11 - Chapter 5

CHAPTER - V
Legislative Trends in
Indian Perspective
1. Information Technology Act, 2000

3. Judicial Response and Case Studies of
Cyber Crime
4. General Observation.
CHAPTER - V
# E C ! I S L i l f l V E T R E N D S IN
INDIAN PERSPECTIVE
Due to the increase in the digital technology various offences has
also increased. Since new-new technology come everyday, the offences
has also increased therefore the IT Act 2000 need to be amended in
order to include those offences which are now not included in the Act.
In India cyber crime is of not of high rate therefore we have time in order
to tighten the cyber laws and include the offences which are now not
included in the IT Act 2000. Computer-related crime, hke crime in general,
may be explained by the conjunction of three factors, motivation,
opportunity and the absence of capable guardianship. Motivations will
vary depending on the nature of the crime in question, but may include,
greed, lust, revenge, challenge or adventure. The most appropriate
strategies for the control of computer-related crime entails a mixture of
law enforcement, technological and market-based solutions. Over-
regulation, moreover, may stifle commercial and technological
development. It is argued that in some contexts, the market place may
be able to provide more efficientsolutions to the problems of computer-
related crime than state interventions.' Accordingly this chapter seeks to
address and analyse the followingissues:
3. Judicial Response and Case Studies of Cyber Crime
4. General Observation.
1. Anju Thapa, Cyber Staking ; Crime and Challenge at the Cyberspcace,

International Journal of Computing and Business Research (IJCBR) ISSN
(Onlme): 2229-6166 Volume 2 Issue 1 2011.
313:
Success in any field of human activity leads to crime that needs
mechanisms to control it. Legal provisions should provide assurance to
users, empowerment to law enforcement agencies and deterrence to
criminals. The law isas stringent as its enforcement. Crimeis no longer
limited to space, time or a group of people. Cyber space creates moral,
civil and criminal wrongs. It has now given a new way to express criminal
tendencies. Back in 1990, less than 100,000 people were able to log on
to the Internet worldwide. Now around 500 million people are hooked
up to surf the net around the globe.
Until recently, manyinformationtechnology(IT) professionalslacked
awareness of and interest in the cyber crime phenomenon.In many cases,
law enforcement officers have lacked the tools needed to tackle the
problem; old laws didn't quite fitthe crimes being committed, new laws
hadn't quite caught up to the reality of what was happening, and there
were few court precedents to look to for guidance. Furthermore,debates
over privacy issues hampered the ability of enforcement agents to gather
the evidence needed to prosecute these new cases. Finally there was a
certain amount of antipathy—or at the least, distrust—between the two
most important players in any effective fight against cyber crime: law
enforcement agencies and computer professionals. Yet close
cooperation between the two is crucial if we are to control the cyber
crime problem and make the Internet a safe "place" for its users.
Law enforcement personnel understand the criminal mindset and know
the basics of gathering evidence and bringing offenders to justice. IT
personnel understand computers and networks, how they work, and
how to track down information on them. Each has half of the key to
defeating the cyber criminal.
IT professionals need good definitions of cybercrime in order to
know when (and what) to report to police, but law enforcement agencies
must have statutory definitions of specific crimes in order to charge a
criminal with an offense. The first step in specifically definingindividual
cybercrimes is to sort all the acts that can be considered cybercrimes
into organized categories.
United Nations' Definifionof Cybercrime

Cybercrime spans not only state but national boundaries as well.
Perhaps we should look to international organizations to provide a
standard definition of the crime. At the Tenth United Nations Congress
on the Prevention of Crime and Treatment of Offenders, in a workshop
devoted to the issues of crimes related to computer networks, cybercrime
was broken into two categories and defined thus:
a. Cybercrime in a narrow sense (computer crime): Any illegal behavior

directed by means of electronic operations that targets the security of
computer systems and the data processed by them.
b. Cybercrime in a broader sense (computer-related crime): Any illegal
behavior committed by means of, or inrelarionto, a computer system or
(315)
network, including such crimes as illegal possession [and] offering or '
distributing information by means of a computer system or network.

Of course, these definitions are complicated by the fact that an act
may be illegal in one nation but not in another
There are more concrete examples, including
i. Unauthorized access
ii Damage to computer data or programs
iii Computer sabotage
iv Unauthorized interception of communications
V Computer espionage
These definitions, although not completely definitive, do give us a
good starting point—one that has some intemational recognition and
agreement—fordeterminingjust what we mean by the term cybercrime.
In Indian law, cyber crime has to be voluntary and willfiil, an act or
omission that adversely affects a person or property. The IT Act provides
the backbone for e-commerce and India's approach has been to look at
e-govemance and e-commerce primarily from the promotional aspects
looking at the vast opportunities and the need to sensitize the population
to the 2 possibilities of the information age. There is the need to take in
to consideration the security aspects.
In the present global situation where cyber control mechanisms are
important we need to push cyber laws. Cyber Crimes are a new class of
crimes to Indiarapidly expanding due to extensive use of internet. Getting
^16:
the right lead and making the right interpretation are very important in
solving a cyber crime. The 7 stage continuum of a criminal case starts
from perpetration to registration to reporting, investigation,
prosecution, adjudication and execution. The system can not be
stronger than the weakest link in the chain. In India, there are 30 million
policemen to train apart from 12,000 strong Judiciary Police in India are
trying to become cyber crime savvy and hiring people who are trained in
the area. Each police station in Delhi will have a computer soon which
will be connected to the Head Quarter.. The pace of the investigations
however can be faster; judicial sensitivity and knowledge need to improve.
Focus needs to be on educating the police and district judiciary. IT
Institutions canalso play a role in this area. ,
Technology nuances are important in a spam infested environment
where privacy can be compromised and individuals can be subjected to
become a victim unsuspectingly We need to sensitize our investigators
and judges to the nuances of the system. Most cyber criminals have a
counter part in the real world. If loss of property or persons is caused
the criminal is punishableunder the IPC also. Since the law enforcement
agencies find it is easier to handleit under the IPC, IT Act cases are not
getting reported and when reported are not necessarily dealt with under
the IT Act. A lengthy and intensive process of learning is required.
A whole series of initiatives of cyber forensics were undertaken and
cyber law procedures resulted out of it. This is an area where learning
:3i2;
takes place every day as we are all beginners in this area. We are looking
for solutions faster than the problems can get invented. We need to
move faster than the criminals.
The real issue is how to prevent cyber crime. For this, there is need
to raise the probability of apprehension and conviction. India has a law
on evidence that considers admissibility, authenticity, accuracy, and
completeness to convince the judiciary The challenge in cyber crime
cases includes getting evidence that will stand scrutiny in a foreign court.
For this India needs total international cooperation with specialised
agencies of differentcountries. Police has to ensure that they have seized
exactly what was there at the scene of crime, is the same that has been
analysed and the report presented in court is based on this evidence. It
has to maintain the chain of custody The threat is notfromthe intelligaice
of criminals but from our ignorance and the will to fight it. The law is
stricter now on producing evidence especially where electronic documents
are concerned.
The computer is the target and the tool for the perpetration of crime.
It is used for the communication of the criminal activity such as the
injection of a virus/worm which cancrash entire networks.
The Information Technology (IT) Act, 2000, specifies the acts which
have been made punishable. Since the primary objective of this Act is to
create an enabling environment for commercial use of I.T., certain
omissions and commissions of criminals while using computers have
not been included. With the legal recognition of Electronic Records and
the amendments made in the several sections of the IPC vide the IT Act,
2000, several offences having bearing on cyber-arenaare also registered
under the appropriate sections of the IPC. During the year 2003, 60
cases were registered under IT Act as compared to 70 cases during the
previous year thereby reporting a decline of 14.3 percent in 2003 over
2002. Of the total 60 cases registered under IT Act 2000, around 33
percent (20 cases) relate to Obscene Publication / Transmission in
electronic form, normally known as cases of cyber pornography 17
persons were arrested for committing such offences during 2003.
There were 21 cases of Hacking of computer systems wherein 18
persons were arrested in 2003. Of the total (21) Hacking cases, the
cases relating to Loss/Damage of computer resource/utility under Sec
66(1) of the IT Act were to the tune of 62 percent (13 cases) and that
related to Hacking under Section 66(2) of IT Act were 38 percent (8cases).
During2003, a total of 411 cases were registered under IPC Sections
as compared to 738 such cases during2002 thereby reportinga significant
decline of 44 percent in 2003 over 2002. Andhra Pradesh reported more
than half of such cases (218 out of 411) (53 percent).
Of the 411 cases registered under IPC, majority of the crimes fall
under 3 categories viz. Criminal Breach of Trust or Fraud (269), Forgery
(89) and Counterfeiting (53). Though, these offences fall under the
traditional IPC crimes, the cases had the cyber toneswherein computer;
Internet or its related aspects were present in the crime and hence they
were categorised as Cyber Crimes under IPC.
During 2003, number of cases under Cyber Crimes relating to
Counterfeitingof currency/Stampsstood at 53 wherein 118 persons were
arrested during 2003. Of the 47,478 cases reported under Cheating, the
Cyber Forgery (89) accounted for 0.2 per cent. Of the total Criminal
Breach of Trust cases (13,432), the Cyber frauds (269) accounted for 2
percent. Of the Counterfeiting offences (2,055), Cyber Counterfeiting
(53) offences accounted for 2.6 percent.
A total of 475 persons were arrested in the country for Cyber Crimes
under IPC during 2003. Of these, 53.6 percent offenders (255) were
taken into custody for offences under Criminal Breach of Trust/Fraud
(Cyber) and 21.4 percent (102) for offences under 'Cyber Forgery'.
The age-wise profile of the arrested persons showed that 45 percent

were in the age-group of 30-45 years, 28.5 percent of the offenderswere
in the age-group of 45-60 years and 11 oflfenders were aged 60 years and
above. Gujarat reported 2 offenders who were below 18 years of age.
Fraud/Illegal gain (120) accounted for 60 per cent of the total Cyber
Crime motives reported in the country. Greed/Money (15 cases)
accounted for 7.5 percent of the Cyber Crimes reported. Eve-teasing
and Harassment (8 cases) accounted for around 4 per cent. Cyber
Suspects include Neighbours / Friends/ Relatives (91), Disgrunted
employees (11), Business Competitors (9), Crackers Students /
42o;
Professional learners (3). Cybercrime is not on the decline. The latest
statistics show that cybercrime is actually on the rise. However, it is true
that in India, cybercrime is not reported too much about.
Consequently there is a false sense of complacency that cybercrime
does not exist and that society is safe from cybercrime. This is not the
correct picture. The fact is that people in our country do not report
cybercrimes for many reasons. Many do not want to face harassment by
the police. There is also the fear of bad publicity in the media, which
could hurt their reputation and standing in society. Also, it becomes
extremely difficult to convince the police to register any cybercrime,
because of lack of orientation and awareness about cybercrimes and
their registration andhandling by the police.
A recent survey indicates that for every 500 cybercrime incidents that
take place, only 50 are reported to the police and out of that only one is
actually registered. These figures indicate how difficult it isto convince
the pohce to register a cybercrime. The establishment of cybercrime
cells in different parts of the country was expected to boost cybercrime
reporting and prosecution. However, these cells haven't quite kept up
with expectations.
Netizens should not be under the impression that cybercrime is
vanishing and they must realize that with each passing day, cyberspace
becomes a more dangerous place to be in, where criminals roam freely
to execute their criminals intentions encouraged by the socalled anonymity
(321)
that internet provides.

The absolutely poor rate of cyber crime conviction in the country
has also not helped the cause of regulating cybercrime. There has only
been few cybercrime convictions in the whole country, which can be
counted on fingers. We need to ensure that we have specialized
procedures for prosecution of cybercrime cases so as to tackle them on
a priority basis,. This is necessary so as to win the faith of the people in
the ability of the system to tackle cybercrime. We must ensure that our
system provides for stringent punishment of cybercrimes and cyber
criminals so that the same acts as a deterrent for others.
Judicial approach towards IT ACT, 2000
The introduction ofthe internet has brought the tremendous changes
in our lives. People of all fields are increasingly using the computers to
create, transmit and store information in the electronic form instead of
the traditional papers, documents. Informationstored in electronic forms
has many advantages, it is cheaper, easier to store, easier to retrieve and
for speedier to connection. Though it has many advantages, it has been
misused by many people in order to gain themselves or for sake or
otherwise to harm others. The high and speedier connectivity to the
world from any place has developed many crimes and these increased
offences led to the need of law for protection. Some countries have
been rather been vigilant and formed some laws governing the net. In
order to keep in pace with the changinggeneration, the Indian Parliament
^22:
passed the law — Information Technology Act 2000. The IT Act 2000
has been conceptualized on the United Nations Commissions on
International Trade Law (UNCITRAL) Model Law.
The increase rate of technology in computers has led to enactment of
Information Technology Act 2000. The converting of the paper work
into electronic records, the storage of the electronic data, has led
tremendous changed the scenario of the country The Act further amends
the Indian Penal Code, 1860, The Evidence Act, 1872, The Banker's
Book's Evidence Act, 1891 and The Reserve Bank of India Act, 1934.
Offences:
Cyber offences are the unlawful acts which are carried in a very
sophisticatedmannerin which either the computer is the tool or target or
both. Cyber crime usually includes:
(a) Unauthorized access of the computers-
(b) Data diddling
(c) Virus/worms attack
(d) Theft of computer system
(e)Hacking
(f) Denial of attacks
(g) Logic bombs
(h) Trojan attacks
(i) Internet time theft
.323:
(j) Web jacking
(k) Email bombing
(1) Salami attacks
(m) Physically damaging computer system.
The offences included in the IT Act 2000 are as follows:

1. Tampering with the computer source documents.
2. Hacking with computer system.
3. Publishing of information which is obscene in electronic form.
4. Power of Controller to give directions
5. Directions of Controller to asubscriber to extend facilities to decrypt
information
6. Protected system
7. Penalty for misrepresentation
8. Penalty for breach of confidentialityand privacy
9. Penally for publishing Digital Signature Certificate false in certain
particulars
10. Publication for fraudulent purpose
11. Act to apply for offence or contravention committed outside India
12. Confiscation
13. Penalties or confiscation not to interfere with other punishments.
14. Power to investigate offences
Offences Under The It Act 2000:
Section 65.
Tampering with computer source documents:
Whoever knowingly or intentionally conceals, destroys or alters or
intentionally or knowingly causes another to conceal, destroy or alter
any computer source code used for a computer; computer Programme,
computer system or computer network,when the computer source code
is required to be kept or maintained by law for the being time in force,
shall be punishable with imprisonment up to three year, or with fine
which may extend up to two lakh rupees, or with both.
Explanation: For the purpose of this section "computer source code"
means the listingof programmes, computer commands, design and layout
and programme analysis of computer resource in any form.
Object: The object of the section is to protect the "intellectual
property" invested in the computer. It is an attempt to protect the
computer source documents (codes) beyond what is available under the
Copyright Law
Essential ingredients of the section:
1. knowingly or intentionally concealing,
2. knowingly or intentionallydestroying,
3. knowin^y or intentionallyaltering,
4. knowingly or intentionally causing others to conceal.
325:
5. knowingly or intentionallycausing another to destroy
6. knowingly or intentionally causinganother to alter This section
extends towards the Copyright Act and helps the companies to protect
their source code of their programmes.
Penalties: Section 65 is tried by any magistrate. This is cognizable
and non- bailable offence.
Penalties: Imprisonment up to 3 years and / or
Fine: Two lakh rupees.
Case Laws:
In Frios v/s State of Kerela, it was declared that the FRIENDS
application software as protected system. The author of the application
challenged the notification and the constitutional validity of software
under Section 70. The court upheld the validity of both.
It included tampering with source code. Computer source code the
electronic form, it can be printed on paper.
The court observed that Tampering with Source code are punishable
with three years jail and or two lakh rupees fine of rupees two lakh
rupees for altering, concealing and destroying the source code.
Syed Asifuddin case the Tata Indicom employees were arrested for
manipulation of the electronic 32- bit number (ESN) programmed into
cell phones theft were exclusively franchised to Reliance Infocom.
Court observed that Tampering with source code invokes Section 65 of
.326:
the Information Technology Act.
3. Parliament Attack Case:
In this case several terrorist attacked on 13 December, 2001Parliamait
House. In this the Digital evidenceplayed an important roleduring their
prosecution. The accused argued that computers and evidence can easily
be tampered and hence should not be relied.
In Parliament case several smart device storage disks and devices, a
Laptop were recovered from the truck intercepted at Srinagar pursuant
to information given by two suspects. The laptop included the evidence
of fake identity cards, video files containingclips of the political leaders
with the background of Parliament in the background shot from T.V
news channels. In this case design of Ministry of Home Affairs car
sticker, there was game "wolf pack" with user name of 'Ashiq'. There
was the name in one of the fake identity cards used by the terrorist. No
back up was taken therefore itwas challenged in the Court.
Challenges to the accuracy of computer evidence should be
estabhshedby the challenger Mere theoretical and generic doubts cannot
be cast on the evidence.
Section 66. Hacking with the computer system:
(1) Whoever with the intentto cause or knowing that he is likelyto
cause wrongful loss or damage to the public or any person destroys or
deletes or alters any information residing in a computer resource or
diminishes its value or utility or affects it injuriously by any means, commits
32i:
hacking.
(2) Whoever commits hacking shall be punished with imprisonment
up to three years, or with fine which may extend up to two lakh rupees,
or with both.
Explanation: The section tells about the hacking activity
Essential ingredients of the section:
1. Whoever with intention or knowledge.
2. Causing wrongful loss or damage to the public or any person.
3. Destroying or altering anyinformation residing in a computer
resource.
4. Or diminishesits value or utility or.
5. Affects it injuriously by any means.
Penalties: Punishment: Imprisoned up to three years and Fine: which
may extend up to two lakh rupees. Or with both.
In R v/s Gold & Schifreen, it is observed that the accused ained
access to the British telecom Prestl Gold computers networks file amount
to dishonest trick and not criminal offence.
In R v/s Whiteley, the accused gained unauthorized access to the
Joint Academic Network (JANET) and deleted, added files and changed
the passwords to deny access to the authorized users. The perspective
of the section is not merely protect the information but to protect the
integrity and security of computer resources from attacks by unauthorized
person seeking to enter such resource, whatever may bethe intention or
32s:
motive.
Cases Reported In India:
Official website of Maharastra government hacked. The official
website of the govemmentof Maharashtra was hacked by Hackers Cool
Al- Jazeera, and claimed them they were from Saudi Arabia.
Section 67. Publishing of obscene info rmationin electronic form:

Whoever publishes or transmits or causes to be published in the electronic
form, any materialwhich is lascivious or appeals tothe prurient interest
or if its effect is such as to tend to deprave and corrupt persons who are
likely, having regardto all relevant circumstance, to read see or hear the
matter containedor embodied in it,shall be punished onfirst conviction
with imprisonment ofeither description for a term which may extend to
five years and withfine which may extend to one lakhrupees and in the
event of a second or subsequent conviction with imprisonment ofeither
description for a term which may extend to ten years and also with fine
which may extend to two lakh rupees.
Essential ingredients of this section:

