• Cyber crimes

• Introduction
• Cyber Crimes are a new class of crimes that are increasing due to the
extensive use of internet.
• The computer is the target and the tool for the perpetration of crime. It is
used for the communication of the criminal activity such as the injection
of a virus/worm which can crash entire networks.
• For every 500 cybercrime incidents that take place, only 50 are reported
to the police and out of that only one is actually registered.
• The rise of cyber crime is inextricably linked to the ubiquity of credit card
transactions and online bank accounts.
• Having this financial data and you can steal silently, but also ruthlessly,
efficiently and hypothetically infinite frequency.
• Cyber crime has become a profession and the demographic of your
typical cyber criminal is changing rapidly, from bedroom-bound geek to
the type of organized gangster more traditionally associated with drug-
trafficking, extortion and money laundering.
• Different protagonists in the crime community perform a range of
important, specialized functions. These broadly encompass:
• Coders – comparative veterans of the hacking community. With a few
years' experience at the art and a list of established contacts, ‘coders’
produce ready-to-use tools (i.e. Trojans, mailers, custom bots) or services
(such as making a binary code undetectable to AV engines) to the cyber
crime labour force – the ‘kids’. Coders can make a few hundred dollars
for every criminal activity they engage in.
• Kids : most are under 18. They buy, trade and resell the elementary
building blocks of effective cyber-scams such as spam lists, php mailers,
proxies, credit card numbers, hacked hosts, scam pages etc.
• Cybercrime vis-à-vis illegal narcotics business. One is faster, less
detectable, more profitable (generating a return around 400 times higher
than the outlay) and primarily non-violent.
• The other takes months or years to set-up or realise an investment, is
cracked down upon by all almost all governments internationally, fraught
with expensive overheads, and extremely dangerous.
• Until recently, many information technology (IT) professionals lacked
awareness of and interest in the cyber crime phenomenon.
• In many cases, law enforcement officers lacked the tools needed to tackle
the problem; old laws didn’t quite fit the crimes being committed, new
laws hadn’t quite caught up to the reality of what was happening, and
there were few court precedents to look to for guidance.
• Furthermore, debates over privacy issues hampered the ability of
enforcement agents to gather the evidence needed to prosecute these new
cases
• The term Cybercrime, although widely used in the same context over the
past decade, does not have a precise or universal definition. Due to the
 varying scenarios and environments, it varies between jurisdictions and
differs largely based on the perceptions of those involved.
• “cyber crime” means any criminal or other offence that is facilitated by or
involves the use of electronic communications or information systems,
including any device or the Internet or any one or more of them
• Tenth United Nations Congress on the Prevention of Crime and
Treatment of Offenders, in a workshop devoted to the issues of crimes
related to computer networks, cybercrime was broken into two categories
and defined thus:
• a. Cybercrime in a narrow sense (computer crime): Any illegal behavior
directed by means of electronic operations that targets the security of
computer systems and the data processed by them.
• b. Cybercrime in a broader sense (computer-related crime): Any illegal
behavior committed by means of, or in relation to, a computer system or
network, including such crimes as illegal possession [and] offering or
distributing information by means of a computer system or network.
• Of course, these definitions are complicated by the fact that an act may
be illegal in one nation but not in another. examples, include
• i. Unauthorized access
• ii Damage to computer data or programs
• iii Computer sabotage
• iv Unauthorized interception of communications
• v Computer espionage
• Cyber crimes are any crimes that involve a computer and a network. In
some cases, the computer may have been used in order to commit the
crime, and in other cases, the computer may have been the target of the
crime
• Cybercrime is a term for any illegal activity that uses a computer as its
primary means of commission. The U.S. Department of Justice expands
the definition of cybercrime to include any illegal activity that uses a
computer for the storage of evidence.
• Any crime that is committed using a computer or network, or hardware
device. The computer or device may be the agent of the crime, the
facilitator of the crime, or the target of the crime.
• Malware
• Malware consists of programs such as viruses, worms, Trojan horses,
and rootkits that are designed to harm your computer.
• A computer virus is a program that attaches itself to an application or
“host file” and then spreads by making copies of itself. A self-replicating
program that spreads by inserting copies of itself into other code or
documents.
• A virus might modify, delete, or steal your files, make your system crash,
or take over your machine.
• A computer worm is like a virus, but it infects other computers all by
itself, without human action and without a host file. It usually infects
 other computers by sending emails to all the names in your email
address book.
• A rootkit is a program that allows an intruder to gain access to your
system without your knowledge by hiding what it is doing on the system.
The intruder can then install difficult-to-detect back doors into your
system to seize control.
• There are many ways that malware can get into your system. One of the
biggest dangers is opening email attachments that contain malware.
• Malware can be got from downloading infected files when file sharing,
from clicking on links in instant messenger or chat rooms, or from active
content applications on Web pages.
• Cyberstalking
• Cyberstalking is the use of the Internet or electronics to stalk or harass
an individual, an organization or a specific group.
• Cyberstalking can include monitoring someone's activity realtime, or
while on the computer or device in the current moment, or while they
are offline, or not on the computer or electronic device.
• Cyberstalking becomes a crime because of the repeated threatening,
harassing or monitoring of someone with whom the stalker has, or no
longer has, a relationship.
• Using the Internet to threaten or make unwanted advances towards
someone else.
• Cyberstalking (also called cyberharassment) is when someone uses the
Internet to threaten or make unwanted advances towards someone else.
This sort of harassment can cause physical, emotional, and psychological
damage to the victim.
• E.g. putting a recording or monitoring device on a victim's computer or
smartphone in order to save every keystroke they make so that the
stalker can obtain information. Another example would be repeatedly
posting derogatory or personal information about a victim on web pages
or social media despite being warned not to do so.
• Identity Theft
• Identity theft is a form of stealing someone's personal information and
pretending to be that person in order to obtain financial resources or
other benefits in that person's name without their consent.
• Identity theft is when someone uses your personal identifying
information (e.g., name, address, ID number, banking account number,
username or password) to commit fraud.
• Spyware
• Adware is any software that displays advertising banners or pop-up
windows while it is running.
• Adware sometimes gets confused with spyware, which is software that
tracks your activities and sends information back to a third party
without your consent.
• Spyware is sometimes included in adware.
• Botnet
• A group of compromised computers controlled by a central authority,
usually a hacker
• A botnet is a collection of independent computers that have each been
hacked by a cyber criminal who uses them as a group to carry out many
malicious attacks over the Internet. In a botnet, each computer is
remotely controlled by a hacker. Surprisingly, the owner is usually
completely unaware that the computer has been compromised and is a
part of a botnet.
• Botnets are one of the most sophisticated methods of cyber crime. Cyber
criminals use botnets for a wide range of activities, such as sending
spam messages, spreading viruses, launching denial-of-service attacks
and supporting illegal websites. The main goal of carrying out such an
attack is for financial gain, which is usually proportional to the size of
the botnet.
• Cracking/Hacking
• “cracking” means trying to get into computer systems in order to steal,
corrupt, or illegitimately view data.
• The popular press refers to such activities as hacking, but hackers see
themselves as expert, elite programmers and maintain that such
illegitimate activity should be called “cracking.
• Hacking comes from the term “hacker”, which is someone who enjoys
and is an expert in computer programming languages and systems.
Hacking, in this sense, means using unusually complex and clever
methods to make computers do things.
• For some time, however, the popular press has used the word “hacker”
and “hacking” in a negative way to refer to individuals who try to get into
computer systems in order to steal, corrupt, or illegitimately view data.
Hackers themselves maintain that the proper term for such individuals is
“cracker”, and that their activities should be called cracking.
• Crimeware
• Crimeware is a special type of malware designed specifically to facilitate
and automate financial crime. It performs illegal actions on the victim’s
computer, which include, but are not limited to:
• Identity theft (theft of names, ID numbers, etc.)
• Stealing trade secrets or proprietary information for sale or blackmail
and extortion
• Stealing contact lists and email addresses for further transmission or
sale
• The above actions are generally designed to bring some kind of financial
benefit to the distributor of the crimeware, rather than simply cause an
inconvenience to the user in the form of a prank.
• Crimeware is generally transmitted in the form of an email attachment.
The unsuspecting victim opens the attachment, which spawns the
crimeware program. This program might do a number of things, ranging
from simple key-logging to sophisticated searches of the victim’s
 computer for confidential information. The information is then
transferred back to the distributor of the crimeware.
• Commonly, crimeware programs are widespread and try to infect as
many hosts as possible. Targeted crimeware, however, gains nothing by
spreading beyond the intended victim, and thus generally does not seek
to spread beyond the original target.
• Cyberbullying
• Cyberbullying is when the Internet is used to harass, intimidate,
embarrass, or demean others. Cyberbullies may post embarrassing
information or pictures on Web pages, send threatening or cruel
messages, or impersonate somebody else to send mean or embarrassing
messages. They can even send harassing text messages to a victim’s
mobile phone.
• Kids who might never be mean in the real world sometimes bully online
because of the feeling of anonymity that the Internet gives them.
• Cyberterrorism
• Threat, harm or extortion via the Internet
• cyberterrorism as “the use of computing resources against persons or
property to intimidate or coerce a government, the civilian population, or
any segment thereof, in furtherance of political or social objectives”
• With the increasing prevalence and power of computers, terrorism has
gone beyond physical attacks to include computer-based, or “cyber”
terrorism. Through well-planned computer attacks, cyberterrorists may
target key services that are computer-controlled, such as water and
electricity.
• Many government Web sites are likely targets for a cyberterrorism attack
because an attacker could use the Web site to access confidential
information on national security and individual citizens.
• Cyberterrorists also attack personal or corporate Web sites and demand
ransom in return for stopping the attack and any resulting damage. For
example, a user who gains administrative access to a Web site through
social engineering or other means could later threaten the owner of the
Web site with publishing the owner’s account information on the Internet
if the owner does not pay the ransom.
• DOS attack
• In a denial-of-service attack, a hacker can prevent authorized or intended
users from accessing resources and services. The hacker can target the
computers or network connections. By carrying out the attack, the
hacker can prevent users from accessing several websites, using email,
video conferencing, banking services and online shopping. In effect, a
denial-of-service attack prevents users from accessing any content from
computers and networks that are affected by the attack.
• One of the most common ways of performing a denial-of-service attack
on a website is to flood the website with a huge number of information
requests. This will prevent other users from accessing it, as each website
 can accept only a limited number of requests. If you get a “denial-of-
service,” it is because the site is inaccessible.
• Data theft
• The unauthorized taking or interception of computer-based information
• Data theft is the act of stealing computer-based information from an
unknowing victim with the intent of compromising privacy or obtaining
confidential information. Data theft is increasingly a problem for
individual computer users, as well as big corporate firms.
• Popular methods :
• E-commerce: leaking your private account information.
• Password cracking: Intruders can access your machine and get valuable
data if it is not password-protected or its password can be easily decoded
(weak password).
• Eavesdropping: Data sent on insecure lines can be wiretapped and
recorded. If no encryption mechanism is used, there is a good chance of
losing your password and other private information to the eavesdropper.
• Laptop theft: theft of laptops from corporate firms occur with the
valuable information stored in the laptop being sold to competitors.
• Hoax warnings
• Hoax warnings are typically ‘scare alerts’ started by malicious people and
passed on by users who think they are helping the community by
spreading the warning. The most common hoax is the hoax virus. This
usually consists of an email message warning recipients about a new and
terribly destructive virus. It ends by suggesting that the reader should
warn his or her friends and colleagues, perhaps by simply forwarding the
original message to everyone in their address book. The result is a rapid
proliferation of pointless emails that can overload systems. Many hoaxes
circulate through email.
• Keylogger
• A device or software that records keystrokes entered by a user, usually to
secretly monitor and/or maliciously use this information
• A keylogger is a tool that captures and records a user’s keystrokes. It can
record instant messages, email, passwords and any other information
you type at any time using your keyboard. Keyloggers can be hardware
or software.
• One common example of keylogging hardware is a small, battery-sized
device that connects between the keyboard and the computer. Since the
device resembles an ordinary keyboard plug, it is relatively easy for
someone who wants to monitor a user’s behavior to physically hide such
a device in plain sight.
• As the user types, the device collects each keystroke and saves it as text
in its own miniature hard drive. At a later time, the person who installed
the keylogger must return and physically remove the device in order to
access the information it has gathered.
• A software keylogger can be downloaded and installed as a program
running in the background.
• Software keyloggers may also be embedded in spyware, allowing your
information to be transmitted to an unknown third party over the
Internet.
• Pharming
• Redirecting users from legitimate Web sites they are trying to visit to
fraudulent Web sites
• Pharming attacks redirect users from legitimate Web sites they are trying
to visit to fraudulent Web sites. These fraudulent Web sites look similar
to the real sites, but when users enter personal information on the site,
such as their name, password, credit card number, etc., the information
is captured by the attacker. The attacker can then use this information
for identity theft or data theft.
• One method of pharming is DNS (Domain Name System) poisoning. The
DNS is like a telephone directory for the Internet that translates domain
names, such as www.google.com, to numerical strings called IP
addresses, such as 128.2.214.69. An attacker poisons a DNS server by
putting false information into it, so that legitimate domain names are
translated to IP addresses that correspond to the attacker’s fraudulent
Web sites.
• Pharming is similar to phishing in that they are both attempts to capture
information from unsuspecting users on fraudulent Web sites. However,
pharming is different in that it does not require victims to click on
fraudulent links in emails. Pharming is much harder to detect, since it is
very difficult for a victim of pharming to detect that an attack has been
attempted. Pharming also allows an attacker to reach a large number of
victims at once.
• “Phishing”
• Using fake Web sites to trick you into giving away personal information
• “Phishing” or “Web spoofing” attacks use fraudulent Web sites to trick
you into giving away confidential personal information such as credit
card numbers, account usernames and passwords, and ID numbers.
This is called “phishing” because attackers are “fishing” for your personal
information and trying to lure you into providing it.
• A phishing attempt usually starts with an email urging you to click on a
Web link in order to check something about your bank account or
another on-line account. These emails often appear to be from popular
online institutions. When you click on the link you go to a page where
you are asked for information. The page appears genuine, but is in fact
counterfeit. Phishers may then use the personal information you give on
the page to steal your identity or your money.
• Ramsomware
• A type of malware that infects a computer and demands a ransom for its
removal
• Ransomware typically propagates like a conventional worm, entering a
system through, for example, a downloaded file or a vulnerability in a
network service. The program then restricts access to the computer
 system that it infects, and demands a ransom paid to the creator of the
malware in order for the restriction to be removed. Some forms of
ransomware encrypt files on the system’s hard drive, while some may
simply lock the system and display messages intended to coax the user
into paying.
• Ramsomware goes beyond attempting to con its victims into handing
over their money; it attempts to intimidate them. The extortion methods
are expected to become harsher and more destructive.
• Scareware
• A type of malware that tries to scare victims into downloading something
• Scareware comprises several classes of scam software with malicious
payloads, or of limited or no benefit, that are sold to consumers via
certain unethical marketing practices. The selling approach uses social
engineering to cause shock, anxiety, or the perception of a threat,
generally directed at an unsuspecting user. Some forms
of spyware and adware also use scareware tactics.
• A tactic frequently used by criminals involves convincing users that
a virus has infected their computer, then suggesting that they download
(and pay for) fake antivirus software to remove it. Usually the virus is
entirely fictional and the software is non-functional or malware itself.
• Smishing
• A type of phishing scam using SMS to trick you into giving away personal
information
• Smishing utilizes social engineering in a cellphone Short Message Service
(SMS) to bait victims. Smishing scams frequently seek to direct the text
message recipient to visit a website or call a phone number.
• Social engineering
• Using manipulation and deceit to trick victims into giving out
confidential information
• Social engineering is a technique used by hackers and non-hackers to
get access to confidential information. With social engineering, attackers
use manipulation and deceit to trick victims into giving out confidential
information.
• Some of the social engineering methods attackers use include:
• Sending messages that contain dangerous attachments (e.g., malware)
with text that encourages people to open the attachments
• Pretending to be the main administrator of a local network and asking for
the victim’s password in order to perform a maintenance check
• Telling a victim over the phone that he/she has won a prize, and asking
for a credit card number in order to deliver it
• Asking for a user’s password for a certain Internet service, such as a
blog, and using the same password later to access the user’s computer.
This technique works because users often use the same passwords for
many different
• Spam
• Unsolicited or unwanted email used mainly for advertising
• Spam is the term used for unsolicited, impersonal bulk electronic
messages. Although email spam is the most common form of spamming,
others exist, like mobile phone messaging spam and instant messaging
spam.
• Spam involves sending nearly identical messages to thousands (or
millions) of recipients. Spammers use software robots, called spambots
(also Web crawlers or Web spiders) in order to get valid email addresses
from company Web sites, blogs and newsgroups. Common subjects of
spam messages are pornographic or other sexually related Web sites,
various financial services or get-rich-quick schemes and health products.
• Spam messages normally have a fake origin address, which is randomly
generated, in order to keep the author of the message from being easily
discovered.
• Trojan
• A Trojan is a malicious program that is disguised as legitimate software.
• Trojan programs look useful or interesting to an unsuspecting user, but
are actually harmful when executed.
• Trojans cannot replicate themselves, unlike other types of malware such
as viruses or worms.
