CYBER CRIMES & THE INFORMATION TECHNOLOGY ACT, 2000

 

• Vaishnavi G Nair, a student at the National University of Advanced Legal Studies

ABSTRACT

This article aims to examine the major cyber crimes in detail. It also focuses on the existing legislations in India to tackle these crimes, with emphasis on the IT Act, 2000 in particular. The effectiveness of the Act along with its role in preventing these crimes, is also being discussed. 

INTRODUCTION

The 21st century, often called the digital age, witnessed the spread and popularisation of the Internet. The immense developments that took place in the final years of the 20th century brought in the winds of change that ended up transforming the workings of the world. The said developments included the birth of the Internet in 1983, the invention of the World Wide Web in 1990 and the founding of the most used search engine in today’s day and age – Google, in 1998. The Internet revolutionised the field of communication by linking people from across the seven seas through many ways such as electronic mail and social media. The Internet, over the years, became not just a medium of communication and information but also a platform for e-commerce and entertainment. Streaming platforms such as Netflix, Prime Video, Sony Liv and Hotstar have become extremely popular, especially in the post-pandemic era. The pandemic also popularised video conferencing solutions like Zoom and Google Meet. They were inevitable for the working of schools and offices, at a time when we were all trapped inside the four walls of our homes. E-commerce platforms like Amazon and Flipkart have become a part of our daily lives.

Man’s dependence on technology has increased so much over the years that a person’s phone can furnish us with every minor detail about that individual. The technology that we now have access to, is not just used for education, entertainment or e-commerce. Technology these days is being misused to such a great extent that  cyber crime graphs are skyrocketing. These crimes vary from piracy and data breaches to cyber grooming, stalking and bullying. 

CYBER CRIMES AND ITS TYPES

Those unlawful acts that make use of a computer as a tool, target, or both are described as cyber crimes. Interestingly enough, the term ‘cyber-crime’ is not defined in any of the existing Indian legislations, including the Information Technology Act, 2000. Hacking, child pornography, cyber trafficking, piracy and online gambling are some of the major cyber crimes.

TYPES OF CYBER CRIMES

Cyber crimes can be classified into mainly – a) crimes against persons, b) crimes against property ( including intellectual property),  c) crimes against the government and d) crimes against society.

CRIMES AGAINST PERSONS

Following are the crimes against persons-

1. HACKING

 Hacking involves accessing a computer without the permission of its original owner. It is what facilitates unauthorised access or control to a person or the hacker over a computer system. Hacking results in the complete destruction of data and the computer program.

2. CYBER-STALKING

Cyber-stalking is said to be done when a person is being threatened expressly or impliedly through the use of technology such as that of electronic mail, text messages, etc.

3. DEFAMATION

Publication of defamatory material on a website or the circulation of such material through electronic mail, with the intent to lower the dignity of another individual, amounts to defamation. It also involves hacking the accounts of other individuals for sending vulgar emails to unknown persons. 

4. E-MAIL SPOOFING

An e-mail that misrepresents its origin is a spoofed e-mail. The actual origin of such an e-mail is different from the origin which is shown in the same.

5. SMS SPOOFING

In this case, the offender steals the identity of another individual in the form of his mobile number and sends an SMS to the others. The receivers of such SMS texts get them from the mobile number of the victim. 

6. DISSEMINATING OBSCENE MATERIAL

This involves hosting websites containing obscene materials like pornography. Such materials tend to have a negative impact on the developing minds of adolescents.

7. CRACKING

Breaching a software or the entire computer security system with malicious intent is referred to as cracking. It involves tampering with confidential data and information.

8.  CARDING

The use of false ATM/Debit cards for the withdrawal of money from the victim’s bank account for the monetary benefit of the offenders is referred to as carding. 

CRIMES AGAINST PROPERTY

Following are the cyber-crimes against property-

1. INTELLECTUAL PROPERTY CRIMES

Those unlawful acts which deprive the owner of  intellectual property, completely or partially of his rights, come under intellectual property crimes. Software privacy, infringement of copyright, patents, trademark, violation of service marks, etc, are some of the common forms of IPR violation.

2. CYBER SQUATTING

Claiming of the same domain name by two parties on the grounds that one had registered the name first or that they had been using something similar previously. 

3. CYBER VANDALISM

It involves destroying or damaging the data during the disruption of a network service. Physical harm done to the computer of a person, like the theft of the computer or a particular part of the computer, also comes within the purview of cyber vandalism. 

4. CYBER TRESPASS

Accessing a person’s computer without the authorization of the rightful owner of the computer amounts to cyber trespass.