1. Publishing or transmitting or causingto be published, pomogr^hic
material in electronic form.
Penalties: Punishment (1) On first conviction—imprisonment which
may extend up to five years.
Fine: up to on first convictionwhich may extend to one lakh rupees.
(2) On second conviction imprisonmentup to which may extend
422;
to ten years and Fine which may extend up to two lakh rupees.
Facts: In this case
The State of Tamil Nadu v/s Suhas Katti, this case is about posting
obscene, defamatory and annoying message about adivorcee woman in
the Yahoo message group. E-mails were forwarded to the victim for
information by the accused through a false e- mail account opened by
him in the name of the victim. These postings resulted in annoyingphone
calls to the lady Based on the complaint police nabbedthe accused. He
was a known family friend of the victim and was interested in marrying
her She married to another person, but that marriage ended in divorce
and the accused started contacting her once again. And her reluctance to
marry him he startedharassing her through internet.
The accused is found guilty of offences under section 469, 509 IPC
and 67 of IT Act 2000 and the accused is convicted and is sentenced for
the offence to undergo RI for 2 years under 469 IPC and to pay fine of
Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1 year
Simple imprisonment and to pay fine of Rs.500/- and for the offence u/
s 67 of IT Act 2000 to undeigo RI for 2 years and to pay fineof Rs.4000/
- All sentences to run concurrently"
The accused paid fine amount and he was lodged at Central Prison,
Chennai. This is considered the first case convicted under section 67 of
Information Technology Act 2000 in India.
In a recent case, a groom's family received numerous emails containing
430;
defamatory information about the prospective bride. Fortunately, they
did not believe the emails and chose to take the matter to the police. The
sender of the emails turned out to be the girl^s step-father, who did not
want the girl to get married, as he would have lost control over her
property, of which he was the legal guardian.
AvnishBajaj (CEO ofbazzee.com - now a part of the eBay group of
companies) case.
There were three accused first is the Delhi school boy and IIT
Kharagpur Ravi Raj and the service provider Avnish Bajaj. The law on
the subject is very clear. The sections slapped on the three accused were
Section 292 (sale, distribution, public exhibition, etc., of an obscene
object) and Section 294 (obscene acts, songs, etc., in a public place) of
the Indian Penal Code (IPC), and Section 67 (publishing information
which is obscene in electronic fonn)of the InformationTechnologyAct
2000. In addition, the schoolboy faces a charge under Section 201 of
the IPC (destruction of evidence), for there is apprehension that he had
destroyed the mobile phone that he used in the episode. These offences
invite a stiff penalty, namely, imprisonment ranging from two to five
years, in the case of a first time conviction, and/or fines.
In this case the Service providerAvnish Bajaj was later acquitted
and the Delhi school boy was granted bail by Juvenile Justice Board and
was taken into police charge and detained into Observation Home for
two days. DASKHINA Kannada police have solved the first case of
cyber crime in the district. A press release by Dakshina Kannada Police
^31
said here on Saturday that a Father at a Christian institution in the city
had approached the Superintendent of Police with a complaint that he
was getting offensive and obscene e-mails.
Police said that all the three admitted that they had done this to tarnish
the image of the Father As the three tendered an unconditional apology
to the Father and gave a written undertaking that they would not repeat
such act in future, the complainant withdrew his complaint. Following
this, the police dropped the charges against the culprit.
The release said that sending of offensive and obscene e-mails is an
offence underthe Indian InformstionTechnologyAct 2000. If the charges
are framed.
Section 68. Power of controller to give, directions:
(1) The Controllermay, by order, direct a CertifyingAuthorityor any
employee of such Authority to take such measures or cease carrying on
such activities as specified in the order if those are necessary to ensure
compliancewith the provisionsof this Act, rules or any regulationsmade
there under
(2) Any person who fails to comply with any order under sub-section
(1) shall be guilty of an offence and shall be liable on conviction to
imprisonment for a term not exceeding three years or to a fine not
exceeding two lakh rupees or to both.
Explanation: Any person who fails to comply with any order under
sub section (1) of the above section, shall be guilty of an offence and
^32:
shall be con\dcted for a term not less then three years or to afineexceeding
two lakh rupees or to both.
The under this section is non-bailable & cognizable.
Penalties: Punishment: imprisonment up to a term not exceeding
three years Fine: not exceeding two lakh rupees.
Section 69. Directions of Controller to a subscriber to extend
facilities to decrypt information:
(1) If the Controlleris satisfied that it is necessary or expedient so to
do in the interest of the sovereignty or integrity of India, the security of
the State, friendly relations with foreign States or public order or for
preventing incitement to the commission of any cognizable offence; for
reasons to be recorded in writing, by order, direct any agency of the
Government to intercept any information transmitted through any
computer resource.
(2) The subscriber or any person in charge of the computer resource
shall, when called upon by any agency which has been directed under
sub-section (1), extend all facilities and technical assistance to decrypt
the information.
(3) The subscriber or any person who fails to assist the agency referred
to in subsection
(2) shall be punished with an imprisonment for a term which may
extend to seven years.
Penalties: Punishment: imprisonmentfor a term which may extend
333:
to seven years.
The offence is cognizable and non- bailable.
Section 70. Protected System:
(1) The appropriate Government may, by notification in the Official
Gazette, declare that any computer, computer system or computer
network to be a protected system.
(2) The appropriate Government may, by order in writing, authorize
the persons who are authorized to access protected systems notified
under sub-section (1).
(3) Any person who secures access or attempts to secure access to a
protected system in contravention of the provision of this section shall
be punished with imprisonment of either description for a term which
may extend to ten years and shall also be liable to fine.
Explanation: This section grants the power to the appropriate
government to declare any computer, computer system or computer
network, to be a protected system. Only authorized person hasthe right
to access to protected system.
Penalties: Punishment: the imprisonment which may extend to ten

years and fine.
Section 71. Penalty for misrepresentation:
(1) Whoever makes any misrepresentationto, or suppresses any material
fact from, the Controller or the Certifying Authority for obtaining any
license or Digital Signature Certificate, as the case may be, shall be
punished with imprisonmentfor a term which may extend to two years.
334;
or which fine which may extend to one lakh rupees, or with both.
Penalties: Punishment:imprisonmentwhichmay extend to two years
Fine: may extend to one lakh rupees or with both.
Section 72. Penalty for breach of confidentiality and privacy:
Save as otherwise provide in this Act or any other law for the time being
in force, any person who, in pursuance of any of the powers conferred
under this Act, rules or regulation made there under, has secured assess
to any electronic record, book, register, correspondence, information,
documentor other material withoutthe consent of the person concerned
discloses such material to any other person shall be punished with
imprisonment for a term which may extend to two years, or with fine
which may extend to one lakh rupees, or with both.
Explanation: This section relates to any to nay person who in
pursuance of any of the powers conferred by the Act or it allied rules
and regulations has secured access to any: Electronic record, books,
register, correspondence, information,document, or other material.
If such person discloses such information, he will be punished with

punished. It would not apply to disclosure of personal information of a
person by a website, by his email service provider.
Penalties: Punishment: term which may extend to two years.
Fine: one lakh rupees or with both.
Section 73. Penalty for publishing Digital Signature Certificate
false in certain particulars:
(335)
(1) No person shall publish a Digital Signature Certificate or otherwise

make it available to any other person with the knowledge that-
(a) The Certifying Authority listed in the certificate has not issued it; or
(b) The subscriber listed in the certificate has not accepted it; or
(c) The certificate has been revoked or suspended, unless such publication
is for the purpose of verifying a digital signature created prior to such
suspension or revocation.
(2) Any person who contravenes the provisions of sub-section (1)
shall be punished with imprisonmentfor a term which may extend to two
years, or with fine which may extend to one lakh rupees, or with both.
Explanation: The CertifyingAuthority listed in the certificate has not
issued it or, The subscriber listed inthe certificate hasnot accepted it or
the certificate has been revoked or suspended.
The Certifying authority may also suspend the Digital Signature
Certificate if it is of the opinion that the digital signature certificate should
be suspended in public interest.
A digital signature may not be revoked unless the subscriber has
been given opportunity of being heard in the matter On revocation the
CertifyingAuthority needto communicate the samewith the subscriber
Such publicationis not an offence it is the purpose of verifyinga digital
signature created prior to such suspension or revocation.
Penalties: Punishment imprisonmentof a term of which may extend
to two years. Fine: fine may extend to 1 lakh rupees or with both.
016)
Bennett Coleman & Co. v/s Union of India. In this case the
publication has been stated that 'publication means dissemination and
circulation'. In the context of digital medium, the term publication includes
and transmission of information or data in electronic form.
Section 74. Publication for fraudulent purpose: Whoever
knowingly creates, publishes or otherwise makes available a Digital
Signature Certificate for any fraudulent or unlawful purpose shall be
punished with imprisonmentfor a term which may extend to two years,
or with fine which extend to one lakh rupees, or with both.
Explanation: This section prescribes punishment for the following
acts:
Knowinglycreating a digital signature certificate for any i. fraudulent
purpose or, ii. unlawful purpose. Knowingly publishing a digital
signature certificate for any i. fraudulent purpose or
ii. unlawful purpose Knowingly making available a digital signature
certificate for any i. fraudulent purpose or ii. unlawful purpose.
Penalties: Punishment: imprisonment for a term up to two years.
Fine: up to one lakh or both.
Section 75. Act to apply for offence or contravention committed
outside India: (1) Subject to the provisions of sub-section (2), the
provisions of this Act shall apply also to any offence or contravention
committed outside India by any person irrespective of his nationality
(337)
(2) For the purposes of sub-section (1), this Act shall apply to an oflPence
or Contravention committed outside India by any person if the act or
conduct constituting the offence or contravention involves a computet;
computer system or computer network located in India.
Explanation: This section has broader perspective including cyber crime,
committed by cyber criminals, of any nationality any territoriaHty
R v/s Governor of Brixtonprison and another. In this case the Citibank
faced the wrath of a hacker on its cash management system, resulting in
illegal transfer of funds from customers account in to the accounts of
the hacker, later identifiedas Valdimer Levinand his accomphces. After
Levin was arrested he was extradite to the United States. One of the
most important issues was jurisdictional issue, the 'place of origin' of
the cyber crime.
The Court helds that the real- time nature of the communicationlink
between Levin and Citibank computer meant that Levin's keystrokes
were actually occurring on the Citibank computer It is thus important
that in order to resolve the disputes related to jurisdiction, the issue of
territoriality and nationality must be placed by a much broader criteria
embracing principles of reasonableness and fairness to accommodate
overlapping or conflicting interests of states, in spirit of universal
jurisdiction.
Section 76. Confiscation:

Any computet; computer system, floppies, compact disks, tape drives
(338)
or any other accessories related thereto, in respect of which any provisions
of this Act, rules, orders or regulations made there under has been or is
being contravened, shall be liable to confiscation :
Provided that where it is established to the satisfaction of the court
adjudicatingthe confiscation that the person in whose possession, power
or control of any such computer, computer system, floppies, compact
disks, tape drives or any other accessories relating thereto is found is
not responsible for the contravention of the provisionsof this Act, rules
orders or regulationsmade there under, the court may, instead of making
an order for confiscation of such computer; computer system, floppies,
compact disks, tape drives or any other accessories related thereto,
make such other order authorized by this Act against the person
contravening of the provisions of this Act, rules, orders or regulations
made thereunder as it may think fit.
Explanation: The aforesaid sectionhighlightsthat all devices whether

computer, computer system, floppies, compact disks, tape drives or
any other storage, communication,input or output device which helped
in the contravention of any provision of this Act, rules, orders, or
regulations made under there under liable to be confiscated.
77. Penalties or confiscation not to interfere with other
punishments:
No penalty imposed or confiscationmade under this Act shall prevent
the imposition of any other punishment to which the person affected
339:
thereby is liable under any other law for the time beingin force.
Explanation: The aforesaid section lays down a mandatory condition,
which states the Penalties or confiscation not to interfere with other
punishments to which the person affected thereby is liable under any
other law for the time being in force.
78. Power to investigate offences:
Notwithstanding anything contained in the Code of Criminal
Procedure, 1973, a police officer not below the rank of Deputy
Superintendent of Police shall investigate any offence under this Act.
Explanation: The police officer not below the rank of Deputy
Superintendent of police shalhnvestigate the offence.
UK has the largest number of infected computers in the world followed
by the US and China. Financial attacks are 16 events per 1000, the
highest among all kinds of attacks. The US is the leading source country
for attacks but this has declined. China is second and Germany is third.
It is hard to determine where the attack came from originally The number
of viruses and worm variantsrose sharply to 7,360 that is a 64% increase
over the previousreportingperiod and a 332% increase over the previous
year. There are 17,500 variantsof Win.32 viruses. Threats to confidential
information are on the rise with 54%) of the top 50 reporting malicious
code with the potential to expose such information. Phishing messages
grew to 4.5 millionfrom 1 milhonbetween July and December 2004.
Pune Citibank MphasiS Call Center Fraud : US $ 3,50,000 from
accounts of four US customers were dishonestly transferred to bogus
44o:
accounts. This will give a lot of ammunition to those lobbying against
outsourcing in US. Such cases happen all over the world but when it
happens in India it is a serious matter and we can not ignore it. It is a
case of sourcing engineering. Some employees gained the confidence of
the customer and obtained their PIN numbers to commit fraud. They
got these under the guise of helping the customers out of difficult
situations. Highest security prevails in the call centers in India as they
know that they will lose their business. There was not as much of breach
of security but of sourcing engineering.
The call center employees are checked when they go in and out so
they can not copy down numbers and therefore they could not have
noted these down. They must have remembered these numbers, gone
out immediately to a cyber cafe and accessed the Citibank accounts of
the customers.
All accounts were opened in Pune and the customers complained
that the money from their accounts was transferred to Pune accounts
and that's how the criminalswere traced. Police has been able to prove
the honesty of the call center and has frozen the accounts where the
money was transferred.
There is need for a strict background check of the call center
executives. However, best of background checks can not eliminate the
bad elements from cominginandbreachingsecurity. We must still ensure
such checks when a person is hired. There is needfor a national ID and
a national data base where a name can be referred to. In this case
preliminary investigationsdo not reveal that the criminals had any crime
history. Customer education is very important so customers do not get
taken for a ride. Most banks are guilt of not doing this.
New communication systems and digital technology have made

dramatic changes in the way we live and the means to transact our daily
business. Businessmen are increasingly using computers to create,
transmit and store information in electronic form instead of traditional
paper documents. It is cheapen easier to store and retrieve and speedier
to communicate. Althoughpeople are aware of the advantages which the
electronic form of business provides, people are reluctant to conduct
business or conclude and transaction in the electronic form due to lack
of appropriate legal framework. Electronic commerce eliminates need
for paper based transactions. The two principal hurdles which stand in
the way of facilitating electronic commerce and electronic governance,
are the requirements of writing and signature for legal recognition. At
present many legal provisions assume the existence of paper based
records and documents which should bear signatures. The Law of
Evidence is traditionally based upon paper-based records and oral
testimony Hence, to facilitate e-commerce, the need for legal changes
has become an urgent necessity.
The Government of India realized the need for introducinga new law
and for making suitable amendments to the existing laws to facilitate e-
.342:
commerce and give legal recognition to electronic records and digital
signatures. The legal recognition to electronic records and digital
signatures in turn wUl facilitate the conclusion of contracts and the creation
of legal rights and obligationsthroughthe electronic communicationlike
Internet. This gave birth to the Information Technology Bill, 1999.
In May 2000, both the houses of the Indian Parliament passed the
Information Technology Bill. The Bill received the assent of the President
in August 2000 and came to be known as the Information Technology
Act, 2000. Cyber laws are contained in the IT Act, 2000.This Act aims
to provide the legal infrastructure for e-commerce in India and would
have a major impact for e-businesses and the new economy in India.
Therefore, it is important to understand 'what are the various perspectives
of the IT Act, 2000 and what it offers?'.
The InformationTechnologyAct, 2000 also aims to provide the legal
framework under whidi legal sanctity is accorded to all electronic records
and other activities carried out by electronic Information Systems means.
The Act states that unless otherwise agreed, an acceptance of contract
may be expressed by electronic means of communication and the same
shall have legal validity and enforceability
This Act was amended by Information Technology AmendmentBill
2006, passed in Loksabha on Dec 22nd and in Rajyasbha on Dec 23rd
of 2008. The then Hon'ble Minister of Communications & IT, Mr.
Dayanidhi Maran discussed the statement of Objects and Reasons for
343:
ITAA-2006, which are given as follows:

• The Information Technology Act was enacted in the year 2000 with
a view to give a fillip to the growth of electronic based transactions, to
provide legal recognitionfor ecommerceand e-transactions,to facilitate
e-governance, to prevent computer based crimes and ensure security
practices and procedures in the context of widest possible use of
information technology worldwide.
• With proliferation of information technology enabled services such
as e-governance, ecommerce and e-transactions, protection of personal
data and information and implementation of security practices and
procedures relating to these applications of electronic communications
have assumed greater importance and they require harmonization with
the provisions of the Information Technology Act. Further, protection
of Critical Information Infrastructure is pivotal to national security,
economy, pubHc health and safety, so it has become necessary to declare
such infrastructure as a protected system so as to restrict its access.
• A rapid increase in the use of computer and internet has given rise to
new forms of crimes like pubhshing sexually explicit materials in electronic
form, video voyeurismand breach of confidentialityand leakage of data
by intermediary e-commerce frauds like personation commonly known
as Phishing identity theft and offaisivemessages throu^ communication
services. So, penal provisions are required to be included in the
InformationTechnologyAct, the Indian Penal Code, the Indian Evidence
:344;
Act and the Code of Criminal Procedure to prevent such crimes.

• The United Nations Commission on International Trade Law
(UNCITRAL) in the year 2001 adopted the Model Law on Electronic
Signatures The General Assembly of the UnitedNations by its resolution
No. 56/80, dated 12th December, 2001, recommended that all States
accord favomble consideration to the said Model Law on Electronic
Signatures. Since the digital signatures are linked to a specific technology
under the existing provisions of the Information Technology Act, it has
become necessary to provide for alternate technology of electronic
signatures for bringingharmonization withthe said Model Law.
• The service providers may be authorizedby the Central Goveniment
or the State Government to set up, maintain and upgrade the computerized
facilities and also collect, retain appropriate service charges for providing
such services at such scale as may be specified by the Central
Government or the State Government.
• The Bill seeks to achieve the above objects. This is an Act to provide
legal recognition for transactions carried out by means of electronic data
interchange and other means of electronic communication, commonly
referred to as "electronic commerce", which involve the use of alternatives
to paper-based methods of communication and storage of information,
to facilitate electronic filingof documents with the Govemmentagencies
and further to amend the Indian Penal Code, the Indian Evidence Act,
1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of
:345:
India Act, 1934 and for matters connected therewith or incidental thereto.
Objectives of the Act are: • To grant legal recognitionfor transactions
carried out by means of electronic data interchange and other means of
electronic communication commonly referred to as "electronic
commerce" in place of paper based methods of communication; • To
give legal recognition to Digital signatures for authentication of any
information or matter which requires authentication under any law. • To
facilitate electronic filing of documents with Government departments •
To facilitate electronic storage of data • To facilitate and give legal sanction
to electronic fund transfers between banks and financial institutions
• To give legal recognition for keeping of books of accounts by
banker's in electronic form. • To amend the Indian Penal Code, the
Indian Evidence Act, 1872, the Banker's Book Evidence Act, 1891, and
the Reserve Bank of India Act, 1934.
Some Important Features of Information Technology Act, 2008
This Act may be called the Information Technology Act, 2000. [As
Amended by Information technology (Amendment) Act 2008] Information
Technology (Amendment) Bill 2006 was amended by Information
Technology Act Am endmentBill 2008 and in the process, the underlying
Act was renamed as Information Technology (Amendment) Act 2008
herein afterreferred to as ITAA2008.
Nothing in this Act shall applyto documents or transactions specified
.346;
in the First Schedule by way of addition or deletion of entries thereto.
(Substituted Vide ITAA-2008)
Every notification issued under sub-section (4) shall be laid before
each House of Parliament (Inserted videITAA-2008) .
(ha) "CommunicationDevice" means Cell Phones, Personal Digital
Assistance (Sic), or combination of both or any other device used to
communicate,send or transmitany text, video, audio, or image. (Inserted
Vide ITAA 2008)
"Computer Network" means the interconnection of one or more
Computers or Computer systems or Communicationdevice through- (i)
the use of satellite, microwave, terrestrial line, wire, wireless or other
communication media;and (ii) terminalsor a complex consistingof two
or more interconnected computers or communicationdevice whether or
not the interconnection is continuously maintained; (Substituted vide
ITAA-2008)
(n) "Cyber Appellate Tribunal"means the CyberAppellate* Tribunal

established under sub-section(l) of section48 (* "Regulations"omitted)
(na) "Cyber Cafe" means any facility from where access to the internet
is offered by any person in the ordinary course of business to the members
of the public, (nb) "Cyber Security" means protecting information,
equipment, devices, computer, computer resource, communicationdevice
and informationstored therein from unauthorizedaccess, use, disclosure,
disruption, modification or destruction. (Inserted Vide ITAA 2008)
:347:
(v) "Information"includes data, message, text, images, sound, voice,

codes, computer programmes, software and databases or micro film or
computer generated micro fiche; (Amended vide ITAA-2008) (w)
(Substituted vide ITAA-2008) "Intermediary" with respect to any particular
electronic records, means any person who on behalf of another person
receives, stores or transmits that record or provides any service with
respect to that record and includes telecom service providers, network
service providers, internet service providers, web hosting service
providers, search engines, online payment sites, online-auction sites, onhne
market places and cyber cafes.
DIGITAL SIGNATURE AND ELECTRONIC SIGNATURE
[Sections] Authenticationof Electronic Records: (1) Subject to the
provisions of this section any subscriber may authenticate an electronic
record by affixing his Digital Signature. (2) The authentication of the
electronic record shall be effected by the use of asymmetric crypto
system and hash function which envelop and transform the initial electronic
record into another electronicrecord.(AMENDED VIDE ITAA2008)
Section 6 lays down the foundation of Electronic Governance. It

