Ll.B. (Hons) Vi Semester Subject-Cyber Laws

LL.B.
(Hons) VI SEMESTER
SUBJECT- CYBER LAWS
UNIT I
LECTURE 1-FUNDAMENTALS OF CYBER LAW.
VIDEO LINK: https://www.youtube.com/watch?v=caEdZ41EA4w
PREVIOUS YEAR QUESTIONS ASKED IN LUCKNOW UNIVERSITY
Q1.) What do you understand by cyber law? (2018)
Q2.) What is the meaning of cyber law and explain its essential elements. (2016)
NOTES
• "Cyber" is a prefix used to describe a person, thing, or idea as part of the computer and
information age. Taken from kybernetes, Greek word for "steersman" or "governor," it was first
used in cybernetics, a word coined by Norbert Wiener and his colleagues.
• The virtual world of internet is known as cyberspace and the laws governing this area are known
as Cyber laws and all the netizens of this space come under the ambit of these laws as it carries a
kind of universal jurisdiction.
• Cyber law can also be described as that branch of law that deals with legal issues related to use of
inter-networked information technology. In short, cyber law is the law governing computers and
the internet.
• The growth of Electronic Commerce has propelled the need for vibrant and effective regulatory
mechanisms which would further strengthen the legal infrastructure, so crucial to the success of
Electronic Commerce. All these regulatory mechanisms and legal infrastructures come within the
domain of Cyber law.
• Cyber law is important because it touches almost all aspects of transactions and activities on and
involving the internet, World Wide Web and cyberspace. Every action and reaction in cyberspace
have some legal and cyber legal perspectives.
➢ Cyber law encompasses laws relating to:
1. Cyber Crimes
2. Electronic and Digital Signatures
3. Intellectual Property
4. Data Protection and Privacy
➢ Need for Cyber Law

• In today’s techno-savvy environment, the world is becoming more and more digitally
sophisticated and so are the crimes. Internet was initially developed as a research and information
sharing tool and was in an unregulated manner. As the time passed by it became more
transactional with e-business, e-commerce, e-governance and e-procurement etc.
• All legal issues related to internet crime are dealt with through cyber laws. As the number of
internet users is on the rise, the need for cyber laws and their application has also gathered great
momentum.
In today’s highly digitalized world, almost everyone is affected by cyber law. For example:
• Almost all transactions in shares are in demat form.
• Almost all companies extensively depend upon their computer networks and keep their valuable
data in electronic form.
• Government forms including income tax returns, company law forms etc. are now filled in
electronic form.
• Consumers are increasingly using credit/debit cards for shopping.
• Most people are using email, phones and SMS messages for communication.
• Even in “non-cybercrime” cases, important evidence is found in computers/cell phones e.g.: in

cases of murder, divorce, kidnapping, tax evasion, organized crime, terrorist operations,
counterfeit currency etc.
• Cybercrime cases such as online banking frauds, online share trading fraud, source code theft,
credit card fraud, tax evasion, virus attacks, cyber sabotage, phishing attacks, email hijacking,
denial of service, hacking, pornography etc. are becoming common.
• Digital signatures and e-contracts are fast replacing conventional method of transacting business.
ASSIGNMENT
1.) What do mean by the world cyber?
2.) What is the meaning of cyber law?
3.) What are the essential elements of cyber law?
4.) What is the need of cyber law in today world?

LL.B. (Hons) VI SEMESTER
SUBJECT- CYBER LAWS
UNIT I
LECTURE 2-UNDERSTANDING CYBER SPACE.
VIDEO LINK: https://www.youtube.com/watch?v=DoWh7dF2_zE
1.) What do you understand by cyber space (2018,2019)
2.) What is the need of cyberspace and how it works (2019)
NOTES
• Cyberspace allows users to share information, interact, swap ideas, play games, engage in
discussions or social forums, conduct business and create intuitive media, among many other
activities.
• The term cyberspace was initially introduced by William Gibson in his 1984 book, Neuromancer.
Gibson criticized the term in later years, calling it “evocative and essentially meaningless.”
Nevertheless, the term is still widely used to describe any facility or feature that is linked to the
Internet. People use the term to describe all sorts of virtual interfaces that create digital realities.
• The term cyber space has garnered numerous definitions and interpretations given by both experts
and lexicographers. According to Adnan (2010), cyberspace is an unreal world where information
is constantly transmitted through or between computers.
• On the other hand, the cyberspace refers to the virtual space that computer systems have aided in
its creation.
• According to Chip Morningstar and F. Randall Farmer, cyberspace is defined more by the social
interactions involved rather than its technical implementation. In their view, the computational
medium in cyberspace is an augmentation of the communication channel between real people; the
core characteristic of cyberspace is that it offers an environment that consists of many participants
with the ability to affect and influence each other. They derive this concept from the observation
that people seek richness, complexity, and depth within a virtual world.
• History of the word- Cyber Space
• The term Cyber Space was introduced by William Gibson in his book “Neuromancer” in 1984.
Although Gibson criticized the term by calling it redolent and meaningless. It is still used
worldwide to describe facilities or features that are linked to internet.
• Gibson initially explained the cyber-Space as “a consensual hallucination experienced daily by
billions of legitimate operators in every nation.” Programme developers such as Chip
Morningstar stated that the cyberspace gained its popularity as medium for social interaction as
opposed to its technical execution and implementation.
• Thus, unlike most computer jargon, the ‘cyberspace’ doesn’t have a standard or objective
definition. Instead, it is simply used to describe systems that extend across a global network of
computers.
• Cyberspace refers to the virtual computer world, and more specifically, an electronic medium that
is used to facilitate online communication. Cyberspace typically involves a large computer
network made up of many worldwide computer subnetworks that employ TCP/IP protocol to aid
in communication and data exchange activities.
• Cyberspace is an interactive domain made up of digital networks that is used to store, modify and
communicate information. It includes the internet, but also the other information, systems that
support our companies, infrastructure and services.
Cyberspace can be divided into a multi-layer model comprised of:
1. Physical foundations: such as land and submarine cables, and satellites that pro-vide
communication pathways, along with routers that direct information to its destination.
2. Logical building blocks: including software such as smartphone apps, operating systems, or web
browsers, which allow the physical foundations to function and communicate.
3. Information: that transits cyberspace, such as social media posts, texts, financial transfers or video
downloads. Before and after transit, this information is often stored on (and modified by)
computers and mobile devices, or public or private cloud storage services.
4. People: that manipulate information, communicate, and design the physical and logical
components of cyberspace.
What is the Use of Cyberspace?
• Now let us talk about what use cyberspace has for us. We live in an internet era and the
indispensability of the internet is something that we cannot deny about. The expanding computer
network, technologies, and the internet have evolved into what is known as cyberspace. It is a
virtual environment where there is communication between computer networks.
• Cyberspace brings in many uses. It lets you do everything possible through the internet. Be it
education, military, finance, or even education today everything is connected to what is known as
cyberspace. There is not a single sphere in our life that is not connected to social media.
• The internet has made it efficient to store and to handle data. It has made man’s life organized
and more systematic. Be it for e-banking or booking tickets or even to work online, cyberspace is
everywhere
• Working of Cyber Space
• Cyberspace allows users to share information, interact, swap ideas, play games, engage in
discussions or social forums, conduct business and create intuitive media, among many other
activities. We know that cyberspace is something without which life cannot be imagined today.
S
• o how does cyberspace function? Be it from up in space or from under the water, understand
how the internet makes it possible to transfer information. It seems pretty straightforward to
get online. However, there is much more than what occurs backstage.
• Hidden below the sea level and above the surface of the earth, there are complex and large
cables as well as networking satellites that let you stream your favorite movie and use the maps
to navigate to your preferred location. There are many physical installations that let you be
connected wirelessly.
ASSIGNMENT
1. What is the meaning of cyber space?
2. How does the cyber space works?
3. What is the need of cyber space?
4. In how many layer cyber space is divided into?

SUBJECT- CYBER LAWS
UNIT I
LECTURE 3-INTERFACE OF TECHNOLOGY AND LAW DEFINING CYBER LAWS
VIDEO LINK: https://www.youtube.com/watch?v=KtuCsBlJXk8
Notes
Interface of Technology and Laws defining Cyber Laws
• The core feature of Cyber Space is an extremely interactive virtual environment for an incredibly
large range of participants. Through the cyber space users are allowed to share information, swap
ideas, engage in social discussion, interact and play games, create media conduct business.
• One way to talk about cyberspace is related to the use of the global Internet for diverse purposes,
from commerce to entertainment. Wherever stakeholders set up virtual meeting spaces, we see
the cyberspace existing. Wherever the Internet is used, you could say, that creates a cyberspace.
• The prolific use of both desktop computers and smartphones to access the Internet means that, in
a practical (yet somewhat theoretical) sense, the cyberspace is growing.
• Cyberspace is a concept describing a widespread, interconnected digital technology. "The
expression dates back from the first decade of the diffusion of the internet. It refers to the online
world as a world "apart," as distinct from everyday reality. In cyberspace people can hide behind
fake identities, as in the famous The New Yorker cartoon." (Delfanti, Arvidsson, 150)
• The term entered the popular culture from science fiction and the arts but is now used by
technology strategists, security professionals, government, military and industry leaders and
entrepreneurs to describe the domain of the global technology environment, commonly defined as
standing for the global network of interdependent information technology infrastructures,
telecommunications networks and computer processing systems. Others consider cyberspace to
be just a notional environment in which communication over computer networks occurs.
• The word became popular in the 1990s when the uses of the Internet, networking, and digital
communication were all growing dramatically and the term cyberspace was able to represent the
many new ideas and phenomena that were emerging.
• As a social experience, individuals can interact, exchange ideas, share information, provide social
support, conduct business, direct actions, create artistic media, play games, engage in political
discussion, and so on, using this global network. They are sometimes referred to as cybernauts.
The term cyberspace has become a conventional means to describe anything associated with the
Internet and the diverse Internet culture.
• The United States government recognizes the interconnected information technology and the
interdependent network of information technology infrastructures operating across this medium
as part of the US national critical infrastructure. Amongst individuals on cyberspace, there is
believed to be a code of shared rules and ethics mutually beneficial for all to follow, referred to as
cyber ethics.
• Many view the right to privacy as most important to a functional code of cyber ethics. Such moral
responsibilities go hand in hand when working online with global networks, specifically, when
opinions are involved with online social experiences.
➢ Laws Defining Cyber Laws
• Cyber Law is a generic term referring to all the legal and regulatory aspects of the internet.
Everything concerned with or related to or emanating from any legal aspects or concerning any
activities of the citizens in the cyberspace comes within the ambit of cyber laws.
• Cyber Law encapsulates legal issues which are related to the use of communicative, transactional,
and distributive aspects of networked information technologies and devices. It encompasses the
legal, statutory, and constitutional provisions which affect computers and networks.
• The laws prevailing the area of cyber space and the world of the internet is cyber law and the
users of the areas fall within the ambit of these cyber laws.
• Thus cyber law is essentially the branch of law that deals with legal issues which are related to
use of inter-networked information technology. The governing mechanism and legal structures
that oversee the growth of electronic commerce in India fall within the domain of cyber law.
• Cyber law essentially encompasses laws relating to electronic and digital signatures, cybercrimes,
intellectual property, data protection and privacy. The major areas of cyber laws includes
defamation, fraud, copy right harassment or stalking , trade secrets freedom of speech, contracts
and employment law.
• Regulation and legislation in India Due to the increase in globalization, computerization and the
growth of e-commerce in 90s,
• UNCITRAL adopted its Model Law on e-commerce in 1996. So In 1996, the United Nations
Commission on International Trade Law (UNCITRAL) adopted the model law on electronic
commerce (e-commerce) to bring uniformity in the law in different countries.
• Further, the General Assembly of the United Nations recommended that all countries must
consider this model law before making changes to their own laws. The UN General Assembly
then passed a resolution in 1997 recommending the states in the UN to give favorable
considerations to the model Law. India became the 12th country to enable cyber law after it
passed the Information Technology Act, 2000.
ASSIGNMENT
1. How can technology and cyber law be related to each other?
2. What are the law defining the cyber laws?

SUBJECT- CYBER LAWS
UNIT I
LECTURE 4-UNCITRAL MODEL LAW ON ELECTRONIC COMMERCE
VIDEO LINK:
1. https://www.youtube.com/watch?v=Btr6OJ7eFwc
2. https://www.youtube.com/watch?v=pEcEvZIuS7o
1. What Is UNCITRAL MODEL Law on Electronic Commerce (2018,2019)
NOTES
• In today’s world, a large number of international trade transactions are carried out by electronic
data interchange and other means of communication, commonly known as “electronic
commerce”. It uses alternatives to paper-based methods of communication and storage of
information.
• The United Nations Commission on International Trade Law (UNCITRAL), by the means of
Model Law on Electronic Commerce (MLEC), sought to provide a set of internationally
acceptable rules with an aim to remove legal obstacles and increase legal predictability for e-
commerce.
• It has further improved the efficiency in international trade by providing equal treatment to paper
based and electronic information, thus enabling the use of paperless communication.
• The model law is not a comprehensive, code-like articulation of the rules for the electronic
transactions. It does not intend to govern every aspect of electronic contracting. It adopts a
limited framework approach and enables and facilitates e-commerce. It has adopted the following
fundamental principles of the modern electronic-commerce law:
• The principle of non-discrimination – It ensures that any document would not be denied legal
validity, effect, and enforceability solely on the basis that it is in electronic form.
• The principle of technological neutrality – It mandates the adoption of such provisions which are
neutral with respect to technology used. This aims at accommodating any future developments
without any further legislative work.
• The functional equivalence principle – It sets out the specific requirements that e-communication
ought to meet in order to fulfill the same functions that certain notions, in traditional paper-based
system, seek to achieve, for example, “writing”, “original”, “signed”, and “record”.
History
• With the advent of globalization and rapid increase in digitization of work, a major
change in the mode and method of communication between businesses was witnessed.
This was the introduction of the electronic mode of communication and storage of
information.
• UNCITRAL decided to prepare the Model law in response to such change, thus, giving
the nations an internationally acceptable set of rules for the evaluation and modernization
of their laws and practices in the field of commercial relationships involving the use of
computerized mode of communication.
• It also helped in establishment of relevant legislation where none existed and promotion
of harmonization and unification of international trade laws. Thus, the UNCITRAL
Model Law of E-commerce was adopted by the United Nations Commission on
International Trade Law in 1996.
➢ The UNCITRAL Model Laws for E-commerce
1. The Model Law has been divided into two parts. The Part I relates to the general
provisions relating to e-commerce, it legislates the three principles of non-discrimination,
technological neutrality, and functional equivalence. Besides establishing uniformity in
the laws regarding e-commerce and legal relevance for data communicated through
electronic mode, MLEC also establishes rules for formation and validity of e-contracts,
for data message attribution, for receipt acknowledgement and for determining receipt of
data messages, etc.
2. The Part II of the Model Law deals with specific provisions for e-commerce in certain
areas.
➢ Key Provisions
General Provisions
• Article 2 of the Law provides six definitions, the most important one is of “Data message”. It is
defined as information generated, sent, received, or stored by electronic, optical, or similar
means.This definition has been attributed after taking into consideration the future technological
developments as well, which is the reason for inclusion of the term similar means.
• This wide definition includes the notion of a record and even revocation and amendment. The
sphere of application that Article 1 talks about, is for the information in the form of data
messages, in the context of commercial activities.
• The Model Laws give the interpretational tools(Article 3) which call for a standard of
international origin and uniformity in application of general principles of law. There can be
variation in the communication of data messages by the agreement of the parties(Article 4).
Application of legal requirement to data messages