• a non-self-replicating type of malware containing malicious code that,
when executed, carries out actions determined by the nature of the
Trojan, typically causing loss or theft of data, and possible system harm.
• A Trojan may give a hacker remote access to a targeted computer system.
• Vishing
• Using fake phone numbers to trick you into giving away personal
information
• Vishing is short for voice phishing. It is similar to phishing in that the
objective is to obtain personal information fraudulently, but in vishing
attacks, the user is tricked into making a phone call, rather than visiting
a Web site.
• In an instance of vishing, a victim receives a phone call or an email
saying that his credit card account has been breached and he needs to
call a particular number to correct the problem. The victim then dials the
number to fix the account, without realizing that the number is
spurious. The number dialed is actually a Voice over IP (VoIP) phone. The
victim then enters his credit card number through keystrokes that the
VoIP phone can recognize and record.
• Although people are becoming increasingly aware of phishing, vishing
attacks are not well known.
• VoIP phone subscribers can get an area code and prefix of their choice,
making it possible to have area codes and prefixes of valid banks. Such
numbers make it easier for attackers to lure people into leaking their
confidential data.
• Website defacement
• Website defacement is an attack on a website that changes the visual
appearance of the site or a webpage. These are typically the work of
 system crackers, who break into a web server and replace the hosted
website with one of their own.
• Defacements usually consist of an entire page. This page usually
includes the defacer’s pseudonym or “Hacking Codename.” Sometimes,
the Website Defacer makes fun of the system administrator for failing to
maintain server security.
• Most times, the defacement is harmless, however, it can sometimes be
used as a distraction to cover up more sinister actions such as uploading
malware or deleting essential files from the server.
• Pornography
• Child pornography
• Adult pronography
• KIA Act
• 83D. Requirement for a licence.
• 83U-Unauthorized access to computer data
• 83V. Access with intent to commit offences.
• 83W. Unauthorized access to and interception of computer service.
• 83X. Unauthorized modification of computer material
• 83Y. Damaging or denying access to computer system.
• 83 Z. Unauthorized disclosure of password.
• 84A. Unlawful possession of devices and data.
• 84B. Electronic fraud
• 84C. Tampering with computer source documents.
• 84D. Publishing of obscene information in electronic form
• 84E. Publication for fraudulent purpose
• 84F. Unauthorized access to protected systems.
• 84 G. Re-programming of mobile telephone.
• 84H. Possession or supply of anything for reprogramming mobile
telephone.

______________________________________________________________________________
_______
• Cyber crimes investigations
• Cyber Space and computers do not recognize national boundaries but,
the law is bound by national boundaries.
• Thus, in a cyber crime, it so happens that, many a times the victim may
be residing in one national boundary, the offender may be from another
national boundary and, the offender during the commission of crime may
have used the boundaries of some other countries.
• Investigations pose very peculiar challenges eg need to resort to conduct
investigations outside their national boundaries and as per the criminal
law of the foreign country.
• Essential that, each Investigator handling cyber crimes possess the
requisite knowledge of International investigations as prescribed under
law and, mandated by the Government.
 • It is very important for every Investigating Officer to do a pre-
investigation assessment for each cyber crime / incident that is reported.
• NB before the complainant approaches the police officer or any agency,
they may have made attempts to set the things right all by themselves or
with the help of their friends or some other persons.
• However, these very acts may result in destruction of crucial digital
evidence(s).
• Similarly, sometimes the criminal act may be a crime in progress. All
these factors will have an impact on the outcomes of the investigations.
• Depending on the nature of each incident reported, the IO should collect
necessary information from complainant(s) / victims as part of the pre-
investigation assessment, to understand the full scope of the incident
and, the possible outcomes.
• Digital evidence is very critical and volatile; hence it is necessary to
protect and collect the right evidence for the pre-investigation
assessment.
• The pre-investigations assessment should consider various aspects of
crime including the location and the circumstances.
• Details of the offences need to be captured in the complaint, in full.
• Indicate the nature/modus operandi of the cyber crime in detail (include
the e-mail address, systems, time zones etc).
• Indicate all the details that can be identified from the complaint like,
 IP address in case of e-mail and Internet.
 Profile name or user name in case of social networking abuse.
 Bank details/Internet banking, branch, etc., in case of online fraud.
 Credit card details and nature of purchase, etc., in case of card fraud,
etc.
 include the time and date in the exact format the complainant mentioned
or noted in any of the documentation attached with the complaint (such
as e-mails) and, Time zone conversion will have to be taken care during
the course of investigation
• Preliminary Review of the Scene of Offence
The scene of offence can be broadly dealt under.
 Home of individuals with one or more computers.
 Cyber Cafe/Public places.
 Companies / organizations, with one or more computers and in some
cases with vast and complicated network of systems.
• At the scene of offence (irrespective of the type of the scene of offence),
the IO should carefully survey the scene, observe and assess the
situation and decide on the steps for proceeding further.
• The pre-investigation assessment will help the IO to understand the local
situation, circumstances and technical details of the systems / network
at the scene of the crime before proceeding to seize / preservation of
evidences.
• It is utmost important for the IO to do a preliminary review of the entire
scene of offence and also take some additional steps before identifying
the evidence and conduct search and seizure.
• It is very important to include such observations/ preliminary review
notes in the questionnaire that needs to be sent to FSL for expert
opinion. As a matter of practice, IO should videograph / photograph and
draw the network architecture sketch in 'as is where is' condition of the
crime scene and document it
• Evaluating the Scene of Offence
• After identifying the scene of offence, IO should secure it and, take note
of every individual physically present at the scene of offence and, their
role at the time of securing the scene of offence.
• From the information gathered and based on visual inspection of the
scene of offence, IO should identify all the potential evidences.
• If the systems are OFF, they should not be turned ON for the inspection.
If systems are on, it is advised to leave them ON.
• If systems are ON at the scene of offence, IO should take appropriate
steps to photograph it, plan for the seizure of the evidences at the earliest
and document it. IO should notify appropriate technical personnel to
support during the seizure process, so that the perishable evidences
(volatile data) are appropriately recovered without loss.
• IO should make note of the attached network cables and power tines to
the systems.
• Note all the network connections, modems, telephone lines and, mark
them both the equipment connection end and, from the source in the
walls.
• Preliminary Interviews at the Scene of Offence
Interview questions that IO can make use are
• What steps were taken to contain the issue? (Physical access denied for
suspected persons, disconnecting the suspected computers from
network, suspending the employee access and so on) along with fist of all
suspected names, address, etc.
• Were there any logs (system access, etc.) present that cover the issue?
Are there any suspicious entries present in them?
• Did anyone use the system after the issue occurred?
• Did you observe any similar instance before?
• Were there any alarms that were set off by the firewall/1 OS/network
security devices?
• Please give a detailed documentation on the set of commands or
processes run on the affected system or on the network after the issue
occurred. (Request a letter of confirmation from complaint)
• Whether log register of the Internet users/other users is maintained?
• Are there any questions about the issue that have not been answered?
(Affected system list, number of people involved, etc.)
• What are the further plans for analysis of the issue? At the scene of
offence, IO should
 • Identify the complainant / owner(s) of the various devices and obtain the
access details, usernames etc
• Pre-investigation Technical Assessment
Cyber Cafe
• Identify number of computer systems present in the cyber cafe.
• Identify number of computer systems connected to Internet.
• Obtain details about the network topology and architecture (client —
Server).
• Obtain the CCTV/Web camera clippings, if any.
• Whether any user management software is used by the cyber cafe owner?
• Obtain the log register of Internet users for the relevant period.
• Check the formatting of storage devices policy adopted by the cyber cafe
owner.
• Check the hardware replacements done by the cyber cafe owner.
Home
• Identify the type of connection (Wi-Fi/Ethernet).
• How many computer systems are used for Internet connection?
• Location of the system and details of persons with access to system(s).
• Obtain the details about the removable storage media (including external
hard disk) used/owned by the user.
• Obtain details about the network topology and architecture (client —
Server), if any.
• Obtain the details about other computer peripherals
(printer/scanner/modem, etc.).
• Issuance of preservation notice
• Based on the information gathered, the IO should come out with issues
to be complied immediately by issuing specific do's and don'ts to the
complainant/company/agency —
• e.g. stopping the access, taking backups, or preserving log information,
etc. till further orders.
• A preservation notice needs to be sent to all affected parties to make sure
that they do not delete any data that could be relevant to the case.
• Containment of the incident / Offence
• Incident containment refers to the determination of the nature and scope
of the incident and then minimizing the damage, if any.
• Containment steps may include ;having firewalls to block access, taking
the affected machines off the network, disabling user access controls etc.
• If the targeted system is to be restored by the affected party immediately
for commercial reasons or in public interest, the IO should obtain the
services of technical personnel from the Cyber Forensics divisions and,
obtain the image copy of the affected system and permit restoration of
the system, only after that.
• These actions need to be documented with enough justification and
should be used under rarest of the rare circumstances.
• Avoiding alteration of evidence
 • The primary aim of the pre-investigation assessments is to "avoid
alteration of evidences", crucial in successful prosecution of the cyber
crimes.
• Reasons standard methods cyber investigations
• investigations in an automated environment requires standard methods
and procedures for the following main reasons:
 Evidence has to be gathered in a way that will be accepted by a court of
law
 Every care must be taken to avoid anything which might corrupt the data
or cause any other form of damage, even accidentally.
 Some reasons for improper evidence collection are poorly written policies,
lack of an established incident response plan, incident response training.
This may result in a broken chain of custody.
• Crime Scene Investigation: Search and Seizure
Steps in Crime Scene Investigation
• Cyber crime scene is completely different from the conventional crime
scene.
• Digital evidence highly fragile, and it can be tampered easily and
stealthily. Utmost care and, precautions are required during search,
collection, preservation, transportation and examination of evidence.
• Sequences of steps for digital crime scene investigations
• The sequences of steps for digital crime scene investigations are
• Identifying and securing the crime scene
• 'As is where is' documentation of the scene of offence
• Collection of evidence
• Procedure for gathering evidences from Switched-off Systems
• Procedure for gathering evidence from live systems
• Forensic duplication
• Conducting interviews
• (Seizure Memo) and Seizure Proceedings
• Guidelines specific to cyber crime
• Make sure search and seizure proceedings are able to identify the
equipment correctly and to guide the IO and witnesses.
• Reference to the notes made during the pre-investigation assessment for
cross verifying and correctly documenting the technical information
regarding equipment, networks and other communication equipment at
the scene of crime.
• Time Zone/System Time play a very critical role in the entire
investigation. Please make sure this information is noted carefully .
• Please DON'T switch ON any device.
• Please make sure a serial number is allotted for each device and the
same should be duly noted, in the Chain of Custody and Digital Evidence
Collection forms.
• Make sure each device is photographed before starting of the
investigation process at their original place along with respective
reference like cubicle number or name room soundings, etc.
• Make sure to photograph the Hard Disk Drive or any other internal part
along with the system, once removed from the system.
• Paste the serial number along with PF number/Crime number/section of
law
• Capture the information about the system and data you are searching
and seizing.
• Brief the witnesses regarding the tools used to perform search and
seizure of the digital evidence
• Document the Chain of Custody and Digital Evidence Collection forms
• Chain of custody
• Chain of custody refers to the documentation that shows the people who
have been entrusted with the evidence.
• As electronic evidence is easy to tamper or to get damaged, it is
necessary for us to know exactly who, when, what, where, and why was
the evidence transferred to the concerned person.
• It is possible that defense may level charges of tampering and fabrication
of evidence and, it would be difficult to prove the integrity of the
evidence, if the chain of custody is not properly maintained.
• once the evidence is collected and every time the evidence is transferred,
it should be documented and no one else other than the person
entrusted with the exhibit shall have access to the evidence.
• Points to remember Chain of Custody:
• Physically inspect the storage medium — take photographs and
systematically record observations.
• Guard against hazards like theft and mechanical failure. Use good
physical security and data encryption. House multiple copies in different
locations.
• Protect digital magnetic media from external electric and magnetic fields.
Ensure protection of digital media particularly optical media from
scratches.
• Account for all people with physical or electronic access to the data.
• Keep the number of people involved in collecting and handling the
devices and data to a minimum.
• Always accompany evidence with their chain-of-custody forms
• Give the evidence positive identification at all times that is legible and
written with permanent ink.
• Establishing the integrity of the seized evidence through forensically
proven procedure by a technically trained investigating officer or with the
help of a technical expert will enhance the quality of the evidence when
the case is taken forward for prosecution.
• The integrity of the evidence available on a digital media can be
established by using a process called as "Hashing".
• Establish a baseline of contents for authentication and proof of integrity
by calculating hash value for the contents. An identical hash value of the
original evidence seized and, the forensically imaged copy, helps the IO to
prove the integrity of the evidence.
 • Hashing:
• A reliable hash proves that the media contents have not been altered.
Hashing program produces a fixed length large integer value (ranging
from 80 - 240 bits) representing the digital data on the seized media. Any
changes made to the original evidence will result in the change of the
hash value.
• Hash Value Calculator:
• Hashing is applying a mathematical algorithm to a file/disk/storage
media to produce a value that is unique like fingerprint to that
file/disk/dataset and any changes that will be made in the file/dataset
will in turn change/alter the hash value. Hash value is one of the widely
accepted methods of authenticating any given data set
(files/folders/storage media) in the courts of law across the world.
• The hash value is usually alphanumeric (containing alphabets and
numbers).
• The typical MDs hash value would be like the following example:
2ea029cd5177824a49b9ala2S048a043
• Digital Evidence Collection form
• Digital Evidence Collection form is one of the most important elements of
the forensic process. It is necessary that the steps taken for collection
should be accurate and repeatable with the same results every time it is
done. For this to happen, a proper documentation of the process used for
collection needs to be maintained for every device that is collected. This
documentation should contain all the information about the evidence
that is visible to the naked eye. It should contain information about the
kind of software and version used and the time when the collection
process started and ended. This documentation called as the Digital
Evidence Collection (DEC) form thus consists of the information on the
evidence and the media on which the evidence is being copied to
The standard details captured in a DEC form
• Crime Number / Enquiry Number:
• Applicable Section(s) of the law:
• Date — The date when the equipment is seized/taken for forensic
analysis including hash value.
• Name of the Investigating Officer / Enquiry Officer
• Address — Place where the acquisition has taken place System
Information
• Type — Device type which is produced to extract evidence like desktop,
laptops, etc.
• Manufacturer — The device manufacturer information to be documented.
• Model Number — The device model number information to be
documented.
• Serial Number / any unique identification feature — The device serial
number information to be documented.
• Whether acquisition/imaging of the digital media is done at the scene of
offence - Yes/No
• If yes
• Actual Date/Time — Date when the acquisition is performed.
• Time Zone — The time zone where the acquisition is performed.
• BIOS Date/Time — BIOS information of the device.
• Property Form Number / Evidence Number — Unique number assigned
to each device for easy identification by the unit after it is brought to the
police station / unit.
• Evidence Drive information:
• Type of Media: HDD / USB Drive / Floppy / CD / DVD etc.
• Hard Disk Drive Type — The type of drive that is taken for extracting
evidence like SATA/ IDE / SCSI HDD, etc.
• Manufacturer — Name of the manufacturer information to be
documented.
• Model Number — The model number of the media information to be
documented.
• Serial Number of the media — The serial number information to be
documented.
• Sectors imaged / Number of logical partitions— Can be documented from
the report after acquisition is performed.
• lumper settings — If changed, document the settings that are being
changed (Graphical representation).
• It is advisable to take a digital photograph of the hard disk to be seized
/scene of crime/computer peripherals/ screen shots/processes
running/etc.
• General acquisition
• Software and Version Number — The forensic software used for
acquisition like Cyber Check Suite, Encase, FTK, Helix, etc..
• Write-Protect Device Type — The type of Write Protection device used for
protecting the evidence drive from accidental writing.
• Drives information — documenting the information of the two drives
where the evidence is extracted, like Original Evidence drive and working
copy evidence drive.
• Image file name and Format — Name of the image that is being given and
the format for storage of the image.
• Notes — Document all notes starting from the method of acquisition to
date and times acquired.
• Forensic Collection of Digital Media
• Identifying/Seizing of the devices needs to be forensically imaged for
analysis
• Investigative Tools and Equipment
• basic items that are useful to have in a tool kit at an electronic crime
scene:
• ■ Documentation tools such as—
• Cable tags. Indelible felt-tip markers. Stick-on labels.
 • ■ Disassembly and removal tools in a variety of nonmagnetic sizes
and types that include— Flat-blade and cross-tip screwdrivers. Hex-nut
and secure-bit drivers. Star-type nut drivers. Wire cutters.
• Packaging and transporting supplies such as—Antistatic bags and
bubble wrap. Cable ties and Evidence bags. Evidence and packing tape.
• Collection of Digital Evidence
Procedure for gathering evidences from switched-off systems
• Secure and take control the scene of crime both physically and
electronically.
• Make sure that the computer is switched OFF- Remove the battery from
laptop computers.
• Unplug the power and other devices from sockets.
• Never switch ON the computer, in any circumstances.
• Label the ports and (in and out) cables so that the computer may be
reconstructed at a later date, if necessary.
