Professional Documents
Culture Documents
Student 22 April Thesis Final Done
Student 22 April Thesis Final Done
Student 22 April Thesis Final Done
CHAPTER 1
INTRODUCTION
Cyber law, sometimes referred to as Internet law or digital law, is the body of laws and rules
pertaining to the usage of digital technology and the internet. One cannot stress the
significance of strong legal frameworks to regulate cyberspace as the world grows more
interconnected through digital networks. of India, the shift in viewpoints of cyber law is
indicative of the nation's efforts to embrace the digital era while tackling its associated
India is leading the way in the global digital revolution with its fast growing digital
infrastructure and growing population. Many facets of Indian culture and economy have
changed as a result of the country's increasing internet population, booming e-commerce, and
introduction of cutting-edge technology like blockchain and artificial intelligence. But with
the advantages of digitalization also come serious legal and regulatory obstacles, such as
dangers to cybersecurity, worries about data privacy, and problems with intellectual property
rights.
.From the early days of the internet, when the legal environment was mostly unknown,
attitudes on cyber law in India have evolved. As the internet became widely recognized as an
essential instrument for social interaction, business, and communication, politicians and legal
experts started debating the necessity of creating suitable legal frameworks to successfully
regulate cyberspace..
1
India has passed a number of laws throughout the years to handle different facets of cyber
law. An important turning point in this direction was the Information Technology Act of
2000, which established a thorough legal framework to control digital signatures, electronic
transactions, and cybercrimes. The IT Act has since undergone revisions, and other
legislative efforts have also attempted to adjust to the changing landscape of cyberthreats and
technical developments.
However, difficulties and disagreements have dogged India's efforts to develop a strong and
functional cyber legal framework. Stakeholders in academia, business, and civil society have
been debating topics such jurisdictional issues, ambiguities in legal interpretation, and
Furthermore, the speed at which technology is developing has created new difficulties for
legislators and regulators, necessitating ongoing revisions and adaptations to the legal
frameworks that are already in place. Concerns concerning new technologies' effects on
digital privacy, security, and liability have been brought up by the rise of AI, blockchain, and
the Internet of Things (IoT). In light of this, it is essential to critically examine how opinions
significant legislative advancements, court rulings, and current discussions, this research aims
to provide insight into the dynamic character of cyber law in India, as well as the potential
and obstacles it poses for the nation's legal and regulatory structure.
By doing this, the study hopes to further our grasp of the nuances of cyber law in the Indian
context and offer valuable insights for future policy discussions and scholarly investigations
into this area. This introduction establishes the framework for your critical analysis by giving
background information, emphasizing the significance of the subject, and describing the
2
.2.Statement of Research Problem
The precise topic or query you plan to investigate in your study is outlined in the description
of your research problem. This is one way to phrase your study question: "Even though cyber
law has developed quickly in India, there is still a dearth of thorough knowledge of the
various viewpoints that have influenced its growth. By analyzing the impact of legal,
sociocultural, and technical elements on the development and application of cyber law in
India, this study aims to critically assess the evolution of viewpoints surrounding this legal
framework. This research attempts to shed light on the gaps, inconsistencies, and possibilities
in India's cyber legal framework by exploring the historical background and contemporary
issues. The ultimate goal is to educate future policy formation and legal practice in this area."
The topic of your study is summarized in this statement, which highlights the critical analysis
of the changing views on cyber law in India and its consequences for practice and policy.
The fast growth of technology and its ubiquitous effect on all parts of society need a critical
review of the evolution of viewpoints on cyber law in India. The following important
considerations might provide justification for this kind of study: Technological Progress:
Given the explosive expansion of social media, e-commerce, the internet, and other digital
platforms, it is critical to comprehend how laws and regulations have changed to keep up
with these developments. This research will clarify how India's legal system has changed to
meet the new difficulties that the internet has brought forth.
3
.Legal Challenges and Gaps: Because technology is constantly evolving, applicable laws
have not kept up with it, leaving gaps or contradictions in the law. Through a critical analysis
of the development of viewpoints on cyber law in India, scholars may pinpoint deficiencies
and obstacles in the current legal system and suggest ways to enhance it.
Effect on the Community: The effects of cybercrimes, data breaches, online abuse, and other
digital dangers on people, companies, and society at large are profound. Knowing how cyber
laws have changed over time may help one understand how well they work to safeguard the
.Global Comparisons: India is not the only country facing difficulties in enforcing cyberspace
regulations. A comparative study of the legal systems of other nations can provide India's
cyber law regime with important insights and best practices. This research might investigate
areas of convergence or divergence between India's approach to cyber law and that of other
countries.
Implications for Policy: To guarantee cybersecurity, privacy protection, and digital rights,
India must put strong legislative frameworks in place while it works to develop its digital
infrastructure and foster digital transformation. Policymakers may use the evidence-based
insights from this study to make well-informed decisions and pass legislation that adapts to
Generally, the need to comprehend how technology and law intersect, evaluate the efficacy of
defending digital rights, and creating a safe and secure digital environment for all
goals:
Historical Context: Follow the evolution of cyber law in India through its early years,
beginning with the nation's introduction to the internet. Legislative Framework: Examine
how India's cyber law laws, such the Information Technology Act of 2000 and its later
pertaining to data privacy, cybercrime, and internet regulation, that have influenced the
International Influences: Examine how international norms, treaties, and agreements have
affected the creation and application of cyber laws in India.Questions and Remarks: Describe
the difficulties and criticisms that the Indian cyber legal system has to deal with, including
worries about censorship and monitoring, issues with jurisdiction, and enforcement gaps.
intelligence, blockchain, and the Internet of Things have impacted the development of cyber
law in India and the suitability of current legal frameworks for tackling new issues.
Make policy suggestions to improve the efficacy and applicability of cyber laws in India
while taking into account cutting-edge technology, global best practices, and the defense of
personal liberties.
Comparative Analysis: Examine the cyber legal systems of other countries, noting their
parallels and variances as well as any lessons that may be applied to strengthen the Indian
situation.
By focusing on these goals, the research may give a thorough critical examination of how
opinions on cyber law have changed over time in India, providing insights into the field's
5
advantages, disadvantages, and potential improvements in relation to the nation's technical
legislation is required to address emerging cyber threats and challenges, India's cyber law
perspectives have evolved over time, showing a shift from reactive regulatory measures to
Before the Information Technology Act of 2000, India had no autonomous cyber law;
instead, all computer-related offenses were prosecuted under the country's established
criminal code, the Indian Penal Code, 1860. But in the new century, computer networks'
governance. A range of legal issues relating to the use of computers, the internet, or digital
expression, jurisdiction, etc., arose with the increased reliance on e-commerce and e-
governance and could not be addressed by the existing laws because cyberspace has no
This presented real-world challenges for law enforcement in controlling individuals' online
user is bound by the laws of the State in which he or she does business, this general rule
While it is true that no one ever considered that computer technology could be covertly
abused for illegal purposes by internet users when it was still in its infancy, experience has
6
shown that the internet has a dark side as well, giving rise to a new class of crimes known as
cybercrime. The Indian Parliament passed the Information Technology Act against this
backdrop. The following are the Act's goals as stated in the declaration of objects:
The Information Technology Act was mainly introduced to facilitate and promote e-
commerce, which had gained momentum due to the shift from traditional paper-based
from a plain reading of the Act's statement of objects. The objectives of the Act's Preamble
were to: 1. provide e-commerce legal status; 2. make it easier for papers to be electronically
filed with government agencies; 3. update the Indian Penal Code; 1860; Indian Evidence Act,
1872; Bankers Books Evidence Act, 1891; Reserve Bank of India Act, 1934; and:
Ensure that government services are delivered effectively by using dependable electronic
records.
Thus, the Act establishes a foundation for law such that all electronic documents and other
It is important to note that the United Nations Commission on International Trade Law
that served as the foundation for the Information Technology Act 41 2000, which was passed
by the Parliament. After the Act's implementation, certain flaws and weaknesses were
Technology (Amendment) Bill was presented to change the Act once again in 2002., 2006,
which became the Information Technology (Amendment) Act, 2008 (Act No. 10 of 2009)
upon its approval by the Parliament on December 24, 2008, and the President of India's
assent on February 5, 2009. The goal of the Amendment Act is to strengthen the effectiveness
sincere efforts to develop comprehensive cyber legislation that could be uniformly applicable
to all countries for the prevention and control of cybercrimes. This is because there is no
consensus regarding the concern for control and minimization of these crimes. The different
organizational structures of different legal regimes are the obvious causes of this variance in
how internet crime is addressed. Despite the fact that several international conventions and
treaties have been drafted to provide a uniform legal framework for the prevention of
borderless cybercrime, these initiatives have failed due to a lack of required member nation
Furthermore, because various nations have diverse socioeconomic and cultural backgrounds
and differ in how concerned and sensitive they are to cybercrimes, there is certain to be
diversity in how these nations respond to cybercrimes compared to those that are severely
impacted. It is unrealistic to expect all nations to prevent and regulate cybercrime in the same
way given the current state of affairs. Perhaps this is the primary cause of the various nations'
.. Although a global cyber law has not yet developed, the need for one is becoming more and
more apparent in nations across the globe as a result of the internet's rapid expansion, which
gives criminals endless opportunities to commit a wide range of crimes with potentially
encompass a wide range of topics, given the fast advancement of technology, legal structures,
legislation in India. This might include significant occurrences, early legislation, and turning
Legislative Framework: Examine how India's cyber law laws has changed over time. Start
with the fundamental legislation, such as the Information Technology Act of 2000 and its
ensuing modifications. Talk about how these regulations have changed to reflect new
Analyze Case Law: Examine seminal cases pertaining to cyber law in Indian jurisprudence.
Cases concerning data security, intellectual property rights, cybercrime, and online freedom
Government Initiatives: Analyze how Indian cyber law policy is shaped by government
agencies and entities. Initiatives from CERT-In (Indian Computer Emergency Response
Team), the Ministry of Electronics and Information Technology (MeitY), and other pertinent
organizations may fall under this category.Global Views: Analyze India's cyberlaw policy in
comparison to other nations. Point up the areas where India has incorporated international
Issues and Debates: Talk about the current issues and disputes surrounding Indian cyber
legislation. This might involve matters like cybersecurity, data privacy, monitoring, internet
Corporate Compliance: Examine how cyber legislation affects Indian companies that operate.
Talk about data protection laws, compliance standards, and corporate governance's part in
maintaining cybersecurity.
Social Implications: Take into account how India's cyber law may affect society as a whole.
This might cover subjects like online harassment, access to justice, digital inclusion, and the
9
influence of social media on public debate and democracy.Upcoming Patterns: Conjecture on
the future course of Indian cyber law and policy. Think about the potential influence of
.Comparative Analysis: Lastly, describe how various stakeholders in India's cyber law—such
as the government, corporations, civil society, and legal profession—view and interact with
the legislation.
law in India might offer insightful information on the challenges of policing cyberspace in a
8 Methodology/Design :
The examination of the development of viewpoints about cyber law in India necessitates a
policy aspects. Here is a recommended design and technique for this kind of critical analysis:
Review of the Literature: Begin by performing a thorough analysis of the body of research on
Indian cyber law. Academic papers, legal writings, government reports, case law, and policy
documents should all fall under this category. Determine the main arguments, topics, and
Historical Analysis: Follow the evolution of cyber legislation in India over time, from the
earliest internet days to the present. Examine significant court rulings, legislative
achievements, and policy proposals that have influenced India's legal framework for
cyberspace.
Legal study: Perform a thorough legal study of all pertinent legislation, rules, and court
10
rulings pertaining to Indian cyber law. Determine the main legal tenets, theories, and case law
that have developed throughout time and their significance for cyberspace governance.
Technological Analysis: Examine how law and technology interact in relation to India's cyber
laws. Examine the difficulties presented by cutting-edge technologies and how they may
affect legal regulation, including blockchain, artificial intelligence, and the Internet of
Things.
of Indian viewpoints on cyber legislation. Think about topics including cybersecurity risks,
digital inclusion, privacy rights, economic growth, and access to justice in the digital era.
.Policy Analysis: Assess government programs and policies meant to solve India's cyber law
issues. Evaluate the success of current policy frameworks in accomplishing their goals and
pinpoint areas in need of development. Comparative Analysis: Examine how India's views on
cyber law have developed in relation to those of other countries and regions, such as other
South Asian nations. Determine the best practices and lessons learnt that can guide India's
policy-making.
Stakeholder Interviews and Surveys: Speak with government officials, legal professionals,
business representatives, civil society groups, and university academics who are significant
players in the creation, application, and enforcement of cyber legislation in India. Learn about
their viewpoints, experiences, and suggestions for further action. Moral Aspects to Take into
Account: Examine the moral ramifications of cyber law regulations and procedures in India,
taking into account concerns about data security, freedom of speech, human rights, and
surveillance. Assess the degree to which current legal frameworks preserve basic concepts
11
Conclusion and Suggestions: Summarize the analysis's results and make judgments on how
India's views on cyberlaw have changed over time. Make suggestions for upcoming studies,
legislative changes, and policy changes to handle new problems and possibilities in the digital
age.
You may do a thorough critical examination of the development of cyber law views in India
by using this interdisciplinary method, taking into consideration the intricate interactions
.9 Limitations of study :
A research on the development of viewpoints on cyber law in India may include the
following limitations:
restricted Scope: By concentrating on some facets of cyber law, including data privacy,
cybersecurity, or online freedom of speech, the research may overlook other significant
factors.
Time Restrictions: Owing to time constraints, the research may not be able to fully cover the
historical development of cyber law in India, which might result in the omission of important
.Data Availability: It may be difficult to obtain thorough and trustworthy information about
the evolution of viewpoints on cyber law in India, particularly when it comes to early
obstacles: The research may be hindered by language obstacles, especially when it comes to
obtaining and evaluating court rulings, legal documents, and academic publications written in
non-English regional languages. Subjectivity and Bias: The study's analysis and results may
be impacted by inherent bias in the sources and views chosen and interpreted.
12
.Legal Complexity: Researchers with no training in law may find it difficult to comprehend
and analyze court rulings and legal frameworks pertaining to cyber law in India because of its
complexity.
The dynamic nature of cyber law means that it is challenging to capture the whole range of
viewpoints within a given time frame since the field is always changing as a result of social
norm shifts and technical improvements. Generalizability: Due to regional variations in legal
frameworks and evolving viewpoints on cyber law, study findings and conclusions may not
works and legal documents, may restrict the breadth of analysis and obscure complex
viewpoints that may be discovered using primary research techniques, such as questionnaires
legal advancements in handling modern difficulties in cyberspace is essential, the study may
not have gone far enough into the policy implications of shifting viewpoints on cyber law in
India.