provides that the filing of any form, application or other documents,
creation, retention or preservation of records, issue or grant of any licence
or permit or receipt or payment in Government offices and its agencies
may be done through the means of electronic form. The appropriate
Government office hasthe power to prescribe the mannerand format of
448:
the electronic records and the method of payment of fee in that connection.
This section is given as under as per ITAA 2008:
[Section 6] Use of Electronic Records and Electronic Signature in
Government and its agencies: (1) Where any law provides for (a) the
filing of any form, application or any other document with any office,
authority, body or agency owned or controlled by the appropriate
Government in a particular manner; (b) the issue or grant of any license,
permit, sanction or approval by whatever name called in a particular
manna*; (c) the receipt or payment of money in a particular manner,
then, notwithstanding anything contained in any other law for the time
being in force, such requirement shall be deemed to have been satisfied
if such filing, issue, grant, receipt or payment, as the case may be, is
effected by means of such electronic form as may be prescribed by the
appropriate Government.
Information Technology Act, 2000 10.11 (2) The appropriate
Governmentmay, for the purposes of sub-section(l), by rules, prescribe
(a) the manner and format in which such electronic records shall be
filed, created or issued; (b) the manner or methodof payment of any fee
or charges for filing, creation or issue any electronic record under clause
(a).
[Section 6 A] Delivery of Services by Service Provider (Inserted vide
ITAA-2008): (1) The appropriate Governmentmay, for the purposes of
this Chapter and for efficient delivery of services to the public through
C342)
electronic means authorize, by order, any service provider to set up,
maintain and upgrade the computerizedfacilitiesand perform such other
services as it may specify, by notificationin the Official Gazette.
Explanation: For the purposes of this section, service provider so
authorized includes any individual, private agency, private company,
partnership firm,sole proprietor form or any such other body or agency
which has been granted permission by the appropriate Government to
offer services through electronic means in accordance with the policy
governing such service sector. (2) The appropriate Government may
also authorize any service provider authorized under sub-section (1) to
collect, retain and appropriate service charges,as may be prescribed by
the appropriate Govemmentfor the purpose of providing suchservices,
from the person availing such service. (3) Subject to the provisions of
sub-section (2), the appropriate Government may authorize the service
providers to collect, retain and appropriate service charges under this
section notwithstanding the fact that therds no express provision under
the Act, rule, regulation or notification under which the service is provided
to collect, retain and appropriate eservice charges by the service providers.
(4) The appropriate Government shall, by notification in the Official
Gazette, specify the scale of service chargeswhich may be charged and
collected by the service providers under this section: Provided that the
appropriate Government may specify different scale of service charges
for different types of services.
450;
[Section 10] Power to make rules by Central Government in respect
of Electronic Signature (Modified Vide ITAA2008:)
The Central Government may, for the purposes of this Act, by rules,
prescribe (a) the type of Electronic Signature; (b) the maimer and format
in which the Electronic Signature shall be affixed; (c) the manna* or
procedure which facilitates identification of the person affixing the
Electronic Signature; (d) control processes and procedures to ensure
adequate integrity security and confidentiality of electronic records or
payments; and (e) any other matter which is necessary to give legal
effect to Electronic Signature.
lOA: Validity of contracts formed through electronic means (Inserted
by ITAA 2008) Where in a contract formatipn, the communication of
proposals, the acceptance of proposals, the revocation of proposals
and acceptances, as the case may be, are expressed in electronic form
or by means of an electronic record, such contract shall not be deemed
to be unenforceable solely on the ground that such electronic form or
means was used for that purpose.
[Section 15] Secure Electronic Signature (Substituted vide ITAA2008):
An electronic signature shall be deemed to be a secure electronic signature
if- (i) the signature creation data, at the time'of affixing signature, was
under the exclusive control of signatory and no other person; and (ii) the
signature creation data was stored and affixed in such exclusive manner
as may be prescribed.
45i:
[Section 16] Security procedures and Practices (Amended vide ITAA
2008): The Central Government may for the purposes of sections 14
and 15 prescribe the security procedures and practices Provided that in
prescribing such security procedures and practices, the Central
Goverrmient shall have regard to the commercial circumstances, nature
of transactions and such other related factors as it may consider
appropriate.
Section 20: (Omitted videlTA 2008)
[Section 29] Access to computers and data: (1) Without prejudiceto
the provisions of sub-section (1) of section 69, the Controller or any
person authorized by him shall, if he has reasonable cause to suspect
that any contravention of the provisionsof this chapter made there under
has been committed,have access to any computer system, any apparatus,
data or any other material coimected with such system, for the purpose
of searching or causinga search to be made for obtainingany information
or data contained in or available to such computer system. (Amended
vide ITAA 2008)
Section30 (c) adhere to security procedures to ensure that the secrecy
and privacy of the Electronic Signature are assured (Amended vide
ITAA 200 8) (ca) be the repository of all Electronic Signature Certificates
issued under this Act (Insertedvide ITAA 2008) (cb) pubhsh information
regarding its practices. Electronic Signature Certificates and current status
of such certificates; and (Inserted vide ITAA 2008).
452;
[Section 34] Disclosure: (1) Every CertifyingAuthorityshall disclose
in the manner specified by regulations (a) its Electronic Signature Certificate
(Amended vide ITAA 2008)
Section 36 (ca) the subscriber holds a private key which is capable
of creating a digital signature(Inserted vide ITAA 2008) (cb) the public
key to be listed in the certificate can be used to verify a digital signature
affixed by the private key held by the subscriber (Inserted vide ITAA
2008).
Sections 40 to 42. It specifies duties of subscribers. As per ITAA
2008, different Sections are as under: Information Systems 10.26 Control
and Audit
[Section 40] Generating Key Pair: Where any Digital Signature
Certificate, the public key of which corresponds to the private key of
that subscriber which is to be listed in the Digital Signature Certificate
has been accepted by a subscriber; (*) the subscriber shall generate that
[substituted for "the" vide amendment dated 19/09/2002] key pair by
applyingthe security procedure. [* word "then"-deleted vide amendment
dated 19/9/2002], [Section 40A] Duties of subscriber of Electronic
Signature Certificate: In respect of Electronic Signature Certificate the
subscriber shall perform such duties as may be prescribed. (Inserted
Vide ITAA2008) [Section 41] Acceptance of Digital Signature Certificate:
(1) A subscriber shall be deemed to have accepted a Digital Signature
Certificate if he publishes or authorizes the publication of a Digital
^53;
Signature Certificate -(a) to one or more per^ns; (b) in a repository, or
otherwise demonstrates his approval ofthe Digital SignatureCertificate
in any manner. (2) By accepting a Digital Signature Certificate the subscriber
certifies to all who reasonably rely on the information contained in the
Digital Signature Certificate that - (a) the subscriber holds the private
key corresponding to the public key listed in the Digital Signature
Certificate and is entitled to hold the same; (b) all representations made
by the subscriber to the CertifyingAuthorityand all material relevantto
the informationcontainedin the Digital SignatureCertificate are true; (c)
all information in the Digital Signature Certificate that is within the
knowledge ofthe subscriber is true.
[Section 42] Control of Private key: (1) Every subscriber shall exercise
reasonable care to retain control of the private key corresponding to the
r public key listed in his Digital Signature Certificate and take all steps to
prevent its disclosure.[ "to a person not authorized to affix the digital
signature ofthe subscriber".-Omitted vide amendment dated 19/09/2002]
(2) If the private key correspondingto the public key listed in the Digital
Signature Certificate has been compromised, then, the subscriber shall
communicate the same without any delay to the Certifying Authority in
such maimer as may be specified by the regulations.
Explanation - For the removal of doubts, it is hereby declared that
the subscriber shall be liable till he has informed the CertifyingAuthority
that the private key has been compromised. On acceptance ofthe Digital
.354:
Signature Certificate the subscriber shall generate a key pair using a
secure system.
Section 43 (i) destroys, deletes or alters any informationresidingin a
computer resource or diminishes its value or utility or affects it injuriously
by any means (Inserted vide ITAA-2008) (j) Steals, conceals, destroys
or alters or causes any person to steal, conceal, destroy or alter any
computer source code used for a computer resource with anintention to
cause damage, (Inserted vide ITAA2008) he shallbe liable to pay damages
by way of compensation to the person so affected, (change vide ITAA
2008).
Section 43 (v) "Computer Source code" means the listing of
programmes, computer commands, design and layout and programme
analysis of computer resource in any form (Inserted vide ITAA 2008)
Compensation for failure to protect data (Inserted vide ITAA 2006)
Where a body corporate, possessing, dealing or handling any sensitive
personal data or information in a computer resource which it owns,
controls or operates, is negligent in implementing and maintaining
reasonable security practices and procedures and thereby causes wrongful
loss or wrongful gain to any person, such body corporate shall be liable
to pay damages by way of compensation, to the person so affected.
(Change vide ITAA2008).
[Section 46] Power to Adjudicate; (1) For the purpose of adjudging
under this Chapter whether any person has committed a contravention
.3^
of any of the provisions of this Act or of any rule, regulation, direction
or order made there under which renders him liable to pay penalty or
compensation, the Central Government shall, subject to the provisions
of sub-section(3), appoint any officer not below the rank of a Director
to the Government of India or an equiwlent officer of a State Government
to be an adjudicating officer for holding an inquiry in the manner
prescribed by the Central Government. (amended vide ITAA 2008)
(lA) The adjudicating officer appointed under sub-section (1) shall
exercise jurisdictionto adjudicate matters in which the claim for injury or
damage does not exceed rupees five crores. Providedthat the jurisdiction
in respect of claim for injury or damage exceeding rupees five crores
shall vest with the competent court. (Inserted Vide ITAA 2008).
Section 46 (c) shall be deemed to be a Civil Court for purposes of
order XXI of the Civil Procedure Code, 1908 (Inserted vide ITAA 2008)
[Section 49] Composition of Cyber Appellate Tribunal (Substituted
vide ITAA 2008): (1) The Cyber Appellate Tribunal shall consist of a
Chairperson and such number of other Members, as the Central
Government may, by notification in the Official Gazette, appoint (Inserted
vide ITAA-2008). Provided that the person appointed as the Presiding
Officer of the Cyber Appellate Tribunal under the provisions of this Act
immediately before the commencement of thp Information Technology
(Amendment)Act 2008 shall be deemed to have been appointed as the
Chairperson of the said Cyber Appellate Tribunal under the provisions
456;
of this Act as amended by the Information Technology (Amendment)
Act, 2008 (Inserted Vide ITAA2008). (2) The selection of Chairperson
and Members of the Cyber Appellate Tribunal shall be made by the
Central Government in consultation with the Chief Justice of India.
(Inserted vide ITAA-2008).
Provided that every Bench shall be presided over by the Chairperson
or the Judicial Member appointed under sub-section (3) of section 50
(ITAA 2008) (c) the Benches of the Cyber Appellate Tribunal shall sit at
New Delhi and at such other places as the Central Government may, in
consultation with the Chairperson of the Cyber Appellate Tribunal, by
notification in the Official Gazette, specify (d) the Central Government
shall, by notificationin the Official Gazette, specify the areas in relation
to which each Bench of the Cyber Appellate Tribunal may exercise its
jurisdiction. Inserted vide ITAA-2008). (4) Notwithstanding anything
contained in sub-section (3), the Chairperson of the Cyber Appellate
Tribunal may transfer a Member of such Tribunal from one Bench to
another Bench (Inserted vide ITAA-2008) (5) If at any stage of the hearing
of any case or matter, it appears to the Chairperson or a Member of the
Cyber Appellate Tribunal that the case or matter is of such a nature that it
ought to be heard by a Bench consisting of more Members, the case or
matter may be transferred by the Chairperson to such Bench as the
Chairperson may deem fit. (Inserted vide ITAA-2008)
Section 50 (2) The Members of the Cyber Appellate Tribunal, except
(357)
the Judicial Member to be appointed under sub-section (3), shall be
appointed by the Central Government from amongst persons, having
special knowledge of and professional experience in, information
technology, telecommunication, industry, management or consumer
affairs. Provided that a person shall not be appointed as a Member,
unless he is, or has been, in the service of the Central Government or a
State Government, and has held the post of Additional secretary to the
Government of India or any equivalent post in the Central Government
or State Govemmentfor a period of not less than two one years or joint
secretary to the Govemmentof India or any equivalentpost in the central
Government or State Government for a period of not less than seven
years. (Inserted vide nAA-2008)
[Section 51] Term of office, conditions of serviceetc of Chairperson

and Members (Substitutedvide ITAA 2008):
(1) The Chairperson or Member of the Cyber Appellate Tribunal
shall hold office for a term of five years from the date on which he enters
uponhis office or until he attains the age of sixty-fiveyears, whicheveris
earlier. (Inserted vide ITAA 2008) (2) Before appointing any person as
the Chairperson or Member of the Cyber Appellate Tribunal, the Central
Government shall satisfy itself that the person does not have any such
financial or other interest as islikely to affect prejudicially his functions
as such Chairperson or Member. (Inserted vide ITAA2008) (3)An officer
of the Central Government or State Government on his selection as the
458;
Chairperson or Member of the Cyber Appellate Tribunal, as the case
may be, shall have to retire from service before joining as such
Chairperson or Member. (Inserted vide ITAA 2008).
[Section 52] Salary, allowance and other terms and conditions of
service of Chairperson and Member (Substituted vide ITAA 2008): The
salary and allowances payable to, and the other terms and conditions of
service including pension, gratuity and other retirement benefits of, the
Chairperson or a Member of Cyber Appellate Tribunal shall be such as
maybe prescribed: (Inserted vide ITAA2008) Information Systems 10.34
Control and Audit [Section 52A] Powers of superintendence, direction,
etc (Inserted vide ITML2008):
The Chairperson of he Cyber Appellate Tribunal shall have powers
of general superintendence and directions in the conduct of the affairs of
that Tribunal and he shall, in addition to presiding over the meetings of
the Tribunal, exercise and discharge such powers and functions of the
Tribunal as may be prescribed. [Section 52B] Distribution of Business
among Benches (Inserted vide ITAA 2008): Where Benches are
constituted, the Chairperson of the Cyber Appellate Tribunal may, by
order, distribute the business of that Tribunal amongst the Benches and
also the matters to be dealt with by each Bench.
[Section 52C] Powers of the Chairperson to transfer cases (Inserted
vide ITAA 2008): On the apphcation of any of the parties and after
notice to the parties, and after hearing such of them as he may deem
459;
proper to be heard, or suo motu without such notice, the Chairpersorof
the Cyber Appellate Tribunal may transfer any case pending before one
Bench, for disposal to any other Bench.
[Section 52D] Decisionby majority (Inserted vide ITAA 2008): If the
Members of a Bench consisting of two Members differ in opinion on
any point, they shall state the point or points on which they differ, and
make a reference to the Chairperson of the Cyber Appellate Tribunal
who shall hear the point or points himself and such point or points shall
be decided according to the opinion of the majority of the Members
who have heard the case, including thosewho first heard it.
Section 53 provides that in the situation of any vacancy occurring in
the office of the Presiding officer of Cyber Regulations Tribunal, the
Central Government shall appoint another person in accordance with the
provisions of this Act.
[Section 55] Orders constituting Appellate Tribunal to be final and
not to invalidate its proceedings (Inserted vide ITAA 2008): No order of
the Central Government appointing any person as the Chairperson or
Member of a Cyber Appellate Tribunal shall be called in question in any
manner and no act or proceeding before a Cyber Appellate Tribunal
shall be called in question in any manner on the ground merely of any
defect in the constitution ofa Cyber Appellate Tribunal.
OFFENCES
460;
[Section 65] Tampering with Computer Source Documents: Whoever
knowingly or intentionallyconceals, destroys or alters or intentionallyor
knowingly causes another to conceal, destroy or alter any computer
source code used for a computer, computer programme, computer system
or computer network, when the computer source code is required to be
kept or maintainedby law for the time being in force, sh all be punishable
with imprisonmentup to three years, or with fine which may extend up
to two lakh rupees, or with both.
Explanation - For the purposes of this section, "Computer Source
Code" means the listing of programmes. Computer Commands, Design
and layout and programme analysis of computer resource in any form.
Hacking with computer system 'Hacking' is a term used to describe
the act of destroying or deleting or altering anyinformationresiding ina
computer resource or diminishing its value or utility, or affecting it
injurioiBly in spite of knowingthat such action is hkely to cause wrongful
loss or damage to the public or that person. Section 66 provides that a
person who commitshacking shall be InformationTechnologyAct, 2000
10.39 punished with afineuptoRs.2 lakhs or with imprisonmentupto 3
years, or with both. As per ITAA2008, Section 66 is given as follows:
[Section 66] Computer Related Offences (Substituted vide ITAA
2008): If any person, dishonestly or fraudulently does any act referred
to in section 43, he shall be punishable with imprisonment for a term
which may extend to two three years or with fine which may extend to
five lakh rupees or with both.
Explanation: For the purpose of this section,- (a) the word
"dishonestly" shall have the meaning assigned to it in section 24 of the
Indian Penal Code; (b) the word "fraudulently" shall have the meaning
assigned to it in section 25 of the Indian Penal Code. [Section 66 A]
Punishment for sending offensive messages through communication
service, etc.( Introduced videlTAA 2008):
Any person who sends, by means of a computer resource or a
communicationdevice,- (a) any information that is grossly offensive or
has menacing character; or (b) any information which he knows to be
false, but for the purpose of causing annoyance, inconvenience, danger,
obstruction, insult, injury, criminalintimidation,enmity, hatred, or ill will,
persistently makes by making use of such computer resource or a
communication device, (c) any electronic mail or electronic mail message
for the purpose of causing annoyanceor inconvenience or to deceive or
to mislead the addressee or recipient about the origin of such messages
(Inserted vide ITAA2008) shall be punishable with imprisonmentfor a
term which may extend totthree years and with fine.
[Section 66 B] Punishmentfor dishonestly-receiving stolen computer

resource or communicationdevice (Inserted Vide ITA 2008):
Whoever dishonestly receives or retains any stolen computer resource
or communicationdevice knowing or having reasonto believe the same
to be stolen computer resource or communication device, shall be
^62;
punished with imprisonmentof either description for a term which may
extend to three years or with fine which may extend to rupees one lakh
or with both.
[Section 66C] Punishmait for identity theft. (Inserted Vide ITA 2008):
Whoever,fraudulentlyor dishonestly make use of the electronic signature,
password or any other unique identification featureof any other person,
shall be punished with imprisonment of Information Systems 10.40
Control and Audit either description for a term which may extend to
three years and shall also be liable to fine which may extend to rupees
one lakh.
[Section 66D] Punishment for cheating by personation by using
computer resource (Inserted Vide ITA 2008): Whoever, by means of
any communication device or computeiresource cheats by personation,
shall be punished with imprisonment of either description for a term
which may extend to three years and shall also be liable to fine which
may extend to one lakh rupees.
[Section 66E] Punishment for violation of privacy. (Inserted Vide

ITA 2008): Whoever, intentionally or knowingly captures, publishes or
transmits the image of a private area of any person without his or her
consent, under circumstances violating the privacy of that person, shall
be punished with imprisonmentwhich may extend to three years or with
fine not exceeding two lakh rupees, or with both.
[Section 67 A] Punishmentfor publishing or transmitting of material
.363:
containing sexually explicit act, etc. in electronic form (Inserted vide
ITAA 2008): Whoever publishes or transmits or causes to be published
or transmittedin the electronic form any material which contains sexually
explicit act or conduct shall be punished on first conviction with
imprisonment of either description for a term which may extend to five
years and with fine which may extend to ten lakh rupees and in the event
of second or subsequent conviction with' imprisonment of either
description for a term which may extend to seven years and also with
fine which may extendto ten lakh rupees.
[Section 70] Protected system (Amended Mde ITAA-2008): (I) The
appropriate Government may, by notification in the Official Gazette,
declare any computer resource which directly or indirectly affects the
facility of Critical Information Infrastructure, to be a protected system.
Explanation: For the purposes of this section, "Critical Information
Infrastructure" means the computer resource, the incapacitaUon or
destruction of which, shall have debilitatingimpact on national security,
economy, public health or safety. (Substituted vide ITAA- 2008)
(2) The appropriate Government may, by order in writing, authorize
the persons who are authorized to access protected systems notified
under sub-section (1)(3) Any person who secures access or attempts to
secure access to a protected system in contravention of the provisions
of this section shall be punished with imprisonment ofeither descripfion
for a term which may extend to ten years and shall also be liable to fine.
^64;
(4) The Central Government shall prescribe the information security
practices and procedures for such protected system. (Inserted vide ITAA
2008)
[Section 70 A] National nodal agency (Inserted vide ITAA 2008): (1)
The Central Government may, by notification published in the official
Gazette, designate any organization of the Government as the national
nodal agency in respect of Critical Informationlnfrastructure Protection.
(2) The national nodal agency designatedunder sub-section (1) shall be
responsible for all measures including Research and Developmentrelating
to protection of Critical Informationlnfrastructure. (3) The manner of
performing functions and duties of the agency referred to in sub-section(l)
shall be such as may be prescribed.
[Section 72 A] Punishment for Disclosure of information in breach

of lawful contract (Inserted vide IT\A-2008):
Save as otherwise provided in this Act or any other law for the time
being in force, any person including an intermediary who, while providing
services under the terms of lawful contract, has secured access to any
material containingpersonal informationabout another person, with the
intent to cause or knowing that he is likely to cause wrongful loss or
wrongful gain discloses, without the consent of the person concerned,
or in breach of a lawful contract, suchmaterial to any other person shall
be punished with imprisonment for a term which may extend to three
years, or with a fine which may extend to five lakh rupees, or with both.
Section 73 provides punishment for publishing a Digital Signature