• Carefully open the side casing of CPU or laptop and identify the Hard
disk. Detach the hard disk from motherboard by disconnecting the data
transfer cable and power cable.
• Take out the storage device (Hard disk) carefully and record unique
identifiers like make, model, and serial number. If, entire CPU is seized,
also note down the any unique identifiers.
• Get the signature of the accused and witness on Hard disk, by using
permanent marker. Ensure that all items have signed and completed
exhibit labels.
• Connect the suspected hard drive to the investigator computer through
write-block device for forensically previewing/ copying/ printing or for
duplication, never connect directly without the blocker device.
• Make detailed notes of all actions taken in relation to the computer
equipment
• Procedure for gathering evidences from live systems (Switched-ON
Systems)
• Secure the area containing the equipment.
• Move people away from computer and power supply.
• Disconnect the modem if attached.
• If the computer is believed to be networked, seek advice from the
technically trained officer, in-house forensic analyst or external
specialist.
• Do not take advice from the owner / user of the computer.
• Label and photograph or video all the components including the leads in-
srtu. If no camera is available, draw a sketch plan of the system and
label the ports and cables so that the computer may be reconstructed at
a later date.
• Remove all other connection cables leading from the computer to other
wall or floor sockets or devices.
• Carefully remove the equipment and record the unique identifiers - the
main unit, screen, keyboards and other equipment will have different
numbers.
• Ensure that all items have signed exhibit labels attached to them as
failure to do so may cause difficulty with continuity and cause the
equipment to be rejected by the forensic examiners.
• Make detailed notes of all actions taken in relation to the computer
equipment
• Record what is on the screen by photograph and by making a written
note of the content of the screen.
• Do not touch the keyboard or click the mouse and if the screen is blank
or a screen saver is present, the case officer should be asked to decide if
they wish to restore the screen.
• Take the help of technical expert to use live forensics tool to extract the
information that is present in the temporary storage memory like RAM.
• If no specialist advice is available, remove the power supply from the
back of the computer without closing down any programs. When
removing the power supply cable, always remove the end attached to the
computer and not that attached to the socket, this will avoid any data
being written to the hard drive if an uninterruptible power protection
device is fitted.
• Procedure for gathering evidences from Mobile Phones
• If the device is "OFF", do not turn "ON".
• With PDAs or cell phones, if device is ON, leave ON. Powering down
device could enable password, thus preventing access to evidence.
• Photograph device and screen display (if available).
• Label and collect all cables (including power supply) and transport with
device.
• Keep the device charged.
• If device cannot be kept charged, analysis by a specialist must be
completed prior to battery discharge or data may be lost.
• Seize additional storage media (memory sticks, compact flash, etc).
• Document all steps involved in seizure of device and components.
• Usage of Faraday bag while seizing mobile phones
• A Faraday bag is a bag where a cell phone is placed, so that it cannot
receive any Signals. This prevents any changes that may take place in
the phone by receiving a Signal.
• Benefits for the investigator if a faraday bag is used are:
• Potentially avoids the problem of the mobile phone becoming PIN locked.
• Faraday Window ensures the examiner to view the phone in a 'faraday'
condition, thus enabling an 'immediate preview of evidence'.
• Re-usable
• To prevent the data from the networks communicating with the device,
therefore stops any chance of evidence being tainted.
• Prevents any chance of evidence being manipulated during covert
acquisition.
 • Forensic Duplication
• Forensic duplication refers to bit stream imaging of data from the digital
media in question. Data resides in all sorts of storage media present in
computers, smart phones, GPS devices, USB drives, and so on. We need
to be able to get to this information in a manner that it does not change
the information on the devices themselves. If the evidence is not collected
properly, we face an issue where the results of the forensic exam will be
put in doubt. Hence it is necessary to copy the data carefully in a
forensically sound manner.
• Files can be copied from suspected storage media using two different
techniques:
a) A logical backup copies the directories and files of a logical volume. It does
not capture other data that may be present on the media, such as deleted files
or residual data stored in slack space.
b) Bit stream imaging-Also known as disk imaging/ cloning/ bit stream
imaging generates a bit-for-bit copy of the original media, including free space
and slack space. Bit stream images require more storage space and take longer
to perform than logical backups.
• After a backup or imaging is performed, it is important to verify that the
copied data is an exact duplicate of the original data.
• Computing the message digest of the copied data can be used to verify
and ensure data integrity. A message digest is a hash that uniquely
identifies data and has the property that changing a single bit in the data
will cause a completely different message digest to be generated.
• Packaging and labeling of the evidence
• Package and labeling refers to the collection of the evidence and then
numbering them in a way that it would easy to go back and retrieve the
data at a later date/time. Every piece of evidence needs to get a tag
number, which contains all the visible details on the evidence. This
information then goes into evidence Database, which contains details of
all the evidences and the tag number on it.
• It is necessary to understand that tagging is a very important part of the
forensics process as it allows us to find the evidence needed among the
plethora of evidence that is collected at a crime scene.
• In addition, each piece of evidence should be packaged separately and
then properly labeled, sealed, and documented. These steps are crucial
for establishing the chain of custody. As we all know, when a case goes
to court, the defense will look for any sign of tampering or poor record
keeping to try to get the evidence — and the case — thrown out. So be
meticulous with your work, but also be smart.
• As much as possible, try and use anti-static bags to transport evidence
as these will protect and prevent any localized static electricity charge
from being deposited onto the devices as the bags are handled.
• Transportation of the evidences
• The dispatch and transportation of evidences is another crucial aspect
that has to be kept in mind by the IOs.
 • Poor dispatching and transportation practices can physically damage the
evidences collected and thereby rendering them useless. Sometimes, the
poor handling may result in alteration of the contents of the digital
evidences due to shock and external electro-magnetic interferences. Such
changes can put a question mark over the integrity of the evidences
collected by the Investigating officer. While sending the evidences to the
Forensic Science Laboratories, always ensure that
• The suspected computer storage media is carried by a special messenger
but not by Registered / Insured post.
• A fresh hard disk of approximately same capacity should also be
submitted for forensic imaging along with the suspected storage media.
• Legal procedure to be followed post-seizure of evidence
• Once the digital evidence is seized during the course of investigation, it
should be brought to the notice of the jurisdictional court (property form
number should be given by the IO) and
a. Obtain orders of the competent court to retain the seized properties in the
custody of the investigating officer for the purpose of investigations.
b. Obtain necessary orders from the competent court to Image/send the digital
evidence for forensic analysis and expert opinion. The PF number should be
mentioned in all the transactions included in the chain of custody.
c. In cases where the accused persons or the owners of the property seized
approaches the court for release of the impounded properties, the IO should
carefully prepare objections for such applications and ensure that no original
evidences are returned which have a bearing on the prosecution of the case.
Wherever, the court orders for release of the seized properties, IO should
ensure that only a forensically imaged copy of the seized property is given to
the accused/owner and never return the original material seized, unless the
court orders so.
• four principles when dealing with digital evidence
• No actions performed by investigators should change data contained on
digital devices or storage media that may subsequently be relied upon in
court.
• Individuals accessing original data must be competent to do so and have
the ability to explain their actions.
• An audit trail or other record of applied processes, suitable for replication
of the results by an independent third-party, must be created and
preserved, accurately documenting each investigative step.
• The person in charge of the investigation has overall responsibility for
ensuring the above-mentioned procedures are followed and in
compliance with governing laws,
• Expert Opinion from the Forensic Examiner
• The following guidelines should be kept in mind by the IOs while
forwarding the digital evidences for forensic analysis from Forensic
Sciences Laboratories or any other Government recognized examiner of
electronic evidence authorized to offer such services.
• The forwarding letter to the FSL for scientific analysis and opinion
should mention the following information.
• Brief history of the case
• The details of the exhibits seized and their place of seizure
• The model, make and description of the hard disk or any storage media
• The date and time of the visit to the scene of crime
• The condition of the computer system (on or off) at the scene of crime
• Is the photograph of the scene of crime is taken?
• Is it a stand-alone computer or a network?
• Is the computer has any Internet connection or any means to
communicate with external computers?
• Availability of information and format from ISPs:
• It is very important for Investigating Officer to understand what
information/evidence relevant to the investigation is available with third-
party companies/providers, which can be very useful and relevant to
reconstruct the crime.
• E-mail Headers
• Information from e-mail service
• User name
• Details of all incoming and outgoing e-mails along with mails stored in
Draft folder
• The IP address from where the e-mail ID is accessed.
• Registration details like IP address, date and time, other services availed,
secondary e-mail ID etc
• User activity, i.e., date and time of logged in and time it is active, etc.
• Information from Mobile service providers
• Customer Acquisition Forms (CAF) Forms — Personal details like name,
address, etc.
• Calling number, called number, time, type of call (ISD/STD/Local/SMS,
etc.)
• Roaming to other cities, etc.
• Tower locations — Latitude and Longitude of the tower
• Tower data
• Information from Social networking sites like facebook, Orkut etc
• - User name
• Personal details updated in the profile
• The IP address from where the profile is accessed
• User activity, i.e., date and time of logged in and duration of the active
sessions, etc.
• Friends and groups with which the user is associated, etc.
• E-mail IDs updated in the personal information.
• Information from Financial institutions/Internet banking institutions
• Personal details updated in the profile of the account holder
• Transactional details
• CAF and other supporting documents submitted by the customer along
with the introducer details
• IP address from where the transaction happened in case of Internet
banking
• Information from Financial institutions/Internet banking institutions
• Personal details updated in the profile of the account holder
• Transactional details
• CAF and other supporting documents submitted by the customer along
with the introducer details
• IP address from where the transaction happened in case of Internet
banking
• Information from Web site domain/hosting providers:
• Registration details
• Access details
• FTP logs
• Payment details Technical/administrative/owner of the domain
• Details of Web site developer
• Access details
• IP addresses
• Payment details
• Called/Calling numbers

• Admissibility electronic evidence

• Introduction
• Special measure should be taken in conducting cyber forensics
investigation. It must be kept in mind that only collection of evidences is
not required.
• The agency is required to ascertain that whether or not the evidences so
gathered are admissible in the court of law.
• For the purpose of admissibility they are supposed to make provisions so
that those evidences are not tampered or toyed.
• Evidences are to undergo a strict test of admissibility.
• Hence they must draw a clear picture of sequence of events leading to
one and only one conclusion of the accused being guilty.
• Evidentiary value of electronic records
• Four conditions any information contained in an electronic record which
is printed on paper, stored, recorded or copied in an optical or magnetic
media, produced by a computer is deemed to be a document and
becomes admissible in proceedings without further proof or production of
the original, as evidence of any contacts of the original or any facts stated
therein, which direct evidence would be admissible.
• The four conditions referred to above are:
(1) The computer output containing such information should have been
produced by the computer during the period when the computer was
used regularly to store or process information for the purpose of any
activities regularly carried on during that period by the person having
lawful control over the use of the computer.
 (2) During such period, information of the kind contained in the
electronic record was regularly fed into the computer in the ordinary
course of such activities.

(3) Throughout the material part of such period, the computer must have
been operating properly. In case the computer was not properly operating
during such period, it must be shown that this did not affect the
electronic record or the accuracy of the contents.

(4) The information contained in the electronic record should be such as

reproduces or is derived from such information fed into the computer in
the ordinary course of such activities
• Lorraine v. Markel American Insurance Company, 241 F.R.D. 534
(D.Md. May 4, 2007).
• In a leading case of Lorraine v. Markel American Insurance
Company, 241 F.R.D. 534 (D.Md. May 4, 2007). Grimm J. describes a
model for addressing admission of electronic evidence.
• Lorraine model suggests that admissibility of electronic evidence focuses
first on relevance, asking whether the electronic evidence has any
tendency to make some fact that that is of consequence of litigation more
or less probable than it would be otherwise.
• Secondly, it should address authenticity asking if the electronic evidence
can be presented purporting its authenticity.
• Thirdly, the issues of hearsay concerns associated with the electronic
evidence must be addressed properly , asking if it is a statement by the
declarant, other than one made by the declarant while testifying at the
trial or hearing, offered for the truth of the matter asserted, and, if the
electronic information is hearsay, whether an exclusion or exception to
the hearsay rule applies.
• Fourthly, the application of the original documents rule must be taken
care of.
• Fifthly, and finally, it should be considered whether the probative value
of the [electronic] evidence is substantially outweighed by the danger of
unfair prejudice, confusion, or waste of time. Careful consideration of
these traditional evidentiary principles will permit a proponent to
successfully admit electronic evidence.
• Logical Relevance – Under Federal Rules of Evidence relevant evidence is
generally admissible while irrelevant evidence is not. “Relevant evidence”
is defined as evidence that has “any tendency to make the existence of
any fact that is of consequence to the determination of the action more
probable or less probable than it would be without the evidence.” Rules
401 and 402 of the Federal Rules of Evidence address this fundamental
question of “logical relevance.
• The Federal Rules’ logical relevance test is quite yielding, particularly in
light of the fact that a court’s determination of logical relevance is
 reviewed under an abuse of discretion standard. This test is applied to
electronic evidence in the same way that it is applied to more traditional
forms of evidence. To those accustomed to applying the Federal Rules’
logical relevance test to more traditional forms of evidence, the test’s
application to electronic evidence is fairly intuitive; it seems that, even
under the view that electronic evidence is fundamentally strange or
“magical,” logical relevance is logical relevance.
• Pragmatic Relevance – At times it may happen that even a logically
relevant evidence may be inadmissible. “if its probative value is
substantially outweighed by the danger of unfair prejudice, confusion of
the issues, or misleading the jury, or by considerations of undue delay,
waste of time, or needless presentation of cumulative evidence”.

Like logical relevance, the Federal Rules’ test for pragmatic relevance is
applied to electronic evidence in the same way it is applied to more
traditional forms of evidence. A court is most likely to invoke Rule 403 to
exclude otherwise relevant electronic evidence where such evidence: (1)
“contain[s] offensive or highly derogatory language that may provoke an
emotional response;” (2) consists of computer animations or simulations
where “there is a substantial risk that the jury may mistake them for the
actual events [at issue] in the litigation;” or (3) it is potentially unreliable
or inaccurate.
• Authentication – It is absolutely necessary for the court to delve deep
into the authenticity of the evidence. It must be shown beyond any iota
of doubt that the evidence is what it purports to be. It is a very common
phenomenon that the electronic records can be easily tutored with and
tampered to meet the desired ends. In this process, no one but the
justice suffers. Absolute care and caution must be exercised in order to
hold any electronic evidence as admissible.
• In State of Delhi v. Mohd. Afzal & Others, 2003 VIIAD Delhi 1, 107 (2003)
DLT 385, 2003 (71) DRJ 178, 2003 (3) JCC 1669 it was held that
electronic records are admissible as evidence. If someone challenges the
accuracy of a computer evidence or electronic record on the grounds of
misuse of system or operating failure or interpolation, then the person
challenging it must prove the same beyond reasonable doubt. The court
observed that mere theoretical and general apprehensions cannot make
clear evidence defective and in admissible. This case has well
demonstrated the admissibility of electronic evidence in various forms in
Indian courts.
R v. Ana Marcolino 1999 Masons CLR 392
• Evidence that computer records produced by a large company, providing
a substantial public service, were subject to licensing and external audit
by the DTI went directly to the issue of whether there was improper use
of the computer when seeking to adduce a computer record as evidence
of fact under s.69 Police and Criminal Evidence Act 1984.
• E-commerce
• Introduction
• We are witnessing a digital revolution with internet becoming an integral
part of its population and availability of internet in the mobile phones.
With the decrease in the prices for using internet, change in lifestyle in
urban areas and the convenience that internet has brought has
supported this revolution.
• The business activity conducted through electronic means falls within e-
commerce. It encompasses all business conducted by computer
networks, be it B2B, B2C, C2C, C2B or B2B2C.
• The services that are offered does not begin or end with providing an
online platform but involves efficient delivery system, proper payment
facilitation and an effective supply chain and service management. So,
the business is not simple as it may seem and also involves a lot of legal
issues.
• Legal principles relating to commerce
• Contract i.e. binding legal agreement
• Universal recognition of a form or token of payment.
• Without legal certainty offered by a contract, and the acceptance of a
token or form of payment in return for goods and services all forms of
commerce lack necessary foundations of certainty and liquidity.
• These are underpinned by the law of contract and the law relating to
payment and payment methods.
• Informal contracts
• Contract of carriage-transport
• Contract of sale-shops
• Contract for the supply of services-salon
• Formed without exchange of written or even oral terms.
• Contracts that have no legally defined form and which may be formed
simply by a consensus ad idem meeting of the minds.
• Contract- acceptance of offered terms and conditions.
• Pharmaceutical society of Great Britain v Boots cash Chemists (southern)
Ltd [1953] 1 QB 401-
• Fisher v Bell [1961] 1 QB 394-shop window display invitation to treat
• Parridge v Crittenden [1968] 2 All ER 421.
• Shop window invitation to treat?
• Offer made by the customer at the till and acceptance by the cashier
• A display on an ecommerce site should it be treated as an invitation to
treat or as a standing offer to sell.
• Should offer come from the customer with acceptance following at a later
stage in the sales process?
• How should contract formation be structured with a computer?
