Student 22 April Thesis Final Done

Cyber Law and India - A critical analysis of evolution of perspectives
CHAPTER 1
INTRODUCTION
1.0.Background of the Study [Introduction] :
Cyber law, sometimes referred to as Internet law or digital law, is the body of laws and rules
pertaining to the usage of digital technology and the internet. One cannot stress the
significance of strong legal frameworks to regulate cyberspace as the world grows more
interconnected through digital networks. of India, the shift in viewpoints of cyber law is
indicative of the nation's efforts to embrace the digital era while tackling its associated
difficulties and complexity.
India is leading the way in the global digital revolution with its fast growing digital
infrastructure and growing population. Many facets of Indian culture and economy have
changed as a result of the country's increasing internet population, booming e-commerce, and
introduction of cutting-edge technology like blockchain and artificial intelligence. But with
the advantages of digitalization also come serious legal and regulatory obstacles, such as
dangers to cybersecurity, worries about data privacy, and problems with intellectual property
rights.
.From the early days of the internet, when the legal environment was mostly unknown,
attitudes on cyber law in India have evolved. As the internet became widely recognized as an
essential instrument for social interaction, business, and communication, politicians and legal
experts started debating the necessity of creating suitable legal frameworks to successfully
regulate cyberspace..
1
India has passed a number of laws throughout the years to handle different facets of cyber
law. An important turning point in this direction was the Information Technology Act of
2000, which established a thorough legal framework to control digital signatures, electronic
transactions, and cybercrimes. The IT Act has since undergone revisions, and other
legislative efforts have also attempted to adjust to the changing landscape of cyberthreats and
technical developments.
However, difficulties and disagreements have dogged India's efforts to develop a strong and
functional cyber legal framework. Stakeholders in academia, business, and civil society have
been debating topics such jurisdictional issues, ambiguities in legal interpretation, and
striking a balance between security imperatives and individual rights. .
Furthermore, the speed at which technology is developing has created new difficulties for
legislators and regulators, necessitating ongoing revisions and adaptations to the legal
frameworks that are already in place. Concerns concerning new technologies' effects on
digital privacy, security, and liability have been brought up by the rise of AI, blockchain, and
the Internet of Things (IoT). In light of this, it is essential to critically examine how opinions
on cyberlaw in India have evolved. Through an analysis of the historical background,
significant legislative advancements, court rulings, and current discussions, this research aims
to provide insight into the dynamic character of cyber law in India, as well as the potential
and obstacles it poses for the nation's legal and regulatory structure.
By doing this, the study hopes to further our grasp of the nuances of cyber law in the Indian
context and offer valuable insights for future policy discussions and scholarly investigations
into this area. This introduction establishes the framework for your critical analysis by giving
background information, emphasizing the significance of the subject, and describing the
goals and parameters of your research.
2
.2.Statement of Research Problem
The precise topic or query you plan to investigate in your study is outlined in the description
of your research problem. This is one way to phrase your study question: "Even though cyber
law has developed quickly in India, there is still a dearth of thorough knowledge of the
various viewpoints that have influenced its growth. By analyzing the impact of legal,
sociocultural, and technical elements on the development and application of cyber law in
India, this study aims to critically assess the evolution of viewpoints surrounding this legal
framework. This research attempts to shed light on the gaps, inconsistencies, and possibilities
in India's cyber legal framework by exploring the historical background and contemporary
issues. The ultimate goal is to educate future policy formation and legal practice in this area."
The topic of your study is summarized in this statement, which highlights the critical analysis
of the changing views on cyber law in India and its consequences for practice and policy.
.3.Need for the Present Study [Rationale] :
The fast growth of technology and its ubiquitous effect on all parts of society need a critical
review of the evolution of viewpoints on cyber law in India. The following important
considerations might provide justification for this kind of study: Technological Progress:
Given the explosive expansion of social media, e-commerce, the internet, and other digital
platforms, it is critical to comprehend how laws and regulations have changed to keep up
with these developments. This research will clarify how India's legal system has changed to
meet the new difficulties that the internet has brought forth.
3
.Legal Challenges and Gaps: Because technology is constantly evolving, applicable laws
have not kept up with it, leaving gaps or contradictions in the law. Through a critical analysis
of the development of viewpoints on cyber law in India, scholars may pinpoint deficiencies
and obstacles in the current legal system and suggest ways to enhance it.
Effect on the Community: The effects of cybercrimes, data breaches, online abuse, and other
digital dangers on people, companies, and society at large are profound. Knowing how cyber
laws have changed over time may help one understand how well they work to safeguard the
interests and rights of everyone involved in the digital environment.
.Global Comparisons: India is not the only country facing difficulties in enforcing cyberspace
regulations. A comparative study of the legal systems of other nations can provide India's
cyber law regime with important insights and best practices. This research might investigate
areas of convergence or divergence between India's approach to cyber law and that of other
countries.
Implications for Policy: To guarantee cybersecurity, privacy protection, and digital rights,
India must put strong legislative frameworks in place while it works to develop its digital
infrastructure and foster digital transformation. Policymakers may use the evidence-based
insights from this study to make well-informed decisions and pass legislation that adapts to
the quickly changing digital context.
Generally, the need to comprehend how technology and law intersect, evaluate the efficacy of
current legal frameworks, and make recommendations for improving cybersecurity,
defending digital rights, and creating a safe and secure digital environment for all
stakeholders is the justification for conducting a critical analysis of the evolution of
perspectives on cyber law in India.
.4 Objectives of the Study :

4
A research on the changing views on cyber legislation in India can include the following
goals:
Historical Context: Follow the evolution of cyber law in India through its early years,
beginning with the nation's introduction to the internet. Legislative Framework: Examine
how India's cyber law laws, such the Information Technology Act of 2000 and its later
revisions, have developed.
Judicial precedents: Analyze significant court rulings, such as precedent-setting judgments
pertaining to data privacy, cybercrime, and internet regulation, that have influenced the
interpretation and implementation of cyber laws in India.
International Influences: Examine how international norms, treaties, and agreements have
affected the creation and application of cyber laws in India.Questions and Remarks: Describe
the difficulties and criticisms that the Indian cyber legal system has to deal with, including
worries about censorship and monitoring, issues with jurisdiction, and enforcement gaps.
Technological Developments: Evaluate the ways in which developments in artificial
intelligence, blockchain, and the Internet of Things have impacted the development of cyber
law in India and the suitability of current legal frameworks for tackling new issues.
Make policy suggestions to improve the efficacy and applicability of cyber laws in India
while taking into account cutting-edge technology, global best practices, and the defense of
personal liberties.
Comparative Analysis: Examine the cyber legal systems of other countries, noting their
parallels and variances as well as any lessons that may be applied to strengthen the Indian
situation.
By focusing on these goals, the research may give a thorough critical examination of how
opinions on cyber law have changed over time in India, providing insights into the field's
5
advantages, disadvantages, and potential improvements in relation to the nation's technical
and legal environment.
.5 Hypothesis of the Research :
Research hypothesis: As digital governance becomes more important and comprehensive
legislation is required to address emerging cyber threats and challenges, India's cyber law
perspectives have evolved over time, showing a shift from reactive regulatory measures to
proactive legal frameworks.
.6 Review of Literature (maximum 6) :
Before the Information Technology Act of 2000, India had no autonomous cyber law;
instead, all computer-related offenses were prosecuted under the country's established
criminal code, the Indian Penal Code, 1860. But in the new century, computer networks'
advancement of information technology began to affect every facet of society and
governance. A range of legal issues relating to the use of computers, the internet, or digital
processing devices, such as piracy, intellectual property rights violations, freedom of
expression, jurisdiction, etc., arose with the increased reliance on e-commerce and e-
governance and could not be addressed by the existing laws because cyberspace has no
physical characteristics and no geographical restrictions.
This presented real-world challenges for law enforcement in controlling individuals' online
activities both domestically and internationally. Although, practically speaking, an internet
user is bound by the laws of the State in which he or she does business, this general rule
becomes problematic when conflicts are of a multinational nature.
While it is true that no one ever considered that computer technology could be covertly
abused for illegal purposes by internet users when it was still in its infancy, experience has
6
shown that the internet has a dark side as well, giving rise to a new class of crimes known as
cybercrime. The Indian Parliament passed the Information Technology Act against this
backdrop. The following are the Act's goals as stated in the declaration of objects:
The Information Technology Act was mainly introduced to facilitate and promote e-
commerce, which had gained momentum due to the shift from traditional paper-based
methods of information communication system to that of computer networks, as can be seen
from a plain reading of the Act's statement of objects. The objectives of the Act's Preamble
were to: 1. provide e-commerce legal status; 2. make it easier for papers to be electronically
filed with government agencies; 3. update the Indian Penal Code; 1860; Indian Evidence Act,
1872; Bankers Books Evidence Act, 1891; Reserve Bank of India Act, 1934; and:
Ensure that government services are delivered effectively by using dependable electronic
records.
Thus, the Act establishes a foundation for law such that all electronic documents and other
acts conducted electronically are given legal sanctity.
It is important to note that the United Nations Commission on International Trade Law
(UNCITRAL), to which India is a signatory, created a model law on electronic commerce
that served as the foundation for the Information Technology Act 41 2000, which was passed
by the Parliament. After the Act's implementation, certain flaws and weaknesses were
discovered that prevented it from operating as intended. As a result, the Information
Technology (Amendment) Bill was presented to change the Act once again in 2002., 2006,
which became the Information Technology (Amendment) Act, 2008 (Act No. 10 of 2009)
upon its approval by the Parliament on December 24, 2008, and the President of India's
assent on February 5, 2009. The goal of the Amendment Act is to strengthen the effectiveness
of the current Information Technology law by closing its loopholes..

7
The response of member states has not been very encouraging, despite the United Nations'
sincere efforts to develop comprehensive cyber legislation that could be uniformly applicable
to all countries for the prevention and control of cybercrimes. This is because there is no
consensus regarding the concern for control and minimization of these crimes. The different
organizational structures of different legal regimes are the obvious causes of this variance in
how internet crime is addressed. Despite the fact that several international conventions and
treaties have been drafted to provide a uniform legal framework for the prevention of
borderless cybercrime, these initiatives have failed due to a lack of required member nation
initiative and cooperation.
Furthermore, because various nations have diverse socioeconomic and cultural backgrounds
and differ in how concerned and sensitive they are to cybercrimes, there is certain to be
diversity in how these nations respond to cybercrimes compared to those that are severely
impacted. It is unrealistic to expect all nations to prevent and regulate cybercrime in the same
way given the current state of affairs. Perhaps this is the primary cause of the various nations'
lack of active cooperation in favor of international cyberlaw that might be universally
applicable to all of them.
.. Although a global cyber law has not yet developed, the need for one is becoming more and
more apparent in nations across the globe as a result of the internet's rapid expansion, which
gives criminals endless opportunities to commit a wide range of crimes with potentially
devastating transnational or international consequences.
7 Scope of the Study :
A comprehensive examination of the development of viewpoints on cyber law in India might
encompass a wide range of topics, given the fast advancement of technology, legal structures,
and public perceptions. The following is a summary of possible topics to cover:

8
Historical Background: Let us begin by providing a brief history of the evolution of cyber
legislation in India. This might include significant occurrences, early legislation, and turning
points in the understanding of cyber problems.
Legislative Framework: Examine how India's cyber law laws has changed over time. Start
with the fundamental legislation, such as the Information Technology Act of 2000 and its
ensuing modifications. Talk about how these regulations have changed to reflect new
technology and cyberthreats.
Analyze Case Law: Examine seminal cases pertaining to cyber law in Indian jurisprudence.
Cases concerning data security, intellectual property rights, cybercrime, and online freedom
of speech may fall under this category.
Government Initiatives: Analyze how Indian cyber law policy is shaped by government
agencies and entities. Initiatives from CERT-In (Indian Computer Emergency Response
Team), the Ministry of Electronics and Information Technology (MeitY), and other pertinent
organizations may fall under this category.Global Views: Analyze India's cyberlaw policy in
comparison to other nations. Point up the areas where India has incorporated international
best practices as well as any differences or particular difficulties.
Issues and Debates: Talk about the current issues and disputes surrounding Indian cyber
legislation. This might involve matters like cybersecurity, data privacy, monitoring, internet
censorship, and striking a balance between civil liberties and security.
Corporate Compliance: Examine how cyber legislation affects Indian companies that operate.
Talk about data protection laws, compliance standards, and corporate governance's part in
maintaining cybersecurity.
Social Implications: Take into account how India's cyber law may affect society as a whole.
This might cover subjects like online harassment, access to justice, digital inclusion, and the
9
influence of social media on public debate and democracy.Upcoming Patterns: Conjecture on
the future course of Indian cyber law and policy. Think about the potential influence of
emerging technologies on legal frameworks and regulatory methods, such as blockchain,
artificial intelligence, and the Internet of Things.
.Comparative Analysis: Lastly, describe how various stakeholders in India's cyber law—such
as the government, corporations, civil society, and legal profession—view and interact with
the legislation.
By addressing these issues, a critical examination of the development of viewpoints on cyber
law in India might offer insightful information on the challenges of policing cyberspace in a
legal and technical environment that is developing quickly. .
8 Methodology/Design :
The examination of the development of viewpoints about cyber law in India necessitates a
comprehensive methodology that encompasses legal, technological, socio-economic, and
policy aspects. Here is a recommended design and technique for this kind of critical analysis:
Review of the Literature: Begin by performing a thorough analysis of the body of research on
Indian cyber law. Academic papers, legal writings, government reports, case law, and policy
documents should all fall under this category. Determine the main arguments, topics, and
developments in the various viewpoints on cyberlaw.
Historical Analysis: Follow the evolution of cyber legislation in India over time, from the
earliest internet days to the present. Examine significant court rulings, legislative
achievements, and policy proposals that have influenced India's legal framework for
cyberspace.
Legal study: Perform a thorough legal study of all pertinent legislation, rules, and court
10
rulings pertaining to Indian cyber law. Determine the main legal tenets, theories, and case law
that have developed throughout time and their significance for cyberspace governance.
Technological Analysis: Examine how law and technology interact in relation to India's cyber
laws. Examine the difficulties presented by cutting-edge technologies and how they may
affect legal regulation, including blockchain, artificial intelligence, and the Internet of
Things.
Socio-Economic Analysis: Look at the socio-economic elements influencing the development
of Indian viewpoints on cyber legislation. Think about topics including cybersecurity risks,
digital inclusion, privacy rights, economic growth, and access to justice in the digital era.
.Policy Analysis: Assess government programs and policies meant to solve India's cyber law
issues. Evaluate the success of current policy frameworks in accomplishing their goals and
pinpoint areas in need of development. Comparative Analysis: Examine how India's views on
cyber law have developed in relation to those of other countries and regions, such as other
South Asian nations. Determine the best practices and lessons learnt that can guide India's
policy-making.
Stakeholder Interviews and Surveys: Speak with government officials, legal professionals,
business representatives, civil society groups, and university academics who are significant
players in the creation, application, and enforcement of cyber legislation in India. Learn about
their viewpoints, experiences, and suggestions for further action. Moral Aspects to Take into
Account: Examine the moral ramifications of cyber law regulations and procedures in India,
taking into account concerns about data security, freedom of speech, human rights, and
surveillance. Assess the degree to which current legal frameworks preserve basic concepts
and rights in the digital sphere.
11
Conclusion and Suggestions: Summarize the analysis's results and make judgments on how
India's views on cyberlaw have changed over time. Make suggestions for upcoming studies,
legislative changes, and policy changes to handle new problems and possibilities in the digital
age.
You may do a thorough critical examination of the development of cyber law views in India
by using this interdisciplinary method, taking into consideration the intricate interactions
between legal, technical, socioeconomic, and regulatory issues.
.9 Limitations of study :
A research on the development of viewpoints on cyber law in India may include the
following limitations:
restricted Scope: By concentrating on some facets of cyber law, including data privacy,
cybersecurity, or online freedom of speech, the research may overlook other significant
factors.
Time Restrictions: Owing to time constraints, the research may not be able to fully cover the
historical development of cyber law in India, which might result in the omission of important
advancements and changes in viewpoints.
.Data Availability: It may be difficult to obtain thorough and trustworthy information about
the evolution of viewpoints on cyber law in India, particularly when it comes to early
developments or internal discussions inside governmental and legal organizations. Language
obstacles: The research may be hindered by language obstacles, especially when it comes to
obtaining and evaluating court rulings, legal documents, and academic publications written in
non-English regional languages. Subjectivity and Bias: The study's analysis and results may
be impacted by inherent bias in the sources and views chosen and interpreted.
12
.Legal Complexity: Researchers with no training in law may find it difficult to comprehend
and analyze court rulings and legal frameworks pertaining to cyber law in India because of its
complexity.
The dynamic nature of cyber law means that it is challenging to capture the whole range of
viewpoints within a given time frame since the field is always changing as a result of social
norm shifts and technical improvements. Generalizability: Due to regional variations in legal
frameworks and evolving viewpoints on cyber law, study findings and conclusions may not
be universally applicable across different jurisdictions or time periods.
Absence of Primary Research: Relying exclusively on secondary sources, such as published
works and legal documents, may restrict the breadth of analysis and obscure complex
viewpoints that may be discovered using primary research techniques, such as questionnaires
or interviews. Policy ramifications: Although understanding the practical ramifications of
legal advancements in handling modern difficulties in cyberspace is essential, the study may
not have gone far enough into the policy implications of shifting viewpoints on cyber law in
India.
10 Scheme of Study (in this you just have to do chapterisation as in Chapter 1
includes this , chapter 2 includes this and so on)
Chapter 1
1 Background of the Study [Introduction]
2 Statement of Research Problem
3 Need for the Present Study [Rationale]
13
4 Objectives of the Study
5 Hypothesis of the Research
6 Review of Literature (maximum 6)
7 Scope of the Study
8 Methodology/Design
9 Limitations of study
10 Scheme of Study (in this you just have to do chapterisation as in Chapter 1 includes
this , chapter 2 includes this and so on)
Chapter 2 - Historical Background/ Changing Paradigms of Cyber Law
Chapter 3 - Cyberspace Technology and Social Issues ( how is it affecting presently)
Chapter 4 - Areas covered by Cyber Law
Chapter 5 - Current Cybersecurity Regulations
and Laws/ Amendments
Chapter 6 - Conclusion & Scope of further work
14
CHAPTER- 2
Historical Background/ Changing Paradigms of Cyber Law
A new generation of crimes has cropped up by the advent of Internet Computer Hacking,
Software Piracy, Internet paedophilia, Industrial espionage, Password breaking, spoofing,
telecommunication frauds, e-mails bombing, spamming, pornography and the availability of
illicit or unlicensed products and services are offences that have already made their mark. 1
New Problems emerging on the scene include credit card fraud, cyber terrorism, Cyber
laundering and criminal use of secure Internet communications. 2 The present weak electronic
system of payment without adequate safeguards is posing a serious risk of unauthorised
withdrawl from banks and counter money laundering operations. Software piracy is a boom
business and video and phonographic industries are sinking day by day globally.3
AConcept & Classification of Cyber Crime :-
The daily transformation of the human mind is bringing about a significant shift in the ways
in which crimes are committed. Criminals are using their increasing intelligence to commit
15
crimes and get away with them without being discovered. Nobody anticipated that the
invention of computers would turn them into a tool or a source of criminal activity. Known as
the inventor of the computer industry, Charles Babbage never imagined that the machine he
was gifting the world would end up becoming a source of crime and negatively impact
society forever.
Anytime we discuss cybercrime, it's evident that we're talking about a wrong that involves a
computer system.
The phrase "cybercrime" is used incorrectly. Nothing in any Act or legislation approved by
the Indian Parliament defines this word. The idea of traditional crime and the idea of
cybercrime are not so dissimilar. They both refer to actions or inactions that violate the law
and are offset by official government approval. Although cybercrimes are a relatively new
type of crime that emerged shortly after computers were invented, the situation has gotten
worse as a result of the internet's increasing influence in our daily lives.
Conventional Crime :-
Crime is a long-standing social and economic issue that predates human society. Crime has
the choice of the law and is a legal notion. An offense or crime is "A legal wrong that can be
followed by criminal proceeding which may result in to punishment."4 According to Lord
Atkin, the primary characteristic of criminal behavior is breaking the law: "The criminal
quality of an act can not be discovered by reference to any standard but one is the act
prohibited with penal consequences."5. Any behavior that is followed by an act or omission
that is illegal and for which there are repercussions when the law is broken is considered a
crime.
16
Cyber Crime :-
In the digital age, cybercrime is the newest and maybe most complex issue.Cybercrime can
be defined as those species in which the computer is either the object or the subject of the
activity that constitutes a crime, and when the conventional crime belongs to the same
genus.6 Cybercrime includes any illegal conduct that makes use of a computer, either as a
target for more crime or as a tool to do it.7. Cybercrime might be broadly defined as
"unlawful acts where in the computer is either a tool or target or both."8 The following types
of activities may include the use of a computer: financial crimes,
selling illicit goods, pornography, internet gaming, crimes involving intellectual property,
spoofing emails, forging, cyberbullying, and cyberstalking. However, in the following
scenarios, the computer could be the target of illegal activity: unapproved access to the
computer, computer system/computer networks, theft of electronically stored information, e-
mail bombing, salami attacks, logic bombs, Trojan attacks, Internet time thefts, web jacking,
computer theft, and physical damage to the computer system.
Distinction Between Conventional and Cyber Crime :-
Since both cyber and traditional crimes end in some kind of damage for one of the persons
involved, it appears that there is no difference between them. But after giving it some serious
thought, we may conclude that there is a noticeable border between traditional and
cybercrime. The line is drawn by the medium's involvement in cybercrime cases.
"Crime against Individual or Organization via Computer is Known as Cyber Crime,"
according to the definition of cybercrime. Cybercrimes pertain to offenses perpetrated within
a network or online environment. .
17
Cyber Criminals :-
An offender or criminal is any individual who violates the law with the purpose to cause
harm or who commits a crime. Any individual who commits a cybercrime is referred to in
this sense as a cybercriminal. The individuals who commit cybercrimes might be minors and
young adults under the age of eighteen (18), professional hackers or crackers, disgruntled
workers, infidelity, or even psychics.
Computer Crime :-
"Crime against an organization or an individual in which the perpetrator uses a computer or
any computer enabled technology for all or part of the crime" is the definition of computer
crime.10 Because information technology does not discriminate based on an individual's
caste, sex, religion, place of birth, or place of residency, cybercrimes can be committed
anywhere.
As a result, cybercrimes continue to rise daily. The many kinds of cybercrimes are covered in
depth here. The causes of cybercrimes:- Professor H.L.A. Hart's seminal study, "The idea of
Law" has proclaimed that as individuals are vulnerable to crimes and illegal acts, laws must
be in place to protect them from these kinds of behaviors.11 Using the same comparison,
computer systems in cyberspace are incredibly susceptible even if they are high-tech gadgets.
This technology makes it simple to trick or take advantage of someone or their computer
through unauthorized or unlawful access. The victim may have suffered direct or indirect
harm as a result of computer system misuse. Because there is no infallible system in place to
defend innocent computer users from cybercrime, cybercriminals continue their illegal
activity over networks without concern about being caught and placed on trial for the crimes
they have committed.
Huge Data Storage Capacity :-

