 

Course: BBA LL.B Second Year (2022-2023)

Subject: ICT and Legal Research
Data is a collection of characters, numbers, and other symbols
that represents values of some situations or variables. Data is
plural and singular of the word data is ―datum‖.
Using computers, data are stored in electronic forms because
data processing becomes faster and easier as compared to
manual data processing done by people.
The Information and Communication Technology (ICT)
revolution led by computer, mobile and Internet has resulted in
generation of large volume of data and at a very fast pace.
The following list contains some examples of data that we often
come across-
 Name, age, gender, contact details, etc., of a person
 Transactions data generated through banking, ticketing,
shopping, etc. whether online or offline
 Images, graphics, animations, audio, video
 Documents and web pages
 Online posts, comments and messages
 Satellite data including meteorological data, communication
data, earth observation data, etc.
 Data

Structured Unstructured
 A) Structured data
Data which is organized and can be recorded in a well defined
format is called structured data.
Structured data is usually stored in computer in a tabular (in
rows and columns) format where each column represents
different data for a particular parameter called attribute/
characteristic/variable and each row represents data of an
observation for different attributes.
 B) Unstructured Data
Data which are not in the traditional row and column structure is called
unstructured data.

Examples:
A newspaper contains various types of news items which are also called
data. But there is no fixed pattern that a newspaper follows in placing news
articles. One day there might be three images of different sizes on a page
along with five news items and one or more advertisements. While on
another day, there might be one big image with three textual news items.
So there is no particular format nor any fixed structure for printing news.
Another example is the content of an email. There is no fixed structure
about how many lines or paragraphs one has to write in an email or how
many files are to be attached with an email.
Examples of unstructured data include web pages consisting of text as well
as multimedia contents (image, graphics, audio/video). Other examples
include text documents, business reports, books, audio/video files, social
media messages.
Data is a collection of raw, unorganized facts and details like text,
observations, figures, symbols and descriptions of things etc. In other
words, data does not carry any specific purpose and has no significance
by itself. Moreover, data is measured in terms of bits and bytes – which
are basic units of information in the context of computer storage and
processing.

Information is processed, organized and structured data. It provides

context for data and enables decision making.

Example: At a restaurant, a single customer’s bill amount is data.

However, when the restaurant owners collect and interpret multiple bills
over a range of time, they can produce valuable information, such as
what menu items are most popular and whether the prices are sufficient
to cover supplies, overhead, and wages.
Meaning of Data Processing

Any operation or set of operations performed upon data,

whether or not by automatic means, such as collection,
recording, organization, storage, adaptation or alteration
to convert it into useful information is called Data Processing.
Once data is collected, it is processed to convert it into useful
information. The data is processed again and again until the
accurate result is achieved. This is called data processing cycle.

The data processing is very important activity and involves very

careful planning. Usually, data processing activity involves three
basic activities.

 Input

 Processing

 Output
1. INPUT

It is the process through which collected data is transformed into a form that computer can
understand. It is very important step because correct output result totally depends on the input
data. In input step, following activities can be performed.

i) Verification

The collected data is verified to determine whether it is correct as required.

For example, the collected data of all BB.A. LL.B Final Year students that appeared in final
examination of the university is verified. If errors occur in collected data, data is corrected or it is
collected again.

ii) Coding

The verified data is coded or converted into machine readable form so that it can be processed
through computer.

iii) Storing

The data is stored on the secondary storage into a file. The stored data on the storage media will be
given to the program as input for processing.
2.PROCESSING

The term processing denotes the actual data manipulation techniques such as classifying, sorting,
calculating, summarizing, comparing, etc. that convert data into information.

i) Classification

The data is classified into different groups and subgroups, so that each group or sub-group of data
can be handled separately.

ii) Sorting
The data is arranged into an order so that it can be accessed very quickly as and when required.

iii) Calculations

The arithmetic operations are performed on the numeric data to get the required results. For
example, total marks of each student are calculated.

iv) Summarizing

The data is processed to represent it in a summarized form. It means that the summary of data is
prepared for top management.
3. OUTPUT

After completing the processing step, output is generated. The main purpose of data
processing is to get the required result. Mostly, the output is stored on the storage
media for later user. In output step, following activities can be performed.

i) Retrieval

Output stored on the storage media can be retrieved at any time. For example, result of
students is prepared and stored in the disk. This result can be retrieved when required
for different purposes.

ii) Conversion

The generated output can be converted into different forms.

iii) Communication

The generated output is sent to intended recipients.

