An overview of cyberimes

An Overview of Cyber Crimes

Biju Pattnaik State Police Academy
Bhubaneswar
By Dr. Tabrez Ahmad
Professor of Law
www.technolexindia.com
tabrezahmad7@gmail.com
http://technolexindia.blogspot.com

Dr. Tabrez Ahmad,

Agenda

1. Background of Cybercrime
2. The categories of cybercrimes
3. Analysis of the cybercrime & Indian
legal position
4. Vicarious Liability of ISPs and Govt.
5. Future course of action


Dr. Tabrez Ahmad,

Digital Revolution Internet Infra in INDIA
Internet INDIA Internet Infrastructure:2008.5
1Mil. Domains
(0.5 Mil. “.in”)

Bharti
BSNL NIC

130+ IDCs 134 Major Mail Servers
ISPs
ERNET

Reliance
TATA
Communications

4.8 Mil. High DNS
Speed Internet
Enterprise
IT /
65 Mil. Internet Govt. ITES
Users BPO
Home
248 Mil. Mobile Academia
Phones
8 Mil. Mobile Phones being added
per month `

Tele Density 24 per 1000 person
Dr. Tabrez Ahmad,
Targetted Broadband connection = 10 Mil. VOIP, IPTV
(2010) 4

Real-world & Virtual- world

Current approaches evolved to
deal with real-world crime

Cybercrime occurs in a virtual-
world and therefore presents
different issues

Dr. Tabrez Ahmad,

Example : Theft
Real-world theft:
Possession of property shifts completely
from A to B, i.e., A had it now B has it

Theft in Virtual-world (Cyber-theft):
Property is copied, so A “has” it and so does B

Dr. Tabrez Ahmad,

Development of Cyberlaw and need
of regulation
 Internet for Security USA ARPANET
 Internet for Research
 Internet for e-commerce UNCITRAL Model Law
1996
 I.T Act 2000
 Internet for e-governance
 Internet regulation – serious matter after 9/11 attack
on World Trade Centre
 US Patriot Act
 I.T Amendment Act 2008
Dr. Tabrez Ahmad,

What is India inc‘s biggest
threat?
 Cyber crime is now a bigger threat to India Inc than
physical crime. In a recent survey by IBM, a greater
number of companies (44%) listed cyber crime as a
bigger threat to their profitability than physical crime
(31%).

The cost of cyber crime stems primarily from loss of
revenue, loss of market capitalisation, damage to the
brand, and loss of customers, in that order.

About 67% local Chief Information Officers (CIOs)
who took part in the survey perceived cyber crime as
more costly, compared to the global benchmark of
50%.
Dr. Tabrez Ahmad,

Types of Cyber crimes

Crime against
Government

Crime against property

Crime against persons

Dr. Tabrez Ahmad,

Cyber Crimes/Civil
Wrongs
Cyber Protection Vicarious
trespass Cyberlibel of Contents Pornography Cyberte
Liability of
on rrorism
Websites ISPs
Trespass Trespass to
to person Property Cookies,
Viruses Data Online Magic
Collection survelliance LanternTechnique
Identity Cybersquating
Theft

Software Piracy
Phising

Cyberst Data Protection
alking

Confidential
Spammin Information
g

Hacking Dr. Tabrez Ahmad,

Unauthorized access: This occurs when a user/hacker
deliberately gets access into someone else‘s network either to
monitor or data destruction purposes

For e.g. In February hackers hacked the password of CU VC
Prof. Surabhi Banerjee and send the mails to different Govt.
officials.

Denial of service attack: It involves sending of
disproportionate demands or data to the victims server beyond
the limit that the server is capable to handle and hence causes
the server to crash

Dr. Tabrez Ahmad,

Virus, Worms and Trojan attacks: Viruses are basically
programs that are attached to a file which then gets
circulated to other files and gradually to other computers in
the network. Worms unlike Viruses do not need a host for
attachments they make copies of themselves and do this
repeatedly hence eating up all the memory of the computer.
Trojans are unauthorized programs which functions from
inside what seems to be an authorized program, thereby
concealing what it is actually doing.

Dr. Tabrez Ahmad,

Computer Viruses

 Viruses
Viruses
 A computer virus is a
computer program that can
infect other computer
programs by modifying them Boot and
in such a way as to include a File Boot
infectors record file
(possibly evolved) copy of it. viruses
Note that a program does not infectors
have to perform outright
damage (such as deleting or
corrupting files) in order to be
called a "virus".