• Offer and Acceptance
• Thornton v shoe lane parking ltd [1971] 2 QB 163
 • Contract non human factor principle that a contractual term displayed
or communicated to a contractual counterparty after consensus ad idem
is reached is not incorporated into contractual terms.
• Offer and acceptance- offer is made when the proprietor of the machine
holds it out as being ready to receive the money. Acceptance takes place
when the customer puts his money into the slot.
• Standing offer-intent of machine operator
• Acceptance by customer terms by putting money in the slot. Vending
machines,
• E-commerce site-standing offer principle as non human agents to
conclude their contracts.
• Odds with pharmaceutical society of Great Britain v Boots cash
chemists,[1953] 1QB 401 fisher v Bell, Partridge v Crittenden that
shop displays both interactive displays and passive displays, are merely
invitations to treat
• E-commerce website like a shop display or vending machine i.e.
invitation to treat principle standing offer principle?
• Acceptance
• 83J. (1) unless otherwise agreed by the parties, an offer and acceptance
of an offer may be expressed by means of electronic messages thus where
an electronic message is used in the formation of a contract, the contract
shall not be denied validity or enforceability solely on the ground that an
electronic message was used for the purpose
• For an acceptance to be effective it has to be communicated to the
offeror.
• It has to be delivered to the offeror-face to face negotiations
• Contract is made at the place where acceptance is received.
• see Entores ltd. V Miles Far East Corporation [1955] 2QB 327
communicating acceptance.
• Contract Formation
1. Valid contracts require: offer, acceptance, and consideration.
Offer.
• Definition: Manifestation of willingness to enter into a bargain, so made
as to justify another person in understanding that his assent to that
bargain is invited and will conclude it.
• Whether communication constitutes an offer rather than preliminary
negotiation depends upon surrounding circumstances.
An Offer combined with an Acceptance results in "Mutual Assent."
• Timing of acceptance in traditional contracting environments: acceptance
occurs when the acceptance is mailed or sent, not when received or
acknowledged (the "Mailbox Rule").
• Similarly, electronic acceptance is effective when acceptance is sent.
• Mutual Assent.
• Mutual assent is the manifestation by both parties of an intent to be
bound.
 • Acceptance of an offer can be manifested by acts as well as words,
including through e-mail communication.
• Browse-wrap could potentially be a manifestation of assent through
action of accessing site.
• Contract offers and acceptances through separate e-mail may also
suffice, if mutual assent is reached.
• A "meeting of the minds" must exist with respect to each material issue
in the agreement.
• Failure to agree on essential terms of a contract indicates a lack of
mutual assent.
• Online agreements must demonstrate both parties intend to be bound.
• A clear indication of affirmative assent is the distinction between click-
wrap and browse-wrap agreements.
• Mutual assent is determined under an objective standard: what would a
reasonable person think of the meaning of the outward expressions of
the parties?
• Terms of the agreement should be clear and unambiguous, and it is the
duty of a court, not a jury, to determine if a valid contract exists.
• When plain and unambiguous, a court must presume parties meant
what they expressed, and will not consider what parties may have
subjectively intended.
• Ambiguity arises if a reasonable person would believe language is
susceptible to more than one meaning.
• A contract must be construed in its entirety.
• Consideration
• Definition: An act, forbearance, change in legal relations, or promise.
• Mutuality required: Both parties must exchange promises representing
legal obligations.
• Adequacy of consideration is determined at the time the agreement is
entered into
• Contractual terms
• Are those agreed by the parties at the time of the contract.
i. Express terms
ii. Terms incorporated by reference
iii. Implied terms
• Express terms
• The terms should be clearly set out in the transmission of information
between parties and should be easily/clearly identified.
What to bear in mind
a. Parties must take care to identify the document(s) constituting the
contract. (e-mail)
b. Court interpretation whenever there is dispute-they should limit
inconsistencies/ambiguities in the contractual terms in case there is
disagreement courts apply established rules of contractual
interpretation.
• Incorporated by Reference
• Due to nature of web i.e. its structure- interconnected, hyperlinked etc.
• Common in electronic contracts.
• Terms contracting party wishes to incorporate are set out in a separate
document somewhere in the contractual documentation.
• Terms and conditions page linked via hypertext link.
• Implied terms
• Implied terms usually come about apart from the contract formation
process.
• The fact that a contract has been concluded in cyber space will be of no
impact to rules of formation of contract.
• Implied terms may be implied by fact, such as terms required to give a
contract business efficacy and terms implied on the basis of custom and
usage.
• Terms may be implied by common law usage eg road sea worthiness-
implied into contracts for the carriage of goods by sea/road.
• Thus, the introduction of these terms is uniform, no matter how the
contract was negotiated and concluded.
• Use of electronic means to conclude the contract will not affect the
established rules.
• Essential Features
• Terms must be clear and unambiguous.
• Must have been clearly intended to form part of the contract.
• Must be brought to the attention of the other party before conclusion of
the contract and in a manner that shows that they form part of the
contractual terms.
• Presently incorporated mostly in accept terms and conditions dialogue
box before order is processed however, most don’t read the same though
they accept the terms and conditions.
• Enforcing terms
• Consumer Protection Act
• Formal Contracts
• Not all contracts are accommodated into the framework of the
information society.
• Vast majority of contracts informal in nature.
• A number of contracts (usually high value) need to be formally concluded
usually in writing and with signature.
• E-Business and Legal Issues
• The technological basis of e-commerce is basically what is called three-
tier architectures.
• The client tier is the Web browser involving some type of form processing.
• The middle tier is the Web server, often with transaction processing.
• The Web server in turn links to the third tier, a database processing the
order information.
• Some of the issues are strictly Internet-related, such as domain names
and trademarks, linking and framing, clickware (and shrinkware), and
metatag use.
 • Others are traditional issues applied to the Internet, such as copyright,
contracts, consumer protection, privacy, taxation, regulated industries
and jurisdiction.
• E-commerce site development, its advertising, electronic transaction,
money transactions and such involve many legal issues.
• Before developing an e-commerce site a registered domain and a
registered trademark should be established.
• There must be some copyright protection on the site.
• The business must ensure that it displays the terms and
condition/policies within its site.
• Security involving the privacy of a user's data is always one of the main
concerns while doing business online.
• Defining rules and regulations for the advertisement of the site by
placing banners on other known sites.
• Issues regarding the legalization of electronic transactions
• Major issues regarding the legalization of electronic transactions include
the following.
• Ensure proper online contracts.
• Record retention obligations.
• Original documentation, in terms of TAX and VAT requirements.
• Import/export regulations.
• Exchange control regulation.
• Foreign data protection law.
• Legal Issues
1. E-contracts: Electronic contracts are governed by the basic principles
provided in the Contract Act, which mandates that a valid contract should have
been entered with a free consent and for a lawful consideration between two
adults.
The Supreme Court of India in Trimex International FZE Ltd. Dubai v. Vedanta
Aluminum Ltd. has held that e-mails exchanges between parties regarding
mutual obligations constitute a contract.
• In an online environment, the possibility of minors entering into
contracts increases, more so with the increasing usage of online
medium among non adults minors and their preference to shop online or
purchase online goods/services.
• Stamping of contracts. An instrument that is not appropriately
stamped may not be admissible as evidence unless the necessary stamp
duty along with the penalty has been paid. But payment of stamp duty is
applicable in case of physical documents and is not feasible in cases of e-
contracts. However, as the payment of stamp duty has gone online and
e-stamp papers are available, it can become a possibility later that stamp
duty might be asked on e-contracts as well.
• The other crucial issue is the consent and the way offers are accepted in
an online environment. In a click wrap and shrink wrap contract, the
customers do not have any opportunity to negotiate the terms and
 conditions and they simply have to accept the contract before
commencing to purchase.
• Data Protection: The entity collecting data should have a privacy policy
in place, should always obtain consent from the provider of sensitive
information and maintain reasonable security practices and procedures.
Unauthorized access to personal information and any misuse of such
personal information should be checked by the online goods/service
providers
• Intellectual Property Rights (“IPR”): There are enormous possibilities
of trade mark, copyright or patent infringements in online medium. E-
commerce websites are designed and made by other parties and often the
content is also created by third parties.
• Unless the agreements between the parties specifically provide the IP
rights, there can be serious ownership issues of IPR. Any usage of third
party IPR should have valid approvals in place. In interactive websites,
the disclaimer and IPR policy should clearly spell out these issues and
goods/service providers should also keep a watchful eye on the usage of
their websites regularly. Domain names have trade mark protection and
deceptively similar domain names can give rise to disputes. In Satyam
Infoway Ltd v. Sifynet Solutions Pvt Ltd., the Supreme Court had held
that “a domain name may pertain to the provision of services within the
meaning of section 2(z) of the Trade Marks Act.”
• Efficient delivery system and an effective supply chain and service
management: It is important to always keep consumer protection
issues in consideration in e-commerce. The Consumer Protection Act,
governs the relationship between consumers and goods & service
providers and there are no specific provisions related to online
transactions. Liability for a goods/service provider arises when there is
“deficiency in service” or “defect in goods” or occurrence of “unfair trade
practice”.
• The CPA specifically excludes from within scope any service rendered free
of cost. So, if only the actual sale is taking place in the online medium,
the users will be considered as consumers under the CPA.
• The goods/service providers may be asked to remove
defects/deficiencies, replace the goods, return the price already paid,
compensate and discontinue the unfair trade practice or the restrictive
trade practice and not repeat them.
• Under the Information Technology (Intermediaries Guidelines) Rules,
2011, the intermediaries have the obligation to publish the rules and
regulations, privacy policy and user agreement for access or usage of
the intermediary’s computer resource by any person.
• Such rules and regulations must inform the users of computer resource
not to host, display, upload, modify, publish, transmit, update or share
certain prescribed categories of prohibited information.
 • Also, the intermediary must not knowingly host or publish any
prohibited information and if done should remove them within 36 hours
of its knowledge.
• In Consim Info Pvt. Ltd v. Google India Pvt. Ltd, the Delhi Court recognized
that no injunctive relief could be granted to Consim since it did not pass
the triple test of (i) prima facie case (ii) balance of convenience and (iii)
irreparable hardship but here the decision of the court was greatly
influenced by the fact that the trademarks in dispute were generic in
nature.
• The court also observed that though the intermediary, Google, cannot be
made liable for infringement arising out of a third party’s actions since it
is not possible to always check every advertisement posted online;
however, this observation was subject to section 3(4) of the aforesaid
Intermediaries Guidelines and Google had to act upon it within 36 hours
of receipt, failing which it may be held liable.
• Advertising: Advertising is an important and legitimate means for a
seller to awaken interest in his products. The advertisements should
make truthful and honest representations and avoid false and misleading
claims, should not be offensive to public decency or morality, not
promote products which are hazardous or harmful to society or to
individuals, particularly minors, observe fairness in competition keeping
in mind
• Competition: E-commerce has already generated a lot of competition
with ever increasing players and acquisition of several old players in the
market and has enabled development of new services, new distribution
channels, and greater efficiency in business activities.
• Potential issues for e-commerce players would be price fixing or tacit
collusion or anticompetitive discrimination or refusal of access to third
parties. E-commerce players should refrain from collusion and excessive
pricing. Options for parties to use same web platform for different kinds
of products/services can give rise to different intermediaries and that can
lead to collusive behavior. Market transparency should be encouraged.
• Kenya Information and Communications Act
83C.-Commision functions in relation to electronic contracts
83J. (1) In the context of contract formation, unless otherwise agreed by
the parties, an offer and acceptance of an offer may be expressed by means of
electronic messages thus where an electronic message is used in the formation
of a contract, the contract shall not be denied validity or enforceability solely on
the ground that an electronic message was used for the purpose
83O. Requirement digital signature
83P.legal recognition of digital signatures
83R. Regulation for digital signatures
83S. Use of electronic records and electronic signatures in Government and its
agencies.
• 83K. As between the originator and the addressee of an electronic
message, a declaration of intent or other statement shall not be denied
 legal effect, validity or enforceability solely on the ground that it is in the
form of an electronic message.
• A contract is no less a contract simply because it is entered into via a
computer.
• The bright line rules regarding online agreements are still being
developed.
• Courts generally apply traditional contract law principles to online
contracts.
• The vast majority of online agreements take the form of a "click-wrap
agreement." Typical forms of online agreements include online terms of
use for popular web services.
• In a "click-wrap" agreement the user typically manifests assent by
clicking an "I accept" icon on a web-page or pop-up screen.
• Courts addressing "click-wrap" agreements have uniformly held them to
be valid and enforceable.
• As with any contract, a user's failure to read a "click-wrap" agreement
prior to accepting its terms, will not excuse compliance with its terms.
• Browse-wrap agreements: those agreements which are formed not by
clicking "I accept," but through a user's access or use of a website for
which terms of use are in effect; browse-wrap agreements are more likely
to be rejected by courts.
• Courts, however, have enforced browse-wrap agreements based on the
following reasoning:
• People often enter into service contracts without first seeing the terms.
• More enforceable against frequent visitors to sites.
• More enforceable against sophisticated commercial entities.
• Common Contract Validity Problems
• 1. Illusory: No valid contract when one of the parties assumes no
obligation.
• When no obligation is created, the consideration element fails.
• Both parties must be bound or neither is bound.
• 2. Unconscionable Contracts/Contracts of Adhesion.
• "Inequality so gross as to shock the conscience."
• Two elements for determining whether a contract is unconscionable:
• Procedural: Inequality in the manner in which contract was negotiated.
• Procedural unconscionability usually occurs in context of a contract of
adhesion.
• Definition of "Adhesion": Imposed and drafted by party of superior
bargaining strength giving offeree only the opportunity to accept or
reject.
• Some argue that click-wrap agreements are unconscionable because they
are "take it or leave it," but courts generally find them valid (except when
the terms are so egregious that they violate public policy).
• Two bases for procedural inequality:
• Oppression: Inequality of bargaining power creating no real negotiation
and an absence of meaningful choice.
• Surprise: Supposedly agreed-upon terms of the bargain are hidden
through fine print or convoluted language.
• Substantive: Inequality due to overly harsh or one-sided results.
• Procedural and substantive elements do not have to be present in the
same degree in order for a contract to be unconscionable.
• A contract is not valid, unless it is:
• In writing; and
• Signed by each party to the contract.
• Some court decisions have relaxed the signature requirement to allow for
electronic communication.
• Verification issues can arise for anyone relying on electronic signatures
and companies must take actions to ensure that each signature is valid.
• Agreement to Agree
• A promise to agree in the future is not binding on the parties, and
therefore creates a failure of consideration.
• Rule: If essential element of a promise is reserved for future agreement,
the promise gives no rise to legal obligations until the future promise is
made.
• Depends on relative importance and severability of future matter.
• If unessential, parties must accept reasonable determination of unsettled
point.
• E-signature
What E-Sign does:
• o Grants legal validity to electronic signatures or contracts, or contracts
relating to electronic signatures.
• o Electronic records satisfy requirements of any laws requiring that
contracts or other records be in writing.
What E-Sign does not do:
• o Affect substantive rights.
• o Require any person to agree to use or accept electronic records or
signatures.
• o If a law requires contracts or transactions to be in writing, the
• enforceability of the electronic copy may be affected if it is not in a form
that can be accurately retained and reproduced for all parties.
• o Use of electronic agents does not affect legal validity so long as the
action of the agent is legally attributable to the person to be bound.
• Authentication: Determining the validity of the signature.
• Can be proven in any manner, including showing that a party made use
of the information or rights that were only available to parties who agreed
to the terms.
• Compliance with a commercially reasonable attribution procedure agreed
to or adopted by parties or established by law, authenticates the record
as a matter of law.
• Authentication relates to manifesting of assent after opportunity to
review.
• The electronic signature is unique to the signatory;
• o The technology or process used to attach or associate the signature to
the document is under the sole control of the signatory;
• o The technology or process can be used to identify the signatory and
• o The signature and document are so linked that any subsequent
changes are detectable.
• Electronic Signatures.
• ■ The EU Directive concerning electronic signatures is Directive
1999/93/EC of the European Parliament and of the Council (the "E-
Signature Directive"). Article 1 clearly states that its purpose is to
facilitate the use of electronic signatures and that it does not cover
aspects relating to contracts
• Primary function signature
• Signature provides evidence of
1. Identity of signatory
2. That the signatory intended the signature to be his signature
3. That the signatory approves of and adopts the contents of the document.
• Standard electronic signature
• Is one in which data in electronic form are attached to or logically
associated with other electronic data and which serve as a method of
authentication.
• Advanced electronic signature
• It is uniquely linked to the signatory
• It is capable f identifying the signatory
• It is created using means that the signatory can maintain under his sole
control.
• It is linked to the data to which it relates in such manner that any
subsequent change of the data is detectable.
• It is based in encryption technology.
• Public key encryption PKE
• Earlier –symetric keys-originator of the message and the recipient of
message would use the same key to encrypt and decrypt the message.
• Asymetric/PKE- two keys are created one known as private key the other
public key.
• The keys are mathematically linked, i.e. if you encrypt a message with
one key it can only be decrypted by the other.
• Drawback is that PKE signature by itself does not prove identity,
especially for people in remote locations.
• Solution for electronic signatures is to issue certificate of identity; a
virtual ID card for key pairs.
