INFORMATIONTECHNOLOGY ACT-2000 1.Introduction & definitions 2. Digital Signature and Certificates 3. E-Commerce & E- Governance 4. Duties of Subscriber 5. Penalties and adjudication 6. Cyber Crime 7. Amendments to the Act IT Act, 2000 Enacted on 17th May 2000- India is 12th nation in the world to adopt cyber laws IT Act is based on Model law on e-commerce adopted by UNCITRAL Objectives of the IT Act To provide legal recognition for transactions: Carried out by means of electronic data interchange, and other means of electronic communication, commonly referred to as "electronic commerce“ To facilitate electronic filing of documents with Government agencies and E-Payments To amend the Indian Penal Code, Indian Evidence Act,1872, the Banker’s Books 1891,Reserve Bank of India Act ,1934 Evidence Act Extent of application Extends to whole of India and also applies to any offence or contravention there under committed outside India by any person {section 1 (2)} read with Section 75- Act applies to offence or contravention committed outside India by any person irrespective of his nationality, if such act involves a computer, computer network located in India system or Definitions ( section 2) Access: "access" with its grammatical variations and cognate expressions means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network; Addresee; "addressee" means a person who is intended by the originator to receive the electronic record but does not include any intermediary; Subscriber: "subscriber" means a person in whose name the Digital Signature Certificate is issued. Certifying Authority: Certifying Authority" means a person who has been granted a licence to issue a Digital Signature Certificate under section 24. . terrestrial line or other communication media. and (ii) terminals or a complex consisting of two or more interconnected computers whether or not the interconnection is continuously maintained . "computer network" means the interconnection of one or more computers through(i) the use of satellite. microwave. electronic instructions. input data and output data that performs logic. . data storage and retrieval. "computer system" means a device or collection of devices. communication control and other functions. including input and output support devices and excluding calculators which are not programmable and capable being used in conjunction with external files which contain computer programmes. arithmetic. computer network.computer data base or software. . "computer resource" means computer. "Controller" means the Controller of Certifying Authorities appointed under subsection (l) of section 17. computer system. data. knowledge. concepts or instruction which are being prepared or have been prepared in a formalized manner. . facts. and may be in any form (including computer printouts magnetic or optical storage media. is being processed or has been processed in a computer system or computer network. "data" means a representation of information. punched tapes) or stored internally in the memory of the computer. and is intended to be processed. punched cards. sent. optical. "electronic form" with reference to information means any information generated. "Digital Signature Certificate" means a Digital Signature Certificate issued under subsection (4) of section 35. . micro film. received or stored in media. magnetic. computer memory. computer generated micro fiche or similar device. . generates. stored or transmitted to any other person but does not include an intermediary. "originator" means a person who sends. image or sound stored. record or data generated. "electronic record" means data. received or sent in an electronic form or micro film or computer generated micro fiche. generated. stores or transmits any electronic message or causes any electronic message to be sent. DIGITAL SIGNATURE & DIGITAL SIGNATURE CERTIFICATE . at the time it was affixed. if such information or matter is authenticated by means of digital signature affixed in such manner as may be prescribed by the Central Government. by application of a security procedure agreed to by the parties concerned. If. notwithstanding anything contained in such law. . SECTION 15 SECURE DIGITAL SIGNATURE. it can be verified that a digital signature.SECTION 5 LEGAL RECOGNITION OF DIGITAL SIGNATURES Where any law provides that information or any other matter shall be authenticated by affixing the signature or any document shall be signed or bear the signature of any person then. then such digital signature shall be deemed to be a secure digital signature. was • unique to the subscriber affixing it • capable of identifying such subscriber • created in a manner or using a means under the exclusive control of the subscriber and is linked to the electronic record to which it relates in such a manner that if the electronic record was altered the digital signature would be invalidated. such requirement shall be deemed to have been satisfied. Diagram showing how a simple digital signature is applied and then verified . COMPENSATION AND ADJUDICATION SECTIONS .PENALTIES. computer system or computer network. data. computer data base or information from such computer. or