Indian Approach Towards the Fight Against Cyber Crime

 

Indian Approach towards the Fight against Cyber Crime

INTRODUCTION

 

Internet in India is growing rapidly. It has given rise to new opportunities in every field we can think of, be it entertainment, business, sports or education. Internet also has its own disadvantages. One of the major disadvantages is Cybercrime – illegal activity committed on the internet. The internet, along with its advantages, has also exposed citizens to security risks that come with connecting to a large network. Computers today are being misused for illegal activities like e-mail espionage, credit card fraud, spam’s, software piracy and so on; criminal activities in the cyberspace are on the rise. As the cases of cybercrime grow, there is a growing need to prevent them.

Legislation   

 

Information Technology Act (IT Act) 2000

 

The government of India introduced the Information Technology Act, on 17th October 2000. Information Technology Act (IT Act) 2000, is the India’s only cyber law. The IT Act is aimed to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”.

 

India has done a good job by enacting a cyber law. It is the 12th country of the world having a cyber law. It covers areas like e-governance, e-commerce, cyber contraventions and cyber offences.

Information Technology ACT 2000 Effects in Combating Cyber Crime

 

According to Section 75 of the Act, the Act applies to any offence or contravention committed outside India by any person irrespective of his nationality, if such act involves a computer, computer system or network located in India. The IT Act prescribes provisions for contraventions in Chapter IX of the Act, particularly Section 43 of the Act, which covers unauthorized access, downloading, introduction of virus, denial of access and internet time theft committed by any person. It prescribes punishment by way of damages not exceeding Rs. 1 crore to the affected party. Chapter XI of the IT Act discusses the cyber crimes and offences interalia, tampering with computer source documents (Sec. 65), Hacking (Sec.66), publishing of obscene information (Sec.67), unauthorized access to protected system (Sec.70), breach of confidentiality (Sec.72), publishing false digital signature certificate (Sec.73).

The implications of IT Act 2000 provisions for the e-businesses would be that email would now be a valid and legal form of communication in India that can be duly produced and approved in a court of law. Companies shall now be able to carry out electronic commerce using the legal infrastructure provided by the Act. Digital signatures have been given legal validity and sanction in the Act. The IT Act also addresses the important issues of security, which are so critical to the success of electronic transactions.

One of the first cases where the accused was convicted under the IT Act provisions was the case of State of Tamilnadu V. Suhas Kutty. The case related to posting of obscene, defamatory and annoying message about a divorcee woman in the yahoo message group. E-Mails were also forwarded to the victim for information by the accused through a false e-mail account opened by him in the name of the victim. The posting of the message resulted in annoying phone calls to the lady in the belief that she was soliciting. The accused was found guilty of offences under section 469, 509 IPC and 67 of IT Act 2000 and the accused was convicted and was sentenced for the offence to undergo RI for 2 years under 469 IPC and to pay fine of Rs.500/-and for the offence under Section 509 IPC sentenced to undergo 1 year Simple imprisonment and to pay fine of Rs.500/- and for the offence under Section 67 of IT Act 2000 to undergo RI for 2 years and to pay fine of Rs.4000/-.

Eight years have passed since the act was enacted and in these eight year’s technology has changed at a much faster pace. Though law cannot possibly be expected to keep pace with changes in technology, still there are few areas in the current cyber laws which need some attention.

Some Important Shortcomings of the Information Technology Act, 2000

 

Pornography

The term ‘pornography’ when used in relation to an offence is not defined in any statutes in India. But Section 67 of the IT Act lays down the law that obscenity is an offence when it is published or transmitted or caused to be published in any electronic form. The expressions, ‘publishing’ or ‘transmission’ have not been specifically defined under the IT Act.

 

Even the punishment for pornography is not sufficient in India and in the proposed amendment in IT Act the imprisonment is being reduced to two years from the present five year imprisonment. Though legislations worldwide contain severe provisions for child pornography there is no mention of child pornography in the Indian Act. It is interesting to note down that the Information Technology Act prohibits publishing of pornography but viewing of pornography is not an offence under the act.

 

Data Protection in Internet Banking

 

The Information Technology Act talks about unauthorized access but it does not talk about maintaining integrity of customer transactions. The act does not lay down any duty upon banks to protect the details of customers and clients. U.K has a data protection law which was enacted 10 years back that is in 1998 under which banks or any person holding sensitive information may be held liable for damages if it fails to maintain adequate security protection in respect of data.