• The principle of non-discrimination has been enforced by the means of Article 5 which specifies
that the information communicated via electronic mode, i.e., in the form of data messages cannot
be denied legal validity and effect.
• Information by the way of reference has also been given legal validity(Article 5 bis) and thus, the
application of this law has been considerably widened. This is of utmost importance in the
context of international law.
• The nations required the documents to be in writing and validation was only given to the hand
written signature as a form of authentication. By the means of provisions in Articles 6 & 7, the
Model has done away with both of the above obstacles.
• Accessibility of data messages does not require the document to be in writing, and recognition of
digital signature marks the approval of the full structure of the contract. This provision is termed
relevant for every circumstance including a relevant agreement.
• The notion of originality is defined in Article 8 which provides that data messages can fulfill the
legal requirement of presentation and retention of information in its original form subject to the
assurance of integrity and presentability of data messages. Presentability meaning the ability to
display the information where required.
• Article 9 specifies that the data messages cannot be denied admissibility in the court of law solely
on the basis that the information is in the form of a data message. Thus, evidentiary value has
been granted to data messages. The requirement of retention of information is also met by
retention of information in the form of data messages subject to the accessibility, accuracy and
originality of format and identity of origin(Article 10).
Communication of data messages
• Offer and acceptance of offer, when communicated in the form of data messages, cannot be
denied legal validity and enforceability solely on the grounds that they are in the form of data
messages. Thus, the formation of a valid contract was made possible through the means of data
messages.(Article 11)
• Acknowledgement in the form of receipt of data messages has also been granted legal
validity.(Article 12)
• The data message is attributed to the originator if it is sent by him or by a personauthorised by

him(Article 13).
• Article 14 provides that the receipt of the data message and its acknowledgement can also be
agreed upon by the parties beforehand.
• The transaction ensues when the information goes out of control of the sender. The place of
dispatch is the place of business and the time is when the acceptance enters the system of the
addressee(Article 15).
Specific provisions
• Articles 16 & 17 talk about carriage of goods and transport documents. They enforce the ability
to achieve carriage of goods by the means of data messages and fulfillment of the requirement of
transport documents through the same as well.
• It is imperative for the objective of furtherance of international trade. This part has been
complemented by other legislative texts such as the Rotterdam Rules and it may be the object of
additional work of UNCITRAL in the future.
Implementation & Judicial Interpretations across the globe
• The Model Law of Electronic Commerce was adopted to facilitate the international trade through
electronic modes of communication. It aimed at encouraging national legislators to adopt a set of
internationally acceptable rules regulating e-commerce.
• Thus, Model Law is accompanied with a guide which provides background and explanatory
information to assist the states in preparing the necessary legislative provisions.
Different states enacted laws based on the principles of this Model Law. Thus, the courts have interpreted
the provisions of their domestic laws according to the Model Law.
• Khoury v. Tomlinson is a landmark case decided by the Texas Court of Appeal. The facts of this
case are such that an agreement was entered via e-mail which was not signed but only the name
of the originator appeared in the ‘from’ section.
• Referring to the principles in Article 7 of the Model Law, the court found sufficient evidence that
the name in the ‘from’ section establishes the identity of the sender.
• Chwee Kin Keong and others is a case dealt with by the Singapore High Court. There was the
issue of unilateral mistake in this case as the wrong price was quoted on the seller’s website for a
product.
• The server of the seller automatically sent a confirmation mail when the buyers placed an order.
All the elements of the contract were established but with a mistake which eliminated consensus
ad idem.
• Referring to the Singapore Electronic Transactions Act based on Model Laws, the court found
that human errors, system errors, and transmission errors could vitiate a contract.
• Martha Helena Pilonieta v Gabriel Humberto Pulido Casas is a case dealt with by the Supreme
Court of Justice of Columbia. The court found that the electronic message by a spouse was not
relevant on the ground of evidential thresholds.
Thus, the Model Laws became the basis for a number of legislative texts enacted by various governments
across the globe and it gave a uniformity to the laws concerning the information communicated by the
electronic mode of communication.
Conventions
United Nations Convention on the Use of Electronic Communications in International Contracts (New
York, 2005)
Model laws
• UNCITRAL Model Law on Electronic Transferable Records (2017)
• UNCITRAL Model Law on Electronic Signatures (2001)
• UNCITRAL Model Law on Electronic Commerce (1996)
Legislative guides
Recommendations to Governments and international organizations concerning the legal value of

computer records (1985)
ASSIGNMENT
1. What do you UNCITRAL Model Law on Electronic Commerce?
2. What are the specific provisions dealing with Communication of data messages under
UNCITRAL Model Law on Electronic Commerce?
3. What are the specific provisions dealing with legal requirement to data messages under
UNCITRAL Model Law on Electronic Commerce?
SUBJECT- CYBER LAWS
UNIT II
LECTURE 1-INFORMATION TECHNOLOGY ACT, 2000.
VIDEO LINK : https://www.youtube.com/watch?v=czDzUP1HclQ
Q1.) What are the objectives of the Information Technology Act, 2000? (2018)
NOTES
IT Act, 2000
The Information Technology Act, 2000 was enacted by the Indian Parliament in 2000. It is the primary
law in India for matters related to cybercrime and e-commerce.
• The act was enacted to give legal sanction to electronic commerce and electronic transactions, to
enable e-governance, and also to prevent cybercrime.
• Under this law, for any crime involving a computer or a network located in India, foreign
nationals can also be charged.
• The law prescribes penalties for various cybercrimes and fraud through digital/electronic format.
• It also gives legal recognition to digital signatures.
• The IT Act also amended certain provisions of the Indian Penal Code (IPC), the Banker’s Book
Evidence Act, 1891, the Indian Evidence Act, 1872 and the Reserve Bank of India Act, 1934 to
modify these laws to make them compliant with new digital technologies.
• In the wake of the recent Indo-China border clash, the Government of India banned various
Chinese apps under the Information Technology Act. Read more about this in an RSTV titled,
‘TikTok, Other Chinese Apps Banned’.
Objectives of the Act
• The Information Technology Act, 2000 provides legal recognition to the transaction done via
electronic exchange of data and other electronic means of communication or electronic commerce
transactions.
• This also involves the use of alternatives to a paper-based method of communication and
information storage to facilitate the electronic filing of documents with the Government agencies.
• Further, this act amended the Indian Penal Code 1860, the Indian Evidence Act 1872, the
Bankers’ Books Evidence Act 1891, and the Reserve Bank of India Act 1934. The objectives of
the Act are as follows:
• Grant legal recognition to all transactions done via electronic exchange of data or other electronic
means of communication or e-commerce, in place of the earlier paper-based method of
communication.
• Give legal recognition to digital signatures for the authentication of any information or matters
requiring legal authentication
• Facilitate the electronic filing of documents with Government agencies and also departments
• Facilitate the electronic storage of data
• Give legal sanction and also facilitate the electronic transfer of funds between banks and financial
institutions
• Grant legal recognition to bankers under the Evidence Act, 1891 and the Reserve Bank of India
Act, 1934, for keeping the books of accounts in electronic form.
Features of the Information Technology Act, 2000
• All electronic contracts made through secure electronic channels are legally valid.
• Legal recognition for digital signatures.
• Security measures for electronic records and also digital signatures are in place
• A procedure for the appointment of adjudicating officers for holding inquiries under the Act is
finalized
• Provision for establishing a Cyber Regulatory Appellant Tribunal under the Act. Further, this
tribunal will handle all appeals made against the order of the Controller or Adjudicating Officer.
• An appeal against the order of the Cyber Appellant Tribunal is possible only in the High Court
• Digital Signatures will use an asymmetric cryptosystem and also a hash function
• Provision for the appointment of the Controller of Certifying Authorities (CCA) to license and
regulate the working of Certifying Authorities. The Controller to act as a repository of all digital
signatures.
• The Act applies to offences or contraventions committed outside India
• Senior police officers and other officers can enter any public place and search and arrest without
warrant
• Provisions for the constitution of a Cyber Regulations Advisory Committee to advise the Central
Government and Controller.
Applicability and Non-Applicability of the Act
Applicability
• According to Section 1 (2), the Act extends to the entire country, which also includes
Jammu and Kashmir. In order to include Jammu and Kashmir, the Act uses Article 253 of
the constitution. Further, it does not take citizenship into account and provides extra-
territorial jurisdiction.
• Section 1 (2) along with Section 75, specifies that the Act is applicable to any offence or
contravention committed outside India as well. If the conduct of person constituting the
offence involves a computer or a computerized system or network located in India, then
irrespective of his/her nationality, the person is punishable under the Act.
• Lack of international cooperation is the only limitation of this provision.
Non-Applicability
According to Section 1 (4) of the Information Technology Act, 2000, the Act is not applicable to
the following documents:
• Execution of Negotiable Instrument under Negotiable Instruments Act, 1881, except

cheques.
• Execution of a Power of Attorney under the Powers of Attorney Act, 1882.
• Creation of Trust under the Indian Trust Act, 1882.
• Execution of a Will under the Indian Succession Act, 1925 including any other
testamentary disposition by whatever name called.
• Entering into a contract for the sale of conveyance of immovable property or any interest
in such property.
• Any such class of documents or transactions as may be notified by the Central

Government in the Gazette.
The flaws of IT Act 2000 are:
• Lack of Transparency:
Section 69A grants to the government the power to issue directions to intermediaries for
blocking access to any information that it considers prejudicial to, among other things, the
sovereignty and integrity of India, national security, or public order.
Section 69A (3) envisages a jail sentence for up to seven years for intermediaries who fail to
comply.
In 2009, the government also issued “Blocking Rules”, which set up the procedure for blocking
(including regular review by government committees), and also stated that all requests and
complaints would remain strictly confidential.
• Privacy issues:
The IT Act also doesn’t address privacy issues – privacy is now a fundamental right and the law
needs to specifically address privacy concerns, but that’s not the case.
• Poor protection of cybersecurity:
The Indian IT Act is not a cybersecurity law and therefore does not deal with the nuances of
cybersecurity.
Indian citizens have been victims to numerous instances of data breach and privacy violations –
take for instance the Cambridge Analytica incident, or the Aadhaar account breach of 1.1 billion
citizens, or for that matter the 2018 personal data leak incident of 5 lakh Google+ users.
• Lack of expertise:
regular police personnel, specifically any officer holding the rank of inspector, are responsible
for investigating nefarious online activities. The difficulty that arises here is that cybercrimes are
a nuanced form of criminal activity that require years of specialised training and a deep
understanding of technology to probe adequately.
ASSIGNMENT
5.) What do mean by the objectives ofIT Act 2000?
6.) What are the flaws of IT Act 2000?
7.) Explain the Applicability and Non-Applicability of the Act?
8.) What are the Features of the Information Technology Act, 2000?
SUBJECT- CYBER LAWS
UNIT II
LECTURE 2-E-COMMERCE, E GOVERNANCE, E CONTRACT
VIDEO LINK : https://www.youtube.com/watch?v=xuAltdNpvC0
https://www.youtube.com/watch?v=OU4ema4QXxo
3.) What do you understand bye-Commerce (2018,2019)
4.) What is the need of e-Commerce and explain its advantages and disadvantages (2019)
5.) Explain the meaning of E-GOVERNANCE and state its advantages?

(2018,2019)
6.) What do you mean by e-contracts and what are the Types of E-Contracts?
NOTES
• Organization for Economic Cooperation and Development (OECD) defines e-commerce as:
• “All forms of transactions relating to commercial activities, including both organizations and
individuals, which are based on the processing and transmission of digitized data including text,
sound, and visual images.”
• According to this view, E-commerce does not necessarily require the use of the Internet. E-
commerce includes all forms of transactions that process and transmit digitized data which
includes text, sound and visual images.
E-commerce is the application of information technology and communication technology to three basic
activities related to commercial business; the three basic activities are as follows:
1. Production and support- which includes assisting production, distribution, and maintenance of
goods and services.
2. Transaction preparation- which includes getting product information into the market-place and
bringing buyers and sellers into contract with each other; and
3. Transaction completion- which includes concluding transactions, transferring payments, and

securing financial services.
E-commerce can be categorized into six categories:

1. Business-to-Business (B2B) – B2B e-commerce consists of all kinds of electronic
transactions, dealings and business related to the goods and services that are conducted
between two companies.
2. Business-to-Consumer (B2C) – It is the most common form of e-commerce, and it deals with
electronic business relationships between businesses and consumers. This kind of e-
commerce allows consumers to shop around for the best prices, read customer reviews and
find different products that they would not find otherwise in the retail world.
3. Consumer-to-Consumer (C2C) – This level of e-commerce consists of all electronic

transactions that take place between consumers. This consists of electronic transactions of
goods and services between two customers and is mainly conducted through a third party that
provides an online platform for these transactions
4. Consumer-to-Business (C2B) – In C2B e-commerce, a consumer or an individual makes their

goods or services available online for companies to purchase, so, in this kind of e-commerce
a complete reversal of the selling and buying process takes place.
5. Business-to-Administration (B2A) – This e-commerce consists of electronic transactions that

takes place companies and bodies of public administration such as government. Therefore,
the B2A model is sometimes also referred to as B2G (Business-to-Government).
6. Consumer-to-Administration (C2A) – This e-commerce consists of electronic transactions

that takes place between people and bodies of public administration. This relationship allows
access for consumers to receive information, make payments, and establish direct
communication between the government or administrations and the consumers.
Advantages of e-commerce
1. It’s a business platform unaffected by the barrier of time and distance
2. Lowers the Cost of sale
3. Cheapest means of doing business
4. Less delivery time and less labor cost etc.
5. Provides solution by decimating cost in price fixation
Buyer’s Advantages from E-Commerce
1. Reduction in the buyer’s sorting out time
2. Better buyer decision
3. Less time spent in resolving invoice and order discrepancies
4. Increased opportunities for buying alternative products

Disadvantages of e-Commerce
1. Fewer people using E-commerce
2. Unable to personally or physically examine the product
3. Special and costly hardware and software are required
4. The website must be maintained and updated regularly
5. Skilled people are required to maintain the website
6. Not suitable for perishable commodities
ASSIGNMENT
5. What is the meaning ofe-Commerce?
6. What are the different categories of e-Commerce?
7. What are the advantages of e-Commerce?
8. What are the disadvantages of e-Commerce?
E governance
• The e governance stands for electronic Governance refers to lawful rules for management, control
and administration.
• E governance is a public sector, use of information and communication technologies with aim of
improving information and service delivery encouraging the citizen to participate in decision
making process and making the government more accountable, transparent and effective.
• E governance generally considered as a wider concept than E government, since it bring change
in the way of citizen, relate to government and to each other. E governance can bring the concept
of citizenship. It’s objectives is to enable, engage and empower the citizen.
➢ E governance means application of electronic means in the interaction between:

a. Government and citizen
b. Citizen and government
c. Government and business
d. Business and government
e. Internal government operation
➢ Objectives of E governance:
• E governance is not only providing information about the various activities and organizations
of the government but it involves citizens to communicate with government and participate in
decisions-making process.
a. Putting government rules and regulations online.
b. Putting information relating to government plans, budget, expenditures and performances
online.
c. Putting online key judicial decision like environment decision etc., which is important for
citizen and create precedence for future actions.
d. Making available contact addresses of local, regional, national and international officials
online.
e. Filing of grievances and receiving feedback from the citizens.
f. Making available the reports of enquiry committees or commission online.
E governance under IT Act, 2000: Electronic governance dealt under sections 4 to 10A of the IT act,
2000.
2. Legal recognition of record (section 4):
4. Legal recognition of electronic signatures (section 5) :/

5. Use of electronic records and electronic signature in government and it’s agencies (section 6):
6. Delivery of services by service provider (section 6A):
7. Retention of electronic records (section 7):
8. Audit of documents etc. Maintained in electronic form (section 7A):
9. Publication of rule, regulation etc in electronic gazette (section 8)
10. No right to insist government office etc to interact in electronic form (section 9)
11. Power to make rules by central government in respect of electronic signature (section 10):
➢ National E-governance Plan

f. The National e-Governance Plan (NeGP) has been formulated by the Department of
Electronics and Information Technology (DEITY) and Department of Administrative
Reforms and Public Grievances (DARPG) in 2006.
g. The NeGP aims at improving delivery of Government services to citizens and businesses
with the following vision: “Make all Government services accessible to the common man
in his locality, through common service delivery outlets and ensure efficiency,
transparency & reliability of such services at affordable costs to realise the basic needs of
the common man
➢ Following are the advantages of E-Governance

h. Speed
i. Cost Reduction
j. Transparency
k. Accountability
l. Convenience
m. Improved Customer Service
n. Increased access to information
➢ Disadvantages of e-governance
o. Electronic governments also consist on certain disadvantage. The main disadvantage of
an electronic government is to move the government services into an electronic based
system. This system loses the person to person interaction which is valued by a lot of
people.
p. In addition, the implementation of an e-government service is that, with many technology
based services, it is often easy to make the excuse (e.g. the server has gone down) that
problems with the service provided are because of the technology.
q. The implementation of an e government does have certain constraints. Literacy of the

users and the ability to use the computer, users who do not know how to read and write
would need assistance. An example would be the senior citizens. In general, senior
citizens do not have much computer education and they would have to approach a
customer service officer for assistance. And also in case of rural people, it gives scope for
middle man, who distort the information.
r. Studies have shown that there is potential for a reduction in the usability of government
online due to factors such as the access to Internet technology and usability of services
and the ability to access to computers
s. Even though the level of confidence in the security offered by government web sites are
high, the public are still concerned over security, fear of spam from providing email
addresses, and government retention of transaction or interaction history. There has been
growing concern about the privacy of data being collected as part of UID project. The
security of cyber space and misuse of data is still holding back the citizens to full
adaptation of Aadhar card.
ASSIGNMENT
1. What is the meaning of e-governance?

