Information Technology Act 2000

By :

Valini Dsouza: 0065 Somiara Zaman: 0085 Ashish Poladia: 0010 Beamish Gakhar: 0075 Imtiyazul Shaikh: 0014 Salil Kulkarni: 0059

Birth of IT Act, 2000

Following the UN Resolution (United Nations Commission on International Trade Law Resolution A/RES/51/162, dated 30 January 1997) India passed the Information Technology Act 2000 in May 2000 and notified it for effectiveness on October 17, 2000
The Act was further amended on 27th October 2009 (Known as the Information Technology (Amended) Act, 2008

The IT Act, 2000 - Objectives

To provide legal recognition for transactions

To carry out electronic data interchange, and other means of electronic communication, commonly referred to as, electronic commerce, involving the use of alternative to paper based method of communication and storage of information. To facilitate electronic filing of documents with the Government agencies To amend the Indian Penal Code, the Indian Evidence Act, 1872, The Bankers Book Evidence Act, 1981 and the Reserve Bank of India Act, 1934

Contents of the IT Act

The information Technology Act,2000 consists of 13 Chapters divided into 94 Sections. Chapters I to VIII are mostly digital signature related. Chapters IX to XIII are regarding penalties, offences etc. And 4 Schedules: which are consequential amendments in respect of certain aspects of the Act

Chapters of IT Act 2000

Chapter I Preliminary Chapter II Digital Signature Chapter III Electronic Governance Chapter IV Attribution, Acknowledgement and Dispatch of Electronic records

Chapters of IT Act 2000(cont.)

Chapter V Secure Electronic records and secure digital signatures Chapter VI Regulation of Certifying Authorities Chapter VII Digital Signature Certificates Chapter VIII Duties of Subscribers

Chapters of IT Act 2000 (cont.)

Chapter IX penalties and adjudication Chapter X The cyber regulations appellate tribunal

Chapter XI Offences
Chapter XII Network service providers not to be liable in certain cases Chapter XIII Miscellaneous

Schedules of IT Act 2000

Schedule 1 Amendments to the Indian Penal Code Schedule 2 Amendments to the Indian Evidence Act, 1872 Schedule 3 Amendments to the Bankers' Books Evidence Act, 1891 Schedule 4 Amendments to the Reserve Bank of India Act, 1934

Chapter IV: Attribution, acknowledgment and despatch of electronic records

11. Attribution of electronic records. 12. Acknowledgment of receipt. 13. Time and place of despatch and receipt of electronic record.

Chapter V: Secure electronic records and secure digital signatures

14. Secure electronic record 15. Secure digital signature 16. Security procedure

Chapter VI: Regulation of certifying authorities

17. Appointment of Controller and other officers 18. Functions of Controller 19.Recognition of foreign Certifying Authorities 20.Controller to act as repository 21.Licence to issue Digital Signature Certificates

Chapter VII
22.Application for licence 23.Renewal of licence 24.Procedure for grant or rejection of licence 25. Suspension of licence 26. Notice of suspension or revocation of licence 27. Power to delegate 28.Power to investigate contraventions

Chapter VIII
29. Access to computers and data 30. Certifying Authority to follow certain procedures 31. Certifying Authority to ensure compliance of the Act, etc. 32. Display of licence 33. Surrender of licence 34. Disclosure

IT Amendment Bill,2008
Insertion of new section 3A- According to this section a subscriber can authenticate the electronic signature through electronic authentication technique Sec 7(A)-Audit and other documents, maintained in electronic form Sec 10(A)-Validity of contracts formed through electronic means Substitution of words digital signature by words electronic signature

Continued
Substitution of new sections for sections 15 and 16- An electronic signature shall be deemed to be a secure electronic signature Sec 40(A)- About the Duties of subscriber of Electronic Signature Certificate Sec 43(A)-Where a corporate body is negligent about the security of the information which it owns, any wrong use of that information Corporate body is liable

Continued
Sec 77- It mentions that Compensation, penalties or confiscation not to interfere with other punishment

Omission of sections 91, 92, 93 and 94 these four sections have been omitted in the Information Technology (Amendments) Act 2008

Amendments
Amendment of section 1- Nothing in this Act shall apply to documents or transactions specified in the First Schedule Amendment of section 2- This amendment in the act specifies that this Act is applicable to the other communication devices like cell phones, personal digital assistance etc used for communication

Continued
Amendment of section 12- The words agreed with the addressee have been substituted with the word stipulated shall be substituted Amendment of section 17- The words and Assistant Controllers in sub-section (1), have been substituted by the words , Assistant Controllers, other officers and employees

Cyber Crime
A generalized definition of cyber crime may be unlawful acts wherein the computer is either a tool or target or both Cyber crimes as acts that are punishable by the information technology Act

Category of cyber crime

1. The Computer as a Target e.g. Hacking, Virus/Worm attacks etc.

2.The computer as a weapon e.g. Cyber Terrorism, Credit card frauds, Pornography etc.

