CYBER SECURITY |
CYBER SECURITY
Crime is not any recent concept, in fact it as ancient as the
Neanderthals were. Crime is result of both social and economical phenomenon.
Crime could be in any form but what matters
is, that its effects are adverse.
In developing countries, cyber crime is rapidly increasing
day by day and credit goes to a huge penetration of technology in our life.
Today even if start with basics, probably all the vendors are computerizing their
billing systems, cabs are also been booked by an app, online ordering of
edibles and textiles. This invasion of technology in our life is so massive
that we cannot even think to spend our day without using laptops or cell phones.
The term ‘CYBER CRIME’ is not defined in Information
Technology Act 2000 nor in IT Amendment Act 2008 nor in any other legislation
in India. In fact in my opinion it cannot be sum up in a single definition
cause it is made up of both Crime and computer. There are various acts in which
offences are defined in India like in Indian penal Code
1860, and various other legislation too. Interesting part is that anything can
be brought under cyber crime like stealing, theft, harassment , they all comes
under the broader purview of a cyber crime.
Rationally speaking ‘Any offence committed by using a
computer is a cyber crime’. In a cyber crime, computer or the data are itself
are targets, but the other time they are the soul object of the offence and
sometimes they are being used a s tools in committing some other offence, as
they provide necessary inputs needed in the commission of that offence or
crime.
The First
Legislation in India on Technology, computers, e-commerce and e-communication
[ITA 2000]
The Information Technology Act, 2000, was thus passed as the
Act No.21 of 2000, got President assent on 9 June and was made effective from
17 October 2000.
The Act deals with following major issues:-
·
Legal Recognition of Electronic Documents
·
Legal Recognition of Digital Signatures
·
Offences and Contraventions
·
Justice Dispensation System for cyber crime
Act is been amended in 2008 [ITAA 2008]
Being the First legislation on
such offences, the Act became the
subject matter of debates, reviews, criticisms of various experts. As, for few
the Act was draconian and for some it was very diluted and lenient. There are
few conspicuous omissions too which results in slow investigations. Though Act
was being referred while investigation but more reliance was on IPC rather than
ITA. Need of an amendment was occurred from 2003-04 itself, as the nation wants
more detailed and reliable act.
The amendment act 2008 was
placed in the parliament and passed without much debate. Then further it has
got President’s assent on 5th Feb 2009 and was made effective from
27 October 2009.
Essential Features of
the ITAA are as follows:-
·
Focusing on data privacy
·
Focusing on Information Security
·
Defined Cyber Café
·
Making digital signature technology neutral
·
Defining reasonable security practices to be
followed by corporate
·
Redefining the role intermediaries
·
Inclusion of some additional cyber crimes like
child pornography and cyber terrorism
·
Authorizing an Inspector to investigate cyber
offences.
How new cyber laws can protect you from cyber crime?
In today's era we can't even imagine to live without using technology. But despite technology's inexorable march frontward, security almost always appears to be a generation behind.
The internet is the new frontier for criminal offence, and an increasingly profitable frontier at that, today we will get to know how our law is protecting us from such threat.
The internet is the new frontier for criminal offence, and an increasingly profitable frontier at that, today we will get to know how our law is protecting us from such threat.
Although after an amendment ITAA has widened its list of offences.
CIVIL WRONGS
Penalty
and Compensation for damage to computer, computer system, etc – Sec.43
If any person without permission of the owner or any
other person who is in charge of a computer,
computer system or computer network accesses or secures access to such
computer, computer system or computer network or computer
resource. Downloads, copies or extracts any data, computer data base or
information from such computer, computer system or computer network
including information or data
held or stored in any removable
storage medium.
Introduces or causes to be introduced any computer contaminant or computer virus into any
computer, computer system or computer network. Damages or causes to be damaged
any computer, computer system or computer
network, data, computer data
base or any other programmes residing in such
computer, computer system or computer network. Disrupts or causes
disruption of any computer, computer system or computer network. Denies or causes the denial of
access to any person authorised to access
any computer, computer system
or computer network by any means.
Provides any assistance to any person to facilitate
access to a computer, computer
system or computer network in
contravention of the provisions of this
Act, rules or regulations made there
under. Charges the services availed of
by a person to the account of another
person by tampering with or
manipulating any computer, computer system, or
computer network. Destroys, deletes or alters any information residing in a
computer resource or diminishes its value
or utility or affects it
injuriously by any means. Steals, conceals, destroys or alters or causes
any person to steal, conceal, destroy or alter any
computer source code used for a computer resource with an intention to cause
damage.