Chapter 1
13
4 Objectives of the Study
8 Methodology/Design
9 Limitations of study
10 Scheme of Study (in this you just have to do chapterisation as in Chapter 1 includes
14
CHAPTER- 2
A new generation of crimes has cropped up by the advent of Internet Computer Hacking,
illicit or unlicensed products and services are offences that have already made their mark. 1
New Problems emerging on the scene include credit card fraud, cyber terrorism, Cyber
laundering and criminal use of secure Internet communications. 2 The present weak electronic
withdrawl from banks and counter money laundering operations. Software piracy is a boom
business and video and phonographic industries are sinking day by day globally.3
The daily transformation of the human mind is bringing about a significant shift in the ways
in which crimes are committed. Criminals are using their increasing intelligence to commit
15
crimes and get away with them without being discovered. Nobody anticipated that the
invention of computers would turn them into a tool or a source of criminal activity. Known as
the inventor of the computer industry, Charles Babbage never imagined that the machine he
was gifting the world would end up becoming a source of crime and negatively impact
society forever.
Anytime we discuss cybercrime, it's evident that we're talking about a wrong that involves a
computer system.
The phrase "cybercrime" is used incorrectly. Nothing in any Act or legislation approved by
the Indian Parliament defines this word. The idea of traditional crime and the idea of
cybercrime are not so dissimilar. They both refer to actions or inactions that violate the law
and are offset by official government approval. Although cybercrimes are a relatively new
type of crime that emerged shortly after computers were invented, the situation has gotten
Conventional Crime :-
Crime is a long-standing social and economic issue that predates human society. Crime has
the choice of the law and is a legal notion. An offense or crime is "A legal wrong that can be
Atkin, the primary characteristic of criminal behavior is breaking the law: "The criminal
quality of an act can not be discovered by reference to any standard but one is the act
prohibited with penal consequences."5. Any behavior that is followed by an act or omission
that is illegal and for which there are repercussions when the law is broken is considered a
crime.
16
Cyber Crime :-
In the digital age, cybercrime is the newest and maybe most complex issue.Cybercrime can
be defined as those species in which the computer is either the object or the subject of the
activity that constitutes a crime, and when the conventional crime belongs to the same
genus.6 Cybercrime includes any illegal conduct that makes use of a computer, either as a
target for more crime or as a tool to do it.7. Cybercrime might be broadly defined as
"unlawful acts where in the computer is either a tool or target or both."8 The following types
selling illicit goods, pornography, internet gaming, crimes involving intellectual property,
scenarios, the computer could be the target of illegal activity: unapproved access to the
mail bombing, salami attacks, logic bombs, Trojan attacks, Internet time thefts, web jacking,
Since both cyber and traditional crimes end in some kind of damage for one of the persons
involved, it appears that there is no difference between them. But after giving it some serious
thought, we may conclude that there is a noticeable border between traditional and
17
Cyber Criminals :-
An offender or criminal is any individual who violates the law with the purpose to cause
harm or who commits a crime. Any individual who commits a cybercrime is referred to in
this sense as a cybercriminal. The individuals who commit cybercrimes might be minors and
young adults under the age of eighteen (18), professional hackers or crackers, disgruntled
Computer Crime :-
any computer enabled technology for all or part of the crime" is the definition of computer
caste, sex, religion, place of birth, or place of residency, cybercrimes can be committed
anywhere.
As a result, cybercrimes continue to rise daily. The many kinds of cybercrimes are covered in
depth here. The causes of cybercrimes:- Professor H.L.A. Hart's seminal study, "The idea of
Law" has proclaimed that as individuals are vulnerable to crimes and illegal acts, laws must
be in place to protect them from these kinds of behaviors.11 Using the same comparison,
computer systems in cyberspace are incredibly susceptible even if they are high-tech gadgets.
This technology makes it simple to trick or take advantage of someone or their computer
through unauthorized or unlawful access. The victim may have suffered direct or indirect
harm as a result of computer system misuse. Because there is no infallible system in place to
defend innocent computer users from cybercrime, cybercriminals continue their illegal
activity over networks without concern about being caught and placed on trial for the crimes
space makes it special. In a CD-ROM, a tiny microprocessor computer chip can hold lakhs of
pages. With this store capacity12, it is much easier to extract or deduce information from
physical or visual media. Even if the power is cut off, any data kept in ROM13 will not be
lost.
A computer is an electrical device that uses sophisticated technology to do its tasks rather
than labor-intensive human labor. In the era of computers, the biggest benefit of networking
is having more access to knowledge resources across a vast and varied media. An increasing
number of businesses are turning to networks to give their customers, employers, and other
business partners easy access to information. This explains why, in the current information
era, networking and cyber activity are starting to take center stage.
Information sharing via the internet14 has produced more resources enabling easier, more
fordable, and faster global access to information. Emails, conversations, downloads, and
other new environments have been produced by it. These days, everyone can reach each other
with only a mouse click of 15. Broader access to information, however, brings with it some
a reinforced room guarded by security personal. The trusted officials of the Bank preserve the
Keys and/or access code secret. But despite all these security measures, the Bank's servers
which virtually control hundreds of errors of rupees are far easier to break into cracking the
strongest firewalls and biometric authentication system. A secret can be easily stolen by
19
implementing logic bombs or key images in access codes. Similarly, the advanced voice
recorders can easily fool biometric systems and frustrate all security measures.
The operating systems that computers use to function are made up of millions of codes. Due
to the fallibility of the human intellect, errors may occur at any point. Cybercriminals gain
unauthorized access to the computer system by taking advantage of these mistakes and
weaknesses. These crooks, who take advantage of holes in the current operating system and
security mechanisms, are known as hackers. Hackers, who are driven by personal revenge,
sabotage, fraud, greed, or hatred toward the victim, are therefore the feared adversary of the
internet and general network security. They take advantage of the complexity of computer
systems.17
Negligence and human behavior are intimately intertwined. Therefore, it is quite likely that
the owner or user may fail to take proper precautions when securing the computer system,
giving a cybercriminal the chance to obtain unauthorized access to or control over the
machines. Interaction with a variety of computer users has revealed that, in their haste to get
the software running regularly, they neglect access, control, and security measures, giving
cybercriminals room to infiltrate and steal, alter, or erase significant amounts of data.
This is especially true for large organizations like banks, corporations, government offices,
and the like, which have sophisticated software systems for public access but, because of
employee carelessness, leave their data completely vulnerable to information thievery and
manipulation.
records. How to gather and store evidence is the real problem facing the investigative and law
gather enough proof of a cybercrime that would withstand judicial scrutiny and prove the
accused person's guilt beyond a reasonable doubt. The anonymity that the internet affords
cybercriminals encourages them to commit crimes without leaving any trace. If they do leave
evidence, it is rarely enough to persuade the authorities that they should file a criminal
The use of new techno-legal procedures known as cyber forensics, which are widely
categorized as computer forensics and network forensics, has become necessary due to the
Though there are still some gray areas that allow cybercriminals to tamper with the evidence
to deceive the investigating agencies, forensic experts play a crucial role in gathering and
presenting admissible evidence, including electronic evidence and the search and seizure of
5. Jurisdictional Uncertainty :-
Because cybercrimes are transnational in nature and are committed through cyberspace
cut across territorial borders, undermining the viability and legitimacy of applying domestic
conflict is a major danger to a nation's ability to deal with cyber offenders since there is no
standardization in law and process across the many nations for dealing with cyber criminals.
Many times, a certain internet behavior is recognized as illegal in one nation but not in the
21
nation where the offender or victim resides. As a result, the offender is able to avoid
It is very difficult for the law enforcement agencies of separate nations to combat
cybercrimes and criminals using their national laws in the lack of a unified, globally
recognized rule of law and procedure governing cybercrimes. In a nutshell, the lack of cyber
jurisdiction in the nation looking into or prosecuting these offenses makes it difficult to report
and punish people in cybercrimes, and the legal ambiguity encourages cybercriminals to
Without the victim knowing, computer crimes can be conducted that violate user privacy.
There are no indications of any form of fight or violence at the crime site, which are often
cybercrime without the victim's awareness, rendering him completely helpless. It happens
frequently that the victim is even unaware that he has been the victim of cybercrime.
The following are some distinctive and unusual features of computer crime, to put it briefly:
jurisdictional limitations.
2The lack of tangible proof of cybercrime is another distinctive aspect of it. In contrast to
traditional crimes, which leave behind tangible evidence such as weaponry, bloodstains,
fingerprints, DNA, etc., cybercrimes leave no such physical evidence behind. The only
people who can identify the digital evidence in a cybercrime case are highly experienced and
The perpetrators of cyber crimes are generally highly intelligent educated persons who
cherish a challenge. They are well conversant with the operation of the computer
22
system and itsintestacies. A person without adequate knowledge of working of the
While certain cybercrimes are essentially not new, the means by which they are carried out is,
while others constitute whole new types of illicit behavior. Cyberterrorism, multinational
crimes in cyberspace, electronic vandalism, etc. are some of the recently developed
cybercrimes.
4. Because cybercrime occurs over computer networks, users are not required to reveal their
identities. Because of this, a cybercriminal may easily control his size, allowing him to elude
Traditional crimes can now be committed in novel ways thanks to the computer network.
conventional crimes are among the ones that are currently perpetrated online via electronic
media.20
Computer Attacks :-
assaults that might lead to20 Excerpted from the welcome speech given on February 24,
by Shri S.P. Talwar, Deputy Governor of the Reserve Bank of India.network infiltration,
which is a major risk to the security of the network. On the internet, it may occur anywhere,
yet some assaults might only be conducted from a particular machine. The technique a
computer attack. The attacks might take any of the following many forms.
2. Scanning: This is typically done as a first step before launching a direct attack on systems
that the hacker determines are readily accessible. 3.23Penetration: Also known as "probe," this
technique is frequently used on networks or the internet to take unauthorized control of a
3. Modification: This type of attack occurs when data or messages on the internet are altered
before they reach their intended host. With the malicious aim to harm the target, it is directed.
4. Creation: In order to harass, unwanted material is generated and injected into the network,
5. Dos (denial of service) attacks: A denial-of-service (DoS) attack aims to stop the
authorized user from accessing a service, rather than gaining unauthorized access to the
machine or its contents. It can 'flood' a network with a lot of unnecessary data, irritating the
victim (user). Programs that cause a local denial of service are designed to force a computer
to shut down.
6. Account Compromise: This is the unauthorized use of a computer account by a third party
with the intent to seriously compromise the victim's data or steal their services.
7. Attacks on the Internet's infrastructure: Out of all the computer assaults, this one is the
most dangerous since it primarily damages the internet's infrastructure rather than individual
online systems. Many sites' daily operations may be gravely hampered by it. Examples
include several active websites that customers often rely on, network servers, and network
access providers.21
1. Hacking :-
Usually, this type of offense is referred to as hacking in the broadest sense. But since
"unauthorized access" has a broader meaning and the information technology Act 2000's
authors never used this phrase, we would not use the terms interchangeably—hacking and
24
unauthorized access—to prevent misunderstandingThe phrase "computer hacking" refers to
the act of breaking into a computer system for the purpose of bypassing technical security
measures rather than for the purposes of manipulation, sabotage, or espionage.22 Hacking
can be done for fun as an adventure, to carry out illegal activities, or just out of habit. There
are two ways to hack: hacking against a machine or hacking against a network.
b) Mobile Network.
3. This covers data kept on portable storage devices, computer hard drives, etc. The act of
stealing data might involve both physical seizure and manipulation via digital means.
Sending a significant volume of emails to a victim such that, in the case of a person, their
email account crashes, or the servers of a corporation or email service provider crash, is
known as "email bombing." A straightforward method to accomplish this would be to add the
victim's email address to several mailing lists. Mailing lists are special interest groups that
correspond with one another via email over a common cybercrime and the relevant Indian
law.
Depending on the mailing list, they can provide a significant amount of daily email traffic.
Mailing lists are quite popular. While some simply produce a few messages per day, others
produce hundreds of them. Unknowingly joining hundreds of mailing lists might result in
25
excessive incoming email traffic, which could lead to account deletion by the service
provider.
5. Data Diddling :-
This type of attack entails modifying raw data immediately before to computer processing
6. Salami Attacks :-
This type of crime is typically committed with the intent to conduct financial crimes or at
financial institutions. One salient characteristic of this kind of offense is that the modification
The victim's machine crashes because it receives more requests than it can process. attack is a
kind of denial-of-service assault when the attackers are widely dispersed and numerous.
Programs known as viruses affix themselves to a computer or a file, spread to further files,
and ultimately infect other machines connected to the network. They often have an impact on
computer data by either removing or changing it. Unlike viruses, worms do not require a host
in order to attach themselves. They just replicate themselves in order to fill up all of the
For instance, the love bug malware impacted at least 5% of PCs worldwide25.
9. Logic Bombs :-
These programs rely on events. This suggests that some programs are designed to only
lay dormant throughout the year and only activate on specific dates. A particular type of
malicious code that is reliant and conditional by nature results in a security breach when
specific circumstances are met and at the designated time. Formally speaking, it is described
as: a code that is covertly introduced into an operating system or program, causing it to carry
This software may operate immediately or at a later time, and it can be used to target
businesses, sectors, and even carry out a range of conventional crimes like mischief
The name "Trajan Horse"29, which gives this term its roots, describes an opponent that
appears benign and harmless but, when active, causes erosion and destruction. Its main
until the damage is done. It serves as a mask for the offender's destructive and malevolent
intentions. It is challenging to intercept or manage it at the appropriate time due to its stealthy
lister, or even a virus detector and destroyer.31 By pretending to be the standard system login
The Mockingbird program, which records user replies (particularly account IDs and
passcodes) and intercepts communications (particularly login transactions) between hosts and
Trojan was loaded into the computer of a female American film director. The cybercriminal
27
was able to get her naked photo via the computer's webcam. He continued to harass this
woman.
These types of theft typically result in someone else using the victim's Internet browsing
time. By obtaining access to the login ID and password, this is accomplished.The stealing of
a person's allotted Internet usage time by an unauthorized party is known as "internet time
theft." Generally speaking, internet access is a pay-off service; that is, users must pay a
"Service Provider" a fee for a specific amount of time in order to use the internet. For
instance, in the case of Colonel Bajwa, the Internet hours were consumed by someone else.
This was maybe one of the earliest cybercrime incidents in India to be publicized. However,
because of their ignorance of the nature of this case, the police became notorious.
The word "hijacking" is the source of this phrase. These offenses provide the hacker access to
and control over another person's website.He could even edit or multiplate the content on the
website. This might be done to achieve financial and political goals. For instance, Pakistani
hackers recently gained access to the MIT (Ministry of Information Technology) website and
uploaded some explicit content. Additionally, there was a cyber hack of the Bomby Crime
Branch website. The "Gold fish" case is another example of online jacking. In this instance,
the website was compromised, resulting in the alteration of information about goldfish.
