Professional Documents
Culture Documents
Legal Cyber Proj ORG
Legal Cyber Proj ORG
Legal Cyber Proj ORG
D A ANU NAIR
2013
1
D A ANU NAIR
1st Semester - B.A. LL.B. (Hons.)
Roll No: 2013
ABSTRACT
Modern society has seen never-before-seen opportunities and difficulties due to the fast spread
of technology. Cyber security, which includes safeguarding digital assets and information from
various dangers and vulnerabilities, is one of the most urgent challenges. The legal environment
surrounding cyber security and the liability connected to cyber events continually changes as
technology advances. This project aims to give a thorough overview of cyber dangers, the legal
system that oversees cyber security, and the potential legal repercussions that people and
TABLE OF CONTENTS
1. Introduction 4
2. Cyber securities and legal liabilities 5-17
a. History of cyber world
b. What is cyber security
c. What is Cyber law
d. Types of cybercrime
e. Roles of cyberlaw in cybersecurity
f. Cyberlaws
g. Advantages of cyber law
h. New developments in cyber law
i. Need for cyber law
3. Conclusion 18
4
INTRODUCTION
In today's post-pandemic world, most individuals and organizations have shifted to remote
employment and digital access to services in every industry. However, as a result, they have begun
to experience significant threats from data breaches and cyber-attacks. Exploiting infrastructure flaws
and other methods used by malevolent hackers to conduct these cyber-attacks are constantly
improving and getting more sophisticated, raising the possibility of a significant data breach?
Everyone must now understand cyber security regulations' legal complexities to function.
Different firms and organizations may wind up having a shoddy cyber security infrastructure
that does not abide by federal rules due to a lack of awareness about cyber security standards.
1. Describe the idea of cyber security and its significance in contemporary society.
2. Give a general review of the national and international legal systems that regulate
cyber security.
3. Examine the possible legal repercussions that individuals and businesses may have
case studies.
5. Provide information about cyber security risk management and new problems in the
area.
5
The Internet is a worldwide network of interconnected computer networks that use the Internet
Protocol Suite (TCP/IP).1 It comprises millions of private and public, academic, business, and
government networks ranging in size from local to global in scope and connected via copper
lines, fiber-optic cables, wireless links, and other technologies. The Internet transports a vast
array of information resources and services, most notably the World Wide Web's (WWW)
inter-linked hypertext documents and the infrastructure to support electronic mail, as well as
popular services such as online chat, file transfer and file sharing, online gaming, and Voice
The Internet's origins may be traced back to the 1960s, when the United States financed military
research efforts to construct resilient, fault-tolerant, and distributed computer networks. This
research, as well as a period of civilian funding by the National Science Foundation for a new
The Internet and World Wide Web are frequently used interchangeably in ordinary discourse.
However, the Internet and the World Wide Web are not synonymous. 3 The Internet is a
1
ARTICLE:DEMAR'S TIME HAS ARRIVED, kiss-aida, https://www.kissaida.com/copy-of-cover-5
2
Dispute resolution mechanism of cyber laws in India, ICMCR | INTERNATIONAL CENTRE FOR MEDIATION AND
CONFLICT RESOLUTION, https://icmcrmediation.org/dispute-resolution-mechanism-of-cyber-laws-in-india/
3
Tech Xplore - Technology and Engineering news, Tech Xplore - Technology and Engineering news,
https://techxplore.com/tags/internet/sort/rank/1d/ (last visited Oct. 15, 2023).
6
allows computers to communicate with one another. On the other hand, the Web is one of the
services communicated via the Internet. It is a collection of papers and other resources linked
The World Wide Web was created in 1989 by English physicist Tim Berners-Lee, currently
the Director of the World Wide Web Consortium, and later supported by Belgian computer
scientist Robert Cailliau while both worked at CERN in Geneva, Switzerland. They proposed
establishing a "web of nodes" in 1990 to store "hypertext pages" read by "browsers" over a
Overall, Internet usage has increased dramatically. From 2000 to 2009, the global Internet user
population increased from 394 million to 1.858 billion. By 2010, 22% of the global population
had access to computers, with 1 billion Google searches per day, 300 million Internet users
Following English (27%), the most popular languages on the Internet are Chinese (23%),
Spanish (8%), Japanese (5%), Portuguese and German (4% each), Arabic, French, and Russian
(3% each), and Korean (2%). By region, Asia has 42% of the world's Internet users, Europe
has 24%, North America has 14%, Latin America and the Caribbean have 10%, Africa has 6%,
Protecting systems, networks, and programs from cyber-attacks is the practice of cyber
security. These hacks try to disrupt regular corporate operations, extort money from users
4
Internet Technologies | i-netsolutions.net, i-netsolutions.net |, https://i-netsolutions.net/internet-
technologies-7.html.