Dr. Tabrez Ahmad,

Email Bombing It refers to sending a large number of emails
to the victim resulting in the victim's email account (in case of
an individual) or mail servers (in case of a company or an
email service provider) crashing

Internet Time Thefts
This connotes the usage by an
unauthorized person of the Internet hours paid for by another.

Dr. Tabrez Ahmad,

 Web Jacking This occurs when someone forcefully takes
control of a website (by cracking the password and later
changing it). The actual owner of the website does not have
any more control over what appears on that website

 Theft and Physical damage of computer or its peripherals
This type of offence involves the theft of a computer, some
parts of a computer or a peripheral attached to the computer.
and physically damaging a computer or its peripherals.
 Attack on PM Office by Chinese hackers in December 2009

Dr. Tabrez Ahmad,

Combating cyber crimes
 Technological measures-Public key
cryptography, Electronic signatures
,Firewalls, honey pots
 Cyber investigation- Computer forensics
is the process of identifying, preserving,
analyzing and presenting digital
evidence in a manner that is legally
acceptable in courts of law.
 These rules of evidence include
admissibility (in courts), authenticity
(relation to incident), completeness,
reliability and believability.
 Legal framework-laws & enforcement

Dr. Tabrez Ahmad,

I.T. ACT, 2000: OBJECTIVES
 Different approaches for controlling, regulating

and facilitating electronic communication and
commerce.

 Aim to provide legal infrastructure for
e-commerce in India.

 To provide legal recognition

for e-transactions
Dr. Tabrez Ahmad,

OBJECTIVES (Contd.)
 Carried out by means of electronic data interchange,
and
 Other means of electronic communication, commonly
referred to as "electronic commerce", involving the
use of alternatives to paper-based methods of
communication and storage of information.
 To facilitate electronic filing of documents with the
Government agencies
 To amend the Indian Penal Code, the Indian
Evidence Act, 1872, the Banker's Book Evidence Act,
1891 and the Reserve Bank of India Act, 1934
Dr. Tabrez Ahmad,

GOVERNMENT –NSP??
 Governments Providing Services On The
Network
 Governments Are Intermediaries. Sec 79 IT
Act.
 Under The It Act, 2000, All Governments,
Central And State, All Governmental Bodies
Are ―Network Service Providers‖
Dr. Tabrez Ahmad,

Section 79
 For the removal of doubts, it is hereby declared
that no person providing any service as a network
service provider shall be liable under this Act,
rules or regulations made thereunder for any third
party information or data made available by him if
he proves that the offence or contravention was
committed without his knowledge or that he had
exercised all due diligence to prevent the
commission of such offence or contravention.

Dr. Tabrez Ahmad,

Network Service Providers:
When Not Liable
 Explanation.—For the purposes of this section, —
(a) "network service provider" means an
intermediary;
(b) "third party information" means any information
dealt with by a network service provider in his
capacity as an intermediary.

Dr. Tabrez Ahmad,

TRANSPARENCY

 Need For Transparent E-governance

 Right To Information Act

 Government Would Now Not Be Able To Hide

Records Concerning E-governance

Dr. Tabrez Ahmad,

AUTHENTICATION OF
ELECTRONIC RECORDS
 Any subscriber may authenticate an electronic
record
 Authentication by affixing his digital signature.
 Any person by the use of a public key of the
subscriber can verify the electronic record

Dr. Tabrez Ahmad,

LEGALITY OF ELECTRONIC
SIGNATURES
 Legal recognition of digital signatures.

 Certifying Authorities for Digital Signatures.

 Scheme for Regulation of Certifying Authorities
for Digital Signatures

Dr. Tabrez Ahmad,

CONTROLLER OF
CERTIFYINGAUTHORITIES

 Shall exercise supervision over the activities of
Certifying Authorities
 Lay down standards and conditions governing Certifying
Authorities
 Specify various forms and content of Digital Signature
Certificates

Dr. Tabrez Ahmad,

DIGITAL SIGNATURES & ELECTRONIC
RECORDS

 Use of Electronic Records and Electronic

Signatures in Government Agencies.

 Publications of rules and regulations in the

Electronic Gazette.

