unit 3 part 1 (1)

UNIT III
• Cyber Crimes and Cyber Security-Legal Perspectives:

Introduction, Cyber crime and the legal landscape around the
world .Cyber laws in Indian context, Indian IT act Challenges to
Indian Law and Cyber crime scenario in India, Consequences of
not addressing weakness in IT Act, Digital signatures and Indian
IT Act, Cyber Crime and Punishment, Cyber Law ,Technology
and Students in Indian Scenario.
Cyber Crime and Cyber Security-
Legal perspectives
•Cyber Law – The Legal Perspectives: Introduction, Cybercrime and the
Legal Landscape around the World, Why do we need cyberlaws: the
indian context, the indian IT act.
UNIT-
Cyber
🠶IIIIntroduction Law
🠶 cybercrime is the largest illegal industry.
🠶 Cybercrime involves massive, coordinated attacks against the information infrastructure of
a country.
paradigm for Cyber Security

UNIT-
Cyber
🠶 Cybercrime was broken into two categories and defined as:
🠶 1. Cybercrime in a restrictive sense (computer crime): It is referred to any illegal
behavior that is carried out by means of electronic methods targeting the security of
computer systems and the data processed by them. This can be considered as a narrow
definition of the term cybercrime.
🠶 2. Cybercrime in a general sense (computer-related crime): It is referred to any illegal
behavior that is committed by means of, or in relation to, a computer system or network,
including s uc h crimes as illegal possession, and offering or distributing information by
means of a computer system or network. This can be considered as a broader definition of
the term cybercrime.
UNIT-
Cyber
🠶 These definitions are complicated by the fact that an act may be illegal in one nation but not
in another.
🠶 There are more concrete examples, including
1. Unauthorized access to computer
2. Causing damage to computer data or programs;
3. An act of computer sabotage;
4. Doing unauthorized interception of communications;
5. Carrying out computer espionage.
UNIT-
Cyber
🠶 In reference to the above-mentioned term unauthorized access, note that the law considers
computer trespass to be a crime. For example, according to Sections 18.2–152.4 of Virginia
State Criminal Law, computer trespass is deemed to have occurred when any person uses a
computer or computer network without authority and with the intent to:
🠶 1. Temporarily or permanently remove computer data, computer programs or computer
software from a computer or computer network;
🠶 2. cause a computer to malfunction regardless of how long the malfunction persists;
🠶 3. alter or erase any computer data, computer programs or computer software;
🠶 4. effect the creation or alteration of a financial instrument or of an electronic transfer of
funds;
🠶 5. cause physical injury to the property of another; or make or cause to be made an
unauthorized copy, in any form, including, but not limited to, any printed or electronic form
of computer data, computer programs or computer software residing in, communicated by
or produced by a computer or computer network shall be guilty of the crime of computer
trespass which shall be punishable as a Class 1 misdemeanor.
UNIT-
Cyber
🠶IIICybercrime and the Legal Landscape around the World Law