5
OVERVIEW OF CYBER LAWS INDIA (Oct. 4, 2012), https://taxguru.in/wp-content/uploads/2012/10/cyber-laws-
overview.pdf.
7
Nowadays, there are more devices than humans, and hackers are getting more creative, making
Multiple layers of security are dispersed across the computers, networks, programs, or data that
one wants to keep secure in an effective cybersecurity strategy. For a business to successfully
defend against cyber-attacks, the people, processes, and technology must all work
harmoniously.7
Everyone gains from cutting-edge cyber defense strategies in the linked world of today. A
cyber security attack may result in everything for a specific person, including identity theft,
extortion attempts, and the loss of crucial information like family photos. Critical
infrastructure, including hospitals, power plants, and financial service providers, is a necessity
for everyone. For our society to continue to run smoothly, these and other organizations must
be secure.
Cyber laws, also called internet laws, are legal informatics rules that govern software, e-
encompasses various connected topics, including Internet access and usage, freedom of speech,
and privacy. The usage of the internet raises numerous security and privacy concerns.
Intelligent criminals have been reported to carry out unauthorized operations and potential
fraud using cutting-edge tactics. As a result, there is a great need to protect against them, and
the best way to do so is to impose a cyber security strategy. By holding these criminals
responsible for their destructive deeds and imposing the proper punishment determined by the
6
Cybersecurity and its types and importance Full Maza Blog (2023), https://fullmazablog.com/cybersecurity-
and-its-types-and-importance/ (last visited Oct 15, 2023).
7
Gaurav Sharma, Important skills to master for cybersecurity professionals TechGig (2022),
https://content.techgig.com/important-skills-to-master-for-cybersecurity-
professionals/articleshow/96400180.cms
8
Federal Government, these regulations and laws are designed to protect individuals and
businesses online.
1. Hacking is a criminal offense in India and may lead to civil liabilities. Section 43 of the
Information Technology Act, 2000 (the "IT Act") proscribes, in respect of a computer,
contravention to the IT Act; and any manipulation or tampering that causes services availed by
one person to be charged to another. Prior to amendments to the IT Act in 2008, section 66 of
said Act specifically defined hacking as the destruction, deletion, or alteration of any
computer resource, or an action that affects a computer resource injuriously. These actions are
now within the purview of section 43 of the IT Act as amended in 2008, which no longer makes
specific reference to the term "hacking" but otherwise retains the language of the former section
66. Finally, section 43, as amended, also proscribes the stealing, concealment, destruction, or
alteration (or causing any person to do any of the preceding) of any computer source code used
Those found guilty of violating section 43 are subject to a maximum three-year sentence in
8
Thakur, Harish C. "Extent of Protection Offered by the Indian Information Technology Act, 2000: A Case
Study." International Journal of Technology Transfer and Commercialisation, (2007).
https://doi.org/10.1504/ijttc.2007.014539.
9
2. Denial-of-service attacks: Attacks that cause a denial of service (Do's) are likewise
prohibited by section 43 of the IT Act. The provisions of sections 43(e) and (f) apply to anyone
who, without the consent of the owner of a computer, computer system, or computer network,
interferes with or causes interference with that computer, computer system, or computer
network, and refuses or causes the refusal of access to any person authorized to access a
breaking the terms of section 43 is punishable by up to three years in prison, a fine of INR
500,000, or both.9
3. Phishing: Phishing is not explicitly mentioned in the law. However, the Delhi High Court
theft of identity in order to perpetrate theft of data" in National Association of Software and
Services Companies v. Ajay Sood 2005 (30) PTC 437 (Del). As previously mentioned,
phishing assaults fall under this criteria and are generally covered under Section 43 of the IT
Act. Penalties for violating section 43 have already been described in the previous paragraph.
In addition, section 66C of the Information Technology (Amendment) Act, 2008 (the "IT
Amendment Act") states that whoever fraudulently or dishonestly makes use of the electronic
signature, password, or any other unique identification feature of any other person, shall be
punished with imprisonment of up to three years, and will also be liable to a fine of up to INR
9
Ryan Stevens, Banning Ransomware Payoffs: Cybersecurity Legislative Update, Duane Morris Government
Strategies (July 27, 2021), https://statecapitallobbyist.com/judiciary/banning-ransomware-payoffs-
cybersecurity-legislative-update/.
10
100,000. Section 66D of the IT Amendment Act prescribes the same penalties for whoever,
Cyber rules are essential to using the internet and have several functions. Most of these
regulations are designed to safeguard users from falling prey to cybercrimes, while some are
intended to control how people use the internet and computers more generally. Cyber laws
Fraud: Cyber laws protect users from falling prey to online fraud. They are around to stop
crimes like identity and credit card theft. These statutes further proclaim that anyone who
attempts to conduct such fraud would face federal and state criminal charges.