It became vital to examine the differences in the nature and forms of cybercrime due to its
growing scope. As a result, many behaviors that might be considered crimes have been
28
roughly divided into three primary categories36, which are as follows.:
In this category of cyber crimes, computer is itself a target of the crime. The crimes which
(iv) Blackmailing based on information gained from computerised filed such as personal history
(v) Creating a Fake driving licence, passport or any other documents for identifications purposes
The development of microcomputers has led to the emergence of new forms of conventional
crime. For instance, this type of crime includes theft of technological equipment, software
piracy, counterfeiting, and computer program copyright violations. Among these computer
crimes is the unlawful selling of duplicate databases.The most notable example of a computer
29
being used as a tool for cybercrime was the terrorist attack on the Indian parliament38 on
December 13, 2001. The attackers utilized computers and the Internet in a number of ways to
carry out their criminal activity. Via the internet, thieves frequently send encrypted emails
This category includes crimes when a computer is not necessary for the crime to happen, but
computerization does contribute to the incidence of crime by processing vast amounts of data
and making it more challenging to find and identify the crime. Illegal banking transactions
and money laundering serve as the finest examples of this type of criminal activity. In one
instance, a suspect changed a patient's prescription and dose in a hospital computer and then
killed them.39 Cybercriminals frequently even destroy disks and other storage media to get
The primary characteristic of computer crimes that come under this category is that the
offense is committed without the use of a computer; the computer system only serves to
Traditional Classification :-
In some of the cyber crimes of economic type the computer science system generally
30
software as well as hardware, is the target of criminal activity. Some of such crimes are as
follows :-
a) Fraud committed through the manipulation of computer system i.e. the perpetrator of
crime manipulates the data contained in computer system for illegal profits.
b) Illegal copy of the software and computer database to procure information for criminal
purposes.
c) Computer subotage which causes damage to the computer system comprising hardware as
These economic crimes involve intrusion in computer systems without authorisation, with the
fraudulent purpose of sabotaging or causing damage. The offender in these crimes surpasses
the access barriers for accomplishing his ulterior motives at the cost of victim agony.
3. The computer system is utilized as a tool to carry out the unlawful conduct in cybercrimes
including privacy rights violations. Actually, a number of the actions listed above that would
fall under this category of cybercrime are comparable to those that would fall under the
economic category; the main distinction is that the victim's legal rights, like his right to
Generally speaking, privacy refers to the right to private. However, when it comes to online
identification should remain private. Therefore, when someone gives information to a bank,
retailer, physician, or attorney, he believes that it will be used just for that purpose and won't
31
be shared with other parties without that person's express or implied agreement. However,
there have been cases where customers' personal or online confidential information has been
revealed by dishonest people for reasons much beyond the original intent. In a similar vein,
, He anticipates that nobody else will utilize it save the intended recipient. Regretfully,
though, this right to privacy is still mostly unprotected and might be used to support illegal
behavior. In order to prevent cybercriminals from abusing other secret and private documents
that are kept on computers, the confidentiality and secrecy of those records must be preserved
General Classification :-
privacy-affecting, as well as the way in which they are committed using a computer as a
property, and cybercrimes against the state or society at large—seems to be the most sensible
1. These offenses are perpetrated against certain people, upsetting them emotionally or
physically. These offenses cover a variety of crimes, including the broadcast of obscene or
defamatory content, the transfer of child pornography, harassment of any person via
32
The purpose of these acts is to use any technological means to injure or deprive a person of
their property. These include the transmission of dangerous programs, cyberspace computer
information.
One specific type of illegal action that fits under this category is cyberterrorism. The
expansion of the internet has demonstrated how people and organizations are abusing the
medium to intimidate and threaten the government as well as the populace.43 When someone
"Cracks" into a website run by the government or its defense department, this crime takes the
form of terrorism.
These offenses include online gambling, selling illegal goods, and financial criminal
trafficking.
of information and communication technology has given rise to a range of crimes previously
crimes against people. The following is a possible list of online offenses that can be
33
Cyberstalking is a separate criminal offense. Harassment of many forms may and does
It's like bullying someone with letters. Sexual, racial, religious, or any other type of
harassment is all acceptable. Cyber harassment is a felony that involves violating individuals'
privacy, which is a very serious offense. Nobody like it when someone else infringes on their
priceless right to privacy, which everyone has access to via the internet.
Cyber Stalking :-
The definition of stalking is "pursuing stealthily."44 Staking is the deliberate act of harassing
someone else repeatedly or persistently to the point where the victim feels truly scared,
has advanced, stalking over the internet has become more popular with criminals because to
several benefits, such as anonymity and communication access to personal information. But
Serious violent behaviors, such as physically harming the victim, may occur after stalking.
Threats and harassment on the internet may come in many ways. Important characteristics of
offline and cyber stalking are similar. Stalking is a common tactic used by stalkers to exert
control over their targets. Women who are pursued by adult predators or pedophiles are
typically the targets of cyberstalking. Because they know their victim cannot be physically
touched in cyberspace, cyberstalkers may harass them without having to leave their house.
44
According to Oxford dictionary
34
Another term for cyberstalking is "cyberteasing." Someone who attempts to accuse someone
or damage their reputation in the community using electronic mail or other messaging is
considered a cyberstakler.
CHAPTER-3
35
National capitals are starting to pay attention to the rising threat posed by crimes against
computers or information stored on them; in the majority of other nations, however, the laws
already in place are probably unenforceable against these kinds of crimes. Due to the lack of
legal protection, governments and businesses are forced to rely entirely on technological
methods to fend against individuals who would steal, obstruct, or destroy important data.
The rapid advancement of computer technology has led to an increase in the frequency of
cybercrimes, which has prompted the need for distinct laws to be enacted to prevent and
regulate these offenses. To effectively combat cyber offenses, the Parliament passed the
Information Technology Act, 2000 as a regulatory tool. In accordance with a United Nations
General Assembly resolution asking member states to implement or amend their laws to
develop a common framework for regulating e-commerce at the international level, this Act
is based on the "UNCITRAL"1 Model Law on E-Commerce, 1996. The primary goal of the
Act is to, thus, "as an alternative to paper-based methods of communication, provide legal
recognition for transactions carried out by electronic data, internet, and other means of
The Act also includes measures for the prevention and control of offenses resulting from e-
commerce and e-governance in light of this goal. Chapters IX and XI of the Act include the
pertinent provisions.
36
Penalty or Damage of Computer, computer system etc.2
(a) Gains access to the computer, computer system, or computer network, or secures access to
it; (b) Downloads, copies, or extracts any information from the computer, system, or
(c) Introduces or facilitates the introduction of any computer virus or contaminant into any
computer, computer system, or computer network; (d) Causes damage to any data, computer
computer programs;
(a) interferes with or causes interference with the operation of any computer, computer
system, or computer network; (b) refuses or causes the refusal of access to any individual
who is permitted to use any means of access to any computer, computer system, or computer
network; (c) assists any individual in facilitating access to a computer, system, or network in
(d) Charges a person's use of a service to the account of another person by interfering with or
manipulating any computer, computer system, or computer network; (e) In such a case, he
will be obliged to compensate the person affected with damages not to exceed one crore
rupees.
" (a) tampers with or causes tampering with the operation of any computer, computer system,
or computer network; (b) denies access to any person who is allowed to use any method of
access to any computer, computer system, or computer network; (c) helps someone get access
system, or computer network in order to charge someone else for the use of a service; (d) In
such a situation, he shall be required to pay the aggrieved party damages not to exceed one
crore rupees.
"Workstation "Virus" refers to any computer program, data, information, or instruction that
operates when a program, data, or instruction is executed or when any other event occurs in
that computer resource; (iii). It can also attach itself to another computer resource and
resource."Damage" refers to the use of any kind of force to remove, add, change, or
The term "computer" refers to any high-speed data processing device or system that is
electronic, magnetic, optical, or other. It encompasses all input, output, processing, storage,
computer software, and communication facilities that are connected to or related to the
computer in a computer system or computer. It also performs logical, arithmetic, and memory
States that "Computer network" means the interconnection of one or more computers
a complex made up of two or more computers that are connected, whether or whether the
definition includes the grammatical variant and cognate expression of the word "access."
Section 43 identifies a number of actions that would constitute cyber contraventions if carried
out without the owner's consent or the consent of anybody in control of a computer, computer
38
system, or computer network. Damages up to one crore rupees may be granted to the accused
Through Section 43(a) of the Information Technology Act, 2000, authorized access to any
computer, computer system, or computer network without authorization from the owner or
person in charge is punishable per se, regardless of whether the owner or person in charge
had malicious intent or knowledge and regardless of whether they suffered a loss. Therefore,
it is sufficient to demonstrate that the hacker gained access to the computer, computer system,
The size and severity of the loss incurred by the complainant may be important in
determining the amount of damages that can be awarded under this section, but any financial
or other type of loss does not need to be proven by the complainant in order to seek damages
under this section. In the case of United States v. Rice7, the defendant—an IRS agent—was
found guilty of unauthorized access even though there was no financial harm to the IRS. He
had entered the IRS computer without authority to see if his acquaintance was the subject of
an inquiry. Regardless of the outcome of the attempt to get access, this paragraph makes
Yet, the amount of damages granted under this clause would undoubtedly depend much on
database, or data from such a computer, computer system, or computer network is prohibited
by Section 43(b).
It makes an effort to defend the creator's copyright over his works created in digital media.
Any removable storage device, such as a CD, DVD, floppy disk, etc., can be used to hold or
39
. If someone gains access to a computer with the owner's or the person in charge's consent
but downloads, copies, or extracts any information, data, or computer database from the
computer, computer system, or computer network without that person's or that person's
consent, they will still be held accountable for violating section 43 (b). Additionally included
in this section are situations in which someone copies, downloads, or extracts material (let's
say, 'A') without authorization from the owner or responsible party (let's say 'B').
Section 43's clause (c) defines as the insertion of any computer virus or contaminant,
including logic bombs and worms. The owner or person in charge of the computer, computer
system, or computer network may be entitled to damages up to one crore of rupees for the
violation of installing Trojan Horse programs, etc., into any of these entities. The most well-
known instance is the "love bug," which was developed and spread in 2000 and caused
extensive computer damage. "Do not send a man where you can send a bullet" is a well-
known proverb. In the context of the internet, this proverb may be changed to read, "Do not
It doesn't matter that the guilty party intended to target someone else's computer, computer
system, or computer network instead of the victim's; the victim's computer was only
accidentally impacted. It's also not necessary to provide evidence that the individual
introduced or caused to introduce a computer virus or malware with malicious intent. In the
case of United States v. Morris9, a student named Robert Morris created a "worm" software
that he posted online to cause computer crashes at academic institutions, military stations,
precautions. He was found guilty of breaking the USA's Computer Fraud and Abuse Act.
This ruling demonstrates that, in cases when an offense is done with intent, the cause behind
the intention is irrelevant. Section 43 requires that clause (c) be read in conjunction with
40
Explanations (i), (iii), and (iv). Installing antivirus software is crucial for protecting against
viruses since this part also addresses situations where a person's computer becomes
contaminated with a virus without their knowledge or purpose, and they then forward the
Clause (d) defines a cyber violation as attempting to harm or inflicting damage to any
computer, computer system, computer network, data, computer database, or other software
housed in any of these entities. Both software and hardware damage are included in the
damage. Damage can be inflicted physically, virtually, by the propagation of viruses, etc., or
in other ways.
According to clause (e), it is a cybercrime to interfere with or try to interfere with a computer,
computer system, or computer network. The actions listed in clauses (c) and (d) may
Clause (f) prohibits using any method to deny any authorized individual access to a
virtually. Virtual denial of access can occur by any of the following methods: altering the
password, user ID, etc. Among these are "Denial of Service Attacks," in which the
perpetrator prevents authorized users from accessing the websites they have targeted.
According to clause (g), helping someone break the law by granting them access to a
Clause (h) declares it illegal for anybody to tamper with or manipulate any computer,
computer system, or computer network in order to charge the service that someone has
41
accessed to the account of another person. This section offers protection against the theft of
advantages from services that the legitimate user has paid for by altering, manipulating, or
Clause (i) of Section 43 of the Act punishes anybody who steals, hides, destroys, or modifies
any computer service code or resource with the aim to cause damage, or who incites another
person to do so.10A new section 43A that provides compensation for failing to secure data
has been incorporated into the main Act by the Information Technology (Amendment) Act of
2008. A body corporate, which is defined as a company or firm that possesses, deals with, or
handles any sensitive personal data or information in a computer resource that it owns,
controls, or operates, will be held accountable for damages if it fails to implement and
maintain reasonable security practices and procedures and causes any person to suffer
"Sensitive personal data or information" refers to any personal data that the Central
Government may specify after consulting with any associations or professional bodies that it
Should any individual who is mandated by this Act, or any rules or regulations derived from
it, to: (a) If he fails to provide any document, return, or report to the Certifying authority's
Controller, he will be subject to a penalty of up to one lakh and fifty thousand rupees for each
such failure; (b) If he fails to file any return or provide any information, books, or other
documents within the time frame specified in the regulations, he will be subject to a penalty
of up to five thousand rupees for each day that the failure persists.Such shortcomings persist.
42
If anybody is required by this Act, or any rules or regulations that are derived from it, to:
(a) He shall pay a penalty of up to one lakh and fifty thousand rupees for each document,
return, or report that he fails to provide to the Controller of the Certifying authority; (b) He
shall pay a penalty of up to five thousand rupees for each day that he fails to file any return or
provide any information, books, or other documents within the time frame specified in the
Should this Act, or any rules or regulations developed from it, compel anybody to:
(a) For each document, return, or report that he neglects to provide to the Controller of the
Certifying authority, he will be penalized up to one lakh and fifty thousand rupees; (b) For
every day that he neglects to file any returns or provide any information, books, or other
documents within the time frame stipulated in the regulations, he will be penalized up to five
In the event that this Act, or any rules or regulations derived from it, require someone to:
(a) He will be fined up to one lakh and fifty thousand rupees for each document, return, or
report that he fails to provide to the Controller of the Certifying authority; (b) He will be
fined up to five thousand rupees for each day that he fails to file any returns or provide any
information, books, or other documents within the time frame specified in the
duration that the law is in effect; and 3. Any concealment, destruction, or alteration of the
The source code is the portion of a computer program that is written in machine, assembly, or
high level language. Object code is created when source code is converted into machine
language using an assembler, compiler, or translator. Hence, the binary number system's
strings of Os and 1s or the hexadecimal notation of electrical charges are used to represent the
object code. There can be no doubt that the object code exists even though it cannot be seen,
computer source code provided by the Act. It consists of technical documentation, design and
arrangement of the required components, design prototypes, flow charts, diagrams, and
computer commands and programming codes (machine, assembly, and high level).