―Treat your password like your
toothbrush. Don't let anybody
else use it, and get a new one
every six months.‖
— Clifford Stoll
Confidentiality Integrity Authentication Access control; Availability
1. Confidentiality: The principle of confidentiality specifies that only
the sender and the intended recipient should be able to access
the content of the message.
2. Integrity: The confidential information sent by A to B which is
accessed by C without the permission or knowledge of A and B.
3. Authentication: Authentication mechanism helps in establishing
proof of identification ensuring that there is no impersonation. It
also applies to verify and authenticate the genuineness of
information accessed.
4. Access control: Access control specifies and control who can
access what.
5. Availability: It means that assets are accessible to authorized
parties at appropriate times.
 What is data security?

Data security is the process of safeguarding digital information

throughout its entire life cycle to protect it from corruption,
theft, or unauthorized access.
 Maintains privacy: Data security ensures that privacy of the data is
maintained.
 Keeps the information safe: By adopting a mindset focused on data
security and implementing the right set of tools, you ensure sensitive data
does not fall into the wrong hands. Sensitive data can include customer
payment information, hospital records, pending cases and identification
information.
 Helps keep your reputation clean: When people do business with your
organization, they entrust their sensitive information to you, and a data
security strategy enables you to provide the protection they need. As a
consequence, you receive a clean reputation among clients, partners, and
the business world in general.
 Gives you a competitive edge: In many industries, data breaches are
commonplace, so if you can keep data secure, you set yourself apart from
the competition, which others may be struggling to do the same.
 Saves on support and development costs: If you incorporate data security
measures early in the development process, you may not have to spend
valuable resources for designing and deploying patches or fixing data
breach problems down the road.
 VIRUS

KEYLOGGER WORMS

MALWARES
RANSOMWARE
ADWARE

SPYWARE TROJAN
 MALWARE
Malware is a short term used for MALicious softWARE.
It is any software developed with an intention to damage
hardware devices, steal data, or cause any other trouble to the
user. Various types of malware have been created from time-
to-time, and large-scale damages have been inflicted. Many of
these malware programs have been identified and counter
measures have been initiated. However, different types of
malware keep on coming on a regular basis that compromise
the security of computer systems and cause intangible
damages. Besides, each year, malware incur financial
damages worth billions of dollars worldwide. Viruses, Worms,
Ransomware, Trojans, and Spyware are some of the kinds of
malware.
 VIRUS
The term computer virus was coined by Fred Cohen in 1985 and has
been borrowed from biological science with almost similar meaning
and behavior, the only difference is that the victim is a computer
system and the virus is a malicious software.
A virus is a piece of software code created to perform malicious
activities and hamper resources of a computer system like memory,
personal files, or sensitive information. Mimicking the behavior of a
biological virus, the computer virus spreads on contact with another
system, i.e. a computer virus infects other computer systems that it
comes into contact with by copying or inserting its code into the
computer programs or software (executable files).
A virus remains dormant on a system and is activated as soon as
the infected file is opened (executed) by a user.
 Some of the most common objectives behind viruses
include stealing passwords or data, corrupting files,
spamming the user’s email contacts, and even taking
control of the user’s machine.
 WORM
The Worm is also a malware that incurs unexpected or
damaging behavior on an infected computer system. The
major difference between a worm and a virus is that unlike a
virus, a worm does not need a host program or software to
insert its code into. Worms are standalone programs that are
capable of working on its own. Also, a virus needs human
triggering for replication (i.e. when a user opens/executes the
infected file), while a worm replicates on its own and can
spread to other computers through the network.
 RANSOMWARE

It is a type of malware that targets user data. It either blocks

the user from accessing their own data or threatens to publish
the personal data online and demands ransom payment
against the same. Some ransomware simply block the access
to the data while others encrypt data making it very difficult to
access.
Since the ancient Greeks could
not infiltrate the city of Troy
using traditional warfare
methods, they gifted the king of
Troy with a big wooden horse
with hidden soldiers inside and
eventually defeated them.
 TROJAN
Borrowing the concept, a Trojan is a malware, that looks like a
legitimate software and once it tricks a user into installing it, it
acts pretty much like a virus or worm. However, a Trojan does
not self-replicate or infect other files, it spreads through user
interaction such as opening an email attachment or
downloading and executing a file from the Internet.
 SYPWARE
It is a type of malware that spies on a person or an
organization by gathering information about them, without the
knowledge of the user. It records and sends the collected
information to an external entity without consent or knowledge
of the user.