2. How is E governance dealt under the IT act, 2000?
3. What are the advantages of E governance?
4. What are the disadvantages of E governance?
E contract
• Organisation for Economic Cooperation and Development (OECD) defines e-commerce as:
• “All forms of transactions relating to commercial activities, including both organizations and
individuals, which are based on the processing and transmission of digitized data including text,
sound, and visual images.”
• According to this view, E-commerce does not necessarily require the use of the Internet. E-
commerce includes all forms of transactions that process and transmit digitized data which
includes text, sound and visual images.
• E-commerce is the application of information technology and communication technology to three
basic activities related to commercial business, the three basic activities are as follows:
1. Production and support- which includes assisting production, distribution, and maintenance of
goods and services.
2. Transaction preparation- which includes getting product information into the market-place and
bringing buyers and sellers into contract with each other; and
3. Transaction completion- which includes concluding transactions, transferring payments, and
securing financial services.
➢ E-commerce can be categorised into six categories:

1. Business-to-Business (B2B) – B2B e-commerce consists of all kinds of electronic transactions,
dealings and business related to the goods and services that are conducted between two
companies.
2. Business-to-Consumer (B2C) – It is the most common form of e-commerce, and it deals with
electronic business relationships between businesses and consumers. This kind of e-commerce
allows consumers to shop around for the best prices, read customer reviews and find different
products that they would not find otherwise in the retail world.
3. Consumer-to-Consumer (C2C) – This level of e-commerce consists of all electronic transactions
that take place between consumers. This consists of electronic transactions of goods and services
between two customers and is mainly conducted through a third party that provides an online
platform for these transactions
4. Consumer-to-Business (C2B) – In C2B e-commerce, a consumer or an individual makes their
goods or services available online for companies to purchase, so, in this kind of e-commerce a
complete reversal of the selling and buying process takes place..
5. Business-to-Administration (B2A) – This e-commerce consists of electronic transactions that
takes place companies and bodies of public administration such as government. Therefore, the
B2A model is sometimes also referred to as B2G (Business-to-Government).
6. Consumer-to-Administration (C2A) – This e-commerce consists of electronic transactions that
takes place between people and bodies of public administration. This relationship allows access
for consumers to receive information, make payments, and establish direct communication
between the government or administrations and the consumers.
➢ Advantages of e-commerce
1. It’s a Business platform unaffected by the barrier of time and distance
2. Lowers the Cost of sale
3. Cheapest means of doing business
4. Less delivery time and less labor cost etc.
5. Provides solution by decimating cost in price fixation
➢ Buyer’s Advantages from E-Commerce
1. Reduction in the buyer’s sorting out time

2. Better buyer decision
3. Less time spent in resolving invoice and order discrepancies
4. Increased opportunities for buying alternative products
➢ Disadvantages of e-Commerce
1. Fewer people using E-commerce

2. Unable to personally or physically examine the product
3. Special and costly hardware and software are required
4. The website must be maintained and updated regularly
5. Skilled people are required to maintain the website
6. Not suitable for perishable commodities
ASSIGNMENT
1. What is the meaning of e-Commerce?
2. What are the different categories of e-Commerce?
3. What are the advantages and disadvantages of e-Commerce?
4. What do you mean by e-contracts and what are the Types of E-Contracts?
5. What is the validity of e contracts?

SUBJECT- CYBER LAWS
UNIT II
LECTURE 3-E-BANKING, E-TENDERING
VIDEO LINK :
1. https://www.youtube.com/watch?v=OU4ema4QXxo
2. https://www.youtube.com/watch?v=VkupLjmXMBU
3. https://www.youtube.com/watch?v=U8VsA-D6Yyw
Q 1 What is e banking. What are the three basic levels of e-banking services? (2018)
Q.2 What do you understand by e- tendering? Write down its types (2016)
Electronic banking
• Electronic banking has many names like e banking, virtual banking, online banking, or internet
banking. It is simply the use of electronic and telecommunications network for delivering various
banking products and services. Through e-banking, a customer can access his account and
conduct many transactions using his computer or mobile phone.
• Types of e banking
• Banks offer various types of services through electronic banking platforms. These are of three
types e banking
• Level 1 – This is the basic level of service that banks offer through their websites. Through this
service, the bank offers information about its products and services to customers. Further, some
banks may receive and reply to queries through e-mail too.
• Level 2 – In this level, banks allow their customers to submit instructions or applications for
different services, check their account balance, etc. However, banks do not permit their customers
to do any fund-based transactions on their accounts.
• Level 3 – In the third level, banks allow their customers to operate their accounts for funds
transfer, bill payments, and purchase and redeem securities, etc.
• Most traditional banks offer e-banking services as an additional method of providing service.
Further, many new banks deliver banking services primarily through the internet or other
electronic delivery channels. Also, some banks are ‘internet only’ banks without any physical
branch anywhere in the country.
➢ Importance of e-banking
Banks Customers Businesses

• Lesser transaction costs • Convenience • Account reviews
• A reduced margin for • Lower cost per transaction • Better productivity
human error • No geographical barriers • Lower costs
• Lesser paperwork • Lesser errors
• Reduced fixed costs • Reduced fraud
• More loyal customers
• E-banking in IndiaIn India, since 1997, when the ICICI Bank first offered internet banking
services, today, most new-generation banks offer the same to their customers. In fact, all major
banks provide e-banking services to their customers.
E-Tendering
• What are eTenders?

• eTenders or electronic tenders are an internet based process of floating tenders and
receiving quotes. The entire process of tendering right from the advertisement of the
tender to the selection of vendors is done online.
• eTenders are preferred by most government and private organizations because of their
transparency, speed of execution, efficiency and cost savings. e tenders allow these
organizations to reach to vendors throughout the world and get the best solutions to
address their issues. Moreover, increased competition among different vendors ensures
that these organizations get the most competitive rates.
Types of eTender
• Open tenders are the most common type of tenders by Government, Private and not-for-
profit organizations. The tendering authority publishes the advertisements for tender on
the official website.
• The advertisement consists of the key information about the project, last date for
submission of tender application, requirements to qualify for the tender, Earnest money
requirement, documents to be submitted along with the tender, and other relevant
information.
• Open tenders are published on the websites of the organization issuing the tender,
procurement pages of Government organizations and on tender portals.
• Selective tendering is an offer calling bids from only a few selected vendors. This is done
to improve the quality of bidding and reduce the time taken to evaluate the bids.
• The concerned authority publishing the tender document shortlists a few vendors
beforehand and sends the tender document only to these selected vendors. This process is
used for certain projects that require huge expertise and experience.
• Negotiation tendering is used for projects, which require specialized services. They are
more common in construction and engineering. The client approaches a contractor
directly and negotiates for the price and other terms of the project. This process is usually
used for a single contractor and sometimes can be scaled for up to three contractors.
What is the Process of eTender
Determining the Tender Process
• The organizations issuing the tenders will first decide what type of tender is to used.
Once the type of tender is finalized, the next step is to determine the method of seeking
information from the vendors. Some common methods of the tender process include
• Expression of Interest (EOI) - Expression of interest is used to shortlist interested vendors

before asking for detailed quotations. The issuing authority can then use the selective
tendering process and call for tenders from the interested parties. This helps to fasten the
process and get quality bids only from interested parties. EOI helps as a screening
process before accepting tenders.
• Request for Information (RFI)- Request for Information is used to collect information
about the requirements of the project and the solutions offered by vendors to meet the
requirements. It is a preliminary document that enables organizations to understand
project requirements and vendor capabilities. The organization can then determine the
next steps in the tendering process depending on the requirements.
• Request for Proposal (RFP)- Request for Proposal is a document that asks for a specific
action plan of vendors to manage a project. It contains clear information about the
different challenges in the project, the business goals of the project and the time limit for
completion of the project.
• Request for Quotation (RFQ)- Request for Quotations is a more specific document that
mentions the exact requirements of the organization and asks the vendors to quote their
prices to provide the product with exact specifications as mentioned in the RFQ. while
the RFP gives creative freedom to the vendors to provide innovative solutions, the RFQ
does not provide any scope for innovation.
• Once the tender process is determined, the issuing organization will then prepare a tender
request. The request for tender consists of relevant information about the project and the
process of submitting the tenders. Some common elements that are included in a request
for tender are
• Description of the goods or services to be procured, or the nature of the project to be

outsourced. The description includes the deliverables, deadlines, timelines, technical
specifications, and outcomes of the project.
• Eligibility criteria and the conditions to qualify for the tender. This includes experience,
expertise, capitalization, licenses and other conditions.
• Evaluation criteria outlining the procedure for the evaluation and shortlisting of tenders.
• Submission format to let the suppliers know the format to submit the tenders. It includes
the details required in the applications, documents to be submitted along with the tender,
and requirement of an earnest deposit. Some organizations may also provide templates to
let the suppliers know the format of tender submission.
• Deadlines of submission and other process information./li>
• Standard terms of the contract and other relevant information necessary for the vendors to
prepare their tender application.
• The next step is publishing the tenders. Government tenders are published in the official
websites of the government or the specific departments issuing the tender. Tenders from
Private organizations are published on their website.
• Some public and private organizations also subscribe to the services of tender portals, to
reach global suppliers and get competitive bids. These tender sites have a comprehensive
database of suppliers and ensure that the tender advertisement reaches the targeted
suppliers. Hiring the services of an e tender portal also helps organizations to reduce
costs and get expert guidance for their tender project.
• Once the eTender is published, the issuing authority will then receive the response from
the interested suppliers. Evaluation of the Tender and Selection After the deadline to
submit the tenders is over, the issuing organization will check each tender for compliance
with the guidelines and evaluate it on the basis of the evaluation criteria.
Benefits of e Tenders
• Reduced Costs
• Transparency
• Increased Productivity
• No Paperwork
• Increased Speed
• Live Tender
• Standardized Process
• Low Scope of Errors
• Proactive Approach
ASSIGNMENT
4. What are the three basic levels of e-banking services?
5. What is e-banking?
6. What are the Types of e banking?
7. What is the importance of e banking?
8. What do you understand by e- tendering? Write down its types.

SUBJECT- CYBER LAWS
UNIT II
LECTURE 4-DIGITAL AND ELECTRONIC SIGNATURES, CONTROLLER AND SUBSCRIBER
VIDEO LINK : https://www.youtube.com/watch?v=VO-hDEhYrNI
1. State the difference between electronic and digital signature (2018,2019)
2. What do you understand by Controller. Write down its duties as given u der IT Act,
2000
NOTES
• The introduction of signatures has provided a definite identity to the individuals and
allowed the corporate sector and other individuals to function in a manner faster, keeping
pace with the ongoing technology. The signatures have by far played a huge role in
individual’s decision making and enabling consent at a much larger value.
• In olden times, every individual or the authorised signatory had to go through the
document entirely and then provide his assent. This created enough hurdles amongst the
organisations to keep up with the pace of the signatory and revolve around his/her
timeline. Authorised Signatory may not be at a particular place and still allow his assent.
Technology has duly provided his boon.
• In advancement of the growing industrial era, the United Nations in 1998 made an
observation that increasing transactions in cyberspace over the recent years made it very
necessary to have a legal framework dealing with e-signatures. It was the stringent laws
for e-signature and the development of cyber laws were seen as the need of the hour.
•
• Electronic signature
• Electronic Signature provides an electronic representation of the individual’s identity that
provides the proof of consent and assents to the facts of the given signature.
• In toto, it’s an approval from the signatory that he assents to the written format of the
same electronically. It is important to ensure that it is coming from the authorised
signatory and has made no modifications to the document.
• The European Union Regulation 910/214 defines and regulates electronic signature
as “in electronic form which is attached to or logically associated with other data in
electronic form and used by the signatory to sign”
• Concept of Digital Signature
• A signature is a symbolic and essential representation of one’s identity. Signature of a
person holds a very significant place in the field of law as well as while carrying out
transactions.
• When a person signs a particular document, it means that such a person has read the
whole document carefully, has verified the facts and is aware of the contents of the
document and therefore is giving his assent to the best of his knowledge.
• Under the contract law also, signature holds a vital position as it is considered as a sign of
acceptance of an offer. The Conventional form of signatures has evolved a lot due to
technological advancement.
• With the increased usage of online transactions and e-mails, the risk of the data being
hacked has also increased. Hence, the concept of online signatures has become relatively
important.
• Sec 2 (ta) of Information Technology Act 2000 had defines electronic signature
as:“Authentication of any electronic record by a subscriber by means of the electronic
technique specified in the second schedule and includes digital signature.”
➢ Types of electronic signature

• Since Electronic Signature is more of an unsecured type of signature, there are affixations
that are marked in the end for reference. However, as stated earlier, they can be easily
tampered and not provide much of the focus on the authenticity of the Identity. Following
are the types of Electronic Signature:
1) Email Signature– Just merely typing one’s name or symbol in the end of an email or sending
a message on letterhead, they can easily be forged by anyone else.
2) Web Based Signature– In many organizations, the Company dons many hats with regards to
activities conducted in the Organizations, this may make the organization fall for Web-based
clickwrap contracts in which the acceptance is made merely by clicking a single button. Such
signatures bind the party even if they were conned fraudulently.
Secured Signature
This includes the signatures which are digitally secured and also which have more legal weightage.
Digital Signature
• According to section 2(1)(p) of the Information Technology Act, 2000 digital signature means the
authentication of any electronic record by a person who has subscribed for the digital signature in
accordance to the procedure mentioned under section 3 of the same act.
• Section 5 of the Information Technology Act, 2000 gives legal recognition to digital signatures
S.No Electronic Signature Digital Signature
It has been defined under Section 2(1)(ta) It has been defined under Section 2(1)(p) of the
of the Information Technology Act, 2000. Information Technology Act, 2000.
It is technologically neutral, ie. no specific

It follows a technology-specific approach such as
2. technological process is to be followed to
usage of hash functions etc.
create an electronic signature.
It uses public key cryptography system to sign up

It can be created by using various for a particular message which requires a pair of
3. available technologies like attaching a keys ie. a private key for encryption and a public
picture of your signature. key for decryption, computed by using a hash
function.
It can be in the form of a name typed at

It involves the usage of Cryptographic system of
the end of an email, a digital version of a
4. constructing the signature with a two-way
handwritten signature in the form of an
protection system.
attachment, a code or even a fingerprint.
It is less authentic as compared to the It has more authenticity as compared to the

5.
digital signature. electronic signature.
6. It is verified through the signer’s identity. It has a certificate-based digital 10 verification.
7. It is used for verifying a document. It is used as a means for securing a document.
8. It has no expiration or validity period. It is valid up to a maximum of three years.
9. It is easily vulnerable to tampering. It is more secure and highly reliable.