. Computer source code in tangible and non-tangible forms is accepted under the Act. The
above section's purpose is to safeguard the intellectual property used in the computer
programs. It's an effort to broaden the protection for computer source materials, or codes,
beyond the scope of copyright legislation.15 While object codes are exclusively machine
The owner of the source code may fall under the definition of "whoever" in this context. If
the owner of the source code for a computer, computer program, computer system, or
computer network is required by law to keep or maintain it for the duration that it is in effect
and that person knowingly or intentionally conceals, destroys, or alters it, or knowingly or
intentionally causes another person to conceal, destroy, or alter it, that person will be
punished under this section. Section 65 violations carry a maximum sentence of three years in
44
jail, a maximum fine of two lakh rupees, or both. The author believes that financial penalties
data stored in a computer resource with the purpose of causing, or knowing that he is likely to
2. Hacking of any kind carries a maximum sentence of three years in jail, a maximum fine of
two lakh rupees, or both.In section 2(K) of the Act, the term "computer resources" is defined
1. When someone intentionally causes harm or loss to the general public or another
individual.by erasing, changing, or destroying any data included in the computer resource; by
2. with the knowledge or purpose that he is likely to inflict such unjustified harm or loss on
the general public or any individual. A "wrongful loss" is defined as "the loss of property by
unlawful means to which the person losing it is legally entitled" in Section 6(23)19 1860.
A hacker is a person who commits the crime of hacking. In everyday speech, the terms
However, in order for section 66 to apply, certain conditions must also be met for the action
to be considered hacking. 45
Hacking is a crime that may be perpetrated against both intangible and tangible goods.
Intangible assets are information in the form of electrical, magnetic, or optical impulses,
whereas tangible assets are the computing resource(s)'s hardware components. A computer
hard drive, for instance, is a physical asset, but it may also hold information, which is a non-
physical asset. Optical storage devices are an example of a tangible asset that contains
intangible assets. Although CD-R, CD-RW, DVD-R, and DVD-RW are examples of tangible
assets, they might also include intangibles that have been destroyed or altered, such as
computer resources.20
Hackers without the knowledge or criminal intent to inflict complete loss or harm are not
covered by Section 66. Section 66 does not make hacking in and of itself, without malice and
guilt, illegal. Regardless of the hacker's intentions, it would still be illegal under section
43(a).
The hacker is subject to penalty under subsection (2) even if there would have been no gain
Put otherwise, hacking refers to any type of mischief that involves using a computer,
Information Technology Act of 2000 defines hacking in a way that is comparable to section
425.21's definition of mischief. It says as follows: "Whoever causes the detection of any
property, or any such change in any property or in situation thereof as destroys or diminishes
its value or utility, or affects it injuriously, commits mischief with the intent to cause or
knowing that he is likely to cause wrongful loss or damage to the public or any person."
For our purposes, s. 425's first explanation is likewise pertinent. It says: "It is not necessary
for an offender to intend to cause loss or damage to the owner of the property that has been
whether or not it is that person's. Section 426 lays forth the penalties for misbehavior. The
sentence reads as follows: "Anyone who causes mischief faces a fine, a term of imprisonment
of any kind up to three months, or both."22 The Information Technology Act of 2000
arousing material online, or if its effects are such that they tend to corrupt or deprave people
who are likely, considering all relevant factors, to read, see, or hear the content contained
therein, faces punishment upon first conviction, which includes up to five years in prison for
to one lakh rupees, and in the case of a second or subsequent conviction, a fine of up to two
lakh rupees as well as 10 years' imprisonment for a team of that sort and a criminal record.
gives this definition of "electronic form": Any information created, transferred, received, or
2. The content should be lewd, appeal to the possible audience's voyeuristic interests, or have
the tendency to corrupt or deprave the minds of those who might view it.
Publication and transmission of pornographic material are forbidden under this clause, and
circulation, and preservation of information or data in an electronic format are all included in
47
publication or transmission in that format. Therefore, the act of downloading falls under the
section's purview.
.It is crucial to remember that while it is illegal to publish or transmit pornographic material
in electronic form, it is not illegal to simply browse or surf pornographic content on the
internet or to possess such content in private at home. Only when the content is published,
distributed, or communicated electronically does it turn into a violation of section 67. To put
it another way, it is illegal to transmit pornographic material over the internet, not just
possess it. For this reason, Pornographic websites, computer-produced magazines, and the
transmission of pornographic images, texts, and other materials fall under the purview of
Section 67 Docs. When the pornographic content takes the shape of a video, the people who
have
It makes no difference if the message was sent to the intended recipient for personal use. If
the requirements outlined in section 67 are met, the act of transmission alone is sufficient to
classify an act as criminal. The argument that the intended audience for the transmission was
the chosen few is untenable given the likelihood of others being able to access it.In the event
that the content is lewd or appeals to people's voyeuristic interests, even a single broadcast
puts the publisher in violation of the law, making them subject to prosecution and
punishment.
It is a matter of fact as to what constitutes obscenity, or, in the words of section 67, what
content is deemed lascivious, appealing to the prurient interest, or likely to deprave or corrupt
people who are likely, taking into account all relevant factors, to read, see, or hear the content
contained in it..
The court determined that a work might be deemed obscene if it has a "tendency is to deprave
content judged offensive "would suggest to the minds of the young of either sex and even to
person of more advanced years, thoughts of a most impure and libidinous character,"
according to Lord Cockburn's explanation. Even the American standard of obscenity was
ruled by the Regina v. Hicklin rule for a very long time, until the rulings in Roth v. United
The Hicklin test was rejected in Roth v. United States, which established a stricter definition
of obscenity as anything that "wholly appeals to the prurient interest" of the "average person,
applying contemporary community standards." Only relevant meeting; this exam can be
prohibited due to its "obscene" content. The Court also expanded the definition of the Roth
The Supreme Court of the United States ruled in Miller v. California "A state offence (herein
Obscenity) must also be limited to a work which taken as a whole appeal to the prurient
interest in sex, which portray sexual conduct in a patently offensive way and which do not
have serious literary, artistic, political or scientific value." The United States Supreme Court
established the following standards for determining whether a work is obscene:1. Whether
the work as a whole would appeal to the prurient curiosity of the typical individual using
2. If the work clearly offends by depicting or describing sexual behavior as defined by state
law
3. If the piece as a whole is devoid of significant literary, artistic, political, or scientific merit.
49
The United States Supreme Court additionally declared the following to be profane: (a)
statements or depictions of final sexual activities that are obviously repulsive, normal or
The Supreme Court ruled in Ranjit Udeshi v. State of Maharashtra29 that D. H. Lawrence's
Lady Chatterley's Lover was 'obscene' because it had the potential to 'deprave and corrupt by
immoral influences' the people into whose hands the book was 'likely to fall'. The Supreme
Court stated, "The word obscenity is really not vague because it is a word which is well
understood even if persons differ in their attitudes to what is obscenity and what is not" . The
following topics have been deemed by the Court to be obscene (l), which corrupts and
depraves those whose brains are susceptible to such wicked influences. (2) which alludes to
very filthy and libidinous ideas. namely, hardcore pornography (3). (4) with its
Content that "is likely to deprave and corrupt those whose minds are open to influences of
this sort and into whose hands the book is likely to fall" was deemed objectionable in the
Udeshi case.Because of its extreme vulgarity, it has the potential to corrupt and deprave those
whose brains are susceptible to such effects and whose hands the book is likely to slip into."
The Supreme Court expanded the definition of obscenity in the Ranjit Udeshi case in
Chandrakant Kalyandas Kakodar v. State of Maharashtra30, declaring that "it is the duty of
the Court to consider the obscene matter by taking an overall view of the entire work and to
morals. Thus, it follows logically from the Chandrakant Kalyandas Kakodkar case that,
notwithstanding the passage or matter's seeming obscenity when viewed in isolation, it may
not be when viewed in the context of the complete work. A piece of content's obsceneness
50
might be judged using local community norms and modern society's moral standards.
Whether a reasonable and sensible person would consider such work to be obscene when
viewed as a whole serves as the benchmark for determining what constitutes obscene
content.31
forbidden if it "carries with it the significant danger of offending the sensibilities of unwilling
known as a prurient interest appeal. It is said that content that clearly offends viewers by
depicting sexual activity in an attractive manner fosters an unhealthy fixation with sexuality
and appeals to their voyeuristic need for sex.The majority of obscenity trials include activities
committed in multiple jurisdictions, and sellers of pornography may face prosecution in the
state in which the material is transmitted.33 Particular information that the defendant
Due to the fact that obscenity is a persistent offense that is considered a new offense each
time it is done, the Act's second or subsequent conviction carries a far worse penalty than the
first, which may serve as a deterrent. In one instance, a medical graduate doctor was charged
for creating pornographic photographs and videos of himself engaging in different sexual
actions, which he then sold to overseas websites that featured the images of specific men and
women.34 An MMS clipping that was put up for sale included a description of a DPS girl
having fun and how the CEO of Baaze.com was granted bail despite the crime being of a
Similar to section 29236, which states that any book, pamphlet, paper, writing, drawing,
appeals to the prurient interest, or if any of its items, or any combination of them, tend to
51
deprave or corrupt people who are likely, considering all the circumstances, to read, see, or
hear the matter contained in it. Selling, renting, distributing, publicly displaying, or in any
other way placing into circulation, or for pie purpose, all of these actions are defined in
, bringing in or making money from the import, export, or conveyance of any pornographic
attempting to engage in any activity that is illegal under this section, which is punishable on a
first conviction by up to two years in prison for any description of the offense and a fine of up
to two thousand rupees. If the offense is committed again, the punishment increases to five
years in prison for any description of the offense and a fine of up to five thousand rupees.
The Information Technology Act of 2000 clearly stipulates a far harsher penalty than the
Indian Penal Code of 1860. However, Section 292 enumerates several exclusions that mean
that an act does not constitute an offense and is hence not penalized. The exclusion is
outlined in this section 292, which states that it does not apply to any of the following: (a)
publications that can be justified as serving the public interest by demonstrating that the
(i) that is sincerely maintained or used for religious purposes; (b) any sculpture, engraving,
painting, or other representation that is on or in—(i) any ancient monument as defined by the
Ancient Monuments and Archaeological Sites Remains Act, 1958; or (ii) any temple, or on
any vehicle used to transport idols, or that is maintained or used for any religious purpose.
52
Section 292 of the Indian Penal Code, 1860 and Section 67 of the Information Technology
Compared to section 292, the penalty under section 67 is more harsher. According to section
67, a first conviction carries a sentence of up to five years in prison for any description along
with a fine of up to one lakh rupees. For a second or subsequent conviction, the sentence is up
to ten years in prison for any description along with a fine of up to two lakh rupees.
Nevertheless, section 292 stipulates that the penalty for a first offense is two years' worth of
jail for either type of offense as well as a fine. thousand rupees, and in the event of a second
The offense under section 67 of the Information Technology Act of 2000 is recognized and
not subject to bail, but the offense under section 292 of the Indian Penal Code of 1860 is
recognized and subject to bail, as per The Code of Criminal Procedure, 1973.
2. The crime under section 292 of The Indian Penal Code, 1860 is triable by any magistrate,
but the offence under section 67 is triable by a magistrate of the first class upon first
In the author's view, none of the exceptions listed in section 292 of the Indian Penal Code,
1860 are specifically mentioned in Section 67 of The Information Technology Act, 2000;
nonetheless, any act that is likely to fall under these exceptions would not be deemed obscene
The Chief Metropolitan Magistrate found the accused guilty in State of Tamil Nadu v. Suhas
Katti38 only seven months after the First Information Report (FIR) was filed under sections
469, 509 of the Indian Penal Code, 1860, and 67 of The Information Technology Act. 2000
for posting vulgar, defamatory, and bothersome messages about a divorcee woman on a
53
Yahoo message group and forwarding vulgar emails to others via a fictitious email account
that included her residential phone number and invited people to call her. The victim received
bothersome phone calls as a result of the message and emails being posted, as it was assumed
that she was soliciting. Under section 469, the offender was found guilty and given a sentence
a year For an offense under section 509 of the Indian Penal Code, 1860, the punishment is
simple imprisonment and a fine of Rs. 500; for an offence under section 67 of the
Information Technology Act, 2000, the punishment is rigorous imprisonment for two years
and a fine of Rs. 4000. But each sentence was supposed to flow simultaneously. This is
thought to be the first conviction in India under section 67 of the Information Technology Act
of 2000.
a calendar year Simple imprisonment and a fee of Rs. 500 are the penalties for offenses under
section 509 of the Indian Penal Code, 1860; two years of hard imprisonment and a fine of Rs.
4000 are the penalties for offenses under section 67 of the Information Technology Act,
2000. However, each sentence was meant to flow at the same time. This is reportedly the first
conviction in India under the 2000 Information Technology Act's section 67.
Rejected lovers are gaining ground on their victims by using well-known social networking
sites as a weapon. A girl's married online pals recently uploaded a quite explicit profile of her
on the social media platform Orkut.Forty A Kingfisher Airlines air hostess has filed a lawsuit
in city court, requesting that executives of the social networking site www.orkut.com be held
54
. remove the obscene and libellous profile that she said a prankster had placed. Her picture in
an official uniform appears in her site profile, which is filled with offensive content.
Prankster has included her neighbor's phone numbers on her profile and invited other Orkut
users to get in touch with her in order to become friends. The Delhi Chief Metropolitant
Magistrate has instructed the police to prepare a report and file a FIR by February 9, 2007, in
response to her complaint.41 In a different incident, on December 28, 2006, a class XII
student from Noida was detained for allegedly posting an offensive profile of another class
XII student on Orkut.com. Two pupils at Bal Bharati Public School were suspended on
August 4, 2006, for allegedly posting an offensive photo that had been altered.
September 5, 2006 Manish from Greater Noida Engineering Institute and Karan from Delhi
Shahid Sukhdev Singh College were detained for posting lewd images of a girl from
Ghaziabad on the internet.42 The discussion above makes it quite evident that the
dissemination and publication of pornographic content has been growing in scope and
duration online, and that the majority of those who commit these crimes are young people.
Such crimes may be punished under the indecent Representation of Women Act, Section 67
of the Information Technology Act of 2000, and Sections 292 (Obscenity) and 500
1. If necessary to ensure compliance with the provisions of this Act, rules, or any regulations
made thereunder, the Controller may, by order, direct a Certifying Authority or any employee
of such authority to take the actions or cease the activities specified in the orders.
2. Every individual who disobeys an order issued under paragraph (1) is guilty of an offense
and faces a maximum sentence of three years in jail, a maximum fine of two lakh rupees, or
both.
