Law & Investigation

• IT Act 2000
An Act to provide legal recognition for transactions carried out by means of electronic
data interchange and other means of electronic communication, commonly referred to
as "electronic commerce", which involve the use of alternatives to paper-based methods
of communication and storage of information, to facilitate electronic filing of documents
with the Government agencies and further to amend the Indian Penal Code, the Indian
Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of
India Act, 1934 and for matters connected therewith or incidental thereto.
• Objectives of IT act
An Act to provide legal recognition for transactions carried out by means of electronic
data interchange and other means of electronic communication, commonly referred to
as "electronic commerce", which involve the use of alternatives to paper-based methods
of communication and storage of information, The ITA provides for legal recognition of
electronic records and digital signatures. With a view to facilitate Electronic Governance,
the use and acceptance of electronic records and digital signatures in the government
offices and its agencies has been provided for. This will make the citizens interaction
with the governmental offices hassle free.

• What are the objectives mentioned in the Preamble to the IT Act

According to its preamble, the IT Act basically seeks to:

1. Provide legal recognition for electronic commerce(According to the preamble to the IT
Act, E-commerce includes transactions carried out by means of electronic data
interchange and other means of electronic communication which involve the use of
alternatives to paper-based methods of communication and storage of information.).
2. To facilitate electronic filing of documents with the Government agencies .
3. To amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books
Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and
4. Promote efficient delivery of Government services by means of reliable electronic
records .
5. Give favourable consideration to the Model Law on Electronic Commerce adopted by
the United Nations Commission on International Trade Law

• Provisions of IT act 2000

The following translation of the Karnataka Right to Information Act, 2000 in the English
language is published in the Official Gazette under the authority of the Governor of
Karnataka under clause (3) of Article 348 of the constitution of India.
KARNATAKA ACT No. 28 OF 2000
THE KARNATAKA RIGHT TO INFORMATION ACT, 2000
An Act to provide for right of access to information to the citizens of the State and in
relation to the matters connected therewith or incidental thereto.
)Subject to the provisions of this Act every citizen shall have the right to
information. Without prejudice to the provisions of section 4, the competent authority
may also reject a request for supply of information where such request.
If any difficulty arises in giving effect to the provisions of this Act, the State Government
may, by an order make such provisions not inconsistent with the provisions of this Act
and appear to them to be necessary of expedient for removing the difficulty, provided
that no such order shall be made after the expiry of two years from the date of
commencement of this Act.
The provisions of this Act shall have effect notwithstanding anything inconsistent
therewith contained in any other law made by the State Legislature in respect of any
matter falling under State list or concurrent list except the provisions of any existing law
or a law made by Parliament in respect of any matter falling under concurrent list.