Controller
• According to section (m) of IT Act 2000 , “Controller” means the Controller of Certifying
Authorities appointed under sub-section (l) of section 17;
➢ Appointment of Controller
• Section 17 talks about the appointment of the controller, deputy controllers, assistant
controllers, and other employees of certifying authorities. The deputy controllers and assistant
controllers are under the control of the controller and perform the functions as specified by
him. The term, qualifications, experience and conditions of service of the Controller of certifying
authorities will be determined by the Central Government. It will also decide the place of the
head office of the Controller.
➢ Functions of the Controller

• According to Section 18, the following are the functions of the Controller of certifying authority:
• He supervises all the activities of certifying authorities.
• Public keys are certified by him.
• He lays down the rules and standards to be followed by certifying authorities.
• He specifies the qualifications and experience required to become an employee of a certifying
authority.
• He specifies the procedure to be followed in maintaining the accounts of authority.
• He determines the terms and conditions of the appointment of auditors.
• He supervises the conduct of businesses and dealings of the authorities.
• He facilitates the establishment of an electronic system jointly or solely.
• He maintains all the particulars of the certifying authorities and specifies the duties of the
officers.
• He has to resolve any kind of conflict between the authorities and subscribers.
• All information and official documents issued by the authorities must bear the seal of the office
of the Controller.
Subscriber
➢ What is a subscriber in IT Act?

• According to section (zg) “subscriber” means a person in whose name the [Electronic
Signature] Certificate is issued;
➢ Duties of subscribers (Section 40-42)
• Section 40. Generating key pair.
• Where any Digital Signature Certificate, the public key of which corresponds to the private
key of that subscriber which is to be listed in the Digital Signature Certificate has been
accepted by a subscriber, then, the subscriber shall generate the key pair by applying the
security procedure.
• Section 41. Acceptance of Digital Signature Certificate. (
1) A subscriber shall be deemed to have accepted a Digital Signature Certificate if he publishes

or authorises the publication of a Digital Signature Certificate— (a) to one or more persons; (b)
in a repository, or otherwise demonstrates his approval of the Digital Signature Certificate in any
manner.
(2) By accepting a Digital Signature Certificate the subscriber certifies to all who reasonably rely
on the information contained in the Digital Signature Certificate that—
(a) the subscriber holds the private key corresponding to the public key listed in the Digital
Signature Certificate and is entitled to hold the same;
(b) all representations made by the subscriber to the Certifying Authority and all material
relevant to the information contained in the Digital Signature Certificate are true;
(c) all information in the Digital Signature Certificate that is within the knowledge of the
subscriber is true.
• Section 42. Control of private key.

(1) Every subscriber shall exercise reasonable care to retain control of the private key
corresponding to the public key listed in his Digital Signature Certificate and take all steps to
prevent its disclosure to a person not authorised to affix the digital signature of the subscriber.
(2) If the private key corresponding to the public key listed in the Digital Signature Certificate
has been compromised, then, the subscriber shall communicate the same without any delay to
the Certifying Authority in such manner as may be specified by .the regulations. Explanation. —
For the removal of doubts, it is hereby declared that the subscriber shall be liable till he has
informed the Certifying Authority that the private key has been compromised.
ASSIGNMENT
1. What do you mean by Electronic Signature?

2. What do you mean by Digital Signature?
3. What are the differences between Electronic Signature and Digital Signature?
UNIT -2
LECTURE -5 CERTIFYING AUTHORITIES , COMPUTER EMERGENCE RESPONSE

TEAM
YOUTUBE LINK: https://www.youtube.com/watch?v=Ym2ndy3MSbM
PREVIOUS YEAR QUESTION PAPER ASKED IN LUCKNOW UNIVERSITY
Q.1 What are the role of Cyber Authority as given under Information Technology Act,
2000 ( 2018)
Q.2 Write a short notes Computer Emergency Response Team.(2016)
Certifying Authorities
➢ Introduction:
• The IT Act accommodates the Controller of Certifying Authorities(CCA) to permit and
direct the working of Certifying Authorities. The Certifying Authorities (CAs) issue
computerized signature testaments for electronic confirmation of clients. The Controller
of Certifying Authorities (CCA) has been named by the Central Government under
Section 17 of the Act for reasons for the IT Act.
• The Office of the CCA appeared on November 1, 2000. It targets advancing the
development of E-Commerce and E-Governance through the wide utilization of
computerized marks.
• The Controller of Certifying Authorities (CCA) has set up the Root Certifying Authority
(RCAI) of India under segment 18(b) of the IT Act to carefully sign the open keys of
Certifying Authorities (CA) in the nation. The RCAI is worked according to the gauges
set down under the Act.
• The CCA guarantees the open keys of CAs utilizing its own private key, which
empowers clients in the internet to confirm that a given testament is given by an
authorized CA. For this reason it works, the Root Certifying Authority of India (RCAI).
The CCA likewise keeps up the Repository of Digital Certificates, which contains all the
authentications gave to the CAs in the nation.
➢ Role of Certifying Authorities:

• Certificate Authority (CA) is a confided in substance that issues Digital Certificates and
open private key sets. The job of the Certificate Authority (CA) is to ensure that the
individual allowed the extraordinary authentication is, truth be told, who the individual in
question professes to be.
• The Certificate Authority (CA) checks that the proprietor of the declaration is who he
says he is. A Certificate Authority (CA) can be a confided in outsider which is
answerable for genuinely confirming the authenticity of the personality of an individual
or association before giving an advanced authentication. A Certificate Authority (CA)
can be an outer (open) Certificate Authority (CA) like verisign, thawte or comodo, or an
inward (private) Certificate Authority (CA) arranged inside our system. Certificate
Authority (CA) is a basic security administration in a system.
• A Certificate Authority (CA) plays out the accompanying capacities. A Controller plays
out a few or the entirety of the following roles:
1. Administer the exercises of the Certifying Authorities and furthermore confirm their open
keys.
2. Set out the guidelines that the Certifying Authorities follow.
3. Determine the accompanying capabilities and furthermore experience necessities of the
workers of all Certifying Authorities conditions that the Certifying Authorities must
follow for directing business the substance of the printed, composed, and furthermore
visual materials and ads in regard of the advanced mark and the open key the structure
and substance of an advanced mark declaration and the key the structure and way where
the Certifying Authorities look after records terms and conditions for the arrangement of
examiners and their compensation.
4. Encourage the Certifying Authority to set up an electronic framework, either exclusively
or together with other Certifying Authorities and its guideline.
5. Indicate the way where the Certifying Authorities manage the endorsers.
6. Resolve any irreconcilable situation between the Certifying Authorities and the
endorsers.
7. Set out the obligations of the Certifying Authorities.
8. Keep up a database containing the revelation record of each Certifying Authority with all
the subtleties according to guidelines. Further, this database is open to the general
population.
• Certificate Authority (CA) Verifies the personality: The Certificate Authority (CA)
must approve the character of the element who mentioned a computerized
authentication before giving it.
• Certificate Authority (CA) issues computerized testaments: Once the approval
procedure is finished, the Certificate Authority (CA) gives the advanced
authentication to the element who requested it. Computerized declarations can be
utilized for encryption (Example: Encrypting web traffic), code marking,
authentication and so on. Certificate Authority (CA) keeps up Certificate Revocation
List (CRL): The Certificate Authority (CA) keeps up Certificate Revocation List
(CRL).
• An authentication repudiation list (CRL) is a rundown of computerized testaments
which are not, at this point legitimate and have been disavowed and subsequently
ought not be depended by anybody. A Certificate Authority (CA) is a selective
element which issues and signs SSL endorsements, confirming and guaranteeing the
reliability of their proprietors.
• All CAs are individuals from the CA/B Forum (Certificate Authority and Browser
Forum), being subjects to industry guidelines, principles, and prerequisites, and are
every year examined to guarantee their consistence. The CA is a basic component
when talking about SSL Certificates.
• The CA recognizes and verifies the character of the SSL Certificate’s proprietor when
giving and marking the SSL Certificate. In view of the SSL Certificate’s sort, the CA
completely checks the candidate’s area name, business and individual data, and
different qualifications before giving the testament.
➢ Conclusion:
• An entity or individual who needs a digitalized testament can demand one from an
authentication authority; when the endorsement authority confirms the candidate’s
character, it creates an advanced declaration for the candidate and carefully signs that
authentication with the endorsement authority’s private key.
• The computerized endorsement would then be able to be verified (for instance, by an
internet browser) utilizing the authentication authority’s open key.
• The certificate authority’s root endorsement ought to never be utilized straightforwardly
for marking digitalized testaments, yet rather is utilized to create middle authentications
varying; distinctive halfway testaments are produced for various purposes. For instance, a
CA supplier may utilize a middle of the road endorsement to sign every computerized
testament created for various degrees of trust, or a different transitional authentication to
be utilized for every single advanced declaration produced for a specific client
association.
The Indian Computer Emergency Response Team
Ministry of Electronics and Information Technology, WhatsApp, Facebook, and Indian

Computer Emergency Response Team (CERT-In)
• Facebook and Indian Computer Emergency Response Team CERT-In

• The Indian Computer Emergency Response Team (CERT-In) is a ministry of India agency
situated inside the Department of Information and Communications Technology
• Under Section 70B of the Information Technology Act of 2000, as amended in 2008, the Indian
Computer Emergency Response Team (CERT-In) is the country’s nodal agency (IT Act, 2000)
to deal with cyber-threats such as hacking and phishing. It serves as the focal point for
responding to cyber security threats such as hacking and phishing. It increases the Indian Internet
domain’s security defences
• CERT-In IT act section in section 70B of the Act, as well as many other functions delegated to it
from period to period
• (CERT-In) detected a major issue in Android Jelly Bean’s VPN functionality in March 2014.
CERT-In has been functioning since January 2004. The Indian Cyber Community is CERT-In
empanelled
• CERT-In empanelled auditors list is a testament to the technical skill of the Security Brigade in
performing information security audits. Security Brigade is certified to undertake security
assessments of websites, networks, and apps as a CERT-In empanelled auditors list
• The operational scope of CERT-In includes everything from being the first responder to
cybersecurity crises to educating diverse stakeholders on best practises for securing the nation’s
cyberinfrastructure. This is the first of a series of articles that will look at the proactive, reactive,
and training mandates of CERT-In, noting significant areas where they can be improved and
providing normative means to implement those improvements
Functions:
• CERT-In cyber security work to get information on cyber events is gathered, analysed, and
disseminated
• Cyber security incident forecasting and alerting
• Emergency response procedures for cyber security issues
• Coordination of operations related to cyber incidents
• Published guidelines, advisories, vulnerability notes, and whitepapers on information security
policies, processes, incident prevention, response, and reporting
• Other cybersecurity-related responsibilities may be required
Recent Cases:
Whatsapp and Indian Computer Emergency Response Team (CERT-In):
• The Indian Computer Emergency Response Team (CERT-In) has given an admonition to
WhatsApp clients in India of a few weaknesses in the texting stage that may bring about the
trade-off of delicate client information and individual data
• The CERT-In says in a high seriousness advisory that the weaknesses were found in explicit
adaptations of WhatsApp and WhatsApp Business for both the Android and iOS stages
• As per CERT-In, the weaknesses in WhatsApp happen because of a store arrangement issue and
a missing sound unravelling pipeline, which may permit programmers to run discretionary code
or access touchy data on a designated machine
• To mitigate the danger, the government’s cybersecurity office has urged users to upgrade their
WhatsApp applications on Android and IOS to the most recent versions. This is not the first time
CERT-In has issued an advisory with a “high” severity rating, alerting users of several
vulnerabilities in the instant messaging platform
• Last November, the cybersecurity agency issued a similar warning to consumers, informing them
that it had discovered two significant vulnerabilities: notably improper access control and user-
after-free
• CERT-In previously alerted WhatsApp users to a buffer overflow vulnerability in the platform,
which enabled an attacker to remotely target a machine using a specially designed MP4 audio or
video file
• At the time, the CERT-In cautioned that successful exploitation of this vulnerability might result
in remote code execution or denial of service circumstances for users
Facebook and Indian Computer Emergency Response Team (CERT-In):
• The administration’s premier cyber defenceorganisation, CERT-In, has urged Facebook users to
safeguard their profile details after it was discovered that personally identifiable information of
533 million Facebook users worldwide, including 6.1 million users in India, was supposedly
leaked on the internet and freely distributed on cyber-attack forums
• The Computer Emergency Response Team issued a warning stating that it has been reported that
a large-scale breach of Facebook profile information occurred internationally
• Email addresses, profile IDs, complete names, work titles, phone numbers, and birth dates are all
revealed
• According to Facebook, the scraped data does not contain financial, health, or password
information
• Additionally, the firm said based on its analysis, threat actors scraped this data before September
2019 by using Facebook’s “contact Importer” tool, which enables users to locate other members
through their phone numbers
Conclusion
• For cyber security, the Indian Computer Emergency Response Team (CERT-In) has
formed agreements with peers in Malaysia, Singapore, and Japan. The Memorandums of
Understanding (MoUs) would foster greater cooperation between India and the three
nations for the exchange of information and experience in the detection, resolution, and
prevention of surveillance incidents.
• CERT-In functions to improve the efficacy of cyber security in the country and strives to
prevent and respond to Cyber threats.
Lecture -6CYBER AUTHOTIES
YOUTUBE LINK: https://www.youtube.com/watch?v=B54PFnPFv5Q
Q.1 What do you understand by Cyber Authorities.
Cyber Authorities
• CERT-In CERT-In, the national nodal agency responsible for prompt responses to the
cybersecurity incidents, started official operations back in January 2004.
• In the latest reforms of the Information Technology Amendment Act, the Indian
Computer Emergency Response Team was officially designated as the national agency
for cybersecurity preservation.
• The body acted as the primary task force responsible for: Alerts and forecasts preventing
cybersecurity incidents Defining emergency measures to tackle and mitigate the effects
of cyber risks Collection, analysis, and responsible dissemination of data on cyber threats
Constant coordination of cyber response activities Issuing best practices, guidelines, and
precautions in the public interest for better reporting and management of cyber incidents
➢ CRAT
• Cyber Regulations Appellate Tribunal (CRAT) covered under the IT Act, 2000, is the
chief governing body established by the Central Government based on the provisions of
Section 48(1).
• The Central Government notifies all the relevant cybersecurity breaches to them, which
fall under the jurisdiction of the Tribunal.
• The power of the Tribunal matches that of the Civil Court covered under the Code of
Civil Procedure, 1908: Enforcing and summoning the attendance of people to be
examined under oath Ensuring that all related electronic records and documents are
available Demanding evidence on affidavits Issuing commissions for regular examination
of documents and witnesses Reviewing the decisions based on the nitty-gritty of the
incident Dismissing the defaulter’s applications or declaring it ex-parte
➢ PCI DSS
• The prevalence of digital transactions has escalated the cyber risks nation-wide,
creating havoc. PCI-DSS regulations apply to all the entities dealing with online
transactions.
• The banking stalwarts, including American Express, Visa, Discover, and MasterCard
– joined hands to combat the cyber identity thefts related to credit card frauds.
• PCI-DSS does not force down any fines or government mandates, but it does
standardize all security goals for online transactions. This regulation thrives under
positive reinforcement to demonstrate complete adherence to customer data security
expectations.
• However, all companies involved in processing, storing, or transmitting credit card
data are recommended to ensure its compliance – to win over customer confidence.
➢ Reserve Bank of India Act 2018
• RBI issued elaborate cybersecurity guidelines that restricted and tested the operations of
all urban co-operative banks (UCBs), carefully assessing the evolving IT risk factors.
• The level of technology adoption and digitization varies across banks and sectors – the
RBI Act aims to standardize the security frameworks for all of them. All UCBs need to
explicitly jot down their cybersecurity policy, post the approval of their Board or
Administrator.
• Following these guidelines is essential to establish reliable cyber-risk free banking
institutions to fight the growing business complexities. While assessing the inherent
cyber risks, UCBs should carefully test the adopted technologies, digital products offered,
delivery channels, and other external and internal threats.
• With the nature of risks getting diversified and intensified, the traditional Business
Continuity or Disaster Recovery arrangements may not suffice. UCBs need to promptly
detect all cyber-intrusions so as to recover/respond/contain the impact of the cyber-
attacks. Must Read- Understanding the DSCI Security Framework
➢ IRDA
• In the wake of the escalating cyberattacks on the financial institutes, the Insurance
Regulatory Authority of India rolled out a comprehensive cybersecurity framework
upholding the security of the insurers.
• The directives passed by IRDA focuses on the mitigation of external as well as internal
threats, preventing cyber frauds, establishing robust business continuity, and risk
assessment plan to bolster the backbone of shaping a secured Fintech industry.
• The key focus areas for the insurance industry remains: Online transaction and
messaging frauds Data leakage IPR violations risk Ransomware attack
➢ DOT
• The Department of Telecommunication has also tightened its claws on cybercrime, data
privacy, and consumer security. The designated officials of TRAI (Telecom Regulatory
Authority of India) and DOT have amended the cyber laws, underlying their
responsibility towards consumer data – as the most critical online transactions are
conducted via mobile phones.
• TRAI, the telecom industry watchdog, is renamed as the Digital Communications
Regulatory Authority of India – with modified and intensified powers. The DOT remains
to function as an inter-ministerial body, with the telecom secretary as the highest
decision-making authority of the nation.
• The DOT, in collaboration with the IT ministry, prefers a layered consent architecture
focusing on secure personal data processing. The companies have limited rights to collect
only the required consumer details after stating the purpose of collection. Further, the
data can be stored only for as long as it is necessary.
• DOT has confirmed that the internet users will be the final decision-makers on the usage
of personal data, topped with their right to withdraw their consent anytime.
➢ SEBI
• In 2018 and 2019, SEBI declared meticulous guidelines for organizations falling within
its purview, including Depository Participants, Stock Brokers, Asset Management
Companies (AMCs), Stock Exchanges, Mutual Funds, Clearing Corporations and
Depositories.
• Dec 03, 2018: SEBI launched Guidelines for Depository Participants and Stock Brokers.
Jan 10, 2019, SEBI launched Guidelines for Asset Management Companies and Mutual
Funds. Dec 07, 2018, SEBI Guidelines for Clearing Corporations, Stock Exchanges, and
Depositories.
• All these guidelines strictly focused on ensuring customer data security and reliability –
limiting the rights of all these organizations.
➢ HIPAA
• When it comes to cybersecurity concerns, the healthcare industry has always been
comparatively slow to adjust. Health Insurance Portability and Accountability Act
outlines all prerequisites to prioritize the personal medical history of patients and clients.
• Medical data of a person is probably the most private one, and HIPAA safeguards it from
the vicious hackers and spammers. Fortunately, the steps to create a sturdy cybersecurity
framework for healthcare organizations are not outlandish.
• In fact, healthcare organizations can follow simple steps like access limitations, virus
control, and firewalls, to stay secure.
➢ SANS 20
• With the flash of cyber frauds and web theft reports stressing out the organizations today,
the pressure to maintain user data security is beyond imagination.
• As a response to this, the SANS Institute, working with the Center for Internet Security
(CIS), created a comprehensive well-researched security framework—the Critical
Security Controls (CSC) for Effective Cyber Defense (referred to as the SANS Top 20).
• SANS 20 helps companies to prioritize and focus on activities that are usable, scalable,
implementable, and match the required security standards. These recommended measures
form the skeleton for many other regulations & compliance frameworks, including PCI
DSS 3.1, NIST 800-53, ISO 27002, CSA, and HIPAA.
Unit 3
Lecture -1 Cyber Hacking, Cyber terrorism, Cyber stalking, Child Pornography
YouTube link- https://www.youtube.com/watch?v=z9qTtZOVSs8
Q 1 What do you understand by Cyber Hacking . What are the methods of Cyber Hacking (2016)
Q 2 Write down in detail about Cyber terrorism with case laws.( 2018)
Cyber Hacking
• Hacking is nothing but identifying weakness in computer systems or networks to exploit it to