18
The computer's ability to store enormous amounts of data in a comparatively tiny amount of
space makes it special. In a CD-ROM, a tiny microprocessor computer chip can hold lakhs of
pages. With this store capacity12, it is much easier to extract or deduce information from
physical or visual media. Even if the power is cut off, any data kept in ROM13 will not be
lost.
1. Wider Access to Information :-
A computer is an electrical device that uses sophisticated technology to do its tasks rather
than labor-intensive human labor. In the era of computers, the biggest benefit of networking
is having more access to knowledge resources across a vast and varied media. An increasing
number of businesses are turning to networks to give their customers, employers, and other
business partners easy access to information. This explains why, in the current information
era, networking and cyber activity are starting to take center stage.
Information sharing via the internet14 has produced more resources enabling easier, more
fordable, and faster global access to information. Emails, conversations, downloads, and
other new environments have been produced by it. These days, everyone can reach each other
with only a mouse click of 15. Broader access to information, however, brings with it some
challenges, such as safeguarding computer systems against unauthorized access when

16
breaches may occur, not because of which usually contain lakhs of rupees is well guarded
against unauthorised access by miscreants as it is made up of very strong material located in
a reinforced room guarded by security personal. The trusted officials of the Bank preserve the
Keys and/or access code secret. But despite all these security measures, the Bank's servers
which virtually control hundreds of errors of rupees are far easier to break into cracking the
strongest firewalls and biometric authentication system. A secret can be easily stolen by
19
implementing logic bombs or key images in access codes. Similarly, the advanced voice
recorders can easily fool biometric systems and frustrate all security measures.
2. Complexity of Computer Systems :-
The operating systems that computers use to function are made up of millions of codes. Due
to the fallibility of the human intellect, errors may occur at any point. Cybercriminals gain
unauthorized access to the computer system by taking advantage of these mistakes and
weaknesses. These crooks, who take advantage of holes in the current operating system and
security mechanisms, are known as hackers. Hackers, who are driven by personal revenge,
sabotage, fraud, greed, or hatred toward the victim, are therefore the feared adversary of the
internet and general network security. They take advantage of the complexity of computer
systems.17
3. Negligence of Network Users :-
Negligence and human behavior are intimately intertwined. Therefore, it is quite likely that
the owner or user may fail to take proper precautions when securing the computer system,
giving a cybercriminal the chance to obtain unauthorized access to or control over the
machines. Interaction with a variety of computer users has revealed that, in their haste to get
the software running regularly, they neglect access, control, and security measures, giving
cybercriminals room to infiltrate and steal, alter, or erase significant amounts of data.
This is especially true for large organizations like banks, corporations, government offices,
and the like, which have sophisticated software systems for public access but, because of
employee carelessness, leave their data completely vulnerable to information thievery and
manipulation.
4. Non-Availability or Loss Evidence :-

20
Digital computer processing and networking technologies have now supplanted the
conventional techniques for creating, storing, sending, and disseminating information or
records. How to gather and store evidence is the real problem facing the investigative and law
enforcement authorities. In contrast to traditional crimes, it is exceedingly challenging to
gather enough proof of a cybercrime that would withstand judicial scrutiny and prove the
accused person's guilt beyond a reasonable doubt. The anonymity that the internet affords
cybercriminals encourages them to commit crimes without leaving any trace. If they do leave
evidence, it is rarely enough to persuade the authorities that they should file a criminal
complaint against the offender.
The use of new techno-legal procedures known as cyber forensics, which are widely
categorized as computer forensics and network forensics, has become necessary due to the
shortcomings of traditional techniques of gathering evidence and investigating crimes.
Though there are still some gray areas that allow cybercriminals to tamper with the evidence
to deceive the investigating agencies, forensic experts play a crucial role in gathering and
presenting admissible evidence, including electronic evidence and the search and seizure of
material evidence relevant to the cybercrime under investigation.19
5. Jurisdictional Uncertainty :-
Because cybercrimes are transnational in nature and are committed through cyberspace
network interconnectivity, they do not recognize geographical limitations. Cybercrimes also
cut across territorial borders, undermining the viability and legitimacy of applying domestic
laws, which are typically based on geographical or territorial jurisdiction. Jurisdictional
conflict is a major danger to a nation's ability to deal with cyber offenders since there is no
standardization in law and process across the many nations for dealing with cyber criminals.
Many times, a certain internet behavior is recognized as illegal in one nation but not in the
21
nation where the offender or victim resides. As a result, the offender is able to avoid
punishment with ease.
It is very difficult for the law enforcement agencies of separate nations to combat
cybercrimes and criminals using their national laws in the lack of a unified, globally
recognized rule of law and procedure governing cybercrimes. In a nutshell, the lack of cyber
jurisdiction in the nation looking into or prosecuting these offenses makes it difficult to report
and punish people in cybercrimes, and the legal ambiguity encourages cybercriminals to
carry out their evil deeds unchecked.
Unique Features of Cyber Crime :-
Without the victim knowing, computer crimes can be conducted that violate user privacy.
There are no indications of any form of fight or violence at the crime site, which are often
characteristics of a conventional crime. A simple mouse click can be used to commit
cybercrime without the victim's awareness, rendering him completely helpless. It happens
frequently that the victim is even unaware that he has been the victim of cybercrime.
The following are some distinctive and unusual features of computer crime, to put it briefly:
1. Computer crimes are now a worldwide phenomena without regard to borders or
jurisdictional limitations.
2The lack of tangible proof of cybercrime is another distinctive aspect of it. In contrast to
traditional crimes, which leave behind tangible evidence such as weaponry, bloodstains,
fingerprints, DNA, etc., cybercrimes leave no such physical evidence behind. The only
people who can identify the digital evidence in a cybercrime case are highly experienced and
trained computer users.
The perpetrators of cyber crimes are generally highly intelligent educated persons who
cherish a challenge. They are well conversant with the operation of the computer
22
system and itsintestacies. A person without adequate knowledge of working of the
computer system and internet can not commit such crime.
While certain cybercrimes are essentially not new, the means by which they are carried out is,
while others constitute whole new types of illicit behavior. Cyberterrorism, multinational
crimes in cyberspace, electronic vandalism, etc. are some of the recently developed
cybercrimes.
4. Because cybercrime occurs over computer networks, users are not required to reveal their
identities. Because of this, a cybercriminal may easily control his size, allowing him to elude
capture by law police.
Traditional crimes can now be committed in novel ways thanks to the computer network.
Cyberterrorism, cyberfraud, data theft, cyberpornography, computer counterfeiting, and other
conventional crimes are among the ones that are currently perpetrated online via electronic
media.20
Computer Attacks :-
1. Prior to classifying cybercrimes, it is important to address the many types of computer
assaults that might lead to20 Excerpted from the welcome speech given on February 24,
1999, at the CBI-organized National Symposium on Computer-Related Crime in New Delhi
by Shri S.P. Talwar, Deputy Governor of the Reserve Bank of India.network infiltration,
which is a major risk to the security of the network. On the internet, it may occur anywhere,
yet some assaults might only be conducted from a particular machine. The technique a
perpetrator uses to take unauthorized control of a targeted computer is referred to as a
computer attack. The attacks might take any of the following many forms.
2. Scanning: This is typically done as a first step before launching a direct attack on systems
that the hacker determines are readily accessible. 3.23Penetration: Also known as "probe," this
technique is frequently used on networks or the internet to take unauthorized control of a
machine. A more significant security breach might occur after a probe.
3. Modification: This type of attack occurs when data or messages on the internet are altered
before they reach their intended host. With the malicious aim to harm the target, it is directed.
4. Creation: In order to harass, unwanted material is generated and injected into the network,
usually by masquerading as information from another authorized source.
5. Dos (denial of service) attacks: A denial-of-service (DoS) attack aims to stop the
authorized user from accessing a service, rather than gaining unauthorized access to the
machine or its contents. It can 'flood' a network with a lot of unnecessary data, irritating the
victim (user). Programs that cause a local denial of service are designed to force a computer
to shut down.
6. Account Compromise: This is the unauthorized use of a computer account by a third party
with the intent to seriously compromise the victim's data or steal their services.
7. Attacks on the Internet's infrastructure: Out of all the computer assaults, this one is the
most dangerous since it primarily damages the internet's infrastructure rather than individual
online systems. Many sites' daily operations may be gravely hampered by it. Examples
include several active websites that customers often rely on, network servers, and network
access providers.21
Mode And Manner of Committing Cyber Crime :
1. Hacking :-
Usually, this type of offense is referred to as hacking in the broadest sense. But since
"unauthorized access" has a broader meaning and the information technology Act 2000's
authors never used this phrase, we would not use the terms interchangeably—hacking and
24
unauthorized access—to prevent misunderstandingThe phrase "computer hacking" refers to
the act of breaking into a computer system for the purpose of bypassing technical security
measures rather than for the purposes of manipulation, sabotage, or espionage.22 Hacking
can be done for fun as an adventure, to carry out illegal activities, or just out of habit. There
are two ways to hack: hacking against a machine or hacking against a network.
Hackers are called Phrekars.
a) Telecommunication Network (or)
b) Mobile Network.
2. Theft of Information contained in Electronic Form :-
3. This covers data kept on portable storage devices, computer hard drives, etc. The act of
stealing data might involve both physical seizure and manipulation via digital means.
4. E-Mail Bombarding :-23
Sending a significant volume of emails to a victim such that, in the case of a person, their
email account crashes, or the servers of a corporation or email service provider crash, is
known as "email bombing." A straightforward method to accomplish this would be to add the
victim's email address to several mailing lists. Mailing lists are special interest groups that
correspond with one another via email over a common cybercrime and the relevant Indian
law.
Depending on the mailing list, they can provide a significant amount of daily email traffic.
Mailing lists are quite popular. While some simply produce a few messages per day, others
produce hundreds of them. Unknowingly joining hundreds of mailing lists might result in
25
excessive incoming email traffic, which could lead to account deletion by the service
provider.
5. Data Diddling :-
This type of attack entails modifying raw data immediately before to computer processing
and then reverting those changes after processing is finished.
6. Salami Attacks :-
This type of crime is typically committed with the intent to conduct financial crimes or at
financial institutions. One salient characteristic of this kind of offense is that the modification
is so minute that it would typically
7. Denial of Service Attack :-
The victim's machine crashes because it receives more requests than it can process. attack is a
kind of denial-of-service assault when the attackers are widely dispersed and numerous.
8. Virus or Worm Attacks :-
Programs known as viruses affix themselves to a computer or a file, spread to further files,
and ultimately infect other machines connected to the network. They often have an impact on
computer data by either removing or changing it. Unlike viruses, worms do not require a host
in order to attach themselves. They just replicate themselves in order to fill up all of the
memory space on a computer. They do this again.
For instance, the love bug malware impacted at least 5% of PCs worldwide25.
9. Logic Bombs :-
These programs rely on events. This suggests that some programs are designed to only
execute in response to a certain occurrence, often referred