55
The essential ingredients of this section so as to make a person criminally liable are:
1. The Controller ought to have issued an order directing any employee of a Certifying
Authority or to take the appropriate action or stop engaging in the activities listed in the
orders;
2. The accused should have disregarded such instructions; they should have been required to
assure compliance with the Act's provisions, rules, or any regulations established thereunder.
First off, the phrase "if those are necessary" and the phrase "to ensure the compliance of this
Act, rules or any regulations made thereunder" qualify the Controller's order to take action
and stop operations. Therefore, the controller may only issue an order to certifying authorities
and other parties if doing so would be necessary to accomplish the relevant goal of assuring
conformity with the Act's provisions and any rules or regulations adopted under them.
certain activities or refrain from performing particular acts in order to guarantee adherence to
the Act's requirements and any rules or regulations established under it. Through the use of
section 18(1), the controller's authority under section 68 can be extended to digital signature
subscribers as well. This is because section 18(1) gives the controller the authority to settle
conflicts of interest that may arise between subscribers and certifying authorities.
Thirdly, the Controller may also use his authority under section 68 through the Deputy
Controller, Assistant Controller, or any other person to whom the Controller has granted such
authority.
56
Power to Delegate:44 The Controller may, in writing, authorize the Deputy Controller,
Assistant Controller or any officer to exercise any of the powers of the Controller under this
chapter.
directives to the Certifying Authorities or any employee of such authority to carry out certain
actions or abstain from carrying out specific acts in order to ensure compliance with the
provisions of the Act and any guidelines or policies imposed under it. Digital signature
subscribers may also be added to the controller's authority under section 68 by means of
section 18(1). This is so that the controller may resolve any conflicts of interest that may
Thirdly, the Assistant Controller, Deputy Controller, or any other individual to whom the
Controller has delegated such power may likewise exercise the Controller's jurisdiction under
section 68.
1. The subscriber or any person who fails to assist the agency referred to in sub-section (2) shall
be punished with an imprisonment for a term which may extend to seven years.
The following are the important components of section 69's subsection (1):
1. The Controller ought to have instructed any government agency to intercept any data sent
over any computer resource: 2. The Controller should have issued the directive after
integrity, the state's security, friendly relations with other countries, public order, or to stop
incitement to commit any crimes that would be punishable by law; 3. The rationale behind
1. Any government agency should have been directed by the Controller to intercept any data
transmitted via any computer resource. 2. The Controller ought to have issued the directive
only after determining that it was necessary or beneficial to do so in order to safeguard India's
security, friendly relations with other nations, public order, sovereignty or integrity, or to
prevent incitement to commit any crimes that would be subject to legal consequences; 3. The
the sake of public order, the state's security, friendly relations with other countries, India's
sovereignty and integrity, or the prevention of encouragement to commit any crimes that are
punishable by law As a result, the section has sufficient safeguards in place to prevent the
Every person, without a doubt, has a right to privacy against unauthorized interception and
However, this section allows the government agency to intrude into people's privacy because
government officials. .
On instructions from the Controller, the subscriber or the person in charge of the computer
resource must reveal the communication's content and provide all necessary tools and
technical support to decrypt the data in accordance with paragraph (2). However, this
assistance would be understood to include providing all necessary facilities and technical
support to decrypt the data in a fair manner. There may be situations where the subscriber or
the individual in question lacks the technological know-how to provide all the facilities and
58
support needed to decrypt the data. This part of the Information Technology Act of 2000 is
fairly similar to part 5 (2) of the Telegraph Act of 1885. It says, "On the
integrity of India, the security of the state friendly relations with foreign States, public order,
or for preventing incitement to the commission of any cognizable offence, for reasons to be
authorized in this regard by the Central or State Government, may act in the event of any
public emergency or in the interest of public safety. ensure that any communication is
directed
The Central or State Government, or my officer specifically authorized in this regard by the
Central or State Government, may act in the event of any public emergency or in the interest
of public safety if satisfied that doing so is necessary and expedient in the interest of the
sovereignty or integrity of India, the security of the state friendly relations with foreign
States, public order, or for preventing incitement to the commission of any cognizable
offence, for reasons to be recorded in writing by order. make sure that all correspondence is
focused
CHAPTER-4
Cyberspace: where is it?1. The responses to this topic appear to veer into the metaphysical: it
exists in the tiniest bursts of matter and energy, is both everywhere and nowhere, and is only
with, let us define what cyberspace is. At the very least, a useful response to this query is
achievable.
.. Cyberspace may be thought of as a location. If people can discover them, it's a location
where messages and Web pages may be seen by everybody in the world.2. The language in
the US Supreme Court's first opinion regarding the Internet, "Taken together, these tools
geographical location but available to anyone, anywhere in the world, with access to the
internet," gives one hope that US courts will accept the legal metaphor of cyberspace as a
The high seas, space, and Antarctica. Cyberspace need to be considered a fourth international
Information technology is a two-edged tool that may be employed for both beneficial and
harmful purposes. As a result, the success of many endeavors is dependent on the individual
handling and utilizing the technology, who may have good or bad intentions.4 For example,
sending hostile intent through hacking, data theft, virus attacks, etc. can only have negative
effects. However, same techniques may also be applied to verify the legitimacy, security, and
safety of a technical gadget that is largely trusted and depended upon to provide security to a
certain organization.
. To illustrate, a German company has employed the "security software programmer" who
created the "Sasser worm" to create firewalls, which prevent malicious files from accessing
computer systems. The hiring of individuals who are wreaking havoc and causing annoyance
in which there is no "self help" system. The content creators across the
world, have supported laws that would enable them to turn down computers that violate
copyright in their own nations. program producers have strongly backed laws in certain
nations that give them the power to remotely shut down computers in violation of the terms
and conditions of the license that permits the usage of the program. However, this stance has
sparked a discussion on the viability, appropriateness, and legitimacy of a rule that renders
world, have backed legislation that would give them the authority to reject laptops that
infringe upon copyright in their own countries. In several countries, legislation granting
program creators the authority to remotely shut down computers for violating the licensing
terms and conditions has garnered significant support from the program industry. This
position, meanwhile, has spurred debate on the practicality, suitability, and validity of a law
The idea of "cyberterrorism" has emerged, which is the most lethal and devastating outcome
of this impotence. The conventional ideas and tactics of terrorism have evolved into new,
more lethal and destructive forms. Terrorists have developed the most lethal weaponry and
technological combinations in the information era, and if they are not securely secured in due
order, the consequences will be severe. The resulting damage would be utterly devastating
and nearly irreparable. To put it succinctly, we are dealing with "Cyber Terrorism," which is
61
".6" The term "cyber terrorism" refers to the deliberate, detrimental, and negative use of
information technology to cause harm and destruction to other people's property, whether it
system and subsequently erasing the competitor's important and helpful commercial
terrorism" in a way that would be thorough. Since new techniques and technologies are
always being developed, it is not a good idea to define "cyberspace" using a rigid formula or
pigeonhole approach.
In reality, the courts ought to start by reading the language as broadly as they can in order to
combat cyberterrorism with a heavy hand and strict penalties.7. However, the legislation
pertaining to cyberterrorism is out of date and has to be updated in light of the most recent
global developments in order to meet the dangerous goals of these cyberterrorists. The
Internet, which is used to carry out these terrorist acts, has no national boundaries, thus
. Thus, a cyber terrorist can collapse the economic structure of a country from a place
with which a country may not have any reciprocal arrangements, including an "extradition
treaty". The only safeguard in such a situation is to use the latest technology to counter these
problems, Thus, a good combination of the latest security technology and a law dealing with
through private defense. Thus, the existing analogous provisions have to be applied in a
purposive manner. The following provisions of the I.P.C., which is a general law dealing with
offences in India, are of great significance in dealing with and tackling the use of
62
malware by the use of private defence.
(i) Section 96 of the Code declares that nothing is an offence, which is done in the
exercise of the right of private defence. This section recognises the principle of self-help
which is considered to be just, fair and reasonable in all the countries of the world.
and the body of any other person against any offence offecting the human body. Secondly-
The property, whether moveable or immoveable, of himself or of any other person, against
any act which is an offence falling under the definition of theft, robbery, mischief or criminal
trespass. This section recognises the right of a "third party" to protect the property of another,
besides protecting his property. Thus, a public-spirited individual has a right to self-help by
helping innocent victims of malware. For instance, a netizen who is an expert in protecting
computers from viruses may make a programme, which has a potential to curb the virus
put on the internet and may launch the same on it. In such a situation the person launching
the malware cannot complain that such third party has no reason to feel aggrieved and has
no right to retaliate. Such an action on the part of that public-spirited individual is morally,
equitably and legally justified and will be protected by this section. This is a benign concept
(ii) Section 99, among other things, provides that there is no right of private
defence in cases in which there is time to have recourse to the protection of the public
authorities. Further, it provides that the right to private defence in no case extends to the
inflicting of more harm than it is necessary to inflict for the purpose of defence, i.e. the
human beings as such and not the results created due to acts oromissions of the human
beings. Thus, the requirement of taking recourse to public authorities arises only when the
case the concerned person is left with no choice but the instant life saving action) by the act
(b) Such act or omission must originate out of an active physical participation of
human agency and it should not be limited to any act or omission unsupported by its physical
presence.
Reading Section 103 along with Section 99 further strengthens this argument. Section
103 provides that the "right of private defence of property” extends, under the restrictions
mentioned in Section 99, to the voluntary causing "death" or of any other harm to the
wrongdoer, if the offence of robbery, house breaking by night, mischief by fire to certain
under such circumstances us may reasonably cause apprehension that death or grievous hurt
will be the consequence, if such right of private defence is not exercised. A close reading of
these sections reveals that these sections are tracing the operation of private defence vis- a-vis
human being's active and physical involvement and not in the sense of malware. This position
is made crystal clear if we read the definition of "death" under section 46, which provides
death of a human being, unless the contrary appears from the context. It would bring absurd
results if we argue that the context in the present situation is talking about the "death of the
computer" or the "operating system". Similarly, it will be unreasonable, in fact unrealistic and
imaginary, to argue that for protecting one's computer from malware, every time recourse to
public authorities has to be taken. In fact, the main reason for providing the provisions
concerning private defense is that State cannot protect the life and property of the citizen at
all times. Thus, as a measure of the citizen at all times. Thus, as a measure of public policy
64
and practical convenience, the concept of sell-help has been given a moral, equitable and
legal sanction. Even under the code there is an inherent and patent conflict between section
99 and section 103. Section 103 is subject to section 99, whereas section 99 itself is subject
to section
99. It is talking about taking recourse of public authorities when the act "does not" reasonably
immediate threat of death or grievous hurt, then recourse to public authorities need not be
taken. This is logical and satisfies the tests of common sense, because a person cannot
approach the public authorities after his death, which may result due to immediate peril to the
life. Similarly, no useful purpose will be served by approaching the public authorities if
grievous hurt has already been afflicted. In fact if there is an apprehension of death or
grievous hurt, theright to private defence can be exercised even against a public servant
who is though acting in good faith under the colour of his office is not strictly justifiable- by
law. It must be appreciated that no malware can cause any physical injury or apprehension of
the same, which may necessitate recourse to public authorities within the meaning of
section
99. Thus, it can safely be concluded that recourse to self-help can be taken under section
103 of the Code without approaching public authorities since it does not involve the real and
active physical presence of the human agency. This is also in conformity with the basic theme
and object of the concept of self-help and the practical requirements of law and its
regulation of society.
the right of private defense under Section 103. It must be noted that section 99 also
recognises the principle of proportionality among other things. This means that the proposed
65
harm given by the technological property holder must commensurate with the nature and
gravity of the threat. Thus, the harm, if at all it is considered to be so, caused must be
reasonable, proportionate and not unduly harsh. The moment it exceeds the limits, which
may be deemed to be appropriate by a reasonable person, it will offend the benign objects of
section 99, and may become illegal. Thus, to this extent, and in this sense only, Section 103
defence of information technology and the proportionate action required to be taken by the
person exercising the private defence. This is not the end of this matter. Sections 99 and 103
must be interpreted in the light of Section 105 to make them meaningful. Section 105 of the
Code provides that the right of private defence of property commences as soon as a
particular malware may not give rise to such apprehension at all because of its programming
and operational specifications. In such a case, the owner of the information technology comes
to its knowledge when the damage has already been done. In such a situation no useful
purpose will be served by approaching the public authorities, as they cannot undo what has
technological measures, since precaution is always better than the cumbersome and
expensive cure. As a concluding argument it may he pointed out that, by virtue of Section 40
of the Code, the right of private defence is allowed against offences committed under the
"special laws as well. In India the Information Technology Act, 2000 (ITA) is a special law
defence will also take their colour from it. In case there is a conflict between the provisions
of the code and the ITA, the latter will prevail. Fortunately, there is no conflict between
the provisions ofthe Code and ITA, hence the interpretation given to the sections, as
mentioned above, together with a purposive interpretation of the provisions of the ITA
66
would be sufficient to take care of the principles governing private defence of technological
The criminal, the outlawed has mastered technology. Mankind was yet to recover from
the terrorism pathogen, which has plagued humanity for decades, and yet its combination
with "Cyber" has made it doubly dangerous and alarming. The critical infrastructure or
nations, the communication systems globally, the banking network worldwide and the
aviation and intelligence systems are all easy targets and deprat obvious vulnerabilities.
The dark clouds of stealth and incognition engulf cyber terrorism, which is the newest
face of terror,9 and it is said that a new breed of terrorism is on the rise.10 The term implies
two elements cyber and terrorism. Both of these are regarded as the two great fears of
the late 20th century. Both imply fear of the unknown. Fear of random, violent victimization
segues well with the distrust and outright fear of computer technology.11 Terrorism has
entrenched humanity and going hand in hand with technology, it is spawning the deadliest
threat to the society. Cyber terrorism is a term esoteric, complex and difficult to circumscribe
within the four corners of a definition, which will be universally acceptable. While the word
"cyber" relates to cybernetics, which is our tool of trade, "terrorism" denotes an act of
violence. The ambiguity in th definition of the term cyber terrorism brings indistinctness in
action as Dorothy Denning points out, "An e-mail may be considered hacktivism by some
In 1997, Barry Collin coined the term "cyber terrorism" and defined it as the
convergence of cybernetics and terrorism. 13 The term has since entered popular parlance and
67
is also defined as "attacking sabotage prone targets by computer, which poses disastrous
terrorism the terrorist, finds an easy, risk-free, low-cost option. Whatever may be
Perhaps the comprehensive and popular definition is given by the FBI, which defines
cyber terrorism as :
compute programs and data which result in violence against non-combatant targets by sub-
and clandestine agents to pressurise an audience or to cause a government to alter its orders
or policies. The definition may be extended by noting that Department of Defense (DoD)
operations for information warfare16 also include physical attacks on computer facilities and
transmission lines. Although, computer attacks are different from cyber terrorism, yet if
certain computer attacks are destructive and disruptive enough to terrorise the victim, which
reflect "Severity of effects" and lead to death, injury, extended power outages, airplane
crashes, water contamination or major loss of confidence portions of the economy then it
The incognito nature of the operative of the terrorist act is the biggest challenge and
greatest advantage of the cyber terrorist. For a subversive attack, borders do not have to be
crossed, bombs do not have to be smuggled and placed, hostages do not have to be
kidnapped and captured, and terrorists do not have to surrender their lives. Plainly stated,
tomorrow's terrorist may be able to do more with a key board than with a bomb".18 Cyber
terrorism mainly targets the national infrastructure of a country and cyber terrorists are
interested in controlling systems of nuclear reactors, large storages of strategic raw material
68
like gas and oil, systems of water supply, power distribution, traffic centres, communication
secrets, etc.