^65,
Certificate false in material particulars or otherwise making it availaUe to
any other person with imprisonmentfor a term which may extend to two
years or with fine which may extendto Rs.l lakh or with both.
[Section 79] Exemptionfrom liability of intermediaryin certain cases:
(1) Notwithstanding anything contained inany law for the time being in
force but subject to the provisions of sub-sections (2) and (3), an
intermediary shall not be liable for any third party information, data, or
communicationlink hosted by him. (corrected vide ITAA 2008)
(2) The provisions of sub-section (1) shall apply if- (a) the function
of the intermediary is limited to providing access to a communication
system over which information made available by third parties is
transmitted or temporarily stored; or (b) the intermediary does not- (i)
initiate the transmission, (ii) select the receiver of the transmission, and
(iii) select or modify the information contained in the transmission (c)
the intermediary observes due diligence while discharging his duties under
this Act and also observes such other guidelines as the Central Government
may prescribe in this behalf (InsertedVide ITAA 2008)
[Section 81] Act to have Overriding effect: The provisions of this
Act shall have effect notwithstanding anything inconsistent therewith
contained in any other law for the time being in force. Provided that
nothing contained in this Act shall restrict any person from exercising
any right conferred under the Copyright Act 1957 or the Patents Act
1970 (InsertedVide ITAA 2008)
466;
[Section 84 A] Modes or methods for encryption (Inserted Vide ITA-
2008): The Central Government may, for secure use of the electronic
medium and for promotion of egovemance and e-commerce, prescribe
the modes or methods for encryption [Section 84 B] Punishment for
abetment of offences (Inserted Vide ITA-2008): Whoever abets any
offence shall, if the act abetted is committed in consequence of the
abetment, and no express provision is made by this Act for the punishment
of such abetment, be punished with the punishment provided for the
offence under this Act. Information Technology Act, 2000 10.53
Explanation: An Act or offence is said to be committedin consequence
of abetment, when it is committed inconsequence of the instigation, or
in pursuance of the conspiracy, or with the aid which constitutes the
abetment. [Section 84 C] Punishment for attempt to commit offences
(Inserted Vide ITA-2008): Whoever attempts to commit an offence
punishable by this Act or causes such an offence to be committed, and
in such an attempt does any act towards the commission of the offence,
shall, where no express provision is made for the punishment of such
attempt, be punished with imprisonmentof any descriptionprovided for
the offence, for a term whichmay extend to one-halfof the longest term
of imp-isonment provided for that offence, or with such fine as is provided
for the offence or with both.
Section 87 (aa) the procedure for ascertaining electronic signatureor

authentication under sub-section (3) f section 3A(Inserted Vide ITA-
2006) (Inserted vide ITAA-2008) (ab) the manner in which any information
s367;
or matter may be authenticated by means of electronic signature under
section 5 .(Inserted vide ITAA-2008) (c) the manner and format in which
electronic records shall be filed or issued and the method of payment
under sub-section (2) of section 6; (ca) the manner in which the authorized
service provide' may collect, retain and appropriate service charges under
sub-section (2) of section 6A (Inserted vide ITAA-2008) (ea) the security
procedures and practices under section 16 (Inserted vide ITAA- 2008)
Section 87 (g) (omitted vide ITAA-2008). (ma) the form of application
and fee for issue of Electronic Signature Certificate under section
3 5.(Inserted vide ITAA-2008) (oa)the duties of subscribes under section
40A (Inserted vide ITAA-2008) (ob) the reasonable security practices
and procedures and sensitive personaldata or information undersection
43 A (Inserted vide ITAA-2008) (s) the salary, allowances and the other
terms and conditions of service of the Chairman and Members under
section 52; (amended vide ITAA-2008) (w) the powers and functions of
the Chairperson of the Cyber Appellate Tribunal under section 52 A
(substituted vide ITAA-2008) (z) the guidelines to be observed by the
intermediaries under sub section (4) (2) of section 79 (Inserted vide
ITAA-2008) (za) the modes or methods for encryption under section
84A (Inserted vide imA- 2008).
3. Judicial trends about Cyber Crime in Indian Perspective :
LANDMARK JUDICIAL PRONOUNCEMENTS ON CYBER
CRIME
Maharashtra Vs Praful Desai^
The Supreme Court in the Case of Praful Desai examinedthe question
regarding use of modem technology like recording of evidence by way
of video conferencingat length. In the said case, interpretation of section
273 CrPC, which requires that evidence in a trial has be taken "in the
presence of the accused" or his pleader, came up for consideration. In
that case, the prosecution wanted to record evidence of a doctor in US
through video conferencing, as the doctor refused to come to India for
deposing evidence and there was no way by which presence of the said
doctor could have been procured by our courts. The Supreme Court
held that recording of evidence by use of videoconference satisfied the
requirement of section 273 Cr P C.
Kalvan Chandra Sarkar Vs Pappu Yadav^
Pappu Yadav was arrested for murder and was imprisoned in the
Belur jail at the state of Bihar. Pappu Yadav flagrantly violated all the
norms envisagedin the jail manual and heentertained a largenumber of
guests form outside and went to the extent of humiliatingthe Inspector
General of Police boastfully on the ground that since he is a political
2. Appeal (crl.) 476 of 2003 Appeal (crl.) 477 of 2003

3. 2004 7 s e c 539
.369;
person his whims and caprice would prevail. Hence it led to a hue and
cry and it was almost goingto be settled for once and all that he should
be transferred out of Bihar so that the trial could takeplace without fear
and favour from the political parties. However the defense lawyer
contended that once it is going to be materialized then it is going to
vitiate the ends of justice as he will not be able to attend the court
proceedings and instruct the counsel effectively. The Court placing
reliance on the PrafulDesai judgment held that even if he is not transferred
out of Bihar and isnot physicallypresent in the Court room the trial can
be held with the help of video conferencing.
Defamation through obscene and scandalous remarks in the

Internet
State of Tamil Nadu Vs Suhas Katti''
The case related to posting of obscene defamatory and annoying
message about.a divorcee woman in the yahoo message group. E mails
were also forwarded to the victims for information by the accused through
a false email account opened by him in the name of the victim. The
posting of the message lead to many phone calls as if the lady was
soliciting for sexual intercourse which has degraded and demeaned her
social status. The accused was aknown family friend of victim and was
reportedly interested in marrying her. She was however married to another
person. This marriage later ended in a divorce and the accused started
4. Judgment delivered on n-5-2204 by CJM, Egmore

C370)
contactingher for once again. Due to her reluctance the accused thought
of defamingandmentallyharassingher through the internet. The accused
was found guilty and convicted for offences under Section 469, 509 of
IPC and 67 of IT Act of 2000. This is the first conviction under section
67 of the Information Technology Act in India.
Fraud to the tune of Crores in Call Center
Pune call center fraud : A whooping amount of US $ 3, 50,000
was unscrupulously transferred to the bogus accounts. The call Center
all over the world maintains high level of digiiity and integrity and they
keep the information of the customer in secret manner. Hence the
consumer used to take the, into confidence. Some of the employees
exploiting the goodwill of the call center got the Pin numbers of the
customer and obtained the Pin numbers to commit fraud. As a matter of
rule the call center employees are checked whenever they go out. Hence
the feasibility of writing down the numbers could be ruled out. They
must have remembered the number and committed the fraudulent activity-
It is still shrouded in mystery but it is of high probability that they must
have gone out and accessed the Citibank account of the customers in
the Cyber Cafe. The call center was tarnished forthe breach of Trust as
well as the fraud committedupon the customers. The Police investigation
dispelled the speculation regardingthe hoax that it was a craftily designed
act of the call Center rather was an unfortunate incident which took
place due to the evil intention of some of the employees which runs
(371)
contrary to the integrityof the call center
Case on Email Spoofing
Pranab Mitra, former executive of Gujarat Ambuja Cement
impersonating him self as a woman, Rita Basu created a fake e-mail ID
through which he contacted Mr. V.R. Ninawe an Abu Dhabi businessmen.
After long term relationship through interaction through email and other
cyber medium, Mitra sent an emotional e-mail that "she would commit
suicide" incase Ninawe ended the relationship. He also gave him "another
friend RuchiraSengupta's" e-maillD which was in fact his second bogus
address. When Ninawe mailed at the other ID he was shocked to learn
that Mitra had died and police is searchingNinawe. Now Mitra faced the
liabilityunder the law and he has to spend huge amountto get out of the
legal entangle. Finally however he went to Mumbaito lodge a compliant
regarding the fact that he was in fact cheated by Pranab and he has no
role in his murder
Ritu Kohli Case^
Ritu Kohli was the victim of cyber-stalking. A friend of her husband
gave her phone number and name on a chat site for immoral purposes.
Being a computer expert, Kohli could trace the culprit. The culprit tried
who lured the woman for immoral purposes was tried for "outragingthe
modesty of a woman", under Section 509 of IPC.
5. Unreported Case
312:
International Cases
Center for National Security Studies Vs U.S Department of
Justice^ The Circuit Court applied the mosaic theory to uphold the
Justice Department's categorical denial of FOIArequests for information
about more than seven hundred people detained in the wake of the 9/11
attacks. In North Jersey Media Group Vs Ashcroft"^ the third Court
appliedthe theory to upholdgovemment's decisionto close 9/11 "special
interest deportation" hearings to the Public and Press.
United States Vs Crandorf .Richard Crandon pleaded guilty before
the Court for receiving child pornography His crime was much more
than just downloadingthe illicitmaterial form the internet. Crandon met a
fourteen year old girl online and ultimately meeting with her to have
sexual relations and took the photographs of that intercourse. Crandon
and the girls use to frequently interact over the telephone and used to
discuss about their future prospects. The girl wanted to go to New
JerseyfromMinnesota along with Crandon. They went about matedahzing
their plan and left for New Jersey form Minnesota. On their way they
came to know that the authorities were looking for them. The girl was
sent from Minnesota. Crandon contested the. deprivation of his access
to the Internet during the period of his imprisonmenton the ground that
the Court has to seek the prior approval form the probation officer.
Further he pleaded that the non accessibility would hinder his employmait
6. 17F.Supp.2d58
7. 205RSupp.2d288,300
8. 494 U.S 152 (1990)
and the business wince computers and the internet are inextricably tied.
Court upheld that the restrictions was tenable in the light of the first
amendment whichrelated to the protecting the interest of the public.
Alkhaz Case^
In this case, an individual proficient with theuse of a computer used
the Internet to post a child's (or adult's) name and telephone number on
sexual explicit Intemet sites. This posting invited visitors to call and
inquire about the named individual, who was a child. As a result, the
named individual was subjected to consistent, harassing and possibly
sexual explicit telephone calls every day of the week, at any and all
hours. The repeated inquiries caused the recipient of the calls and/or
messages to become fearful for his/her safety and the safety of their
family The Boehle family decided that they had to move outside of Will
County in order to protect their daughter who was the subject of the
postings, telephone calls and messages, from any potential harm they
feared might occur as a result of such harassment.^^ The Alkhabaz case
is one instance in which existing law proved to be inadequate to deal
with computer-facilitated anti-social conduct. Other examples abound,
some of which were ultimately addressed bythe amendment of existing
law or the adoption of new penal law
9. 200 U.S. 113(1993)
10. Brenner, Sussan W, University of Dayton School of Law, Cybercrime
Investigation and Prosecution : The Role of Penal and Procedural Law,
Available at http://unpanl.un.org/intradoc/groups/public/documents/
APCITY/UNPAN003073 .pdflittp://unpanl .un.org/intradoc/groups/pubhc/
documents/APCITY/UNPAN003073.pdf, accessed on 20-8-2009
:374:
Jcb India Ltd vs LP. Address :122.163.98.166" The plaintiff

submits that since these acts have been committed using computers,
networks and the Internet the InformationTechnologyAct, 2000 applies
to the present case. It is submitted that acts of the fourth defendant
amount to hacking within Section 66 of the Information Technology
Act, 2000. An FIR bearing No. 86/2000 was filed in Sector 55 before
Police Station, Faridabad. It is alleged that through the aforesaid acts,
the applicant has unlawfully appropriated the plaintiff?s trade secrets
and confidential information and moreover, violated the plaintiffs?
copyright in the drawings and data. The applicant, it is averred acted in
breach of his contract of employment and his commitments madeat the
exit interview that he wouldnot be joimngtheplaintifif?s direct competitor.
Further; the contract also stipulated that all intellectual property created
during the applicants tenure with the plaintiffwould vest in the latter and
that he was obliged not to divulge confidential information and trade
secrets. Therefore, the plaintiff filed CS (OS) No. 691/08 seeking an
order of permanentinjunctionagainstthe applicant, restraininghim from
divulgingor using or in any manner handling confidentialdata and trade
secrets of the plaintiff and also from restraining him from working for
any direct competitor of the plaintiff.
Subsequently, the plaintiff filed the present suit where it impleaded

the applicant as the fourth defendant. In the suit it sought an order from
11. Judgement on 25 August, 2008.

(375)
the Court restraining the other defendants from transferring or in any
manner handlingconfidentialinformationor trade secrets of the plaintiff.
Though its did not seek any specific rehef against the applicant in that
suit, it sought an order for delivery up of information and data that the
defendants therein had obtained unlawfully in violation of the plaintiff7s
copyright in those designs data.
Where there is no express exclusion the examination ofthe remedies
and the scheme of the particular Act tofindout the intendment becomes
necessary and the result ofthe inquiry may be decisive. In the latter case
it is necessary to see if the statute creates a special right or a liability and
provides for the determination of the right or liability and further lays
down that all questions about the said right and liability shall be determined
by the tribunals so constitutedand whether remedies normallyassociated
with actions on civil courts are prescribed by the said statute or not."
Much later, incoimectionwiththe Industrial Disputes Act, in Premier

Automobiles Ltd. v. Kamlekar Shantaram Wadke*^ it was pointed
out by the Supreme Courtthatthe civil court will have no jurisdictionto
try and adjudicate upon an industrial dispute, if it concerned enforcement
of certain right or liability createdunder that Act.
This line of reasoning was affirmed in Bata Shoe Co. Ltd. v. City of
Jabalpur Corpn" and Munshi Ram v. Municipal Committee,
Chheharta^^
12. (1976) 1 s e c 496
13. (1977) 2 s e c 472
14. (1979) 3 s e e 83.
^76:
In Raja Ram Kumar Bhargava v. Union of India^^ the Supreme
Court held that: "[Wjherever a right, not pre-existingin common law, is
created by a statute and that statute itself provided a machinery for the
enforcement of the right, both the right and the remedy having been
created uno flatu and a finality is intended to the result of the statutory
proceedings, then, even in the absence of an exclusionary provision the
civil court?s jurisdiction is impliedly barred.."
These were again reiterated by a three judge bench of the Supreme
Court, in Rajasthan SRTC v. Krishna Kant^^. The above discussion
would show that the provisions of the IT Act are no doubt special, and
to the extent they provide specific remedies, the civil court?s jurisdiction
is barred. However, what does not follow from the above decisions, as
is sought to be urged by the defendant, is that every claim inter parties is
barred. The provisions of the Copyright Act, which confer copyrights
upon data bases, as well as the plaintiffs?rights towards its trade secrets,
cannot be subject matter of jurisdiction of theadjudicating authority To
hold so would be to do violence with provisions of the IT Act, as
Parliament never intended ouster of civil courts? jurisdiction, and its
substitution with a specialized tribunal in that regard.
It is quite possible that some disputes or claims may ultimately be

found to be falling outsidejurisdiction ofthis court. However, the court,
consistent with rulings of the Supreme Court in Roop Lai Sathi v.
15. (1988)1 s e c 681
16. ((1995) 5 s e c 75
(|77)
Nachhattar Singh Gill,*' and Raptakos Brett and Co. Ltd. v. Ganesh
Property,**, that only a part of the plaint cannot be rejected, cannot
view the pleadings piece meal.
It was also observed by the Supreme Court, in Popat and Kotecha

Property-vs-State Bank of India Staff Association" that the averments
in the plaint as a whole have to be seen to find out whether Clause (d) of
Rule 11 of Order 7 is applicable: ?18. There cannot be any
compartmentalization, dissection, segregation and inversions of the
language of various paragraphs in theplaint. If such a course is adopted
it would run counter to the cardinal canon ofinterpretation according to
which a pleading has to be read as a whole to ascertain its true import. It
is not permissibleto cull out a sentence or a passage and to read it out of
the context in isolation. Although it is the substance and not merely the
form that has to be looked into, the pleading has to be construed as it
stands without addition or subtraction of words or change of its apparent
grammaticalsense. The intention of the party concerned is to be gathered
primarily from the tenorand terms of his pleadings takenas a whole. At
the same time it should be borne in mind that no pedantic approach
should be adopted to defeat justice on hair-splittingteclinicalities.?
In this case, even if some of the causes pleaded by the suit are
seeminglybarred, yet this court shouldnot reject the plaint on the ground
of the relief being barred in law; that can be gauged only at the final
17. 1982 (3) s e c 487
18. 1998 (7) s e c 184
19. 2005 (7) s e c 510)
^23:
stage, having regard to the composite nature of the claims in the pleadings.
For these reasons, the application for rejection of plaint cannot succeed.
Both the applications,that is, lANo. 9062/2008 in CS (OS) 691/2008 lA
No. 9011/2008 in CS (OS) No. 1021/2008, are accordingly dismissed.
In the circumstances, the applicant defendant shall bear the costs,
quantified at Rs. 20,000/- each.
A.Shankar vs State Of Tamil Nadu^" (i) Criminal case may be
registered and proceeded with under Sections of the Office Secret Act,
Section 43 and 66 of the Information Technology Act, Sections 378,
463,470 and 505 oflndiaPenal Code investi^ted and proceeded against
Thiru A.Shankar. (ii)To initiate departmental proceedings for miscmduct
and endangering the security and confidentiality of official communication
by accessing the computer unauthorisedly and leaking it to the media
persons in question".
Accordingly the Commission of Inquiry conducted an Inquiry and
submitted its report to Government. The Commission found that the
Telephone conversation made on 20.09.2007 between the Chief Secretary
to Governmeit and the former Director of Vigilanceand Anti-Corruption,
did take place and the same was recorded by the former Director, Vigilance
and Anti-Corruption, inhis laptop computer connectedto the Telephone
No.24612561. The transcript is by and large is as appeared in Deccan
Chronicle. The Commissionalso found that the main person responsible
20. Decided on (4 March, 2011)

422:
for the access and the leak of the conversation is Thiru A. Shankar, Special
Assistant, Directorate of Vigilance and Anti Corruption, Chennai. The
Commission has recommended that Criminal Case may be registered
against Thiru A.Shankar, Special Assistant, Directorate of Vigilance and
Anti-Corruption, Chennai, under Section 5 of the Official Secrets Act,
Section 43 and 66 of the Information Technology Act, Sections 378,
463,470 and 505 of IndianPenal Code and investigatedand proceeded
againsthim.
While advancing his arguments the learned public prosecutor has
drawn the attention of this Court to page 25 and 26 of the typed set
which has been furnished by the petitioner along with this petition. Section
72 of InformationTechnologyAct2000, deals with the penalty for breach
of confidentialityand privacy At page 18 of the charge sheet laid against
the petitionei; it has been specifically stated that the Governmentthrough
its G.O.Ms.No.5 and 6 of Information Technology Department dated
29.06.2005 notified the Government computers as protected system and
existing users are authorised users.
The learned public prosecutor has also referred to paragraph 15 and
16, santion of prosecution accorded by the Directorate of Mgilance and
Anti-Corruptionon 24.12.2008. In this connectionhe would submitthat
the sanction of prosecution accorded in respect of Section 66 and 70 of
Information Technology Act 2000 is also inclusive of Section 72 and
hence the non mentioning of Section 72 in sanction of prosecution will
not in any way vitiate the entire proceedings.
C380;
During the course of his argumentshe has also placed rehance upon
the decision in Bholu Ram vs. State of Punjab" In this case at
paragraph 61 it is observed that; The Revisional Court was aware of the
legal position. It was however, held by the Court that at the most there
was negligence on the part of respondent 2 but there was no criminal
intent and he cannot be held criminally liable.We have already held that
mens rea can only be decided at the time of trial and not at the stage if
issuing summons. Moreover, a point as to need or necessity of sanction
can be taken duringthe conduct of trial or at any stage of the proceedings.
Hence, proceedings could not have been quashed on the ground of
want of sanction in the present case. The order of the Revisional Court
deserves to be set aside even on that ground"
The learned public prosecutor in order to fortify his arguments has
also placed reliance upon the decision in Romesh Lai Jain vs. Naginder
Singh Rana ^^ At para 33 of this decision it has been held that;
"The upshot of the aforementioneddiscussions is that whereas an
order of sanction in terms of Section 197 Cr.RC. is required to be
obtained when the offence complained of against the public servant is
attributable to the discharge of his public duty or has a direct nexus
therewith, but the same would not be necessary when the offence
complained of has nothing to do with the same. A plea relating to want
22. (2008) 9 s e c 140.