• User either creates her own key pairs and sends to certification agency
along with proof of identity or approaching the certification agency and
asking them to create a key pair and to issue certificate at the same time.
• Agency must carry out checks to establish identity before issuing
certificate and may be held liable for damages should someone rely upon
that certificate to their loss through any fault of the certifying authority.
• Case Law Addressing Click-wrap/Browse-wrap Agreements
• A. Definition of Click-wrap Agreements
• Under a typical arrangement, terms and conditions are provided when
purchased software is installed or downloaded, or when a site is accessed
or service is requested on the Internet.
• Terms are usually presented in a separate frame on the same screen with
an "accept" button or in a new window with an "accept" button contained
therein. Terms may also be presented as a hyperlink next to an "accept"
button.
• Terms and conditions are presented on a "take it or leave it" basis; no
bargaining between the parties with respect to the terms of the
agreement.
• Acceptance of the terms is typically manifested by clicking on an on
screen icon or button.
• B. Case Law Permitting Click-wrap Agreements
• 1. Forrest v. Verizon Communications Inc., 805 A.2d 1007 (D.C. App.
2002)
• Facts: Verizon sought to enforce a forum selection clause contained in
its terms of service. Verizon's online service agreement appeared to
subscribers in a scroll box, allowing customers to view only a small
portion of the agreement at any given time. In order to assent to the
terms of the agreement, subscriber must click an "Accept" button below
the scroll box.
• Issue: Does presentation of the terms of service in a scroll box provide
sufficient notice of the terms?
• Holding: The use of an electronic service agreement contained in a scroll
box does not amount to inadequate notice. "[A] contract is no less a
contract simply because it is entered into via a computer."
•
• 2. CoStar Realty Info, Inc. v. Field, 612 F. Supp. 2d 660 (D.MD 2009)
• Facts: CoStar licensed its database of real estate properties to Alliance
Group. Alliance then shared its access with a third party, which was not
authorized under the terms of use agreed to by Alliance. CoStar moved to
enforce the terms of use.
• Issue: Can the terms of use be enforced if the user did not review the
terms, and in fact is a third party to the agreement?
• Holding: The affirmative step of clicking a box and accepting the terms
bound Alliance to the agreement, including anyone that Alliance shared
its password with. Failure to read the contract does not make it void.
• 3. Segal v. Amazon.com, Inc. 763 F. Supp. 2d 1367 (S.D. Fla. 2011)
• Facts: Segal attempted to invalidate a forum selection clause in the seller
agreement contained on Amazon.com, claiming in part that because the
clause was contained in a click-wrap agreement it was not binding
because Segal did not read the agreement.
• Issue: Does a click-wrap agreement create a binding agreement, even if
the party did not read the terms?
• Holding: Click-wrap agreements are binding and enforceable throughout
the federal circuits. The failure to read a contract does not excuse a party
from being bound by it.
• 4. Fteja v. Facebook, Inc. 2012 U.S. Dist. LEXIS 12991 (S.D.N.Y.
2012)
• Facts: Facebook placed its terms of service in a hyperlink below the sign
up button that new users encounter during the registration process.
Fteja sued after his account was banned and Facebook moved to enforce
a forum selection clause contained in the terms of service. Fteja claimed
he never saw the terms and that the hyperlink was not adequate notice
to manifest acceptance.
• Issue: Is the placing of a terms of service agreement behind a hyperlink,
and requiring affirmative steps to accept those terms, enough to enforce
an agreement?
• Holding: The hyperlink under the sign up button was enough notice to
create an agreement, there does not have to be a frame or page with the
text of the agreement near the "accept" button. A blue underlined link is
well known on the Internet to contain more information, which is similar
to a real world contract referencing different pages of the agreement.
• 5. Treiber & Straub, Inc. v. UPS, Inc., 474 F.3d 379 (7th Cir. 2007)
• Facts: Treiber shipped a $100,000 ring via UPS and bought $50,000 in
insurance from UPS for the package. UPS lost the package and denied
any liability for the loss because their terms of use, for which Treiber
twice clicked "I agree", did not allow shipments of a value over $50,000.
• Issue: Did UPS's terms and conditions, shipping tariff, and insurance
policy create a binding agreement that cleared UPS of all liability?
• Holding: The terms and conditions were twice agreed to by Treiber and
the tariff and insurance policy both offered the same clause limiting the
value of shipped items to $50,000 or less. There was ample notice and
clear agreement by Treiber, regardless of whether he understood the
terms of the agreement.
• 6. Doe 1 v. AOL LLC, 552 F.3d 1077 (9th Cir. 2009)
• Facts: A class action case was brought against AOL after it released
anonymized user data for research purposes. The case was brought in
California and AOL moved to enforce a forum selection clause contained
in the Member Agreement, that each member must click "I agree" on
before service was granted.
• Issue: Is the forum selection clause contained in the Member Agreement
valid?
• Holding: The court took the validity of the agreement as a given, not
even discussing whether the Doe plaintiffs formed a binding contract.
The clause was found unenforceable due to California public policy
having nothing to do with the overall validity of the contract. This court
appears to see click-wrap agreements as a standard form of contracting
not warranting special attention or analysis.
• International law relating to e-commerce
• Electronic Commerce challenges and existing regulatory structures:
– Is conventional law obsolete?
– Will existing requirements apply?
– How can certainty be achieved?
– Should solutions be international?
• E-Commerce creates new issues:
– Classification difficulties: the virtual goods
– New contract types: web hosting, web server etc.
• … but the essence of business transactions remains the same.
• Conventional law has not become obsolete...
– “On line” contracts are not different from “off line”
– Medium of a transaction is generally irrelevant for the law.
• …and nevertheless, it requires some adaptation.
• Legal concepts based on the existence of a tangible medium:
“instrument”, “document”, “original”, “signature”,
• Legal concepts based on geographic location:
“delivery”, “receipt”, “dispatch”, “surrender”
• International harmonization model laws
• UNCITRAL Model Law on Electronic Commerce (1996)
• UNCITRAL Model Law on Electronic Signatures (2001)
• The Electronic Communications Convention (ECC)
• UNCITRAL model law
• UNCITRAL studies concluded:
– Existing law is not obsolete, but may create obstacles to electronic
commerce
– Contract is insufficient
– Mandatory requirements need legislation
– Uniform international solutions needed
• UNCITRAL model law
• Adopted by UNCITRAL in 1996
• Objectives of the Model Law:
– To facilitate rather than regulate electronic commerce
– To adapt existing legal requirements
– To provide basic legal validity and raise legal certainty
• Scope of the Model Law:
– Applies to electronic messages “used in the context of commercial
activities”
– “Electronic message” broadly defined (includes EDI, e-mail,
telegram, telex and fax)
– Does not affect consumer protection laws
• Basic Principles of the Model Law
• Functional equivalence
– Analyze purposes and functions of paper-based requirements
(“writing”, “record”, “signature”, “original”)
 – Consider criteria necessary to replicate those functions and
give electronic data the same level of recognition as
information on paper
• Media and technology neutrality
– Equal treatment of paper-based and electronic transactions
– Equal treatment of different techniques (EDI, e-mail, Internet,
telegram, telex, fax)
• Party autonomy
– Primacy of party agreement on whether and how to use e-
commerce techniques
– Parties free to choose security level appropriate for their
transactions
• Party autonomy (II)
– The Model Law as a tool for enabling electronic commerce in
an open environment
– The Model Law as a source of inspiration for contractual
frameworks governing electronic commerce in a closed
environment
• Legal recognition: Articles 5 and 5bis
– Information shall not be denied legal effect, validity or
enforceability solely because it is in the form of a data
message
– Writing: Article 6
– Where the law requires information to be in writing, that
requirement is met by a data message if the information
contained therein is accessible so as to be usable for
subsequent reference.
– Elements of novelty
• legal effect without traditional written document
• need for legal rules applicable in an international
environment
• lesser relevance of territory and geographical location
– Signature: Article 7
– Legal signature requirement is met in relation to a data
message if:
• a method is used to identify the signatory and to indicate his
approval of the information contained in the data message;
and
• that method is as reliable as was appropriate for the purpose
for which the data message was generated or communicated
• Original: Article 8
– Legal requirement is met by a data message if:
• there exists a reliable assurance as to the integrity of the
information from the time when it was first generated in its
final form, as a data message or otherwise; and
 • information is capable of being displayed to the person to
whom it is to be presented.
• Original: Article 8
– Criteria for assessing integrity: whether the information has
remained complete and unaltered, apart from the addition of
any endorsement and any change which arises in the normal
course of communication, storage and display.
– Standard of reliability required shall be assessed in the light of
the purpose for which the information was generated and of all
the relevant circumstances.
• Original: Article 9
• Evidentiary value-rules of evidence shall not apply so as to deny the
admissibility of a data message in evidence.
• Article 10. Retention of data messages (1) Where the law requires that
certain documents, records or information be retained, that requirement
is met by retaining data messages,
• Article 11. Formation and validity of contracts (1) In the context of
contract formation, unless otherwise agreed by the parties, an offer and
the acceptance of an offer may be expressed by means of data messages
• Articles 16 and 17 (Electronic commerce and carriage of goods)
• Summary UNCITRAL model law
• The MLEC was the first legislative text to adopt the fundamental
principles of non-discrimination, technological neutrality and functional
equivalence that are widely regarded as the founding elements of modern
electronic commerce law.
• The principle of non-discrimination ensures that a document would not
be denied legal effect, validity or enforceability solely on the grounds that
it is in electronic form.
• The principle of technological neutrality mandates the adoption of
provisions that are neutral with respect to technology used. In light of
the rapid technological advances, neutral rules aim at accommodating
any future development without further legislative work.
• The functional equivalence principle lays out criteria under which
electronic communications may be considered equivalent to paper-based
communications.
• In particular, it sets out the specific requirements that electronic
communications need to meet in order to fulfil the same purposes and
functions that certain notions in the traditional paper-based system - for
example, "writing," "original," "signed," and "record"- seek to achieve.
• Besides formulating the legal notions of non-discrimination,
technological neutrality and functional equivalence, the MLEC
establishes rules for the formation and validity of contracts concluded by
electronic means, for the attribution of data messages, for the
acknowledgement of receipt and for determining the time and place of
dispatch and receipt of data messages.
• UNCITRAL Model Law on Electronic Signatures (2001)
• How to set up an enabling legal environment for national and cross-
border single windows, so that the single window facility is integrated in
the paperless cross-border supply chain?
• Adopted by UNCITRAL on 5 July 2001.
• The Model Law on Electronic Signatures (MLES) aims at bringing
additional legal certainty to the use of electronic signatures.
• The MLES establishes criteria of technical reliability for the equivalence
between electronic and hand-written signatures.
• The MLES follows a technology-neutral approach, which avoids favoring
the use of any specific technical product.
• The MLES establishes basic rules of conduct that may serve as
guidelines for assessing possible responsibilities and liabilities for the
signatory, the relying party and trusted third parties intervening in the
signature process.
• Article 3. Equal treatment of signature technologies
• Article 4. Interpretation-regard is to be had to its international origin and
to the need to promote uniformity in its application and the observance
of good faith
• Article 6. Compliance with a requirement for a signature
• Article 8. Conduct of the signatory-Exercise reasonable care to avoid
unauthorized use of its signature creation data; inform authority incase
of data been compromised, signatory bears legal consequences
• Article 11. Conduct of the relying party-legal consequences failure to
verify the reliability of an electronic signature, observe any limitation
with respect to the certificate.
• Article 12. Recognition of foreign certificates and electronic signatures no
regard to geographic location where the certificate is issued or the
electronic signature created or used; or the place of business of the
issuer or signatory
• Summary UNCITRAL model law on e-signatures
• The MLES is based on the fundamental principles common to all
UNCITRAL texts relating to electronic commerce, namely non-
discrimination, technological neutrality and functional equivalence.
• The MLES establishes criteria of technical reliability for the equivalence
between electronic and hand-written signatures as well as basic rules of
conduct that may serve as guidelines for assessing duties and liabilities
for the signatory, the relying party and trusted third parties intervening
in the signature process.
• Finally, the MLES contains provisions favouring the recognition of foreign
certificates and electronic signatures based on a principle of substantive
equivalence that disregards the place of origin of the foreign signature.
• United Nations Convention on the Use of Electronic Communications in
International Contracts
Electronic Communications Convention (ECC)
• Adopted by the General Assembly on 23 November 2005.
• The Electronic Communications Convention (ECC) builds up and, in
certain cases, updates the provisions of both Model Laws.
• The ECC aims at enhancing legal certainty and commercial
predictability where electronic communications are used in relation to
international contracts.
• The ECC addresses the determination of a party's location in an
electronic environment; the time and place of dispatch and receipt of
electronic communications and acknowledgement of receipt; the use of
automated message systems for contract formation; and the criteria to be
used for establishing functional equivalence between electronic
communications and paper documents.
• Article 8. Legal recognition of electronic communications
• Article 9. Form requirements-met if done electronic communication
• Article 10. Time and place of dispatch and receipt of electronic
communications-time when it leaves an information system under the
control of the originator or on behalf of the originator or, if the electronic
communication has not left an information system under the control of
the originator or of the party who sent it on behalf of the originator, the
time when the electronic communication is received. time of receipt of an
electronic communication is the time when it becomes capable of being
retrieved by the addressee at an electronic address designated by the
addressee.
• Article 11. Invitations to make offers-
• Article 12. Use of automated message systems
• for contract formation-A contract formed by the interaction of an
automated message system and a natural person, valid
• Article 13. Availability of contract terms- to make available to the other
party electronic communications which contain the contractual terms
• Article 14. Error in electronic communications-right to withdraw the
portion of the electronic communication in which the input error was
made
• Summary Electronic Communications Convention
• The Electronic Communications Convention builds upon earlier
instruments drafted by the Commission, and, in particular, the
UNCITRAL Model Law on Electronic Commerce and the UNCITRAL Model
Law on Electronic Signatures.
• These instruments are widely considered standard legislative texts
setting forth the three fundamental principles of electronic commerce
legislation, which the Convention incorporates, namely non-
discrimination, technological neutrality and functional equivalence.
• The Convention applies to all electronic communications exchanged
between parties whose places of business are in different States when at
least one party has its place of business in a Contracting State (Art. 1).
• It may also apply by virtue of the parties' choice. Contracts concluded for
personal, family or household purposes, such as those relating to family
law and the law of succession, as well as certain financial transactions,
 negotiable instruments, and documents of title, are excluded from the
Convention's scope of application (Art. 2).
• the Convention sets out criteria for establishing the functional
equivalence between electronic communications and paper documents,
as well as between electronic authentication methods and handwritten
signatures (Art. 9). Similarly, the Convention defines the time and place
of dispatch and receipt of electronic communications, tailoring the
traditional rules for these legal concepts to suit the electronic context
and innovating with respect to the provisions of the Model Law on
Electronic Commerce (Art. 10).
• Moreover, the Convention establishes the general principle that
communications are not to be denied legal validity solely on the grounds
that they were made in electronic form (Art. 8). Specifically, given the
proliferation of automated message systems, the Convention allows for
the enforceability of contracts entered into by such systems, including
when no natural person reviewed the individual actions carried out by
them (Art. 12).
• The Convention further clarifies that a proposal to conclude a contract
made through electronic means and not addressed to specific parties
amounts to an invitation to deal, rather than an offer whose acceptance
binds the offering party, in line with the corresponding provision of the
CISG (Art. 11). Moreover, the Convention establishes remedies in case of
input errors by natural persons entering information into automated
message systems (Art. 14).
• Finally, the Convention allows contractual parties to exclude its
application or vary its terms within the limits allowed by otherwise
applicable legislative provisions (Art. 3).
• Relation to private international law and existing domestic law
• Whether the Convention applies to a given international commercial
transaction is a matter to be determined by the choice of law rules of the
State whose court is asked to decide a dispute (lex fori).
• The Convention is also applicable if the parties to the contract have
validly chosen its provisions as the law applicable to the contract.
• Kenya laws e-commerce
• Applicable Legislation
• The Central Bank of Kenya Act as amended in 2003 gives CBK broad
oversight mandate over payment systems, but does not provide for
operational modalities
• CBK’s agency guidelines issued in 2011
• Kenya Information and Communications Act
• Consumer Protection Law
• Capital Markets Authority Act
• the CBK issued its Electronic Payment Guidelines of 2011 and Retail
Electronic Transfer Guidelines of 2011.
• NATIONAL PAYMENT SYSTEM ACT 2011
• Know your customer
 • Ethical and legal issues in social media
• Introduction
• The last 2 decades, in particular, have been characterized by exponential
advances in technology, especially by personal access to ever more
sophisticated electronic devices for information retrieval and
communication.
• Concomitant changes in cultural mores relative to the use of such devices
have widened the intergenerational gap, affecting all institutions, including
law and education.
• Social communication paradigm is changing from the traditional face-to-
face or telephone model to one that uses a variety of Web-based social
media applications.
• Use of social media for communication purposes continues to grow, while
"old school" messaging media like email is on the decline.
• Facebook reportedly has reached 700 million users worldwide and is
putatively valued at $50 billion dollars.
• Advertising revenue expected to be generated from social media is
estimated to reach $8.3 billion dollars annually by 2015.