1
 • Offences of IT act

1. Tampering with computer source documents Whoever knowingly or

intentionally conceals, destroys or alters or intentionally or knowingly causes another
to conceal, destroy or alter any computer source code used for a computer, computer
program, computer system or computer network, shall be punishable with
imprisonment up to three years, or with fine which may extend up to two lakh rupees,
or with both.
2. Hacking with Computer System Whoever with the intent to cause or knowing that
he is likely to cause wrongful loss or damage to the public or any person destroys or
deletes or alters any information residing in a computer resource or diminishes its
value or utility or affects it injuriously by any means, commits hacking.Whoever
commits hacking shall be punished with imprisonment up to three years, or with fine
which may extend up to two lakh rupees, or with both.
3. Publishing of information which is obscene in electronic form Whoever
publishes or transmits or causes to be published in the electronic form, any material
which is lascivious or appeals to the prurient interest or if its effect is such as to tend to
deprave and corrupt persons who are likely, having regard to all relevant
circumstances, to read, see or hear the matter contained or embodied in it, shall be
punished on first conviction
4. Power of the Controller to give directions The Controller may, by order, direct a
Certifying Authority or any employee of such authority to take such measures or cease
carrying on such activities as specified in the order if those are necessary to ensure
compliance with the provisions of this Act, rules or any regulations made there under.
Any person who fails to comply with any such order shall be guilty of an offence and
shall be liable on conviction to imprisonment for a term not exceeding three years or to
a fine not exceeding two lakh rupees or to both.
5. Directions of Controller to a subscriber to extend facilities to decrypt
information If the Controller is satisfied that it is necessary or expedient so to do in
the interest of the sovereignty or integrity of India, the security of the State, friendly
relations with foreign States or public order or for preventing incitement to the
commission of any cognizable offence, for reasons to be recorded in writing, by order,
direct any agency of the Government to intercept any information transmitted through
any computer resource.
6. The subscriber or any person who fails to assist the agency shall be punished with an
imprisonment for a term which may extend to seven years.
7. Protected system The appropriate Government may, by notification in the Official
Gazette, declare that any system or computer network to be a protected system. Any
person who secures authorized access or attempts, without authorization to secure
access to a protected system shall be punished with imprisonment of either description
for a term which may extend to ten years and shall also be liable to fine.
8. Penalty for misrepresentation Whoever makes any misrepresentation to, or
suppresses any material fact from, the Controller or the Certifying Authority for
obtaining any license or Digital Signature Certificate, as the case may be, shall be
punished with imprisonment for a term which may extend to two years, or with fine
which may extend to one lakh rupees, or with both.
9. Breach of confidentiality and privacy Any person who, in pursuance of any of the
powers conferred under this Act, rules or regulations made there under has secured
access to any electronic record, book, register, correspondence, information, document
or other material without the consent of the person concerned discloses, without
proper authorization, such electronic record, book, register, correspondence,
information, document or other material to any other person shall be punished with
imprisonment for a term which may extend to two years, or with fine which may
extend to one lakh rupees, or with both.
10. Publication for fraudulent purpose Whoever knowingly creates, publishes or
otherwise makes available a Digital Signature Certificate for any fraudulent or unlawful

2
 purpose shall be punished with imprisonment for a term which may extend to two
years, or with fine which may extend to one lakh rupees, or with both.
11. Penalties and confiscation not to interfere with other punishments No
penalty imposed or confiscation made under this Act shall prevent the imposition of
any other punishment to which the person affected thereby is liable under any other
law for the time being in force.
12. Power to investigate offences Notwithstanding anything contained in the Code of
Criminal Procedure, 1973, a police officer not below the rank of Deputy Superintendent
of Police shall investigate any offence under this Act. Therefore only an Officer of the
rank of Deputy Superintendent of Police or above may investigate offences under this
Act.

Offences & Imprisonment under the IT Act, 2000

Nature of offence Imprisonment

Tampering with computer source
Upto 3 years / Fine upto Rs.2 lakhs or both
documents
Hacking with computer system Upto 3 years / Fine upto Rs.1 lakh or both
Publishing of information which is
Upto 10 years / Fine upto Rs. 2 lakhs or both
obscene in electronic form
Failure of Certifying Authority or its
employee to take measures or cease
Upto 3 years / Fine upto Rs.2 lakhs or both
carrying on activities specified in the
order of controller
Failure to assist any agency of the
Upto 7 years
Goverment to decrypt any information
Secures access or attempts to secure
Upto 10 years and Fine
access to a protected system
Misrepresentation or suppression of any
material fact from Controller of
Upto 2 years / Fine upto Rs. 1 lakh
Certifying Authority for obtaining any
license or Digital Signature Certificate
Breach of confidentiality and privacy Upto 2 years / Fine upto Rs. 1 lakh or both
Publishing Digital Signature Certificate
Upto 2 years / Fine upto Rs. 1 lakh or both
false in certain particulars
Publication of Digital Signature
Upto 2 years / Fine upto Rs. 1 lakh or both
Certificate for fraudulent purpose
• Offences and Penalties under the IT Act, 2000

Nature of Offence Maximum Penalty (Rs.)

Penalty for damage to computer,
computer system, computer network, 1,00,00,000
etc.
Failure to furnish any document,
return or report to the Controller or 1,50,000
the Certifying Authority
Failure to file any return or furnish any
5,000
information, books or other documents
Failure to maintain books of account
10,000
or records
Contravention of any rules or 25,000

3
 regulations for which no penalty is
provided separately

• Cyber crimes
Cyber crime encompasses any criminal act dealing with computers and networks (called
hacking). Additionally, cyber crime also includes traditional crimes conducted through
the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft,
and credit card account thefts are considered to be cyber crimes when the illegal
activities are committed through the use of a computer and the Internet.
• Types of Cybercrimes

Cyber crime can be basically divided into 3 major categories:

1. Cyber crimes against persons.
2. Cyber crimes against property.
3. Cyber crimes against government

Cyber crimes against persons : Cyber crimes committed against persons include
various crimes like transmission of child-pornography, harassment of any one with the
use of a computer such as e-mail.
Cyber crimes against property : These crimes include computer vandalism
(destruction of others' property), transmission of harmful program.
Cyber crimes against government : Cyber terrorism is one distinct kind of crime in
this category. The growth of internet has shown that the medium of Cyberspace is being
used by individuals and groups to threaten the international governments as also to
terrorize the citizens of a country. This crime manifests itself into terrorism when an
individual "cracks" into a government or military maintained website
• State any four act amounting to “ Cybercrime” as per IT act 2000
OR
• IT Act 2000 specifies eight acts which if carried out without the permission of
the owner or the person in-charge of a computer system are considered as
crimes. List any three such acts and relate them to the type of security
attacks.

1 Hacking with Computer System Whoever with the intent to cause or knowing that
he is likely to cause wrongful loss or damage to the public or any person destroys or
deletes or alters any information residing in a computer resource or diminishes its
value or utility or affects it injuriously by any means, commits hacking.Whoever
commits hacking shall be punished with imprisonment up to three years, or with fine
which may extend up to two lakh rupees, or with both.
2 Protected system The appropriate Government may, by notification in the Official
Gazette, declare that any system or computer network to be a protected system.Any
person who secures authorized access or attempts, without authorization to secure
access to a protected system shall be punished with imprisonment of either
description for a term which may extend to ten years and shall also be liable to fine.
3 Publication for fraudulent purpose Whoever knowingly creates, publishes or
otherwise makes available a Digital Signature Certificate for any fraudulent or
unlawful purpose shall be punished with imprisonment for a term which may extend
to two years, or with fine which may extend to one lakh rupees, or with both.
4 Breach of confidentiality and privacy Any person who, in pursuance of any of the
powers conferred under this Act, rules or regulations made there under has secured
access to any electronic record, book, register, correspondence, information,
document or other material without the consent of the person concerned discloses,
without proper authorization, such electronic record, book, register, correspondence,
information, document or other material to any other person shall be punished with
imprisonment for a term which may extend to two years, or with fine which may
extend to one lakh rupees, or with both.

4
 • Computer crimes / Crimes using a computer

Computer Crime, is where a computer is the target of a crime or is the means adopted to
commit a crime. Different types of computer crimes are :-
1 Hacking
2 Fraud
3 Confidence tricks and scams
4 Piracy
5 Pornography
6 Offensive Content
7 Harassment

Hacking : Hacking may be defined as, "deliberately gaining unauthorized access to an

information system" and, in extreme cases, it may amount to industrial espionage or a
national security crime when the defendant accesses commercially or nationally
sensitive materials.

Fraud : Internet fraud is any dishonest misrepresentation of fact intended to induce

another to do or refrain from doing something which causes loss. In this context, the
fraud will result in obtaining a benefit by:
a) Altering computer input in an unauthorized way.
b) Altering, destroying, suppressing, or stealing output,
c) Altering or deleting stored data;

Confidence tricks and scams : A confidence trick is also known as a con, scam, grift
or flim flam, is an attempt to intentionally mislead a person or persons (known as the
"mark") usually with the goal of financial or other gain.
• Cyber Forensics
Cyber forensics is the discovery, analysis, and reconstruction of evidence extracted from
any element of computer systems, computer networks, computer media, computer
peripherals and other electronic equipment that allow the forensics experts to present
and put forward the best evidence in a court of law. For successful prosecution of cyber
crimes it is essential for a cyber forensics cell to have adequate and cogent evidence
implicating the criminal so that a conviction is ensured.
• Need for a Cyber Forensic Cell
Information stored in digital form is transient in nature and therefore it is very difficult
for a law enforcement agency to seize, collect and analyze digital evidence in the
absence of a specialized unit, which can undertake such tasks. Successful prosecution
depends upon the ability of the cyber crime cell to discover adequate evidence against
the suspect and then link this information to the suspect. This necessitates the need of
forming a specialized cyber forensics cell with adequate resources to correctly examine
and analyze the evidence and provide such a link so that it can be presented before a
court of law for successful prosecution.