23. (2006)1 s e c 294
481.
of sanction although desirably shouldbe considered at an early stage of
the proceedings, but the same would not mean that the accused cannot
take the said plea or the court cannot consider the same at a later stage.
Each case has to be considered on its own facts. Furthermore, there
maybe cases where the question as to whether the sanction was required
to be obtained or not would not be possible to be determined unless
some evidence is taken, and in such an event, the said question may
have to be considered even after the witnesses are examined."
20. Besides this the learned public prosecutor while advancing his
arguments has also laid emphasis on the decision in State of M.P. vs.
Dr. Krishna Chandra Saksena ^^ . In this case at paragraph 8, it is
observed that; "inthe instant case the sanction order show that the
sanctioningauthority was satisfied after complete and conscious scrutiny
of the records produced in respect of the allegations against the accused.
Now the question whether all the relevant evidence which would have
tilted the balance in favour of the accused if it was considered by the
sanctioning authority before granting sanction and which was actually
left out of consideration could be examined only at the stage of trial
when the sanctioningauthority comes forward as a prosecution witness
to support the sanction order if challenged during the trialAs that stage
was not reached the prosecution could not have been quashed at the
very inception on the supposition that all relevant documents were not
24.(1996) 11 s e c 439
.382;
considered by the sanctioning authority while granting the impugned
sanction.
On coming to the instant case on hand it is obvious that there is no
mention in the sanction of prosecution in respect of Section 72 of
Information Technology Act 2000. It is also pertinent to mote here that
duringthe course of his arguments, the learned counsel for the petitioner
has posed three questions i.e.;
1. WhyDr.SubramanianSwamy andTmt.V.S.Chandralekhawerenot
examined by the investigating officer so as to ascertain the source of
telephonic conversationbetween Tmt Poongothaiand Tr.S.K.Upadhyay
which was released by the later to the press ?
2. Why the investigating officer has not seized thecomputer used by
Tr.S.Pattan, who is the Personal Assistant to' Mr.S.K.Upadhyay at his
residence and sent the same for analysis to find out whether he could be
the person who had leaked the conversation in questionto the press and
Television?
3. Why theinvestigatingagency has not seized the server in building
No.23 of the DVAC with a view to find out as to whether any person
sitting in the office of the confidential branch of DVAC could have
accessed the laptop of Thiru S.K.Upadhyay ?
This Court has carefully considered the submissions made on behalf
of both sides. The submissions made on behalf of the petitioner hinges
around both questions of fact and question of law. In so far as the
:383:
questions raised by the learned counsel for the petitioner this Court is of
the considered view that it could very well be agitated before the trial
court during the course of trial. In so far as the question of law relating
to non granting of sanction of prosecution in respect of Section 72 of
Information Technology Act is concerned, the charge sheet levelled against
the petitioner cannot be quashed on this ground alone.
With regard to the question of facts are concerned, the High Court
will not enter into an enquiry of disputed facts or thereafter, hold in
favour of the accused. The inherent power cannot be invoked to quash
the charge only on the groundof question of facts. This principleis laid
down in Maheshwari Oil Mill v. State of Bihar.^^
Further the High Court has also no jurisdiction to interfere with the
prosecution at the preliminary stage by prejudging the question without
affording reasonable opportunity to the prosecution to substantiate the
allegations. This principle has been laid dowii by the Hon'ble Supreme
Court of India in State of Bihar v. Raj Narain Singtf ^
Besides this in State of Maharashtra v. Ishwar Piraji KalpatrP^

the Hon'ble Supreme Court of India has also observed that; The Court
shouldnot except in extraordinary circumstances exercise its jurisdiction
under Section 482 Cr.P.C. so as to quash the prosecution proceedings
after they have been launched. The power of quashing a criminal
proceedings should be exercised very sparingly and with circumspection
25. 1978 CrLJ 659
26. AIR 1991 SC 1308.
27. 1996 CrLJ 1127
484^
and that too in the rarest of rare cases; the Court will not be justified in
embarking upon an enquiry as to the reliability or genuineness or otherwise
of the allegations made in the FIR/complaint the extraordinary or inherent
power does not confer an arbitrary jurisdiction on the Court to act
according to its whim or caprice."
With regard to the argumentsrelatingto the lodging of complaint by
an incompetentperson i.e.; by the Principal Secretary Home Department
Government of Tamil Nadu as advocated to by the learned counsel for
the petitioner, this Court is of the considered view that this piece of
arguments can also be not countenanced for the simple reason as it is
left open to the petitioner to put forth before the trial Court during the
course of trial.
Keeping in view of the observations made above, the decision in
M.S.M.Haneefa and others vs. The Forest Ranger, Shencotta
Range, ^^which is relied upon by the learned counsel for the petitioner is
not made applicable in this case. Having regard to the submissionsmade
on either side, and on cursory perusal of the materials available on record,
this Court is of firm view that, the question of sanction of prosecution
can be taken during the conduct of trial or any such of the proceedings
and therefore, the proceedings i.e.; the charge sheet at this stage cannot
be quashed on the ground of want of sanction in respect of the Section
72 of Information Technology Act 2000. With this observation, the
28. 1991 Crl.L.J. 712

485;
petition is dismissed. Consequently connected miscellaneous petitions
are also closed.
Anwar Sanooj, vs State Of Kerala^' Petitioner who is the sole
accused in Crime No. 45 of 2011 of Kollam East Police Station for
offences punishable under Sections 354, 375, 376, 340 and 341 I.PC
and Sections 67 and 67(A) of Information Technology Act, seeks
anticipatorybail.
Deepak Mahto case (19 August, 2011) The petitioneris an accused in
the case registered for the offence under sections 376, 354, 306, 509,
511,120B of the Indian Penal Code and sections 66(A), 66(B), 67(A),
67(B) and 72 of Information Technology Act, 2008. Considering the
nature of allegation and also that no fresh ground is made out, I am not
inclined to release the above named petitioner on bail. Accordingly the
prayer for bail of the above named petitioneris rejected. However, since
the petitioner is in custody for about ten months, the trial shall be expedited.
Sundaram B.N.P.Paribas Home ... vs State Of Tamil Nadu on

26 August, 2011 (W.P.Nos.2513, 2514 and 2922 of 2011)
The first petitioner company has filed a Special Leave Petition before
the Hon'ble Supreme Court in SLP (Civil)No. 13085 to 13087 of 2010
andthe fifth respondent has entered appearance and the matter is pending.
In the meantime, it is stated that certain persons from the third respondent
29. Decided on (17 March, 2011) see also Siddharam Satlingappa Mhetre v.
State of Maharashtra and Others (2010 (4) KLT 930)
^86;
police station have visited the premises of Sundaram Infotech Solutions
on 29.01.2011 and served the impugned notices, dated 24.01.2011
challenged in W.P.Nos.2513 and 2514 of 2011. The said notices were
issued under Section 91 Criminal Procedure Code seeking certain
documents. On coming to know about the said impugned notices the
petitioners have realised that the fifthrespondent KENSOFT has filed a
criminal complaint before the third respondent in Crime No.30 of 2010
on the same subject matter for an alleged offence under Sections 406
and 420 IPC besides the provisions of the Information Technology Act
andCopyri^tAct. Immediiely thereafter, the petitioners have explained
to the third respondent about the pendency of the civil suit in the High
Court of Madras and requested the third respondent to hand over a
copy of the First Information Report stated to have been registered at
the instance of the fifthrespondent. There was a serious dispute regarding
the jurisdiction of Mumbai Police to investigate the matter especially
when the fifth respondent himselfhas filed a suit before the Madras High
Court in respect of the same subject claiming ownership over the software
and time was sought for consultation, however, the third respondent
again visited the office of the first petitioner company on 30.01.2011.
According to the petitioners, the third respondenthas no jurisdictionnot
only to register the First Information Report, the petitioners attributed
against the fifth respondent that filing)f complaint is malicious act with
an intention of extracting money from the petitioner company and it is
.382.
vexatious and therefore, directing the petitioners to produce the
documents and other softwares are in violation of Articles 20 and 21 of
the Constitution of India.
The orders are challenged on various grounds including that the
notices issued under Section 91 Criminal Procedure Code are
unconstitutional and ultra vires the provisions of Criminal Procedure
Code since it amounts to self-incriminationby compulsion which is not
permissibleby virtue of Article 20(3) of the Constitutionof India in view
of catena of decisions of the Hon'ble Supreme Court; that it is
unconstitutionalmakinginvasionto the petitioners' fundamentalrightby
the third respondent; that though a criminal complaint is technically
maintainable, the third respondent ought to have appreciated that the
fifth respondent complainant himself has claimed ownership in respect
of the software already sold in favour of the first petitioner which is a
subj ect matter of dispute in a civil dispute filed by the fifth respondent in
the Madras High Court; that for the first informationreport filed by the
fifth respondent and registered under the third respondent police, there
is no cause of action and no criminal case has been made out and cause
of action has never arisen within the jurisdiction of the third and fourth
respondents; that the fifth respondent has approached the Madras High
Court and filed C.S.No.270 of 2009 specifically stating that the cause of
action arose within the jurisdiction of the Madras High Court cannot
maintain any complaint in respect of the same matter before the third
488;
respondent; that even on merit, the entire dispute arose by the illegal
conduct of the fifth respondentand the filing of the complaintbefore the
third respondent is an abuse of Criminal Procedure Code; that the
impugnednotice and the first information reportare arbitrary and illegal
hit by Article 14 of the Constitution of India; that the first information
report does not even remotely show that the cause of action arose within
the Maharashtra State; that the first information report, on theface of it,
has not made out any case for the third respondentpolice to investigate,
since no cause of action arose within its jurisdiction and no commission
of offence has been made out by disclosing the same in the impugned
first information report especially, the commission of Cyber crime; that
the filing of first information report itself is only due to the mala fide
attitude of the fifth respondent; that the fifth respondent has wilfully
misrepresented and suppressed the material facts; that the third and fourth
respondents while demanding to collect Certain vital commercial
information pertainingto the petitioners business have kept the petitione's
in dark as to whether the petitioners are treated as accused or as witnesses;
that apart from the fact that the first information report does not make
out a criminal offence warranting investigation by the third respondent;
that no offence made out under Section 63 of the Copyright Act as the
very same claim of the fifth respondent in respect of the ownership of
software is seriously in disputein the civil suit; that the fifth respondent
admitted in his statement that the petitioners proposed to migrate to
^82;
another software and therefore, misrepresentationdoes not arise; that no
offence has been made outunder the InformationTechnologyAct, 2000
by the de-facto complainant, apart from various other grounds.
.It is stated that on a perusal of evidence and during prehminary
investigation, it was revealed that the copy right in the software as per
the petitioners own admission in November 2008 and September 2008
lie with the 5th respondent; that the petitioners have been handed over
complainant's software, in trust which was transferred, to a third party
Sundaram Infotech Solutions; thatwhile in possession of the third party,
the software was tampered and the software scheme hacked into; that
when offences were discovered, the petitioners resorted to various acts
of dishonesty and fraud to cover up their acts and various criminal
offences; that evidence of offences havd)een submitted and verified by
the fourth respondent; that reports from the IRCC (Industrial Research
and Consultancy Centre and Intellectual Property Cell, IIT Bombay)
and the Institute of Intellectual Property Studies (UPS Report -reference
from NASSCOM), establishing IPR and copyright of Kensoft and the
offences committed by the petitioners are on record; that after going by
the available facts and evidence, preliminary enquirywas conducted for
an offence under Section 406, 420 and 34 IPC, read with Section 43
(b)(i)(j) read with Sections 66, 65 72(A) of the Information 'Bchnology
Act read with Sections 63,63(b) of the CopyrightAct and the complaint
was registered with the third respondent in Crime No.30 of 2010; that
the statements of important witnesses, including those of renowned
industrial stalwarts and senior experts were recorded; that the digital
evidence produced by the complainant was also taken on record; that
the team went with Forensic Tool Kit to collect copies of certain digital
evidence of current use of the housing finance software which ensures
that back up of any digital record can be taken without disturbing any
source data and without causing any damage to the petitioners/usage/
user. Therefore, summons were issued under Section 91 Criminal
Procedure Code by the Investigating Officer namely, the fourth
respondent to the petitioners to produce documents. It is stated that
when the fourth respondent has proceeded to investigate at Chennai
with the assistance of D-2, Anna Salai Police Station, the petitioners
have chosen to challenge the criminal complaint without furnishing any
materials. It is also stated that afterwards search warrant was obtained
form the appropriate court namely, the Additional Chief Metropolitan
Magistrate, 37th Court Esplanade, Mumbai. It is also stated that
suppressing all these facts, interim order has been obtained by the
petitioners. It is furttier stated that the petitioners have made false affidavit
suppressingmaterial facts and that the Mumbai Police has jurisdictionto
investigate and it is stated that at least part of the offence has been
committed by the petitioners in Mumbai and therefore, the Mumbai Police
has got jurisdictionsince the complainantvoluntarilyresides and carries
on business personally works for gain in Mumbai. It is also stated that
:39i.
under Sections 178 and 179 Criminal Procedure Code, the Mumbai Police
alone are competent to register and investigate the complaint.
It is stated that there is no coercion from the fourth respondent and it
is not correct to state that the copy of the first information report was
not shown to the petitioners and it is stated that the complaint was read
over and explainedin Hindi and English. It is stated that the software has
been developed in Mumbai. The Complainantcompany and complainant
are residing at Mumbai. The source code and IPR ofthe software are in
Mumbai. The Copyri^t registration certificate registered by the Registrar
of Copyrights, Government of India, at Mumbai and therefore, any
hacking or tampering of software anywhere affects the victim at Mumbai
and therefore, the registration of complaint by the Mumbai poUce is
within its jurisdiction and Cyber CrimePolice station of Mumbai is having
jurisdictionall over Mumbai and not restricted to any beat numbers etc..
It is also stated that when the petitioners themselves have admitted that
pendency of any civil proceedings in the Madras High Court does not
prevent the aggrieved person from launching criminal proceedings they
cannot have any grievance.lt is also stated that the third respondent has
never visited Chennai during the course of investigation and fifth
respondent was not present when the fourth respondent went to premises
of the petitioners. Hence, it is stated that the filing of the writ petitions is
abuse of process of law and any delay in investigation will defeat the
very object and if the timely action is not taken, there is every possibility
of the evidence being destroyed and will become a farce and therefore.
49g;
the third respondent has prayed to vacate the intaim order already granted
by this Court.
In the counter affidavit filed by the fifth respondent which is also in
the same line of counter affidavit filed by the fourth respondent, it is
stated that the writ petitions are not maintainablesince no cause of action
arose withinthe jurisdiction of this Court and FER was registered under
the third respondent only after prima facie case was made out about the
allegations and the third respondent after registering the FIR under various
sections forwarded the same to the Court of competent jurisdiction namely,
the Additional Metropolitan Magistrate, Court 37 which is under the
jurisdiction of Maharashtra High Court for all purposes under Articles
226 and 227 of the Constitution.lt is also stated that the fifth respondent
has chosen to file the suit ina place where the defendantsis carrying on
business as per Section 12 of the Letters Patent and Sections 51,55 and
62 of the CopyrightAct. Insofar as the filingof the FIR and the violations
of the provisions of Information Technology Act are concerned, the
fifth respondent is entitled to file such complaint before the third and
fourth respondents before whom the investigation is under progress.
A bare reading of the contents of the First InformationReport shows
that the third respondent police is the competent authority especially
when Sections 78, 80 and 81 make it very clear that the provisions of
Information Technology Act, 2000 will override the provisions of Code
of Criminal Procedure. While reiterating that the Ken soft Infotech Limited
is a software development company and that has developed finance
^93.
software for use of housing companies and home loans business, the
fifth respondent company states that it is an ISO 9001:2000 certified
company with certificationfromBVQI and ANAB (ANSI-ASQ) National
Accreditation Board of USA. The company has also been an Oracle
partner for over 13 years and one of their major software that they
developed is KEN-HFS and that was Hcensed in India to various
companies since 1994, including the Bank of India, GIC Housing Finance,
ICICI Bank etc., and also to Government of Andhra Pradesh, Andhra
Pradesh State Financial Corporation, Economic Development
Corporation Goa etc. In addition to that various software have also been
used by the Reliance Petro Chemicals, Air India, Afro Asian Games,
Government of Andhra Pradesh etc.. It is stated that the petitioners have
violated by tampering with the software, schema, source code of the
fifth respondent resulting in tremendous loss to the fifth respondent. It is
also stated that the petitioners have themselves assured thefifthrespondent
that the IPR will be protected by them. However, after admitting the
same in November 2008 and in December 2008 after perpetuating the
fraud the petitioners have falsely claimed copyright of the software and
after violations were discovered the infringingcode found on petitioners'
server to cover up their illegal activities. It is stated that there is no
disruption in the software and letters written by the second and fourth
petitioners on behalf of the company would clearly indicate that they
have satisfied with thework of the fifth respondent. Itis also stated that
they exposed to and colluded withthe third parties who control hacking
^94:
and tampering, copying and offences were committed and reverse
engineered the software provided by the fifth respondent company and
hacked the software schema source code committing violations of the
provisions of the InformationTechnologyAct, 2000. While it is true that
the fifth respondent has filed a suit in C.S.No.270 of 2009 before the
High Court of Madras, seeking various reliefs against the petitioners and
the third party are not party to the arbitration and in spite of it an
application was made for the purpose of referring to arbitration under
Section 8 of the Act and that has been rejected in the appeal in
O.S.A.Nos.431 to 433 of 2009. It is true that against the order in the
abovesaid appeals, S.L.P has been filed by the petitioners and no stay
has been granted by the Hon'ble Supreme Court. It is also stated that
the petitioners have violated the Copyright of the fifth respondent and
the illegal acts done by the petitioners have been established in the
technical report of the Indian Institute of Technology Computer Science
and Engineering Department, IIT, Bombay, apart from the report of
Dr.N.L.Sarda, who is an independentand eminent expert of international
repute and other reports of experts.
According to the fifth respondent, a perusal of the First Information
Report indicates the gross violations committed by the petitioners and
there is no abuse of process of law and the First Information Report
cannot be quashed as a matter of course which has been well settled to
the effect that even if an iota of fact is available in the First Information
395:
Report that is sufficient for investigationto continue.