• Survey, 81% of companies have implemented (or plan to implement)
social networking in order to enhance their exposure.
• Strategies organizations seek to employ social media
• Direct Interaction. Direct interaction (with customer, "influencers,"
media, colleagues, etc.) is really the most basic use of social media, it
involves an organization using social media to communicate and interact
with the general social media population (or subsets of that
population).
• Approaches for direct interaction include the following:
(a) allowing an organization’s general employee population to go out and
interact on behalf of the company with little instruction or supervision;
(b) allowing an organization’s general employee population to go out and
interact on behalf of the company with strict instructions and supervision;
(c) identifying a small dedicated group to interact on social media on behalf of
the company, including potentially the use of “corporate profiles” not tied to
any individual person; and
(d) hiring a third party marketing company to interact on social media
pursuant to a specific marketing strategy.
• Company Page/Fan Site.
• Some social media platforms allow organizations to create “fan pages”
(e.g. Facebook) or company pages (LinkedIn).
• These types of pages/site allow an organization to set up a centralized
presence or "destination" within a social media platform.
• Interested individuals can then join or follow postings that occur on the
organization’s fan page/site, and those visitors can themselves post and
interact on the fan page or site.
 • This allows for interaction in a more centralized fashion
• Social Media Applications
• Some social media platforms allow organizations to create applications
that can be plugged into the social media platform. For example, a
company with a presence on Facebook could hire an application
developer to develop an application that Facebook users could operate.
• This would essentially provide an advertisement for the company and
create goodwill amongst potential customers.
• In addition, when the application is downloaded by a user, the company
would then get access to certain personal information that is part of the
user’s profile.
• This information can be valuable for targeting prospective customers
and data mining purposes.
• Blogging
• Blogs that allow for comments and interaction between the blogger and
his readers (and interaction between the readers themselves) are social
media.
• This interaction typically occurs in the “comments” section of a blog. In
addition, many organizations use their blog as the kernel for interaction
in other social media platforms.
• So, an organization with a blog might do a post and tweet it on Twitter,
cross-post it on their Facebook fan page and post it in a LinkedIn Group,
in order to drive traffic to the company’s blogpost (and ultimately
website, product or service).
• Social Plug-ins. Many social media platforms provide “widgets” or “plug-
ins” that can be put into a website to allow the content of the website to
be commented upon and shared within the social media platform. The
plug-in may be in the form of a “button” that allows a website visitor to
“like” particular content and have their preference posted in
Twitter, Facebook or Digg. Some social medial platforms may be
seamlessly integrated into a website in such a manner that makes it
virtually invisible. Using these plug-ins can help` spread an
organization’s message to a much wider audience and drive traffic to the
organization’s website
• Log-In Credentials.
• Another interesting way social media platforms are being utilized is to
allow website visitors to login to an organization’s website employing the
log-in credentials they use to gain access to a social media platform.
• Under this scenario an organization with a website could allow visitors to
access the company’s website by logging into their Facebook or Twitter
account using the same username and password.
The organization benefits in several ways by employing this practice.
1. The visitor gets to avoid setting up a new username and password specific to
the website, which can be viewed as time-consuming by some visitors.
2. The user is less likely to forget a username/password from a frequently-used
social media platform, and this makes logging in very easy.
3. By linking to the social media platform’s authentication credentials, the
organization is able to obtain certain personal information about that visitor
that is available on the social media platform
• Ethical issues
Ethical questions can be categorized according to 5 primary criteria:
(1) who is viewing the social media information;
(2) how is the social media information accessed;
(3) for what purpose is the social information used;
(4) what are the criteria one uses for making judgments about social media
information; and
(5) what is the nature of “relationships” in social media.
• Who Is Viewing the Information?
“Is it acceptable for someone outside an individual's social network to view that
person's social media information?”
Although one can argue that information placed online can be considered
“public,” there is still an ethical issue of whether that “public” is an “open
public.”
Much of the conversation occurring through social media is directed at a select
group of friends, colleagues, and cohorts.
According to some, anyone outside of that intended audience who views social
media may violate the basic concept of individual privacy.
• How is the Social Media Information Accessed?
• How someone becomes privy to the social media information of another is
an important ethical issue.
• It is one thing to view social media information of someone who
specifically granted access to it. However, it is a different matter to
access that information if presented by a third party, such as a fellow
student, colleague, or competitor for an award, honor, or job.
• Philosophically, many feel that information freely and voluntarily
provided to the public is open for scrutiny regardless of how it is
exposed.
• Others believe that only information to which one has specifically been
granted access should be open for judgment and interpretation.
• The ethical question for faculty members and administrators to consider
is, “If a student actively attempts to keep his or her online persona
private from those in authority, should that information be used if
brought forth by someone else who has access to it?”
• Purpose of Viewing Social Media?
• Because most of these applications were designed for socializing, many
are uncomfortable with viewing social media information for purposes of
anything except social communication.
• The central question is, “Is it right to use social media to make
judgments related to school admissions, employee selection,
disciplinary matters, or any other decisions of a non-social nature?”
• Questions that counter that perspective include, “Is it fair to judge
some individuals' information if the information of others is
 inaccessible due to privacy features?” and “Unless stated in
admissions or employment criteria, is it ethical to use this
information?”
• Some address this question by citing that how one chooses to present
oneself publicly in an online environment is an indicator of judgment and
attention to detail. Individuals who are not careful with the information
they provide online or who are not sufficiently diligent in protecting
access to it may not possess the appropriate skills or judgment necessary
to work in a professional environment.
• Criteria for Judging Online Personas?
• Interpreting character, professionalism, and other personal
characteristics from information contained on social profiles is a complex
task.
• While online personas may provide clues to a person's true personality,
they may or may not be a completely accurate reflection.
• The primary ethical questions are, “Who decides the criteria on which
an online persona is evaluated and what exactly are the criteria?”
• For example, how would someone determine from a Facebook profile if
an individual showed signs of alcohol or drug abuse; what on the profile
would reflect that? What defines an indication of alcohol abuse? Is it the
number of photos with alcohol, affiliation with alcohol-related groups, a
specific combination thereof, or some other criteria? Another question
that is almost impossible to answer with any degree of certainty is, “To
what extent does an online persona reflect professional ability and
attitudes?”
• How Appropriate are Social Media Relationships
• Nature of social networking relationships.
• Faculty members becoming Facebook “friends” with students is a
somewhat controversial issue. Does this blur the line of professional
relationship between a faculty member and student? Even if a faculty
member is very conscientious in what is posted, he or she may be made
privy to personal information from student “friends” who engage in illegal
acts, commit eprofessionalism transgressions, or exhibit signs of
depression or rage that could ultimately result in harm to that particular
student or others.
• Although there may be benefits to social media relationships,
overexposure to each other's private lives may result in negative
outcomes for one or the other.
• Every faculty member should at least consider the implications of
connecting with students via social media.
• LEGAL ISSUES IN SOCIAL MEDIA
• Disclosure of Confidential Information
• Unauthorized Use of Trademarks
• Unauthorized Use of Copyright-Protected Works
• Defamation Issues
• Privacy/Publicity
• Electronic Discovery
• Dynamic Information
• Human Resources Issues
• Securities
• Endorsements
• Freedom of speech and expression
• Net Suicide
• Disclosure of Confidential Information
• Often unknowingly, confidential information, such as trade secrets, may
be disclosed by an employee or other party with knowledge on popular
social media websites such as Twitter, Facebook, or LinkedIn.
• Confidential information may also be disclosed via blogs, chat rooms,
and anonymous blog comments.
• Widespread disclosure of trade secrets, in particular, can result in the
loss of intellectual property rights in the confidential materials.
• In addition, some websites purport to claim ownership of user posted
information, such as comments to a story.
• Unauthorized Use of Trademarks
• Unauthorized use of third party trademarks on a social media site may
lead to legal liability for trademark infringement, dilution or unfair
competition.
• While, in certain circumstances, it may be a permissible “fair use” to
refer to a company and its product or service in a product review, blog, or
status posting, it is not permissible to use the trademarks of others to
create a false impression of endorsement, affiliation or sponsorship.
• Websites should have sophisticated infringement reporting policies
whereby a trademark owner can prevent another party from adopting its
mark as a username or the like.
• Unauthorized Use of Copyright-Protected Works
• Copyright-protected works, such as text, videos, music, photographs,
and source code, are often copied from another location and used on a
social media website without the authorization of the content owner.
• Use of copyright-protected works without authorization creates the
potential for infringement liability.
• Also, site owners may be protected under a “safe harbor” provision in
copyright law, whereby if they take down infringing content after
receiving notice, they are protected from liability.
• This safe harbor does not automatically apply to trademarks, but similar
procedures should be implemented by site owners for the unauthorized
use of marks
• Some content, though, is available for public use without express
permission, such as open source code. However, even that material often
requires attribution to the original author.
• Copyright Infringement.
• Content-related risks must be taken into account when engaging in
social networking. While the technology of the Internet may easily allow
 text, graphics, photos and logos to be copied and pasted from one site to
another, doing so will, in most instances, violate copyright law. Using
any third party content, i.e., photos that were taken by or belong to
someone else or grabbing a video or song off of a third party web site
without permission can result in both criminal and civil liability.
• In 2007, Getty Images, Inc., the world's leading provider of visual
content, established a partnership with PicScout, a company that uses
sophisticated crawling and image recognition technology to track down
unauthorized use of Getty Images' copyrighted works online.
• Use of Likeness. Posting photos or videos of people without their
permission can also result in liability based on breach of privacy rights.
• Terms of Use. Most social networking sites address the use of third
party content in their terms of use. For example, Twitter’s “Basic Terms”
include the statement that users are “solely responsible for . . . any data,
text, information, screen names, graphics, photos, profiles, audit and
video clips, links” that the user submits, posts or displays. Another Basic
Term states that users “must not, in the use of Twitter, violate any laws
in your jurisdiction (including but not limited to copyright laws).”
• Thus, in addition to violating copyright laws, the unauthorized use of
third party content violates the terms of use of most social networking
sites and could serve as an additional basis for liability.
• Infringement Notification. Mindful that copyright infringement is a real
possibility on their sites, many social networks provide a mechanism to
notify them of infringing activities by their users. Facebook, for example,
has a separate “Facebook Copyright Policy” in addition to its Terms of
Use, with explicit directions on how to report incidents of copyright
infringement and indicating that Facebook will take prompt action upon
receipt of such a report, including taking down infringing content and
terminating repeat offenders.
• Defamation Issues
• Some of the features that make social media attractive, such as real-time
interaction and the ability to post on the fly, are the same ones that
could result in unintended legal liability.
• Statements published to a limited group of “connections” or “friends”
that arguably defame a third party may result in legal action against the
poster.
• Like other forms of online content, postings you make on a social
networking site are instantly available and, once posted, incapable of
‘true’ deletion
• Lawsuits alleging defamation based on online content are not uncommon
and are generally treated by courts in the same manner as those
involving traditional offline defamation claims.
• Unlike other online defamation claims that often involve anonymous
posters, however, defamation occurring on a social networking site is
likely to be attributable to an actual individual (assuming their profile
information accurately reflects their identity).
•
• Beyond defamation, content posted on social networking sites could
serve as the basis for claims such as intentional infliction of emotional
distress or interference with advantageous economic relations.
• Incidents of “cyberbullying” are increasing and can also be the basis for
criminal charges. One million children were harassed, threatened or
subjected to other forms of cyberbullying on Facebook.
• Facebook sued by a teenager alleging that four of her former classmates
set up a group “designed to ridicule and disgrace” her.
• Another potential pitfall is responding to a question asking about
experiences with a particular business entity – care should be taken that
responses are accurate and not misleading.
• Are You Putting Your Organization at Risk? The consequences of posting
defamatory or other content that could form the basis for a tort action
can flow not only to the individual poster but, potentially, also to the
poster’s employer or affiliated group under a vicarious liability theory.
• Electronic Discovery
• While the rules and practices of litigation generally lag behind the actual
technology employed, courts have begun to grapple with issues of
discoverable information in electronic form beyond the usual emails and
scanned documents.
• Today, “tweets” on Twitter, status postings in Facebook, and discussion
forum postings on LinkedIn are all discoverable information to the same
extent as emails and text messages.
• While these messages are often shorter than traditional emails, they
create problems precisely because they are shorter and thus require
more explanation.
• Teen killed classmate and uploaded ‘selfie’ with the body to
Snapchat
• Dynamic Information
• Another aspect of some forms of social media, such as Wikipedia, is that
content can be edited by almost anyone.
• Also, companies must be aware that employees or other interested
parties may change entries to remove unfavorable information, or, even
more worrisome, to add untrue unfavorable information.
• In addition, it may be possible for third parties to identify when a
company employee makes a change to a entry about the company – for
example, to remove or alter references to an unfavorable lawsuit outcome
– which could lead to more bad publicity than the original entry might
have garnered
• Human Resources Issues
• It is becoming increasingly common for company HR departments to
review the Facebook, LinkedIn, and other social media pages of both job
candidates and current employees.
• While this practice can be useful to help make hiring decisions,
companies must ensure that their hiring and retention practices do not
 unlawfully discriminate based on information available through such
candidates’ and employees’ social media pages.
• In addition, professional social media sites such as LinkedIn offer the
opportunity for people to write recommendations for others in their
networks. While this can be beneficial to the subject of the
recommendation, there are two considerations for supervisors to keep in
mind when writing recommendations for their employees: (1) a good
recommendation can later make it difficult for a company to defend
against a claim of wrongful termination; and (2) a negative
recommendation may result in discrimination, defamation, or workplace
retaliation claims.
• Securities
• Businesses with an Internet presence must be vigilant to ensure that
securities laws and regulations are not violated.
• While this clearly applies to company-managed websites and blogs, it
also means that employees and executives need to be careful about what
they say in other forums, including on Twitter or third-party message
boards.
• The CEO of Whole Foods was taken to task for a series of message board
postings he had made under a pseudonym, talking down his company’s
competitor, Wild Oats. When Whole Foods later acquired Wild Oats, the
SEC investigated to determine whether his postings had been an illegal
attempt to affect Wild Oats’s stock price.
• Privacy/Publicity
• Just as third-party materials posted to a social media site may infringe
copyright or trademarks, or disclose confidential information, posting
photographs and video without proper releases may violate the privacy or
publicity rights of individuals.
• In addition, companies in certain industries, particularly health care,
must ensure that their employees do not violate specific privacy
regulations in their activities on social media sites.
• Even a seemingly innocuous Twitter comment about a patient’s
condition could be a violation.
• A woman sued two debt collection agencies for violations of the Fair Debt
Collection Act after they posted information to her Myspace page about
her debts.
• Endorsements
• The Federal Trade Commision (FTC) rules requiring bloggers and other
users of social media to disclose any paid endorsements.
• This means that bloggers who receive compensation for discussing a
product or service must disclose that their comments are paid; but it
could also apply, for example, to someone who receives free nights from a
hotel and then Twitters about how great the hotel is.
• Similarly, employees who truly love their company’s offerings and tweet
about them or discuss them on message boards are supposed to disclose
that they are employed by the company.
• Criminal Activities Relating to Social Networking Evidence of Criminal
Activity
• .Social networks are increasingly becoming a source for the discovery
and investigation of criminal activity by members.
• Example woman who shoplifted various goods and then displayed them
proudly on her profile page. Profiles can be useful in determining the
identity of and/or locating the perpetrator of a crime.
• Less than flattering photos of defendants found on social networking
sites are also offered by prosecutors as character evidence during
sentencing hearings in seeking harsher punishments.
• Social Networking Leading To Crimes. Social networking can itself
constitute or lead to criminal activity. The most famous case involves Lori
Drew, a Missouri woman, who created a fictitious MySpace account to
pose as a teenage boy pretending to be interested in an acquaintance of
her daughter. When the girl discovered the ruse, she committed suicide.
Ms. Drew was charged with various counts, including felonies. In
November 2008, Ms. Drew was convicted of three misdemeanor counts of
computer fraud.
• In January 2009, a British man who killed his wife over her listing her
Facebook status as "single" received a sentence of 18 years.
• Litigation Impact
• Investigation of Parties and Witnesses.
• As with criminal matters, lawyers in civil matters also find social
networking sites a fertile ground for information about adverse parties
and witnesses. You can also assume that your opposing counsel will
undertake such an investigation of your client and witnesses and should
be prepared for what may be lurking on their social networking profile
pages. Grounds for a Mistrial? Juries obviously play an important role in
both criminal and civil trials. The impartiality of jurors is a fundamental
element of our justice system. Moreover, courts typically instruct juries
not to access information about the subject matter of the trial outside of
the court proceedings as this can interfere with the jurors' obligation to
deliberate based solely on the evidence presented by the parties. The
wide-spread use of technology and social media by Americans, including
those called to jury duty, is impacting the outcome of trials and, in some
cases, has become the basis for a mistrial. Several courts have recently
dealt with motions filed by parties based on the fact that sitting jurors
accessed information about the case from outside sources, in particular
from Internet sites. For example, in United States v. Hernandez, S. D.