Dr. Tabrez Ahmad,

International initiatives
 Representatives from the 26 Council of
Europe members, the United States,
Canada, Japan and South Africa in 2001  Main objectives-
signed a convention on cybercrime in
efforts to enhance international  Create effective cyber
cooperation in combating computer- crime laws
based crimes.  Handle jurisdiction issues
The Convention on Cybercrime, drawn  Cooperate in international
up by experts of the Council of Europe, is investigations
designed to coordinate these countries'  Develop acceptable
policies and laws on penalties on crimes practices for search and
in cyberspace, define the formula
guaranteeing the efficient operation of seizure
the criminal and judicial authorities, and  Establish effective
establish an efficient mechanism for public/private sector
international cooperation. interaction
 In 1997, The G-8 Ministers agreed to ten
"Principles to Combat High-Tech Crime"
and an "Action Plan to Combat High-
Tech Crime."
Dr. Tabrez Ahmad,

Combating Cyber crime-Indian legal
framework
 Information Technology Act, 2000-came into force on 17 October
2000
 Extends to whole of India and also applies to any offence or
contravention there under committed outside India by any person
{section 1 (2)}
 read with Section 75- Act applies to offence or contravention
committed outside India by any person irrespective of his
nationality, if such act involves a computer, computer system or
network located in India
 Section 2 (1) (a) –‖Access‖ means gaining entry into ,instructing
or communicating with the logical, arithmetic or memory function
resources of a computer, computer resource or network
 IT Act confers legal recognition to electronic records and digital
signatures (section 4,5 of the IT Act,2000)

Dr. Tabrez Ahmad,

Cybercrime vs Cyber contravention
 The IT Act prescribes provisions for contraventions in ch IX of the Act,
particularly s 43 of the Act, which covers unauthorised access,
downloading, introduction of virus, denial of access and Internet time
theft committed by any person. It prescribes punishment by way of
damages not exceeding Rs 1 crore to the affected party.

 Chapter XI of the IT Act 2000 discusses the cyber crimes and offences
inter alia, tampering with computer source documents (s 65), hacking (s
66), publishing of obscene information (s 67), unauthorised access to
protected system (s 70), breach of confidentiality (s 72), publishing false
digital signature certificate (s 73).
 Whereas cyber contraventions are ‗civil wrongs‘ for which compensation
is payable by the defaulting party, ‗cyber offences‘ constitute cyber
frauds and crimes which are criminal wrongs for which punishment of
imprisonment and/or fine is prescribed by the Information Technology
Act 2000.

Dr. Tabrez Ahmad,

Special and General statutes
applicable to cybercrimes
 While the IT Act 2000, provides for the specific offences it has to be
read with the Indian Penal Code 1860 (IPC) and the Code of Criminal
Procedure 1973 (Cr PC)
IT Act is a special law, most IT experts are of common consensus that it
does not cover or deal specifically with every kind of cyber crime
 for instance, for defamatory emails reliance is placed on s 500 of IPC,
for threatening e-mails, provisions of IPC applicable thereto are criminal
intimidation (ch XXII), extortion (ch XVII), for e-mail spoofing, provisions
of IPC relating to frauds, cheating by personation (ch XVII) and forgery
(ch XVIII) are attracted.
 Likewise, criminal breach of trust and fraud (ss 405, 406, 408, 409) of
the IPC are applicable and for false electronic evidence, s 193 of IPC
applies.

 For cognisability and bailability, reliance is placed on Code of Criminal
Procedure which also lays down the specific provisions relating to
powers of police to investigate.

Dr. Tabrez Ahmad,

Tampering of source code
 According to s 65 of the IT Act-
 a person who intentionally conceals or destroys or
alters or intentionally or knowingly causes another to
conceal, destroy or alter any computer source code
used for a computer, computer program, computer
system or network when the computer source code is
required to be maintained by law is punishable with
imprisonment upto 3 years or with fine that may
extend upto 2 lakh rupees or with both.