Mr. A.L. Somayaji, learned Senior Counsel appearing for the petitioners
would submit that at the first instance that on the basis of the contents of
the First Information Report, no case has been made out against the
petitioners and therefore, the First Information Report is liable to be
quashed. It is his further submission thatthe impugned First Information
Report is tainted with mala fide. It is his further submission that the
investigationsoughtto be done by the third respondentpolice in Mumbai
is in violation of Article 20(3) of the Constitution. In summoning the
petitioners to produce the documents being an evidence against them is
in violationof the constitutional guarantee as stated above. It is his further
submission that the entire issue revolves on one fact namdy as to whether
the petitioners or the fifth respondent is the owner of the software of
KEN-HFS in respect of claiming ownershipver the said software. The
fifth respondent has voluntarilyfileda civil suit on the original side of the
Madras High Court for a declaration to that effect. In that suit, the fifth
respondent having stated that the cause of action for the said suit arose
wholly within the jurisdiction of the Madras High Court cannot give a
complaint to the third respondent in Mumbai. Therefore, according to
the learned Senior Counsel, the conduct of the fifth respondent in giving
complaint because the petitioner is at Mumbai is only a method for the
purpose of extractingmoneyfromthepetitionas and therefore, according
to the learned Senior counsel, it is an abuse of process of law. It is also
4%:
his submission that as per the provisions of the Criminal Procedure
Code especially Sections 177 and 179, the complainant must mention
the consequences of the conduct of the complaint and as to whether it
has occurred in Mumbai. In the absence of such contents in the FIR
which is impugnedin these writ petitions, no investigationis possible by
the Mumbai police. It is also his submission that even under the
Information Technology Act, the fifth respondent has not made out a
prima facie case againstthe petitioners for investigation at Mumbai, when
he was voluntarilyapproached the Madras High Court for declaration of
his right either in the Trade Mark or under the Information Technology
Act in respect of the software. When prima facie there is no offence
made out, this Court exercising jurisdiction under Article 226 of the
Constitution of India, especially after the amendment by which Article
226 (2) of the Constitution was inserted the part of cause of auction
having arisen in respect of the alleged criminal conduct at Madras, the
complaint given in Mumbai police namely under the third respondent
has no jurisdiction and this Court has jurisdiction. He also would rely
uponthejudgmentsreportedinAIR 1986 Crl.L.J 522 AP.H.C (Muppala
Ranganayakamma Vs.Sm[t.K.RamaIakshmi and others) apart from
the decision reported in AIR 1965 SC 1319 (Mohd.Sulaiman
Vs.Mohd.Ayub and another), and in The State of Gujarat Vs.
Jaswantial Nathalal reported in AIR 1967 SC 700, to substantiate his
contention.
497:
In respect of cases relating to the summoningof the petitioners to
produce documents, it is the case of the learned Senior Counsel that it
amounts to compelling the petitioners to give evidence against themselves
which is not permissible in law. For the purpose of substantiating his
contention about the jurisdiction of the Mumbai police to investigate,
learned Senior Counsel would rely upon various judgments namely, in
AIR 1998 SC 128 (Pepsi Foods Ltd., and another Vs. Special Judicial
Magistrate and others), 2010 3 LW 481 (Rajendran and anoflier
Vs.R.K.Misra and others), 1992 Supp (1) SCC 335 (State of Haryana
and others Vs.Bhajan Lai and others). That apart, to prove malice in
law, he would rely upon a judgment of the Hon'ble Supreme Court
reported in AIR 2008 SC 247 (All Cargo Movers (I) Pvt., Ltd., and
others Vs.Dhanesh Badarmal Jain and another). It is his submission
that the entire issue is basically of civil nature and therefore, the complaint
is not maintainable. When the impugned First Information Report does
not made out a case, the third respondent cannot be permitted to explain
the lacuna in the counter Such explanationby the third respondent police
can only be treated as malafide.For which, he would rely upon a judgment
oftheHon'bleApex Court reported in (2000)7 SCC 640 (Navinchandra
N.Majithia Vs. State of Maharashtra and others). Not only for the
competent Criminal Court in taking cognizance of offence but also the
investigating authority to proceed with the investigation, there must be
jurisdictionon the part of the investigatingauthority The incidents which
.398:
are alleged to have happened taken to be the cause of action for the
criminal complaintiliave admittedly happenedmuch prior to thefiling of
the suit and knowing that a suit was also already pending, the fifth
respondent has chosen to give the complaint especially when the
ownership is in dispute and therefore, it has to be taken that the
complainant has not made out a prima facie case for the purpose of
investigation.
It is basically his submission that when the fifth respondent has given
a complaint against the petitioners, it is the duty of the third respondent
police when it is found that the cause of action for the crime has been
taken place within the jurisdictionof the Mumbai police to proceed with
the investigation in accordance with the provisions of the Criminal
Procedure Code. It is not as if the petitioners have been considered as
accused while summons are issued to produce the documents. It is his
submission that the petitioners have not chosen to state as to how this
Court has got jurisdictionto entertain the writ petitions under Article 226
of the Constitution of India. He would rely upon the Bhajan Lal,s case
reported in 1992 Supp (1) SCC 335 to substantiate his contention that
jurisdictionalissue has to be decided especially in criminalinvestigation.
He has also stated by relyingupon the judgment of the Hon'ble Supreme
Court (2002) 1 SCC 567 (Union oflndia and others Vs.Adani Exports
Ltd., and another) that when a complaint is made, it is the duty of the
Mumbai police to investigatebefore either enclosing complaint or taking
further action byfilingreport before the JurisdictionalMagistrate.
^92;
16 .Mr.Rajakalifulla,leamed counsel would also submit that it is after
investigation,the third respondent may even drop all further proceedings
against the petitioners and it is not known as to how the petitioners have
presumed as if after investigationnecessarily a report will be filedbefore
the Judicial Magistrate who would take cognizance of offence. It is his
case that unless and until the jurisdictionalMagistrate takes cognizance
of the offence, the petitioner cannot presunie as an accused and the
investigationis in a preliminarystage and therefore, no one can interfere
with the investigation at this stage. He would rely upon latest judgment
on this issue including 1994 (4) SCC 711 (Oil and Natural Gas
Commission Vs. Utpal Kumar Basu and others), 2006 3 SCC
658(Mosaraf Hossain Khan Vs.Bhagheeratha Engg. Ltd., and others),
2000 (7) SCC 640 (Navinchandra N.Majithia Vs.State of
Maharashtra and others), 2008 (5) SCC 115 (Mahavir Prasad Gupta
and another Vs.State of National Capital Territory of Delhi and
others), 2002 Crl L. J. 706 (C.KrishnakumarMenon Vs.M/s.Neoteric
Informatique Pvt., Ltd., and another), 2007 (5) SCC 786 (Asit
Bhattacharjee Vs.Hanuman Prasad Ojha and others), and (2011) 1
SCC 74 (Iridium India Telecom Limited Vs.Motorola Incorporated
and others) and therefore, according to the learned counsel, the
petitioners apprehension is totally misconceived.
It is his submission that when once the fifth respondent who has
formulated the software at Mumbai which is the subject matter of contract
between the fifth respondent and the petitioners, when it is the complaint
4OQ;
of the fiffti respondent that the petitioners against the contract have started
misusing the software by transferring the sameto the others which is an
offence under the Information Technology Act and therefore, the
Software having started in Mumbai, theMumbai Police has jurisdiction
to investigate and it cannot be stated that the third respondent Mumbai
Police station hasno jurisdiction at all.
It is the submission of the learned counsel for the fifth respondent
who also wouldrely upon the judgment of the Bajanlal's case and submit
that mere filing of a civil suit on the original side of the Madras High
Court by the fifth respondent does not bar the fifth respondent in giving
a complaintagainstthe petitioners, if there is violation of the Information
Technology Act or various other provisions of the Indian Penal Code.
According to her, they are parallel proceedings, the ownership in respect
of the software is different from misusing of software system which is
an offence under the provisions of Information Technology Act.
According to her, there is absolutely no mala fide in the sense that the
coding system is situated in Mumbai. Mere statement by the fifth
respondent in the suit filed in Madras High Court, the jurisdiction lies
with the Madras High Court does not in any way take away the powers
of the third respondent when a part of the offence has been committed
within the jurisdiction of the third respondent in respect of which the
fifth respondent has given complaint.
It is her submission that the conduct of thepetitioners would amount

to tampering of the software which is an offence under Section 65 of the
401
Information Technology Act. According to her, under the Information
Technolo^ Act, tampmng can be done at anyplace but if such tampering
resulting in consequence at Mumbai wherein the fifth respondent is
residing, the fifth respondent is very much entitled to give complaint in
the third respondent police at Mumbai. She would also rely upon a
judgment ofthe Hon'ble Supreme Courtreported in AIR 1999 SC 3536
(SatvinderKaur Vs. State (Govt, of NCT of Delhi) and another). She
has also submitted that the conduct ofthe petitioners would show that
not only there is violation ofthe provisions ofthe Information Technology
Act but there is an offence committedunder the CopyrightAct also and
therefore, according to he^ by relying upon the InformatioriTechnology
Act, especially Sections75,78 and 80, the Mumbai Police is competent
to investigate on the complaint.
.Admittedly the fifth respondent has given a complaint to the third
respondent which was registered as First InformationReport challenged
by the petitioners in W.P.No.2922 of 2011. The offence alleged to have
been committed by the petitioners are punishable under Sections 406,
420, 34 IPC read/with 43(b)(i)G), 66, 65, 72 (a) ofthe Information
Technology Act read/with Sections 63,63(b) ofthe CopyrightAct. Based
on that, the third respondent has proceeded for investigation. In course
of investigation, the third respondent has directed the petitioners to
produce various electronic records and documents as per Section 91
Criminal Procedure Code on 24.01.2011 which are challenged in
W.P.Nos.2513 and 2514 of 2011 and the First InformationReport was
402;
registered under Section 154(1) Criminal Procedure Code by the third
respondent. By applyingthe principlelaid down by the Hon'ble Supreme
Court one cannot accept the contentionas if the third respondent has no
jurisdiction to register the complaint and investigate especially when prima
facie case has been made out on a bare reading of the complaint given in
the form of statement registered as First Information Report under Section
420 IPC read with Sections 43(b)(i)G),66,65,72(a)of the Information
Technology Act.
In S.W. Palanitkarv. State of Bihai^" the Hon'ble Apex Court
has held as follows: No offence was made out against the remaining
appellants as the ingredients of offences alleged against them were not
satisfied. Unfortunately the High Court failed to exercise jurisdiction
under Section 482 CrPC to correct manifest error committed by the
learned Magistrate in issuingprocess against Appellants 1-6 and 8 when
the alleged acts against them did not constitute offences for want of
satisfying the ingredients of the offences. The approach and
considerations while exercising power and jurisdiction by a Magistrate
at the time of issuingprocess are to be in terms of Sections 200 to 203
under Chapter XV CrPC, having due regard to the position of law
explained in various decisions of this Court, and whereas while exercising
power under Section 482 CrPC the HighCourt has to look at the object
and purpose for which such power is conferred on it under the said
provision. Exercise of inherent power is available to the High Court to
30. AIR 200 ISC 2960,
491
give effect to any order under CrPC, or to prevent abuse of the process
of any court or otherwise to secure the ends of justice. This being the
position, exercise ofpower under Section 482 CrPC shouldbe consistent
with the scope and ambit of the same in the hght of the decisions
aforementioned. In appropriate cases, to prevent judicial process from
being an instrument of oppression or harassmentin the hands of frustrated
or vindictive litigants, exercise of inherent power is not only desirable
but necessary also, so that the judicial forum of court may not be allowed
to be utilized for any oblique motive. When a person approaches the
High Court under Section 482 CrPC to quash the very issue of process,
the High Court on the facts and circumstances of a case has to exercise
the powers wilh circumspection as stated above to really serve the purpose
and object for which they are conferred".
The claim of the fifth respondent about his IPR and its ownership
pending in the High Court of Madras has in my considered view has
nothing to do with the allegationof criminal offence statedto have been
committedby the petitioners. In such circumstances, I have no hesitation
to hold that on the facts and circumstances of the case, there is nothing
for this Court warranting interference at this stage. It is always open to
the petitioners to work out their remedy in the manner known to law, if
there are any procedural or legal violations committed by the third
respondent at any stage. In such view of the matter, looking at any angle,
I am fully satisfied that the petitioners are not entitled for any relief claimed
404;
in the writ petitions. The writ petitions fail and the same are dismissed.
No costs. Consequentl)5 connected miscellaneous petitions are closed.
A Case Studies of Cyber Crime in Indian Perspective :

Today, a huge collection of international cyber crimes committed,
so it may be more relevant if some discuss^ion of Cyber crime case
studies in Indian Perspective: -
Insulting Images of Warrior Shivaji on Google - Orkut
An Indian posts 'insulting images'of respected warrior-saint Shivaji
on Google's Orkut. Indian police come knocking at Google's gilded
door demandingthe IP address (IP uniquely identifies every computer in
the world) which is the source of this negative image. Google, India
hands over the EP address. No such incidentin India wouldbe complete
withouta few administrativeslip-ups. The computerwith that IP address
is using Airtel, India as the ISP to connect to the internet and Orkut.
Airtel gives police the name of an innocent person using a different IP
address. How two IP addresses could be mixed-upin a sensitive police
case is anyone's guess. An innocent Indian, Lakshmana Kailash K, is
arrested in Bangalore and thrown in jail for 3 weeks. Eventually his
31. CIVIL APPEAL NOS.2795-2796 OF 2011 [Arising out of SLP [C]

Nos. 18211-18212 of 2010]
32. AIR 1973 SC 157 see also Union of India Vs. R. Gandhi, President, Madras
Bar Association CIVILAPPEALNO.3067 OF 2004
:405:
innocence is proved andhe is released in Oct, 2007. A number of news
media report this incident. American citizen and India lover Christopher
Soghoian (home page http://wwwdubfire.net/chris/) studies Informatics
at Indiana University and researches/writes about security, privacy and
computer crime. Christopher does an excellent article on this topic for
the blogs at respected tech media group CNET. Like all good writers,
Christopher Soghoian, gives Google, India a list of questions so that he
can give a balanced perspective to the millions of CNET readers.
How does Google, India respond?
The only comment was: "Google has very high standards for user
privacy and a clear privacy policy, and authorities are required to follow
legal process to get information.IncompHancewithlndianlegal process,
we provided Indian law enforcement authorities with IP address information
of anOrkutuser."
Not surpriangly Google is a keen to play this down as Yahoo is
being hauled over the coals by US Congress for handing over an IP
addresses and emails to the Chinese Government which resulted in a
Chinese democracy activistbeing jailed.
Techgoss contacted Christopher and asked him for a list of the
questions he had put to Google. The following were the questions that
Christopher put to Google which were never answered. Sometimes
what you do not say says more about what you have done.
1. Can Google speak at all to the specifics of this incident? 2. If so,
can Google confirm if they released ip addresses or any other log
406:
information to thelndian police regarding thig incident. 3 If Google did
hand over log information, did the Indian police have a warrant/court
order, or did they merely request it? 4. Does Google feel in any way
responsible for the man's accidental arrest andj ailing? 5. Speaking more
generally without going into the specifics of this incident...Has Google
ever in the past handed over user information (including logs) to Indian
law enforcement/authoritieswithout a court order/search warrant? 6. In
this case, the crime the man was accused of (defaming a 300 year old
historical figure) does not exist in the US. Will Google conform to the
laws of each country it does business in, or will it defer to American
concepts of freedom of speech and the press? 7. Does Google reveal
information to other countries for "crimes" that would not normally be
an illegal in the US? For example, the ip addresses of people in Saudi
Arabia and other conservative Muslim countries who search for adult,
consensual pornography? 8. Is the log data for Orkut stored in India, or
is it stored elsewhere? If the data is not stored in India, is Google still
responsible for giving itto the Indian authorities?
How does it Airtel react to rectify its mistake?

Firstly with an immediate, unqualified apology In itself, a positive
first step. Techgoss (techgoss.com) had heard rumors about Airtel
also offeringmonetary compensation tothe person wrongly jailed. But
Airtel is being coy about possible financial compensation. An Airtel
spokesperson issued the following statement to techgoss.com "Airtel
are aware of this incident and deeply distressed by the severe
inconveniencecaused to the customer. We are fully cooperating with the
authorities to provide all informationin this regard and we are in touch
with the customer. We have robust internal processes, which we review
frequently to make them more stringent. W have conducted a thorough
investigation of the matter and will take appropriate action".
Does this mean the customer will get compensation? It is not clear
either way. Let's wait and see. It is interesting to see that despite the
arrest he is still with Airtel. Now that's loyaltyto your telecom company
Finallyhe has demanded that he be compensated for the injustice
meted out to him! The illegally accused and detained techie in the
Chatrapati Shivaji defamation picturocase on Orkut, Lakshmana Kailas
K, has slapped a ten page legal notice on Telecom giant Bharti Airtel, the
Principal Secretary (Home) of the state government in Maharashtra, India
and the Assistant Commissioner of Pohce (Financial & Cyber crime
unit) demanding that an amount of 20 crores be paid as damages. The
software engineer has also sent a copy of the legal notice to the National
Human rights commission.Lakshmanahad spent a harrowing 50 days in
police custody accused of a crime he had never committed just because
an IP address sought by the pohce was wrongly supplied by Bharti
Airtel. The legal notice smacks of his anger with the police and judiciary
making a mockery of the rights of an individual and the pitiable conditions
of the Yerwada jail where he was detained with a number of hardened
criminals. He is reported to have been beaten by a lathi and asked to use
the same bowl to eat and to use in the toilet.
C408)
Kenneth L. Haywood
Kenneth L. Haywood (bom 1964) became involved in a 2008
controversy in the Indian city of Mumbai after his wireless connection
was allegedly used by terrorists to transmit a message to Indian news
networks before their attacks. It was subsequently revealed that Haywood
had been hving a double life as an "executive skills trainer" and a Christian
pastor, while the firm that he worked for was a probable front for
evangelical rehgious activities. Haywood was not charged by Indian
authorities in connection with the blasts, which occurred at Ahmedabad
and Sural, in late July 2008.
Finandal crimes
Wipro Spectramindlost the telemarketing contract from Capital one
due to an organized crime.The telemarketing executives offered fake
discounts, free gifts to the Ainericansin order to boost the sales of the
Capital one. The internal audit revealed the fact and surprisingly it was
also noted that the superiors of these telemarketers were also involvedin
the whole scenario.
Cyber pornography
Some more Indian incidents revolving around cyber pornography
include the Air Force Balbharati School case. In the first case of this
kind, the Delhi Police Cyber Crime Cell registered a case under section
67 of the IT act, 2000. A student of the Air Force Balbharati School,
New Delhi, was teased by all his classmates for having a pockmarked
face.
C409;
Online gambling
Recent Indian case about cyber lotto was very interesting. A man
called Kola Mohan invented the story of winning the Euro Lottery. He
himself created a website and an email address on the Internet with the
address 'eurolottery@usa.net.' Whenever accessed,the site would name
him as the beneficiary of the 12.5 milhon pound.After confirmation a
telgu newspaper published this as a news. He collected huge sums from
the public as well as from some banks for mobilizationof the deposits in
foreign currency. However, the fraud came to light when a cheque
discounted by him with the AndhraBank for Rs 1.73 million bounced.
Mohan had pledged with Andhra Bank the copy of a bond certificate
purportedly issued by Midland Bank, Sheffields, London stating that a
terdeposit of 12.5 million was heldin his name.
Intellectual Property crimes
These include software piracy, copyright infringement, trademarks
violations, theft of computer source code etc. In other words this is also
referred to as cybersquatting. Satyam Vs. Siffy is the most widely known
case. Bharti Cellular Ltd. filed a casein the Delhi High Court that some
cyber squatters had registered domain names such as barticellularcom
and bhartimobile.com with Network solution's under different fictitious
names. The court directed Network Solutions notto transfer the domain
names in question to any third party and the matter is sub-judice. Similar
issues had risen before variousHigh Courts earlier Yahoo had sued one
Akash Arorafor use of the domain name'Yahooindia.Com'deceptively
:4io:
similar to its 'Yahoo.com'. As this case was governed by the Trade
Marks Act, 1958, the additional defence taken against Yahoo's legal action
for the interim order was that the Trade Marks Act was applicable only
to goods.
Email spoofing
Recently, a branch of the Global Trust Bank experienced a run on the
bank. Numerous customers decided to withdraw all their money and
close their accounts. It was revealed that someone hadsent out spoofed
emails to many of the bank's customers stating that the bank was in very
bad shape financially and could close operations at any time.
Unfortunately this information proved to be true in the next few days.
But the best example of the email spoofing can be given by the Gujarat
Ambuja Executive's case. Where he pretended to be a girl and cheated
the Abu dhabi based NRI for crores by blackmailingtactics.
Cyber Defamation
India's first case of cyber defamation was reported when a company's
employee started sending derogatory, defamatory and obscene e-mails
about its Managing Director The e-mails were anonymousand frequent,
and were sent to many of their business associates to tarnish the image
and goodwill of the company
The company was able to identify the employee with the help of a
private computer expert and moved the Delhi High Court. The court
granted an ad-interim injunction and restrained the employee from sending,
publishingand transmittinge-mails, which are defamatory or derogatory
:4ii:
to the plaintiffs.
Cyber stalking
RituKohlihas the dubious distincti en of being the first lady to register
the cyber stalking case. A friend of her husband gave her telephonic
numberin the general chat room. The general chattingfacility is provided
by some websites like MIRC and ICQ. Where person can easily chat
without disclosing his true identity. The friend of husband also encouraged
this chatters to speak in slang language to Ms. Kohli.
Unauthorized access to computer systems or networks
However, as per Indian law, unauthorized access does occur, if hacking
has taken place. An active hackers' group, led by one "Dr. Nuker", who
claims to be the founder of Pakistan Hackerz Club, reportedly hacked
the websites of the Indian Parliament,Ahmedabad Telephone Exchange,
EngineeringExport Promotion Council, and United Nations (India).
IPR Theft
The economic offences wing (EOW) of the Pune police on Monday
arrested a software engineer Asma Sandip Thorve (37), a resident of
Uday Society in Sahkar Nagar, for allegedly cheating Brainvisa
Technologies to the tune of Rs 46.5 crores, by stealing their source
code. Earlier, the police had arrested software engineer Sameer Ashok
Inamdar (36) of Kondhwain the same case. (Jun 23, 2009 at 0119 hrs
1ST ) According to the poHce, Inamdar resigned from Brainvisa
Technologies in August 2006. He allegedly Stole the source code and
other secret information of Brainvisa Technologies and started his own
company Owner of BrainvisaTechnologies NitinHemchandraAgarwal
had lodged a police complaint alleging that the company lost Rs 46.5
crores due to this. A team, led by assistant commissioner Pushpa
Deshmukh, arrested Thorve, who was Inamdar's business partner and
allegedlyprovided him the confidential data of Brainvisa.
Thorve worked as senior manager, business development, for
BrainvisafromMay 2004 to December 2005 and there on as vice president
till December 2008, after which shejoinedlnamdar as a partner Thorve
was produced before court on Monday and has been remanded to police
custody tillJune 26.
Email bombing (DoS)
In one case, a foreigner who had been residing in Simla, India for
almost thirtyyears wanted to avail of a scheme introduced bythe Simla
HousingBoard to buy land at lower rates. When he made an application
it was rejected on the grounds that the scheme was available only for
citizens of India. He decided to take his revenge. Consequently he sent
thousands of mails to the Simla Housing Board and repeatedly kept
sending e-mails till their servers crashed.
Data diddling
The NDMC ElectricityBillingFraud Case that took place in 1996 is a
typical example. The computer network was used for receipt and
accountingofelectricitybillsby the NDMC, Delhi. Collection of money,
computerized accounting, record maintenance and remittance in he bank
were exclusively left to a private contractor who was a computer
professional. He misappropriatedhuge amount of funds by manipulating
data files to show less receipt and bank remittance.
Internet time theft
This connotes the usage by an unauthorized person of the Internet
hours paid for by another person. In May 2000, the economic offences
wing, IPR section crime branch of Delhi police registered its first case
involvingtheft of Intemethours. In this case, the accused, Mukesh Gupta
an engineer with Nicom System (p) Ltd. was sent to the residence of the
complainant to activate his Internet connection. However, the accused
used Col. Bajwa's loginname and password from variousplaces causing
wrongful loss of 100 hours to Col. Bajwa. Delhi police arrested the
accused for theft of Internet time.
On further inquiry in the case, it was found that Krishan Kumar, son
of an ex army officer, working as senior executive in M/s Highpoint
Tours & Travels had used Col Bajwa's login and passwords as many as
207 times from his residence and twice from his office. He confessed
that Shashi Nagpal, from whom he had purchased a computer; gave the
login and password to him. Thepolice couldjiot believe that time could
be stolen. They were not aware of the concept of time-theft at all. Colonel
Bajwa's report was rejected. He decided to approach The Times of
India, New Delhi. They, in turn carried a report about the inadequacy of
the New Delhi Police in handling cyber crimes. The Commissioner of
Police, Delhi then took the case into his own hands and the police under
his directions raided and arrested Krishan Kumar under sections 379,
411, 34 of IPC and section 25 of the Indian Telegraph Act. In another
case, the Economic Offences \Wng of Delhi Police arrested a computer
engineer who got hold of the passwordof an Internet usei^ accessed the
computer and stole 107 hours of Internet time from the other person's
account. He was booked for the crime by a Delhi court during May
2000. SBI arm wins cybersquattingcase - PeeyushAgnihotri- Tribune
News Service (Chandigaih,August24) SBI Card and Payment Services
Private Limited, the credit card arm of the State Bank of India (SBI),
received a shot in.the arm when it won a case of cybersquatting against
Domain Active Pty Limited, an Austrahan dotcom company.
The judgement, a notification of which was received earlier this week,