5. TRANSMISSION OF VIRUSES

Programs that attach themselves to a file or computer, resulting in their subsequent circulation to other files and computers on a network. Viruses affect the data on computer systems by altering or deleting it. 

6. INTERNET TIME THEFTS

It refers to the use of internet hours, paid for by one person by an unauthorised person after gaining access to the former’s ISP user ID and password, either via hacking or other illegal means. 

This involves attacking people by sending bogus e-mails and messages. Unauthorised use of others’ credit cards after the illegal attainment of passwords is an example of this type of crime.

CRIMES AGAINST THE GOVERNMENT 

Following are the cyber-crimes against the government-

1. CYBER TERRORISM

Cyber terrorism is a direct attack on the sovereignty of a nation. Sensitive computer networks are attacked, hate websites are created,  and hate emails are circulated as a part of this.

2. CYBER WARFARE

It refers to hacking, which is politically motivated, aimed at conducting sabotage and espionage. Cyber warfare is often compared to conventional warfare. But this analogy is very controversial in nature.

3. DISTRIBUTING PIRATED SOFTWARE

It refers to the transfer of pirated software from one computer system to another with the intention of destroying significant data and governmental records. 

CRIMES AGAINST THE SOCIETY

Following are the cyber-crimes against the society-

1. CHILD PORNOGRAPHY

Child pornography involves the use of computer networks for the transmission and distribution of sexually explicit content involving minors. 

2. CYBER TRAFFICKING

It includes trafficking of drugs, weapons, human beings, etc , which is carried out through the use of computers and the Internet.

3. FINANCIAL CRIMES

4. FORGERY

It involves the use of computers, scanners and printers to forge counterfeit currency notes.

THE HISTORY OF CYBER CRIMES

Contrary to the popular perception, cyber crimes are not really a recent phenomenon. Computer viruses, especially, have a very long history. Theories of self-replicating programmes can be traced back to 1949. Apple II operating systems were found to be infected with Apple Viruses 1, 2 and 3 in 1981. The ‘Lehigh’ virus is known to have infected the ‘command.com’ computer files in 1987. ‘Jerusalem’, one of the most common viruses, was unleashed in 1988. It was activated on every Friday the 13th. This virus infected the ‘.exe’ and ‘.com’ files. It also deleted the programs that were run on the particular day. The years that followed also witnessed the rise of many computer viruses like Word Concept, Baza, Leroux, Staog, Chernobyl, Melissa, Love Bug, etc. The Melissa virus is known to have infected about a million computers. The ‘Strange Brew’ virus of 1998 was the first to affect Java files. The ‘Tristate’ of 1999, which infected the Word, Excel and Powerpoint files, was the first multi-program macro virus to be deployed. The ‘Nimda’ virus affected many computers after the 9/11 attacks of 2001. One of the first anti-virus programs created by a big company, was launched in 1990 by Symantec. It was called the ‘Norton Anti-virus’. 

2007 was a landmark year from the aspect of cyber crimes because of the innovative strategies adopted and the sophisticated nature of these crimes. The wave of cyber crimes that this year witnessed, involved major events like that of the infiltration of the website of the Dolphins Stadium in the United States, a day before the popular Super Bowl event. The year also saw the rise of dangerous viruses like ‘Storm Worm’.

India has also fallen prey to a lot of cyber-crimes. Most of the terror attacks that India witnessed in the 2000s were conspired through electronic and telecom messages. These attacks include the bomb blasts at the Court complexes in Varanasi, Gorakhpur and Allahabad 

In 2007, the Delhi Diwali blasts of 2007, the Mumbai train blasts of 2007 and the blasts at  Jaipur and Delhi in 2008.

In the 26/11 attacks that took place in Mumbai, the Pakistani terrorists hijacked the computer systems at the Taj Hotel, the Shivaji Maharaj Terminus and the Leopal Cafe. The attack spanned across four days and involved 60-hour-long multiple strikes by Pakistani nationals who had snuck into India through the shores of Mumbai . The terror group responsible for the Ahmedabad bomb blasts, the Indian Mujahideen Islamic Militant Group, had warned news agencies by spamming e-mails. The group had also threatened the Chief Minister of Maharashtra and Mukesh Ambani, a businessman. In 2018, a massive data breach of about 1.1 Aadhar users when the hackers leaked mobile numbers, IFSC codes, bank accounts and personal information on platforms such that everyone could see each other’s details. The sellers engaged in illegal activities and also started sharing people’s data in exchange for money. The cyber security system had failed to do its job.