Dr. Tabrez Ahmad,

Hacking
 Section 66 of the IT Act 2000 deals with the offence of
computer hacking.
 In simple words, hacking is accessing of a computer
system without the express or implied permission of
the owner of that computer system.
 Examples of hacking may include unauthorised input
or alteration of input, destruction or misappropriation
of output, misuse of programs or alteration of
computer data.
 Punishment for hacking is imprisonment upto 3years
or fine which may extend to 2 lakh rupees or both

Dr. Tabrez Ahmad,

Publishing obscene information
 Section 67 of the IT Act lays down punishment for the offence of
publishing of obscene information in electronic form

 Recently, the Supreme Court in Ajay Goswami v Union of India
considered the issue of obscenity on Internet and held that
restriction on freedom of speech on ground of curtailing
obscenity amounts to reasonable restriction under art 19(2) of
the Constitution. The court observed that the test of community
mores and standards has become obsolete in the Internet age.
 punishment on first conviction with imprisonment for a term
which may extend to 5 years and with fine which may extend to 1
lakh rupees. In the event of second conviction or subsequent
conviction imprisonment of description for a term which may
extend to 10 years and fine which may extend to2 lakh rupees.

Dr. Tabrez Ahmad,

New offences defined under IT Amendment
Act 2008 with effect from 27th October 2009
 Many cybercrimes for which no express provisions existed in the IT
Act 2000 now stand included by the IT Amendment Act 2008.

 Sending of offensive or false messages (s 66A), receiving stolen
computer resource (s 66C), identity theft (s 66C), (s 66D) cheating by
personation, violation of privacy (s 66E). Barring the offence of cyber
terrorism (s 66F ) punishment prescribed is generally upto three
years and fine of one/two lakhs rupees has been prescribed and
these offences are cognisable and bailable. This will not prove to
play a deterrent factor for the cyber criminals.

 Further, as per new s 84B,abetment to commit an offence is made
punishable with the punishment provided for the offence under the
Act and the new s 84C makes attempt to commit an offence also a
punishable offence with imprisonment for a term which may extend
to one-half of the longest term of imprisonment provided for that
offence

Dr. Tabrez Ahmad,

The IT Amendment Act 2008
 In certain offences, such as hacking (s 66) punishment is
enhanced from 3 years of imprisonment and fine of 2 lakhs to
fine of 5 lakhs rupees. In s 67, for publishing of obscene
information imprisonment term has been reduced from five years
to three years (and five years for subsequent offence instead of
earlier ten years) and fine has been increased from one lakh to
five lakhs rupees (ten lakhs on subsequent
conviction).

 Section 67A adds an offence of publishing material containing
sexually explicit conduct punishable with imprisonment for a term
that may extend to 5 years with fine upto ten lakhs rupees.

Dr. Tabrez Ahmad,

The IT Amendment Act 2008
 Section 67B punishes offence of child pornography,
child‘s sexually explicit act or conduct with
imprisonment on first conviction for a term upto 5
years and fine upto 10 lakhs rupees.

Dr. Tabrez Ahmad,

Section 46 IT Act
 Section 46 of the IT Act states that an adjudicating officer
shall be adjudging whether a person has committed a
contravention of any of the provisions of the said Act, by holding
an inquiry. Principles of audi alterum partum and natural justice
are enshrined in the said section which stipulates that a
reasonable opportunity of making a representation shall be
granted to the concerned person who is alleged to have
violated the provisions of the IT Act. The said Act stipulates that
the inquiry will be carried out in the manner as prescribed by
the Central Government
 All proceedings before him are deemed to be judicial
proceedings, every Adjudicating Officer has all powers conferred
on civil courts
 Appeal to cyber Appellate Tribunal- from decision of Controller,
Adjudicating Officer {section 57 IT act}

Dr. Tabrez Ahmad,

Section 47, IT Act
 Section 47 of the Act lays down that while
adjudging the quantum of compensation
under this Act, the adjudicating officer shall
have due regard to the following factors,
namely-
 (a) the amount of gain of unfair advantage,
wherever quantifiable, made as a result of the
default;
 (b) the amount of loss caused to any
person as a result of the default;
 (c) the repetitive nature of the default
Dr. Tabrez Ahmad,

Section 65: Source Code
 Most important asset of software companies
 ―Computer Source Code" means the listing of
programmes, computer commands, design
and layout
 Ingredients
 Knowledge or intention
 Concealment, destruction, alteration
 computer source code required to be kept or
maintained by law
 Punishment
 imprisonment up to three years and / or
 fine up to Rs. 2 lakh

Dr. Tabrez Ahmad,

Section 66: Hacking
• Ingredients
– Intention or Knowledge to cause wrongful loss
or damage to the public or any person
– Destruction, deletion, alteration, diminishing
value or utility or injuriously affecting
information residing in a computer resource
• Punishment
– imprisonment up to three years, and / or
– fine up to Rs. 2 lakh
• Cognizable, Non Bailable,
Section 66 covers data theft aswell as data alteration