gain access to its data and sources. Hacking is an attempt to invade a private/public/
corporation/organisations network via computer to gather information without permission.
• In simple words, it is the unauthorised or unconsented access to or control over the computer
network and security systems for some wrong or illicit needs and purpose.
• It is the deliberate and intentional access or infiltration of a computer program without valid
consent from its owner.
• It affects all arms and feet of information and communication technology of an entity. These
include threats through the web, communications, and email, social media scams, data
breaches, cloud and data storage compromises, and critical data breaches.
• The sole objective of hackers is to steal confidential data or embezzlement of funds causing
business disruptions, etc.
• Hacking can be caused in different ways and with the advancement of technology, new methods
of hacking are coming up every day. Some of the renowned methods of hacking are discussed
below
➢ Methods of hacking
• Phishing – This simply means duplicating the original website to gain access to the users’
information like account password, credit card details etc. It is the most common hacking
technique in which the hackers will either send you a fake message with a fake invoice or ask to
confirm some personal information or entice the person with some free stuff.
• Virus attack – By this method of hacking, the hackers release the virus into the files of the
website which can corrupt or destroy the important information stored in our computer if they
are downloaded or get inside our computer system.
• UI redress – In this method, a fake user interface is created by which when the user clicks on it,
it redirects them to another vulnerable website. For instance, if we have to download a song, as
soon as we click on the “download” tab, a new page is redirected which is usually a fake
website.
• Cookie theft – Sometimes, the website containing information about the users in the form of
cookies is hacked using special tools. These cookies can be decrypted and read to reveal one’s
identity which can be further used to impersonate the person online. Cookies are generally
stored as plain text or in some form of encryption.
• DNS spoofing – The cache data of a website which the user might have forgotten is used by
hackers to gather information about users. Here, a user is forced to navigate to a fake website
disguised to look like a real one, with the intention of diverting traffic or stealing the credentials
of the users.
➢ Indian legal provisions for hacking

• Section 43 and Section 66 of the Information Technology Act, 2000 cover the civil and criminal
offenses of data theft and hacking respectively.
• According to Section 66 of the IT Act, the following are the essentials for an offence to count as
hacking:
• There should be the malicious intention of the accused to tamper or break into the computer of
the other person and steal or destroy its data or sources.
• A wrongful act or damage to the data must be done pursuant to the wrong intention.
• According to Section 378 of the Indian Penal Code,1860 which relates to “theft” of movable
property also applies to theft of any data online or otherwise with the two most important parts
of crime i.e., mens rea and actusreus.
• When a person takes away or steals the information in order to move it away from the access of
the authorised user, it can be termed as theft under Section 378 of IPC. If such an act fulfills all
the essentials of the theft, the act committed will attract penal consequences under IPC as well.
• Furthermore, laws of torts as well, such as trespass to the person and property,can be applied,
as well, since there is trespass to a computer system which is an intangible property. Therefore,
any kind of unauthorised intrusion in the computer sources governed by a bad intention can
come under the purview of criminal trespass which can make a person liable for the tortious
liability as well.
➢ Punishment
• Under the Information and Technology Act, According to Section 66, the punishment is
imprisonment up to 3 years, or a fine which may extend up to 2 lakh rupees, or both.
• According to Section 43, liability is to pay damages by way of compensation to the person
affected by the stealing of the data. Section 66B entails punishment for receiving stolen
computer resources or information.
• The punishment includes imprisonment for one year or a fine of rupees one lakh or both. The
maximum punishment for theft under Section 378 of the IPC is imprisonment of up to 3 (three)
years or a fine or both.
➢ Case law
Jagjeet Singh v. The State of Punjab
• In this case, it was alleged by the company that some of its ex-employees have stolen their
content and databases and transferred it to some other company. The main issue in the case
was whether the petitioner can invoke the non-bailable offences under IPC i.e, data theft and
hacking?
• Verdict – The apex court held that in cases of data theft and hacking, the offences under the
Indian Penal Code will also be applied along with the penal provisions of the IT Act, and this
would not exclude the application of the IPC. This shows the gravity with which the judiciary has
regarded the crime of hacking holding hackers or the culprits liable under two acts i.e., IPC and
IT Act.
Kumar v. Whiteley
• Facts
The accused, i.e Kumar gained unauthorised access to the Joint Academic Network (JANET) and
deleted, added files, and changed the passwords to deny access to the authorised users which
led to a loss of Rs 38,248 to the users.
• Verdict
The Additional Chief Metropolitan Magistrate of Chennai sentenced N G Arun Kumar, the
accused to undergo rigorous imprisonment for one year with a fine of Rs 5,000 under Section
420 IPC (cheating) and Section 66 of the IT Act (Computer related Offense).
Cyber terrorism
➢ Definition of cyber terrorism:

• Cyber terrorism is unlawful attacks and threat of attacks against computers, networks, and
information stored therein, that is carried out to intimidate or coerce a government or its
people in furtherance of some political or social objectives.
• It is the 'premeditated, politically motivated attacks by sub-national groups or clandestine
agents against information, computer systems, computer programs and data that results in
violence against non-combatant targets.’
• It aims at seriously affecting information systems of private companies and government
ministries and agencies by gaining illegal access to their computer networks and destroying
data.
• Cyber terrorism, as a small landmass of the vast territory of terrorism, uses cyberspace as a
target or means, or even a weapon, to achieve the predetermined terrorist goal.
• In other words, it is the unlawful disruption or destruction of digital property to coerce or
intimidate governments or societies in the pursuit of religious, political or ideological goals.
• It is an act of politically influenced violence involving physical damage or even personal injury,
occasioned by remote digital interference with technology systems.
• Cyber terrorism not only damages systems but also includes intelligence gathering and
disinformation. It even exists beyond the boundaries of cyberspace and incorporates physical
devastation of infrastructure.
• The NATO defines cyber terrorism as ‘cyber attack using or exploiting computer or
communication networks to cause sufficient destruction or disruption to generate fear or
intimidate a society into an ideological goal’.
• The most acknowledged definition of cyber terrorism is of Professor Dorothy E. Denning, as an
unlawful attack against computer networks to cause violence against any property or person(s),
intending to intimidate a government.
➢ Objectives:
• To study the Conecpt of Cyber crimes or Cyber Terrorism.
• Cyber terrorism in India and its punishment in Indian Law.
• Initiatives taken by World and our country for the Cyber terrorisms.
➢ There are various incidents of Cyber Terrorism in our Country and some are mention below:
• In 1998, etlinic Tamil guemllas swamped Sri Lankan embassies with 800 e-mails a day over a
two-week period. The messages read “We are the Internet Black Tigers and we’re doing this to
disrupt your communications.” Intelligence authorities characterized it as the first known attack
by terrorists against a country’s computer systems.
• During the Kosovo conflict in 1999, NATO computers were blastewitli e-mail bombs and hit with
denial-of-service attacks by hacktivists protesting the NATO bombings.
• In addition, businesses, public organizations, and academic institutes received highly politicized
virus-laden e-raaiis from a range of Eastern European countries according to reports. Web
defacements were also common.
• One of the worst incidents of cyber teirorists at work was when crackers in Romania illegally
gained access to the computers controlling the life support systems at an Antarctic research
station, endangering the 58 scientists involved.
• More recently, in May 2007 Estonia was subjected to a mass cyber attack by hackers inside the
Russian Federation wliich some evidence suggests was coordinated by the Russian government,
though Russian officials deny any knowledge of this. This attack was apparently in response to
the removal of a Russian World War II war memorial from downtown Estonia.
➢ Initiatives Taken In India:

➢ Information Technology Act: Cyber terror Law of India
• The Information Technology Act (hereafter the Act) sanctions legal provisions concerning cyber
terrorism. Section 66F of the Act enacts legislative framework over cyber terrorism. It provides
for punishment, extending to life imprisonment, for cyber terrorism, along with three essential
Cyber stalking
• Cyber stalking is a type of a crime. In the cyber stalking there is a involvement of two persons-
Firstly, the stalker is also known as attacker who do the crime & Secondly, the Victim who is
harassed by that stalker.
• Cyber stalking is also known as cyber crime. Cyber which is related to the internet and the
stalking means to browsing anyone’s online history with the help of any social media or in other
websites to know about that particular person is term as stalking.
• The cyber stalking cases are dealt in India by the:

• Information technology act 2000.
• The criminal law (Amendment) act 2013.
• Information Technology Act 2000

• If any person is publishing or sending any salacious material in the form of electronic media is to
be charged under section 67 of the Act. This dose not involves the determination of the extent
of liability of ISP (internet service providers) and their directors.
• For the preclusion of cyber stalking the protection of the data is very important, which gets
leaked easily by the hackers. According to the amended IT act, section 43 A is added for the
inclusion of a Body corporate”, the allowing of the compensation in the case of a firm or a
company which causes any wrongful losses or gain to any person by the way of transmitting any
sensitive information and the maintenance of such type of security, then such body corporate
shall be liable to pay damages by way of compensation.
• The Information Technology Act, 2000 also comes into picture when the cyberstalker posts or
sends any obscene content to the victim.
• Section 67 of the Information Technology Act states that when any obscene material is
published, transmitted or caused to be published in any electronic form, then it is a crime of
obscenity, punishable with imprisonment for up to 5 years with fine of up to Rs. 1 lakh. A second
or subsequent conviction is punishable by imprisonment for up to 10 years with a fine of up to
Rs. 2 lakh.
• Section 500 of the Indian Penal Code that deals with defamation, can be applied in case of cyber
stalking in India if the stalker forges the victim’s personal information to post an obscene
message or comment on any electronic media. Section 500 criminalises publishing any false
statement against a person or harming the person’s reputation and provides punishment for
any such act with imprisonment up to 2 years, fine or both.
• The first ever complaint against cyber stalking in India was filed by RituKohli in 2003, whose
name and contact information was posted by her husband’s friend on a chatting site, without
her permission. She filed a complaint with the cyber cell in India under Section 509 of the Indian
Penal Code for outraging her modesty.
• The crime of cyber stalking in India is prominently increasing, with new cases of internet stalking
every day. With ease in accessing personal information of a person online, cybercriminals are
easily able to stalk and harass a person.
• The criminal law (Amendment) Act, 2013

• The act includes Stalking” as an offence under Section 35D of the IPC(Indian penal code).
Child pornography
• Child pornography is an illegal act in India. Information Technology Act, 2000 & Indian Penal
Code, 1860 gives protection against the child pornography. Child refers to the person who is
below the age of 18 years.
• The Internet is being highly used by its abusers to reach and abuse children sexually, globally.
The internet is becoming a household commodity in India. It’s explosion has made the children a
viable victim to the cyber crime.
• As more homes have access to internet, more children would be using the internet and more
are the chances of falling victim to the aggression of pedophiles. The easy access to the
pornographic contents readily and freely available over the internet lowers the inhibitions of the
children.
• Pedophiles lure the children by distributing pornographic material, then they try to meet them
for sex or to take their nude photographs including their engagement in sexual positions.
Sometimes Pedophiles contact children in the chat rooms posing as teenagers or a child of
similar age, then they start becoming friendlier with them and win their confidence.
• Then slowly pedophiles start sexual chat to help children shed their inhibitions about sex and
then call them out for personal interaction. The Information Technology Act is set of rules to
make it illegal to not only transmit or create child pornography in electronic form, but even to
surf it The above section covers websites, graphics files, SMS, MMS, digital photographs etc..
• The punishment for a first offence of publishing, creating, exchanging, downloading or browsing
any electronic depiction of children in obscene or indecent or sexually explicit manner is
imprisonment for 5years and a fine of Rs 10 lakh. Section 67 of the Information and technology
Act deals with publishing obscene information in electronic form.
• Section 67 along with section 67A does not apply to any book, pamphlet, paper, writing,
drawing, painting, representation or figure in electronic form which is used for religious
purposes or is in the interest of science, literature, art or learning.
• It is a generally that it does not specifically define pornography or make it an offence, and does
not mention child pornography. Section 67B lays down the punishment for involving in sexual
explicates electronic or online contents that depicts children’s. it is also illegal to induce
children’s in sexual acts or into online relationships.
Lecture 2 Steganography, Unauthorised Access
YouTube link-https://www.youtube.com/watch?v=BdyGcVH9fS4
Q.1 What do you mean by Steganography. Write down its types
Q.2 What are the punishment of unauthorised access given under IT act 2000 . Write down it with
case laws.
STEGANOGRAPHY
➢ What is steganography?
• Steganography is the practice of concealing information within another message or physical
object to avoid detection. Steganography can be used to hide virtually any type of digital
content, including text, image, video, or audio content. That hidden data is then extracted at its
destination.
• Content concealed through steganography is sometimes encrypted before being hidden within
another file format. If it isn’t encrypted, then it may be processed in some way to make it harder
to detect.
• As a form of covert communication, steganography is sometimes compared to cryptography.
However, the two are not the same since steganography does not involve scrambling data upon
sending or using a key to decode it upon receipt.
• The term ‘steganography’ comes from the Greek words ‘steganos’ (which means hidden or
covered) and ‘graphein’ (which means writing). Steganography has been practiced in various
forms for thousands of years to keep communications private. For example, in ancient Greece,
people would carve messages on wood and then use wax to conceal them. Romans used various
forms of invisible inks, which could be deciphered when heat or light were applied.
• Steganography is relevant to cybersecurity because ransomware gangs and other threat actors
often hide information when attacking a target. For example, they might hide data, conceal a
malicious tool, or send instructions for command-and-control servers. They could place all this
information within innocuous-seeming image, video, sound, or text files.
➢ How steganography works