26 to as a trigger event. For example,
some viruses—like the Chernoby virus—may even be referred to be logic bombs since they
lay dormant throughout the year and only activate on specific dates. A particular type of
malicious code that is reliant and conditional by nature results in a security breach when
specific circumstances are met and at the designated time. Formally speaking, it is described
as: a code that is covertly introduced into an operating system or program, causing it to carry
out a malicious or compromising action once certain circumstances are satisfied.26
This software may operate immediately or at a later time, and it can be used to target
businesses, sectors, and even carry out a range of conventional crimes like mischief
extoration.27 A chain of destruction is barely noticeable as it targets certain systems,
therefore the loss is contained within predetermined bounds.28
10. Trojan Attacks :-
The name "Trajan Horse"29, which gives this term its roots, describes an opponent that
appears benign and harmless but, when active, causes erosion and destruction. Its main
characteristic is its misleading appearance, which makes it impossible to detect or control
until the damage is done. It serves as a mask for the offender's destructive and malevolent
intentions. It is challenging to intercept or manage it at the appropriate time due to its stealthy
attack. It is intended to function as a benign application, such as an archiver, game, directory
lister, or even a virus detector and destroyer.31 By pretending to be the standard system login
software, it is also used to get the passcodes of authorized system users.
The Mockingbird program, which records user replies (particularly account IDs and
passcodes) and intercepts communications (particularly login transactions) between hosts and
users, is a specific example of a Trojan Horse.33. For instance, during a conversation, a
Trojan was loaded into the computer of a female American film director. The cybercriminal
27
was able to get her naked photo via the computer's webcam. He continued to harass this
woman.
11. Internet Time Theft :-
These types of theft typically result in someone else using the victim's Internet browsing
time. By obtaining access to the login ID and password, this is accomplished.The stealing of
a person's allotted Internet usage time by an unauthorized party is known as "internet time
theft." Generally speaking, internet access is a pay-off service; that is, users must pay a
"Service Provider" a fee for a specific amount of time in order to use the internet. For
instance, in the case of Colonel Bajwa, the Internet hours were consumed by someone else.
This was maybe one of the earliest cybercrime incidents in India to be publicized. However,
because of their ignorance of the nature of this case, the police became notorious.
12. Web Jacking :-35
The word "hijacking" is the source of this phrase. These offenses provide the hacker access to
and control over another person's website.He could even edit or multiplate the content on the
website. This might be done to achieve financial and political goals. For instance, Pakistani
hackers recently gained access to the MIT (Ministry of Information Technology) website and
uploaded some explicit content. Additionally, there was a cyber hack of the Bomby Crime
Branch website. The "Gold fish" case is another example of online jacking. In this instance,
the website was compromised, resulting in the alteration of information about goldfish.
Additionally, a $1 million US ransom was requested.
Classification of Cyber Crimes :-
It became vital to examine the differences in the nature and forms of cybercrime due to its
growing scope. As a result, many behaviors that might be considered crimes have been
28
roughly divided into three primary categories36, which are as follows.:
1. Cybercrimes that employ computers as their intended target.
2. Cyber Crimes where computer is an instrument facilitating the crime; and
1. Computer as a target of the Crime :
In this category of cyber crimes, computer is itself a target of the crime. The crimes which
are covered under this category are -
(i) Hacking into computer networks or systems.
2. (i) Operating systems and applications that are compromised.
(i) Theft of data or information.
(ii) Theft of intellectual property such as computer software.
(iii) Theft or marketing information.
(iv) Blackmailing based on information gained from computerised filed such as personal history
sexual preferences, financial data etc.
(v) Creating a Fake driving licence, passport or any other documents for identifications purposes
or changing tax records by gaing illegal access to secret files.37
3. Computer as an instrument facilitating Crime :-
The development of microcomputers has led to the emergence of new forms of conventional
crime. For instance, this type of crime includes theft of technological equipment, software
piracy, counterfeiting, and computer program copyright violations. Among these computer
crimes is the unlawful selling of duplicate databases.The most notable example of a computer
29
being used as a tool for cybercrime was the terrorist attack on the Indian parliament38 on
December 13, 2001. The attackers utilized computers and the Internet in a number of ways to
carry out their criminal activity. Via the internet, thieves frequently send encrypted emails
and flash messages to people all over the world.
4. Where Computer is incidental to other crimes :
This category includes crimes when a computer is not necessary for the crime to happen, but
computerization does contribute to the incidence of crime by processing vast amounts of data
and making it more challenging to find and identify the crime. Illegal banking transactions
and money laundering serve as the finest examples of this type of criminal activity. In one
instance, a suspect changed a patient's prescription and dose in a hospital computer and then
killed them.39 Cybercriminals frequently even destroy disks and other storage media to get
rid of the proof that they committed a crime.
The primary characteristic of computer crimes that come under this category is that the
offense is committed without the use of a computer; the computer system only serves to
activate the crime. Child pornographers so share the data.
Traditional Classification :-
The traditional classification of cyber crimes a suggested by Ulrich sieber 40 includes
two distinct groups of such crimes namely :-
1. Cyber crimes of economic type ; and
2. Cyber crimes against privacy.
1. Cyber crimes of economic type :-
In some of the cyber crimes of economic type the computer science system generally
30
software as well as hardware, is the target of criminal activity. Some of such crimes are as
follows :-
a) Fraud committed through the manipulation of computer system i.e. the perpetrator of
crime manipulates the data contained in computer system for illegal profits.
b) Illegal copy of the software and computer database to procure information for criminal
purposes.
c) Computer subotage which causes damage to the computer system comprising hardware as
well as intangible elements contained in computer program.
d) Illegal use of computer systems belonging to other person without authorisation.
These economic crimes involve intrusion in computer systems without authorisation, with the
fraudulent purpose of sabotaging or causing damage. The offender in these crimes surpasses
the access barriers for accomplishing his ulterior motives at the cost of victim agony.
2. Cyber crimes against privacy.
3. The computer system is utilized as a tool to carry out the unlawful conduct in cybercrimes
including privacy rights violations. Actually, a number of the actions listed above that would
fall under this category of cybercrime are comparable to those that would fall under the
economic category; the main distinction is that the victim's legal rights, like his right to
privacy, would be violated rather than any proprietary rights.
Generally speaking, privacy refers to the right to private. However, when it comes to online
transactions, anonymity is key; that is, personal information such as an individual's
identification should remain private. Therefore, when someone gives information to a bank,
retailer, physician, or attorney, he believes that it will be used just for that purpose and won't
31
be shared with other parties without that person's express or implied agreement. However,
there have been cases where customers' personal or online confidential information has been
revealed by dishonest people for reasons much beyond the original intent. In a similar vein,
When someone sends an electronic mail
, He anticipates that nobody else will utilize it save the intended recipient. Regretfully,
though, this right to privacy is still mostly unprotected and might be used to support illegal
behavior. In order to prevent cybercriminals from abusing other secret and private documents
that are kept on computers, the confidentiality and secrecy of those records must be preserved
in the exercise of the user's right to privacy.41
General Classification :-
While most authorities support the classification of cybercrimes as economic in nature or
privacy-affecting, as well as the way in which they are committed using a computer as a
target or an instrument to facilitate the commission of crime, a more general classification
consisting of three categories—cybercrimes against people, cybercrimes against all types of
property, and cybercrimes against the state or society at large—seems to be the most sensible
and logical approach.42
Cyber crimes against persons :-
1. These offenses are perpetrated against certain people, upsetting them emotionally or
physically. These offenses cover a variety of crimes, including the broadcast of obscene or
defamatory content, the transfer of child pornography, harassment of any person via
computer, email, or cyberstalking, and more.
2. Cyber crimes against all forms of property :-
32
The purpose of these acts is to use any technological means to injure or deprive a person of
their property. These include the transmission of dangerous programs, cyberspace computer
vandalism, unauthorized computer intrusion, and the unlawful ownership of computerized
information.
3. Cyber Crimes against state or society :-
One specific type of illegal action that fits under this category is cyberterrorism. The
expansion of the internet has demonstrated how people and organizations are abusing the
medium to intimidate and threaten the government as well as the populace.43 When someone
"Cracks" into a website run by the government or its defense department, this crime takes the
form of terrorism.
These offenses include online gambling, selling illegal goods, and financial criminal
trafficking.
The aforementioned categorization of cybercrime amply demonstrates how the advancement
of information and communication technology has given rise to a range of crimes previously
unheard of in human civilization.
These crimes may briefly be discussed under the following heads -
Crimes Against Persons :-
Cybercriminals utilize computers, computer networks, and computer systems to perpetrate
crimes against people. The following is a possible list of online offenses that can be
committed against, people, or individuals:
Harassment via e-mails :-
33
Cyberstalking is a separate criminal offense. Harassment of many forms may and does
happen in cyberspace or when using cyberspace. Email harassment is a frequent occurrence.
It's like bullying someone with letters. Sexual, racial, religious, or any other type of
harassment is all acceptable. Cyber harassment is a felony that involves violating individuals'
privacy, which is a very serious offense. Nobody like it when someone else infringes on their
priceless right to privacy, which everyone has access to via the internet.
Cyber Stalking :-
The definition of stalking is "pursuing stealthily."44 Staking is the deliberate act of harassing
someone else repeatedly or persistently to the point where the victim feels truly scared,
intimidated, threatened, tormented, or assaulted. Cyberstalking is the practice of using the
internet to uninvitedly follow, harass, or communicate with another person. As technology
has advanced, stalking over the internet has become more popular with criminals because to
several benefits, such as anonymity and communication access to personal information. But
intimidation and harassment are the ultimate results.
Serious violent behaviors, such as physically harming the victim, may occur after stalking.
Threats and harassment on the internet may come in many ways. Important characteristics of
offline and cyber stalking are similar. Stalking is a common tactic used by stalkers to exert
control over their targets. Women who are pursued by adult predators or pedophiles are
typically the targets of cyberstalking. Because they know their victim cannot be physically
touched in cyberspace, cyberstalkers may harass them without having to leave their house.
They also have no fear of physical retaliation.
He can be a relative, a neighbor, or someone on the opposite side of the planet.
44
According to Oxford dictionary
34
Another term for cyberstalking is "cyberteasing." Someone who attempts to accuse someone
or damage their reputation in the community using electronic mail or other messaging is
considered a cyberstakler.
CHAPTER-3
Cyberspace Technology and Social Issues
35
National capitals are starting to pay attention to the rising threat posed by crimes against
computers or information stored on them; in the majority of other nations, however, the laws
already in place are probably unenforceable against these kinds of crimes. Due to the lack of
legal protection, governments and businesses are forced to rely entirely on technological
methods to fend against individuals who would steal, obstruct, or destroy important data.
OFFENCES PUNISHABLE UNDER THE INFORMATION
TECHNOLOGY ACT, 2000
The rapid advancement of computer technology has led to an increase in the frequency of
cybercrimes, which has prompted the need for distinct laws to be enacted to prevent and
regulate these offenses. To effectively combat cyber offenses, the Parliament passed the
Information Technology Act, 2000 as a regulatory tool. In accordance with a United Nations
General Assembly resolution asking member states to implement or amend their laws to
develop a common framework for regulating e-commerce at the international level, this Act
is based on the "UNCITRAL"1 Model Law on E-Commerce, 1996. The primary goal of the
Act is to, thus, "as an alternative to paper-based methods of communication, provide legal
recognition for transactions carried out by electronic data, internet, and other means of
electronic communications commonly referred to as e-commerce."
The Act also includes measures for the prevention and control of offenses resulting from e-
commerce and e-governance in light of this goal. Chapters IX and XI of the Act include the
pertinent provisions.
Punishment Of Cyber Crime :
36
Penalty or Damage of Computer, computer system etc.2
If someone uses a computer, computer system, or computer network without
authorization from the owner or someone in control of the computer—-
(a) Gains access to the computer, computer system, or computer network, or secures access to
it; (b) Downloads, copies, or extracts any information from the computer, system, or
computer network, including information kept on or stored on removable storage media;
(c) Introduces or facilitates the introduction of any computer virus or contaminant into any
computer, computer system, or computer network; (d) Causes damage to any data, computer
database, or other program that resides in any of these systems, networks,computers, or
computer programs;
(a) interferes with or causes interference with the operation of any computer, computer
system, or computer network; (b) refuses or causes the refusal of access to any individual
who is permitted to use any means of access to any computer, computer system, or computer
network; (c) assists any individual in facilitating access to a computer, system, or network in
violation of the provisions of this Act, rules, or regulations made thereunder:
(d) Charges a person's use of a service to the account of another person by interfering with or
manipulating any computer, computer system, or computer network; (e) In such a case, he
will be obliged to compensate the person affected with damages not to exceed one crore
rupees.
Explanation For the purposes of this section-
" (a) tampers with or causes tampering with the operation of any computer, computer system,
or computer network; (b) denies access to any person who is allowed to use any method of
access to any computer, computer system, or computer network; (c) helps someone get access
to a computer, system, or network in contravention of this Act's provisions, rules, or

37
regulations made thereunder: Interfering with or manipulating any computer, computer
system, or computer network in order to charge someone else for the use of a service; (d) In
such a situation, he shall be required to pay the aggrieved party damages not to exceed one
crore rupees.
"Workstation "Virus" refers to any computer program, data, information, or instruction that
operates when a program, data, or instruction is executed or when any other event occurs in
that computer resource; (iii). It can also attach itself to another computer resource and
destroy, damage, degrade, or negatively affect the performance of that computer
resource."Damage" refers to the use of any kind of force to remove, add, change, or
reorganize any kind of computer resource.
The term "computer" refers to any high-speed data processing device or system that is
electronic, magnetic, optical, or other. It encompasses all input, output, processing, storage,
computer software, and communication facilities that are connected to or related to the
computer in a computer system or computer. It also performs logical, arithmetic, and memory
functions by manipulating electronic, magnetic, or optical impulses.
States that "Computer network" means the interconnection of one or more computers
through-. Using satellite, microwave, landline, or other communication medium; terminals; or
a complex made up of two or more computers that are connected, whether or whether the
connection is maintained continually.
Defines "access" as "entering, instructing, or complicating with the logical, mathematical, or
memory function resource of a computer, computer system, or computer network." This
definition includes the grammatical variant and cognate expression of the word "access."
Section 43 identifies a number of actions that would constitute cyber contraventions if carried
out without the owner's consent or the consent of anybody in control of a computer, computer
38
system, or computer network. Damages up to one crore rupees may be granted to the accused
if their actions fit into any of these categories.
Through Section 43(a) of the Information Technology Act, 2000, authorized access to any
computer, computer system, or computer network without authorization from the owner or
person in charge is punishable per se, regardless of whether the owner or person in charge
had malicious intent or knowledge and regardless of whether they suffered a loss. Therefore,
it is sufficient to demonstrate that the hacker gained access to the computer, computer system,
or computer network without the owner's or the responsible party's consent.
The size and severity of the loss incurred by the complainant may be important in
determining the amount of damages that can be awarded under this section, but any financial
or other type of loss does not need to be proven by the complainant in order to seek damages
under this section. In the case of United States v. Rice7, the defendant—an IRS agent—was
found guilty of unauthorized access even though there was no financial harm to the IRS. He
had entered the IRS computer without authority to see if his acquaintance was the subject of
an inquiry. Regardless of the outcome of the attempt to get access, this paragraph makes
merely trying to do so illegal.
Yet, the amount of damages granted under this clause would undoubtedly depend much on
the attempt's success or failure. Copying, downloading, or extracting any information,
database, or data from such a computer, computer system, or computer network is prohibited
by Section 43(b).
It makes an effort to defend the creator's copyright over his works created in digital media.
Any removable storage device, such as a CD, DVD, floppy disk, etc., can be used to hold or
store the data that is being downloaded, copied, or extracted.
39
. If someone gains access to a computer with the owner's or the person in charge's consent
but downloads, copies, or extracts any information, data, or computer database from the
computer, computer system, or computer network without that person's or that person's
consent, they will still be held accountable for violating section 43 (b). Additionally included
in this section are situations in which someone copies, downloads, or extracts material (let's
say, 'A') without authorization from the owner or responsible party (let's say 'B').
Section 43's clause (c) defines as the insertion of any computer virus or contaminant,
including logic bombs and worms. The owner or person in charge of the computer, computer
system, or computer network may be entitled to damages up to one crore of rupees for the
violation of installing Trojan Horse programs, etc., into any of these entities. The most well-
known instance is the "love bug," which was developed and spread in 2000 and caused
extensive computer damage. "Do not send a man where you can send a bullet" is a well-
known proverb. In the context of the internet, this proverb may be changed to read, "Do not
send a bullet where you can send a virus."
It doesn't matter that the guilty party intended to target someone else's computer, computer
system, or computer network instead of the victim's; the victim's computer was only
accidentally impacted. It's also not necessary to provide evidence that the individual
introduced or caused to introduce a computer virus or malware with malicious intent. In the
case of United States v. Morris9, a student named Robert Morris created a "worm" software
that he posted online to cause computer crashes at academic institutions, military stations,
and medical research facilities in an attempt to highlight the shortcomings of security
precautions. He was found guilty of breaking the USA's Computer Fraud and Abuse Act.
This ruling demonstrates that, in cases when an offense is done with intent, the cause behind
the intention is irrelevant. Section 43 requires that clause (c) be read in conjunction with
40
Explanations (i), (iii), and (iv). Installing antivirus software is crucial for protecting against
viruses since this part also addresses situations where a person's computer becomes
contaminated with a virus without their knowledge or purpose, and they then forward the
infected file to another individual.
Clause (d) defines a cyber violation as attempting to harm or inflicting damage to any
computer, computer system, computer network, data, computer database, or other software
housed in any of these entities. Both software and hardware damage are included in the
damage. Damage can be inflicted physically, virtually, by the propagation of viruses, etc., or
in other ways.
According to clause (e), it is a cybercrime to interfere with or try to interfere with a computer,
computer system, or computer network. The actions listed in clauses (c) and (d) may
occasionally be the cause of a computer, computer system, or computer network interruption.
Clause (f) prohibits using any method to deny any authorized individual access to a
computer, computer system, or computer network. Access may be denied physically or
virtually. Virtual denial of access can occur by any of the following methods: altering the
password, user ID, etc. Among these are "Denial of Service Attacks," in which the
perpetrator prevents authorized users from accessing the websites they have targeted.
According to clause (g), helping someone break the law by granting them access to a
computer, computer system, or computer network constitutes a cybercrime. Cyber
contravention is therefore committed by anybody who assists someone in gaining access to a
computer, computer system, or computer network in violation of this Act's requirements or
any rules or regulations imposed thereunder.
Clause (h) declares it illegal for anybody to tamper with or manipulate any computer,
computer system, or computer network in order to charge the service that someone has
41
accessed to the account of another person. This section offers protection against the theft of
internet hours or any other fraudulent misappropriation in which a cybercriminal obtains
advantages from services that the legitimate user has paid for by altering, manipulating, or
changing the user's ID, password, or other credentials.
Clause (i) of Section 43 of the Act punishes anybody who steals, hides, destroys, or modifies
any computer service code or resource with the aim to cause damage, or who incites another
person to do so.10A new section 43A that provides compensation for failing to secure data
has been incorporated into the main Act by the Information Technology (Amendment) Act of
2008. A body corporate, which is defined as a company or firm that possesses, deals with, or
handles any sensitive personal data or information in a computer resource that it owns,
controls, or operates, will be held accountable for damages if it fails to implement and
maintain reasonable security practices and procedures and causes any person to suffer
wrongful loss or gain.
"Sensitive personal data or information" refers to any personal data that the Central
Government may specify after consulting with any associations or professional bodies that it
may see suitable.
Penalty for Failure to Furnish Information Return etc.11
Should any individual who is mandated by this Act, or any rules or regulations derived from
it, to: (a) If he fails to provide any document, return, or report to the Certifying authority's
Controller, he will be subject to a penalty of up to one lakh and fifty thousand rupees for each
such failure; (b) If he fails to file any return or provide any information, books, or other
documents within the time frame specified in the regulations, he will be subject to a penalty
of up to five thousand rupees for each day that the failure persists.Such shortcomings persist.
42
If anybody is required by this Act, or any rules or regulations that are derived from it, to:
(a) He shall pay a penalty of up to one lakh and fifty thousand rupees for each document,
return, or report that he fails to provide to the Controller of the Certifying authority; (b) He
shall pay a penalty of up to five thousand rupees for each day that he fails to file any return or
provide any information, books, or other documents within the time frame specified in the
regulations.These flaws continue.
Residuary Penalty :12
Should this Act, or any rules or regulations developed from it, compel anybody to:
(a) For each document, return, or report that he neglects to provide to the Controller of the
Certifying authority, he will be penalized up to one lakh and fifty thousand rupees; (b) For
every day that he neglects to file any returns or provide any information, books, or other
documents within the time frame stipulated in the regulations, he will be penalized up to five
thousand rupees.These shortcomings persist.
Tampering with computer source documents :13
In the event that this Act, or any rules or regulations derived from it, require someone to:
(a) He will be fined up to one lakh and fifty thousand rupees for each document, return, or
report that he fails to provide to the Controller of the Certifying authority; (b) He will be
fined up to five thousand rupees for each day that he fails to file any returns or provide any
information, books, or other documents within the time frame specified in the
regulations.These flaws still exist.
.Thus, the essential ingredients of s. 65 are :
1. Any computer, computer program, computer system, or computer network should be
hidden, destroyed, altered, or caused to be concealed, destroyed, altered, or altered by another

