By Sagarika Chandel, KIIT School of Law, Bhubaneswar.
“The modern thief can steal more with a computer than with a gun. Tomorrow’s terrorist may be able to do more damage with a keyboard than a bomb”. -National Research Council, USA “Computers at Risk” (1991)
Internet in India has been ever growing at a fast pace giving rise to opportunities to people in every field- be it education, business, sports or entertainment. Cyber space is now becoming the most preferred environment of the world with an enormous growth rate as the population on the internet doubles roughly every 100 days1. Cyber law being a generic term signifies all the legal and regulatory aspects of the internet and the World Wide Web2. Cyber law, also known as Internet law signifies everything related to computer, internet, network, software, emails, data storage devices (such as hard disks, USBs) and even electronic devices such as mobile phones, ATM machines etc. Anything that concerns or emanates from the legal aspects or issues concerning the activities of ‘netizens’3 in the cyberspace comes within the ambit of cyber law4.
Like any coin, cyber law has two sides to it. One side of cyber law has numerous advantages which makes it difficult for the conventional law to cope up with it such as its intangible dimension, ability of handling gigantic traffic volumes every second, being openly accessed by anyone and a potential of maintaining anonymity of the cyber members5. Today due to cyber law, billions of emails are crisscrossing the world every second, huge amounts of data is being transferred across the globe, millions of websites are being accessed and money is electronically transferred every minute. Cyber law is the answer why there exists software which permit confidentiality of information exchanged between cyber-citizens6 or the reason why a ten year old child can video chat with his grandmother staying in another country.
However, success in any field of human activity leads to crime and cyber law is no exception to this. Cyber space creates moral, civil and criminal wrongs7. The growth and development of the internet was ‘unplanned and unregulated’8 and little did the founding fathers know that the internet could transform itself into an all pervading revolution which would be misused for criminal activities. The aspect of anonymity which helped the cyber citizens to be secure turned into a huge opportunity for those with a criminal bent of mind to grossly misuse the internet by engaging and perpetuating a variety of criminal activities without impunity. Thus this was one of the reasons it became very essential for the development of Cyber law. Cyber law of India encompasses the law relating to Cyber Crimes.
Cyber Crime refer to those unlawful acts where computers are used either as a tool or a target or both. With the enormous growth in e-commerce and online share trading, there has been a phenomenal rise in the incidents of Cyber Crime. It may be classified into three major categories9–
- Cyber Crime against persons which includes the distribution, posting, dissemination of obscene material including pornography or harassment of anyone using the computer.
- Cyber Crime against property which includes transferring harmful programs, stealing important data and information or computer vandalism (destroying others’ property).
- Cyber Crime against government such as cyber terrorism or usage of cyber space as a medium to threaten the government or terrorize the citizens of a country. For example, recently the news of the usage of ‘Google Earth’ by terrorist organisations in order to give effect to their plans and altering their ‘location’ by utilizing computer software to their own benefit is a valid example of this.
Chapter XI of the Information Technology Act entitled “Offences” deals with Cyber Crimes that have been declared as penal offences punishable with imprisonment and fine. Certain forms of cyber ‘offences’10are –
- Hacking– unauthorised access to computer systems, networks, data and programs.
- Email spoofing– when an email appears to have originated from one source whereas it is actually sent from another source. This method is used by hackers to disguise the actual email address from which the phishing and spam messages are sent, often tricking people into providing confidential information.
- Identity theft or phishing– Involves one person electronically impersonating another by using their password, electronic signature or other unique identification feature dishonestly or fraudulently.
- Cyber stalking– where the victim is subjected to a barrage of online messages and emails by their stalker as a means of harassment.
- Spreading viruses– Viruses install new files in someone’s computer, delete one’s data from their computer and ruin the functioning of the system. The viruses keep spreading by sending itself to potential victims thus ruining their computer systems. This is a cognizable, compoundable, bailable offence.
Cyber Security Concerns
With technology advancing faster than it ever did before, cyber security has become a major concern. Businesses of every size, everywhere are grappling with how to secure their data, devices and networks. With cyber security breaches making headlines everyday as Adobe, Sony, Target, the attempt to safeguard the intellectual property amidst the threats and attacks seems like a formidable challenge. In a recent survey it was established that only 43% of corporate executives felt they had an effective security strategy and were proactive in executing the plan11. Mobile devices being hacked, possibility of unaffiliated banking applications on popular sites to steal data, increasing sophistication of cyber-attacks are now becoming the leading concerns of security experts.
Making India Cyber Ready
The first step towards attainment of cyber security would be the implementation of the long ignored National Cyber Security Policy which was released by Mr. Kapil Sibbal on the 2nd July 2013. The said policy aims at building a secure and resilient cyberspace for citizens, businesses and Government by way of a number of strategies such as operating a 24×7 National Level Computer Emergency Response Team (CERT-in) for coordination of all efforts for cyber security emergency response and crisis management, to engage security professionals/organisations to assist e-Governance initiatives, to operate a 24×7 National Critical Information Infrastructure Protection Centre (NCIIPC) to function as a nodal agency in India, create cyber security awareness by conducting workshops and seminars. These steps would contribute in making India cyber prepared as cyber security is urgently needed in India. Although there are certain shortcomings in the abovementioned Policy which cannot be overlooked such as it has failed to protect privacy rights of Indians and civil liberties protection in cyber space has been blatantly ignored. Nevertheless, the policy is a good step in the right direction and needs to be constantly updated and improved with the passage of time12. Furthermore, the National Cyber Defence Research Centre has been holding summits in the past years establishing possible solution and norms against cyber-crimes by publication of National Cyber Crime Reference Handbook.
On 12th February, 2014, the standing committee on Information Technology issued the “Fifty Second Report on Cyber Crime, Cyber Security and Right to Privacy” which highlighted the urgent need of reforming the cyber security framework in India and the finalization of the privacy legislation and making it a law13. The standing committee recognized that the IT Act does contain provisions which address cyber security and cyber-crime, but emphasized the need for periodically reviewing the Act. Unhappy that the government was yet to institute a legal framework on privacy, the committee stressed on the direct connection between strong privacy framework and a strong cyber security framework as in order to attain security, there is a grave requirement of privacy.
The adage, “Information is Power” is specifically true when it comes to cybercrime. Like any other criminal activity, the most vulnerable tend to be targeted first. Nevertheless, with the right information, it is possible to empower and protect oneself from being caught up in the thriving webs of cybercrime. By educating oneself about the scams prevalent and their prevention measures, one can remain one step ahead of the cybercriminals. Using strong passwords and changing them periodically goes a long way in securing one’s information. Practicing safe navigation of the web, avoiding phony websites that demand personal information and pages containing malware as well as being extra cautious while online shopping especially on an unknown site and looking for trust marks such as McAfee SECURETM before entering payment information is essential. It is also important to secure ones’ wireless network by enabling the firewall on the router and changing the default password to keep the hackers out of the network. One must always adopt a proactive approach about their safety and by following these simple precautionary measures, we can do our bit in preventing cybercrime from spreading any further.
3- a member of the community of internet users
5- www.asianlaws.org, introduction to cyber laws
6- www.asianlaws.org, introduction to cyber laws
7- Cyber laws and Information Technology by Talwant Singh
9- An Introduction to Cyber law by Chetan Bharadwaj
10- Security Corner by Adv Prashant Mali
11- Cyber security- the New Business Priority, www.pwc.com
12- Cyber security Trends and Development by Perry4law
13- The Centre for Internet Society