computer network he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected .SECTION 43 PENALTY FOR DAMAGE TO COMPUTER If any person without permission of the owner or any other person who is in charge of a computer. computer system or computer network. – denies or causes the denial of access to any person authorised to access any computer. computer system or computer network – damages or causes to be damaged any computer. computer system or computer network including information or data held or stored in any removable storage medium – introduces or causes to be introduced any computer contaminant or computer virus into any computer. computer system or computer network. rules or regulations made there under – charges the services availed of by a person to the account of another person by tampering with or manipulating any computer. – disrupts or causes disruption of any computer. computer data base or any other programmes residing in such computer. computer system. copies or extracts any data. computer system or computer network in contravention of the provisions of this Act. – accesses or secures access to such computer. – downloads. computer system or computer network by any means – provides any assistance to any person to facilitate access to a computer. computer system or computer network. computer system or computer network. $426. obtained PIN codes from four customers of MphasiS’ client. the call centre employees opened new accounts at Indian banks using false identities.000 was stolen.S. These employees were not authorized to obtain the PINs. they used the PINs and account information gleaned during their employment at MphasiS to transfer money from the bank accounts of CitiGroup customers to the new accounts at Indian banks.000. In association with others. the Indian police had tipped off to the scam by a U. and quickly identified the individuals involved in the scam. the amount recovered was $230. four call centre employees. By April 2005. working at an outsourcing facility operated by MphasiS in India. Citi Group. bank. Arrests were made when those individuals attempted to withdraw cash from the falsified accounts.Related Case: Mphasis BPO Fraud: 2005In December 2004. Within two months. Verdict: Court held that Section 43(a) was applicable here due to the nature of unauthorized access involved to commit transactions . such body corporate shall be liable to pay damages by way of compensation.Section 43A – Compensation for failure to protect data Where a body corporate. to the person so affected. . fails to furnish the same. etc. fails to maintain the same. iii. ii. Furnish any document. controls or operates. he shall be liable to a penalty not exceeding ten thousand rupees for every day during which the failure continues. books or other documents within the time specified therefore in the regulations. not exceeding five crore rupees. fails to file return or furnish the same within the time specified therefore in the regulations. If any person who is required under this Act or any rules or regulations made there under to i. possessing. Section 44 – Penalty for failure to furnish information or return. return or report to the Controller or the Certifying Authority. dealing or handling any sensitive personal data or information in a computer resource which it owns. is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person. he shall be liable to a penalty not exceeding five thousand rupees for every day during which such failure continues Maintain books of account or records. he shall be liable to a penalty not exceeding one lakh and fifty thousand rupees for each such failure File any return or furnish any information. an adjudicating officer shall have due regard to the following factors. namely : •The amount of gain of unfair advantage. wherever quantifiable. shall be liable to pay a compensation not exceeding twenty-five thousand rupees to the person affected by such contravention or a penalty not exceeding twenty-five thousand rupees. made as a result of the default.Section 45 – Residuary Penalty Whoever contravenes any rules or regulations made under this Act. •The amount of loss caused to the person as a result of the default. for the contravention of which no penalty has been separately provided. . Section 47 – Factors to be taken into account by the adjudicating officer Section 47 lays down that while adjudging the quantum of compensation under this Act. •The repetitive nature of the default. allow it to be filed within a further period not exceeding sixty days.SECTION 61 CIVIL COURT NOT TO HAVE JURISDICTION No court shall have jurisdiction to entertain any suit or proceeding in respect of any matter which an adjudicating officer appointed under this Act or the Cyber Appellate Tribunal constituted under this Act is empowered by or under this Act to determine and no injunction shall be granted by any court or other authority in respect of any action taken or to be taken in pursuance of any power conferred by or under this Act. SECTION 62 APPEAL TO HIGH COURT. if it is satisfied that the appellant was prevented by sufficient cause from filing the appeal within the said period. • Any person aggrieved