Dr. Tabrez Ahmad,
http://technolexindia.blogspot.com 40

Computer Related Crimes under IPC
and Special Laws
Sending threatening messages by email Sec 503 IPC

Sending defamatory messages by email Sec 499, 500 IPC

Forgery of electronic records Sec 463, 470, 471 IPC

Bogus websites, cyber frauds Sec 420 IPC
Email spoofing Sec 416, 417, 463 IPC

Online sale of Drugs NDPS Act

Web -Jacking Sec. 383 IPC

Online sale of Arms Arms Act

Dr. Tabrez Ahmad,
http://technolexindia.blogspot.com 41

Case Study- BPO Data Theft
 The recently reported case of a Bank Fraud in
Pune in which some ex employees of BPO arm
of MPhasis Ltd MsourcE, defrauded US
Customers of Citi Bank to the tune of RS 1.5
crores has raised concerns of many kinds
including the role of "Data Protection".

Dr. Tabrez Ahmad,

Case Study (contd.)
 The crime was obviously committed using "Unauthorized
Access" to the "Electronic Account Space" of the customers.
It is therefore firmly within the domain of "Cyber Crimes".
 ITA-2000 is versatile enough to accommodate the aspects
of crime not covered by ITA-2000 but covered by other
statutes since any IPC offence committed with the use of
"Electronic Documents" can be considered as a crime with
the use of a "Written Documents". "Cheating", "Conspiracy",
"Breach of Trust" etc are therefore applicable in the above
case in addition to section in ITA-2000.
 Under ITA-2000 the offence is recognized both under
Section 66 and Section 43. Accordingly, the persons
involved are liable for imprisonment and fine as well as a
liability to pay damage to the victims to the maximum extent
of Rs 1 crore per victim for which the "Adjudication Process"
can be invoked.
Dr. Tabrez Ahmad,

Case Study (contd.)
 The BPO is liable for lack of security that enabled the commission of
the fraud as well as because of the vicarious responsibility for the ex-
employee's involvement. The process of getting the PIN number was
during the tenure of the persons as "Employees" and hence the
organization is responsible for the crime.
 Some of the persons who have assisted others in the commission of
the crime even though they may not be directly involved as
beneficiaries will also be liable under Section 43 of ITA-2000.
 Under Section 79 and Section 85 of ITA-2000, vicarious responsibilities
are indicated both for the BPO and the Bank on the grounds of "Lack of
Due Diligence".
 At the same time, if the crime is investigated in India under ITA-2000,
then the fact that the Bank was not using digital signatures for
authenticating the customer instructions is a matter which would
amount to gross negligence on the part of the Bank. (However, in this
particular case since the victims appear to be US Citizens and the
Bank itself is US based, the crime may come under the jurisdiction of
the US courts and not Indian Courts).

Dr. Tabrez Ahmad,

Cyber Pornography
 Section 67 of IT Act
 Publishing, transmitting, causing to be published
 Porn in the electronic form

 Strict punishment
 5 years jail (SI or RI) + 1 lakh fine
 10 years jail (SI or RI) + 2 lakh fine

Dr. Tabrez Ahmad,

Baazee case

Dr. Tabrez Ahmad,

Baazee case
 Obscene MMS clipping listed for sale on
27th November, 2004 - ―DPS Girl having fun".

 Some copies sold through Baazee.com

 Avnish Bajaj (CEO) arrested and his bail
application was rejected by the trial court.

Dr. Tabrez Ahmad,

Points of the prosecution
 The accused did not stop payment through
banking channels after learning of the illegal
nature of the transaction.

 The item description "DPS Girl having fun" should
have raised an alarm.

Dr. Tabrez Ahmad,

Points of the defence
 Section 67 relates to publication of obscene
material and not transmission.

 Remedial steps were taken within 38 hours,
since the intervening period was a weekend.

Dr. Tabrez Ahmad,

Findings of the Court
 It has not been established from the evidence
that any publication took place by the
accused, directly or indirectly.

 The actual obscene recording/clip could not
be viewed on the portal of Baazee.com.

 The sale consideration was not routed
through the accused.

Dr. Tabrez Ahmad,

 Prima facie Baazee.com had endeavored to
plug the loophole.

 The accused had actively participated in the
investigations.