Technique
The Internet gives the terrorists exclusive opportunities.19 Technically speaking, the
cyber terrorist is not yet so potent so as to terrorise a nation by merely resorting to the
Internet. The terrorist groups currently lack the capability to mount a meaningful operation.
Cyber attacks lack the horror and bloodshed, which are the ultimate motives of a terrorist. In
the Conference of Terrorism held in Paris in May 2000, the participants stated that terrorist
technology to further their malevolent ends.20 However, it is also reported that most of the
captured files of Al-Qaeda are either not encrypted or they are poorly encrypted. Reports
also say that Osama bin Laden has taken steps to improve organisational secrecy and to make
clever use of technology.21 Although, at a slower pace yet the terrorist is embracing
technology to simplify its nefarious designs and to maximise the damage of the physical
attack. Seized computers belonging to Al-Qaeda indicate that its members are now becoming
familiar with hacker tools that are freely available over the Internet.22 Not only this, while
refurbishing their outfits, they are giving due importance to technology and the computer
literate youth has started joining the ranks of the terrorist and it is said that once a new
tactic is publicised, it is likely to motivate other rival groups to follow along the new
pathway.
The terrorist first make a simulated test of the computer attack, which they have
technology to link its members, plan attacks, raise funds and spread propaganda.23
Evidenceshows that, Mohamed Atta, the leader of the attacks carried out on 11 September
2001 had made his air reservation ticket online and other members of Al-Qaeda used Internet
based telephone services to communicate with other cells overseas. Khalid Sheikh
Mohammed, the mastermind of the attacks against the World Trade Center, reportedly used
Internet chat software to communicate with at least two airline hijackers.24 The international
terrorist groups have already resorted to advanced technological methods to commit terrorist
acts. Ramzi Yousuf, the man sentenced to life imprisonment for helping to bomb the World
Trade Centre was reportedly trained as an electrical engineer, made plans to use
encryption to protect his data and to prevent law enforcement agencies from reading his plans
in case he is captured.25
The Virtual world has offered a lush green inviting playground to today's terrorist
where it can organise any dirty game and at the same time remain conspicuously absent
from the scene of occurrence. Attacks in the physical world like bombing critical
traditional targets of the terrorists. But today, there is a convergence of the physical and
terrorist do also differ in nature. Today's terrorist remaining hidden and unnoticed can do a
lot, he can increase the amount of iron supplement in cereals, thereby killing hundreds of
floodgates in a dam, handle 3,00,000 volts of electric power thereby causing destruction of
70
property28 and the like.
Not only on the land, a cyber terrorist without taking the risk of flying can take
control of the air traffic system or alter the system to such a fashion that airplanes fly into
each other resulting in mass causalities. However, this scene requires that the entire human
element in control of the aircraft be ignored. Thus, the cyber terrorist gets a risk-free, low-
advancements, no single measure can successfully combat it. Thus, only a multi-thronged
counteraction The myriad responses to the menace at the international level are
Legal Response
Main players in cyber terrorism are organised criminal groups, criminal societies and national
and transnational criminal organisations.29 Thus, in cyber legislations of almost all the
countries, recognition is given to the criminal liability of the cyber terrorist. After 11
September 2001 holocaust, legislations are fixing liability for funding terrorist acts and if
found guilty, to block funds and seize assets of such persons. Unfortunately, there has not
been an exclusive legislation to combat Cyber terrorism by any country but the criminal
liability of cyber terrorist, holding him responsible for hacking, DoS, which are used by the
terrorist for their destructive ends is the present and plausible approach by all the countries.
Indian approach
Like most of the countries. India too responded to the misuse of information technology and
addressed some of the cybercrimes and vandalisation of data while the word "cyber
terrorism" did not occur in the Act until 2008 when the amendment made important
The IT (Amendment) Act, 2008 (10 of 2009) not only defines the term cyber terrorism
but it has many sections in pari materia. It is the amalgamation of several sections in the
amended Act which, taken together make a meaningful and effective law provision to
International Response
There is an international consensus that a hacker should not be allowed to get away only
combat it without international harmonisation of laws on the subject and a concerted effort by
the international society. As terrorism is being fought through regional and international
cooperation, so also cyber terrorism can be thwarted only when nations come together and
Governmental Response
US, having the densest connectivity and convergence, is the easiest target of cyber
terrorism. Thus, the governmental response in this country is strongest compared to the other
countries.
After II September 2001, the US government reacted towards it in the most effective
manner so as to construct a more resilient society of Americans which will strengthen them to
(SCADA) when they are connected to the Internet to monitor certain industrial processess
73
CHAPTER-5
An additional set of difficulties has emerged for law enforcement organizations in India due
to the surge in cybercrime cases. With the development of information technology, actual
humans are now completely outside of physical bounds. It's true that there are two sides to
every coin. There are countless advantages and disadvantages to the new digital global
.Over the course of more than 150 years, India's criminal justice system has developed
to a mature point and gained a reputation as one of the most effective legal systems in the
world. The important organizations involved in the management of criminal justice are the
judges, prosecutors, police, and parliament, which are the body that makes laws. Although
they have a great deal of functional freedom, their operation is constrained by the concept of
checks and balances, which prevents them from invading one another's territory and requires
total coordination.
Online culture has become an essential aspect of modern life since computer networks and
the internet have made it possible for most of our activities, including banking, industries,
online. Nowadays, one may find everything on the internet that they choose to view or learn.
Notwithstanding this positive element of computer technology, there are certain drawbacks as
well that should worry law enforcement organizations as well as court officials.
As a result of the exploitation and abuse of computer networks for illicit activities, the
internet culture has given rise to a multitude of online conflicts, divisions, controversies, etc.
74
Although disputes in general are not new to human society—they have been around since the
are very different in terms of their nature, scope, and handling. As a result, resolving these
cyber-related disputes has become a significant challenge for the legal system due to the
.The following are the elements that make it difficult for judges to sentence people for
cybercrimes:
(i) These crimes are global in nature, meaning they transcend national borders; (ii) There are
differences between national legal systems, laws, and procedures regarding the admissibility
of cases pertaining to cybercrime; and (iii) there is uncertainty regarding the precise
definition of cybercrime and the range of activities that fall under its purview.
Due to the intangible character of cybercrime, neither physical violence nor the presence of
the accused at the crime site are necessary. under cybercrime cases, the typical adversarial
litigation system would rarely serve the interests of justice under these circumstances.
In the case of State of Punjab and others v. M/s Amritsar Beverages Ltd. and others, the
Supreme Court of India made observations about the challenges encountered by the legal
.scientific knowledge or lack the necessary understanding to deal with the novel
circumstance. Focus was immediately drawn to a number of fresh events that gave rise to
crimes of all types that our Legislature had not anticipated. The Information Technology Act
of 2000 was revised to encompass a variety of cybercrimes and their associated penalties, but
it still does not address every issue that law enforcement officials encounter.
."
educational background, mental state, and maturity are the main criteria that affect judicial
sentence. The accused's sentence is also influenced by his motivation, the circumstances
surrounding the offense, and how it affected the victim or society. Due to the offender's
youth, immaturity, and prior clean record, sentences are often lenient; but, severe
punishments are meted out in response to recidivism, ongoing associations with criminals,
Nevertheless, they are only generalizations and in no way limit the ability of judges to
sentence offenders. The judges seldom have the luxury of ignoring the whole of the damage
that crime has on society when deciding on punishment. As a result, the court's ruling is
crucial in determining the future course of action in situations that are comparable.
.3Even if there isn't as much case law on cybercrime as there is for regular crimes, the
crime is still on the rise since individuals are using computers more and more frequently.
Courts have a history of viewing cybercriminals who have committed planned crimes as
potential threats to society, and as a result, they are hesitant to lessen their sentences.
Leon Radzinovicz expressed his opinions regarding judicial sentencing, stating that while a
sentence that is excessively harsh in relation to the crime committed or one that is less severe
in order to assist the offender in changing their ways is unacceptable.4 Since cybercrimes do
greater harm, harsh punishments are typically meted out. In the case of cybercrime, the
preventing crime. However, the overall tendency appears to be in favor of stopping and
controlling cybercrime by taking a strict stance in the lack of any particular criteria in this
respect.
Technology Act, 2000 on October 17, 2000, there was almost no Indian case law regarding
the cyber jurisdiction of the courts. Since information technology has become a more rapid
method of communication in the new century, it has had certain unintended repercussions
The issue of judicial jurisdiction arose in the P.R. Transport Agency v. Union of India and
Others5 case when a contract between parties who resided in separate locations was
established by email. In this instance, plaintiff (P.R. Transport agency) won an online auction
for forty thousand metric tons of coal from Dobari colliery. The sale was conducted by
Bharat Cooking Coal Ltd. (BCCL) and featured many lots of coal. On July 19, 2005, the offer
was accepted via email, as announced by the BCCL. In retaliation, the plaintiff sent BCCL a
check for 81.12 lakhs, which the company received and paid but failed to deliver the coal to
notified the plaintiff via email that the aforementioned e-auction is terminated "due to some
technical and unavoidable reasons". The plaintiff discovered that BCCL had canceled the
coal e-auction because a different bidder had placed a greater bid, which had not been taken
into consideration earlier because of a problem with the computer, its software, or the data
input. In the Allahabad High Court, the plaintiff (P.R. Transport) contested the defendant's
The defendant, BCCL, objected to the court's territorial jurisdiction, arguing that the cause of
action had not arisen in the state of Uttar Pradesh, and so the High Court of Allahabad lacked
jurisdiction in this matter. The plaintiffs contended that the matter was within the Court's
jurisdiction as they got the email notifying them of the tender's acceptance in Chandauli,
Uttar Pradesh. After hearing from both sides, the High Court ruled that, should an email be
accepted, the information sent by the account holder from any location gets to the "server's"
77
memory, which may be placed anywhere and that the addressee account holder may recover
As a result, there is no set time for email transmission or reception. Section 13(3) of the
Information Technology Act of 2000 states that "an electronic document is considered
received at the addressee's place of business." The plaintiff, P.R. Transport, will be assumed
to have accepted the tender when it is received at its place of business, which is in Chandauli
The Allahabad High Court was therefore empowered to provide a decision because the matter
was inside the state of Uttar Pradesh. Based on the ruling in this case, it can be said that the
trend in courts' exercise of jurisdiction over cybercrimes must adhere to the standards of fair
play and justice, which are inevitably based on the following factors: a) the degree of
deliberate interference or illegal activity impacting the affairs of the State; b) the degree of
the State's sovereignty being violated; and c) the forum of the State's interest in resolving the
dispute.
The State's obligation to safeguard the rights of parties that are offering them relief; and (b)
the presence of a substitute forum. To bolster a state's online authority, the legislation
mandates that it engage with the victim in some capacity in addition to making the website
accessible.
The prevalence of pornographic content on the internet has increased with the usage of
computers in daily life. This has negative effects on society at large as well as on children and
young people. Pornography is generally defined as content that is primarily sexually explicit
78
The primary cause of the growing prevalence of pornography as a cybercrime seems to be the
lack of any meaningful regulations limiting who is allowed to use the internet. There are
several private Internet service providers (ISPs) in India, including Videsh Sanchar Nigam
Limited (VSNL) and others, that offer internet access through various schemes. However,
There aren't many documented Indian cases involving internet pornography since the
majority of them are resolved at the magistrate level of lower courts. But in this light, the
State of Tamil Nadu v. Suhas Katti6 case merits particular attention because it was resolved
in a record-breaking seven months after the FIR was filed. The Chennai Cyber Crime Cell,
which produced 18 witnesses and 34 documents in support of the prosecution case, deserves
recognition for its quick investigation of the case. The following were the case's facts.
The woman was making unwelcome phone calls to have sex because she was soliciting. She
reported the unidentified culprit to the Chennai Cyber Crime Cell. According to the police
inquiry, the accused was the victim's well-known family friend who lived in Mumbai and was
considering marrying her. But after a while, she got married to someone else and got
divorced, so the accuser approached her once more about getting married to him. She turned
him down. Subsequently, he began to harass her by sending offensive and disparaging
emails..
The Indian Penal Code's Sections 469 and 509, in conjunction with Section 67 of the IT Act
of 2000, were utilized to charge the defendant. He begged that the lady who was the
complainant may have received the unpleasant emails from her ex-husband, with whom she
had ended their divorce, or she may have done so on her own to implicate the accused,
because he had declined her proposal of marriage. Additionally, it was claimed on the
accused's part that Section 65(b) of the Indian Evidence Act did not support the documentary
Section 67 of the I.T. Act based on the expert witnesses and other evidence presented before
it, including the testimony of the cyber cafe proprietor. For the offense under Section 469, the
accused was sentenced to two years of rigorous imprisonment and a fine of Rs. 4500/-for the
offence; for the offense under Section 509 of the IPC, the accused was sentenced to one year
of imprisonment and a fine of Rs. 500/-; and for the offense under Section 67 of the
Information Technology Act, the accused was sentenced to two years of simple imprisonment
and a fine of Rs. 4000/-. Every sentence was meant to flow simultaneously.
Avnish Bajaj was the Chief Executive Officer (CEO) of 7 Baazee.com, an online auction
company, in the case of Avnish Bajaj v. State (NCT Delhi). In December 2004, he was taken
into custody for disseminating pornographic content online. The allegations against him
stemmed from the discovery that someone had used the Baazee.com website to sell copies of
pornographic CDs. The Delhi market was also selling the CD. The offender was taken into
custody as a consequence of the Delhi and Mumbai police working together. But the Delhi
High Court eventually granted him bail, finding no prima facie proof that Mr. Bajaj had
distributed the aforementioned pornography directly or indirectly and that the real, filthy tape
. According to the inquiry into this case, Bajaj had family links to India and was of Indian
descent. The website owned by his firm, Baazee.com, catered to customers and sold real
estate online on a fee basis. On November 27, 2004, an explicit MMS clip titled "A DPS girl
having fun" was put up for sale on "Baazee.com," and the corporation proceeded to sell a few
copies of this clipping.In his defense, the defendant, Mr. Bajaj, said that Section 67 of the
Information Technology
The act that led to his detention and charges concerns the publication of pornographic
content rather than its delivery. Furthermore, since the disputed CD was unlawful, he took
80
quick action to halt its sale, which was completed in 38 hours, even though it was a weekend.