CIVIL LIABILITY- He shall be liable to pay damages by way of
compensation not exceeding 1crore rupees to the
person so affected.
Compensation
for failure to protect data- Sec.43 A
Where a body corporate, possessing, dealing or handling
any sensitive personal data or information
in a computer resource which it owns, controls or operates, is negligent in
implementing and maintaining reasonable security
practices and procedures and thereby causes wrongful loss or wrongful gain to any person.
CIVIL LIABILITY- Such body corporate shall be liable to pay damages by way
of compensation, not exceeding
5crore rupees, to the person so affected.
OFFENCES
Tampering
with Computer Source Documents – Sec.65
Whoever knowingly or intentionally conceals, destroys or
alters or intentionally or knowingly causes
another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer
network, when the computer source code is required to be kept or maintained by law for the time being
in force.
PUNISHMENT-
He
shall be punishable with imprisonment up to three
years, or with fine which may
extend up to two lakh rupees, or with both.
Computer
Related Offences – Sec.66
If any person, dishonestly, or fraudulently, does any act
referred to in section 43.
PUNISHMENT- He
shall be punishable with
imprisonment for a term which may extend to two three
years or with fine which may extend
to five lakh rupees or with both.
Sending
offensive messages through communication service, etc. Sec.66A
Any person who sends, by means of a computer resource or
a communication device, any
information that is grossly offensive or has menacing
character; or any information which
he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction,
insult, injury, criminal intimidation, enmity,
hatred, or ill will, persistently
makes by making use of such computer resource or a communication device.
Any electronic mail or electronic mail message for the
purpose of causing annoyance or
inconvenience or to deceive or to mislead the addressee or recipient about the origin
of such messages.
PUNISHMENT- He
shall be punishable with imprisonment for a term which may extend to two three years
and with fine.
Dishonestly
receiving stolen computer resource or communication device- Sec- 66B
Whoever dishonestly receives or retains any stolen
computer resource or communication device
knowing or having reason to believe the same
to be stolen computer resource or communication
device.
PUNISHMENT- He shall
be punished with imprisonment of either description for a term which may extend to three years or with fine which
may extend to rupees one lakh or with both.
Identity
theft- Sec.66C
Whoever, fraudulently or dishonestly make use of the
electronic signature, password or any other
unique identification feature of any other person.
PUNISHMENT- He
shall be punished with imprisonment of either description
for a term which may extend to
three years and shall also be liable to fine which may extend to rupees one lakh.
Cheating
by personation by using computer resource- Sec.66D
Whoever, by means of any communication device or computer
resource cheats by personation.
PUNISHMENT-
He
shall be punished with imprisonment of either description for a term which may
extend to three years and shall
also be liable to fine which may extend to one lakh rupees.
Violation of privacy.- Sec.66E
Whoever, intentionally or knowingly captures, publishes
or transmits the image of a private area
of any person without his or her consent, under circumstances violating the
privacy of that person.
PUNISHMENT-He
shall be punished with imprisonment
which may extend to three years
or with fine not exceeding two
lakh rupees, or with both.
Cyber
terrorism- Sec.66F
Whoever, with intent to threaten the
unity, integrity, security or sovereignty of India or to strike terror in the
people or any section of the people by denying or cause the denial of access to
any person authorized to access computer resource
Attempting to penetrate or access a
computer resource without authorisation or exceeding authorized access. Introducing
or causing to introduce any Computer Contaminant. and by means of such conduct
causes or is likely to cause death or injuries to persons or damage to or
destruction of property or disrupts or knowing that it is likely to cause
damage or disruption of supplies or services essential to the life of the
community or adversely affect the critical information infrastructure specified
under section 70,
Knowingly or intentionally
penetrates or accesses a computer resource without authorisation or exceeding
authorized access, and by means of such conduct obtains access to information,
data or computer database that is restricted for reasons of the security of the
State or foreign relations; or any restricted information, data or computer
database, with reasons to believe that such information, data or computer
database so obtained may be used to cause or likely to cause injury to the
interests of the sovereignty and integrity of India, the security of the State,
friendly relations
with foreign States, public order, decency or morality, or in relation to
contempt of court, defamation
or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits
the offence of cyber terrorism.