Copyright: Besides outlawing copyright infringement, cyber laws also enforce copyright
protection. They grant people and organizations the right to safeguard and benefit from their
creative creations.
Defamation: Cyber laws are also enforced in online slander cases, which protects people and
companies from untrue claims made online that could hurt their reputations. 11
V. Cyber laws
Cyber security or cybercrime laws are regulations that protect information technology,
intending to require businesses and organizations to use a variety of defenses to secure their
10
India Legal, Tamil Nadu Police Registered FIR Against Twitter Handle Trying To Cause Unrest Among IPS &
CAPF, (June 21, 2020), https://www.indialegallive.com/top-news-of-the-day/tamil-nadu-police-registered-fir-
against-twitter-handle-trying-to-cause-unrest-among-ips-capf/.
11
LexTalk World, An overview of the cybersecurity laws in the EU, LexTalk World (Jan. 17, 2023),
https://www.lextalk.world/post/an-overview-of-the-cybersecurity-laws-in-the-eu.
11
systems and data against intrusions. The various categories of international cyber and
1. The Information Technology Act of 2000 was passed by the Indian Parliament and was
intended to protect the e-government, e-banking, and e-commerce sectors. However, its scope
has since been expanded to include all contemporary communication technologies. Provisions
for the protection of electronic data are included in the IT Act. Sections 43(a) through (h) of
the IT Act impose penalties for "cyber contraventions" and "cyber offenses" (sections 63–74).
The IT Act was initially passed to establish a legal framework for online business and impose
computer abuse penalties. However, it is now also used to address data security and privacy
issues. The Information Technology (Guidelines for Intermediaries and Digital Media Ethics
Code) Rules, 2021, which limit the usage of intermediaries, including social media
intermediates, and define their obligations to protect users' personal information online;
The following are some of the areas of data collection, transfer, and processing that are the
The Information Technology (Reasonable Security Practices and Procedures and Sensitive
The Information Technology (Guidelines for Cyber Cafe) Rules, which mandate that
cybercafés register with a registration agency and keep a record of patrons' identities and
internet usage, as well as The Information Technology (Electronic et al.) Rules give the
12
Government the authority to mandate that certain services, like applications, certificates, and
The Personal Data Protection Bill 2019—a proposed piece of specialized data protection
legislation—was introduced to Parliament for consideration in late 2020 and again in 2021.
Due to concerns that it was too broad, the Government withdrew it in the first few days of
August 2022. It is currently being revised. However, enforcement may occasionally occur in
addition to the abovementioned laws based on the Copyright Act of 1957. Other laws, including
the Indian Penal Code of 1860, the Code of Criminal Procedure of 1973, the Indian Telegraph
Act of 1885, the Companies Act of 1956, and the Consumer Protection Act of 1986, may
The Indian Penal Code, in particular, has sections that cover the majority of criminal statutes,
such as those about theft, fraud, identity theft, and intentional infliction of harm, all of which
may, in general, apply to cyber offenses. It is important to note that Section 81 of the IT Act
2000 contains a non-obstante clause that declares that its provisions take precedence over any
other statutes that may conflict with them. The IT Amendment Act clarifies that this does not
prevent anyone from exercising rights granted by the Copyright Act of 1957 or the Patents Act
of 1970.
2. The 1980 Indian Penal Code (IPC): Cyber frauds, including identity theft and other
thefts of sensitive information, are the main targets of this cybercrime prevention act.
3. 2013 Companies Act: The legislature made sure that all regulatory compliances,
including e-discovery, cyber forensics, and cybersecurity diligence, are covered by the
12
Christy Chung, Information Technology Rules from India, StormEye (Feb. 12, 2023),
https://www.stormeye.io/post/information-technology-rules-from-india.
13
Corporation Act, which was passed back in 2013. The Companies Act outlines the directors'
4. NIST Compliance: The National Institute of Standards and Technology (NIST) has
approved the Cybersecurity Framework (NCFS), which includes all the standards, best
5. Following section 48(1) of the IT Act, the Ministry of Electronics and Information
Technology established the Cyber Regulations Appellate Tribunal (CRAT) in October 2006.
Thanks to the IT Amendment Act, the tribunal is now known as the Cyber Appellate Tribunal
(CAT). Any individual who feels wronged by a decision issued by the Controller of Certifying
Authorities or an adjudicating officer under this Act may file an appeal with the CAT under
the IT Act. According to section 49 of the IT Act 2000, the Central Government appoints the
chairperson of the CAT via notification. Before the IT Amendment Act, the chairperson was
called the presiding officer. The modified Act now stipulates that the CAT should consist of a
chairperson and such additional members as the Central Government may announce or
nominate.14
In the European Union, there are four main cyber security rules. The EU GDPR, the
EU Cybersecurity Act, the NIS Directive, and ENISA are a few of them, and we will quickly
touch on each.