Cyber attacks from across the border, such as from countries like China and Pakistan, could pose a threat to the critical information infrastructure of India. The practical difficulties in locating such cyber criminals worsen the problem. Thus, cyber security is of utmost importance. India has adopted various doctrines to curb the problem of cyber crimes, the Information Technology Act, 2000 being the main one. The following chapters will look at the said legislations and their effectiveness in preventing cyber-crime. 

THE INFORMATION TECHNOLOGY ACT, 2000 AND ITS IMPORTANT PROVISIONS

The Information Technology Act, 2000 is a legislation that deals with online crime and internet trading. This Act came into force on 17th October, 2000. The Bill was drafted by a team of officials under the direction of the then minister of information technology, Pramod Mahajan. It is the primary source of cyber law in this country. The Act provided legal recognition to electronic commerce and also facilitated the filing of electronic records with the government. It penalises various cyber-crimes and lays down strict punishment for the same. The Act also governs how various cyber-crimes are investigated. 

IMPORTANT PROVISIONS OF THE ACT:

SECTION 43

This section is applied when another person harms the computer of the victim without the express authorization of the victim. The former is liable to pay damages to the latter by way of compensation. Section 43A makes a body corporate liable for failing to maintain and implement reasonable security practices while dealing with sensitive personal data information, in a computer resource that it controls, operates or owns, which results in  wrongful gain or wrongful loss to any person, then such body corporate will be liable to pay damages in the form of compensation to the person so affected.

SECTION 66

This section of the Act applies to any conduct mentioned in Section 43 which is dishonest or fraudulent in nature. The punishment laid down in this section involves imprisonment, which may extend to a period of upto three years or a fine, which may extend to five lakhs or both.

SECTION 67

This section of the Act lays down punishment for transmission of obscene material in electronic form. 

SECTION 69

This section of the Act gives the  power for issuing directions relating to the interception  of any information through any computer resource to the central government and the state governments in the country, in the interest of the security of the nation. Section 69A lays down the power to issue directions for the purpose of blocking of public access of any information through any computer resource and Section 69B lays down the power of authorisation to monitor and collect traffic data  through any computer  for the purpose of cyber security.

SECTION 70

This section of the Act deals with the protection of Critical Information Infrastructure.  

Section 70B calls for the appointment of a national agency called the Indian Computer Emergency Response Team for incident response. 

THE INFORMATION TECHNOLOGY ACT, 2000 – THE     NEGATIVE ASPECTS

The Information Technology Act, 2000 is completely silent on domain names as it neither defines domain names nor speaks of the rights and liabilities of domain name owners. Another aspect that the law is silent on is the protection of intellectual property. Issues relating to patents, online copyrights and trademarks have not been touched by the law. This Act has also failed to lay down proper parameters for implementation.

The Act does not touch upon privacy at all. The Digital Personal Data Protection Act, 2023 was, however, passed this year for the protection of the right of individuals to protect their rights. 

The advancement of technology comes at the cost of this technology being misused to such an extent that it results in new forms of cyber-crimes that the law enforcement agencies are quite unaware of and are very new to. Thus, the mere existence of cyber laws is not what is necessary to create a safe cyber-space. The timely updation of these laws is inevitable for achieving cyber security. 

CONCLUSION 

 It is necessary to fill the gaps in the cyber law legislations of the country to ensure cyber security and to protect the rights of the people. Since the right to privacy is a fundamental right, the prevention of breach of data is of utmost importance. A nation like India cannot afford to have its sensitive data leaked. Thus, ensuring a safe and secure cyberspace is not just about the protection of people’s rights, but the protection of the sovereignty and security of the nation.

FAQs : 

1. What are cyber crimes?

Cyber crimes are unlawful acts that involve the use of a computer or the Internet as a tool, target, or both. These crimes include hacking, identity theft, online fraud, and cyber-stalking, among others.

2. What is the Information Technology Act, 2000?

The Information Technology Act, 2000 is a primary legislation in India that addresses issues related to cyber crimes and electronic commerce. It provides legal recognition to electronic transactions and prescribes penalties for various cyber crimes.

3. What are the limitations of the Information Technology Act, 2000?

The Act has several limitations:

– It does not address domain names or intellectual property issues comprehensively.

– It lacks specific provisions for privacy protection, which is partly addressed by the Digital Personal Data Protection Act, 2023.

– The Act does not cover all emerging forms of cyber crimes, necessitating regular updates.

4. How does the Digital Personal Data Protection Act, 2023 relate to the IT Act, 2000?

The Digital Personal Data Protection Act, 2023 complements the IT Act by addressing gaps in privacy protection. It focuses on safeguarding individuals’ personal data, which the IT Act does not cover extensively.