Spyware usually tracks internet usage data and sells them to

advertisers. They can also be used to track and capture credit
card or bank account information, login and password
information or user’s personal identity.
 ADWARE

An Adware is a malware that is created to generate revenue

for its developer. An adware displays online advertisements
using pop-ups, web pages, or installation screens. Once an
adware has infected a substantial number of computer
systems, it generates revenue either by displaying
advertisements or using ―pay per click‖ mechanism to charge
its clients against the number of clicks on their displayed ads.
Adware is usually annoying, but harmless. However, it often
paves way for other malware by displaying unsafe links as
advertisements.
 KEYLOGGERS

The main purpose of this malware is to record the keys

pressed by a user on the keyboard. A keylogger makes logs of
daily keyboard usage and may send it to an external entity as
well. In this way, very sensitive and personal information like
passwords, emails, private conversations, etc. can be revealed
to an external entity without the knowledge of the user. One
strategy to avoid the threat of password leaks by keyloggers is
to use a virtual keyboard while signing into your online
accounts from an unknown computer.
 Downloaded from the Internet: Most of the time, malware is
unintentionally downloaded into the hard drive of a computer by
the user. Of course, the malware designers are smart enough to
disguise their malware, but we should be very careful while
downloading files from the Internet (especially those highlighted as
free downloads).
 Spam Email: We often receive an unsolicited email with embedded
hyperlinks or attachment files. These links or attached files can be
malware.
 Removable Storage Devices: Often, the replicating malware
targets the removable storage media like pen drives, SSD cards,
music players, mobile phones, etc. and infect them with malware
that gets transferred to other systems that they are plugged into.
 Network Propagation: Some malware like Worms have the ability to
propagate from one computer to another through a network
connection.
 frequent pop-up windows prompting you to visit some
website and/or download some software;
 changes to the default homepage of your web browser;
 mass emails being sent from your email account;
 unusually slow computer with frequent crashes;
 unknown programs startup as you turn on your computer;
 programs opening and closing automatically;
 sudden lack of storage space, random messages, sounds,
or music start to appear;
 programs or files appear or disappear without your
knowledge.
 Using antivirus, anti-malware, and other related software and
updating them on a regular basis.
 Configure your browser security settings
 Always check for a lock button in the address bar while making
payments.
 Never use pirated on unlicensed software.
 Applying software updates released by its manufacturers.
 Taking a regular backup of important data.
 Enforcing firewall protection in the network.
 Avoid entering sensitive (passwords, pins) or personal
information on unknown or public computers.
 Avoid entering sensitive data on an unknown network (like
Wi-Fi in a public place) using your own computer also.
 Avoid clicking on links or downloading attachments from
unsolicited emails.
 Scan any removable storage device with an antivirus
software before transferring data to and from it.
 Never share your online account or banking password/pins
with anyone.
 Remove all the programs that you don’t recognize from your
system.
 Both the HTTP (Hyper Text Transfer Protocol) and its variant
HTTPS (Hyper Text Transfer Protocol Secure) are a set of rules
(protocol) that govern how data can be transmitted over the
WWW (World Wide Web). In other words, they provide rules for
the client web browser and servers to communicate.
 HTTP sends information over the network as it is. It does not
scramble the data to be transmitted, leaving it vulnerable to
attacks from hackers. Hence, HTTP is sufficient for websites with
public information sharing like news portals, blogs, etc. However,
when it comes to dealing with personal information, banking
credentials and passwords, we need to communicate data more
securely over the network using HTTPS. HTTPS encrypts the data
before transmission. At the receiver end, it decrypts to recover
the original data
 Always look for the
―https://‖ at the
beginning of the address
(URL) of the websites
while entering your
banking, personal, or
other sensitive
information.
Cyberbullying includes sending, posting or sharing negative,
harmful, false or mean information and content about
someone. It includes-

 Someone creating a fake profile in your name and trying to

defame you
 Threatening or abusive messages online or on the mobile
phone
 Rumours and lies about you
 Stealing your account and password and sending
unwanted/inappropriate messages from your account.
 Phishing is an unlawful activity where fake websites or
emails that look original or authentic are presented to the
user to fraudulently collect sensitive and personal details,
particularly usernames, passwords, banking and credit card
details. The most common phishing method is through
email spoofing where a fake or forged email address is
used and the user presumes it to be from an authentic
source. So you might get an email from an address that
looks similar to your bank or educational institution, asking
for your information, but if you look carefully you will see
their URL address is fake. They will often use logo’s of the
original, making them difficult to detect from the real!
Phishing attempts through phone calls or text messages are
also common these days.
 In simple terms, a hacker is a person that is skilled enough
to hack or take control of a computer system. Depending on
the intent, there are different types of hackers.