• Steganography works by concealing information in a way that avoids suspicion. One of the most
prevalent techniques is called ‘least significant bit’ (LSB) steganography. This involves
embedding the secret information in the least significant bits of a media file. For example:
➢ In an image file, each pixel is made up of three bytes of data corresponding to the colors red,
green, and blue. Some image formats allocate an additional fourth byte to transparency, or
‘alpha’.
➢ LSB steganography alters the last bit of each of those bytes to hide one bit of data. So, to hide
one megabyte of data using this method, you would need an eight-megabyte image file.
➢ Modifying the last bit of the pixel value doesn’t result in a visually perceptible change to the
picture, which means that anyone viewing the original and the steganographically-modified
images won’t be able to tell the difference.
➢ The same method can be applied to other digital media, such as audio and video, where data is
hidden in parts of the file that result in the least change to the audible or visual output.
➢ Another steganography technique is the use of word or letter substitution. This is where the
sender of a secret message conceals the text by distributing it inside a much larger text, placing
the words at specific intervals. While this substitution method is easy to use, it may also make
the text look strange and out of place since the secret words might not fit logically within their
target sentences.
➢ Other steganography methods include hiding an entire partition on a hard drive or embedding
data in the header section of files and network packets. The effectiveness of these methods
depends on how much data they can hide and how easy they are to detect.
➢ Types of steganography
• From a digital perspective, there are five main types of steganography. These are:
1. Text steganography
2. Image steganography
3. Video steganography
4. Audio steganography
5. Network steganography
Unauthorised Access
• Under the Information Technology Act of 2000, unauthorized access is defined as the act of
gaining access to a computer system, computer network, or computer resource without the
permission of the owner or without being authorized by law. The specific provision that
addresses unauthorized access in the IT Act is Section 43.
• According to Section 43 of the IT Act 2000, unauthorized access refers to the following:
• Accessing or securing access to a computer system, computer network, or computer resource
without permission from the owner, whether by directly or indirectly bypassing any security
measures.
• Remaining, lurking, or hiding in a computer system, computer network, or computer resource
without authorization.
• Gaining access to a computer system, computer network, or computer resource with permission
but using that access to exceed the authorized scope of access.
• It’s important to note that unauthorized access is considered an offense under the IT Act, and
individuals found guilty may face legal consequences, such as imprisonment, fines, or both,
depending on the severity of the offense. The act aims to protect computer systems, networks,
and resources from unauthorized access, ensuring the security and integrity of digital
information.
➢ Case Laws
• State of Tamil Nadu v. SuhasKatti (2014)
• In this case, SuhasKatti, a software engineer, was arrested by the Tamil Nadu police for
unauthorized access to a computer system. He had hacked into the website of the Tamil Nadu
Public Service Commission (TNPSC) and obtained confidential information of over 50,000
candidates who had applied for government jobs. Katti was charged under Section 66 of the
Information Technology Act, 2000 (IT Act), and was sentenced to two years imprisonment.
• Shreya Singhal v. Union of India (2015)

• The Supreme Court of India struck down Section 66A of the IT Act, which criminalized the
sending of offensive messages through a computer or communication device. The court held
that the provision was vague and overbroad, and violated the freedom of speech and expression
guaranteed by the Constitution of India. The judgment is significant as it has set a precedent for
the protection of online free speech in India.
Lecture -3 Data and Identity Theft, Cyber squatting
YouTube link-https://www.youtube.com/watch?v=OU4ema4QXxo
Q 1 Write down short notes on Data and Identity Theft as given under IT act
Q.2 what do understand by Cyber squatting.
NOTES
Data and Identity Theft
• Data and identity theft refer to unauthorized access, acquisition, or use of someone's personal
or confidential information without their consent.
• The Information Technology Act, 2000 (IT Act) and the Indian Penal Code, 1860 (IPC) address
data and identity theft in India.
• Section 43 and Section 66C of the IT Act provide penalties for unauthorized access to computer
systems, data theft, and tampering with computer source code.
• The IPC contains provisions under Sections 419 to 421 and Section 463 to 468, which deal with
offenses related to impersonation, identity theft, and forgery.
Cyber Squatting:
• Cyber squatting involves the registration, use, or trafficking of domain names with bad faith
intent to profit from the goodwill of a trademark or brand.
• The Trademarks Act, 1999, and the IT Act address cyber squatting in Indian laws.
• Under the Trademarks Act, the owner of a registered trademark can take legal action against
cyber squatters who use similar domain names to deceive users or harm the brand's reputation.
• The IT Act's provisions on domain name dispute resolution and cyber squatters aim to protect
trademark owners and provide remedies for their rights.
Penalties and Legal Remedies:
• The IT Act prescribes penalties for data and identity theft offenses, including imprisonment and
fines.
• The penalties vary depending on the severity of the offense and the amount of wrongful gain or
loss involved.
• Victims of data and identity theft can seek legal remedies through criminal complaints, civil
suits, or by filing complaints with the Cyber Crime Cell or the National Cyber Crime Reporting
Portal.
Initiatives and Awareness:
• The Indian government has taken several initiatives to combat data and identity theft, such as
the establishment of cyber crime cells, cyber forensic labs, and specialized units to investigate
cyber offenses.
• Awareness campaigns and educational programs are conducted to educate individuals and
organizations about the risks of data theft, identity theft, and cyber squatting, and to promote
preventive measures.
International Cooperation:
• India participates in international cooperation and collaborations to combat cybercrimes,

including data and identity theft.
• Mutual Legal Assistance Treaties (MLATs) and agreements with other countries facilitate the
exchange of information, evidence, and cooperation in investigations and prosecutions of
cybercrimes.
Cyber Security Measures:
• To protect against data and identity theft, individuals and organizations are advised to adopt
robust cybersecurity measures, such as using strong passwords, encryption techniques, and
regularly updating software and systems.
• Regular data backups, secure online transactions, and cautious sharing of personal information
are also essential to prevent unauthorized access and data breaches.
Conclusion:
• Data and identity theft, as well as cyber squatting, are serious cybercrimes that can have
significant repercussions for individuals and organizations.
• Indian laws, including the IT Act and the IPC, provide legal provisions and penalties to deter and
punish offenders.
• Collaborative efforts between law enforcement agencies, government bodies, and public
awareness are crucial to combating these offenses and creating a safer digital environment.
Lecture 4Breach of Privacy, Protected System
YouTube link-https://www.youtube.com/watch?v=wZyMaGYaEmw
NOTES
Breach of Privacy
• The right to privacy is recognized as a fundamental right in India under Article 21 of the
Constitution.
• The Information Technology Act, 2000 (IT Act) and the Indian Penal Code, 1860 (IPC) address
various aspects of breach of privacy.
• Section 43A of the IT Act provides for compensation in cases of unauthorized disclosure or
misuse of personal information by body corporates.
• The IPC contains provisions under Sections 354C to 354D, 503, 507, and 509, which deal with
offenses related to privacy violations, including voyeurism, stalking, and defamation.
Protected Systems:
• The IT Act defines "protected systems" as computer systems, networks, or computer resources
vital to the security, defense, or economic interests of India.
• Unauthorized access, interference, or disruption of protected systems is considered an offense
under the IT Act.
Data Protection and Privacy Laws:
• India introduced the Personal Data Protection Bill in 2019, which aims to provide comprehensive
data protection and privacy rights to individuals.
• The bill seeks to establish a data protection authority and outlines principles for the collection,
processing, storage, and transfer of personal data.
Cyber Laws and Penalties:
• The IT Act contains provisions related to hacking, unauthorized access to computer systems, and
data theft.
• Section 43 and Section 66 of the IT Act provide for penalties for unauthorized access, damage to
computer systems, and data breaches.
• The penalties range from imprisonment, fines, or both, depending on the severity of the
offense.
Privacy Regulations and Initiatives:
• The Indian government has taken steps to enhance privacy protection and strengthen data
security.
• The Unique Identification Authority of India (UIDAI) oversees the implementation of Aadhaar,
India's biometric identity system, and has implemented measures to safeguard the privacy and
security of Aadhaar holders.
• The Ministry of Electronics and Information Technology (MeitY) has also issued guidelines and
regulations to protect sensitive personal information and prevent data breaches.
Privacy and Information Technology Rules:
• The IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or
Information) Rules, 2011, lay down guidelines for the collection, storage, and protection of
sensitive personal data or information by companies operating in India.
• These rules mandate that entities collecting personal data must implement reasonable security
practices to safeguard the information from unauthorized access, use, disclosure, alteration, or
destruction.
International Cooperation and Data Transfer:
• India has engaged in discussions on data protection and privacy at international forums.
• The country is also exploring ways to facilitate secure cross-border data transfers while ensuring
data protection standards are maintained.
Public Awareness and Vigilance:
• Public awareness and education campaigns are essential to promote privacy rights, data
protection practices, and safe online behaviors.
• Individuals should be vigilant in safeguarding their personal information, using secure online
platforms, and reporting privacy breaches or cybercrimes to the appropriate authorities.
Conclusion:
• Breach of privacy and unauthorized access to protected systems are serious offenses in Indian
laws.
• The IT Act, IPC, and proposed data protection legislation provide legal frameworks and penalties
to protect privacy rights and punish offenders.
• Continued efforts are needed to raise awareness, strengthen privacy regulations, and ensure
effective enforcement to safeguard individuals' privacy and data security in the digital era.
Lecture 5- Obscenity Laws and Transmission of sexual Message
YouTube link- https://www.youtube.com/watch?v=wWZaoEn_ZTc
Q 1 What are different laws and regulations relating to Obscenity Laws and Transmission of sexual
Message.
NOTES
Obscenity Laws
• Obscenity refers to material that is considered morally offensive or sexually explicit, beyond
the acceptable standards of decency in society.
• The Indian Penal Code, 1860 (IPC), addresses obscenity under Sections 292 to 294.
• Section 292 prohibits the sale, distribution, or public exhibition of obscene material, while
Section 294 deals with obscene acts or songs in public places.
Transmission of Sexual Messages/Cyber:
• The Information Technology Act, 2000 (IT Act), addresses various cyber offenses, including
the transmission of sexually explicit material through electronic communication.
• Section 67 of the IT Act prohibits the publishing, transmitting, or causing to be transmitted
of any material containing sexually explicit acts or conduct in electronic form.
• It also covers the transmission of sexually explicit messages, images, or videos that are likely
to cause annoyance, inconvenience, or deception.
Online Platforms and Social Media:
• With the widespread use of online platforms and social media, there have been instances of
the transmission of sexually explicit content and messages through digital means.
• Social media platforms and internet service providers are expected to comply with the IT Act
and take measures to remove or block access to such content.
Penalties and Legal Remedies:
• Offenses related to obscenity and the transmission of sexual messages/cyber can attract
legal penalties under the IPC and the IT Act.
• The penalties may include imprisonment, fines, or both, depending on the severity of the
offense.
Reporting and Cyber Crime Cells:
• Victims or concerned individuals can report instances of obscenity or the transmission of

sexual messages/cyber to the police or the dedicated cyber crime cells.
• These specialized units are equipped to handle cyber offenses and investigate such cases.
Digital Evidence and Forensic Analysis:
• Digital evidence plays a crucial role in prosecuting cases related to obscenity and the
transmission of sexual messages/cyber.
• Forensic analysis of digital devices and communication records can be conducted to gather
evidence against offenders.
Public Awareness and Education:
• Public awareness campaigns and educational programs are essential to educate individuals,
especially children and teenagers, about the legal consequences of engaging in or promoting
obscene or sexually explicit content.
• It is crucial to promote responsible digital behavior, online safety, and ethical use of digital
platforms.
• International cooperation and collaboration play a significant role in tackling cyber offenses
related to obscenity and the transmission of sexual messages.
• Cooperation with international law enforcement agencies, sharing of information and best
practices, and mutual legal assistance can aid in investigating and prosecuting offenders
operating across borders.
Conclusion:
• Indian laws address the issues of obscenity and the transmission of sexual messages/cyber
through provisions in the IPC and the IT Act.
• Strict penalties, reporting mechanisms, and specialized cyber crime cells are in place to
combat these offenses.
• Public awareness, responsible use of digital platforms, and cooperation between law
enforcement agencies are crucial to creating a safe online environment and preventing the
spread of obscene or sexually explicit content.
Lecture 6Cheating by Impersonation, Occupying Stolen Computer and storing devices
YouTube link- https://www.youtube.com/watch?v=MmkdTaoczuQ
Q.1 Write a short notes on Cheating by Impersonation.
Q.2 What are the penalties provided in cases of unauthorized access, damage, or theft of
computer systems or data.
NOTES
Cheating by Impersonation,
• Cheating by impersonation refers to the act of deceiving or defrauding someone by

pretending to be another person.
• In Indian laws, cheating is addressed under Section 415 of the Indian Penal Code, 1860
(IPC).
• Section 416 specifically deals with cheating by personation, where a person cheats
another by pretending to be someone they are not.
Occupying Stolen Computer:
• Occupying a stolen computer involves the unauthorized possession or control of a

computer or computer system that has been unlawfully obtained or stolen.
• The Information Technology Act, 2000 (IT Act), includes provisions to address offenses
related to unauthorized access, theft, or control of computer systems.
• Section 43 and Section 66 of the IT Act provide for penalties in cases of unauthorized
access, damage, or theft of computer systems or data.
Storing Devices:
• Storing devices refers to the possession or storage of stolen or illicit electronic devices,
such as computers, smartphones, or other digital devices.
• The possession of stolen devices may be considered a criminal offense under theft-
related provisions of the IPC, such as Section 411, which deals with dishonestly receiving
stolen property.
Legal Penalties:
• Cheating by impersonation is a punishable offense under the IPC, and the severity of the
penalty depends on the specific circumstances of the case.
• The penalties for occupying a stolen computer or storing stolen devices can vary based
on the applicable provisions of the IPC, including theft-related offenses.
Reporting and Investigation:
• Victims or concerned individuals can report instances of cheating by impersonation,

occupying stolen computers, or storing stolen devices to the police.
• The police have the authority to investigate such cases, gather evidence, and take
appropriate legal action against the offenders.
Cyber Crime Cells and Forensic Analysis:
• Cyber crime cells and forensic experts play a crucial role in investigating cases related to
cheating by impersonation, occupying stolen computers, or storing stolen devices.
• They employ digital forensics techniques to analyze electronic devices and retrieve
evidence that can be presented in court.
Public Awareness and Education:
• Public awareness campaigns are important to educate individuals about the legal
consequences of cheating by impersonation, occupying stolen computers, and storing
stolen devices.
• It is essential to promote ethical behavior, discourage fraudulent activities, and
encourage responsible use of digital devices.
• International cooperation and collaboration are crucial for addressing cyber offenses
involving impersonation and stolen devices.
• Cooperation with international law enforcement agencies and mutual legal assistance
can aid in investigating cross-border cases and apprehending offenders.
Conclusion:
• Indian laws, including the IPC and the IT Act, address offenses such as cheating by
impersonation, occupying stolen computers, and storing stolen devices.
• Strict penalties and legal provisions are in place to deter and punish offenders.
• Public awareness, reporting mechanisms, and effective investigation and prosecution
are essential in combating these offenses and ensuring a safer digital environment.
Unit 4
Lecture-1- Cyber Disputes: Jurisdiction: Legal Issues