Punishment- Whoever commits or
conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to
imprisonment for life’.
Publishing or transmitting obscene material in electronic form-
Sec.67
Whoever
publishes or transmits or causes to be published in the electronic form, any
material which is lascivious or
appeals to the prurient interest or ifits
effect is such as to tend to deprave
and corrupt persons who are
likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it.
Punishment- He shall be punished
on first conviction with imprisonment of either description
for a term which may extend to two
three years and with fine which
may extend to five lakh rupees
and in the event of a second or subsequent conviction with imprisonment of
either description for a term
which may extend to five years and also with fine which may extend to
ten lakh rupees.
Publishing or transmitting of material
containing sexually explicit act,etc.-
Sec. 67A
Whoever
publishes or transmits or causes to be published or transmitted in the
electronic form any material which contains sexually explicit act or
conduct.
Punishment- He shall be punished on first
conviction with imprisonment of either description for a
term which may extend to five years and with fine which may extend to ten lakh rupees and in the event of second or subsequent conviction with imprisonment of either description for a term which may
extend to seven years and also with fine which may extend to ten lakh rupees.
Publication for fraudulent purpose- Sec-74
Whoever
knowingly creates, publishes or
otherwise makes available a Electronic Signature Certificate
for any fraudulent or unlawful purpose.
Punishment- He shall be punished with imprisonment for a term which may extend to two years, or with fine
which may extend to one lakh rupees, or
with both
Conclusion-
In the end, though a crime free society is Utopian and exists only in dream
land. Our Laws constant Endeavor is to keep the crime lowest. Especially in a
society where a people can’t even imagine to live without using a technology. Crime based
on electronic offences are bound to increase
and the law makers have to go far to maintain the peace in society.
Technology is always a double edged sword, it can be used for both good as well
as bad. Hence it is the duty of users as well as lawmakers that it should be
used for ethical purposes and not for committing crimes.
Curiosity
How to stop the cyber criminals, hackers of the dark web from exploitation of poor security setting IOT devices from generating enormous amount of information?
If your curiosity is also not letting you sleep and you want me to answer any of your question ? Kindly comment
Curiosity
How to stop the cyber criminals, hackers of the dark web from exploitation of poor security setting IOT devices from generating enormous amount of information?
If your curiosity is also not letting you sleep and you want me to answer any of your question ? Kindly comment
And do share this link with your colleagues, if they are also curious
https://shataxiamicuslex.blogspot.com/2019/08/how-new-cyber-laws-can-protect-you-from.html
https://shataxiamicuslex.blogspot.com/2019/08/how-new-cyber-laws-can-protect-you-from.html
Haha. The funny part of your IT act 2000 is if we stuck by the rules then everything is a criminal and everyone is the victim and if we start following the every rules then we won't be able to do our daily things. Your Government seems to be bit confused in making rules when it comes to the term "Cyber Security". I think Laws can't do anything unless we overcome Human Stupidity and Social Engineering. Your Laws can't help anyone until they don't want to be secure or I can say unless the world want to be secure because you never know what is at the dark side of your so called secure WORLD. Laws are just made to cover the mistakes.
ReplyDeleteThis comment has been removed by the author.
DeleteI think if IT act was working as it meant to be then more than half Indians were in Jail now. And working of laws in India is so good that it won't effect any of us. And knowledge of making laws is not important for civilians LAWS are important for them. And there are bunch of peoples inside and outside in India who are manipulating your rules and your government is just seeing them doing so.
DeleteAnd do you really think you can stop Hackers by changing the settings of your IOT devices. If have any special method please share with us so we could also be safe. (Please don't share the shitty things like disallowing the application access prompts and turning off your local services)
ReplyDeleteI think she is not a Hacker.. she is a lawyer and she is doing great in it.. job of lawyer is to defend the victims not to make laws and rules.. she is just sharing the knowledge which is useful for us in improving our services.. maybe there are some dumbs at the higher post but it not mean that Hackers can safely commit crimes.. Hacking is all about Ethics..if you've ethics then you need no rules to defend yourself but if you go against ethics there are no rules to defend you.. laws are not made for breaking them they are made to protect the innocents one from the dark side..
DeleteIPC do not mention such high punishments as IT act do.... Great to know
ReplyDelete