The European Union Agency for Cyber security (ENISA) was established to enhance
13
Nandini Prashad, Cyber Laws In India That One Should Learn About!, News Magnify - A New Vision For The
Global News (Nov. 30, 2022), https://www.newsmagnify.com/technology/cyber-laws-in-india/.
14
Rachit Garg, Detailed analysis of an adjudicating officer u/s 46 of the Information Technology Act, 2000 -
iPleaders, IPleaders (June 6, 2021), https://blog.ipleaders.in/detailed-analysis-adjudicating-officer-u-s-46-
information-technology-act-2000/.
14
was founded in 2004 with three main goals: The suggested action plan in the wake of a security
breach (i). (ii) Creating policies and providing support for their execution. (iii). Direct
assistance.
NIS Directive: The European Parliament passed the Network and Information Systems
(NIS) Directive in 2016, intending to enhance cybersecurity broadly across all EU networks. It
primarily concentrated on operators of essential services (OESs) and digital service providers
(DSPs). Organizations that are essential to society or the economy, or OESs, will be negatively
impacted by security or data breaches. Any such occurrence must be reported to the Computer
EU Cyber security Act: The EU Cyber security Act offers businesses throughout the
EU a certification framework for cyber security for digital goods, services, and processes.
May 2018 after being established in 2016 (Lim,2018). The EU GDPR intends to establish a
uniform standard for data protection across all of the EU's member states.
Cyber laws safeguard people's and organizations' privacy online while preventing them from
being victims of cybercrimes. Therefore, the benefits of passing such laws are innumerable,
but in order to comprehend the significant advantages, let us go over a few key points:
Cyber laws govern every action on the internet and, in general, in cyberspace, just as regular
Online transactions are protected by federal law just like offline ones are.
Online activity is continuously monitored by cybercrime officials so that any illegal conduct,
Cyber laws must be updated and strengthened to ensure they are as complete as possible as
cyberspace advances dramatically. Here are a few new developments in cyber law:
The public's increasing knowledge of online privacy calls for the Federal Government to take
Vast volumes of data are now being transferred between computers thanks to cloud computing,
creating numerous vulnerabilities that can be attacked. Additionally, laws governing these
A growing trend, cryptocurrencies like Bitcoin and Ethereum demand rules and regulations to
The cyber security industry has made significant strides in response to the rise in malicious
cybercrimes. However, the rules and regulations in place today need to address these offenses
adequately. This necessitates the Government taking effective action to adopt new laws and
acts that are comprehensive and effective to counteract these threats and manage the
Scope
The cybersecurity industry has made significant strides in response to the rise in malicious
cybercrimes. However, the rules and regulations in place today need to address these offenses
adequately. This necessitates the Government taking effective action to adopt new laws and
acts that are comprehensive and effective to counteract these threats and manage the
In today's technologically advanced society, the globe and its crimes are becoming increasingly
digitally complex. The Internet was initially designed as an unregulated research and
commerce, e-governance, and e-procurement, among other things. Cyber laws address all legal
issues relating to digital crime. As the number of people using the Internet grows, so does the
Cyberlaw affects practically everyone in today's highly digitalized environment. For example
Almost all businesses rely heavily on computer networks and store critical data electronically.
Government forms, such as income tax returns and corporate law forms, are now filled out
electronically.
Most people communicate using email, cell phones, and SMS messages.
divorce, murder, kidnapping, tax fraud, organized crime, terrorist operations, and counterfeit
currency.
Online banking frauds, online share trading frauds, source code theft, credit card fraud, tax
evasion, virus attacks, cyber sabotage, phishing attacks, email hijacking, denial of service,
hacking, pornography, and other forms of cybercrime are becoming more frequent.
Digital signatures and e-contracts are rapidly replacing traditional business transactions.
Technology in and of itself is never a contentious issue, but who gets what and at what cost has
been a point of contention in government. In contrast to prior technologies, which had a trickle-
down impact, the cyber revolution promises to reach the masses swiftly. Such a promise and
17
potential can be achieved only with an adequate legal system based on a particular
socioeconomic matrix.
18
Conclusion
Cybercrimes can be effectively stopped in their tracks, but it will take the combined efforts of
and open environment for everyone, cyber security laws and regulations governing each action
and activity are essential as cyberspace grows more widespread. The Government is anticipated
to make significant strides with cyber regulations in the future years, but ultimately, the