YouTube link- https://www.youtube.com/watch?v=x6x1ji15LeY
Q.1 What do you understand by Cyber dispute. What are the legal issues
relating to it.
NOTES
1.Cyber Disputes:
• Definition of Cyber Disputes: Cyber disputes refer to conflicts, disagreements, or legal

issues arising from activities conducted in cyberspace. These disputes can involve various
aspects, including online transactions, data breaches, intellectual property infringement,
cyberbullying, defamation, and unauthorized access to computer systems.
• Jurisdictional Challenges: Cyber disputes often present challenges regarding
jurisdiction. The global nature of the internet makes it difficult to determine which
jurisdiction's laws apply to a particular dispute. Jurisdictional issues can complicate the
resolution process and require cooperation between different countries or legal systems.
• Types of Cyber Disputes: Cyber disputes can encompass a wide range of issues,
including:
a) E-commerce disputes: Disputes arising from online transactions, such as non-
delivery of goods, fraudulent activities, or breach of contract.
b) Intellectual property disputes: Disputes related to copyright, trademarks,
patents, and other forms of intellectual property infringement that occur in the
digital realm.
c) Privacy and data protection disputes: Disputes arising from the unauthorized
collection, use, or disclosure of personal information or data breaches.
d) Online defamation and cyberbullying: Disputes involving false or harmful
statements made online, cyber harassment, or cyberbullying.
e) Cybercrime-related disputes: Disputes resulting from cybercrimes such as
hacking, identity theft, phishing, ransomware attacks, or financial fraud.
• Legal Frameworks: Different countries have their own legal frameworks and
regulations to address cyber disputes. These may include specific cyber laws, data
protection laws, consumer protection laws, intellectual property laws, and criminal laws
that apply to cybercrimes.
• Alternative Dispute Resolution (ADR): Alternative dispute resolution mechanisms can
be used to resolve cyber disputes more efficiently and cost-effectively compared to
traditional litigation. Mediation and arbitration are commonly employed methods to settle
disputes and reach mutually acceptable solutions.
• Digital Evidence: Cyber disputes often involve digital evidence, which may include
electronic records, chat logs, emails, IP addresses, and other technical data. Proper
preservation and presentation of digital evidence are crucial for supporting claims or
defenses in cyber dispute cases.
• International Cooperation: Given the cross-border nature of cyberspace, international
cooperation is vital for resolving complex cyber disputes. Cooperation among countries,
law enforcement agencies, and organizations helps in the investigation, prosecution, and
enforcement of laws related to cybercrimes and cyber disputes.
• Cybersecurity Measures: Taking proactive cybersecurity measures can help prevent
cyber disputes. This includes implementing strong security protocols, encryption, access
controls, regular software updates, employee training, and adopting best practices to
protect sensitive data and systems.
• Expertise and Legal Support: Given the technical and legal complexities involved in
cyber disputes, it is advisable to seek legal counsel with expertise in cyber law and
dispute resolution. Legal professionals specialized in cyber law can provide guidance,
advice, and representation to navigate the complexities of cyber dispute resolution.
• Awareness and Education: Raising awareness about cybersecurity, safe online
practices, and legal implications is crucial for individuals, organizations, and society at
large. Educating people about their rights, responsibilities, and available legal remedies
can contribute to minimizing cyber disputes and promoting a safer digital environment.
2. Jurisdiction:
• Cross-Border Nature of Cyber Disputes:

Cyber disputes often transcend geographical boundaries due to the global nature of the
internet. This raises complex jurisdictional issues as different countries may have varying
laws and regulations pertaining to cyber activities.
• Determining Jurisdiction:
Determining the appropriate jurisdiction for a cyber dispute can be challenging.
Jurisdiction is typically based on factors such as the location of the parties involved, the
location of the servers hosting the disputed content or services, and the place where the
alleged harm or offense occurred.
• Territorial Jurisdiction:
Territorial jurisdiction refers to the authority of a court or legal system over a particular
geographic area. In cyber disputes, establishing territorial jurisdiction can be difficult
when the parties involved are in different countries, and the disputed actions occurred
across multiple jurisdictions.
• Choice of Forum:
Parties in a cyber dispute may have the option to agree on a specific jurisdiction or forum
to resolve their disputes. This can be done through contractual agreements or by
voluntarily submitting to the jurisdiction of a particular court or arbitration body.
• Forum Shopping:
Forum shopping refers to the practice of choosing a jurisdiction that is more favorable to
one's case. In cyber disputes, parties may seek jurisdictions with more lenient laws,
stronger protection of intellectual property rights, or advanced cyber laws that facilitate
the resolution of cyber-related conflicts.
• Conflict of Laws:
Conflict of laws arises when different legal systems have conflicting rules or principles
applicable to a particular dispute. In cyber disputes, conflicts of laws can occur when the
actions of the parties involved are subject to different legal frameworks due to their
diverse locations.
• Mutual Legal Assistance Treaties (MLATs):
MLATs are agreements between countries that facilitate cooperation in legal matters,
including cybercrime investigations and evidence sharing. MLATs help address
jurisdictional challenges by enabling cross-border collaboration and information
exchange between law enforcement agencies.
• International Jurisdictional Cooperation:
International cooperation among countries is essential for resolving cyber disputes that
involve multiple jurisdictions. Cooperation can take various forms, such as extradition of
offenders, sharing of evidence, harmonization of laws, and mutual assistance in the
enforcement of judgments.
• Extraterritorial Jurisdiction:
Some countries assert extraterritorial jurisdiction, allowing them to apply their laws to
actions occurring outside their territory but having significant effects within their
jurisdiction. Extraterritorial jurisdiction can be relevant in cross-border cyber disputes
when the impact of the disputed activities extends to a specific country.
• Legal Challenges and Evolving Landscape:
Jurisdictional issues in cyber disputes continue to evolve as technology advances and
legal frameworks adapt to address emerging challenges. Courts and legislators strive to
establish clear guidelines and principles to determine jurisdiction in cyberspace, but the
complex and dynamic nature of the internet presents ongoing challenges.
3. Legal Issues:
• Jurisdictional Challenges:
Determining the appropriate jurisdiction to resolve a cyber dispute can be complex due to
the cross-border nature of the internet. Conflicts may arise when the parties involved are
in different countries, and the actions or consequences of the dispute occur in multiple
jurisdictions.
• Applicable Laws:
Cyber disputes involve the application of various laws and regulations, including cyber
laws, intellectual property laws, data protection laws, consumer protection laws, and
contract laws. Determining which laws apply to a particular dispute can be challenging,
especially when conflicts arise between different legal systems.
• Digital Evidence:
Cyber disputes often rely heavily on digital evidence, such as electronic records, chat
logs, emails, IP addresses, and forensic analysis of computer systems. Ensuring the
admissibility, authenticity, and integrity of digital evidence can be a legal challenge in
cyber dispute proceedings.
• Data Protection and Privacy:
Cyber disputes frequently involve issues related to data protection and privacy. Parties
may dispute the collection, use, or disclosure of personal information, and the legal
requirements and obligations regarding consent, data security, and data breach
notification can be complex.
• Intellectual Property Infringement:
Cyber disputes frequently arise from intellectual property infringement, such as copyright
infringement, trademark violations, or trade secret misappropriation. Issues may include
unauthorized use of copyrighted materials, domain name disputes, counterfeit goods, or
plagiarism.
• Defamation and Online Reputation:
Cyber disputes can involve allegations of defamation, libel, or slander, as harmful or false
statements made online can damage a person's reputation. Determining the line between
freedom of speech and defamatory statements in the online realm can be a legal
challenge.
• Contractual Issues:
Many cyber disputes involve contractual issues, such as breach of contract, non-
performance, or disputes over terms and conditions of online agreements. The
enforceability and interpretation of electronic contracts and online terms of service can be
legally contentious.
• Cybercrimes and Criminal Liability:
Some cyber disputes involve criminal activities, such as hacking, identity theft, fraud, or
cyberbullying. Determining criminal liability, investigating cybercrimes, and prosecuting
offenders can be complex due to jurisdictional challenges, evidentiary requirements, and
technical complexities.
• Online Dispute Resolution (ODR):
Online dispute resolution mechanisms are becoming increasingly relevant in resolving
cyber disputes. Utilizing technology and alternative dispute resolution methods, ODR
platforms offer efficient, cost-effective, and accessible means to settle disputes,
particularly for lower-value and cross-border disputes.
• International Cooperation:
Cyber disputes that span multiple jurisdictions require international cooperation and
coordination among law enforcement agencies, judicial systems, and regulatory bodies.
Mutual legal assistance treaties and information sharing initiatives are crucial for
effective resolution and enforcement of cyber dispute outcomes.
Lecture 2- Cyber Adjudication, Collection & Admissibility of Electronic Evidences
YouTube link-https://www.youtube.com/watch?v=lPzrayyy4Tk
Q.1 Write a short notes on Cyber adjudication
Q.2 Write down provision of collection and admissibility of electronic evidence
NOTES
1. Introduction:
• Cyber adjudication in India refers to the legal process of resolving cyber-related disputes,
prosecuting cybercrimes, and ensuring compliance with cybersecurity laws and
regulations.
• India has enacted various laws and established dedicated institutions to address cyber
offenses and promote a secure digital environment.
Key Laws and Regulations:
• Information Technology Act, 2000 (IT Act):
The IT Act is the primary legislation governing cyber adjudication in India.
i. It provides a legal framework to address offenses such as unauthorized access,
hacking, identity theft, data breaches, and online fraud.
ii. The Act defines penalties and procedures for investigating cybercrimes, collecting
electronic evidence, and adjudicating cases.
• The Indian Penal Code (IPC):
i) The IPC contains provisions relevant to cybercrimes, such as offenses related to
fraud, defamation, obscenity, and impersonation.
ii) Sections such as 419 (cheating by personation), 420 (cheating and dishonestly
inducing delivery of property), and 509 (word, gesture or act intended to insult the
modesty of a woman) are commonly applied in cyber adjudication.
• Information Technology (Amendment) Act, 2008:
i) This amendment to the IT Act expanded the scope of cyber offenses and introduced
new provisions to address emerging challenges.
ii) It criminalized acts such as cyberterrorism, publishing or transmitting obscene
materials, and unauthorized interception of electronic information.
• The Indian Evidence Act, 1872:
i) The Indian Evidence Act governs the admissibility and relevance of evidence in
cyber adjudication.
ii) It specifies the conditions under which electronic records, digital signatures, and
computer-generated evidence can be admitted in court.
• The Personal Data Protection Bill (PDPB):
iii) The PDPB, currently pending in Parliament, aims to regulate the collection, storage,
and processing of personal data.
iv) It establishes data protection principles, consent requirements, and obligations for
organizations handling personal data.
v) The PDPB will likely impact cyber adjudication by addressing data breaches, privacy
violations, and ensuring the protection of individuals' digital rights.
iii) Institutions and Authorities:
a. Cyber Crime Investigation Cells:
Various states in India have established dedicated cybercrime investigation

cells to handle cyber-related offenses.
These cells work in coordination with local law enforcement agencies to

investigate, collect evidence, and initiate legal proceedings.
b. Adjudicating Authorities and Cyber Appellate Tribunals:
The IT Act empowers the central and state governments to appoint adjudicating
authorities and cyber appellate tribunals.
These bodies have jurisdiction to adjudicate cyber-related cases, pass orders,

and impose penalties under the provisions of the IT Act.
c. National Cyber Crime Reporting Portal:
The Ministry of Home Affairs operates the National Cyber Crime Reporting
Portal, providing a platform for reporting cybercrimes and seeking assistance.
The portal facilitates the filing of complaints, information sharing, and

coordination between law enforcement agencies.
• Challenges and Future Considerations:
a. Capacity Building and Training:
Enhancing the technical and legal expertise of law enforcement agencies,

judiciary, and legal professionals is crucial to effectively handle cyber
adjudication cases.
Regular training programs and workshops should be conducted to keep pace

with evolving cyber threats and technologies.
b. Strengthening International Cooperation:
Cybercrimes often transcend national boundaries, necessitating effective

cooperation with international law enforcement agencies.
Strengthening bilateral and multilateral agreements, mutual legal assistance

treaties, and sharing best practices can enhance collaboration in cyber
adjudication.
Collection and Admissibility of Electronic Evidence in Indian Laws
1. Introduction:
• With the rise of digital technology, electronic evidence has become crucial in resolving
cybercrimes and other digital-related disputes.
• In India, the collection and admissibility of electronic evidence are governed by the
Information Technology Act, 2000 (IT Act) and the Indian Evidence Act, 1872.
• These laws provide a framework for the admissibility and authentication of electronic
evidence in Indian courts.
2. Types of Electronic Evidence:

(i) Emails and Online Communications:
Emails, instant messages, chat conversations, and social media posts are
considered electronic evidence.
The content, metadata, and timestamps associated with these communications

can be crucial in establishing facts in a case.
(ii) Digital Documents and Files:

Electronic documents, such as Word files, PDFs, spreadsheets, and multimedia
files, can serve as electronic evidence.
These files may contain relevant information, including text, images, audio, or
video recordings.
(iii) Computer System and Network Data:
Data collected from computer systems, networks, or digital devices can be used
as electronic evidence.
This includes log files, network traffic data, system images, and other technical
data that can provide insights into the activities of the parties involved.
(iv) Metadata and Digital Footprints:
Metadata, which includes information about the creation, modification, and

transmission of electronic files, can be valuable evidence.
Digital footprints, such as browsing history, GPS data, or call records, can also
be used to establish the actions or movements of individuals.
3. Collection of Electronic Evidence:

a) Preservation and Seizure:
It is essential to preserve electronic evidence in its original form to maintain

its integrity and authenticity.
Authorized individuals, such as law enforcement agencies, may seize

electronic devices or storage media through legal procedures to prevent
tampering or destruction of evidence.
b) Forensic Examination:
Electronic evidence often requires forensic examination by trained

professionals.
Forensic experts use specialized tools and techniques to collect, analyze, and
interpret electronic evidence while maintaining a strict chain of custody.
c) Legal Requirements:
The collection of electronic evidence must comply with legal requirements,
including obtaining search warrants, court orders, or consent from relevant
parties.
Violations of privacy rights or unauthorized access to electronic evidence can

render it inadmissible in court.
4. Admissibility of Electronic Evidence:
a. Primary and Secondary Evidence:
Electronic evidence can be categorized as either primary or secondary

evidence.
Primary evidence refers to the original electronic record, while secondary

evidence includes copies or printouts of the original.
b. Rule of Best Evidence:
The rule of best evidence states that the original electronic record should be
produced in court when available.
If the original cannot be produced, secondary evidence, such as copies or

printouts, may be admissible under certain conditions.
c. Authenticity and Certification:
To establish the authenticity of electronic evidence, it is crucial to demonstrate

that it has not been tampered with or manipulated.
Digital signatures, hash values, time-stamping, and other encryption techniques

can be used to certify the integrity and authenticity of electronic evidence.
d. Opinion of Experts
Expert opinions can be sought to explain the technical aspects of electronic