 The nature of the alleged offence is such that
the evidence has already crystallized and may
even be tamper proof.

Dr. Tabrez Ahmad,

 Even though the accused is a foreign citizen,
he is of Indian origin with family roots in India.

 The evidence indicates
 only that the obscene material may have been
unwittingly offered for sale on the website.

 the heinous nature of the alleged crime may be
attributable to some other person.

Dr. Tabrez Ahmad,

Court order
 The court granted bail to Mr. Bajaj subject to
furnishing two sureties of Rs. 1 lakh each.

 The court ordered Mr. Bajaj to
 surrender his passport
 not to leave India without Court permission
 to participate and assist in the investigation.

Dr. Tabrez Ahmad,

State of Tamil Nadu Vs Suhas Katti
 This Case is notable for the fact that the conviction was achieved
successfully within a relatively quick time of 7 months from the filing
of the FIR .
 The case related to posting of obscene, defamatory and annoying
message about a divorcee woman in the yahoo message group.
Additional Chief Metropolitan Magistrate, delivered the judgment on
5-11-04 as follows:

 ―The accused is found guilty of offences under section 469, 509 IPC
and 67 of IT Act 2000 and the accused is convicted and is sentenced
for the offence to undergo RI for 2 years under 469 IPC and to pay
fine of Rs.500/- and for the offence u/s 509 IPC sentenced to
undergo 1 year Simple imprisonment and to pay fine of Rs.500/- and
for the offence u/s 67 of IT Act 2000 to undergo RI for 2 years and to
pay fine of Rs.4000/- All sentences to run concurrently.‖

 This is considered the first case convicted under section 67 of
Information Technology Act 2000 in India

Dr. Tabrez Ahmad,

 Recently, the Supreme Court in Ajay Goswami v Union of India
considered the issue of obscenity on Internet and held that restriction on
freedom of speech on ground of curtailing obscenity amounts to
reasonable restriction under art 19(2) of the Constitution. The court
observed that the test of community mores and standards has become
obsolete in the Internet age.
 Punishment on first conviction with imprisonment for a term which may
extend to 5 years and with fine which may extend to 1 lakh rupees. In
the event of second conviction or subsequent conviction imprisonment
of description for a term which may extend to 10 years and fine which
may extend to2 lakh rupees.

Dr. Tabrez Ahmad,

Protected Systems

Dr. Tabrez Ahmad,

Protected Systems
 Gazette notification for declaring protected
system.

 Government order authorizing persons to access
protected systems.

 10 years jail for accessing or attempting to
access protected systems.

Dr. Tabrez Ahmad,

Firos vs. State of Kerala
 Govt of Kerala declared the FRIENDS application
software as a protected system.

 The author of the application software challenged
the notification and the constitutional validity of
section 70.

 The Court upheld the validity of both

Dr. Tabrez Ahmad,

Tampering with source code

Dr. Tabrez Ahmad,

 Computer source code need not only be in the
electronic form.

 It can be printed on paper (e.g. printouts of
flowcharts for designing a software application).

Dr. Tabrez Ahmad,

 Following are punishable with 3 years jail and /
or 2 lakh fine:
 Concealing
 Altering
 Destroying

Dr. Tabrez Ahmad,

Syed Asifuddin case
 Tata Indicom employees were arrested for
manipulation of the electronic 32-bit number
(ESN) programmed into cell phones that were
exclusively franchised to Reliance Infocomm.

 The court held that such manipulation
amounted to tampering with computer source
code as envisaged by section 65.

Dr. Tabrez Ahmad,

Parliament attack case

 Several terrorists attacked Parliament House on
13-Dec-01

 Digital evidence played an important role during
their prosecution.

 The accused had argued that computers and
digital evidence can easily be tampered and
hence should not be relied upon.

Dr. Tabrez Ahmad,

 A laptop, several smart media storage disks and
devices were recovered from a truck intercepted
at Srinagar pursuant to information given by two
of the suspects.

 These articles were deposited in the police
―malkhana‖ on 16-Dec-01 but some files were
written onto the laptop on 21-Dec-01.

Dr. Tabrez Ahmad,

 Evidence found on the laptop included:
 fake identity cards,
 video files containing clippings of political leaders
with Parliament in background shot from TV news
channels,
 scanned images of front and rear of a genuine
identity card,

Dr. Tabrez Ahmad,

 image file of design of Ministry of Home Affairs car
sticker,

 the game 'wolf pack' with the user name 'Ashiq'.
Ashiq was the name in one of the fake identity
cards used by the terrorists.