was delivered by the administrative tribunal constituted by the World
Intellectual PropertyOrganisation (WIPO), Geneva.
Establishedin 1998, SBI Card and Payment Services Private Limited
is a joint venture between GE Capital Services, the largest issuer of
private label credit cards in the world, and the State Bank of India (SBI),
the largest Indian bank. SBI holds 60 per cent stake while GE 40 per
cent.
The venture offers a range of credit cards — SBI Classic Card, SBI
Gold Card, SBI International Card, SBI Doctors Card. It also has a
number of city affinity cards (SBI Kolkata Card, SBI Mumbai Card,
SBI Delhi Card, SBI Hyderabad Card, SBI Bangalore Card),
commanding sales of over one million.
It all began when Domain Active Pty Limited, an Australian entity,
floated a website on the domain name, www.sbicards.com, and even
'tricked'financialbig-time entities like Chase Manhattan into advertising
on the site.
The SBI arm, which had already registered the domain name with
Fabulous.Com Pty. Ltd, lodged a complaint on March 16 at the World
Intellectual Property Organisation (WIPO), Geneva.
The WIPO Administrative Panel found that the Australian entity's
website could have attracted potential attention fromthe public because
of its affiliation with SBI Cards' products and services. At the same time
it created a risk of confusion with the products/services and trademark
as to the source, sponsorship, affiliation or endorsement of its website.
The panel's independent verification showed that the current use of
the Australian firm's website, www.sbicards.com, was practically the
same. The panel held that the respondent (Domain Active Pty Limited)
"has registered the disputed domain name in bad faith".
Talking exclusively to The Tribune from New Delhi, Mr Rodney D.

Ryder, who represented SBI Cards, said that it was a clear case of cyber
fraud and cybersquatting. "The judgement has come as big relief. No
penalty could, however, be imposed on the errant firm since at WIPO
we have not been able to evolve a consensus on what should be the
proper damage^compensation amount as the cases invol\e the jurisdiction
clause," he said.
Credit Card Frauds
Amit Tiwari had many names, bank accounts and clients. None of
them were for real. With a plan that was both ingenious and naive, the
21-year-old engineering student from Pune tried to defraud a Mumbai-
based credit card processing company, CC Avenue, of nearly Rs
900,000 .He was arrestedby the Mumbai Police on August 21,2003 after
nearly an year of hide and seek with CC Avenue. He's been charged for
cheating under Section 420.
CC Avenue verifies and validates credit cards of buyers for over a

thousand e-commerce Web sites. It conducts checks like IP mapping,
zip code mapping and reverse lookup of telephone numbers. AmitTiwari
found a way to bypass them.In May 2002, Col Vikram Tiwari signed up
for CC Avenue's services. In November, he requested the company to
deal with his son, Amit, who offered Web designing services on
www.mafiaz.com. CC Avenue's security teani confirmed his credentials
through bank signatureverification, driving license andiis HDFC Bank
debit card. Everythingwas genuine.Amitprocessed several transactions,
worth Rs 311,508, via CC Avenue from November 2002 to February
2003. Then the transactions stopped.In April 2003, CC Avenue began
receiving charge-backs from the credit card holders, who denied using
mafiaz.com's ^^feb designing service.Amit hadassumed the identities of
these 'customers', and purchased mafiaz.com's services with credit card
details that he found on the Net. He was both the buyer and the seller.Calls
to Amit's house in Lucknow went unanswered. Legal notices came back
cm
unclaimed. Amit had disappeared without a trace.
Three-in-one fraudster
In June 2003, Sachin Deshpande and Jeevan Palani signed separate
agreements with CC Avenue to provide Web designing services through
their sites www.infocreek.org and www.ewebsitestarter.com. The
company's risk-managementteam foundthat both these sites had ripped
off content and even the client list from foreign sites with similar names.
The modus operandi was similar to Amit's. Vishwas Patel, the CEO of
CC Avenue, spoke to Sachin over the phone and found that he sounded
just like Amit - "young and immature". They decided to hold back
payment.
Then, a person called Shoaib Sharif sou^t the services of CC Avenue.
Vishwas and his team again spotted a similar pattern. They held back
payment on various pretexts. "He sounded desperate," says Vishwas.
So they decided to trap him.
Trapped
CC Avenue's accounts manager asked Shoaibto come to Mumbai to
collect a cheque of Rs 40,000. On Augustll, a young man walked into
Vishwas's office. He introduced himself as Shoaib Sharif. Vishwas
immediately recognized him as Amit. (He had seen Amit's photograph
from his driver's license). Vishwas then called the Mumbai Police, who
rushed to his office and picked up the lad. At the Santa Cruz police
station, the boy confessed right away
India's First ATM Card Fraud
413^
The Chennai City Police have busted an international gang involved
in cyber crime, with the arrest of Deepak Prem Manwani (22), who was
caught red-handed while breaking into an ATM in the city in June last, it
is reliably learnt. The dimensions of the city cops' achievement can be
gauged from the fact that they have netted a man who is on the wanted
list of the formidable FBI of the United States. At the time of his detentim,
he had with him Rs 7.5 lakh knocked oflf from two ATMs in T Nagar and
Abiramipuram in the city. Prior to that, he had walked away with Rs
50,000 from an ATM in Mumbai. While investigatingManwani's case,
the pohce stumbled upon a cyber crime involving scores of persons
across the globe.
Manwani is an MBA drop-out from a Pune college and served as a
marketing executi\e in a Chennai-based finn for some time. Interestingly
his audacious crime career started in an Internet cafe. While browsing
the Net one day, he got attracted to a site which offered him assistance in
breaking into the ATMs. His contacts, sitting somewhere in Europe,
were ready to give him credit card numbers of a few American banks for
$5 per card. The site also offered the magnetic codes of those cards,
but charged $200 per code.
The operators of the site had devised a fascinating idea to get the
personal identification number (PIN) of the card users. They floated a
new site which resembled that of a reputed telecom company's. That
company has millions of subscribers. The fake site offered the visitors
to return $11.75 per head which, the site promoters said, had been
A\9:
collected in excess by mistake from them.
Believing that it was a genuine offer from the telecom company in
question, several lakh subscribers logged on to the site to get back that
little money, but in the process parted with their PINs. Armed with all
requisite data to hack the bank ATMs, the gang started its systematic
looting. Apparently, Manwani and many others of his ilk entered into a
deal with the gang behind the site and could purchase any amount of
data, of course on certain terms, or simply enter into a deal on a booty-
sharing basis. Meanwhile, Manwani also managed to generate 30 plastic
cards that contained necessary data to enable him to break into ATMS.
He was so enterprisingthat he was able to sell away a few such cards to
his contacts in Mumbai. Thepolice are on the lookout forthose persons
too.
On receipt of large-scale complaintsfrom the billed credit card users
and banks in the United States, the FBI started an investigationinto the
affair and also alerted the CBI in New Delhi that the international gang
had developed some links in India too.
Manwani has since been enlarged on bail after interrogation by the
CBI. But the citypolice believe that this is the beginning ofhe end of a
major cyber crime.
Work at Home scams Exposed
Cyber Crime Cell of Crime Branch, C.I.D., Mumbai Pohce have
arrested a person by name SripathiGuruprasaima Raj, aged 52 yrs who
is the Chairmanand Managing Director of Sohonet IndiaPrivate Ltd., a
42o:
company based in Chennai. Many complainants based in Mumbai had
complained to the Cyber Crime InvestigationCell, that the said company
has duped them each for Rs.4,000/- and Rs. 6,000/- by promising them
with monthly income of Rs. 15,000/-.
Case of Cyber Extortion
He does not know much about computer hacking, yet 51-year-old
cyber criminal Pranab Mitrahas stunned even the cyber crime investigation
cell of Mumbaipolice with his bizarrefraud on the Net. Mitra, a former
executive of Guj arat Ambuja Cement, was arrested on Monday for posing
as a woman and seducing online an Abu Dhabi-based man, thereby
managing to extort Rs 96 lakhfromhim. Investigatingoflficer, Assistant
Commissioner of Police, J.S. Sodi, said Mitra has been remanded to
police custody till June 24, and has been booked for cheating,
impersonation, blackmail and extortion under sections 420, 465, 467,
471,474 of the IPC, read with the newly formed IiiformationTechnology
Act.
Mitra posed as a woman, Rita Basu, and created a fake e-mail ID

through which he contacted one V.R. Ninawe. According to the FIR,
Mitra trapped Ninawe in a "cyber-relationship" sending emotional
messages and indulgingin online sex since June 2002.Later, Mitra sent
an e-mail that "she would commit suicide" if Ninawe ended the
relationship. He also gave him "another friend Ruchira Sengupta's" e-
mail ID which was in fact his second bogus address. When Ninawe
mailed at the other ID he was shocked to learn that Mitra had died. Then
Mitra began the emotional blackmail by calling up Abu Dhabi to say that
police here were searching for Ninawe. Ninawe panicked on hearing the
news and asked Mitra to arrange for a good advocate for his defence.
Ninawe even deposited a few lakh in the bank as advocate fees. Mitra
even sent e-mails as high court and police officials to extort more money
Ninawe finally came down to Mumbaito lodge a police case.
ICICI Bank Phishing
Did you know that e-mails, long considered the most convenient
form of communication, can actually spring some nasty surprises for
you? Recently, a few ICICI Bank customers in Mumbai, to their utter
dismay, discovered that e-mails can be extremely hazardous, if not to
their health, at least to their security.These ICICI Bank customers received
an e-mail from someone who posed asan official of the bank and asked
for sensitive information like the account holder's Internet login name
and password and directed them to a Web page that resembled the
bank's official site.When some customers wrote in to find out what the
e-mail was about, the bank officials registered a complaint with the police.
New as it may be in India, it is actually a popular banking scam, a

warning against which had been issued by many international banks
including Barclays and Citibank, rediff.com presents a guide that will
help readers understand what the scam is about and how they can stay
clear of it.
What happened in the case of the e-mail scam involvinglCICI Bank?
A few customers of ICICI Bank received an e-mail asking for their Mtemet
login name and password to their account. The e-mail seemed so genuine
that some users even clicked on the URL given in the mail to a Web page
that very closely resembled the official site.The scam was finally
discovered when an assistant manager of ICICI Bank's information
security cell received e-mails forwarded by the bank's customers seeking
to crosscheck the validity of the e-mails with the bank. Such a scam is
known as 'phishing.'
Cyber Lotto an Effective Tool of Frauds
"It is a classic case of cyber crime, the first of its kind in Andhra
Pradesh," was how Vijayawada Police CommissionerSudeep Lakhtakia
summed up the case of cheating andfraudregistered against Kola Venkata
Krishna Mohan, the self-styled winner of the multi-milliondollar Euro
lottery Mohan admitted that he did not win the 12.5 millionpoundEuro
lottery in November 1998, as he had claimed, but merely played fraud to
make good his losses in gambling. "With the help of computers, the
accused took the people for a ride," the Vijayawada police commissioner
pointed out. Mohan, using the Internet and forged documents, allegedly
cheated banks and several persons to the tune of 60 million rupees.
Kola Mohan was arrested by the Vijayawada city police on Monday

in connection with cases of fraud and forgery registered against him. He
was remanded tojudicial custody till December 13 by Fifth Metropolitan
:423:
Magistrate K B Narsimhulu. He was shifted to the district jail at

Gandhinagarin Vijayawada. Mohan was accused of cheating the Andhra
Bank to the tune of Rs 1.73 milhon.
By perpetrating the multi-milhonrupee fraud, Mohan has achieved
the dubious distinctionofallegedlycommittingthe first and biggest cyber
crime in Andhra. The state, incidentally is making rapid strides in
information technology, thanks to the initiative of cyber-sawy Chief
Minister N Chandrababu Naidu. A compulsive gambler who played
cards regularly athigh stakes in various clubs in the coastal city, Mohan
told newsmen at the police commissioner's office at Vijayawada on
Monday that he had lost as much as Rs 30 million in 1998 when a
gambling syndicate led by a real estate dealer and a restaurant-owner
cheated him. I staked some money on it in vain. Then, I invented the
story that I won the lottery I created a website and an email address on
the Internet with the address 'eurolottery@usa.net.' Wheneveraccessed,
the site would name me as the beneficiary of the 12.5 milhonpound (that
is, $ 19.8 millionor Rs 840 minion)Euro-lottery" Kola Mohan recalled.
A Telugu newspaper in Hyderabad received an email that a Telugu