43
person; 2. The computer source code should be required to be kept or maintained for the
duration that the law is in effect; and 3. Any concealment, destruction, or alteration of the
computer source code should be done knowingly or intentionally.
The source code is the portion of a computer program that is written in machine, assembly, or
high level language. Object code is created when source code is converted into machine
language using an assembler, compiler, or translator. Hence, the binary number system's
strings of Os and 1s or the hexadecimal notation of electrical charges are used to represent the
object code. There can be no doubt that the object code exists even though it cannot be seen,
felt, or heard.14 The whole spectrum of programming is included in the definition of
computer source code provided by the Act. It consists of technical documentation, design and
arrangement of the required components, design prototypes, flow charts, diagrams, and
computer commands and programming codes (machine, assembly, and high level).
. Computer source code in tangible and non-tangible forms is accepted under the Act. The
above section's purpose is to safeguard the intellectual property used in the computer
programs. It's an effort to broaden the protection for computer source materials, or codes,
beyond the scope of copyright legislation.15 While object codes are exclusively machine
readable, computer source codes may be viewed by humans as well
The owner of the source code may fall under the definition of "whoever" in this context. If
the owner of the source code for a computer, computer program, computer system, or
computer network is required by law to keep or maintain it for the duration that it is in effect
and that person knowingly or intentionally conceals, destroys, or alters it, or knowingly or
intentionally causes another person to conceal, destroy, or alter it, that person will be
punished under this section. Section 65 violations carry a maximum sentence of three years in
44
jail, a maximum fine of two lakh rupees, or both. The author believes that financial penalties
for altering computer source code, or for any other
Hacking with computer system -17
1. Hacking is defined as the intentional destruction, deletion, alteration, or destruction of any
data stored in a computer resource with the purpose of causing, or knowing that he is likely to
create, unlawful loss or harm to the public or any individual.
2. Hacking of any kind carries a maximum sentence of three years in jail, a maximum fine of
two lakh rupees, or both.In section 2(K) of the Act, the term "computer resources" is defined
in relation to hacking. Computer resources are defined as "computer, computer system,
computer network data, computer database, or computer software"18.
Hacking is defined as follows:
1. When someone intentionally causes harm or loss to the general public or another
individual.by erasing, changing, or destroying any data included in the computer resource; by
lowering its worth or usefulness; or by negatively impacting it in any way:
2. with the knowledge or purpose that he is likely to inflict such unjustified harm or loss on
the general public or any individual. A "wrongful loss" is defined as "the loss of property by
unlawful means to which the person losing it is legally entitled" in Section 6(23)19 1860.
A hacker is a person who commits the crime of hacking. In everyday speech, the terms
"hacking" and "unauthorized access to computer" or "computer trespass" are synonymous.
However, in order for section 66 to apply, certain conditions must also be met for the action
to be considered hacking. 45
Hacking is a crime that may be perpetrated against both intangible and tangible goods.
Intangible assets are information in the form of electrical, magnetic, or optical impulses,
whereas tangible assets are the computing resource(s)'s hardware components. A computer
hard drive, for instance, is a physical asset, but it may also hold information, which is a non-
physical asset. Optical storage devices are an example of a tangible asset that contains
intangible assets. Although CD-R, CD-RW, DVD-R, and DVD-RW are examples of tangible
assets, they might also include intangibles that have been destroyed or altered, such as
computer resources.20
Hackers without the knowledge or criminal intent to inflict complete loss or harm are not
covered by Section 66. Section 66 does not make hacking in and of itself, without malice and
guilt, illegal. Regardless of the hacker's intentions, it would still be illegal under section
43(a).
The hacker is subject to penalty under subsection (2) even if there would have been no gain
to him from the wrongdoing.
Put otherwise, hacking refers to any type of mischief that involves using a computer,
computer system, computer network, computer software, or computer resource. The
Information Technology Act of 2000 defines hacking in a way that is comparable to section
425.21's definition of mischief. It says as follows: "Whoever causes the detection of any
property, or any such change in any property or in situation thereof as destroys or diminishes
its value or utility, or affects it injuriously, commits mischief with the intent to cause or
knowing that he is likely to cause wrongful loss or damage to the public or any person."
For our purposes, s. 425's first explanation is likewise pertinent. It says: "It is not necessary
for an offender to intend to cause loss or damage to the owner of the property that has been
damaged or destroyed in order for there to be a mischief committed." It suffices if he knows

46
or means to cause any person to suffer wrongful loss or damage by harming any property,
whether or not it is that person's. Section 426 lays forth the penalties for misbehavior. The
sentence reads as follows: "Anyone who causes mischief faces a fine, a term of imprisonment
of any kind up to three months, or both."22 The Information Technology Act of 2000
provides far more suitable penalties for hacking.
Publishing of information which is obscene in electronic Form23
Anyone who disseminates, transmits, or orders the publication of any pornographic or
arousing material online, or if its effects are such that they tend to corrupt or deprave people
who are likely, considering all relevant factors, to read, see, or hear the content contained
therein, faces punishment upon first conviction, which includes up to five years in prison for
both types of offenses as well as a fine.
to one lakh rupees, and in the case of a second or subsequent conviction, a fine of up to two
lakh rupees as well as 10 years' imprisonment for a team of that sort and a criminal record.
gives this definition of "electronic form": Any information created, transferred, received, or
saved in media, magnetic, optical, computer memory, microfilm, computer-generated
microfile, or siilar device is referred to as being in "electronic form"24.
The essential ingredients of section 67 are :
1. The dissemination or publication of content via electronic means
2. The content should be lewd, appeal to the possible audience's voyeuristic interests, or have
the tendency to corrupt or deprave the minds of those who might view it.
Publication and transmission of pornographic material are forbidden under this clause, and
offenders risk legal action and appropriate punishment. Dissemination, distribution,
circulation, and preservation of information or data in an electronic format are all included in
47
publication or transmission in that format. Therefore, the act of downloading falls under the
section's purview.
.It is crucial to remember that while it is illegal to publish or transmit pornographic material
in electronic form, it is not illegal to simply browse or surf pornographic content on the
internet or to possess such content in private at home. Only when the content is published,
distributed, or communicated electronically does it turn into a violation of section 67. To put
it another way, it is illegal to transmit pornographic material over the internet, not just
possess it. For this reason, Pornographic websites, computer-produced magazines, and the
transmission of pornographic images, texts, and other materials fall under the purview of
Section 67 Docs. When the pornographic content takes the shape of a video, the people who
have
It makes no difference if the message was sent to the intended recipient for personal use. If
the requirements outlined in section 67 are met, the act of transmission alone is sufficient to
classify an act as criminal. The argument that the intended audience for the transmission was
the chosen few is untenable given the likelihood of others being able to access it.In the event
that the content is lewd or appeals to people's voyeuristic interests, even a single broadcast
puts the publisher in violation of the law, making them subject to prosecution and
punishment.
It is a matter of fact as to what constitutes obscenity, or, in the words of section 67, what
content is deemed lascivious, appealing to the prurient interest, or likely to deprave or corrupt
people who are likely, taking into account all relevant factors, to read, see, or hear the content
contained in it..
The court determined that a work might be deemed obscene if it has a "tendency is to deprave
and corrupt those whose minds are open to such immoral

48 influences and into whose hands a
publication of this sort may fall" in the well-known English case of Regina v. Hicklin25. The
content judged offensive "would suggest to the minds of the young of either sex and even to
person of more advanced years, thoughts of a most impure and libidinous character,"
according to Lord Cockburn's explanation. Even the American standard of obscenity was
ruled by the Regina v. Hicklin rule for a very long time, until the rulings in Roth v. United
States26 and Miller v. California27.
The Hicklin test was rejected in Roth v. United States, which established a stricter definition
of obscenity as anything that "wholly appeals to the prurient interest" of the "average person,
applying contemporary community standards." Only relevant meeting; this exam can be
prohibited due to its "obscene" content. The Court also expanded the definition of the Roth
standard in Memoirs v. Massachusetts28, ruling unprotected only anything that is "patently
offensive" and "utterly without redeeming social value."
The Supreme Court of the United States ruled in Miller v. California "A state offence (herein
Obscenity) must also be limited to a work which taken as a whole appeal to the prurient
interest in sex, which portray sexual conduct in a patently offensive way and which do not
have serious literary, artistic, political or scientific value." The United States Supreme Court
established the following standards for determining whether a work is obscene:1. Whether
the work as a whole would appeal to the prurient curiosity of the typical individual using
modern community norms,
2. If the work clearly offends by depicting or describing sexual behavior as defined by state
law
3. If the piece as a whole is devoid of significant literary, artistic, political, or scientific merit.
49
The United States Supreme Court additionally declared the following to be profane: (a)
statements or depictions of final sexual activities that are obviously repulsive, normal or
perverse, real or stimulated accounts of masturbation, excretory functions, and indecent
displays of the genitalia.
The Supreme Court ruled in Ranjit Udeshi v. State of Maharashtra29 that D. H. Lawrence's
Lady Chatterley's Lover was 'obscene' because it had the potential to 'deprave and corrupt by
immoral influences' the people into whose hands the book was 'likely to fall'. The Supreme
Court stated, "The word obscenity is really not vague because it is a word which is well
understood even if persons differ in their attitudes to what is obscenity and what is not" . The
following topics have been deemed by the Court to be obscene (l), which corrupts and
depraves those whose brains are susceptible to such wicked influences. (2) which alludes to
very filthy and libidinous ideas. namely, hardcore pornography (3). (4) with its
Content that "is likely to deprave and corrupt those whose minds are open to influences of
this sort and into whose hands the book is likely to fall" was deemed objectionable in the
Udeshi case.Because of its extreme vulgarity, it has the potential to corrupt and deprave those
whose brains are susceptible to such effects and whose hands the book is likely to slip into."
The Supreme Court expanded the definition of obscenity in the Ranjit Udeshi case in
Chandrakant Kalyandas Kakodar v. State of Maharashtra30, declaring that "it is the duty of
the Court to consider the obscene matter by taking an overall view of the entire work and to
determine whether the obscene passages are so likely to deprave and
Therefore, it is important to acknowledge the book's impact on modern society's social
morals. Thus, it follows logically from the Chandrakant Kalyandas Kakodkar case that,
notwithstanding the passage or matter's seeming obscenity when viewed in isolation, it may
not be when viewed in the context of the complete work. A piece of content's obsceneness
50
might be judged using local community norms and modern society's moral standards.
Whether a reasonable and sensible person would consider such work to be obscene when
viewed as a whole serves as the benchmark for determining what constitutes obscene
content.31
The distribution of pornographic content via electronic publication or transmission is
forbidden if it "carries with it the significant danger of offending the sensibilities of unwilling
recipient or to exposure to juveniles."32 An appeal to a sick or ashamed curiosity in sex is
known as a prurient interest appeal. It is said that content that clearly offends viewers by
depicting sexual activity in an attractive manner fosters an unhealthy fixation with sexuality
and appeals to their voyeuristic need for sex.The majority of obscenity trials include activities
committed in multiple jurisdictions, and sellers of pornography may face prosecution in the
state in which the material is transmitted.33 Particular information that the defendant
possessed regarding each
Due to the fact that obscenity is a persistent offense that is considered a new offense each
time it is done, the Act's second or subsequent conviction carries a far worse penalty than the
first, which may serve as a deterrent. In one instance, a medical graduate doctor was charged
for creating pornographic photographs and videos of himself engaging in different sexual
actions, which he then sold to overseas websites that featured the images of specific men and
women.34 An MMS clipping that was put up for sale included a description of a DPS girl
having fun and how the CEO of Baaze.com was granted bail despite the crime being of a
terrible character and being the fault of someone else.35
Similar to section 29236, which states that any book, pamphlet, paper, writing, drawing,
painting, representation, figure, or other object shall be deemed obscene if it is lascivious or
appeals to the prurient interest, or if any of its items, or any combination of them, tend to
51
deprave or corrupt people who are likely, considering all the circumstances, to read, see, or
hear the matter contained in it. Selling, renting, distributing, publicly displaying, or in any
other way placing into circulation, or for pie purpose, all of these actions are defined in
subsection (2) of section 29237.
, bringing in or making money from the import, export, or conveyance of any pornographic
material; engaging in or profiting from any of the aforementioned activities; or offering or
attempting to engage in any activity that is illegal under this section, which is punishable on a
first conviction by up to two years in prison for any description of the offense and a fine of up
to two thousand rupees. If the offense is committed again, the punishment increases to five
years in prison for any description of the offense and a fine of up to five thousand rupees.
The Information Technology Act of 2000 clearly stipulates a far harsher penalty than the
Indian Penal Code of 1860. However, Section 292 enumerates several exclusions that mean
that an act does not constitute an offense and is hence not penalized. The exclusion is
outlined in this section 292, which states that it does not apply to any of the following: (a)
books, pamphlets, papers, writings, drawings, paintings, representations, or figures; (i)
publications that can be justified as serving the public interest by demonstrating that the
publication of the aforementioned materials is necessary for the advancement of science,
literature, art, or learning, or other matters of general concern;
(i) that is sincerely maintained or used for religious purposes; (b) any sculpture, engraving,
painting, or other representation that is on or in—(i) any ancient monument as defined by the
Ancient Monuments and Archaeological Sites Remains Act, 1958; or (ii) any temple, or on
any vehicle used to transport idols, or that is maintained or used for any religious purpose.
52
Section 292 of the Indian Penal Code, 1860 and Section 67 of the Information Technology
Act 2000 differ from one another.
Compared to section 292, the penalty under section 67 is more harsher. According to section
67, a first conviction carries a sentence of up to five years in prison for any description along
with a fine of up to one lakh rupees. For a second or subsequent conviction, the sentence is up
to ten years in prison for any description along with a fine of up to two lakh rupees.
Nevertheless, section 292 stipulates that the penalty for a first offense is two years' worth of
jail for either type of offense as well as a fine. thousand rupees, and in the event of a second
or subsequent conviction, a fine of up to five thousand rupees in addition to a period of
imprisonment of up to five years for any kind.
The offense under section 67 of the Information Technology Act of 2000 is recognized and
not subject to bail, but the offense under section 292 of the Indian Penal Code of 1860 is
recognized and subject to bail, as per The Code of Criminal Procedure, 1973.
2. The crime under section 292 of The Indian Penal Code, 1860 is triable by any magistrate,
but the offence under section 67 is triable by a magistrate of the first class upon first
conviction and by the Court of Sessions upon second conviction.
In the author's view, none of the exceptions listed in section 292 of the Indian Penal Code,
1860 are specifically mentioned in Section 67 of The Information Technology Act, 2000;
nonetheless, any act that is likely to fall under these exceptions would not be deemed obscene
for the purposes of Section 67 as well.
The Chief Metropolitan Magistrate found the accused guilty in State of Tamil Nadu v. Suhas
Katti38 only seven months after the First Information Report (FIR) was filed under sections
469, 509 of the Indian Penal Code, 1860, and 67 of The Information Technology Act. 2000
for posting vulgar, defamatory, and bothersome messages about a divorcee woman on a
53
Yahoo message group and forwarding vulgar emails to others via a fictitious email account
that included her residential phone number and invited people to call her. The victim received
bothersome phone calls as a result of the message and emails being posted, as it was assumed
that she was soliciting. Under section 469, the offender was found guilty and given a sentence
of two years of severe imprisonment and a fine of Rs. 500.
a year For an offense under section 509 of the Indian Penal Code, 1860, the punishment is
simple imprisonment and a fine of Rs. 500; for an offence under section 67 of the
Information Technology Act, 2000, the punishment is rigorous imprisonment for two years
and a fine of Rs. 4000. But each sentence was supposed to flow simultaneously. This is
thought to be the first conviction in India under section 67 of the Information Technology Act
of 2000.
a calendar year Simple imprisonment and a fee of Rs. 500 are the penalties for offenses under
section 509 of the Indian Penal Code, 1860; two years of hard imprisonment and a fine of Rs.
4000 are the penalties for offenses under section 67 of the Information Technology Act,
2000. However, each sentence was meant to flow at the same time. This is reportedly the first
conviction in India under the 2000 Information Technology Act's section 67.
Rejected lovers are gaining ground on their victims by using well-known social networking
sites as a weapon. A girl's married online pals recently uploaded a quite explicit profile of her
on the social media platform Orkut.Forty A Kingfisher Airlines air hostess has filed a lawsuit
in city court, requesting that executives of the social networking site www.orkut.com be held
accountable for their failing to
54
. remove the obscene and libellous profile that she said a prankster had placed. Her picture in
an official uniform appears in her site profile, which is filled with offensive content.
Prankster has included her neighbor's phone numbers on her profile and invited other Orkut
users to get in touch with her in order to become friends. The Delhi Chief Metropolitant
Magistrate has instructed the police to prepare a report and file a FIR by February 9, 2007, in
response to her complaint.41 In a different incident, on December 28, 2006, a class XII
student from Noida was detained for allegedly posting an offensive profile of another class
XII student on Orkut.com. Two pupils at Bal Bharati Public School were suspended on
August 4, 2006, for allegedly posting an offensive photo that had been altered.
September 5, 2006 Manish from Greater Noida Engineering Institute and Karan from Delhi
Shahid Sukhdev Singh College were detained for posting lewd images of a girl from
Ghaziabad on the internet.42 The discussion above makes it quite evident that the
dissemination and publication of pornographic content has been growing in scope and
duration online, and that the majority of those who commit these crimes are young people.
Such crimes may be punished under the indecent Representation of Women Act, Section 67
of the Information Technology Act of 2000, and Sections 292 (Obscenity) and 500
(Defamation) of the Indian Penal Code of 1860.
Power of the Controller to give Directions43
1. If necessary to ensure compliance with the provisions of this Act, rules, or any regulations
made thereunder, the Controller may, by order, direct a Certifying Authority or any employee
of such authority to take the actions or cease the activities specified in the orders.
2. Every individual who disobeys an order issued under paragraph (1) is guilty of an offense
and faces a maximum sentence of three years in jail, a maximum fine of two lakh rupees, or
both.
55
The essential ingredients of this section so as to make a person criminally liable are:
1. The Controller ought to have issued an order directing any employee of a Certifying
Authority or to take the appropriate action or stop engaging in the activities listed in the
orders;
2. The accused should have disregarded such instructions; they should have been required to
assure compliance with the Act's provisions, rules, or any regulations established thereunder.
It is crucial to make a few issues clear here.
First off, the phrase "if those are necessary" and the phrase "to ensure the compliance of this
Act, rules or any regulations made thereunder" qualify the Controller's order to take action
and stop operations. Therefore, the controller may only issue an order to certifying authorities
and other parties if doing so would be necessary to accomplish the relevant goal of assuring
conformity with the Act's provisions and any rules or regulations adopted under them.
Second, section 68 lists the possible awards that the Controller
instructions to the Certifying Authorities or any employee of such authority to perform
certain activities or refrain from performing particular acts in order to guarantee adherence to
the Act's requirements and any rules or regulations established under it. Through the use of
section 18(1), the controller's authority under section 68 can be extended to digital signature
subscribers as well. This is because section 18(1) gives the controller the authority to settle
conflicts of interest that may arise between subscribers and certifying authorities.
Thirdly, the Controller may also use his authority under section 68 through the Deputy
Controller, Assistant Controller, or any other person to whom the Controller has granted such
authority.
27. Section 27 runs as under:
56
Power to Delegate:44 The Controller may, in writing, authorize the Deputy Controller,
Assistant Controller or any officer to exercise any of the powers of the Controller under this
chapter.
directives to the Certifying Authorities or any employee of such authority to carry out certain
actions or abstain from carrying out specific acts in order to ensure compliance with the
provisions of the Act and any guidelines or policies imposed under it. Digital signature
subscribers may also be added to the controller's authority under section 68 by means of
section 18(1). This is so that the controller may resolve any conflicts of interest that may
develop between subscribers and certifying authorities under section 18(1).
Thirdly, the Assistant Controller, Deputy Controller, or any other individual to whom the
Controller has delegated such power may likewise exercise the Controller's jurisdiction under
section 68.
1. The subscriber or any person who fails to assist the agency referred to in sub-section (2) shall
be punished with an imprisonment for a term which may extend to seven years.
Defines "computer resource" as 'any computer, computer system or computer network,
data, computer database or software'46
ter, computer database or software, computer system or computer network, data
The following are the important components of section 69's subsection (1):
1. The Controller ought to have instructed any government agency to intercept any data sent
over any computer resource: 2. The Controller should have issued the directive after
concluding that it was required or advantageous to do so to protect India's sovereignty or
integrity, the state's security, friendly relations with other countries, public order, or to stop
incitement to commit any crimes that would be punishable by law; 3. The rationale behind
the directive should have been documented in writing.

