o sell" t he allegedly
infringing " product" in New York, and concluded it was not.
The court not ed t hat , alt hough t he w eb sit e is available t o
any n ew Yo rk er w it h Int ernet access, it t ak es several
af f irmat ion st eps t o obt ain access t o t his part icular sit e, t o
ut ilize t he inf ormat ion cont ained t here, and t o obt ain a
t icket t o t he def endant 's club.
24. A sh cr o f t , A t t o r n ey Gen er a l et al v s. Fr ee Sp eech
Co al i t i o n , et al .49
Fact s
The US Supreme Court af f irmed t he judgment of t he Court
of Appeals f or t he Nint h Circuit t hat t he prohibit ions of
Ss.2256 (8) (B) an d 2256(8) (D) ar e o ver b o ar d an d
unconst it ut ional. Being part of t he Child Pornography
Prevent ion Act of 1996 (CPPA) S. 2256 (8) (B) bans a range
of sexually explicit images, somet imes called " virt ual child
pornography," t hat appear t o depict minors but w ere
produced by means ot her t han using real children, such as
t hrough t he use of yout hf ul-looking adult s or comput er-
imaging technology and S.2256(8)(D) is aimed at preventing
t he product ion or dist ribut ion of pornographic mat erial
pandered as child pornography.
Justice Kennedy opined:
" Congress may pass valid law s to protect children from
abuse, and it has. The prospect of crime. how ever, by itself
does not justify law s suppressing protected speech..."
As a gen eral principle, t he First Amend ment bars t he
government f rom dict at ing w hat see or read or speak or
hear. The f reedom of speech has it s limit s; it does not
embrace certain categories of speech, including defamation,
incit ement , obscenity, and pornography produced w ith real
children.
The Government submit s " t hat virt ual child pornography
w het s t he appet it es of pedophiles and encourages t hem t o
124 Cy b er Cr i m e - Law an d Pr act i ce
Fact s
The def endant w as charged w it h numerous count s of
publishing obscene art icles cont rary t o S. 2(1) of UK' s
Obscene Publicat ions Act 1959. The def endant had creat ed
pornographic images, w hich w ere illegal under t he UK's
Obscene Publicat ions Act . He ran a series of sit es based in
the US, hosting them on a USbased Internet service provider.
These images w ere accessible t o anyone in t he w orld via
t he Int ernet w ho became a subscriber by giving credit card
det ails. He w as charging UK cust omers 25 pounds a mont h
f or access. The subscriber w as given a passw ord and could
log ont o t he various w ebsit es t o obt ain t he images. It w as
submit t ed on behalf of t he def endant t hat , because t he
In t ernet pub licat ion h ad necessarily o ccu rred ab road,
t heref ore t he inst ant court did not have jurisdict ion.
Hardy Christ opher, J. held:
" Publishing an art icle under S. 1(3) (b) of t he 1959 Act
Cy b er Cr i m e - Law an d Pr act i ce 125
Hi st o r y o f t h e case
Bharat Coking Coal Lt d. (BCC) held an e-auct ion f or coal in
diff erent lot s.
P.R. Transport Agency's (PRTA) bid w as accept ed f or 4000
met ric t ons of coal f rom Dobari Colliery.
The accept ance let t er w as issued on 19t h July, 2005 by e-
mail t o PRTA's e-mail address. Act ing upon t his accept ance,
PRTA deposit ed t he f ull amount of Rs. 81.12 lakh t hrough a
cheque in f avour of BCC. This cheque w as accept ed and
encashed by BCC.
BCC did not deliver t he coal t o PRTA. Inst ead it e-mailed
PRTA saying t hat t he sale as w ell as t he e-auct ion in f avour
o f PRTA st o od can celled " d ue t o some t ech nical an d
unavoidable reasons" .
The only reason for this cancellation was t hat there was some
ot her person w hose bid f or the same coal w as slightly higher
t han t hat of PRTA. Due t o some f law in t he comput er or it s
programmed or f eeding of data t he higher bid had not been
considered earlier.
This communicat ion w as challenged by PRTA in t he High
Court of Allahabad. [Not e: Allahabad is t he st at e of Ut t ar
Pradesh (UP)]
BCC object ed t o t he " t errit orial jurisdict ion" of t he Court
on the grounds that no part of the cause of act ion had arisen
w it hin U.P.
Issu e r ai sed b y BCC
The High Court at Allahabad (in U.P.) had no jurisdict ion as
no part of t he cause of act ion had arisen w it hin U.P.
Issu es r ai sed b y PRTA
1. The communicat ion of the acceptance of t he t ender was
received by t he pet it ioner by e-mail at Chandauli (U.P.).
Hence t he cont ract (f rom w hich t he disput e arose) w as
complet ed at Chandauli (U.P). The complet ion of t he
cont ract is a part of t he " cause of act ion'.