had won the Euro lottery. The website address was given for verification.
The newspaper sent the query and got the "confirmation" since Kola
Mohan had himself createdand manipulated the website
Collective Scam in Call Center
The telemarketing project for anAmerican credit-card company was
just coming to an end in January when an internal audit at the Wipro
42^
Spectramind call center in Navi Mumbai, India, discovered something
very alarming: an organizedringof about60 call-center agents had been
systematically scammingU.S. consumers fontwo months. Supervisors
had told the agents to spice up their sales pitch for the client. Capital
One Financial Services, by making false claims about free gifts and
membership fees, according to Indian press reports. The scam even
bypassed Wipro's sophisticated call-monitoring system.
Reliance made to pay the Consumer
After conducting its own audit. Capital One, located in McLean,
Virginia, rescinded the contract with Wipro in March. But its
misadventure—and other recent departures from India by U.S. clients-
has confirmed many doubts and concerns about the booming business
of outsourcing call centers, and also is serving as a catalyst for human
resources to develop more effective approaches to managing offshore
workers. Experts and consultants believe that companies can meet the
challenges and save millions of dollars by improving training and
implementing tighter oversight of offshore call agents. Some U.S.
companies have even installed their own teams at offshore call centers.
"Capital One represents some of the challenges of outsourcing
Pune BPO-Scam
Pune BPO scam was claimed to be the first scam in India. In April
2005, five employees of MsourcE in Pune were arrested for allegedly
pulling offa fraud worth nearly$425,000 from the Citibankaccounts of
C425)
four New York-based account holders.
Gurgaon BPO Scam
In June 2005, the tabloid Sun , in a sting operation, purchased the
bank account details of 1,000 Britons for about 5.50 dollars
companylnfinityE- Search
Bangalore BPO Scam
In June 2006, Nadeem Kashmiri sold the customer credit card
information to a group of scamsters who used the informationto siphon
off nearly £233,000 or roughly Rs. 1.8 crore from bank accounts of
UK-based customo-s.
Data theft makes IT firm quit India
Pubhshedon Fri, Oct 13,2006 at 11:48, New Delhi: After registering
a case against an employee who had allegedly stolen data, the Gurgaon-
based IT firm Acme Telepower Management waited for something to
happen. A week later they have decided to stop operating out of India
and move to Australia. It seems like this is the beginning of a domino
effect, even as India's antiquated police forcetries to deal with new age
crime like data theft. Acme Telepower is claiming a national loss of Rs
750 crore. They are saying it's all because an ex-employee named
Sachidanand Patnaik who allegedly stoleresearch and handed it over to
his new employer- a competitor in the power industry solutions space.
On Thursday, the board of Acme met after a Gurgaon Sessions court
granted bail to Patnaik and decided it was time to pack their bags. "We
are disappointed in the system. Patents and research are not protected,
426:
so we are not sure if the law will be able to protect us," GM Marketing,
Acme, Sandeep Kashyap said. Acme employs around 1,100 people,
who will be affected by the firm's move to Australia that will happen
over the next eight months. Most of the 70 people in the Research and
Development section will be the first to move. Forthe rest, the future is
unclear. According to Acme, only a small manufacturingoperation will
remain in India, but they say they will take care of their employees and
that their reason for leaving is simple. "The fact that the main accused
has got bail and the others got a clean chit has disappointed us
completely," Kashy^ said. However, the lawyer for Sachidanand Patnaik
says they are givingup too soon and that this trend could have dangerous
repercussions. "If the reason they are leaving India is because the main
accused has got bail, then it is contempt of court," Patnaik's lawyer,
Vakul Sharma said. When people lost faith in the system in the past,
there was little they could, outside of rallying against everything wrong
with the world. However, today people have a choice. They can simply
move on. But the question remains - will the system respond?
Government and Defense sites Attacked and used
Though the commercial sectors are the sectors having maximum(85
per cent of total defacement in commercial sector) incidents of defacemait
of govemmentsites, which usually have critical informationpertainingto
security of the country, are on continuous rise. Recently, Defense Research
and development Organisation (DRDO) site was used to distribute
malware. The incidents of defacing government sites are increasing by
leaps and bounds. In 2005 only, 25 government sites were defaced and
the number was increased to 70 in 2006. In February 2006, websites of
Government of Punjab were targeted. All the websites of Government of
Rajasthan were hosted on the same server and in November 2006, all the
sites were defaced at very short intervals of one to two days. Every year,
there is an increase in the totalnumber of website defaced in India.
In 2005 only, 373 deface were reported, which had gone to 1791 in
the year 2011 . After Pokhran II test on May 11 -May 13,1998,agroup
of hackers called 'Milworm'broke into Bhabha Atomic Research Centre
(BARC) site and posted anti Indian and anti-nuclearmessages. In 1999,
website of Indian Science Congress Association was defaced and the
hacker posted provocative comments about Kashmir
Sony India Private Ltd Case
A complaint was filed in by Sony India Private Ltd, which runs a
website called sony-sambandh.com,targetingNon Resident Indians. The
website enables NRIs to send Sony products to their friends and relatives
in India after they pay for it online. The company undertakesto deliver
the products to the concerned recipients. In May 2002,someone logged
onto the website under the identity of Barbara Campa and ordered a
Sony Colour Television set and a cordless head phone.A lady gave her
credit card number for payment and requested that the products be
delivered to Arif Azim in Noida. The payment was duly cleared by the
credit card agency and the transaction processed. After following the
relevant procedures of due diligence and checking, the company delivered
428;
the itemsto Arif Azim. At the time of dehvery, the company took digital
photographs showing the dehvery being accepted by Arif Azim. The
transaction closed at that, but after one and a half months the credit card
agency informedthe company that this was an unauthorized transaction
as the real owner had denied having made the purchase. The company
lodged a complaint for online cheating at the Central Bureau of
Investigation which registered a case under Section 418,419 and 420 of
the Indian Penal Code. The matter was investigated into and Arif Azim
was arrested. Investigationsrevealed that Arif Azim, while working at a
call centre in Noida gained access to the credit card number of an
American national which he misused on the company's site.
The CBI recovered the colour television and the cordless head phone.
The accused admitted his guih and the court of Shri Gulshan Kumar
Metropolitan Magistrate, New Delhi, convictedArifAzim under Section
418, 419 and 420 of the Indian Penal Code — this being the first time
that a cyber crime has been convicted. The court, however, felt that as
the accused was a young boy of 24 years and a first-time convict, a
lenientview needed to be taken. The court therefore released the accused
on probation for one year.
First juvenile accused in a cyber crime case.
In April 2001 a person from New Delhi complained to the crime
branch regarding the website. Amazing.com, he claimed, carried vulgar
remarks about his daughter and a few of her classmates. During the
inquiry print-outs of the site were taken and proceedings initiated. After
:429;
invest!gationa student of Class 11 and classmate of the girl was arrested.
The juvenile board in Nov 2003 refused to discharge the boy accused of
creating a website with vulgar remarks about his classmate. The accused's
advocate had sought that his client be discharged on the ground that he
was not in a stable state of mind. Seeking discharge, the advocate further
said that the trial has been pending for about two years. While rejecting
the accused's application, metropolitan magistrate Santosh Snehi Mann
said: 'The mental condition under which the juvenile came into conflict
with the law shall be taken into consideration during the final order.'
Mann, however, dropped the sections of Indecent Representation of
Women (Prohibition) Act. The accused would face trial under the
Information Technology Act and for intending to outrage the modesty
of a woman. She held the inquiry could not be closed on technical
ground, especially when the allegations were not denied by the accused.
First case convicted under Information Technology Act 2000 of
India.
The case related to posting of obscene, defamatory and annoying
message about a divorcee woman in the yahoo message group. E-Mails
were also forwarded to the victim for informationby the accused through
a false e-mail account opened by him in the name of the victim. The
posting of the message resulted in annoyingphone calls to the lady in the
belief that she was soHciting. Based on a complaintmade by the victim
in February 2004, the Police traced the accused to Mumbai and arrested
him within the next few days. The accused was a known family friend of
43o:
the victim and was reportedly interested in marrying her. She however
married another person. This marriage later ended in divorce and the
accused started contacting her once again. On her reluctance to marry
him, the accused took up the harassment throughthe Internet. On 24-3-
2004 Charge Sheet was filed u/s 67 of IT Act 2000,469 and 509 IPC
before The Hon'bleAddl. CMM Egmore by citing 18 witnesses and 34
documents and material objects. The same was taken on file in
C.C.NO.4680/2004. On the prosecution side 12 witnesses were
examined and entire documents were marked. The Defence argued that
the offendingmails would have been given either by ex-husband of the
complainant or the complainant her self to imphcate the accused as accused
alleged to have turned down the request of the complainantto marry her.
Further the Defence counsel argued that some of the documentary
evidence was not sustainable under Section 65 B of the Indian Evidence
Act. However, the court based on the expert witness of Naavi and other
evidence produced includingthe witness of the Cyber Cafe owners came
to the conclusion that the crimewas conclusively proved. The court has
also held that because of the meticulous investigationcarried on by the
10, the origination of the obscene message was traced out and the real
culprit has been brought before the court of law. In this case Sri S.
Kothandaramati, Special Public Prosecutor appointed by the Government
conducted the case. Honourable Sri. Arulraj, Additional Chief Metropolitan
Magistrate, Egmore, delivered the judgement on 5-11-04 as follows:
"The accused is found guilty ofoffences under section 469,509 IPC
4IL
and 67 of IT Act 2000 and the accused is convicted and is sentenced for
the offence to undergo RI for 2 years under 469 IPC and to pay fine of
Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1 year
Simple imprisonmentand to pay fine of Rs.500/- and for the offence u/
s 67 of IT Act 2000 to undergo RI for 2 years and to pay fine of
Rs.4000/- All sentences to run concurrently"
Father & son convicted under IT act in Kerala.
The Additional District and Sessions Court here has upheld a lower
court's verdict in the first cyber case filed in the State sentencing a
Pentecostal Church priest and his son to rigorous imprisonmentin 2006.
Disposing of the appeal filed by the priest T. S. Balan and his son, Aneesh
Balan, against the order of the Chief Judicial Magistrate, on Wednesday,
Additional District Judge T.U. Mathewkutty said it was time the
govemmenttook effective measures to check the growingtrend of cyber
crimes in the State.The court upheld the magistrate's order sentencing
the two to three-year rigorous imprisonmentand imposing a fine of Rs.
25,000 under Section 67 of the information technology (IT) Act; awarding
six months rigorous imprisonment under Section 120(B) of the Indian
Penal Code; and ordering one year rigorous imprisonment andimposing
a fine of Rs. 10,000 under Section 469 of the-code.
The court revoked the sentence under Section66 of the IT Act. The
cyber case dates back to January-February 2002 and the priest and his
son became the first to be convicted of committing a cyber crime. The
two were found guilty of morphing, web-hosting and e-mailing nude
4^
pictures of Pastor Abraham and his family Balan had worked with the
pastor until he fell out with him and was shown the door by the latter.
Balan joined the Sharon Pentecostal Church later. The prosecution said
the duo had morphedphotographsof Abraham,his son, Valsan Abraham,
and daughter; Starla Luke, and e-mailed them from fake mail IDs with
captions. The morphed pictures were put on the web and the accused,
who edited a local magazine called The Defender, wrote about these
photos in his publication. Valsan received the pictures on the Internet
and asked his father to file a complaint to the police. A police party
raided the house of Balan and his son at Perumbavoor and collected
evidences. The magistrate's verdict came after a four-year trial, for which
the court had to procure a computer with Internet connection and
accessories. The police had to secure the services of a computer analyst
too to piece together the evidences. Twenty-nine witnesses, including
the Internet service provider and Bharat Sanchar Nigam Ltd., had to
depose before the court.
Well-known orthopedist in Chennai got life.

Dr. L Prakash stood convicted of manipulatinghis patients in various
ways, forcingthem to commitsex acts on camera and posting the pictures
and videos on the Internet. The 50-year-old doctor landed in the police
net in December 2001 when a young man who had acted in one of his
porn films lodged a complaint with the police. Apparently the doctor
had promised the youngman that the movie would becirculated only in
select circles abroad and had the shock of his life when he saw himself
.433.
in a pom video posted on the web.

Subsequentpolice investigationsopenedup a Pandora's box. Prakash
and his younger brother, settled in the US, had piled up close to one lakh
shots and video footages, some real and many morphed. They reportedly
minted huge moneyin the pom business,it was stated. Fast track court
judge RRadha, who convicted allthe four inFeb 2008 , also imposed a
fine of Rs 1.27 lakh on Prakash, the main accused in the case, and Rs
2,500 each on his three associates - Saravanan, Vijayan and Asir
Gunasingh. The Judge while awarding life term to Prakash observed
that considering the gravity of the offences committed by the main
accused, maximum punishment under the Immoral Trafficking Act (life
imprisonment)shouldbe given to him and no leniency should be shown.
The Judge sentenced Prakash under the Immoral Trafficking Act, IPC,
Arms Act and Indecent Representation of Women (Prevention) Act among
others.
Juvenile found guilty for sending threatening email.
A 16 year old student from Ahmadabadwho threatened to blow up
Andheri Railway station in an email message was found guilty by the
Juvenile court in Mumbai. A private news chaimel received an email on
18 March 2008 claimingsender as Dawood Ibrahim gang saying a bomb
would be planted on an unspecified train to blow it up. The case was
registered in Andheri Police station under section 506 of IPC and
transferred to cybercrime investigationcell. During Investigation CCIC
traced the cyber cafe from which the email account was created and
(434)
threatening email was sent. Cafe owner told police about friends which
had come that day to surf the net.Police Summonedthem and found that
the system which was used to send email was accessed by only one
customer On 22nd March 08, police arrested the boy a Class XII science
student who during interrogation said that he sent the email for fun of
having hisprank flashed as "breaking news" on television.
4. General Observation :
Computer crimes, in general, are being committed across nations.
Systems in one country are compromised by criminals and used for
launching attacks on targets. While reaching the targets, the criminal
passes through many compromised systems. While analyzing the
evidence, the investigatingagencies see the system used in the final stage
of attack on targets. The other intermediate stages can be picked up only
if details and computer logs of the systems used at all stages are available.
This is a major concern in the entire investigation of cyber crime. We
should therefore evolve a procedure where the computer logs of the
systems participating in the crime are available instantaneously to the
investigatingagencies.
Our dependence on technology - be it our cellphones, tablets, or
laptops, seems to be directly proportional to the progress that technology
itself has been witnessing. The growth of the Internet, the world over,
has been a very important chapter in this respect. Social networking,
gaming, storing data and online shopping are only a few of the many
435;
doors that the web has opened up. This, however, has also given birth to
an ugly spate of cyber crimes. A recent report by the National Crime
Records Bureau (NCRB) - Crime in India 2011 - has thrown light on
how the nation has fared, as far as cyber crimes go. According to the
report, the number of cases that were registered under the nation's IT act
last year (2011) were 1,791 -aconsiderableriseof85.4percentfromthe
966 cases registered in2010.
The report states that the highest number of cases were registered in
Andhra Pradesh (349), Maharashtra came second with 306 registered
cases, followed by Kerala (227 cases), Kamataka (155 cases) and
Rajasthan(122 cases). 46.1 percent of the total cases pertained to Loss/
damage to computer resource/utility reported under hacking with computer
systems for which 487 persons were arrested. 496 cases pertaining to
Obscene publications/transmission in electronicform were registered in
2011, following which443 persons were arested. It added, "Out of total
(983) Hacking cases, the cases relating to Loss / Damage of computer
resource/utility under Sec 66(1) of the IT Act were 84.0% (826 cases)
whereas the cases related to Hackingunder Section 66(2) of IT Act were
15.9% (157 cases). Andhra Pradesh (267) followed by Karnataka (87),
Rajasthan (69) and Maharashtra (68) registered maximum cases under
Sec 66(1) of the IT Act out of total 826 such cases at the National level."
The report further revealed that of the total 157 cases of Hacking
under Sec. 66(2), 23 cases, i.e the maximum came from Karnataka,
C436)
followed by 22 from Kerala and 20 from AndhraPradesh. Further, Andhra
Pradesh accounted for 242 arrests, i.e. 20.4 percent of the total 1,184
arrests in cases pertainingto the IT Act, 2000, followed by Maharashtra
with 226 arrests. Interestingly the report also found that 58.6 percent
(i.e., 695 out of 1,184) of those arrested belonged to the age group 18-
30 years, while 31.7 percent (i.e., 376 out of 1,184) of those arrested
belonged to the age group 30-45 years. Rather shockingly the report
revealed that of the people arrested, ten in Madhya Pradesh, four in
Maharashtra, three in Kerala and two in Delhi, were found to be below
the age of 18.
Clearly, the numbers are out for all to see. With many ofus spending
so much time online, it only is imperative that we maintain caution. In
this context, there is a need to evolve a system or procedure in this
direction. Such a system will go a long way in profiling and tracking
down criminals. Further; it is well known that many of the cyber crimes
go unreported due either to reluctance to report or ignorance in this
regard. As a result, reliable statistics oncrimes may not be available for
assessing the extent of the problem. However even with such limited
data, the reports on cyber crimes are alarming. The trend is changing
from individuals operatingformischief or profitto international organized
crime groups carrying out criminal activities like terrorism, money
laundering, drug trafficking, cyber based extortion and fraud, child
pornography and spreading hatred. Therefore, understandingthe changes
:437:
in crime patterns is critical to take preventive steps. Wliile technology

provides both opportunity and capability for criminal groups, it also
enhances the detection capabilitiesof law enforcement agencies to detect
and disrupt illegal activities. Cooperation isalso required
The incidence of the cybercrime having implications on terrorism is
on the rise. This mode of organized crime is extremely lethal and its
repercussions could be deadly The United States in the Police Act of
2006 is contemplatingto educate the police. We should take a leaf out of
the lesson from the United States and we should also modernize our
police force to deal witii such crimes. Indian Police Act, 1861 is outdated,
outmodelled and seems to have outmodelledits utility. ThePadmannabiah
Committee on Police Reforms, 2000 has suggested for it.
Furthennore only the Information Technology Act, 2000 continues

to be a sporadic piece of legislation in the absence of the gap filling
mechanism which could fill in the loopholes where the act is silent for
instance more comprehensive provision on breach of privacy
Cyber-criminalstake advantage of the speed of propagation, global

reach, anonymity and transience of the Internet to perpetrate crimes.
Cybercrimes are currently an important global issue that has the potential
of adversely affecting international economics, commerce, security and
human rights. Criminal justice systems have responded with criminal
prosecutionsof cybercrimeunder old, existing laws,or by enactingnew
"cybercrime laws." These actions have mostly emerged from technically
438:
advanced countries, namely the United States, countries of the European
Union, Australia, New Zealand, etc. Other countries have also started
framing cybercrime laws, using mostly the US laws as the basis. Cyber
law is a comparatively new field, and is continuously evolving and
"catching up" with innovations in technology However, as the analysis
in this paper shows, despite some progress, cybercrime laws are often
inadequate - they contain loopholesthat make the prosecution difficult,
suffer from a lack of understanding of the technical nuances of rapidly
emerging technology, and suffer from vague and conflicting interpretations.
Further, cyber laws enacted in one country may counteract with
another's notions of national sovereignty jurisdiction, humanrights and
privacy. Given this it is usefulto further study thedevelopment of cyber
laws and the role that they play in the convergence of information,
innovation and technology It is also important for IT professionals to
take an active part in shaping cyber laws, so that they are consistent,
have minimalloopholes, are reasonably easy to prosecute, safeguard the
essential openness and freedoms of the Internet, and not open to
interpretation.
A glaring instance where the corporate body discharged its social
responsibility in playing an active role in tracing the cyber criminals is
mentioned below. In October 2005, Microsoft entered into a contract
with the Federal Government of Nigeria to help the country "combat
cyber crime". At the time, the Memorandum of Understanding (MOU)
:439;
was hailed as a landmark partnership between Microsoft and an African
nation. According to Microsoft, the agreement was to "help support the
Nigerian government's efforts to create a safe legal enviromnent for
technology development and enforce laws that help attract investment
and ensure sustainable economical development.
There should be an international body which should ensure that all
the cybercriminalsare taken to task. In order to ensure that this impartial
body works in letter and spirit, it should be vested with the universal
jurisdiction. It is one of the ways through which the harmonization can
be possible as a single body would be entrusted withthe task of dealing
with the cyber crimes of wider ramifications.
It is high time that India should adopt an Act which should address
the substantive concerns of the cybercrime rather than being regulatory
in nature. Information Technology Act, 2008 is more often than not
castigated due to merely regulatory nature and lack of stringency.
Furthermore, the Carnivore system of forensic investigation adopted by
the United States should be adopted by India. The Sniffer technology
which comprises on the privacy ofthe individual shouldalso be used by
the Internet Service Providers as it would facilitate the proper, efficient
and efficacious investigationby the Police.
^^•|«

11 - Chapter 5

Uploaded by

11 - Chapter 5

Uploaded by

CHAPTER - V

1. Information Technology Act, 2000

1. Anju Thapa, Cyber Staking ; Crime and Challenge at the Cyberspcace,

United Nations' Definifionof Cybercrime

a. Cybercrime in a narrow sense (computer crime): Any illegal behavior

network, including such crimes as illegal possession [and] offering or '

distributing information by means of a computer system or network.

The age-wise profile of the arrested persons showed that 45 percent

that internet provides.

The offences included in the IT Act 2000 are as follows:

Section 67. Publishing of obscene info rmationin electronic form:

Essential ingredients of this section:

Penalties: Punishment: the imprisonment which may extend to ten

If such person discloses such information, he will be punished with

(1) No person shall publish a Digital Signature Certificate or otherwise

Section 76. Confiscation:

Explanation: The aforesaid sectionhighlightsthat all devices whether

2. Information Technology Act, 2008

New communication systems and digital technology have made

ITAA-2006, which are given as follows:

Act and the Code of Criminal Procedure to prevent such crimes.

(n) "Cyber Appellate Tribunal"means the CyberAppellate* Tribunal

(v) "Information"includes data, message, text, images, sound, voice,

Section 6 lays down the foundation of Electronic Governance. It

[Section 51] Term of office, conditions of serviceetc of Chairperson

[Section 66 B] Punishmentfor dishonestly-receiving stolen computer

[Section 66E] Punishment for violation of privacy. (Inserted Vide

[Section 72 A] Punishment for Disclosure of information in breach

Section 73 provides punishment for publishing a Digital Signature

Section 87 (aa) the procedure for ascertaining electronic signatureor

2. Appeal (crl.) 476 of 2003 Appeal (crl.) 477 of 2003

Defamation through obscene and scandalous remarks in the

4. Judgment delivered on n-5-2204 by CJM, Egmore

Jcb India Ltd vs LP. Address :122.163.98.166" The plaintiff

Subsequently, the plaintiff filed the present suit where it impleaded

11. Judgement on 25 August, 2008.

Much later, incoimectionwiththe Industrial Disputes Act, in Premier

It is quite possible that some disputes or claims may ultimately be

It was also observed by the Supreme Court, in Popat and Kotecha

20. Decided on (4 March, 2011)

22. (2008) 9 s e c 140.

Besides this in State of Maharashtra v. Ishwar Piraji KalpatrP^

28. 1991 Crl.L.J. 712

Sundaram B.N.P.Paribas Home ... vs State Of Tamil Nadu on

Report that is sufficient for investigationto continue.

It is her submission that the conduct of thepetitioners would amount

A Case Studies of Cyber Crime in Indian Perspective :

31. CIVIL APPEAL NOS.2795-2796 OF 2011 [Arising out of SLP [C]

How does it Airtel react to rectify its mistake?

The judgement, a notification of which was received earlier this week,

Talking exclusively to The Tribune from New Delhi, Mr Rodney D.

CC Avenue verifies and validates credit cards of buyers for over a

Mitra posed as a woman, Rita Basu, and created a fake e-mail ID

New as it may be in India, it is actually a popular banking scam, a

Kola Mohan was arrested by the Vijayawada city police on Monday

Magistrate K B Narsimhulu. He was shifted to the district jail at

A Telugu newspaper in Hyderabad received an email that a Telugu

Well-known orthopedist in Chennai got life.

in a pom video posted on the web.

in crime patterns is critical to take preventive steps. Wliile technology

Furthennore only the Information Technology Act, 2000 continues

Cyber-criminalstake advantage of the speed of propagation, global

You might also like