57
computer system or computer network, data, computer database or software,
The essential elements of subsection (1) of section 69 are as follows:
1. Any government agency should have been directed by the Controller to intercept any data
transmitted via any computer resource. 2. The Controller ought to have issued the directive
only after determining that it was necessary or beneficial to do so in order to safeguard India's
security, friendly relations with other nations, public order, sovereignty or integrity, or to
prevent incitement to commit any crimes that would be subject to legal consequences; 3. The
reasoning for the directive ought to have been recorded in writing.
the sake of public order, the state's security, friendly relations with other countries, India's
sovereignty and integrity, or the prevention of encouragement to commit any crimes that are
punishable by law As a result, the section has sufficient safeguards in place to prevent the
controller from acting without authority.
Every person, without a doubt, has a right to privacy against unauthorized interception and
disclosure by any person or authority, be it controller, government, or any private person.
However, this section allows the government agency to intrude into people's privacy because
it contains adequate measures against unreasonable interference by the controller or
government officials. .
On instructions from the Controller, the subscriber or the person in charge of the computer
resource must reveal the communication's content and provide all necessary tools and
technical support to decrypt the data in accordance with paragraph (2). However, this
assistance would be understood to include providing all necessary facilities and technical
support to decrypt the data in a fair manner. There may be situations where the subscriber or
the individual in question lacks the technological know-how to provide all the facilities and
58
support needed to decrypt the data. This part of the Information Technology Act of 2000 is
fairly similar to part 5 (2) of the Telegraph Act of 1885. It says, "On the
If satisfied that it is necessary and expedient to do so in the interest of the sovereignty or
integrity of India, the security of the state friendly relations with foreign States, public order,
or for preventing incitement to the commission of any cognizable offence, for reasons to be
recorded in writing by order, the Central or State Government, or my officer specifically
authorized in this regard by the Central or State Government, may act in the event of any
public emergency or in the interest of public safety. ensure that any communication is
directed
The Central or State Government, or my officer specifically authorized in this regard by the
Central or State Government, may act in the event of any public emergency or in the interest
of public safety if satisfied that doing so is necessary and expedient in the interest of the
sovereignty or integrity of India, the security of the state friendly relations with foreign
States, public order, or for preventing incitement to the commission of any cognizable
offence, for reasons to be recorded in writing by order. make sure that all correspondence is
focused
CHAPTER-4
Areas covered by Cyber Law
Cyberspace: where is it?1. The responses to this topic appear to veer into the metaphysical: it
exists in the tiniest bursts of matter and energy, is both everywhere and nowhere, and is only
summoned by the presence of man via the mediation

59 of an Internet provider. It simply
indicates that we are posing the incorrect question if the responses are meaningless. To begin
with, let us define what cyberspace is. At the very least, a useful response to this query is
achievable.
.. Cyberspace may be thought of as a location. If people can discover them, it's a location
where messages and Web pages may be seen by everybody in the world.2. The language in
the US Supreme Court's first opinion regarding the Internet, "Taken together, these tools
constitute a unique medium - known to its users as 'cyberspace' - located in no particular
geographical location but available to anyone, anywhere in the world, with access to the
internet," gives one hope that US courts will accept the legal metaphor of cyberspace as a
place outside national boundaries.3.
The high seas, space, and Antarctica. Cyberspace need to be considered a fourth international
space for jurisdictional analysis purposes.
(A) Private Defence on Cyber Space.
Information technology is a two-edged tool that may be employed for both beneficial and
harmful purposes. As a result, the success of many endeavors is dependent on the individual
handling and utilizing the technology, who may have good or bad intentions.4 For example,
sending hostile intent through hacking, data theft, virus attacks, etc. can only have negative
effects. However, same techniques may also be applied to verify the legitimacy, security, and
safety of a technical gadget that is largely trusted and depended upon to provide security to a
certain organization.
. To illustrate, a German company has employed the "security software programmer" who
created the "Sasser worm" to create firewalls, which prevent malicious files from accessing
computer systems. The hiring of individuals who are wreaking havoc and causing annoyance
is an acknowledgement of the rising and unavoidable

60 necessity for "self protection," which is
acknowledged worldwide. In reality, in our modern age, it is impossible to imagine a society
in which there is no "self help" system. The content creators across the
world, have supported laws that would enable them to turn down computers that violate
copyright in their own nations. program producers have strongly backed laws in certain
nations that give them the power to remotely shut down computers in violation of the terms
and conditions of the license that permits the usage of the program. However, this stance has
sparked a discussion on the viability, appropriateness, and legitimacy of a rule that renders
this "malware" inoperable.
world, have backed legislation that would give them the authority to reject laptops that
infringe upon copyright in their own countries. In several countries, legislation granting
program creators the authority to remotely shut down computers for violating the licensing
terms and conditions has garnered significant support from the program industry. This
position, meanwhile, has spurred debate on the practicality, suitability, and validity of a law
that deems this "malware" unusable.
The need of private defence:
The idea of "cyberterrorism" has emerged, which is the most lethal and devastating outcome
of this impotence. The conventional ideas and tactics of terrorism have evolved into new,
more lethal and destructive forms. Terrorists have developed the most lethal weaponry and
technological combinations in the information era, and if they are not securely secured in due
order, the consequences will be severe. The resulting damage would be utterly devastating
and nearly irreparable. To put it succinctly, we are dealing with "Cyber Terrorism," which is
the worst kind of terrorism.
61
".6" The term "cyber terrorism" refers to the deliberate, detrimental, and negative use of
information technology to cause harm and destruction to other people's property, whether it
be material or immaterial. Cyberterrorism includes, for example, hacking into a computer
system and subsequently erasing the competitor's important and helpful commercial
information. Due to the comprehensive character of crime, it is impossible to define "cyber
terrorism" in a way that would be thorough. Since new techniques and technologies are
always being developed, it is not a good idea to define "cyberspace" using a rigid formula or
pigeonhole approach.
In reality, the courts ought to start by reading the language as broadly as they can in order to
combat cyberterrorism with a heavy hand and strict penalties.7. However, the legislation
pertaining to cyberterrorism is out of date and has to be updated in light of the most recent
global developments in order to meet the dangerous goals of these cyberterrorists. The
Internet, which is used to carry out these terrorist acts, has no national boundaries, thus
legislation must address issues that arise on an international scale.
. Thus, a cyber terrorist can collapse the economic structure of a country from a place
with which a country may not have any reciprocal arrangements, including an "extradition
treaty". The only safeguard in such a situation is to use the latest technology to counter these
problems, Thus, a good combination of the latest security technology and a law dealing with
cyber terrorism is the need of the hour.8
The concept of private defence:
In India there is no law, which is specifically dealing with prevention of malware
through private defense. Thus, the existing analogous provisions have to be applied in a
purposive manner. The following provisions of the I.P.C., which is a general law dealing with
offences in India, are of great significance in dealing with and tackling the use of
62
malware by the use of private defence.
(i) Section 96 of the Code declares that nothing is an offence, which is done in the
exercise of the right of private defence. This section recognises the principle of self-help
which is considered to be just, fair and reasonable in all the countries of the world.
and the body of any other person against any offence offecting the human body. Secondly-
The property, whether moveable or immoveable, of himself or of any other person, against
any act which is an offence falling under the definition of theft, robbery, mischief or criminal
trespass. This section recognises the right of a "third party" to protect the property of another,
besides protecting his property. Thus, a public-spirited individual has a right to self-help by
helping innocent victims of malware. For instance, a netizen who is an expert in protecting
computers from viruses may make a programme, which has a potential to curb the virus
put on the internet and may launch the same on it. In such a situation the person launching
the malware cannot complain that such third party has no reason to feel aggrieved and has
no right to retaliate. Such an action on the part of that public-spirited individual is morally,
equitably and legally justified and will be protected by this section. This is a benign concept
and it requires the most liberal, purposive and updating interpretation.
(ii) Section 99, among other things, provides that there is no right of private
defence in cases in which there is time to have recourse to the protection of the public
authorities. Further, it provides that the right to private defence in no case extends to the
inflicting of more harm than it is necessary to inflict for the purpose of defence, i.e. the
principle of proportionality. It is suggested that this section applies to offences involving
human beings as such and not the results created due to acts oromissions of the human
beings. Thus, the requirement of taking recourse to public authorities arises only when the
following two requirements are fulfilled:

63
(a) There must not be any apprehension of death or grievous hurt (because in that
case the concerned person is left with no choice but the instant life saving action) by the act
or omission in question, and
(b) Such act or omission must originate out of an active physical participation of
human agency and it should not be limited to any act or omission unsupported by its physical
presence.
Reading Section 103 along with Section 99 further strengthens this argument. Section
103 provides that the "right of private defence of property” extends, under the restrictions
mentioned in Section 99, to the voluntary causing "death" or of any other harm to the
wrongdoer, if the offence of robbery, house breaking by night, mischief by fire to certain
properties, theft, mischief or house trespass, arc committed or attempted to be committed
under such circumstances us may reasonably cause apprehension that death or grievous hurt
will be the consequence, if such right of private defence is not exercised. A close reading of
these sections reveals that these sections are tracing the operation of private defence vis- a-vis
human being's active and physical involvement and not in the sense of malware. This position
is made crystal clear if we read the definition of "death" under section 46, which provides
that the word 'death" denotes
death of a human being, unless the contrary appears from the context. It would bring absurd
results if we argue that the context in the present situation is talking about the "death of the
computer" or the "operating system". Similarly, it will be unreasonable, in fact unrealistic and
imaginary, to argue that for protecting one's computer from malware, every time recourse to
public authorities has to be taken. In fact, the main reason for providing the provisions
concerning private defense is that State cannot protect the life and property of the citizen at
all times. Thus, as a measure of the citizen at all times. Thus, as a measure of public policy
64
and practical convenience, the concept of sell-help has been given a moral, equitable and
legal sanction. Even under the code there is an inherent and patent conflict between section
99 and section 103. Section 103 is subject to section 99, whereas section 99 itself is subject
to section
99. It is talking about taking recourse of public authorities when the act "does not" reasonably
cause the apprehension of death or of grievous hurt. It means that if there is an
immediate threat of death or grievous hurt, then recourse to public authorities need not be
taken. This is logical and satisfies the tests of common sense, because a person cannot
approach the public authorities after his death, which may result due to immediate peril to the
life. Similarly, no useful purpose will be served by approaching the public authorities if
grievous hurt has already been afflicted. In fact if there is an apprehension of death or
grievous hurt, theright to private defence can be exercised even against a public servant
who is though acting in good faith under the colour of his office is not strictly justifiable- by
law. It must be appreciated that no malware can cause any physical injury or apprehension of
the same, which may necessitate recourse to public authorities within the meaning of
section
99. Thus, it can safely be concluded that recourse to self-help can be taken under section
103 of the Code without approaching public authorities since it does not involve the real and
active physical presence of the human agency. This is also in conformity with the basic theme
and object of the concept of self-help and the practical requirements of law and its
regulation of society.
The application of Section 99 is not, however, completely excluded while exercising
the right of private defense under Section 103. It must be noted that section 99 also
recognises the principle of proportionality among other things. This means that the proposed
65
harm given by the technological property holder must commensurate with the nature and
gravity of the threat. Thus, the harm, if at all it is considered to be so, caused must be
reasonable, proportionate and not unduly harsh. The moment it exceeds the limits, which
may be deemed to be appropriate by a reasonable person, it will offend the benign objects of
section 99, and may become illegal. Thus, to this extent, and in this sense only, Section 103
is subject to section 90, This interpretation satisfies the conflictingnterests of private
defence of information technology and the proportionate action required to be taken by the
person exercising the private defence. This is not the end of this matter. Sections 99 and 103
must be interpreted in the light of Section 105 to make them meaningful. Section 105 of the
Code provides that the right of private defence of property commences as soon as a
reasonable apprehension of danger to property commences. There is a possibility that a
particular malware may not give rise to such apprehension at all because of its programming
and operational specifications. In such a case, the owner of the information technology comes
to its knowledge when the damage has already been done. In such a situation no useful
purpose will be served by approaching the public authorities, as they cannot undo what has
already been done. To avoid such an eventuality, it is advisable to adopt precautionary
technological measures, since precaution is always better than the cumbersome and
expensive cure. As a concluding argument it may he pointed out that, by virtue of Section 40
of the Code, the right of private defence is allowed against offences committed under the
"special laws as well. In India the Information Technology Act, 2000 (ITA) is a special law
applicable to matters pertaining to information technology. Thus, the provisions private
defence will also take their colour from it. In case there is a conflict between the provisions
of the code and the ITA, the latter will prevail. Fortunately, there is no conflict between
the provisions ofthe Code and ITA, hence the interpretation given to the sections, as
mentioned above, together with a purposive interpretation of the provisions of the ITA
66
would be sufficient to take care of the principles governing private defence of technological
property, including the Intellectual property rights stored in it.
(B) Cyber Terrorism
The criminal, the outlawed has mastered technology. Mankind was yet to recover from
the terrorism pathogen, which has plagued humanity for decades, and yet its combination
with "Cyber" has made it doubly dangerous and alarming. The critical infrastructure or
nations, the communication systems globally, the banking network worldwide and the
aviation and intelligence systems are all easy targets and deprat obvious vulnerabilities.
Definition of cyber terrorism.
The dark clouds of stealth and incognition engulf cyber terrorism, which is the newest
face of terror,9 and it is said that a new breed of terrorism is on the rise.10 The term implies
two elements cyber and terrorism. Both of these are regarded as the two great fears of
the late 20th century. Both imply fear of the unknown. Fear of random, violent victimization
segues well with the distrust and outright fear of computer technology.11 Terrorism has
entrenched humanity and going hand in hand with technology, it is spawning the deadliest
threat to the society. Cyber terrorism is a term esoteric, complex and difficult to circumscribe
within the four corners of a definition, which will be universally acceptable. While the word
"cyber" relates to cybernetics, which is our tool of trade, "terrorism" denotes an act of
violence. The ambiguity in th definition of the term cyber terrorism brings indistinctness in
action as Dorothy Denning points out, "An e-mail may be considered hacktivism by some
and cyber terrorism by others".12
In 1997, Barry Collin coined the term "cyber terrorism" and defined it as the
convergence of cybernetics and terrorism. 13 The term has since entered popular parlance and
67
is also defined as "attacking sabotage prone targets by computer, which poses disastrous
consequences for our incredibly computer-dependent society".14 In the form of cyber
terrorism the terrorist, finds an easy, risk-free, low-cost option. Whatever may be
Perhaps the comprehensive and popular definition is given by the FBI, which defines
cyber terrorism as :
The premeditated, politically motivated attack against information, computer systems,
compute programs and data which result in violence against non-combatant targets by sub-
national groups and clandestine agents.15
Thus, cyber terrorism is the politically motivated use of computers by sub-national
and clandestine agents to pressurise an audience or to cause a government to alter its orders
or policies. The definition may be extended by noting that Department of Defense (DoD)
operations for information warfare16 also include physical attacks on computer facilities and
transmission lines. Although, computer attacks are different from cyber terrorism, yet if
certain computer attacks are destructive and disruptive enough to terrorise the victim, which
reflect "Severity of effects" and lead to death, injury, extended power outages, airplane
crashes, water contamination or major loss of confidence portions of the economy then it
may be termed as cyber terrorism.17
The incognito nature of the operative of the terrorist act is the biggest challenge and
greatest advantage of the cyber terrorist. For a subversive attack, borders do not have to be
crossed, bombs do not have to be smuggled and placed, hostages do not have to be
kidnapped and captured, and terrorists do not have to surrender their lives. Plainly stated,
tomorrow's terrorist may be able to do more with a key board than with a bomb".18 Cyber
terrorism mainly targets the national infrastructure of a country and cyber terrorists are
interested in controlling systems of nuclear reactors, large storages of strategic raw material
68
like gas and oil, systems of water supply, power distribution, traffic centres, communication
secrets, etc.
Technique
The Internet gives the terrorists exclusive opportunities.19 Technically speaking, the
cyber terrorist is not yet so potent so as to terrorise a nation by merely resorting to the
Internet. The terrorist groups currently lack the capability to mount a meaningful operation.
Cyber attacks lack the horror and bloodshed, which are the ultimate motives of a terrorist. In
the Conference of Terrorism held in Paris in May 2000, the participants stated that terrorist
organisations are not likely to use
technology to further their malevolent ends.20 However, it is also reported that most of the
captured files of Al-Qaeda are either not encrypted or they are poorly encrypted. Reports
also say that Osama bin Laden has taken steps to improve organisational secrecy and to make
clever use of technology.21 Although, at a slower pace yet the terrorist is embracing
technology to simplify its nefarious designs and to maximise the damage of the physical
attack. Seized computers belonging to Al-Qaeda indicate that its members are now becoming
familiar with hacker tools that are freely available over the Internet.22 Not only this, while
refurbishing their outfits, they are giving due importance to technology and the computer
literate youth has started joining the ranks of the terrorist and it is said that once a new
tactic is publicised, it is likely to motivate other rival groups to follow along the new
pathway.
The terrorist first make a simulated test of the computer attack, which they have
developed so as to avoid detection of their preparation. Member of Al-Qaeda and other