Cy b er Cr i m e - Law an d Pr act i ce 127
Hi st o r y o f t h e case:
W h er e t h e " t o t al n ew s.co m " w eb si t e u sed f r am i n g
128 Cy b er Cr i m e - Law an d Pr act i ce
***
Cy b er Cr i m e - Law an d Pr act i ce 129
Chapt er 6
Cy b er Law s – Recen t Tr en d s
Cyber Law of India: The Inf ormat ion Technology Act , 2000 (IT
Act 2000) st ill governs t he cyber law of India and relat ed issues. IT
Act , 2000 has become an redundant and draconian law t hat needs
t o be repealed. The t elegraph and cyber law of India remained
out dat ed, colonial and draconian in t he year 2014 as w ell.
India must ensure t echno legal measures t o regulat e Indian
cyberspace. Similarly, regulat ions and guidelines f or ef f ect ive
invest igat ion of cyber crimes in India is also need of t he hour. The
Indian Government has assured in t he year 2014 t hat t he IT Act ,
2000 could be amended t o accommodat e e-commerce concerns.
The t echnological development has given rise t o a cyber world
const it ut ing cyber space. Cyber space is w it nessing considerable
ad van cem en t w it h t h e rap i d i n cr ease in t h e i n f o r m at io n
t echnology.
It is alw ays hard to det ermine or predict something in t he future
in an accurat e manner.
There is a possibility to consolidate the technological advancements
in t he past . The int ernet users are increasing t remendously every
year and at the same time there is also rise in t he number of people
using mobiles and smart phones.
The cyber law t rends and development s of India are as f ollows:
1. Cyber Crimes Prevent ion St rat egy : Cyber crimes h ave
signif icant ly increased in India in last f ew years. React ing t o
the same, Indian Government had now decided to formulate
a cyber crimes prevent ion st rat egy f or India. How ever, t ill
dat e, t he proposed st rat egy has not been f ormulat ed.
2. Cyber Crimes Investigation Training : Wit h increased cyber
crimes in India, a need w as f elt t o provide cyber crimes
129
130 Cy b er Cr i m e - Law an d Pr act i ce
b e f ree f ro m ICANN’s in f lu en ce an d mu st b e ju dg ed
independent ly of ICANN’s Polices and Agreement s.
35. Challenges in Mobile Law s : Today, there are lot s of activities
in t he mobile ecosyst em. The increasing compet it ion has
int roduced new models of mobile phones, personal digit al
assist ors, t ablet s and ot her communicat ion devices in t he
global market . The int ensive use of mobile devices has
w idened t he mobile ecosyst em and t he cont ent generat ed
is likely t o pose new challenges for cyber legal jurisprudence
across t he w orld. There are no dedicat ed law s dealing w it h
t he use of t hese new communicat ion devices and mobile
plat f orms in a number of jurisdict ions across t he w orld as
t he usage of mobile devices f or input and out put act ivit ies
is increasing day by day. Wit h t he increasing mobile crimes,
t here is an increasing necessit y t o meet t he legal challenges
emerging wit h t he use of mobile devices and ensure mobile
prot ect ion and privacy.
36. Legal issues of Cyber Security : The ot her emerging cyber
law t ren d is t h e need f o r en act in g ap propriat e leg al
framew orks for preserving, promoting and enhancing cyber
security.
The cyber securit y incident s and t he at t acks on net w orks
are increasing rampant ly leading t o breaches of cyber
securit y w hich is likely t o have serious impact on t he nat ion.
How ever, t he challenge bef ore a law maker is not only t o
develop appropriate legal regimes enabling protection and
preservat ion of cyber securit y, but also t o inst il a cult ure of
cyber securit y amongst t he net users. The renew ed f ocus
and emphasis is t o set f ort h ef f ect ive mandat ory provisions
w h ich w o u ld h elp t h e p r o t ect i o n , p r eservat io n an d
promot ion of cyber securit y in use of comput ers, allied
resources and communicat ion devices.
37. Cloud computing and law : Wit h t he grow t h in int ernet
t echnology, t he w ord is moving t ow ards cloud comput ing.
The cloud comput ing brings new challenges t o t he law
makers. The dist inct challenges may include dat a securit y,
dat a privacy, jurisdict ion and ot her legal issues. There
pressure on t he cyber legislat ors and st akeholders w ould
138 Cy b er Cr i m e - Law an d Pr act i ce
***
140 Cy b er Cr i m e - Law an d Pr act i ce
Chapt er 7
Increasing Tendency
and variet y of Cyber
Crimes Decrease in t he
Elect ronic
Transact ion and
digit ally enabled
environment
Lack of Apt Legal
Prot ect ion in
Prevent ing
22. Kumar D. Vinay (2012) Cyber Crime Prevent ion and Role of
Libraries, Vol. 3, pp 222-224.