Dr. Tabrez Ahmad,

The Information Technology (Amendment)
Act, 2008 has come into force on 27th
October, 2009.
 Almost Nine years and 10 days after the birth of cyber
laws in India, the new improved cyber law regime in India
has become a reality. The Information Technology Act
initially came into force on 17th October 2000 on the
model UNCITRAL of UNO 1996. Major changes to the IT
Act 2000 have now come into force with effect from 27th
October 2009.
 There are around 17 changes and out of that most of the
changes relate to cyber crimes. The last decade has seen
a spurt in crimes like cyber stalking and voyeurism, cyber
pornography, email frauds, phishing and crimes through
social networking. All these and more are severely dealt
with under the new laws.
Dr. Tabrez Ahmad,

Some of the major modifications are:

 1. A special liability has been imposed on call centers, BPOs,
banks and others who hold or handle sensitive personal
data. If they are negligent in "implementing and maintaining
reasonable security practices and procedures", they will be
liable to pay compensation. It may be recalled that India's
first major BPO related scam was the multi crore MphasiS-
Citibank funds siphoning case in 2005. Under the new law, in
such cases, the BPOs and call centers could also be made
liable if they have not implemented proper security
measures.
 2. Compensation on cyber crimes like spreading viruses,
copying data, unauthorised access, denial of service etc is
not restricted to Rs 1 crore anymore. The Adjudicating
Officers will have jurisdiction for cases where the claim is
upto Rs. 5 crore. Above that the case will need to be filed
before the civil courts.
Dr. Tabrez Ahmad,

 3.The offence of cyber terrorism has been specially
included in the law. A cyber terrorist can be punished
with life imprisonment.
 4. Sending threatening emails and sms are
punishable with jail upto 3 years.
 5. Publishing sexually explicit acts in the electronic
form is punishable with jail upto 3 years. This would
apply to cases like the Delhi MMS scandal where a
video of a young couple having sex was spread
through cell phones around the country.

Dr. Tabrez Ahmad,

 6.Voyeurism is now specifically covered. Acts like hiding
cameras in changing rooms, hotel rooms etc is
punishable with jail upto 3 years. This would apply to
cases like the infamous Pune spycam incident where a
58-year old man was arrested for installing spy cameras
in his house to 'snoop' on his young lady tenants.
 7. Cyber crime cases can now be investigated by
Inspector rank police officers. Earlier such offences
could not be investigated by an officer below the rank of
a deputy superintendent of police.
 8. Collecting, browsing, downloading etc of child
pornography is punishable with jail upto 5 years for the
first conviction. For a subsequent conviction, the jail term
can extend to 7 years. A fine of upto Rs 10 lakh can also
be levied.
Dr. Tabrez Ahmad,

 9. The punishment for spreading obscene material
by email, websites, sms has been reduced from 5
years jail to 3 years jail. This covers acts like sending
'dirty' jokes and pictures by email or sms.
 10. Refusing to hand over passwords to an
authorized official could land a person in prison for
upto 7 years.
 11. Hacking into a Government computer or
website, or even trying to do so in punishable with
imprisonment upto 10 years.
 12. Rules pertaining to section 52 (Salary,
Allowances and Other Terms and Conditions of
Service of Chairperson and Members),
Dr. Tabrez Ahmad,

 13. Rules pertaining to section 69 (Procedure and
Safeguards for Interception, Monitoring and
Decryption of Information),
 14. Rules pertaining to section 69A (Procedure and
Safeguards for Blocking for Access of Information by
Public),
 15. Rules pertaining to section 69B (Procedure and
safeguard for Monitoring and Collecting Traffic Data
or Information) and
 16. Notification under section 70B for appointment of
the Indian Computer Emergency Response Team.
 17. Rules Rules pertaining to section 54 (Procedure
for Investigation of Misbehaviour or Incapacity of
Chairperson and Members),
Dr. Tabrez Ahmad,

An overview of cyberimes

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (10)

Semelhante a An overview of cyberimes

Semelhante a An overview of cyberimes (20)

Mais de Prof. (Dr.) Tabrez Ahmad

Mais de Prof. (Dr.) Tabrez Ahmad (20)

Último

Último (20)

An overview of cyberimes