69
terrorist groups are reported to use the Internet, encryption software, and other up-to-date
technology to link its members, plan attacks, raise funds and spread propaganda.23
Evidenceshows that, Mohamed Atta, the leader of the attacks carried out on 11 September
2001 had made his air reservation ticket online and other members of Al-Qaeda used Internet
based telephone services to communicate with other cells overseas. Khalid Sheikh
Mohammed, the mastermind of the attacks against the World Trade Center, reportedly used
Internet chat software to communicate with at least two airline hijackers.24 The international
terrorist groups have already resorted to advanced technological methods to commit terrorist
acts. Ramzi Yousuf, the man sentenced to life imprisonment for helping to bomb the World
Trade Centre was reportedly trained as an electrical engineer, made plans to use
sophistricated electronics to detonate bombs on US airlines and also used sophisticated
encryption to protect his data and to prevent law enforcement agencies from reading his plans
in case he is captured.25
The Virtual world has offered a lush green inviting playground to today's terrorist
where it can organise any dirty game and at the same time remain conspicuously absent
from the scene of occurrence. Attacks in the physical world like bombing critical
infrastructure of a country, government computer bank, and telephone equipments are
traditional targets of the terrorists. But today, there is a convergence of the physical and
virtual worlds, and these two being disparate, activities of the
terrorist do also differ in nature. Today's terrorist remaining hidden and unnoticed can do a
lot, he can increase the amount of iron supplement in cereals, thereby killing hundreds of
infants and children of a nation,26 altering a medicine prescription in a hospital, thereby

27
causing innumerable to perish, change pressure in gas lines, take command of the
floodgates in a dam, handle 3,00,000 volts of electric power thereby causing destruction of
70
property28 and the like.
Not only on the land, a cyber terrorist without taking the risk of flying can take
control of the air traffic system or alter the system to such a fashion that airplanes fly into
each other resulting in mass causalities. However, this scene requires that the entire human
element in control of the aircraft be ignored. Thus, the cyber terrorist gets a risk-free, low-
cost option to cause the greatest of havocs and catastrophes.
Counteraction to cyber terrorism
As cyber terrorism is a combination of an urge to cause terror mixed with technological
advancements, no single measure can successfully combat it. Thus, only a multi-thronged
counteraction The myriad responses to the menace at the international level are
enumerated in the following headings.
Legal Response
Main players in cyber terrorism are organised criminal groups, criminal societies and national
and transnational criminal organisations.29 Thus, in cyber legislations of almost all the
countries, recognition is given to the criminal liability of the cyber terrorist. After 11
September 2001 holocaust, legislations are fixing liability for funding terrorist acts and if
found guilty, to block funds and seize assets of such persons. Unfortunately, there has not
been an exclusive legislation to combat Cyber terrorism by any country but the criminal
liability of cyber terrorist, holding him responsible for hacking, DoS, which are used by the
terrorist for their destructive ends is the present and plausible approach by all the countries.
Indian approach
Like most of the countries. India too responded to the misuse of information technology and
Internet vandalism by passing its lone cyber Act, 71

the IT Act, 2000. However, it also made
consequential amendmentsin some traditional laws30 so as to update them. But this Act
addressed some of the cybercrimes and vandalisation of data while the word "cyber
terrorism" did not occur in the Act until 2008 when the amendment made important
introductions relating to the subject of cyber terrorism.
The IT (Amendment) Act, 2008 (10 of 2009) not only defines the term cyber terrorism
but it has many sections in pari materia. It is the amalgamation of several sections in the
amended Act which, taken together make a meaningful and effective law provision to
address this dreaded peril.
International Response
There is an international consensus that a hacker should not be allowed to get away only
because of legal inadequacies.31 Cyber terrorism, being a global meance, it is impossible to
combat it without international harmonisation of laws on the subject and a concerted effort by
the international society. As terrorism is being fought through regional and international
cooperation, so also cyber terrorism can be thwarted only when nations come together and
make a positive move.
Governmental Response
US, having the densest connectivity and convergence, is the easiest target of cyber
terrorism. Thus, the governmental response in this country is strongest compared to the other
countries.
After II September 2001, the US government reacted towards it in the most effective
manner so as to construct a more resilient society of Americans which will strengthen them to
fight terrorism of any sort. However, much before 72

that, the government also announced plans
to safeguard the critical infrastructure or Supervisory Control and Data Acquisition
(SCADA) when they are connected to the Internet to monitor certain industrial processess
and also national security of America.32
73
CHAPTER-5
Current Cybersecurity Regulations and Laws/ Amendments
An additional set of difficulties has emerged for law enforcement organizations in India due
to the surge in cybercrime cases. With the development of information technology, actual
humans are now completely outside of physical bounds. It's true that there are two sides to
every coin. There are countless advantages and disadvantages to the new digital global
community, which has emerged at the speed of light.
.Over the course of more than 150 years, India's criminal justice system has developed
to a mature point and gained a reputation as one of the most effective legal systems in the
world. The important organizations involved in the management of criminal justice are the
judges, prosecutors, police, and parliament, which are the body that makes laws. Although
they have a great deal of functional freedom, their operation is constrained by the concept of
checks and balances, which prevents them from invading one another's territory and requires
total coordination.
Challenges before the Judiciary
Online culture has become an essential aspect of modern life since computer networks and
the internet have made it possible for most of our activities, including banking, industries,
commerce, information sharing, official transactions between governments and non-
governmental organizations, academic endeavors, and information exchange, to take place
online. Nowadays, one may find everything on the internet that they choose to view or learn.
Notwithstanding this positive element of computer technology, there are certain drawbacks as
well that should worry law enforcement organizations as well as court officials.
As a result of the exploitation and abuse of computer networks for illicit activities, the
internet culture has given rise to a multitude of online conflicts, divisions, controversies, etc.
74
Although disputes in general are not new to human society—they have been around since the
dawn of civilization—the concerning aspect is that disputes pertaining to online transactions
are very different in terms of their nature, scope, and handling. As a result, resolving these
cyber-related disputes has become a significant challenge for the legal system due to the
complexities involved, which judges are not fully knowledgeable about.
.The following are the elements that make it difficult for judges to sentence people for
cybercrimes:
(i) These crimes are global in nature, meaning they transcend national borders; (ii) There are
differences between national legal systems, laws, and procedures regarding the admissibility
of cases pertaining to cybercrime; and (iii) there is uncertainty regarding the precise
definition of cybercrime and the range of activities that fall under its purview.
Due to the intangible character of cybercrime, neither physical violence nor the presence of
the accused at the crime site are necessary. under cybercrime cases, the typical adversarial
litigation system would rarely serve the interests of justice under these circumstances.
In the case of State of Punjab and others v. M/s Amritsar Beverages Ltd. and others, the
Supreme Court of India made observations about the challenges encountered by the legal
system and law enforcement authorities while addressing computer-related offenses.
.scientific knowledge or lack the necessary understanding to deal with the novel
circumstance. Focus was immediately drawn to a number of fresh events that gave rise to
crimes of all types that our Legislature had not anticipated. The Information Technology Act
of 2000 was revised to encompass a variety of cybercrimes and their associated penalties, but
it still does not address every issue that law enforcement officials encounter.
."
Judicial Sentencing : Trend

75
A casual look at the legal system in India would indicate that the offender's age, sex,
educational background, mental state, and maturity are the main criteria that affect judicial
sentence. The accused's sentence is also influenced by his motivation, the circumstances
surrounding the offense, and how it affected the victim or society. Due to the offender's
youth, immaturity, and prior clean record, sentences are often lenient; but, severe
punishments are meted out in response to recidivism, ongoing associations with criminals,
and the degree or gravity of the offense.
Nevertheless, they are only generalizations and in no way limit the ability of judges to
sentence offenders. The judges seldom have the luxury of ignoring the whole of the damage
that crime has on society when deciding on punishment. As a result, the court's ruling is
crucial in determining the future course of action in situations that are comparable.
.3Even if there isn't as much case law on cybercrime as there is for regular crimes, the
crime is still on the rise since individuals are using computers more and more frequently.
Courts have a history of viewing cybercriminals who have committed planned crimes as
potential threats to society, and as a result, they are hesitant to lessen their sentences.
Leon Radzinovicz expressed his opinions regarding judicial sentencing, stating that while a
sentence that is excessively harsh in relation to the crime committed or one that is less severe
in order to assist the offender in changing their ways is unacceptable.4 Since cybercrimes do
greater harm, harsh punishments are typically meted out. In the case of cybercrime, the
essential question is whether the priority in sentencing should be protecting society or
preventing crime. However, the overall tendency appears to be in favor of stopping and
controlling cybercrime by taking a strict stance in the lack of any particular criteria in this
respect.
.Judicial Trend in India 76

It is imperative to mention that prior to the enactment and enforcement of the Information
Technology Act, 2000 on October 17, 2000, there was almost no Indian case law regarding
the cyber jurisdiction of the courts. Since information technology has become a more rapid
method of communication in the new century, it has had certain unintended repercussions
that have brought cybercrimes before courts for resolution..
The issue of judicial jurisdiction arose in the P.R. Transport Agency v. Union of India and
Others5 case when a contract between parties who resided in separate locations was
established by email. In this instance, plaintiff (P.R. Transport agency) won an online auction
for forty thousand metric tons of coal from Dobari colliery. The sale was conducted by
Bharat Cooking Coal Ltd. (BCCL) and featured many lots of coal. On July 19, 2005, the offer
was accepted via email, as announced by the BCCL. In retaliation, the plaintiff sent BCCL a
check for 81.12 lakhs, which the company received and paid but failed to deliver the coal to
the plaintiff. Rather, it (BCCL)
notified the plaintiff via email that the aforementioned e-auction is terminated "due to some
technical and unavoidable reasons". The plaintiff discovered that BCCL had canceled the
coal e-auction because a different bidder had placed a greater bid, which had not been taken
into consideration earlier because of a problem with the computer, its software, or the data
input. In the Allahabad High Court, the plaintiff (P.R. Transport) contested the defendant's
right to cancel their contract.
The defendant, BCCL, objected to the court's territorial jurisdiction, arguing that the cause of
action had not arisen in the state of Uttar Pradesh, and so the High Court of Allahabad lacked
jurisdiction in this matter. The plaintiffs contended that the matter was within the Court's
jurisdiction as they got the email notifying them of the tender's acceptance in Chandauli,
Uttar Pradesh. After hearing from both sides, the High Court ruled that, should an email be
accepted, the information sent by the account holder from any location gets to the "server's"
77
memory, which may be placed anywhere and that the addressee account holder may recover
from any location in the globe.
As a result, there is no set time for email transmission or reception. Section 13(3) of the
Information Technology Act of 2000 states that "an electronic document is considered
received at the addressee's place of business." The plaintiff, P.R. Transport, will be assumed
to have accepted the tender when it is received at its place of business, which is in Chandauli
and Varanasi, both in Uttar Pradesh.
The Allahabad High Court was therefore empowered to provide a decision because the matter
was inside the state of Uttar Pradesh. Based on the ruling in this case, it can be said that the
trend in courts' exercise of jurisdiction over cybercrimes must adhere to the standards of fair
play and justice, which are inevitably based on the following factors: a) the degree of
deliberate interference or illegal activity impacting the affairs of the State; b) the degree of
the State's sovereignty being violated; and c) the forum of the State's interest in resolving the
dispute.
The State's obligation to safeguard the rights of parties that are offering them relief; and (b)
the presence of a substitute forum. To bolster a state's online authority, the legislation
mandates that it engage with the victim in some capacity in addition to making the website
accessible.
Cyber Pornography : Judicial Trend
The prevalence of pornographic content on the internet has increased with the usage of
computers in daily life. This has negative effects on society at large as well as on children and
young people. Pornography is generally defined as content that is primarily sexually explicit
and is meant to provoke stimulation of sex desire.
78
The primary cause of the growing prevalence of pornography as a cybercrime seems to be the
lack of any meaningful regulations limiting who is allowed to use the internet. There are
several private Internet service providers (ISPs) in India, including Videsh Sanchar Nigam
Limited (VSNL) and others, that offer internet access through various schemes. However,
there are no restrictions on who may use these services.
There aren't many documented Indian cases involving internet pornography since the
majority of them are resolved at the magistrate level of lower courts. But in this light, the
State of Tamil Nadu v. Suhas Katti6 case merits particular attention because it was resolved
in a record-breaking seven months after the FIR was filed. The Chennai Cyber Crime Cell,
which produced 18 witnesses and 34 documents in support of the prosecution case, deserves
recognition for its quick investigation of the case. The following were the case's facts.
The woman was making unwelcome phone calls to have sex because she was soliciting. She
reported the unidentified culprit to the Chennai Cyber Crime Cell. According to the police
inquiry, the accused was the victim's well-known family friend who lived in Mumbai and was
considering marrying her. But after a while, she got married to someone else and got
divorced, so the accuser approached her once more about getting married to him. She turned
him down. Subsequently, he began to harass her by sending offensive and disparaging
emails..
The Indian Penal Code's Sections 469 and 509, in conjunction with Section 67 of the IT Act
of 2000, were utilized to charge the defendant. He begged that the lady who was the
complainant may have received the unpleasant emails from her ex-husband, with whom she
had ended their divorce, or she may have done so on her own to implicate the accused,
because he had declined her proposal of marriage. Additionally, it was claimed on the
accused's part that Section 65(b) of the Indian Evidence Act did not support the documentary
evidence presented against him.