List of Cyber Crimes

Cyber Terrorism Sale of illegal articles Phishing Online gambling Cyber Pornography Intellectual Property crimes Email spoofing Forgery Email bombing Web jacking Theft of computer system Trojan attacks Logic Bomb Virus / worm attacks Banking/Credit card Related crimes
Crime against government

Crime against person

Crime against property

Continue

Crime against Government

Crime against persons

Crime against property

Cyber crimes classification

Against Individuals:
Harassment via emails Cyber Stalking Dissemination of obscene material Defamation Unauthorized control / access over computer system Indecent exposure Email spoofing Cheating & Fraud

Against Organization (Government / Private Firm / Company:

Unauthorized control / Access over computer system Possession of unauthorized information Cyber Terrorism against the government Distribution of pirated software

Against Individual Property:

Computer Vandalism Transmitting Virus Netrespass Unauthorized Control / Access of Computer Systems Intellectual Property Crimes Internet time thefts

Against Society at Large:

Pornography (Child Pornography) Polluting the youth through indecent exposure Trafficking Financial Crimes Sale of Illegal Articles Online gambling Forgery

Role of IT Act 2000 in Cyber Crime

The IT Act, 2000 enables detection/tracking of cyber crimes and punishment to perpetrators, thus providing a legal framework to address the issues arising out of such crimes in cyber space

Cyber Crime Law & Need

Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber crime Cyber space is an intangible and provides extreme mobility Cyber space offers great economic efficiency Cyber space has complete disrespect for national boundaries Cyber space is absolutely open to participation by all

Safeguards: IT Act: Cyber Crime

Cyber Crimes in India

"As per the crime data maintained by National Crime Records Bureau (NCRB), following is the statistics of cyber crime in India from 2007-2011:
Year 2007 2008 2009 No of cases 217 288 420 People Arrested 154 178 288

2010
2011

966
1791

799
1184

Case Study 1.Cyber Lotto Case

In Andhra Pradesh one Kola Mohan created a website and an email address on the Internet with the address 'eurolottery@usa.net.' which shows his own name as beneficiary of 12.5 million pound in Euro lottery. After getting confirmation with the email address a Telugu newspaper published this as news. He gathered huge sums from the public as well as from some banks. The fraud came to light only when a cheque amounting Rs 1.73 million discounted by him with Andhra bank got dishonored.

2.First case convicted under IT Act 2000

The case related to posting of obscene, defamatory and annoying message about a divorcee woman in the yahoo message group. Based on a complaint made by the victim in Feb 2004,the Police traced the accused to Mumbai and arrested him, The accused was a known family friend of the victim and was reportedly interested in marrying her. for the offence u/s 67 of IT Act 2000 accused had to undergo RI for 2 years and to pay fine of Rs. 4000

3. Myspace Catches A Murderer

MySpace has played an important role in helping Oakland police apprehend a 19-year old man accused of shooting a San Leandro High School football player Greg "Doody" Ballard, Jr. Oakland police had a street name of a suspect and were able to identify Dwayne Stancill, 19 of Oakland from a picture they found on a gang's MySpace page. Police brought the suspect to their headquarters where detectives say he confessed. What was most troubling to investigators was the lack of motive for the killing.

BPO Cyber Crime Case

Recently reported bank fraud case in Pune where an exemployee of BPO arm MPhasis Ltd, MsourcE, defrauded US customers of CitiBank to the tune of Rs 1 cr has raised concerns of many kinds including the role of Data Protection The crime was obviously committed using Unauthorised Access to the Electronic Account Space of the customers. It is therefore firmly within the domain of cyber crimes

Section 66A - Sending offensive or false messages through Communication Services. FB effect, B'lore: IIMB girl kills self for boyfriend. Girl's friend charged with abetment to suicide as well as under the provisions of the Information Technology Act.

The Latest FB Row.. 66A IT ACT

Two girls arrested for commenting on

CITY after sad demise of Big Leader.

FB over the shutdown of

Govt. Issued a notice / guidelines on 29/11/12 that state approval from an officer of DCP level in the rural and IG level in metros will have to be sought before registering complaints under Section 66A of the IT ACT.

Punishment

Punishment for sending offensive messages through communication service according to the section 66A. Any person who sends, by means of a computer resource or a communication device, a. any information that is grossly offensive or has menacing character; b. any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, c. any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience

Continued
Punishment for dishonestly receiving stolen computer resource or communication device-according to section 66B Punishment for identity theft- According to section 66C whoever, fraudulently or dishonestly make use of the electronic signature, password etc. Punishment for cyber terrorism- According to section 66F(1) Punishment for violation of privacy- According to section 66E Punishment for publishing or transmitting of material containing sexually explicit act according to section 67(A)

Positive Initiatives
Mumbai Cyber lab is a joint initiative of Mumbai police and NASSCOM Effective E-surveillance Websites aid in creating awareness and encouraging reporting of cyber crime cases Specialized Training of forensic investigators and experts Active coordination between police and other law enforcement agencies and authorities

Thank You!