by any decision or order of the Cyber Appellate Tribunal may file an appeal to the High Court within sixty days from the date of communication of the decision or order of the Cyber Appellate Tribunal to him on any question of fact or law arising out of such order • Provided that the High Court may. . shall be suspended till the penalty is paid .SECTION 63 COMPOUNDING OF CONTRAVENTIONS It states that any contraventions under this Act either before or after the institution of adjudication proceedings. as the case may be. shall be recovered as an arrear of land revenue and the licence or the Digital Signature Certificate. subject to such conditions as the Controller or such other officer or the adjudicating officer may impose. if it is not paid. as the case may be. be compounded by the Controller or such other officer as may be specially authorised by him in this behalf or by the adjudicating officer. SECTION 64 RECOVERY OF PENALTY A penalty imposed under this Act. OFFENSES SECTIONS . 73 . Data alteration Publishing obscene information Un-authorized access to protected system Breach of Confidentiality and Privacy Publishing false digital signature certificates Sec.72 Sec.66 Sec.67 Sec.2000 Tampering with Computer source documents Hacking with Computer systems.70 Sec.65 Sec.Cybercrime provisions under IT Act. See more at: http://niiconsulting.bit number (ESN) programmed into cell phones theft were exclusively franchised to Reliance Infocomm. Tata Indicom employees were arrested for manipulation of the electronic 32. or with both. shall be punishable with imprisonment up to three years. destroy or alter any computer source code used for a computer. computer system or computer network. Verdict: Court held that tampering with source code invokes Section 65 of the Information Technology Act. . The State of Andhra PradeshIn this case.dpuf . computer programme. destroys or alters or intentionally or knowingly causes another to conceal.ZTssNLPR.SECTION 65 TAMPERING WITH COMPUTER SOURCE DOCUMENTS Whoever knowingly or intentionally conceals. Related Case : Syed Asifuddin and Ors.com/checkmate/2014/06/it-act-2000-penaltiesoffences-with-case-studies/#sthash. when the computer source code is required to be kept or maintained by law for the time being in force. Vs. or with fine which may extend up to two Lakh rupees. or with both. or with fine which may extend up to two Lakh rupees.SECTION 66 HACKING WITH COMPUTER SYSTEM • Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means. • Whoever commits hacking shall be punished with imprisonment up to three years. . commits hacking. they said. The complaint also stated that the subscribers had incurred a loss of Rs 38.248 due to Kumar’s wrongful act. the techie from Bangalore to undergo a rigorous imprisonment for one year with a fine of Rs 5. Chennai and other cities too.See more at: http://niiconsulting. Verdict: The Additional Chief Metropolitan Magistrate. Chennai.The CBI had registered a cyber crime case against Kumar and carried out investigations on the basis of a complaint by the Press Information Bureau.Investigations had revealed that Kumar was logging on to the BSNL broadband Internet connection as if he was the authorized genuine user and ‘made alteration in the computer database pertaining to broadband Internet user accounts’ of the subscribers. added files and changed the passwords to deny access to the authorized users.000 under section 420 IPC (cheating) and Section 66 of IT Act (Computer related Offense). which detected the unauthorised use of broadband Internet. He used to ‘hack’ sites from Bangalore. Chennai.com/checkmate/2014/06/it-act-2000-penaltiesoffences-with-case-studies/#sthash.Related Case: Kumar v/s Whiteley In this case the accused gained unauthorized access to the Joint Academic Network (JANET) and deleted. sentenced N G Arun Kumar. Egmore.ZTssNLPR. .dpuf . Facebook. At around 1p. Relevant Case #1: Fake profile of President posted by imposter On September 9. on May 25. challenging the police to find them before it was too late. 2000 was registered based on the said complaint at the police station. the imposter made a fake profile in the name of the Hon’ble President Pratibha Devi Patil. In the e-mail. President Household. Relevant Case #2: Bomb Hoax mail In 2009.66A Sending offensive messages thro communication service. A complaint was made from Additional Controller. 2010.m. the elite wing of Delhi Police which specializes in investigating economic crimes including cyber offences. Economic Offences Wing. a 15-year-old Bangalore teenager was arrested by the cyber crime investigation cell (CCIC) of the city crime branch for allegedly sending a hoax e-mail to a private news channel. The said complaint stated that president house has nothing to do with the facebook and the fake profile is misleading the general public. The First Information Report Under Sections 469 IPC and 66A Information Technology Act. President Secretariat regarding the four fake profiles created in the name of Hon’ble President on social networking website. the news . causing annoyance etc through an electronic communication or sending an email to mislead or deceive the recipient about the origin of such messages (commonly known as IP or email spoofing) are all covered here. Punishment for these acts is imprisonment upto three years or fine. he claimed to have planted five bombs in Mumbai. 