79
However, the Court found the accused guilty of the offense under Sections 469/509, IPC, and
Section 67 of the I.T. Act based on the expert witnesses and other evidence presented before
it, including the testimony of the cyber cafe proprietor. For the offense under Section 469, the
accused was sentenced to two years of rigorous imprisonment and a fine of Rs. 4500/-for the
offence; for the offense under Section 509 of the IPC, the accused was sentenced to one year
of imprisonment and a fine of Rs. 500/-; and for the offense under Section 67 of the
Information Technology Act, the accused was sentenced to two years of simple imprisonment
and a fine of Rs. 4000/-. Every sentence was meant to flow simultaneously.
Avnish Bajaj was the Chief Executive Officer (CEO) of 7 Baazee.com, an online auction
company, in the case of Avnish Bajaj v. State (NCT Delhi). In December 2004, he was taken
into custody for disseminating pornographic content online. The allegations against him
stemmed from the discovery that someone had used the Baazee.com website to sell copies of
pornographic CDs. The Delhi market was also selling the CD. The offender was taken into
custody as a consequence of the Delhi and Mumbai police working together. But the Delhi
High Court eventually granted him bail, finding no prima facie proof that Mr. Bajaj had
distributed the aforementioned pornography directly or indirectly and that the real, filthy tape
of Chip was not accessible on
. According to the inquiry into this case, Bajaj had family links to India and was of Indian
descent. The website owned by his firm, Baazee.com, catered to customers and sold real
estate online on a fee basis. On November 27, 2004, an explicit MMS clip titled "A DPS girl
having fun" was put up for sale on "Baazee.com," and the corporation proceeded to sell a few
copies of this clipping.In his defense, the defendant, Mr. Bajaj, said that Section 67 of the
Information Technology
The act that led to his detention and charges concerns the publication of pornographic
content rather than its delivery. Furthermore, since the disputed CD was unlawful, he took
80
quick action to halt its sale, which was completed in 38 hours, even though it was a weekend.
He further said that the sale profits were not handled via him and that the aforementioned
pornographic tape was not accessible on the Baazee.com platform.
In this case, the Court was asked to decide whether to distinguish between content providers
and internet service providers (ISPs). The accused must demonstrate that he was merely the
service provider and not the content supplier, the court decided. The evidence indicated that
the obscene content may have been inadvertently placed for sale on his company's website,
and there was a chance that the claimed crime had really been committed by someone else.
Consequently, the court decided that the accused should be freed on bail.
However, the accused was directed to turn in his passport, provide two sureties of one lakh
rupees each, and promise not to leave India without the court's approval. In the end, his bond
was increased, but only on the stipulation that he take part in and support the investigation.
In State v. Fatima Riswana In the case of respondents 2 to 6, who were charged with cyber
pornography under Section 67 of the Information Technology Act, 2000 read with Section 6
of the Indecent Representation of Woman (Prohibition) Act, 1986, Sections 5 and 6 of the
Immoral Traffic (Prevention) Act, 1956, as well as Section 27 of the Arms Act, 1959, the
appellant, represented by ACP, Chennai, and others,8, was a prosecution witness.
.. Dr. L. Prakash, the accused, is accused of taking advantage of certain men and women in
order to produce pornographic images and recordings of them engaging in different sexual
actions, which he then sold to international websites. The case was heard at the Vth Fast
Track Court in Chennai, which was presided over by a female judge. The court was
established by the Tamil Nadu government as a "Mahila Court" to expedite the hearing of
cases involving offenses against women.
The accused filed a revision appeal against the court ruling rejecting their demand for copies
of 74 compact discs (CDs) containing allegedly pornographic content while the trial was still
81
ongoing before the aforementioned Fast Track Court. The Madras High Court denied the
revision plea, ruling that it was not feasible to provide so many CD copies since doing so
would encourage the duplication of such illicit content for wider distribution. the CDs in the
Presiding Judge's room with their attorneys present, as well as the public prosecutor and
expert,
The petitioner's attorney and the public prosecutor both stated that it would be embarrassing
for them to watch the aforementioned CDs in front of the female, knowledgeable district
judge. The High Court noted that the Presiding Lady Judge had the option to attempt to
handle the case alone or have it moved to a male judge colleague, as the accused had not
submitted any motion for the matter to be transferred to a male judge. However, at the Public
Prosecutor's request, the High Court sent the case to Fast Track Court IV, presided over by a
male judge, without giving the petitioner a chance to be heard..
Because she is a woman, the appellant consequently filed a criminal revision in 2004,
claiming that having the case transferred from a female judge to a male judge would make
her feel ashamed. Additionally, it was argued that both the earlier Apex Court decision9 and
the purpose of establishing Mahila Courts were violated by this transfer. The appellant filed
an appeal with the Supreme Court after the High Court denied their request..
The Supreme Court ruled that the High Court's whole strategy in this particular case was
detrimental to the interests of the witnesses, who were actually the case's victims. The
presiding lady judge of the court further stated that since she had not shown signs of shame, it
was irrational to assume that it would make her feel that way. This is especially true given
that she had not indicated a want for the case to be moved to a male judge. The Apex Court
allowed the appeal, ruling that the High Court shouldn't have become involved in the case..
A youngster at Air Force Bal Bharti School in Delhi, case number 10, was made fun of by all
of his peers for having a scar on his face. He chose to exact revenge on his tormentors after
82
growing tired of their cruel pranks. In addition to creating a pornographic website, he also
scanned and altered photos of his professors and classmates to make them appear naked. He
then submitted the finished products to a free online hosting provider. One of the class girl's
fathers, who just so happened to view the webpage, took issue with this and complained to
the Delhi Police. The child received a show-cause letter from the school, asking him to
explain why his pornographic behavior shouldn't result in his expulsion.
The case was taken up by the Juvenile Welfare Board, which heard arguments from both
sides—the school's attorney and the complainant's attorney—and attempted to reach a
compromise. However, the father of the accused boy refused to remove his son from the
school until the school provided a written guarantee that his son would be admitted to another
institution, which the education department was unable to provide. The complainant's father
maintained that the case would not be compromised as long as the accused youngster attends
the same school. The parents of the twelve children, whose names and images were scanned
and posted on the internet, did not want their kids to be taught alongside the lad.
The defense's claim that other students had been sending offensive emails about the school's
teachers even before the boy set up the website was rejected because the school provided
enough evidence to show that it did not have an internet connection prior to April 4, 2001, the
day the accused was charged with cyberpornography. However, because of a deal between
the complainant and the school, the matter was eventually abandoned.
Another instance included a Swiss couple11 in Mumbai who would round up underprivileged
kids and make them appear in explicit and naked pornography. After that, they would post
these images on websites created especially for child molesters. The pair was detained by the
Mumbai Police for pornography, and they were also charged with internet pornography under
Section 67 of the I.T. Act as well as Sections 292 and 509 of the IPC. However, they were
later released due to insufficient proof. In the United States v. Kufrovich case in the United
83
States, the defendant was accused of violating US Criminal Law Sections 2422(b) and
2423(b) by utilizing online contact to intentionally convince a youngster to have intercourse
with him.
.. The accused said in his defense that since he had only spoken with the victim virtually and
not in person, he was protected by the First Amendment and the exchange via the internet
could not be used against him as evidence. However, the court dismissed the defense, ruling
that the accused was charged under the Communications Decency Act, which makes it illegal
to use the internet and phone lines to lure minors into sexual behavior.
Judicial concern for IPR14 related Cybercrimes
The legal system has always adjusted to the demands of the ever evolving technological
landscape. It has balanced the long-standing, strict regulations with the most recent
advancements in technical understanding by using its own interpretive methods. A number of
challenges that were not anticipated by the previous legal system have been brought about by
the internet and other digital technologies. Unexpected by the Parliament, a number of new
innovations have given rise to various forms of cybercrime.
have emerged in the wake of the millenium. In order to prevent injustice from being done to
anybody, the courts have acted as an arbitrator in internet-related intellectual property rights
conflicts that have arisen as a result of advances in computer science.
A collection of rights are included in the notion of intellectual property. Section 43 of the
Information Technology conduct, 2000 defines an offense as any illegal conduct that robs the
owner of all or some of his rights. One frequent instance of an IPR violation is software
piracy. Other intellectual property rights (IPR) infractions include theft of computer source
code, trademark and service mark infringement, and copyright infringement. In the
paragraphs that follow, a brief discussion of pertinent case law demonstrating judicial trends
on online intellectual property rights breaches and offenses is provided.

84
The High Court of Bombay ruled in Kirloskar Disel Reconstruction (P) Ltd. v. Kirloskar
Proprietary Ltd.15 that the term "trademark" in Section 105(c) of the Trademarks Act must
be interpreted as a comprehensive term that includes the "trade name," or the "business
name," and the name by which the article or goods are sold. This is because the definition of
trademark includes the word "mark," which means name. Of course, that mark should have a
legitimate connection. Because there was a chance that the defendant would mislead or
confuse the public and cause harm to the plaintiff, the court in this instance barred the
defendant from using the trade name "Kirloskar" for their private enterprises.
. Stated differently, instances of trademark or trade name infringement would give rise to a
passing off action. As a result, the defendant was forbidden from referring to himself as
"kirloskar" in any online correspondence or promotions.
Rediff Communication Ltd., an online media corporation, was the plaintiff in the historic case
of Rediff Communication Ltd. v. Cyberbooth and Others.16 The company had been in the
communication and internet service industry since January 6, 1997. The initial six letters of a
collection of businesses with corporate names that included Rediffussion, Denstu Young, and
Rubicam advertising Ltd. were combined to form the term REDIFF. The plaintiffs claimed to
have had a significant turnover of Rs. 1.93 crores during the period after registering their
domain name, REDIFF.Com, with NetWork Solutions Inc. on February 8, 1997.
It was. in March 1997 that the plaintiffs learnt that defendants got their domain name
RADIFF.COM registered with Network Solution Inc. on January 31, 1999 and had
established webpage on the internet with the said domain name. The plaintiffs alleged that
the adopting of the said domain name by the defendants was clearly public to believe that
the defendants are associated with the plaintiff or part of the 'Rediffusion Group' with whom
the name mark 'REDIFF' is exclusively associated and therefore, it was an act of passing off
on the part of the defendants for which an injunction be granted by the Court. In other words,
85
the defendants had deliberately passed off their business, goods, services etc. as those of the
plaintiff's, and thereby illegally exploited the reputation and goodwill of the plaintiffs.
The defendants in their written statement supported by an affidavit contended that the
word RADIFF adopted by them was coined by taking first three letters of the word 'Radical',
the first letter of the work 'information', the first letter of the word 'future' and the first letter
of the word 'free'. They further argued that there was no likelihood of deception or confusion
as the two domain names 'REDIFF' and 'RADIFF' were distinctly different and also that the
plaintiff's website was titled 'REDIFF' on the internet whereas defendant's website was titled
as 'RADIFF ONLINE'. Further, the plaintiffs' website was providing various services from
news to shopping whereas the defendant's website was mainly providing hyper text links' to
its advertiser's websites. Thus the look and feel of the plaintiff's website was totally different
from that of the defendant's website.
Analysing the principles underlying the law relating to passing off, Mr. Justice A.P.
Shah of the Bombay High Court (as he then was) referred to Lord Diplock's observation in
Erven Warinick v. Townend17 case wherein it was held that the essential characteristics which
must be present for a valid passing off action are : (1) misrepresentation, (2) made by a
person in the course of trade or business, (3) to the prospective customers of goods or
services supplied by him, (4) which is calculated to injure the goodwill of another trader as
a foreseeable consequence; and
(5) which causes actual damage to the business or goodwill of the trader
by whom action is brought against the defendant.
The High Court of Bombay came to the conclusion that when both the domain names
are considered, it is clearly seen that they are almost similar in nature and there is every
86
possibility of internet users being confused and deceived in believing both the domain name
belong to same person although in fact the two belong to different persons. Rejecting the
defendant's plea that the word RADIFF was derived from the four words, namely 'radical'
information', 'future' and 'free', the Court held that this assertion appears to be completely
false and an afterthought devised to answer the plaintiff's claim. The Court concluded in
unequivocal terms that the prima facie object of the defendant in adopting RADIFF as a
domain name was to trade upon the reputation plaintiffs domain name and the
argument that the field of activity of the two was different is without any substance because
both activities are similar as also overlapping. The defendant was therefore, restrained from
using the domain name RADIFF forthwith.
In the case of TATA & Sons v. A.K. Chaudhary, 18 the petitioners used TATA logo in
its website for its products. They sued the defendant for openly selling his steel and cutlury
and similar items using deceptively similar trademark on the website, and prayed the Court
for an injunction directing the respondent to refrain from selling their products using brand
name similar to that of the petitioners. Allowing the petition, the High Court of Delhi ruled
that petitioner's trademark had acquired unique goodwill and reputation and it had become a
distinctive trademark within the meaning of Section 9 of the Trademarks Act due to its long
continuity. Therefore, the Court prohibited the defendant from using the trademark under
Section 29 (4) of the Act although it was not being used by the respondent for commercial
purposes.
The Supreme Court in M/s Satyam Infoway Ltd. v. M/s Sifynet Solutions Pvt. Ltd.19
held that domain name used as a mode of carrying on commercial activity has all the
characteristic of a trademark, it is not merely an address on internet but serves as a business
identifier as it identifies users. Bringing out a distinction between trademark and domain
name, the Apex Court held that the distinction lies 87

in the manner in which the two operate. A
trademark is protected by laws of the country where such trademark is registered.
Consequently, a trademark may have multiple registration in many countries. As against this,
a domain name is potentially accessible without any geographical location of the
consumers. Although there is no specific legislation in India which explicitly refers to dispute
resolution in connection with domain names but that does not mean that domain names are
not to be legally protected. They, are adequately protected by the law relating to passing off
action under the law of torts.
In an action for passing off as the term itself suggests, the defendant tries to pass off
his goods or services to the consumers or public as that of the plaintiff's goods or services. It
is an- action not only to preserve the reputation of the plaintiff but also to safeguard public
or customers against confusion or deception. The similarity of domain names in e-
commerce with its instant accessibility may result in users mistakenly accessing one domain
name for the other due to similarity of both the names.
In the instant case, the appellant was an incorporated company registered in 1999
under several domain names like www.sifynet.com, www.sifymall.com,
www.sifyrealestste.com etc. with the internationally
recognised Registrars, namely, Internet Corporation for Assigned Names and Numbers
(ICANN) and the World Intellectual Property Organisation (WIPO). The word 'sify' was
coined by using elements of its corporate name, Satyam Infoway and the appellant claimed a
wide reputation and goodwill in its name 'sify'.
The respondent started carrying on business of internet marketing under the domain
names 'www.siffynet.net' and 'www.sifynet.com' from June 2001 which were registered
with ICANN on 5th June, 2001 and 16th May, 2002 respectively. Having come to know
about the use of domain name 'siffy' by the respondent, the appellant served a notice on the
88
defendant asking him to desist from using that domain name as it was deceptively similar to
that of the company's domain name, but the defendant refused to oblige. Consequently, the
appellant filed a suit against the defendant in the City Civil Court claiming passing off action
against the latter and an application for temporary injunction against the defendant. The Court
granted injunction on the ground that the appellant was the prior user of domain name 'sify'
which had earned considerable reputation in connection with internet and computer services
therefore, adoption of similar domain name by the defendant was deceptive and likely to
cause confusion among the users and the customers.
The respondent preferred an appeal against the Civil Court's order in the High Court
which stayed the injunction order and later allowed the appeal on the ground that merely
because the appellant had started the business first, did not entitle him for an injunction
without considering as to where the balance of convenience lay. The Court in this case
noted that, the record showed that respondent was carrying on business other than that of the
plaintiffs and there being no similarity between the two businesses, there was no question of
customers being deceived or confused. The claim of appellant was therefore, disallowed by
the High
Court.
89
In Himalaya Drug Co. v. Sumitt20 the plaintiffs were engaged in
the manufacture and sale of Ayurvedic medicinal preparations and had developed a website
under the domain name www.himalayadrugco.com. They had spent considerable time,
labour, skill and money in preparing database of more than 209 herbs. It came to the
notice of the plaintiffs that the defendants were operating a website which reproduced the
plaintiffs entire herbal database by copying the preliminary information of each herb and
the detailed monograph, so much so that even the synthactical and grammatical form that
appeared on the appellant's website was copied verbatim by the defendant in their website.
The appellants, therefore, moved the Delhi High alleging that the defendants were
passing off their business using the similar domain name as that of the appellant's which was
causing deception and confusion among the consumers and the public. The defendants having
failed to respond and attend the Court despite several notices, the High Court of Delhi
proceeded ex-parte against the defendants and ordered a permanent injunction restraining
them from reproducing, using and/or communicating to public on their herbal website which
they had copied from the appellant's database. The Court also awarded punitive damages to
the extent of eight lakhs rupees, which the defendants were required to pay to the plaintiff by
way of compensation.
In yet another case, namely Dalgit Titus, Advocate and others v. Alfred A. Adevare
and others21 decided by the Delhi High Court, the plaintiffs were running a law firm which
consisted of advocates specialised in different legal fields. The defendants were working
with the plaintiff's firm and were paid remuneration while they retained control over the
professional organisation. They claimed copyright ownership over the work which they had
done while working in the plaintiff's legal firm. The plaintiff's, on the other hand, contended
90
that since the defendant's were a part and parcel of the plaintiff's firm, they could not claim
exclusive right in respect of expert opinions and advice rendered to them as they were under
an obligation to maintain confidentiality. The plaintiff also claimed to have spent substantial
amount of money, time, skill, computer network, law library, office infra-structure etc.
Consequent to this dispute which arose regarding the copyright ownership between the
plaintiffs and the defendants, the plaintiffs filed a complaint before the Court that one of the
defendants came to their office after the office hours and downloaded 7.2 GB of database of
their crucial data, write-up through plaintiffs local area network and allegedly have stolen the
hard copies compressed over ten proprietary drafts of the plaintiffs and therefore, they prayed
for protection of their exclusive data under the Indian Copyright Act, 1957.
After hearing both the parties, the Court came a conclusion that plaintiff had prima
facie copyright in the database which the defendants had taken away from the plaintiff's
office. The Court noted that the defendants were free to carry on their legal profession,
utilise the skill and information they had mentally acquired by experience gained from
working with the plaintiff's legal firm but restrained them from copying material of the
plaintiff in which the plaintiffs alone had the exclusive copyright. The principle of law laid
down in the case clearly envisages the need for a careful drafting of different clauses of the
contracts before entering into any kind of relationship, particularly the clauses
dealingwith database and in case of a legal firm, whenever an employee of a solicitor firm
drafts a document, the employer is the first owner of the copyright document.22
The American case of Marks and Spencer PLC v. One in million 23, may also be cited
wherein it was held that any person who deliberately registers a domain name on account of
its similarity to the name, brand name or trademark of an unconnected commercial
organisation, may be restrained from such passing off activity by an injunction. The
91
defendants in this case adopted the name Marks and Spencer domain name only because this
name was associated with the plaintiff's group which had good business and the defendant
wanted to use it illegally for his own gain by causing confusion or deception among the
users or customers.
Where the controversy between the parties centers around the domain name on the
internet, the principle laid down in the landmark case of American Civil Liberties Union
(ACLU) v. Reno24, may be followed to arrive at a correct finding. In that case, Justice
Mokenna inter-alia held that each host computer providing internet services (site) has a
unique internet address. The users seeking to exchange digital information such as e-mails,
computer programs, images, music-etc. with a particular internet host require the 'host'
address in order to establish
connection. In fact, host actually possesses two addresses i.e. a numerical 'IP' address such as
125, 555, 600 and an alpha numeric "domain name" such as microsoft.com; sify.com. The
internet domain names are similar to a telephone number but they are valuable corporate
asset as they facilitate communication with a customer base. The uniqueness, of internet
address is ensured by the registration services of the Internet Network Information Center. In
' USA, the National Service Foundation (NSF) which registers domain names free on 'first
come first serve' basis. It does not determine the legality of domain name registration nor
does it verify whether that domain name has already been registered earlier by someone and
may lead to infringement of the right of prior owner of it. Anyone may apply for the domain
name and if it is available, it could be allotted to him.