Fla, No. 07-60027-CZ (March 10, 2009)20, a federal court in Florida
granted a motion for mistrial after learning that several members of the
jury located and read key information about the case online. By contrast,
in United States v. Siegelman, 11th Cir., No. 07-13163 (March 6,
2009)21 the U.S. Eleventh Circuit Court of Appeals recently affirmed a
lower court's denial of a request for mistrial where a juror had viewed an
unredacted version of the original indictment against the defendant on
 the court's web site. The appellate court reasoned that the access did not
expose the jury to any new or additional facts and, therefore, did not
prejudice the defendant.
• Case laws
• Yoder v. University of Louisville 2009 US Dist LEXIS 67241 WD Ky
2009.
• The case of Nina Yoder is reviewed first because it parallels the kind of
situation that could arise in pharmacy education. Early in 2009, Ms.
Yoder was a nursing student on an experiential education rotation when
she made caustic and profane observations on race, sex, and religion
when commenting in MySpace postings about patients she had
encountered. The School of Nursing expelled her for violating their honor
code, which provided in part: “As a representative of the School of
Nursing, I pledge to adhere to the highest standards of honesty, integrity,
accountability, confidentiality, and professionalism, in all my written
work, spoken words, actions and interactions with patients, families,
peers and faculty.”
• While the institution viewed this as an honor code case, Ms. Yoder
considered it a case of her First Amendment freedom of speech rights
being violated by a public institution. The student also raised procedural
due process arguments. She alleged that while she was given the right to
appeal her dismissal, which was denied, she was offered no hearing to
present evidence and witnesses in her defense.
• When the case reached the US District Court both sides moved for
summary judgment based on filings with the court. The federal trial
court judge sidestepped both the freedom of speech and due process
arguments, ruling that both the honor code and a confidentiality
agreement signed by nursing students governed the situation. He
concluded that the wording of those documents and the way they were
explained to the students was so ambiguous that they could not be used
as a basis for the expulsion.
• Snyder v. Millersville University
2008 US Dist LEXIS 97943 ED Pa 2008
• a university student engaged in experiential learning. A student teacher
had posted pictures of herself dressed as a pirate and apparently drunk
on MySpace. The school district, classifying her as an employee rather
than as a student for purposes of evaluating her, barred her from the
classroom prior to her completing the semester. The university where she
was enrolled reclassified some credits, issuing her a degree in English
rather than the education degree that would have qualified her to seek
credentialing. The student teacher argued that being classified as an
employee narrowed her freedom of speech rights compared to what they
would have been under a student category.
• Filing a lawsuit against the university in 2008, Ms. Snyder alleged that
university administrators violated her First Amendment right to freedom
 of expression. Following a 2-day non-jury trial, the judge ruled in favor of
the university defendants.
• The judge focused on the fact that as part of the orientation discussion
for the student teaching course, Ms. Snyder was instructed not to post
information about her students or supervising teacher on her personal
Web page. Nevertheless, she maintained a MySpace Web page on which
she later posted the following.
• First, Bree said that one of my students was on here looking at my page,
which is fine. I have nothing to hide. I am over 21, and I don't say anything
that will hurt me (in the long run). Plus, I don't think that they would stoop
that low as to mess with my future. So, bring on the love! I figure a couple
of students will actually send me a message when I am no longer their
official teacher. They keep asking me why I won't apply there. Do you
think it would hurt me to tell them the real reason (or who the problem
was)?
• The plaintiff who filed the $75,000 federal lawsuit was a 27-year old
mother of 2 and had posted this text next to the photograph that showed
her wearing a pirate hat and holding a plastic cup. The caption beneath
the photo read “drunken pirate.” She did not prevail in court.
• Layshock v. Hermitage School District
• The case arose during 2007 and was based on a high school senior's
MySpace postings regarding his high school principal that resulted in his
suspension for 10 days. The postings were not composed on a school
computer; they were done at his grandmother's house. Initially, the
student also was ordered to complete his high school work in an
Alternative Education Program and forbidden to attend graduation
ceremonies. Eventually the school board relented and permitted him to
attend regular classes. The US District Court ruled that the suspension
and assignment to the Alternative Education Program violated his
freedom of speech. On appeal, the school district contended that there
was no free speech right because the postings were “vulgar, defamatory,
and plainly offensive school-related speech.” 496 F Supp 2d 587 WD Pa,
2007
• The school district appealed to the regional US Court of Appeals and
there a 3-judge panel ruled against the educators, upholding the lower
court's ruling that the student's First Amendment rights had been
violated.593 F 3d 249 3d Cir, 2010
• J.S. v. Blue Mountain School District, No. 08-4138 2011 WL
2305970 (3rd Cir. 2011)
• J.S. and another student were punished at school for a dress code
violation by the principal, Mr. McGonigle. After returning home, J.S. and
her friend created a MySpace profile for a “M-Hoe” with a photo of
McGonigle from the school website. Mr. McGonigle was not named, nor
was the school; however, several vulgar comments were made about Mr.
McGonigle and his immediate family. The school’s web filtering software
blocks MySpace, so the profile was never seen at school, nor was the
 profile created on school campus. A school computer was not used in the
making of the profile. Several days later, a student came forward and told
Mr. McGonigle about the MySpace profile. The principal asked the
student to bring a print out of the profile to school; this print out was the
only hard copy of the profile to ever come to campus. After reading the
profile and discovering the identity of the students who made it, Mr.
McGonigle confronted the two students who admitted to creating the
profile. In a meeting with the parents of J.S., the MySpace profile was
brought to their attention and they apologized for their daughters
behavior. J.S. wrote a formal letter of apology. Mr. McGonigle gave the
students a ten-day out of school suspension and threatened the parents
with legal action and did contact the police. The police spoke with the
families about the possible legal ramifications of the MySpace profile.
• Issues
• Did Mr. McGonigle violate the students’ right to free speech?
• Did Mr. McGonigle violate the Fourteenth Amendment rights J.S.’s
parents to raise their daughter as they see fit?
• Are Blue Mountain Student Handbook and Acceptable Use Policy (AUP)
unconstitutional due to vague and overreaching language?
• Ruling
• The majority ruled that Mr. McGonigle, acting on the part of Blue
Mountain School District, did violate the students’ right to free speech;
therefore, the students’ punishment must be overturned by the lower
court. However, the majority found that the Fourteenth Amendment
rights of the parents were not violated by the school and that the student
handbook and AUP were constitutional.
• City of Ontario, California, et al v. Quon, et al
• Employees of the City of Ontario, California police department filed a 42
U.S.C. § 1983 claim in a California federal district court against the
police department, city, chief of police, and an internal affairs officer.
They alleged Fourth Amendment violations in relation to the police
department's review of text messages made by an employee on a city
issued text-message pager. While the city did not have an official text-
messaging privacy policy, it did have a general "Computer Usage,
Internet and E-mail Policy." The policy in part stated that "[t]he City of
Ontario reserves the right to monitor and log all network activity
including e-mail and Internet use, with or without notice," and that
"[u]sers should have no expectation of privacy or confidentiality when
using these resources." Employees were told verbally that the text-
messaging pagers were considered e-mail and subject to the general
policy. The district court entered judgment in favor of the defendants.
• On appeal, the U.S. Court of Appeals for the Ninth Circuit reversed in
part. The court held that city employees had a reasonable expectation of
privacy for the text messages they sent on their city-issued pagers
because there was no text message privacy policy in place. Moreover, the
court noted that the police department's review of the text messages was
 unreasonable because it could have used "less intrusive methods" to
determine whether employees' had properly used the text messaging
service
•
• ELONIS v. UNITED STATES
• Decided June 1, 2015 After his wife left him, petitioner Anthony Douglas
Elonis, under the pseudonym “Tone Dougie,” used the social networking
Web site Facebook to post self-styled rap lyrics containing graphically
violent language and imagery concerning his wife, co-workers, a
kindergarten class, and state and federal law enforcement. These posts
were often interspersed with disclaimers that the lyrics were “fictitious”
and not intended to depict real persons, and with statements that Elonis
was exercising his First Amendment rights. Many who knew him saw his
posts as threatening, however, including his boss, who fired him for
threatening co-workers, and his wife, who sought and was granted a
state court protection-from-abuse order against him. When Elonis’s
former employer informed the Federal Bureau of Investigation of the
posts, the agency began monitoring Elonis’s Facebook activity and
eventually arrested him. He was charged with five counts of violating 18
U. S. C. §875(c), which makes it a federal crime to transmit in interstate
commerce “any communication containing any threat . . . to injure the
person of another.” At trial, Elonis requested a jury instruction that the
Government was required to prove that he intended to communicate a
“true threat.” Instead, the District Court told the jury that Elonis could
be found guilty if a reasonable person would foresee that his statements
would be interpreted as a threat. Elonis was convicted on four of the five
counts and renewed his jury instruction challenge on appeal. The Third
Circuit affirmed, holding that Section 875(c) requires only the intent to
communicate words that the defendant understands, and that a
reasonable person would view as a threat.
• Held: The Third Circuit’s instruction, requiring only negligence with
respect to the communication of a threat, is not sufficient to
support a conviction under Section 875(c).
• Yoder v. University of Louisville
• The case of Nina Yoder is reviewed first because it parallels the kind of
situation that could arise in pharmacy education. Early in 2009, Ms.
Yoder was a nursing student on an experiential education rotation when
she made caustic and profane observations on race, sex, and religion
when commenting in MySpace postings about patients she had
encountered. The School of Nursing expelled her for violating their honor
code, which provided in part: “As a representative of the School of
Nursing, I pledge to adhere to the highest standards of honesty, integrity,
accountability, confidentiality, and professionalism, in all my written
work, spoken words, actions and interactions with patients, families,
peers and faculty.”
• While the institution viewed this as an honor code case, Ms. Yoder
considered it a case of her First Amendment freedom of speech rights
being violated by a public institution. The student also raised procedural
due process arguments. She alleged that while she was given the right to
appeal her dismissal, which was denied, she was offered no hearing to
present evidence and witnesses in her defense.
• When the case reached the US District Court both sides moved for
summary judgment based on filings with the court. The federal trial
court judge sidestepped both the freedom of speech and due process
arguments, ruling that both the honor code and a confidentiality
agreement signed by nursing students governed the situation. He
concluded that the wording of those documents and the way they were
explained to the students was so ambiguous that they could not be used
as a basis for the expulsion.2009 US Dist LEXIS 67241 WD Ky 2009.
•
• Snyder v. Millersville University
• The second case for discussion also involved a university student
engaged in experiential learning. A student teacher had posted pictures
of herself dressed as a pirate and apparently drunk on MySpace. The
school district, classifying her as an employee rather than as a student
for purposes of evaluating her, barred her from the classroom prior to
her completing the semester. The university where she was enrolled
reclassified some credits, issuing her a degree in English rather than the
education degree that would have qualified her to seek credentialing. The
student teacher argued that being classified as an employee narrowed
her freedom of speech rights compared to what they would have been
under a student category.
• Filing a lawsuit against the university in 2008, Ms. Snyder alleged that
university administrators violated her First Amendment right to freedom
of expression. Following a 2-day non-jury trial, the judge ruled in favor of
the university defendants.
• The judge focused on the fact that as part of the orientation discussion
for the student teaching course, Ms. Snyder was instructed not to post
information about her students or supervising teacher on her personal
Web page. Nevertheless, she maintained a MySpace Web page on which
she later posted the following.
• First, Bree said that one of my students was on here looking at my page,
which is fine. I have nothing to hide. I am over 21, and I don't say anything
that will hurt me (in the long run). Plus, I don't think that they would stoop
that low as to mess with my future. So, bring on the love! I figure a couple
of students will actually send me a message when I am no longer their
official teacher. They keep asking me why I won't apply there. Do you
think it would hurt me to tell them the real reason (or who the problem
was)?
• The plaintiff who filed the $75,000 federal lawsuit was a 27-year old
mother of 2 and had posted this text next to the photograph that showed
 her wearing a pirate hat and holding a plastic cup. The caption beneath
the photo read “drunken pirate.” She did not prevail in court. 2008 US
Dist LEXIS 97943 ED Pa 2008
• Layshock v. Hermitage School District
• The case arose during 2007 and was based on a high school senior's
MySpace postings regarding his high school principal that resulted in his
suspension for 10 days. The postings were not composed on a school
computer; they were done at his grandmother's house. Initially, the
student also was ordered to complete his high school work in an
Alternative Education Program and forbidden to attend graduation
ceremonies. Eventually the school board relented and permitted him to
attend regular classes. The US District Court ruled that the suspension
and assignment to the Alternative Education Program violated his
freedom of speech. On appeal, the school district contended that there
was no free speech right because the postings were “vulgar, defamatory,
and plainly offensive school-related speech.” 496 F Supp 2d 587 WD Pa,
2007
• The school district appealed to the regional US Court of Appeals and
there a 3-judge panel ruled against the educators, upholding the lower
court's ruling that the student's First Amendment rights had been
violated.593 F 3d 249 3d Cir, 2010.
• Description
• In December 2005, high school student Justin Layshock posted a fake
MySpace page parodying his high school principal, Eric Trosch. Layshock
posted a picture of Trosch and answered the questions asked by the
site's profile template by riffing on the word "big" because Trosch is
apparently a large man. Answers included phrases like "big faggot," "big
hard ass," and "big dick." To the question, "what did you do on your last
birthday," Layshock answered "too drunk to remember." Layshock
created the profile from a computer at his grandmother's home.
• School officials discovered the profile, and the school distict suspended
Layshock for 10 days, ordered him to finish high school in an
"Alternative Education Program," and forbid him from attending
graduation. The school backtracked on part of this disciplinary action,
however, and Layschock was allowed to return to regular classes. He
graduated in Spring 2006.
• Layshock and his parents sued the school district and various school
officials in federal district court in Pennsylvania, claiming (1) that the
school's punishment violated his First Amendment rights, (2) that the
school's policies and rules were vague and/or overbroad in violation of
the First Amendment; and (3) that the school's punishment violated
Layshock's parents' Fourteenth Amendment rights to raise, nurture,
discipline and educate him.
• In July 2007, the district court granted summary judgment to Layshock
on his claim that that the school's punishment violated his First
Amendment rights and ordered a trial to determine whether he is entitled
 to compensatory damages for that violation. The court granted summary
judgment to the defendants on all other counts.
• Eric Trosch subsequently sued Layshock and three other students in
Pennsylvania state court fordefamation based on this and two other fake
MySpace profiles. (Please see the related CMLP Database entry for more
information).
• The Third Circuit affirmed the lower court's grant of summary judgment
to Layshock on his First Amendment claim. The Third Circuit noted that
the School District did not, on appeal, challenge the district court's
finding that there was no evidence of a "substantial disruption of the
school environment," and further held that accessing the school's website
for the principal's photo was insufficient to forge a nexus between the
Hermitage School District and the profile Layshock created. The Court
also found that while Layshock's speech reached much of the student
body, it did not reach within the "schoolhouse gate."
• 10/14/2011- The Hermitage School District petitioned for a Writ of
Certiorari to the Supreme Court of the United States on Layshock' First
Amendment claim. The School District filed a single petition with Blue
Mountain School District.
• 01/17/2012 - The Supreme Court denied Hermitage School District's
petition for a Writ of Certiorari.
•
• J.S. v. Blue Mountain School District, No. 08-4138 2011 WL
2305970 (3rd Cir. 2011)
• Facts of the Case
• J.S. and another student were punished at school for a dress code
violation by the principal, Mr. McGonigle. After returning home, J.S. and
her friend created a MySpace profile for a “M-Hoe” with a photo of
McGonigle from the school website. Mr. McGonigle was not named, nor
was the school; however, several vulgar comments were made about Mr.
McGonigle and his immediate family. The school’s web filtering software
blocks MySpace, so the profile was never seen at school, nor was the
profile created on school campus. A school computer was not used in the
making of the profile. Several days later, a student came forward and told
Mr. McGonigle about the MySpace profile. The principal asked the
student to bring a print out of the profile to school; this print out was the
only hard copy of the profile to ever come to campus. After reading the
profile and discovering the identity of the students who made it, Mr.
McGonigle confronted the two students who admitted to creating the
profile. In a meeting with the parents of J.S., the MySpace profile was
brought to their attention and they apologized for their daughters
behavior. J.S. wrote a formal letter of apology. Mr. McGonigle gave the
students a ten-day out of school suspension and threatened the parents
with legal action and did contact the police. The police spoke with the
families about the possible legal ramifications of the MySpace profile.
• Issues
• Did Mr. McGonigle violate the students’ right to free speech?
• Did Mr. McGonigle violate the Fourteenth Amendment rights J.S.’s
parents to raise their daughter as they see fit?
• Are Blue Mountain Student Handbook and Acceptable Use Policy (AUP)
unconstitutional due to vague and overreaching language?
• Ruling
• The majority ruled that Mr. McGonigle, acting on the part of Blue
Mountain School District, did violate the students’ right to free speech;
therefore, the students’ punishment must be overturned by the lower
court. However, the majority found that the Fourteenth Amendment
rights of the parents were not violated by the school and that the student
handbook and AUP were constitutional.