2. Lifelock. Punishment is three years imprisonment or fine of one lakh rupees or both. 66C Electronic signature or other identity theft like using others’ password or electronic signature etc. Nine months later. Li attempted to obtain a new driver’s license with the intention of applying for new credit cards eventually. Relevant cases for sec 66C: 1.com/checkmate/2014/06/it-act2000-penalties-offences-with-case-studies/#sthash.dpuf .ZTssNLPR. Davis’ identity was used to obtain a $500 cash advance loan. a graduate student at West Chester University of Pennsylvania faked his own death. complete with a forged obituary in his local paper. Todd Davis’s social security number was exposed by Matt Lauer on NBC’s Today Show. .66B Dishonestly receiving stolen computer resource or communication device with punishment upto three years or one Lakh rupees as fine or both.See more at: http://niiconsulting. The CEO of an identity theft protection company. Li Ming. .jayplychem. Relevant Case: Sandeep Vaghese v/s State of Kerala A complaint filed by the representative of a Company. another web site `www. The first accused and others sent e-mails from fake e-mail accounts of many of the customers. a crime was registered against nine persons. suppliers and customers and were unable to do business. suppliers. 66. The company has a web-site in the name and and style `www. who are the sister and brother-in-law of `Sam’ Defamatory and malicious matters about the company and its directors were made available in that website. The defamation campaign run by all the said persons named above has caused immense damage to the name and reputation of the Company.dpuf . 66A. (who was dismissed from the company) in conspiracy with other accused.com’ but. C and D of the Information Technology Act along with Sections 419 and 420 of the Indian Penal Code. which was engaged in the business of trading and distribution of petrochemicals in India and overseas. The accused sister and brother-in-law were based in Cochin and they had been acting in collusion known and unknown persons.org’ was set up in the internet by first accused Samdeep Varghese @ Sam.jaypolychem. The Company suffered losses of several crores of Rupees from producers. Amardeep Singh and Rahul had visited Delhi and Cochin.com/checkmate/2014/06/it-act-2000-penalties-offences-with-casestudies/#sthash. to malign the name and image of the Company and its Directors.66D Cheating by impersonation using computer resource or a communication device shall be punished with imprisonment of either description for a term which extend to three years and shall also be liable to fine which may extend to one Lakh rupee. alleging offenses under Sections 65.See more at: http://niiconsulting. impersonation etc Two of the accused. Bank etc.ZTssNLPR. who have collectively cheated the company and committed acts of forgery. including Preeti and Charanjeet Singh. a zila parishad member and an influential Congress leader of Saoner region in Nagpur district.66E Privacy violation – Publishing or transmitting private area of any person without his or her consent etc. for harassing a 16-year-old girl by circulating an MMS clip of their sexual acts. a pornographic MMS clip was apparently made in the campus and transmitted outside the university. 2. Punishment is three years imprisonment or two lakh rupees fine or both. .Some media reports claimed that the two accused students initially tried to extort money from the girl in the video but when they failed the culprits put the video out on mobile phones. According to the Nagpur (rural) police. the girl was in a relationship with Mithilesh Gajbhiye. on the internet and even sold it as a CD in the blue film market. son of Yashodha Dhanraj Gajbhiye. one of them a son of a Congress leader. 2012 Nagpur Police arrested two engineering students. Jawaharlal Nehru University MMS scandal In a severe shock to the prestigious and renowned institute – Jawaharlal Nehru University. Nagpur Congress leader’s son MMS scandal On January 05. Relevant Cases: 1. 19. in to BSE’s administrative email ID corp.The IP address of the sender has been traced to Patna in Bihar. The MRA Marg police and the Cyber Crime Investigation Cell are jointly probing the case. Relevant Case: The Mumbai police have registered a case of ‘cyber terrorism’— the first in the state since an amendment to the Information Technology Act—where a threat email was sent to the BSE and NSE on Monday. The suspect has been detained in this case. The ISP is Sify.itaiyeb125@yahoo. Punishment is life [email protected] am on Monday. come under this Section. integrity.The police said an email challenging the security agencies to prevent a terror attack was sent by one Shahab Md with an ID sh.com at around 10. The email ID was created .66F Cyber terrorism – Intent to threaten the unity. security or sovereignty of the nation and denying access to any person authorized to access the computer resource or attempting to penetrate