92
In an English case, namely, Erven Warnick v. Townend, 25 Lord Diplock set out the
essential requisites for an action against defendant for passing off where the dispute relates to
adoption of domain name by the defendant similar to that of the plaintiffs domain name. They
are :
1) which is calculated to injure the business or goodwill of the plaintiff {i.e. another
traders) ;the consequences of which could have reasonably been foreseen by the defendant;
and
2) such consequences do actually result in causing actual damage to the business or goodwill
of the plaintiff.
From the above, it is evident that intent to deceive is not an essential requirement to
prove the deception of the defendant. However, it would not be wholly immaterial as it may
help the Court to draw inferences as to the motive of the defendant.26
The WIPO Administrative and Mediation Centre's decision in the arbitration case of
Bennett Coleman &.Co. Ltd. v. Steven S. Lalvani alongwith Bennett Coleman & Co. Ltd. v.
Long Distance Telephone Company27 laid down certain principles of cyber law on domain
name which may provide effective guidelines for the prevention of cyber squatting and the
related crimes. These principles are :—
1) Daily usages of newspaper titles/marks in hard" copy or electronic publication leads to a
substantial reputation which cannot be allowed to hijacked in cyberspace by a squatter.
According to the principle of presumption, the moment anyone registers a domain name
which has the trademark or other mark of any other entity, it shall be presumed that, the said
person was fully aware of the existence of the said93mark at the time when he applied for the
registration of the domain name.
2) The website being a "postal address" to other sites, it will be presumed that the
defendant is adopting domain name to take advantage of the good reputation of the
plaintiffs domain name, The facts of the case were that the complainant of
Bennett
Coleman & Co. Ltd. were the publishers of two reputed papers, namely, "The Economic
Times", which had an average daily circulation of around 35 lakhs, and the "Times of India",
which had a circulation of nearly 1.52 crores per day. Besides, they were carrying out
publication of certain supplemental material using the brand name Times" and held domain
names www.economictimes.com and www.timesofindia.com, using them for electronic
publication of their respective aforesaid two newspapers.
The complainant had registered in India under the mark "The Economic Times" for
newspapers, journals, magazines, books and other literary works on March 28,1973 and the
mark "The Times of India" on July 30, 1943.
The defendant, Stevens S. Lalvani, a resident of Lipper Montclair, USA got the
domain name www.economictimes.com registered with Network Solution(NSI). He also got
the domain name www.thetimesofindia.com registered with NSI for his Long Distance
Telephone Co. having the same address. Thereafter, Steven S. Lalvani and Long Distance
Telephone Co., both built up websites of the two domain names with the result that any net
users who legitimately wanted to go to the site of the Economic Times, when typed the same
name in his browser, was redirected to the site of the defendant's website and thus resulted in
great damage and harm to both the reputed publications of the plaintiff i.e. Bennett Coleman
& Co. Ltd. This situation continued unabated until 1999 despite several notices and
negotiations with the defendants but the latter did not

94
mend his ways and continued his illegal
activity of cyber squatting.28
During the closing decades of the 20th century, the practice of cyber squatting was a
hot issue worldwide because of the fact that Network Solutions did not prescribe any
restriction on the registration of domain names. However, perturbed by this growing menace,
the U.S. Government established the Internet Corporation for Assigned Names and
Numbers (ICANN) in 1999 which is now the global body for
28
Cyber squatting refers to a practice by means of which a person or legal entity gets
registered the trademark, business name or service mark of another as his own domain name
for the purpose of holding it on and thereafter selling the same domain name to other persons
for valuable consideration or premium.
managing internet. ICANN has introduced a uniform Domain Name Dispute Resolution
Policy which came into force with effect from December, 1999.
Taking advantage of the Uniform Domain Name Dispute Resolution Policy, the
complainant Bennett Coleman & Co. Ltd. filed two cases against the defendants before the
WIPO Arbitration and Mediation Centre on 27th 'January, 2000. Both the complaints being
against the same defendants were taken together and were hotly contested by the defendant
Steven S. Lalvani. The case was disposed of by the WIPO Arbitration Centre in favour of the
plaintiff and the defendant was directed to transfer both the disputed domain names to the
complainant.
Is ATM a computer ? — Judicial View
A controversy that came up before the High Court of Karnataka in Diebold Systems
Private Ltd. v. Commissioner of Commercial Taxes, 29 for decision was related to the
question whether Automatic Teller Machine (ATM)

95 is computer? In this case, the appellants,
Diebold Systems Pvt. Ltd. were the manufacturers and suppliers of Automatic Teller
Machines (ATMs). They sought a clarification from the Advance Tax Ruling Authority
(ATRA), Karnataka on the rate of tax applicable on sale of their products Automatic Teller
Machines under the Karnataka
Sales Tax Act, 1957, the ATRA classified ATMs as 'computer terminals' liable for four basic
taxes as they would fall under Entry 20 (ii)(b) of Part C of the Second Schedule of the
Karnataka Sales Tax Act The Commissioner of Commercial Taxes, on the other hand, was of
the view that ATRA's ruling was erroneous and passed an order that ATMs cannot be
classified as computer terminals as per Section 2 of the Information Technology Act, 2000.
The matter was therefore, referred to the High Court of Karnataka for final decision. The
Court held that ATMs are not computers; instead they are mere electronic devices for the
purpose of imposition of taxes under the Karnataka Sales Tax Act. Giving reasons as to why
ATM cannot be treated as computer, the Court held that an enlarged definition of computers
in the Information Technology Act, 2000 cannot be extended for the purpose of interpreting
or Entry under fiscal legislation. The Court observed that Automatic Teller Machine is an
electronic device which allows a customer of the bank to make cash withdrawals and check
his account balance at any time without the need of human teller. Therefore, it would be
incorrect to call and ATM machine as computer by itself as it is connected to a computer
that performs the tasks requested by the person using ATM. Many ATMs located at different
places are electronically connected to a computer, as such they are only electronic devices
and not themselves computers.
96
CHAPTER-6
Conclusion & Scope of further work
A new wave of terrorism is supposedly on the rise, and the latest face of evil, cyber terrorism,
is hidden behind secrecy and ineptitude.10 The term implies two things: cyber and terrorism.
The two greatest concerns of the late 20th century are believed to be these. Both imply a fear
of the unknown. The dread of violent, random victimization goes hand in hand with
skepticism and outright horror of computer technology.11 The pervasive threat of terrorism,
which is intimately related to technology, is becoming the largest threat to civilization. The
term "cyber terrorism" is obscure, difficult to define, and difficult for everyone to understand.
1. It was correctly said that "in the world of crime, bytes are replacing bullets." As with the
rest of the globe, cybercrime is becoming more prevalent in India, and it is imperative that its
breadth and complexity be reduced. Cybercriminals have an abundance of options in
cyberspace to either damage innocent people or profit quickly at the cost of gullible
citizens.The case studies show that cybercrime affects people from many areas of life.
Numerous individuals have come forward to report these crimes, and the law enforcement
agencies from the various cities around the nation have responded with assurance and
promptness.
.. Like any other trade, cybercrime investigation is still in its infancy, yet it takes time to
develop competence and quality. It is evident that this development of a community practice
has begun in India, where the cyber sleuths are picking up new skills and developing them
via initiative and experience. To aid in this endeavor, the India Cyber Cop Award was
97
instituted annually. This compilation is an effort to support the process of tracking, recording,
and cataloging cybercrime as it is reported and looked into.
The modern civilization has undergone significant transformations due to the progress of
technology. However, history has demonstrated that every technical advancement is
accompanied by unanticipated issues, which lawbreakers then use to their advantage to
devise new methods of carrying out their illegal acts. Technology-related crimes actually
have global repercussions and impact, not only on people or a country. One such gray area
that has given birth to the threat of cybercrimes is the internet.
. worldwide communication through computers has transcended national boundaries, opening
up a new area for online crime that needs to be addressed on a worldwide scale.
Cybercrimes have arisen as a result of computer network growth. In the current millennium,
the internet has expanded to become ubiquitous. It has also introduced new issues that
mankind has never faced before. People from all around the world use the internet, which is
comparable to the "high seas" in that nobody owns it. The word "cybercrime" refers to a wide
range of illegal behaviors that occur in cyberspace via internet-based worldwide
communication and information platforms.
It is an unavoidable evil that stems from people's increasing reliance on computers in modern
life. This is because, while being highly advanced technological gadgets, computers are
incredibly susceptible. Therefore, a cybercrime is any crime or illegal conduct that involves
the use of a computer. Because of this, the definition of "cybercrime" is "an unlawful act
wherein the computer is either a tool, a target, or both."
98
The aforementioned analysis makes it abundantly evident that cybercrimes are dangerous
online actions that have the potential to harm individuals, their property, the government, or
society at large. Through the use of computers, criminals from all over the world conduct
numerous cybercrimes. Because cybercrimes differ greatly from traditional crimes, law
enforcement organizations struggle to combat them using the current infrastructure due to a
lack of sufficient understanding of computer operating systems. This is the primary cause of
the issue the relatively new type of crime is presenting to the judicial system. The arrival of
the internet has made the issue worse.
Globally, cybercrime is a massive problem that has been dubbed a "technological scorn" and
is not limited to just one or two nations. India is not exempt from this threat posed by
computers. However, the Information Technology Act, 2000 was passed by the Parliament
and went into effect on October 17, 2000, as a measure to deter and regulate online crimes.
The Act outlines cyberspace offenses including tampering with computer source documents,
hacking into computer systems, violating privacy and confidentiality, etc. in a clear and
concise manner.
. It is not that there was no law to address these offenses before this Act. Although there were
previously measures in place under the Indian Penal Code, 1860 to prevent and manage
cybercrimes, it was determined that these measures were insufficient to address all types of
cybercrimes. The Indian Penal Code was enacted at a period when computers and the internet
were unknown, which is the apparent explanation.
It scarcely needs to be said that technology and science have
expanded, entangling itself across national borders even as the legal system still struggles to
identify cybercrimes. In a similar vein, the Information Technology Act, in particular, the
99
cyber legislation, focuses on stopping and managing cybercrimes inside the borders of the
nation, ignoring the reality that cybercrime is an international problem with no boundaries.
Due to its worldwide nature, cybercrime typically impacts a person who lives distant from the
scene of the crime, whether it takes place in their own nation or another. As a result, it calls
for both active international community collaboration and international policing. The
European Convention on Cybercrime4 established criteria for member states to adhere to in
their fight against cybercrime, making it a commendable endeavor. The Convention
recommended that governments take action to restructure their cyber laws in order to address
the emerging issues.
.. The Convention addressed procedural aspects that need to be taken into account when
reconstructing the current legal framework to meet the demands of evolving technology, in
addition to substantive modifications and advances in the field of criminal law. It is widely
acknowledged that the procedural aspects of criminal law present the greatest obstacle to
successfully combating cybercrime; nonetheless, in order to combat persistent cybercrime,
the substantive aspects of cybercrime also need to be reinterpreted.
.. The European Convention has selected 10 particular cybercrimes out of a wide range of
cybercrimes and requested member states to integrate them in their information technology
legislation and create a practical method to combat them. However, it is regrettable that many
cybercrimes committed in one nation are not considered crimes under the criminal laws of
other nations, which becomes problematic when cybercrimes occur across national borders.
Adopting a worldwide cyber law that is consistently applicable to all nations is the first step
toward solving this issue. The main point is that common cybercrime prevention regulations
should not differ depending on the jurisdiction. Stated differently, consistency should be
guaranteed by referencing the relevant cyber laws of different

100
According to a country-by-country analysis of cyber law, many nations have not even begun
the process of drafting legislation to enable efficient law enforcement against cybercrimes.
Only a small number of nations have updated their cyber laws to combat cybercrime. The
different perspectives held by different countries on the merits of cyber law present a
significant challenge in combating cybercrime while also giving hackers plenty of room to
elude capture and prosecution. As a result, all countries should recognize how urgent it is to
raise public understanding of the dangers associated with cybercrimes, which support illicit
internet activity. Among the deadliest is probably cybercrime.
Notably, the United States, Canada, Australia, Japan, India, Germany, and other European
nations have revised their cyber laws to meet the demands of rapidly advancing computer
technology. Although the United States was the first nation to enact a comprehensive
cybercrime law, it was later determined that this law was insufficient to address every
instance of cyberspace crime. As a result, new laws were needed to address the needs of the
quickly advancing information technology and the new criminal activities that followed.
Japan updated its Criminal Code to cover several offenses that fall under the category of
cybercrime. Additionally, offenses involving computers are covered by a different legislation.
India has amended the Principal Information Technology Act to establish a comprehensive
information technology law thus far.
Select Bibliography
101
1. Kamal Ahmad : The Law of Cyber-Space (U. N. Institute of Training & Research) 2006.
2. Dr. Amita Verma : Cyber Crimes and Law (Central Law Publications) 2009.
3. S. K. Bansal : Cyber Crimes (A. P. H. Publishing Corporation, Delhi) 2003.
4. Dr. R. K. Chaubey : An Introduction to Cyber Crime & Cyber Law (Kamal Law House
Kolkata) 2008.
5. Dr. Farooq Ahmad : Cyber Law in India : Law on Internet, 2 nd Edition (Pioneer Book
Publication, Delhi) 2005.
6. Nandan Kamath : Law Relating to Computers Internet & Commerce, 2nd Edition (Universal
Law Publications Co. Delhi) 2000.
7. Rahul Mathan : Law Relating to Computers and Internet (Butterworth, New Delhi) 2000.
8. R. C. Mishra : Cyber-Crime : Impacts in the New Millennium : Ist Ed. (Author's Press, Delhi)
2002.
9. R. Nagpal : What is Cyber Crime ; (2003)
10. B. B. Nanda and R. K. Tiwari : Farensic Science in India : A vision for 21st Century
(Select Publishers Delhi) 2001.
11. Ashish Pandey : Cyber-Crime - Deviation and Prevention (J.B.A. Publications) 2008.
102
12. Dr. N. V. Paranjape : Criminology & Penology : 14th Ed. (Central Law Agency,
Allahabad) 2008.
13. Ratanlal and Dhirajlal : The Indian Penal Code ; 28th Ed. (Wadhawa and Co. Nagpur)
2002.
14. R. K. Sharma : Managing Information Knowledge & Power in Cyber Age (Bookwell Pub.
Delhi) 2004.
15. Vakul Sharma : Handbook of Cyber Law (Macmillan) 2002. 16.Vakul
Sharma : Information Technology : Law & Practice
(Universal Pub. Co. Delhi) 2007.
17.R. K. Suri and T. N. Chhabra : Cyber Crime (Pentagon Press, New Delhi) Ist Ed. 2001,
reprint 2003.
18.Yatindra Singh (Justice) : Cyber Laws 3rd Ed. (Universal Law Publishing Pvt. Ltd.) 2007.
19.D. P. Mittal, Law of Information Technology (Cyber Law) IInd Ed. (Taxman Allied
Services Pvt. Ltd.) 2000.
20. Nishant P. Trilokekor, A Practical Guide to the information Technology Act. Ist Ed.
(Snowwhite Pub. Pvt. Ltd.) 2000.
21. Pavan Duggal (Advocate) : Cyber Law-The Indian Perspective 2nd Edition.
22. Mani's A Practical approach to cyber laws (Kamal Publishers) 2008.
23. Dr. Vishwanath Paranjape – Legal Dimensions of cyber crimes and Preventive laws, Central
Law Agency – 2010.
24. Cyber Crimes by G. Ram Kumar 2006.

103
25.The Times of India.
26.The Nav Bharat Times 27.Internet.
104

Student 22 April Thesis Final Done

Uploaded by

Copyright:

Available Formats

You might also like

Student 22 April Thesis Final Done

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Student 22 April Thesis Final Done

Uploaded by

Copyright:

Available Formats

Cyber Law and India - A critical analysis of evolution of perspectives

1.0.Background of the Study [Introduction] :

difficulties and complexity.

striking a balance between security imperatives and individual rights. .

on cyberlaw in India have evolved. Through an analysis of the historical background,

goals and parameters of your research.

.3.Need for the Present Study [Rationale] :

interests and rights of everyone involved in the digital environment.

the quickly changing digital context.

current legal frameworks, and make recommendations for improving cybersecurity,

stakeholders is the justification for conducting a critical analysis of the evolution of

perspectives on cyber law in India.

.4 Objectives of the Study :

revisions, have developed.

Judicial precedents: Analyze significant court rulings, such as precedent-setting judgments

interpretation and implementation of cyber laws in India.

Technological Developments: Evaluate the ways in which developments in artificial

and legal environment.

.5 Hypothesis of the Research :

Research hypothesis: As digital governance becomes more important and comprehensive

proactive legal frameworks.

.6 Review of Literature (maximum 6) :

advancement of information technology began to affect every facet of society and

processing devices, such as piracy, intellectual property rights violations, freedom of

physical characteristics and no geographical restrictions.

activities both domestically and internationally. Although, practically speaking, an internet

becomes problematic when conflicts are of a multinational nature.

methods of information communication system to that of computer networks, as can be seen

acts conducted electronically are given legal sanctity.

(UNCITRAL), to which India is a signatory, created a model law on electronic commerce

discovered that prevented it from operating as intended. As a result, the Information

of the current Information Technology law by closing its loopholes..

initiative and cooperation.

lack of active cooperation in favor of international cyberlaw that might be universally

applicable to all of them.

devastating transnational or international consequences.

7 Scope of the Study :

A comprehensive examination of the development of viewpoints on cyber law in India might

and public perceptions. The following is a summary of possible topics to cover:

points in the understanding of cyber problems.

technology and cyberthreats.

of speech may fall under this category.

best practices as well as any differences or particular difficulties.

censorship, and striking a balance between civil liberties and security.

emerging technologies on legal frameworks and regulatory methods, such as blockchain,

artificial intelligence, and the Internet of Things.

By addressing these issues, a critical examination of the development of viewpoints on cyber

legal and technical environment that is developing quickly. .

comprehensive methodology that encompasses legal, technological, socio-economic, and

developments in the various viewpoints on cyberlaw.

Socio-Economic Analysis: Look at the socio-economic elements influencing the development

and rights in the digital sphere.

between legal, technical, socioeconomic, and regulatory issues.

advancements and changes in viewpoints.

developments or internal discussions inside governmental and legal organizations. Language

be universally applicable across different jurisdictions or time periods.

Absence of Primary Research: Relying exclusively on secondary sources, such as published

or interviews. Policy ramifications: Although understanding the practical ramifications of