23. Ku mar Sh iva V., (2015); “Cyb er Crime Preven t io n and
Det ect ion”, Andhra Pradesh Police Academy.
24. Malik Kulw ant (2011), “Emergence of Cyber Crime in India”,
Int ernat ional Ref erred Research Journal, Vol. 2, ISSUE 22,
ISSN-0975-3486, RNI: RAJBIL 2009/30097.
25. M at hew et al.; “Cyber securit y solut ions f or DLM S met ers
using GSM /GPRS Technology”.
26. M ist ry Nilay, et al. (2014); “Prevent ive Act ions t o Emerging
Threat in Smart Devices Securit y”,Vol.1, M ay, pp. 20-26.
27. Nagpal Rohas (2008) Introduction to Indian Cyber Law, Asian
School of Cyber Law s, Pune, India
28. Nagpal Rohas (2010); “Cyber Crime & Digit al Evidence –
Indian Perspect ive”; Real World Cyber Crime Cases, Asian
School of Cyber Crime.
29. Lasheng Yu and Chant al M utimukw e (2009); “Agent Based
Dist ribut ed Intrusion Det ect ion Syst em (ABDIDS)” ISBN 978-
952-5726-07-7 (Pr i n t ), 978-952-5726-08-4 (CD-ROM )
Pro ceed in g s o f t h e Seco n d Symp o siu m In t ern at io n al
Co m p u t er Sci en ce an d Co m p u t at i o n al Tech n o l o g y
(ISCSCT’09) Huangshan, P. R. China, 26-28, pp. 134-138.
30. Peiravi Ali and Peiravi M ehdi (2010), “Int ernet securit y -
Cyber Crime Paradox”, Journal of American Science; Vol. 6,
No. 1, pp. 15-24 (ISSN: 1545-1003).
31. Pet ri Daniel; An In t roduct ion t o Trojan Horse VIRUS”,
(unpublished).
32. Pladna Bret t , “The Lack of At t ent ion in t he Prevent ion of
Cyb er Cr ime an d Ho w t o imp r o ve i t ”, East Caro l in a
Universit y, ICTN6883.
33. Saini Hemraj et al. (2013); Cyber-Crimes and their Impacts: A
Review ”, Vol. 2, M arch April, pp.202-209.
34. Scarfone and M ell (2007) “Guide t o Int rusion Detection and
Prevent ion Syst ems (IDPS)”, Nat ional Inst it ut e of St andards
and Technology Special Publicat ion 800-94, pp. 94, 127.
Cy b er Cr i m e - Law an d Pr act i ce 147
***
148 Cy b er Cr i m e - Law an d Pr act i ce
En d No t es
36. 118 (2005) DLT 580, 2005 (30) PTC 245 Del
37. (2011 (46) PTC 38 (Del.)
38. 2010
39. 2004 (28) PTC 566 (SC)
40. 776 F. Supp. 135 (S.D.N.Y.1991)
41. II (2003) BC 96
42. 1998 WL 307001 (1998)
43. [2006] 144 STC 59 (Kar)
44. 2008
45. 2001
46. AIR2006 Ker 279, 2006
47. 7313 of 2002 and W.P.M .P.No. 10120 of 2002
48. 937 F.Supp. 295 (SDNY, 1996)
49. No 00-795
50. 2011
51. Sout hw ark [Crow n Court, 30/6/1999].
52. 2009
53. 2013
54. 2005
55. 97 CIF. 1190 (PKL)
56. Source : The Economic Times, Oct ober 20, 2016. ht t p://
economict imes.indiat imes.com/indust ry/banking/f inance/
ban king /3-2-million -deb it -cards-compromised -sbi-hdf c-
b an k -i ci ci -yes-b an k -an d -axi s-w o r st -h i t /ar t i cl esh o w /
54945561.cms
Cy b er Cr i m e - Law an d Pr act i ce 151
3. ww w.cyberlawsindia.net
4. ww w.economict imes.indiatimes.com/
6. ht tp://en.wikipedia.org/wiki/Computer_crime
7. ht tp://in.nort on.com/
8. ht tp://ncrb.nic.in/
9. ww w.ncpc.org
12. ht tp://ncrb.gov.in/
17. www.nic.in
18. ww w.idrbtca.org.in
19. ww w.tcs-ca.tcs.co.in
22. ww w.e-Mudhra.com
23. www.coe.int/t/dghl/cooperation/economiccrime/cybercrime/
cy_ act ivity _Interface2008/567_prov guidelines _ provisional
2_3April2008_f r.pdf
24. www.consilium.europa.eu/ueDocs/cms_Data/docs/pressData/
en/jha/103537.pdf
***