or access a computer resource without authorization. Acts of causing a computer contaminant (like virus or Trojan Horse or other spyware or malware) likely to cause death or injuries to persons or damage to or destruction of property etc. T. shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees. Act 2000 in India. having regard to all relevant circumstances. see or hear the matter contained or embodied in it. email spoofing and the criminal activity stated in this Section.SECTION 67 PUBLISHING OF OBSCENE INFORMATION• Whoever publishes or transmits or causes to be published in the electronic form. involving sending obscene message in the name of a married women amounting to cyber stalking. was obtained in this Section in the famous case “State of Tamil Nadu vs Suhas Katti” on 5 November 2004. This Section is of historical importance since the landmark judgement in what is considered to be the first ever conviction under I. Case in next slide . to read. any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely. The strength of the Section and the reliability of electronic evidences were proved by the prosecution and conviction was brought about in this case. . defamatory and annoying message about a divorcee woman in the Yahoo message group.500/• As per 509 of IPC he is to undergo to undergo 1 year Simple imprisonment and to pay Rs 500/• As per Section 67 of IT Act 2000. He is convicted and sentenced for the offence as follows: • As per 469 of IPC he has to undergo rigorous imprisonment for 2 years and to pay fine of Rs. 509 IPC and 67 of IT Act 2000. but that marriage ended in divorce and the accused started contacting her once again. the police nabbed the accused. he has to undergo for 2 years and to pay fine of Rs. The accused paid fine amount and he was lodged at Central Prison.Relevant Case: This case is about posting obscene.4000/All sentences were to run concurrently. Chennai. Based on the lady’s complaint. E-mails were forwarded to the victim for information by the accused through a false e.mail account opened by him in the name of the victim. She was married to another person. Investigation revealed that he was a known family friend of the victim and was interested in marrying her. These postings resulted in annoying phone calls to the lady. Verdict: The accused was found guilty of offences under section 469. On her reluctance to marry him he started harassing her through internet. ZTssNLPR. creating text or digital images or advertising or promoting such material depicting children in obscene or indecent manner etc or facilitating abusing children online or inducing children to online relationship with one or more children etc come under this Section. The NGO had argued that websites displaying sexually explicit content had an adverse influence. The Union of India 10. for the purpose of this Section.See more at: http://niiconsulting. Non-compliance is an . Child Pornography Depicting children engaged in sexually explicit act.com/checkmate/2014/06/it-act-2000penalties-offences-with-case-studies/#sthash. .dpuf Section 67C fixes the responsibility to intermediaries that they shall preserve and retain such information as may be specified for such duration and in such manner as the Central Government may prescribe. Relevant Case: Janhit Manch & Ors.03. v. leading youth on a delinquent path.2010 Public Interest Litigation: The petition sought a blanket ban on pornographic websites. ‘Children’ means persons who have not completed 18 years of age.67B. Punishment for the first conviction is imprisonment for a maximum of five years and fine of ten Lakh rupees and in the event of subsequent conviction with imprisonment of seven years and fine of ten lakh rupees. a major historical figure in the state of Maharashtra. Imprisonment for 7 years and it is non bailable and non compoundable.See more at: http://niiconsulting.The police identified him based on IP address details obtained from Google and Airtel -Lakshmana’s ISP. the police had not properly specified whether the suspect had posted the content at 1:15 p. Relevant Case: In August 2007. He was brought to Pune and detained for 50 days before it was discovered that the IP address provided by Airtel was erroneous..ZTssNLPR.m. on the social-networking site Orkut. . 69 B Provides powers to a designated officer of the Central Government to “collect traffic data” from any computer resource imprisonment for 3 years and it is bailable and compoundable. Lakshmana Kailash K. Imprisonment for 7 years and it is non bailable and non compoundable. a techie from Bangalore was arrested on the suspicion of having posted insulting images of Chhatrapati Shivaji.69 Powers being made available to any officer designated by either the Central or State Government to “Intercept” information whether in transit or storage.dpuf . 