HACKER

WHITE HATS BLACK HATS

(ETHICAL HACKERS) (CRACKERS)
 Computer Safety and Security
 Log off your Computer when not in use & don’t
leave them un-attended
 Do not install pirated software. Use only verifed
or licensed software and operating systems
 Use spam filters
 Do not connect unknown devices to your computer as they may
contain viruses
 Invest in a robust firewall
 Have a password protocol with specific strong password
guidelines, frequently change your passwords, prevents reuse of
old passwords
 Periodically check web site of the OS vendor (e.g. Microsoft or
Apple) for critical security updates that may need to be applied.
 Do not reply to emails from unknown sender even if it looks
like a genuine email
 Use complex passwords. Never write down your passwords
or share them with anyone else.
 Do not fall for lucrative offers/discounts as they might be
coming from unknown source and it may not be reliable.
Ignore/delete those mails
 Do not open attachments or click on links from unknown
senders, since they may contain malicious files that might
affect your device.
 Only click the links and downloads from websites that you
trust Beware of phishing websites - check the URL to
confirm if the website is secure
 Avoid revealing too much of your personal information like your age,
address, telephone number, school/college name etc. as this can
lead to identity theft
 Do your privacy settings very carefully on social networking sites
 Never reveal your password to anyone. Keep a strong password
 Communicate and collaborate only with people known to you
 Always be careful while posting photographs, videos and any other
sensitive information in social networking sites as they leave digital
footprints which stay online forever
 . If you suspect that your social networking account details have
been compromised or stolen, report immediately to the support
team of networking site
 Never leave your account unattended after login, log out
immediately when you are not using it
1. Information Technology Act, 2000 and the rules.
2. The Indian Penal Code, 1860.
 Hacking and Data Theft: Sections 43 and 66 of the IT Act
penalise a number of activities ranging from hacking into a
computer network, data theft, introducing and spreading
viruses through computer networks, damaging computers
or computer networks or computer programmes, disrupting
any computer or computer system or computer network,
denying an authorised person access to a computer or
computer network, damaging or destroying information
residing in a computer etc. The maximum punishment for
the above offences is imprisonment of up to 3 (three) years
or a fine or Rs. 5,00,000 (Rupees five lac) or both.
 Receipt of stolen property: Section 66B of the IT Act
prescribes punishment for dishonestly receiving any stolen
computer resource or communication device. This section
requires that the person receiving the stolen property ought
to have done so dishonestly or should have reason to
believe that it was stolen property. The punishment for this
offence under Section 66B of the IT Act is imprisonment of
up to 3 (three) years or a fine of up to Rs. 1,00,000
(Rupees one lac) or both.
 Identity theft : Section 66C of the IT Act prescribes punishment
for identity theft and provides that anyone who fraudulently or
dishonestly makes use of the electronic signature, password or
any other unique identification feature of any other person shall
be punished with imprisonment of either description for a term
which may extend to 3 (three) years and shall also be liable to
fine which may extend to Rs. 1,00,000 (Rupees one lakh).

 Cheating by personation: Section 66D of the IT Act prescribes

punishment for 'cheating by personation by using computer
resource' and provides that any person who by means of any
communication device or computer resource cheats by
personation, shall be punished with imprisonment of either
description for a term which may extend to 3 (three) years and
shall also be liable to fine which may extend to Rs. 1,00,000
(Rupees one lakh).
 Section 65 of the IT Act: Section 65 of the IT Act prescribes
punishment for tampering with computer source documents
and provides that any person who knowingly or intentionally
conceals, destroys or alters or intentionally or knowingly
causes another to conceal, destroy, or alter any computer
source code (i.e. a listing of programmes, computer
commands, design and layout and programme analysis of
computer resource in any form) used for a computer,
computer programme, computer system or computer
network, when the computer source code is required to be
kept or maintained by law for the time being in force, shall
be punishable with imprisonment for up to 3 (three) years
or with a fine which may extend to Rs. 3,00,000 (Rupees
lac) or with both.
Information Technology (Reasonable Security Practices and
Procedures and Sensitive Personal Data or Information)
Rules, 2011.