He further said that the sale profits were not handled via him and that the aforementioned
In this case, the Court was asked to decide whether to distinguish between content providers
and internet service providers (ISPs). The accused must demonstrate that he was merely the
service provider and not the content supplier, the court decided. The evidence indicated that
the obscene content may have been inadvertently placed for sale on his company's website,
and there was a chance that the claimed crime had really been committed by someone else.
Consequently, the court decided that the accused should be freed on bail.
However, the accused was directed to turn in his passport, provide two sureties of one lakh
rupees each, and promise not to leave India without the court's approval. In the end, his bond
was increased, but only on the stipulation that he take part in and support the investigation.
In State v. Fatima Riswana In the case of respondents 2 to 6, who were charged with cyber
pornography under Section 67 of the Information Technology Act, 2000 read with Section 6
of the Indecent Representation of Woman (Prohibition) Act, 1986, Sections 5 and 6 of the
Immoral Traffic (Prevention) Act, 1956, as well as Section 27 of the Arms Act, 1959, the
.. Dr. L. Prakash, the accused, is accused of taking advantage of certain men and women in
order to produce pornographic images and recordings of them engaging in different sexual
actions, which he then sold to international websites. The case was heard at the Vth Fast
Track Court in Chennai, which was presided over by a female judge. The court was
established by the Tamil Nadu government as a "Mahila Court" to expedite the hearing of
The accused filed a revision appeal against the court ruling rejecting their demand for copies
of 74 compact discs (CDs) containing allegedly pornographic content while the trial was still
81
ongoing before the aforementioned Fast Track Court. The Madras High Court denied the
revision plea, ruling that it was not feasible to provide so many CD copies since doing so
would encourage the duplication of such illicit content for wider distribution. the CDs in the
Presiding Judge's room with their attorneys present, as well as the public prosecutor and
expert,
The petitioner's attorney and the public prosecutor both stated that it would be embarrassing
for them to watch the aforementioned CDs in front of the female, knowledgeable district
judge. The High Court noted that the Presiding Lady Judge had the option to attempt to
handle the case alone or have it moved to a male judge colleague, as the accused had not
submitted any motion for the matter to be transferred to a male judge. However, at the Public
Prosecutor's request, the High Court sent the case to Fast Track Court IV, presided over by a
Because she is a woman, the appellant consequently filed a criminal revision in 2004,
claiming that having the case transferred from a female judge to a male judge would make
her feel ashamed. Additionally, it was argued that both the earlier Apex Court decision9 and
the purpose of establishing Mahila Courts were violated by this transfer. The appellant filed
an appeal with the Supreme Court after the High Court denied their request..
The Supreme Court ruled that the High Court's whole strategy in this particular case was
detrimental to the interests of the witnesses, who were actually the case's victims. The
presiding lady judge of the court further stated that since she had not shown signs of shame, it
was irrational to assume that it would make her feel that way. This is especially true given
that she had not indicated a want for the case to be moved to a male judge. The Apex Court
allowed the appeal, ruling that the High Court shouldn't have become involved in the case..
A youngster at Air Force Bal Bharti School in Delhi, case number 10, was made fun of by all
of his peers for having a scar on his face. He chose to exact revenge on his tormentors after
82
growing tired of their cruel pranks. In addition to creating a pornographic website, he also
scanned and altered photos of his professors and classmates to make them appear naked. He
then submitted the finished products to a free online hosting provider. One of the class girl's
fathers, who just so happened to view the webpage, took issue with this and complained to
the Delhi Police. The child received a show-cause letter from the school, asking him to
The case was taken up by the Juvenile Welfare Board, which heard arguments from both
compromise. However, the father of the accused boy refused to remove his son from the
school until the school provided a written guarantee that his son would be admitted to another
institution, which the education department was unable to provide. The complainant's father
maintained that the case would not be compromised as long as the accused youngster attends
the same school. The parents of the twelve children, whose names and images were scanned
and posted on the internet, did not want their kids to be taught alongside the lad.
The defense's claim that other students had been sending offensive emails about the school's
teachers even before the boy set up the website was rejected because the school provided
enough evidence to show that it did not have an internet connection prior to April 4, 2001, the
day the accused was charged with cyberpornography. However, because of a deal between
the complainant and the school, the matter was eventually abandoned.
Another instance included a Swiss couple11 in Mumbai who would round up underprivileged
kids and make them appear in explicit and naked pornography. After that, they would post
these images on websites created especially for child molesters. The pair was detained by the
Mumbai Police for pornography, and they were also charged with internet pornography under
Section 67 of the I.T. Act as well as Sections 292 and 509 of the IPC. However, they were
later released due to insufficient proof. In the United States v. Kufrovich case in the United
83
States, the defendant was accused of violating US Criminal Law Sections 2422(b) and
with him.
.. The accused said in his defense that since he had only spoken with the victim virtually and
not in person, he was protected by the First Amendment and the exchange via the internet
could not be used against him as evidence. However, the court dismissed the defense, ruling
that the accused was charged under the Communications Decency Act, which makes it illegal
to use the internet and phone lines to lure minors into sexual behavior.
The legal system has always adjusted to the demands of the ever evolving technological
landscape. It has balanced the long-standing, strict regulations with the most recent
challenges that were not anticipated by the previous legal system have been brought about by
the internet and other digital technologies. Unexpected by the Parliament, a number of new
have emerged in the wake of the millenium. In order to prevent injustice from being done to
anybody, the courts have acted as an arbitrator in internet-related intellectual property rights
A collection of rights are included in the notion of intellectual property. Section 43 of the
Information Technology conduct, 2000 defines an offense as any illegal conduct that robs the
owner of all or some of his rights. One frequent instance of an IPR violation is software
piracy. Other intellectual property rights (IPR) infractions include theft of computer source
code, trademark and service mark infringement, and copyright infringement. In the
paragraphs that follow, a brief discussion of pertinent case law demonstrating judicial trends
Proprietary Ltd.15 that the term "trademark" in Section 105(c) of the Trademarks Act must
be interpreted as a comprehensive term that includes the "trade name," or the "business
name," and the name by which the article or goods are sold. This is because the definition of
trademark includes the word "mark," which means name. Of course, that mark should have a
legitimate connection. Because there was a chance that the defendant would mislead or
confuse the public and cause harm to the plaintiff, the court in this instance barred the
defendant from using the trade name "Kirloskar" for their private enterprises.
. Stated differently, instances of trademark or trade name infringement would give rise to a
passing off action. As a result, the defendant was forbidden from referring to himself as
Rediff Communication Ltd., an online media corporation, was the plaintiff in the historic case
of Rediff Communication Ltd. v. Cyberbooth and Others.16 The company had been in the
communication and internet service industry since January 6, 1997. The initial six letters of a
collection of businesses with corporate names that included Rediffussion, Denstu Young, and
Rubicam advertising Ltd. were combined to form the term REDIFF. The plaintiffs claimed to
have had a significant turnover of Rs. 1.93 crores during the period after registering their
It was. in March 1997 that the plaintiffs learnt that defendants got their domain name
RADIFF.COM registered with Network Solution Inc. on January 31, 1999 and had
established webpage on the internet with the said domain name. The plaintiffs alleged that
the adopting of the said domain name by the defendants was clearly public to believe that
the defendants are associated with the plaintiff or part of the 'Rediffusion Group' with whom
the name mark 'REDIFF' is exclusively associated and therefore, it was an act of passing off
on the part of the defendants for which an injunction be granted by the Court. In other words,
85
the defendants had deliberately passed off their business, goods, services etc. as those of the
plaintiff's, and thereby illegally exploited the reputation and goodwill of the plaintiffs.
The defendants in their written statement supported by an affidavit contended that the
word RADIFF adopted by them was coined by taking first three letters of the word 'Radical',
the first letter of the work 'information', the first letter of the word 'future' and the first letter
of the word 'free'. They further argued that there was no likelihood of deception or confusion
as the two domain names 'REDIFF' and 'RADIFF' were distinctly different and also that the
plaintiff's website was titled 'REDIFF' on the internet whereas defendant's website was titled
as 'RADIFF ONLINE'. Further, the plaintiffs' website was providing various services from
news to shopping whereas the defendant's website was mainly providing hyper text links' to
its advertiser's websites. Thus the look and feel of the plaintiff's website was totally different
Analysing the principles underlying the law relating to passing off, Mr. Justice A.P.
Shah of the Bombay High Court (as he then was) referred to Lord Diplock's observation in
Erven Warinick v. Townend17 case wherein it was held that the essential characteristics which
must be present for a valid passing off action are : (1) misrepresentation, (2) made by a
person in the course of trade or business, (3) to the prospective customers of goods or
services supplied by him, (4) which is calculated to injure the goodwill of another trader as
(5) which causes actual damage to the business or goodwill of the trader
The High Court of Bombay came to the conclusion that when both the domain names
are considered, it is clearly seen that they are almost similar in nature and there is every
86
possibility of internet users being confused and deceived in believing both the domain name
belong to same person although in fact the two belong to different persons. Rejecting the
defendant's plea that the word RADIFF was derived from the four words, namely 'radical'
information', 'future' and 'free', the Court held that this assertion appears to be completely
false and an afterthought devised to answer the plaintiff's claim. The Court concluded in
unequivocal terms that the prima facie object of the defendant in adopting RADIFF as a
domain name was to trade upon the reputation plaintiffs domain name and the
argument that the field of activity of the two was different is without any substance because
both activities are similar as also overlapping. The defendant was therefore, restrained from
In the case of TATA & Sons v. A.K. Chaudhary, 18 the petitioners used TATA logo in
its website for its products. They sued the defendant for openly selling his steel and cutlury
and similar items using deceptively similar trademark on the website, and prayed the Court
for an injunction directing the respondent to refrain from selling their products using brand
name similar to that of the petitioners. Allowing the petition, the High Court of Delhi ruled
that petitioner's trademark had acquired unique goodwill and reputation and it had become a
distinctive trademark within the meaning of Section 9 of the Trademarks Act due to its long
continuity. Therefore, the Court prohibited the defendant from using the trademark under
Section 29 (4) of the Act although it was not being used by the respondent for commercial
purposes.
The Supreme Court in M/s Satyam Infoway Ltd. v. M/s Sifynet Solutions Pvt. Ltd.19
held that domain name used as a mode of carrying on commercial activity has all the
identifier as it identifies users. Bringing out a distinction between trademark and domain
Consequently, a trademark may have multiple registration in many countries. As against this,
consumers. Although there is no specific legislation in India which explicitly refers to dispute
resolution in connection with domain names but that does not mean that domain names are
not to be legally protected. They, are adequately protected by the law relating to passing off
In an action for passing off as the term itself suggests, the defendant tries to pass off
his goods or services to the consumers or public as that of the plaintiff's goods or services. It
is an- action not only to preserve the reputation of the plaintiff but also to safeguard public
commerce with its instant accessibility may result in users mistakenly accessing one domain
In the instant case, the appellant was an incorporated company registered in 1999
recognised Registrars, namely, Internet Corporation for Assigned Names and Numbers
(ICANN) and the World Intellectual Property Organisation (WIPO). The word 'sify' was
coined by using elements of its corporate name, Satyam Infoway and the appellant claimed a
The respondent started carrying on business of internet marketing under the domain
names 'www.siffynet.net' and 'www.sifynet.com' from June 2001 which were registered
with ICANN on 5th June, 2001 and 16th May, 2002 respectively. Having come to know
about the use of domain name 'siffy' by the respondent, the appellant served a notice on the
88
defendant asking him to desist from using that domain name as it was deceptively similar to
that of the company's domain name, but the defendant refused to oblige. Consequently, the
appellant filed a suit against the defendant in the City Civil Court claiming passing off action
against the latter and an application for temporary injunction against the defendant. The Court
granted injunction on the ground that the appellant was the prior user of domain name 'sify'
which had earned considerable reputation in connection with internet and computer services
therefore, adoption of similar domain name by the defendant was deceptive and likely to
The respondent preferred an appeal against the Civil Court's order in the High Court
which stayed the injunction order and later allowed the appeal on the ground that merely
because the appellant had started the business first, did not entitle him for an injunction
without considering as to where the balance of convenience lay. The Court in this case
noted that, the record showed that respondent was carrying on business other than that of the
plaintiffs and there being no similarity between the two businesses, there was no question of
customers being deceived or confused. The claim of appellant was therefore, disallowed by
the High
Court.
89
In Himalaya Drug Co. v. Sumitt20 the plaintiffs were engaged in
the manufacture and sale of Ayurvedic medicinal preparations and had developed a website
under the domain name www.himalayadrugco.com. They had spent considerable time,
labour, skill and money in preparing database of more than 209 herbs. It came to the
notice of the plaintiffs that the defendants were operating a website which reproduced the
plaintiffs entire herbal database by copying the preliminary information of each herb and
the detailed monograph, so much so that even the synthactical and grammatical form that
appeared on the appellant's website was copied verbatim by the defendant in their website.
The appellants, therefore, moved the Delhi High alleging that the defendants were
passing off their business using the similar domain name as that of the appellant's which was
causing deception and confusion among the consumers and the public. The defendants having
failed to respond and attend the Court despite several notices, the High Court of Delhi
proceeded ex-parte against the defendants and ordered a permanent injunction restraining
them from reproducing, using and/or communicating to public on their herbal website which
they had copied from the appellant's database. The Court also awarded punitive damages to
the extent of eight lakhs rupees, which the defendants were required to pay to the plaintiff by
way of compensation.
In yet another case, namely Dalgit Titus, Advocate and others v. Alfred A. Adevare
and others21 decided by the Delhi High Court, the plaintiffs were running a law firm which
consisted of advocates specialised in different legal fields. The defendants were working
with the plaintiff's firm and were paid remuneration while they retained control over the
professional organisation. They claimed copyright ownership over the work which they had
done while working in the plaintiff's legal firm. The plaintiff's, on the other hand, contended
90
that since the defendant's were a part and parcel of the plaintiff's firm, they could not claim
exclusive right in respect of expert opinions and advice rendered to them as they were under
an obligation to maintain confidentiality. The plaintiff also claimed to have spent substantial
amount of money, time, skill, computer network, law library, office infra-structure etc.