69 A Provides powers to a designated officer of the Central Government to “Block websites”. The mistake was evidently due to the fact that while requesting information from Airtel. the State Human Rights Commission subsequently ordered the company to pay Rs 2 lakh to Lakshmana as damages. The incident highlights how minor privacy violations by ISPs and intermediaries could have impacts that gravely undermine other basic human rights . Verdict: Taking cognizance of his plight from newspaper accounts.com/checkmate/2014/06/it-act-2000-penalties-offences-withcase-studies/#sthash. shall be punished with imprisonment for a term which may extend to two years. or suppresses any material fact from. Protected System: (1) The appropriate Government may. computer system or computer network to be a protected system. or with fine which may extend to one lakh rupees. by order in writing. or with both.Section 70. (2) The appropriate Government may. SECTION 71 PENALTY FOR MISREPRESENTATION Whoever makes any misrepresentation to. . declare that any computer. by notification in the Official Gazette. authorize the persons who are authorized to access protected systems notified under sub-section (1). the Controller or the Certifying Authority for obtaining any licence or Digital Signature Certificate. as the case may be. (3) Any person who secures access or attempts to secure access to a protected system in contravention of the provision of this section shall be punished with imprisonment of either description for a term which may extend to ten years and shall also be liable to fine. or with both . with the intent to cause or knowing that he is likely to cause wrongful loss or wrongful gain discloses.ZTssNLPR. book. document or other material to any other person shall be punished with imprisonment for a term which may extend to two years. correspondence. document or other material without the consent of the person concerned is closes such electronic record. in pursuance of any of the powers conferred under this Act. or in breach of a lawful contract. while providing services under the terms of lawful contract. register.com/checkmate/2014/06/it-act-2000-penaltiesoffences-with-case-studies/#sthash.dpuf . has secured access to any material containing personal information about another person. or with a fine which may extend to five lakh rupees. rules or regulations made there under.SECTION 72 PENALTY FOR BREACH OF PRIVACY• Any person who. book. information. or with fine which may extend to one lakh rupees. register. correspondence. or with both Section 72A – Punishment for Disclosure of information in breach of lawful contract Any person including an intermediary who. without the consent of the person concerned. information. such material to any other person shall be punished with imprisonment for a term which may extend to three years. has secured access to any electronic record.See more at: http://niiconsulting. No person shall publish a Digital Signature Certificate or otherwise make it available to any other person with the knowledge that •. the term publication includes and transmission of information or data in electronic form . or with both. the certificate has been revoked or suspended. v/s Union of India. the Certifying Authority listed in the certificate has not issued it. Case Laws: 1. or with fine which may extend to one Lakh rupees.PENALTY FOR PUBLISHING FALSE DIGITAL SIGNATURE CERTIFICATE i. the subscriber listed in the certificate has not accepted it.SECTION 73 . Bennett Coleman & Co. or •. Any person who contravenes the provisions of sub-section (1) shall be punished with imprisonment for a term which may extend to two years. unless such publication is for the purpose of verifying a digital signature created prior to such suspension or revocation ii. In the context of digital medium. or •. In this case the publication has been stated that ‘publication means dissemination and circulation’. this Act shall apply to an offence or contravention committed outside India by any person if the act or conduct constituting the offence or contravention involves a computer. Section 75 – Act to apply for offence or contraventions committed outside India i. or with fine which may extend to one lakh rupees.time nature of the communication link between Levin and Citibank computer meant that Levin’s keystrokes were actually occurring on the Citibank computer. ii. publishes or otherwise makes available a Electronic Signature Certificate for any fraudulent or unlawful purpose shall be punished with imprisonment for a term which may extend to two years. or with both. resulting in illegal transfer of funds from customers account in to the accounts of the hacker. computer system or computer network located in India Case Laws for section 75 R v/s Governor of Brixton prison and another. Facts: In this case the Citibank faced the wrath of a hacker on its cash management system. . Held: The Court helds that the real. After Levin was arrested he was extradite to the United States. One of the most important issues was jurisdictional issue. the ‘place of origin’ of the cyber crime. For the purposes of sub-section (1). the provisions of this Act shall apply also to any offence or contravention committed outside India by any person irrespective of his nationality. later identified as Valdimer Levin and his accomplices.Section 74 – Publication for fraudulent purpose: Whoever knowingly creates. Subject to the provisions of sub-section (2). a police officer not below the rank of Deputy Superintendent of Police shall investigate any offence under this Act. in respect of which any provisions of this Act. 1973. compact disks. floppies. computer system. . Penalties or confiscation not to interfere with other punishments: No penalty imposed or confiscation made under this Act shall prevent the imposition of any other punishment to which the person affected thereby is liable under any other law for the time being in force. Confiscation: Any computer. tape drives or any other accessories related thereto. shall be liable to confiscation 77.Section 76. orders or regulations made there under has been or is being contravened. 