evidence and its relevance to the case.
The court may rely on the testimony of qualified experts to assess the
authenticity and admissibility of electronic evidence.
5. Challenges and Considerations:
a. Technical Expertise:
Courts may face challenges in understanding the technical aspects of electronic
evidence.
Collaboration with forensic experts and other
Lecture -3Cyber Appellate Tribunal.
YouTube link- https://www.youtube.com/watch?v=sx9NirAL-Pw
Q.1 White down composition and power of Cyber Appeallate Tribunal
NOTES
1. Introduction:
• The Cyber Appellate Tribunal (CAT) is a specialized appellate body established under
the Information Technology Act, 2000 (IT Act) in India.
• The CAT's primary role is to hear appeals against the orders issued by the Controller of
Certifying Authorities and the Adjudicating Officers under the IT Act.
• It provides an efficient and expedited mechanism for resolving disputes and grievances
related to cybersecurity and digital transactions.
2. Establishment and Composition:
a. Establishment:
• The CAT was established under Section 48(1) of the IT Act in the year 2000.
• Its establishment aimed to address the need for a specialized forum to handle appeals
pertaining to electronic transactions and cybercrimes.
b. Composition:
• The CAT consists of a Chairperson and such number of other members as the central
government deems fit.
• The Chairperson is appointed by the central government and should be a retired judge of
the High Court.
• Other members of the CAT may include individuals with expertise in law, technology, or
cybersecurity.
3. Jurisdiction and Powers:
a. Jurisdiction:
• The CAT has jurisdiction over appeals filed against the orders of the Controller of
Certifying Authorities and the Adjudicating Officers under the IT Act.
• It has the authority to hear appeals relating to various matters, including the revocation of
digital signatures, penalties imposed for non-compliance with the IT Act, and other
cyber-related issues.
b. Powers:
• The CAT has the power to hear appeals and decide cases in a manner it deems fit, subject
to the provisions of the IT Act.
• It has the same powers as a civil court while trying a suit under the Code of Civil
Procedure, 1908, including the power to summon witnesses, enforce attendance, and
examine them under oath.
4. Procedure and Appeals:
a. Procedure:
• The CAT follows the principles of natural justice and ensures a fair and impartial
procedure.
• It has the discretion to regulate its own procedure, subject to the provisions of the IT Act.
b. Appeals:
• Appeals to the CAT can be filed by any person aggrieved by the order of the Controller
of Certifying Authorities or the Adjudicating Officer.
• The appeal should be filed within a specified period, accompanied by the prescribed fees
and supporting documents.
c. Decisions and Enforcement:
• The CAT has the power to confirm, modify, or set aside the orders of the Controller of
Certifying Authorities or the Adjudicating Officer.
• The decisions of the CAT are final and binding, subject to further appeal to the High
Court.
5. Limitations and Challenges:
a. Limited Jurisdiction:
• The CAT's jurisdiction is restricted to appeals against orders issued by specific

authorities under the IT Act.
• It does not
Lecture- 4- Intellectual Property Rights & Its Interface with Cyber Law
YouTube link- https://www.youtube.com/watch?v=wZyMaGYaEmw
Q.1 What do you understand by Intellectual Property Rights and cyber law
NOTES
1. Introduction:
• Intellectual Property Rights (IPRs) encompass legal protections granted to intellectual
creations, such as patents, copyrights, trademarks, and trade secrets.
• The interface between IPRs and cyber law in India involves addressing infringements,
violations, and challenges related to intellectual property in the digital domain.
2. Copyright Protection:
a. Digital Copyright Infringement:
• Cyber law addresses issues related to unauthorized copying, distribution, and public
display of copyrighted works in the digital environment.
• The Copyright Act, 1957, and the Information Technology Act, 2000 (IT Act) provide
legal frameworks for copyright protection and enforcement in the digital realm.
b. Digital Rights Management (DRM):
• DRM technologies and mechanisms play a crucial role in safeguarding digital content
against unauthorized copying or distribution.
• Cyber law addresses issues related to the circumvention of DRM measures and prohibits
the manufacture, sale, or distribution of devices or software designed for such purposes.
c. Notice and Takedown:
• Cyber law in India includes provisions for the removal of infringing content from online
platforms.
• The IT Act empowers copyright owners to send takedown notices to intermediaries,
requesting the removal of infringing content hosted on their platforms.
3. Trademark Protection:
a. Domain Name Disputes:
• Cyber law in India addresses domain name disputes, where trademarks are used as part of
internet domain names to mislead consumers or dilute the distinctiveness of a brand.
• The Uniform Domain Name Dispute Resolution Policy (UDRP) and the Indian Domain
Name Dispute Resolution Policy (INDRP) provide mechanisms for resolving such
disputes.
b. Online Counterfeiting and Brand Abuse:
• Cyber law deals with the unauthorized use of trademarks and trade names in online
activities, including counterfeiting, cybersquatting, and brand abuse.
• The IT Act enables rights holders to take legal action against online infringers and seek
remedies for trademark violations.
4. Patent Protection:
a. Software Patents and Patent Infringement:
• Cyber law addresses the protection and enforcement of software-related inventions and
patents.
• The Patents Act, 1970, and the IT Act provide legal provisions for patent protection in
the digital domain.
b. Patentability of Computer Programs:
• Cyber law defines the criteria for patentability of computer programs, including technical
contribution, novelty, non-obviousness, and industrial applicability.
• The Indian Patent Office and the courts play a crucial role in determining the
patentability of software and related inventions.
5. Enforcement and Remedies:
a. Injunctions and Damages:
• Cyber law provides mechanisms for enforcing IPRs and seeking remedies for
infringements in the digital sphere.
• Copyright, trademark, and patent owners can seek injunctions to stop infringing activities
and claim damages for losses suffered.
b. Anti-Piracy Measures:
• The IT Act includes provisions for anti-piracy measures, including the blocking of
websites hosting infringing content and the seizure of infringing material.
c. Cross-Border Enforcement:
• Cyber law in India addresses the challenges of cross-border enforcement of IPRs,

particularly in cases involving infringing activities conducted outside the country.
• International cooperation, mutual legal assistance treaties, and enforcement mechanisms
play a vital role in addressing cross-border IPR infringements.
6. Emerging Issues:
a. Digital Piracy and Streaming Services:
• Cyber law faces new challenges with the rise of digital piracy and unauthorized
streaming services.
• The IT Act and amendments aim to tackle these issues and protect the rights of content
creators and distributors.
b. Artificial Intelligence (AI) and IPRs:
• The interface between AI and IPRs poses new challenges, such as ownership,
infringement, and protection of AI-generated works.
• Cyber law needs to evolve to address the unique issues arising from AI's impact on
intellectual property.
7. Conclusion:
• The interface between intellectual property rights and cyber law in India is essential to
protect the rights of creators and innovators in the digital era.
• The legal framework strives to strike a balance between promoting innovation and
creativity while ensuring the enforcement of IPRs in the evolving digital landscape
Lecture -5- Copyright law &Cyber law, Trademark law & Cyberspace,
YouTube link- https://www.youtube.com/watch?v=MKQ6tWIHDm0
Q.1 Write a short note on Copyright law &Cyber law
NOTES
1. Introduction:
• Intellectual Property Rights (IPRs) play a crucial role in protecting creations of the
human mind, such as inventions, literary and artistic works, trademarks, and designs.
• The interface between IPRs and cyber law in India addresses the challenges and
opportunities arising from the digital environment in relation to intellectual property
protection and enforcement.
2. Copyright Protection:
a. Digital Copyright Infringement:
• Cyber law in India provides legal provisions to address issues of unauthorized

reproduction, distribution, and public display of copyrighted works in the digital space.
• The Copyright Act, 1957, and the Information Technology Act, 2000 (IT Act) work in
tandem to protect copyright in the digital realm.
b. Digital Rights Management (DRM):
• Cyber law regulates the use of technological measures, such as DRM, to protect digital
content from unauthorized access, copying, or distribution.
• The IT Act prohibits the circumvention of DRM measures and the manufacture or sale of
devices or software designed for such purposes.
c. Notice and Takedown:
• Cyber law enables copyright owners to issue takedown notices to intermediaries, such as
internet service providers and online platforms, requesting the removal of infringing
content.
• The IT Act provides safe harbor provisions for intermediaries, granting them immunity
from liability if they comply with the notice and takedown procedures.
3. Trademark Protection:
a. Domain Name Disputes:
• Cyber law in India addresses disputes related to domain names that incorporate
trademarks, such as cybersquatting or misleading use.
• The Uniform Domain Name Dispute Resolution Policy (UDRP) and the Indian Domain
Name Dispute Resolution Policy (INDRP) provide mechanisms for resolving domain
name disputes.
b. Online Counterfeiting and Brand Abuse:
• Cyber law deals with the unauthorized use of trademarks online, including counterfeiting,
brand abuse, and misleading advertisements.
• The IT Act empowers trademark owners to take legal action against online infringers and
seek remedies for trademark violations.
4. Patent Protection:
a. Software Patents and Patent Infringement:
• Cyber law addresses the protection and enforcement of software-related inventions and
patents.
• The Patents Act, 1970, and the IT Act provide legal provisions for patent protection and
enforcement in the digital sphere.
b. Patentability of Computer Programs:
• Cyber law defines the criteria for patentability of computer programs, including technical
contribution, novelty, non-obviousness, and industrial applicability.
• The Indian Patent Office and the courts play a crucial role in determining the
patentability of software and related inventions.
5. Enforcement and Remedies:
a. Injunctions and Damages:
• Cyber law provides mechanisms for enforcing IPRs and seeking remedies for
infringements in the digital domain.
• Copyright, trademark, and patent owners can seek injunctions to stop infringing activities
and claim damages for losses suffered.
b. Anti-Piracy Measures:
• The IT Act includes provisions for anti-piracy measures, such as the blocking of websites
hosting infringing content and the seizure of infringing material.
c. Cross-Border Enforcement:
• Cyber law in India addresses the challenges of cross-border enforcement of IPRs,

particularly in cases involving infringing activities conducted outside the country.
• International cooperation, mutual legal assistance treaties, and enforcement mechanisms
play a vital role in addressing cross-border IPR infringements.
6. Emerging Issues:
a. Digital Piracy and Streaming Services:
• Cyber law faces new challenges with the rise of digital piracy and unauthorized
streaming services.
• Amendments to the IT Act aim to strengthen enforcement measures and protect the rights
of content creators and distributors.
b. Artificial Intelligence (AI) and IPRs:
• The interface between AI and IPRs presents novel challenges, such as ownership,
infringement, and protection of AI-generated works.
• Cyber law needs to adapt to address the unique issues arising from the intersection of AI
and intellectual property.
7. Conclusion:
• The interface between intellectual property rights and cyber law in India is vital for
fostering innovation, creativity, and protection of intellectual creations in the digital era.
• The legal framework aims to strike a balance between promoting innovation, ensuring
adequate protection for intellectual property, and facilitating enforcement in the evolving
digital landscape.
Lecture -6 Law relating to Semiconductor Layout &Design
YouTube link- https://www.youtube.com/watch?v=Gl6vJB1ARSA
Q.1 What are the laws relating to Semiconductor Layout and Design
NOTES
1. Introduction:
• Semiconductor layout and design refers to the arrangement and configuration of
electronic circuits and components on a semiconductor chip.
• To protect the intellectual property associated with semiconductor layout and design,
specific laws and regulations are in place in India.
2. Semiconductor Integrated Circuits Layout-Design Act, 2000:

• The Semiconductor Integrated Circuits Layout-Design Act (SICLDA), enacted in 2000,
governs the protection of semiconductor layout designs in India.
• The Act is in compliance with the international treaty known as the Agreement on Trade-
Related Aspects of Intellectual Property Rights (TRIPS).
3. Scope of Protection:
• The SICLDA provides protection to original and unique layout designs of integrated
circuits that are created and used for industrial purposes.
• The protection extends to the layout itself, including its three-dimensional configuration,
as well as its mask works
.
4. Eligibility and Registration:
• To be eligible for protection, a semiconductor layout design must be original and not
commonplace in the semiconductor industry.
• Registration of the layout design is not mandatory, but it provides additional legal
advantages and facilitates enforcement.
5. Rights of the Layout-Design Holder:

• The SICLDA grants the layout-design holder exclusive rights over the layout design for a
period of ten years from the date of its commercial exploitation.
• The rights include reproduction, importation, sale, and distribution of the layout design.
6. Infringement and Remedies:
• Infringement of a registered or unregistered layout design is a violation of the SICLDA.
• Remedies for infringement include injunctions, damages, accounts of profits, and
delivery of infringing articles.
7. Border Measures:
• The SICLDA empowers customs authorities to detain goods suspected of infringing
registered layout designs at the border.
• The rights holder can initiate proceedings to determine the infringement and seek
appropriate remedies.
8. International Protection:
• India is a member of the World Trade Organization (WTO) and a signatory to TRIPS,
providing a framework for international protection of semiconductor layout designs.
9. Enforcement and Dispute Resolution:

• The SICLDA establishes a specialized forum, the Semiconductor Integrated Circuits
Layout-Design Registry, for the registration and administration of layout designs.
• Civil courts have jurisdiction over matters related to infringement and enforcement of
layout design rights
.
10. Conclusion:
• The Semiconductor Integrated Circuits Layout-Design Act, 2000, forms the foundation of
legal protection for semiconductor layout and design in India.
• The Act aims to encourage innovation, safeguard investments in semiconductor
technology, and provide mechanisms for enforcement and dispute resolution related to
layout design rights.

Ll.B. (Hons) Vi Semester Subject-Cyber Laws

Uploaded by

Copyright:

Available Formats

You might also like

Ll.B. (Hons) Vi Semester Subject-Cyber Laws

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ll.B. (Hons) Vi Semester Subject-Cyber Laws

Uploaded by

Copyright:

Available Formats

LL.B.

SUBJECT- CYBER LAWS

LECTURE 1-FUNDAMENTALS OF CYBER LAW.

VIDEO LINK: https://www.youtube.com/watch?v=caEdZ41EA4w

PREVIOUS YEAR QUESTIONS ASKED IN LUCKNOW UNIVERSITY

Q1.) What do you understand by cyber law? (2018)

➢ Cyber law encompasses laws relating to:

2. Electronic and Digital Signatures

4. Data Protection and Privacy

➢ Need for Cyber Law

• Almost all transactions in shares are in demat form.

• Consumers are increasingly using credit/debit cards for shopping.

• Even in “non-cybercrime” cases, important evidence is found in computers/cell phones e.g.: in

1.) What do mean by the world cyber?

2.) What is the meaning of cyber law?

3.) What are the essential elements of cyber law?

4.) What is the need of cyber law in today world?

SUBJECT- CYBER LAWS

LECTURE 2-UNDERSTANDING CYBER SPACE.

VIDEO LINK: https://www.youtube.com/watch?v=DoWh7dF2_zE

PREVIOUS YEAR QUESTIONS ASKED IN LUCKNOW UNIVERSITY

1.) What do you understand by cyber space (2018,2019)

2.) What is the need of cyberspace and how it works (2019)

Cyberspace can be divided into a multi-layer model comprised of:

What is the Use of Cyberspace?

1. What is the meaning of cyber space?

2. How does the cyber space works?

3. What is the need of cyber space?

4. In how many layer cyber space is divided into?

SUBJECT- CYBER LAWS

LECTURE 3-INTERFACE OF TECHNOLOGY AND LAW DEFINING CYBER LAWS

VIDEO LINK: https://www.youtube.com/watch?v=KtuCsBlJXk8

PREVIOUS YEAR QUESTIONS ASKED IN LUCKNOW UNIVERSITY

Interface of Technology and Laws defining Cyber Laws

1. How can technology and cyber law be related to each other?

2. What are the law defining the cyber laws?

SUBJECT- CYBER LAWS

LECTURE 4-UNCITRAL MODEL LAW ON ELECTRONIC COMMERCE

PREVIOUS YEAR QUESTIONS ASKED IN LUCKNOW UNIVERSITY

1. What Is UNCITRAL MODEL Law on Electronic Commerce (2018,2019)

➢ The UNCITRAL Model Laws for E-commerce

Application of legal requirement to data messages

Communication of data messages

• The data message is attributed to the originator if it is sent by him or by a personauthorised by

Implementation & Judicial Interpretations across the globe

• UNCITRAL Model Law on Electronic Transferable Records (2017)

• UNCITRAL Model Law on Electronic Signatures (2001)

• UNCITRAL Model Law on Electronic Commerce (1996)

Recommendations to Governments and international organizations concerning the legal value of

1. What do you UNCITRAL Model Law on Electronic Commerce?

SUBJECT- CYBER LAWS

LECTURE 1-INFORMATION TECHNOLOGY ACT, 2000.

VIDEO LINK : https://www.youtube.com/watch?v=czDzUP1HclQ

PREVIOUS YEAR QUESTIONS ASKED IN LUCKNOW UNIVERSITY

• It also gives legal recognition to digital signatures.

Objectives of the Act

• Facilitate the electronic storage of data