•
• Rationale or Justification
• Citing several landmark cases like Tinker v. Des Moines Independent
Community School District, 393 U.S. 503 (1969), Bethel School District
v. Fraser, 478 U.S. 675 (1986), Hazelwood Sch. Dist. v. Kuhlmeier, 484
U.S. 260, 266 (1988) and Morse v. Frederick, 551 U.S. 393 (2007), plus
several Federal Court cases such as Lowery v. Euverard, 497 F.3d 584,
591–92 (6th Cir.2007), LaVine v. Blaine Sch. Dist., 257 F .3d 981, 989
(9th Cir.2001), and Doninger v. Niehoff, 527 F.3d 41, 51 (2d Cir.2008)
the court ruled against the school district. The court’s opinion was based
on several key facts in the case. J.S. and the other student never created,
nor brought to school anything about the MySpace account that they
created; furthermore, the MySpace profile was not created on school
owned or leased computers. Finally, the school software blocked
MySpace. The court applied Tinker as a test demonstrating that no
disruption to the educational process was apparent. In addition, the
court used the Fraser exception to Tinker but ruled that this didn’t pass
muster, because Fraser cannot be applied to off-campus expression. The
court agreed that what J.S. and the other student wrote was vulgar and
mean-spirited, but because it was created off-campus and produced no
disruption to the educational process, it was protected by the Free
Speech provision of the First Amendment. In citing the same case
history, the court found that the parents’ rights to raise their child as
they wished lacked merit, because the suspension did not interfere with
them instilling their own opinions of right or wrong in their child; in
addition, the school has the right to reasonably control student behavior
in order to facilitate the educational process. As to the claim that the
student handbook and AUP used language that was vague and
overreaching and therefore unconstitutional, the court disagreed citing
the language in the student handbook and AUP was clear and concise,
but that the principal, Mr. McGonigle, had misapplied the rules
•
• CITY OF ONTARIO, CALIFORNIA, ET AL V. QUON, ET AL
•
• Employees of the City of Ontario, California police department filed a 42
U.S.C. § 1983 claim in a California federal district court against the
police department, city, chief of police, and an internal affairs officer.
They alleged Fourth Amendment violations in relation to the police
department's review of text messages made by an employee on a city
issued text-message pager. While the city did not have an official text-
messaging privacy policy, it did have a general "Computer Usage,
Internet and E-mail Policy." The policy in part stated that "[t]he City of
Ontario reserves the right to monitor and log all network activity
including e-mail and Internet use, with or without notice," and that
"[u]sers should have no expectation of privacy or confidentiality when
using these resources." Employees were told verbally that the text-
messaging pagers were considered e-mail and subject to the general
policy. The district court entered judgment in favor of the defendants.
• On appeal, the U.S. Court of Appeals for the Ninth Circuit reversed in
part. The court held that city employees had a reasonable expectation of
privacy for the text messages they sent on their city-issued pagers
because there was no text message privacy policy in place. Moreover, the
court noted that the police department's review of the text messages was
unreasonable because it could have used "less intrusive methods" to
determine whether employees' had properly used the text messaging
service
•
• ELONIS v. UNITED STATES
• CERTIORARI TO THE UNITED STATES COURT OF APPEALS FOR THE
THIRD CIRCUIT No. 13–983. Argued December 1, 2014—Decided June
1, 2015 After his wife left him, petitioner Anthony Douglas Elonis, under
the pseudonym “Tone Dougie,” used the social networking Web site
Facebook to post self-styled rap lyrics containing graphically violent
language and imagery concerning his wife, co-workers, a kindergarten
class, and state and federal law enforcement. These posts were often
interspersed with disclaimers that the lyrics were “fictitious” and not
intended to depict real persons, and with statements that Elonis was
exercising his First Amendment rights. Many who knew him saw his
posts as threatening, however, including his boss, who fired him for
threatening co-workers, and his wife, who sought and was granted a
state court protection-from-abuse order against him. When Elonis’s
former employer informed the Federal Bureau of Investigation of the
posts, the agency began monitoring Elonis’s Facebook activity and
eventually arrested him. He was charged with five counts of violating 18
U. S. C. §875(c), which makes it a federal crime to transmit in interstate
commerce “any communication containing any threat . . . to injure the
person of another.” At trial, Elonis requested a jury instruction that the
Government was required to prove that he intended to communicate a
“true threat.” Instead, the District Court told the jury that Elonis could
be found guilty if a reasonable person would foresee that his statements
 would be interpreted as a threat. Elonis was convicted on four of the five
counts and renewed his jury instruction challenge on appeal. The Third
Circuit affirmed, holding that Section 875(c) requires only the intent to
communicate words that the defendant understands, and that a
reasonable person would view as a threat.
• Held: The Third Circuit’s instruction, requiring only negligence with
respect to the communication of a threat, is not sufficient to
support a conviction under Section 875(c).
• E-WASTE
• Introduction
The move towards information society initiatives such as telemedicine, e-
government, and e-education calls for the increased acquisition and use of
computers, as well as programmes to increase computer penetration.
Against the high growth is the high rate of obsolescence of ICTs due to
technological change. This means that there is a need to dispose of large
quantities of computers.
• As equipment reaches its end-of-life, disposal challenges arise.
• While operational appliances do not pose a danger to the user, poorly
disposed e-waste can result in severe health and environmental hazards
due to highly toxic substances, such as lead and mercury.
• What is e-waste
• E-waste is a term used to cover all items of electrical and electronic
equipment (EEE) and its parts that have been discarded by its owner as
waste without the intent of re-use.
• Also referred to as WEEE (Waste Electrical and Electronic Equipment),
electronic waste or e-scrap in different regions.
• E-waste includes a wide range of products, -almost any household or
business item with circuitry or electrical components with power or
battery supply.
• Classification
EEE can be classified into the following six categories and therefore also e-
waste:
• Temperature exchange equipment. cooling and freezing equipment.
refrigerators, freezers, air conditioners, heat pumps.
• Screens, monitors. televisions, monitors, laptops, notebooks, and
tablets.
• Lamps. fluorescent lamps, compact fluorescent lamps, fluorescent
lamps, high intensity discharge lamps and LED lamps).
• Large equipment. washing machines, clothes dryers, dish washing
machines, electric stoves, large printing machines, copying equipment
and photovoltaic panels.
• Small equipment. vacuum cleaners, microwaves, ventilation equipment,
toasters, electric kettles, electric shavers, scales, calculators, radio sets,
• Small IT and telecommunication equipment. Typical equipment
comprises mobile phones, GPS, pocket calculators, routers, personal
computers, printers, telephones).
• E-waste generation
• 2014 estimate 41.8 million metric tonnes (Mt) by 2018-50 Mt
• This e-waste is comprised of
• 1.0 Mt of lamps,
• 6.3 Mt of screens,
• 3.0 Mt of small IT (such as mobile phones, pocket calculators, personal
computers, printers, etc.),
• 12.8 Mt of small equipment (such as vacuum cleaners, microwaves,
toasters, electric shavers, video cameras, etc.),
• 11.8 Mt of large equipment (such as washing machines, clothes dryers,
dishwashers, electric stoves, photovoltaic panels, etc.) and
• 7.0 Mt of cooling and freezing equipment (temperature exchange
equipment).
• The annual supply of toxins from e-waste is comprised of 2.2 Mt of lead
glass,
• 0.3 Mt of batteries and
• 4 kilo tonnes (kt) of ozone-depleting substances (CFCs).
• The intrinsic material value of global e-waste is estimated to be 48 billion
euro in 2014.
• The material value is dominated by gold, copper and plastics contents.
• Challenges e-waste
• In Africa, the total e-waste generation was 1.9 Mt in 2014. Only
Cameroon and Nigeria have national e-waste related legislation.
• Very few official government reports are available on e-waste
management in Africa.
• There is generally a lack of e-waste management infrastructure, which is
reflected by the absence of e-waste management laws.
• Most of the generated e-waste is either stored in households, treated or
dumped, according to the informal treatment sector
• Illegal import of e-waste or used electronics from all over the world is a
major source of e-waste.
• This is driven by the demand of inexpensive EEE and secondary
materials, as well as cheap dumping prices compared to the treatment
with stricter standards in the export countries.
• The recycling activities of e-waste are usually carried out on an informal
basis, often involving open burning in unmonitored dumpsites or
landfills.
• This rudimentary recycling has caused substantial damage to the health
of scavengers and local environment.
• Environmental protection
• Principle of absolute liability -once the activity carried on is hazardous
or inherently dangerous, the person carrying on such activity is liable to
make good the loss caused to any other person by his activity
 irrespective of the fact whether he took reasonable care while carrying on
his activity. The rule is premised on the very nature of the activity carried
on.
• And that the financial costs of preventing or remedying damage caused
by pollution should lie with the undertakings which cause the pollution,
or produce the goods which cause the pollution
• Concept of Sustainable Development-“Development that meets the
needs of the present without compromising the ability of the future
generations to meet their own needs.”
‘right to development’ and the ‘right to environment’. Thus, the concept of
‘sustainable development’ is to be treated as an integral part of ‘life’
principles of sustainable development; Kenya
(d) the principles of intergenerational and intragenerational equity;
(e) the polluter-pays principle; and
(f) the pre-cautionary principle.
• Precautionary Principle: principle is based on the ‘lack of full scientific
certainty’. The basic idea behind this principle is that it is better “to err
on the side of caution and prevent activities that may cause serious or
irreversible harm. An informed decision can be made at a later stage
when additional data is available or resources permit further research.

• Polluter Pays Principle-that the absolute liability for harm to the

environment extends not only to compensate the victims of pollution but
also the cost of restoring the environmental degradation.”
The polluter must pay for
• The cost of pollution abatement.
• The cost of environment recovery.
• Compensation costs for victims of damages if any, due to pollution.
• Public trust doctrine-This doctrine postulates that the public has a
right to expect that certain lands and natural areas will retain their
natural characteristics.
• Roman law recognized the public trust doctrine whereby common
properties such as rivers, seashore, forests and the air were held by the
Government in trust for free and unimpeded use of the public.
• These resources were either owned by no one (res nullious) or by
everyone in common (res communious).
• THE LAW RELATING TO MANAGING E-WASTE.
The law’s relationship with the issue of e-waste management arises out of
the effects of e-waste on the environment and human rights.
The law aims to protect and preserve the environment and also protect
persons from the harmful effects of exposure to harzadous material.
• Conventions
There are two key international conventions regulating waste management,
namely the
1. Basel and
2. Bamako Conventions.
The Conventions emphasize that signatories ensure that the generation of
hazardous wastes, and other wastes within a country, is reduced to a
minimum, taking into account social, technological and economic aspects.
Minimize transboundary movement of hazardous wastes
• Basel Convention
The Basel Convention on the control of transboundary movements of
harzadous wastes and their disposal 1989.
Aims
• the reduction of hazardous waste generation and the promotion of
environmentally sound management of hazardous wastes, wherever the
place of disposal;
• the restriction of transboundary movements of hazardous wastes except
where it is perceived to be in accordance with the principles of
environmentally sound management; and
• a regulatory system applying to cases where transboundary movements
are permissible.
• Main provisions
Article 4; fundamental principles of sound hazardous waste management.
These include
• Informing of state parties of an intention to import or export hazardous
waste and waiting for their written consent before doing so.
• Reduction of hazardous waste to a minimum and ensuring availability of
facilities for sound management oh hazardous waste
• Cooperation between parties and sharing of information on hazardous
waste
• Criminalization of illegal traffic in hazardous wastes or other wastes
• Bamako Convention 1998
A convention by African states prohibiting the import into Africa of any
hazardous (including radioactive) waste.
• It was as a result of the realization by African countries that the
Basel Convention did not prohibit trade of hazardous waste to less
developed countries (LDCs) and that many developed nations were
exporting toxic wastes to Africa
• Comparative aspects both conventions
• They both place the responsibilities for the disposal of wastes and
consequences thereof on the generator, and also recognise the
sovereignty of states to ban the import and or transit of wastes through
their territory.
• Any transboundary movement of hazardous waste shall be covered by
insurance, bond or other guarantee as may be required by the state of
import or transit which is a party to the convention.
• Bamako Convention includes in its definition of hazardous wastes any
waste or substance that has been banned, cancelled or refused
registration by government regulatory action or voluntarily withdrawn
from registration in the country of manufacture, for human health or
environmental reasons
 • Article 4(3)(f) of the Bamako Convention further adopts the preventive
principle and precautionary approach by requiring state parties to
prevent the release into the environment of substances which may cause
harm to humans or the environment without waiting for scientific proof
regarding such harm.
Liability
• Apart from being an illegality, the Bamako Convention specifically makes
the import of hazardous wastes into Africa an act of criminality
• Libreville Declaration on Health and Environment
• Libreville Declaration on Health and Environment in Africa-2008- Over
23% of deaths in Africa, estimated at more than 2.4 million each year,
are attributable to avoidable environmental risk factors, with particular
impacts on the poorest and the most vulnerable groups (children,
women, rural poor, people with disabilities, displaced populations and
the elderly);
• National legal framework
The law relating to e-waste management in Kenya is the Environmental
Coordination and Management Act of 1999.
The act provides that every person in Kenya is entitled to a clean healthy
environment.
It also establishes the following institutions
• NEMA whose mandate is to play a supervisory role and co-ordinate all
matters relating to the environment and to be the principal tool of
Government in the implementation of policies relating to the
environment.
• NATIONAL ENVIRONMENT COUNCIL: Mandated with policy formulation
and directions for the purposes of the Act. Its also sets national goals
and objectives. The council also determines policies and priorities for the
protection of the environment.
• PROVINCIAL AND DISTRICT ENVIRONMENT COMMITTEES: Deals with
decentralization of environmental management and enables participation
by the local communities.
• PUBLIC COMPLAINTS COMMITTEE: It plays a vital role of providing the
administrative mechanism for addressing environmental harm.
• Constitution

• Article 42 of the Kenya Constitution 2010

Every person has the right to a clean and healthy environment, which includes
the right –
(a) To have the environment protected for the benefit of present and future
generations through legislative and other measures, particularly those
contemplated in Article 69; and
(b) To have obligations relating to the environment fulfilled under Article 70.
69. (1) The State shall— (a) ensure sustainable exploitation, utilisation,
management and conservation of the environment and natural resources, and
ensure the equitable sharing of the accruing benefits;
(f) establish systems of environmental impact assessment, environmental audit
and monitoring of the environment;
(g) eliminate processes and activities that are likely to endanger the
environment; and
• NEMA
The National Environmental Management Authority (NEMA), created under
EMCA, is the regulatory agency in the implementation of all policies and
regulations relating to the environment.
It acts as the principal instrument of Government in the implementation of all
policies relating to the environment.
In Waste Management Regulations 2006, part II on general provisions provides
that any person whose activities generate waste shall collect, segregate
and dispose or cause to be disposed off
• Criminal offences
ACT NO. 8 of 1999 - Environmental Management and Co-ordination Act
78 (2) Any person who emits any substances which cause air pollution -
liable to imprisonment for a term of not more than two years or to a fine of not
more than five hundred thousand shillings or to both such fine and
imprisonment.
(3) A person found guilty under subsection (2) shall, in addition to any
sentence or fine imposed on him—
(a) pay the cost of the removal of the pollution,
(b) the cost to third parties in the form of reparation, restoration, restitution or
compensation as may be determined by a competent court upon application by
such third parties.
98. Offences relating to pesticides and toxic substances
(1) No person shall—
(a) detach, alter or destroy any labelling on a pesticide or toxic substance
(c) use or dispose into the environment a pesticide or toxic substance
(3) guilty of an offence fine of not more than one million shillings or to
imprisonment for a term of not more than two years or to both.

141. Offences relating to hazardous wastes, materials, chemicals and

radioactive substances-on conviction, be liable to a fine of not less than one
million shillings, or to imprisonment for a term of not less than two years, or to
both.
142. Offences relating to pollution
(1) (a) discharges any dangerous materials, substances, oil, oil mixtures into
land, water, air, or aquatic environment
(b) pollutes the environment contrary to the provisions of this Act;
(c) discharges any pollutant into the environment commits an offence and shall
on conviction, be liable to a fine not exceeding five hundred thousand shillings
• 144. General penalty
• Any person who commits an offence against any provision of this Act or
of regulations made thereunder for which no other penalty is specifically
provided is liable, upon conviction, to imprisonment for a term of not
 more than eighteen months or to a fine of not more than three hundred
and fifty thousand shillings or to both such fine and imprisonment.
• These have been developed by NEMA and have the following provisions
• It provides for registration of producers of e-waste and their
responsibilities in article 6 these include making regular disclosures to
the agency on the status of imports, provide information on the
management of their products at the end of their shelf life.
• Prohibitions on methods of disposal of e-waste under article 17.They
cannot be disposed by burning, in non designated waste receptacles or
by burial or at a dumpsite.
• It also provides for penalties for violation of the provisions in the
regulations and anyone found guilty is liable to a jail term of not less
than 36 months or an fine of ksh.2m
• Principles of sound waste management under the draft regulations
• Principle of waste Prevention
• Principle of waste minimization
• Principle of self sufficiency
• Principle of safe disposal close to point of generation
• Polluter pay principle
• Design for environment
• Best appropriate technology
• Right to know
• Principle of substitution
• Participatory management
• Integrated pollution prevention and control
• Cleaner production technologies
• Principle of green growth
• In order to exploit the opportunities and simultaneously mitigate
pollution, good policies are needed that facilitate the creation of an
infrastructure, ensure that all collected e-waste is treated using state-of-
the-art technologies and that green employment opportunities are
created.