Consequent to this dispute which arose regarding the copyright ownership between the
plaintiffs and the defendants, the plaintiffs filed a complaint before the Court that one of the
defendants came to their office after the office hours and downloaded 7.2 GB of database of
their crucial data, write-up through plaintiffs local area network and allegedly have stolen the
hard copies compressed over ten proprietary drafts of the plaintiffs and therefore, they prayed
for protection of their exclusive data under the Indian Copyright Act, 1957.
After hearing both the parties, the Court came a conclusion that plaintiff had prima
facie copyright in the database which the defendants had taken away from the plaintiff's
office. The Court noted that the defendants were free to carry on their legal profession,
utilise the skill and information they had mentally acquired by experience gained from
working with the plaintiff's legal firm but restrained them from copying material of the
plaintiff in which the plaintiffs alone had the exclusive copyright. The principle of law laid
down in the case clearly envisages the need for a careful drafting of different clauses of the
contracts before entering into any kind of relationship, particularly the clauses
dealingwith database and in case of a legal firm, whenever an employee of a solicitor firm
drafts a document, the employer is the first owner of the copyright document.22
The American case of Marks and Spencer PLC v. One in million 23, may also be cited
wherein it was held that any person who deliberately registers a domain name on account of
organisation, may be restrained from such passing off activity by an injunction. The
91
defendants in this case adopted the name Marks and Spencer domain name only because this
name was associated with the plaintiff's group which had good business and the defendant
wanted to use it illegally for his own gain by causing confusion or deception among the
users or customers.
Where the controversy between the parties centers around the domain name on the
internet, the principle laid down in the landmark case of American Civil Liberties Union
(ACLU) v. Reno24, may be followed to arrive at a correct finding. In that case, Justice
Mokenna inter-alia held that each host computer providing internet services (site) has a
unique internet address. The users seeking to exchange digital information such as e-mails,
computer programs, images, music-etc. with a particular internet host require the 'host'
connection. In fact, host actually possesses two addresses i.e. a numerical 'IP' address such as
125, 555, 600 and an alpha numeric "domain name" such as microsoft.com; sify.com. The
internet domain names are similar to a telephone number but they are valuable corporate
asset as they facilitate communication with a customer base. The uniqueness, of internet
address is ensured by the registration services of the Internet Network Information Center. In
' USA, the National Service Foundation (NSF) which registers domain names free on 'first
come first serve' basis. It does not determine the legality of domain name registration nor
does it verify whether that domain name has already been registered earlier by someone and
may lead to infringement of the right of prior owner of it. Anyone may apply for the domain
essential requisites for an action against defendant for passing off where the dispute relates to
adoption of domain name by the defendant similar to that of the plaintiffs domain name. They
are :
1) which is calculated to injure the business or goodwill of the plaintiff {i.e. another
traders) ;the consequences of which could have reasonably been foreseen by the defendant;
and
2) such consequences do actually result in causing actual damage to the business or goodwill
of the plaintiff.
From the above, it is evident that intent to deceive is not an essential requirement to
prove the deception of the defendant. However, it would not be wholly immaterial as it may
The WIPO Administrative and Mediation Centre's decision in the arbitration case of
Bennett Coleman &.Co. Ltd. v. Steven S. Lalvani alongwith Bennett Coleman & Co. Ltd. v.
Long Distance Telephone Company27 laid down certain principles of cyber law on domain
name which may provide effective guidelines for the prevention of cyber squatting and the
According to the principle of presumption, the moment anyone registers a domain name
which has the trademark or other mark of any other entity, it shall be presumed that, the said
person was fully aware of the existence of the said93mark at the time when he applied for the
registration of the domain name.
2) The website being a "postal address" to other sites, it will be presumed that the
defendant is adopting domain name to take advantage of the good reputation of the
plaintiffs domain name, The facts of the case were that the complainant of
Bennett
Coleman & Co. Ltd. were the publishers of two reputed papers, namely, "The Economic
Times", which had an average daily circulation of around 35 lakhs, and the "Times of India",
which had a circulation of nearly 1.52 crores per day. Besides, they were carrying out
publication of certain supplemental material using the brand name Times" and held domain
The complainant had registered in India under the mark "The Economic Times" for
newspapers, journals, magazines, books and other literary works on March 28,1973 and the
The defendant, Stevens S. Lalvani, a resident of Lipper Montclair, USA got the
the domain name www.thetimesofindia.com registered with NSI for his Long Distance
Telephone Co. having the same address. Thereafter, Steven S. Lalvani and Long Distance
Telephone Co., both built up websites of the two domain names with the result that any net
users who legitimately wanted to go to the site of the Economic Times, when typed the same
name in his browser, was redirected to the site of the defendant's website and thus resulted in
great damage and harm to both the reputed publications of the plaintiff i.e. Bennett Coleman
& Co. Ltd. This situation continued unabated until 1999 despite several notices and
During the closing decades of the 20th century, the practice of cyber squatting was a
hot issue worldwide because of the fact that Network Solutions did not prescribe any
restriction on the registration of domain names. However, perturbed by this growing menace,
the U.S. Government established the Internet Corporation for Assigned Names and
28
Cyber squatting refers to a practice by means of which a person or legal entity gets
registered the trademark, business name or service mark of another as his own domain name
for the purpose of holding it on and thereafter selling the same domain name to other persons
managing internet. ICANN has introduced a uniform Domain Name Dispute Resolution
Policy which came into force with effect from December, 1999.
Taking advantage of the Uniform Domain Name Dispute Resolution Policy, the
complainant Bennett Coleman & Co. Ltd. filed two cases against the defendants before the
WIPO Arbitration and Mediation Centre on 27th 'January, 2000. Both the complaints being
against the same defendants were taken together and were hotly contested by the defendant
Steven S. Lalvani. The case was disposed of by the WIPO Arbitration Centre in favour of the
plaintiff and the defendant was directed to transfer both the disputed domain names to the
complainant.
A controversy that came up before the High Court of Karnataka in Diebold Systems
Private Ltd. v. Commissioner of Commercial Taxes, 29 for decision was related to the
Machines (ATMs). They sought a clarification from the Advance Tax Ruling Authority
(ATRA), Karnataka on the rate of tax applicable on sale of their products Automatic Teller
Sales Tax Act, 1957, the ATRA classified ATMs as 'computer terminals' liable for four basic
taxes as they would fall under Entry 20 (ii)(b) of Part C of the Second Schedule of the
Karnataka Sales Tax Act The Commissioner of Commercial Taxes, on the other hand, was of
the view that ATRA's ruling was erroneous and passed an order that ATMs cannot be
classified as computer terminals as per Section 2 of the Information Technology Act, 2000.
The matter was therefore, referred to the High Court of Karnataka for final decision. The
Court held that ATMs are not computers; instead they are mere electronic devices for the
purpose of imposition of taxes under the Karnataka Sales Tax Act. Giving reasons as to why
ATM cannot be treated as computer, the Court held that an enlarged definition of computers
in the Information Technology Act, 2000 cannot be extended for the purpose of interpreting
or Entry under fiscal legislation. The Court observed that Automatic Teller Machine is an
electronic device which allows a customer of the bank to make cash withdrawals and check
his account balance at any time without the need of human teller. Therefore, it would be
that performs the tasks requested by the person using ATM. Many ATMs located at different
places are electronically connected to a computer, as such they are only electronic devices
96
CHAPTER-6
A new wave of terrorism is supposedly on the rise, and the latest face of evil, cyber terrorism,
is hidden behind secrecy and ineptitude.10 The term implies two things: cyber and terrorism.
The two greatest concerns of the late 20th century are believed to be these. Both imply a fear
of the unknown. The dread of violent, random victimization goes hand in hand with
skepticism and outright horror of computer technology.11 The pervasive threat of terrorism,
which is intimately related to technology, is becoming the largest threat to civilization. The
term "cyber terrorism" is obscure, difficult to define, and difficult for everyone to understand.
1. It was correctly said that "in the world of crime, bytes are replacing bullets." As with the
rest of the globe, cybercrime is becoming more prevalent in India, and it is imperative that its
cyberspace to either damage innocent people or profit quickly at the cost of gullible
citizens.The case studies show that cybercrime affects people from many areas of life.
Numerous individuals have come forward to report these crimes, and the law enforcement
agencies from the various cities around the nation have responded with assurance and
promptness.
.. Like any other trade, cybercrime investigation is still in its infancy, yet it takes time to
develop competence and quality. It is evident that this development of a community practice
has begun in India, where the cyber sleuths are picking up new skills and developing them
via initiative and experience. To aid in this endeavor, the India Cyber Cop Award was
97
instituted annually. This compilation is an effort to support the process of tracking, recording,
The modern civilization has undergone significant transformations due to the progress of
devise new methods of carrying out their illegal acts. Technology-related crimes actually
have global repercussions and impact, not only on people or a country. One such gray area
up a new area for online crime that needs to be addressed on a worldwide scale.
Cybercrimes have arisen as a result of computer network growth. In the current millennium,
the internet has expanded to become ubiquitous. It has also introduced new issues that
mankind has never faced before. People from all around the world use the internet, which is
comparable to the "high seas" in that nobody owns it. The word "cybercrime" refers to a wide
It is an unavoidable evil that stems from people's increasing reliance on computers in modern
life. This is because, while being highly advanced technological gadgets, computers are
incredibly susceptible. Therefore, a cybercrime is any crime or illegal conduct that involves
the use of a computer. Because of this, the definition of "cybercrime" is "an unlawful act
98
The aforementioned analysis makes it abundantly evident that cybercrimes are dangerous
online actions that have the potential to harm individuals, their property, the government, or
society at large. Through the use of computers, criminals from all over the world conduct
numerous cybercrimes. Because cybercrimes differ greatly from traditional crimes, law
enforcement organizations struggle to combat them using the current infrastructure due to a
lack of sufficient understanding of computer operating systems. This is the primary cause of
the issue the relatively new type of crime is presenting to the judicial system. The arrival of
Globally, cybercrime is a massive problem that has been dubbed a "technological scorn" and
is not limited to just one or two nations. India is not exempt from this threat posed by
computers. However, the Information Technology Act, 2000 was passed by the Parliament
and went into effect on October 17, 2000, as a measure to deter and regulate online crimes.
The Act outlines cyberspace offenses including tampering with computer source documents,
hacking into computer systems, violating privacy and confidentiality, etc. in a clear and
concise manner.
. It is not that there was no law to address these offenses before this Act. Although there were
previously measures in place under the Indian Penal Code, 1860 to prevent and manage
cybercrimes, it was determined that these measures were insufficient to address all types of
cybercrimes. The Indian Penal Code was enacted at a period when computers and the internet
expanded, entangling itself across national borders even as the legal system still struggles to
identify cybercrimes. In a similar vein, the Information Technology Act, in particular, the
99
cyber legislation, focuses on stopping and managing cybercrimes inside the borders of the
nation, ignoring the reality that cybercrime is an international problem with no boundaries.
Due to its worldwide nature, cybercrime typically impacts a person who lives distant from the
scene of the crime, whether it takes place in their own nation or another. As a result, it calls
for both active international community collaboration and international policing. The
recommended that governments take action to restructure their cyber laws in order to address
.. The Convention addressed procedural aspects that need to be taken into account when
reconstructing the current legal framework to meet the demands of evolving technology, in
addition to substantive modifications and advances in the field of criminal law. It is widely
acknowledged that the procedural aspects of criminal law present the greatest obstacle to
.. The European Convention has selected 10 particular cybercrimes out of a wide range of
cybercrimes and requested member states to integrate them in their information technology
legislation and create a practical method to combat them. However, it is regrettable that many
cybercrimes committed in one nation are not considered crimes under the criminal laws of
other nations, which becomes problematic when cybercrimes occur across national borders.
Adopting a worldwide cyber law that is consistently applicable to all nations is the first step
toward solving this issue. The main point is that common cybercrime prevention regulations
should not differ depending on the jurisdiction. Stated differently, consistency should be
the process of drafting legislation to enable efficient law enforcement against cybercrimes.
Only a small number of nations have updated their cyber laws to combat cybercrime. The
different perspectives held by different countries on the merits of cyber law present a
significant challenge in combating cybercrime while also giving hackers plenty of room to
elude capture and prosecution. As a result, all countries should recognize how urgent it is to
raise public understanding of the dangers associated with cybercrimes, which support illicit
Notably, the United States, Canada, Australia, Japan, India, Germany, and other European
nations have revised their cyber laws to meet the demands of rapidly advancing computer
technology. Although the United States was the first nation to enact a comprehensive
cybercrime law, it was later determined that this law was insufficient to address every
instance of cyberspace crime. As a result, new laws were needed to address the needs of the
quickly advancing information technology and the new criminal activities that followed.
Japan updated its Criminal Code to cover several offenses that fall under the category of
India has amended the Principal Information Technology Act to establish a comprehensive
Select Bibliography
101
1. Kamal Ahmad : The Law of Cyber-Space (U. N. Institute of Training & Research) 2006.
2. Dr. Amita Verma : Cyber Crimes and Law (Central Law Publications) 2009.
4. Dr. R. K. Chaubey : An Introduction to Cyber Crime & Cyber Law (Kamal Law House
Kolkata) 2008.
5. Dr. Farooq Ahmad : Cyber Law in India : Law on Internet, 2 nd Edition (Pioneer Book
6. Nandan Kamath : Law Relating to Computers Internet & Commerce, 2nd Edition (Universal
7. Rahul Mathan : Law Relating to Computers and Internet (Butterworth, New Delhi) 2000.
8. R. C. Mishra : Cyber-Crime : Impacts in the New Millennium : Ist Ed. (Author's Press, Delhi)
2002.
10. B. B. Nanda and R. K. Tiwari : Farensic Science in India : A vision for 21st Century
11. Ashish Pandey : Cyber-Crime - Deviation and Prevention (J.B.A. Publications) 2008.
102
12. Dr. N. V. Paranjape : Criminology & Penology : 14th Ed. (Central Law Agency,
Allahabad) 2008.
13. Ratanlal and Dhirajlal : The Indian Penal Code ; 28th Ed. (Wadhawa and Co. Nagpur)
2002.
14. R. K. Sharma : Managing Information Knowledge & Power in Cyber Age (Bookwell Pub.
Delhi) 2004.
17.R. K. Suri and T. N. Chhabra : Cyber Crime (Pentagon Press, New Delhi) Ist Ed. 2001,
reprint 2003.
18.Yatindra Singh (Justice) : Cyber Laws 3rd Ed. (Universal Law Publishing Pvt. Ltd.) 2007.
19.D. P. Mittal, Law of Information Technology (Cyber Law) IInd Ed. (Taxman Allied
20. Nishant P. Trilokekor, A Practical Guide to the information Technology Act. Ist Ed.
21. Pavan Duggal (Advocate) : Cyber Law-The Indian Perspective 2nd Edition.
23. Dr. Vishwanath Paranjape – Legal Dimensions of cyber crimes and Preventive laws, Central
104