 

Spamming

 

Recently the Government of India revealed that as much as 76 per cent of e-mails originating from India are spam’s, although the country accounts for only one per cent when compared with top 25 spam-producing nations. The business of spamming is not only lucrative but is also unregulated to a greater extent. The laws for the prevention of spam in India are missing. Even the IT Act, 2000 fails to address this issue.

 

USA and the European Union have already enacted anti spam legislation.

 

In the United States spam is legally permissible according to the CAN-SPAM Act of 2003 provided it follows certain criteria. If the spam fails to comply with any of these requirements, then it is illegal.

 

Article 13 of the European Union Directive on Privacy and Electronic Communications (2002/58/EC) provides that the EU member States shall take appropriate measures to ensure that unsolicited communications for the purposes of direct marketing are not allowed either without the consent of the subscribers concerned or in respect of subscribers who do not wish to receive these communications, the choice between these options to be determined by National Legislation.

 

Identity Theft

 

The IT Act, 2000 does not have any specific provision to deal with Identity theft. It is clear that Indian politicians just do not understand the problem associated with personal identity theft that India employees of outsourcing firms commit. In the face of the controversy generated over leakage of personal information of UK customers through an Indian web marketing firm, prime minister of India has asked the Information and Technology department and industry association Nasscom to consult all stakeholders and give suggestions for changes in the existing laws and, if necessary, to ensure that any breach of secrecy, illegal transfer of commercial and other privileged information and any other form of cyber crime is made a punishable offence.

 

These are some of the important shortcomings of the Information Technology Act, 2000. Though an amendment was proposed in the Act in 2005, the bill has still not been passed and moreover the bill also fails to address these issues and shortcomings. It seems quite evident that by the time the bill is passed, it would have become obsolete and ineffective.

Challenges to Legislative Measures

 

Cyber law in India is in its infancy and is struggling hard to meet the contemporary Information and Communication Technology (ICT) requirements. ICT Trends in India-2006, ICT Trends in India-2007, Cyber Security Trends-2007, etc have proved that India has not paid enough attention to the legal framework for the information society and legal enablement of ICT systems in India. To worsen the situation we have a weak cyber and ICT security in India. Cyber and ICT security in India is an ‘ignored world’ and the same is not going to improve due to the faulty cyber security strategy of India. This precarious situation has lead to an insufficient critical ICT infrastructure protection in India. The critical ICT infrastructure protection and management in India have still not got the attention of government of India and private industry players. In short, the ICT strategy of India needs rejuvenation so that we may have a sound cyber law and effective ICT and cyber security.

 

To compound these problems, many victims of cybercrime are unwilling to file their cases with the authorities. The true magnitudes of cybercrime, as well as demographic statistics on perpetrators and victims, are unknown because most incidents of cybercrime go unreported. The reason behind this is that the victim is either scared of police harassment or wrong media publicity. For minority and marginalised groups who already bear the brunt of media bias, reporting online harassment to the police may simply draw further unwanted attention.

 

The good news is that, despite these limitations, cyber crimes are detected and culprits are being punished. In October 2002, the Delhi High Court restricted a person from selling pirated Microsoft software over an Internet auction site. Some of the big cities in India where cyber crime cells do exist, there is potential for improvement. There is an immense need for training, and more cities need to have such cells.

 

Conclusion

 

There is an urgent need for unification of internet laws to reduce the confusion in their application. For e.g. for publication of harmful contents or such sites, we have Indian Penal Code (IPC), Obscenity Law, Communication Decency law, self regulation, Information Technology Act 2000 ,Data Protection Act, Indian Penal Code, Criminal Procedure Code etc but as they deal with the subject vaguely therefore lacks efficient enforceability mechanism. Due to numerous Laws dealing with the subject there lays confusion as to their applicability, and none of the Law deals with the subject specifically in total. To end the confusion in applicability of Legislation picking from various laws to tackle the problem, i would suggest unification of laws by taking all the internet laws to arrive at Code which is efficient enough to deal with all the problems related to internet crimes. Although these legislations talk about the problem but they don’t provide an end to it. There’s need for a one Cyber legislation which is co-ordinated to look after cyber crimes in all respects. With passage of time and betterment of technology in the present date, has also resulted in numerous number of Information technology related crimes therefore changes are suggested to combat the problem equally fast.

Posted in Uncategorized

Leave a Reply