It enlists the kinds of personal data and sensitive personal

data , The 2011 Rules protects personal data which is
collected by an individual or a person who is involved in
commercial or professional activities.
 Section 378 of the IPC relating to "theft" of movable
property will apply to the theft of any data, online or
otherwise, since section 22 of the IPC states that the words
"movable property" are intended to include corporeal
property of every description, except land and things
attached to the earth or permanently fastened to anything
which is attached to the earth. The maximum punishment
for theft under section 378 of the IPC is imprisonment of up
to 3 (three) years or a fine or both.
 Section 406: Criminal breach of trust
 Section 411: Dishonestly receiving stolen property
 Section 419 of the IPC also prescribes punishment for
'cheating by personation'
 Section 425 of the IPC deals with mischief and states that
"whoever with intent to cause, or knowing that he is likely to
cause, wrongful loss or damage to the public or to any
person, causes the destruction of any property, or any such
change in any property or in the situation thereof as
destroys or diminishes its value or utility, or affects it
injuriously, commits mischief".
 Damaging computer systems and even denying access to a
computer system will fall within the aforesaid section 425
of the IPC. The maximum punishment for mischief as per
section 426 of the IPC is imprisonment of up to 3 (three)
months or a fine or both.
 What is document management?

 Document management is a system or process used to

capture, track and store electronic documents such as
PDFs, word processing files and digital images of paper-
based content.
 Paper storage may require significant physical space. A
document management platform can integrate disparate
documents for greater control, access and process
efficiency. It offers advantages in terms of information
retrieval, security, governance and lower cost of operations.
1. •Less paper and less storage space

2. •Easy storage and retrieval

3. •Faster access and sharing

4. •Better record keeping

5. •Better customer service

 Document management can be very effectively used is the
transcription and storage of judicial documents. One would
no more be required to use a manual typewriter.
 Moreover, the typists and stenographers can better
organize and format documents with facilities of
simultaneous spell checks and font organization and
numerous other facilities. These documents can be easily
accessible with all securities. The simple and basic
advantages of using document management tools like, cut
and paste instead of retyping on a separate sheet, the
ability to make correction without the use of erasing
 liquids, transfer of document from one work station to
another on a click of a mouse, etc. would be of immense
help in lessening the manual work.
Database Management System
A well-structured database is the heart of court management,
case management and caseflow management. There are
several important databases which need to be created to store
the information captured in a systematic and meaningful
manner:
 Courts database: This database contains the entire
information of all the courts like, (i) the class i.e. Civil Judge
(Jr. Dn.), Civil Judge (Sr. Dn.) or District Judge(ii) jurisdictions
both territorial and pecuniary; (iii) name; (iv) location; and,
(v)judicial and revenue district in which it lies.
 Location database: This database helps in storing and
retrieving of object/correct location of an immovable
property or address of a person i.e. the court, judge, litigant,
advocate, staff etc.
 Judges database: The information relating to the central
human object in thejudicial system is stored in this
database. It contains a Judge’s personal data including
date of entry into service, grade, promotions, adverse
remarks, disciplinary proceedings, transfers and postings. It
helps in taking vital decisions regarding performance of a
judge which has a direct bearing on delays and arrears.
 Court Staff database: Like that of judges, this database contains
the entire relevant information of the supporting infrastructural
staff provided to the court. This helps in maintaining discipline,
work culture and available strength of this class.
 Litigants database: This database contains the information
relating to parties to a dispute brought before the court as
required in the procedural laws. It helps in convenient and
accurate creation of cause titles, summons and notices, orders,
judgment and decrees. With the help of this database, many
statistical reports can instantly be generated, like, (i) in how many
cases the same litigant is involved many cases pending in the
state or elsewhere; (ii) whether he had earlier filed any other case
for the same cause of action; or, (iii) litigants classification with
variables in order to have a behavioral study, etc.
 Advocates database: This database is designed to contain
all relevant information relating to enrolled advocates. It
helps in many ways. If any advocate appearing for any
litigant is disabled from appearing in any case, because of
other assignments or has expired, then all such cases can
be sorted out immediately and court notice can be sent to
the parties at the earliest. It helps in retrieving and
recording the names of advocates and printing their names
correctly in cause-lists, orders, judgments, etc. It permits
class analysis in all desired manners.
 Case database: This database, like the Court database,
contains another set of key information for understanding
the system behavior. This database is capable of answering
all queries relating to all cases i.e. case institutions,
pendencies, disposals, stages, nature, etc. The information
contained in this database can reveal out all the miseries
which has led to systemic failures.
 Case Updation database: This database takes care of case
progression and provides a key to case flow management. It
facilitates tracking of the stages of cases and helps in case
management through supervisory process.
 Exhibits and Witnesses database: The witness and exhibits
database is an integral part of judicial process. This
database helps the Courts in finding out the witnesses
examined, the exhibits marked and submitted to the court,
admissible documents and details of witnesses and the
evidences produced before the court.