🠶 Crime or an offense is “a legal wrong that can be followed by criminal proceedings which
may result into punishment”
🠶 The hallmark of criminality is that it is breach of the criminal law.
🠶 A Broad View on Cybercrime Law Scenario in the Asia-Pacific Region
🠶 Online Safety and Cybercrime Laws: Detailed Perspective on the Current Asia-
Pacific
Scenario
🠶 Anti-Spam Laws in Canada
🠶 Cybercrime and Federal Laws in the US
🠶 The EU Legal Framework for Information Privacy to Prevent Cybercrime
🠶 Cybercrime Legislation in the African Region
UNIT-
Cyber
🠶 A Broad View on Cybercrime Law Scenario in the Asia-Pacific Region
🠶 Only a few countries of the Asia-Pacific region have appropriate legal and regulatory
frameworks to meet these challenges.
🠶 Even where awareness is growing and where legislation may be adequate, capacity to use
information security technologies and related procedures as well as to protect against,
detect and respond effectively to cybercrime, and to assist other countries, is low.
🠶 As a result, published cybercrime reports may represent only a small fraction of their
incidence and there is a need for more accurate estimates of the prevalence of cybercrime
UNIT-
Cyber
🠶 Online Safety and Cybercrime Laws: Detailed Perspective on the Current Asia-
Pacific
Scenario
🠶 In the privacy arena, there are numerous regional norms, s uc h as the Asia-Pacific Economic
Co-operation (APEC) Privacy Framework and the EU’s Data Protection Directive, but an
international consensus on the best approach to data protection regulation has not yet been
reached. However, CoE’s Convention on Cybercrime serves as the benchmark legislation.
🠶 There are nine principles to the A P E C Privacy Framework:
🠶 1. Preventing harm;
🠶 2. integrity of personal information;
🠶 3. notice;
🠶 4. security safeguards;
🠶 5. collection limitations;
🠶 6. access and correction;
🠶 7. uses of personal information;
🠶 8.🠶accountability;
9. choice.
UNIT-
Cyber
🠶 In early 2009, the Canadian Government tabled anti-Spam legislation, Bill C-27, T e Electronic
Commerce Protection Act, to address S p a m , counterfeit websites and Spyware.
•🠶 Basically, PIPEDA is based on the FIPs (Fair Information
🠶 The proposed legislation also brings amendment to Canada’s Personal Information Protection and
Practices):
Electronic Documents Act (PIPEDA) which covers online privacy in detail and contains many
provisions relevant to E-Mail marketing.
• 🠶 1. Principle 1 – Accountability
• 🠶 2. Principle 2 – Identifying purposes
• 🠶 3. Principle 3 – Consent
• 🠶 4. Principle 4 – Limiti ng collection
• 🠶 5. Principle 5 – Limiti ng use, disclosure and retention
• 🠶 6. Principle 6 – Accuracy
• 🠶 7. Principle 7 – Safeguards
• 🠶 8. Principle 8 – Openness
• 🠶 9. Principle 9 – Individual access
• 🠶 10. Principle 10 – Challenging compliance
UNIT-
Cyber
🠶 There are two laws currently being discussed in Canadian legislative assemblies:
🠶 1. Senate Bill S-220:
🠶 The bill was introduced by Senator Yoine Goldstein in early February 2009.
🠶 It is slated to become the Anti-Spam Act. It is a private member’s bill with private right of action and criminal
remedies.
🠶 2. Parliamentary Bill C-27:

🠶 The bill was tabled by the government in April 2009, with private right of action, coordination between various
enforcement agencies, civil remedies.
🠶 The Electronic Commerce Protection Act (ECPA) (aka: Bill C-27) is an Anti-Spam Act that covers E-Mail
communications, unauthorized installed applications and the alteration of data during transmission between
senders and recipients.
🠶 The bill forbids anyone from installing a program on a computer that could send an electronic message without
the consent of the owner or user
UNIT-
Cyber
🠶 Cybercrime and Federal Laws in the US
🠶 O n 15 September 2008, the U S House of Representatives approved the bill H . R . 5938.
🠶 The amendment, as part of Senate Bill S . 2168, was meant to expand the ability of the
Federal Government to prosecute criminal of identity theft and to allow victims to seek
compensation for the victims’ efforts (time and money) spent on trying to restore their credit.
🠶 The legislation was signed by President George W. B u s h . It had provisions for a fine as well
as imprisonment up to 5 years for Spyware.
🠶 Florida Computer Crimes Act (1988 version) and a summary of the penalties
🠶 The Act specifies the following type of crimes:
🠶1. Offenses against intellectual property;

🠶2. offenses against computer equipment or supplies;
🠶3. offenses against computer users.
UNIT-
Cyber
🠶 The EU is an economic and political union of 27
m ember states, located prim arily in Europe.
🠶 Readers can visit the link to understand the E U member countries.Also see Box 6.7 to know
the names of E U member countries.
🠶 Data protection E U legal framework addressed the principles for information management
(fairness, consent, transparency, purpose specification, data retention, security and access).
UNIT-
Cyber
🠶 In the EU, cybercrim e law is primarily based on the
C oE’s C o nvention on C ybercrime (November 2001).
🠶 Under the convention, member states are obliged to criminalize:
🠶 1. Illegal access to computer system ;
🠶 2. Illegal interception of data to a computer system;
🠶 3. Interfering with com puter system without rights an d intentional
interferen ce with computer data without rights;
🠶 4. The use of inauthentic data with intent to put it across as authentic (data forgery);
🠶 5. Infringement of copyright-related rights online;
🠶 6. Interference with data or functioning of computer system;
🠶 7. Child pornography-related off enses possession/d istribu tion /procu ring/producing
of
child pornographic.
UNIT-
Cyber
🠶 There is a common agreement that the African regions are in dire need for legislation to fight
cybercrime.
🠶 Africa is witnessing explosive growth in ICTs.
🠶 With this growth, however, cybercrime has also become a reality in this part of the world
too.
🠶 African countries, mostly because of inadequate action and controls to protect computers
and networks, are targets of attack.
🠶 A great deal of criminal activity is said to take place from this part of the world.
UNIT-
Cyber
🠶IIICybercrime and the Legal Landscape around Law
the World
UNIT-
Cyber
🠶IIIWhy do we need Cyberlaws: the Indian context Law
🠶 Cyberlaw is a framework created to give legal recognition to all risks arising out of the usage
of computers and computer networks.
🠶 Under the purview of cyberlaw, there are several aspects, s uc h as , intellectual property,
d a ta protection a n d privacy, freedom of expression a n d crimes committed using
computers.
🠶 The Indian Parliament passed its first cyberlaw, the ITA 2000, aimed at providing the legal
infrastructure for E-Commerce in India.
🠶 ITA 2000 received the assent of the President of India and it has now become the law of the
land in India.
🠶 The Government of India felt the need to enact relevant cyberlaws to regulate Internet-based
computer related transactions in India.
🠶 It manages all aspects, issues, legal consequences and conflict in the world of cyberspace,
Internet or WWW.
🠶 In the Preamble to the Indian ITA 2000, it is mentioned that it is an act to provide legal
recognition for transactions carried out by means of electronic data interchange and other
means of electronic communication, commonly referred to as electronic commerce.
UNIT-
Cyber
🠶IIIWhy do we need Cyberlaws: the Indian context Law
🠶 The reasons for enactment of cyberlaws in India are summarized below:
🠶 1. Although India possesses a very well-defined legal system, covering all possible situations
and cases that have occurred or might take place in future, the country lacks in many
aspects when it comes to newly developed Internet technology. It is essential to address this
gap through a suitable law given the increasing use of Internet and other computer
technologies in India.
🠶 2. There is a need to have some legal recognition to the Internet as it is one of the most
dominating sources of carrying out business in today’s world.
🠶 3. With the growth of the Internet, a new concept called cyberterrorism came into existence.
Cyberterrorism includes the use of disruptive activities with the intention to further social,