78. Power to investigate offences: Notwithstanding anything contained in the Code of Criminal Procedure. rules. Cybercrime can be against individuals. negligence and loss of evidence. complex. organisation and society. . target or a means for perpetuating further crimes comes within the ambit of cyber crime” Reasons for increase are easy to access.Cyber crime “Any criminal activity that uses a computer either as an instrumentality. individual properties. Cheating & Fraud . Unauthorized control/access over computer system. Indecent exposure vii. iii. Cyber-stalking. Dissemination of obscene material. Email spoofing viii. ii. v. vi. Defamation. Harassment via e-mails.Classification of cyber crime Against Individuals: – i. iv. Transmitting virus. v. iii. Computer vandalism. Netrespass iv. ii. Unauthorized control/access over computer system. Intellectual Property crimes .Against Individual Property: i. Against Organization: i. v. Possession of unauthorized information. Cyber terrorism against the government organization. iii. Distribution of pirated software etc. Polluting the youth through indecent exposure. iv. Against Society at large: i. Pornography (basically child pornography). Financial crimes Sale of illegal articles Online gambling Forgery . iv. vi. iii. ii. Unauthorized control/access over computer system ii. com.Famous Cyber Crime Cases in India An Indian court has granted bail to a schoolboy who allegedly recorded a sexual act between himself and a 16year-old girl on his mobile phone. gained the confidence of four US customers and obtained their PIN numbers and other classified account information. The clip was later sold on video CDs via auction site Baazee. Three customer service agents of call centre contractor MphasiS BFL. . sparking the arrest of its manager for India. working on the Citibank account. They then used these to transfer money out of those customers' accounts and into the accounts of members of their gang. Use of firewalls may be beneficial. Keep back up volumes so that one may not suffer data loss in case of virus contamination. Use latest and up date anti virus software to guard against virus attacks. . Keep a watch on the sites that children are accessing to prevent any kind of harassment.Prevention of Cyber Crime Avoid disclosing any information pertaining to oneself. and strengthening and even synchronizing their respective laws . swapping tools and best practices.Global Initiatives Five countries from three continents banding together to fight cyber crime in a synergistic way by sharing intelligence. AMMENDMENTS OF IT ACT 2008 . This may cover hacking.SECTION CHANGE 66 “Dishonesty” and “Fraudulent” intention made necessary. The imprisonment term remains the same but fine has been increased 66A Provides cover for Cyber stalking. . Earlier such offences were to be covered under Section 66 as ”Diminishing of the value of information” 66E This is a new section which covers Video Voyeurism which was not covered at all earlier 66F Covers “Cyber Terrorism” and makes it punishable with imprisonment up to life term. threat mails. SMS. The offence would not be bailable or compoundable 67A Covers obscenity which involves “Sexually explicit”. denial of access attacks. Phishing mails. “Without permission of the owner of the computer” has also become a condition precedent to application of Section 66. The punishment is 5 years as in the earlier act. Conspiracy is also covered under the section. Port Scanning. if it can be linked to the object of terrorizing people. Fine is higher. spreading viruses etc. Spam. etc 66C Covers Identity theft which was not specifically covered earlier. 69B Provides powers to a designated officer of the Central Government to “collect traffic data” from any computer resource imprisonment for 3 years and it is bailable and compoundable. . MSPs.SECTION CHANGE 67B This addresses child pornography and makes searching and browsing also as offences. ISPs. The “Intermediaries” here would include cyber cafes. 69A Provides powers to a designated officer of the Central Government to “Block websites”. Imprisonment for 7 years and it is non bailable and non compoundable. Imprisonment for 7 years and it is non bailable and non compoundable. e-auction sites etc. 67C Requires specified data to be retained for specified periods by Intermediaries failure of which becomes punishable with three years imprisonment. 69 Powers being made available to any officer designated by either the Central or State Government to “Intercept” information whether in transit or storage. Thankyou .