ideological, religious, political or similar objectives, or to intimidate any person in
furtherance of s uc h objectives in the world of cyberspace. It actually is about committing an
old offense but in an innovative way.
🠶 Keeping all these factors into consideration, Indian Parliament passed the Information
Technology Bill on 17 May 2000, known as the ITA 2000.
🠶 This law is based on Model UNCITRAL law for E-Commerce
UNIT-
Cyber
🠶IIIThe Indian IT act. Law
🠶 Cybercrimes and Other Related Crimes Punishable under Indian Laws
🠶 1. Under Section 65 of Indian Copyright Act any person who knowingly makes, or has in
his/her possession, any plate for the purpose of making infringing copies of any work in
which Copyright subsists is punishable with imprisonment which may extend to 2 years
with fine.
🠶 2. Sending pornographic or obscene E-Mails are punishable under Section 67 of the IT Act.
🠶 • An offense under this section is punishable on fi rst conviction with imprisonment for a term, which may
extend to 5 years and with fi ne, which may extend to 1 lakh rupees (Rs.1,00,000).
🠶 • In the event of a second or subsequent conviction, the recommended punishment is imprisonment for a term,
which may extend to 10 years and also with fi ne which may extend to 2 lakh rupees (Rs.2,00,000).
🠶 3. E-Mails that are defamatory in nature are punishable under Section 500 of the Indian
Penal Code (IPC) that recommends an imprisonment of upto 2 years or a fi ne or both.
🠶 4. Threatening E -Mails are punishable u nder the provision s of
the IPC pertaining to criminal intimidation, insult and annoyance
(CHAPTER XXII) and extortion (CHAPTER XVII).
🠶 5. E-Mail spoofing
personation is covered
(CHAPTER under
XVII) and provisions
forgery of theXVIII).
(CHAPTER IPC with regard to fraud, cheating by
UNIT-
Cyber
🠶 Weak Areas of the ITA 2000
🠶 As mentioned before, there are limitations too in the IT Act; those are mainly due to the
following gray areas:
🠶 1. The ITA 2000 is likely to cause a conflict of jurisdiction.
🠶 2. E-Commerce is based on the system of domain names. The ITA 2000 does not even touch
the issues relating to domain names. Domain names have not been defi ned and the rights
and liabilities of domain name owners do not find any mention in the law. The law does not
address the rights and liabilities of domain name holders.
🠶 3. The ITA 2000 does not deal with issues concerning the protection of Intellectual Property
🠶 Rights (IPR) in the context of the online environment. Contentious yet very important issues
🠶 concerning online copyrights, trademarks and patents have been left untouched by the law,
🠶 thereby leaving many loopholes. Thu s , the law lacks “Proper Intellectual Property Protection
for Electronic Information and Data” – the law misses out the issue of IPR, and makes no
provisions whatsoever for copyrighting, trade marking or patenting of electronic information
and data. However, the corresponding provisions are available under the Indian Copyright
Act.
UNIT-
Cyber
🠶 4. As the cyberlaw is evolving, so are the new forms and manifestations of cybercrimes. The
offenses defined in the ITA 2000 are by no means exhaustive. However, the drafting of the
relevant provisions of the ITA 2000 makes it appear as if the offenses detailed therein are
the only cyberoffenses possible and existing. The ITA 2000 does not cover various kinds of
cybercrimes and Internet-related crimes.
🠶 These include:
🠶 • Theft of Internet hours;
🠶 • cybertheft;
🠶 • cyberstalking;
🠶 • cyberharassment;
🠶 • cyberdefamation;
🠶 • cyberfraud;
🠶 • misuse of credit card numbers;
🠶 • chat room abuse;
🠶 • cybersquatting (not addressed directly).
UNIT-
Cyber
🠶 5. The ITA 2000 has not tackled vital issues pertaining to E-Commerce sphere like privacy
and content regulation to name a few.
🠶 6. The Information Technology Act is not explicit about regulation of Electronic Payments,
and avoids applicability of IT Act to Negotiable Instruments. The Information Technology Act
stays silent over the regulation of electronic payments gateway and rather segregates the
negotiable instruments from the applicability of the IT Act. This may have major eff ect on
the growth of E-Commerce in India.
🠶 This has led to tendencies of banking and financial sectors being irresolute in their stands.
🠶 7. IT Act does not touch upon antitrust issues.
🠶 8. The most serious concern about the Indian Cyberlaw relates to its implementation. The
ITA 2000 does not lay down parameters for its implementation. Also, when Internet
penetration in India is extremely low and government and police officials, in general, are not
very computer savvy, the new Indian cyberlaw raises more questions than it answers. It
seems that the Parliament would be required to amend the ITA 2000 to remove the gray
areas mentioned above.

unit 3 part 1 (1)

Uploaded by

unit 3 part 1 (1)

Uploaded by

UNIT III

• Cyber Crimes and Cyber Security-Legal Perspectives:

paradigm for Cyber Security

🠶 2. Parliamentary Bill C-27:

🠶1. Offenses against intellectual property;

You might also like