This article is written by Mohni Patel of University of Allahabad, an intern under Legal Vidhiya
ABSTRACT:
Cybercrime is a complex and constantly evolving form of criminal activity that poses significant challenges for law enforcement and legal systems around the world. While it is true that cybercrime laws have faced difficulties keeping pace with the rapidly changing nature of technology, it is not accurate to say that all laws are outdated.
Many countries have implemented legislation specifically targeting cybercrime and have made efforts to update their laws to address new and emerging threats. These laws cover a wide range of cybercriminal activities, including unauthorized access to computer systems, hacking, identity theft, online fraud, and the spread of malware or viruses.
However, there are indeed ongoing debates about whether existing laws are sufficient to effectively combat cybercrime. Some argue that legislation needs to be more comprehensive, adaptable, and harmonized internationally to address the transnational nature of cybercrime. Additionally, the speed at which technology evolves can make it challenging for legal frameworks to keep up with emerging threats and tactics used by cybercriminals.
KEYWORDS: cyber crime, law, legislation, information technology, digital marketing, social media app, exploitation, hacking, security.
INTRODUCTION
Economic policies of 1991 have helped to fuel the growth of the IT sector and digital marketing. These policies helped to create a skilled workforce capable of working in digital marketing and other technology-related fields. But with the more opportunities for the job and skill development in IT sector, it also creates a new opportunity to the cybercriminal who are able to exploit vulnerabilities in computer systems and networks to commit crimes such as hacking, identity theft, and fraud. In the modern era the development of digital platform like social media apps are becoming part of people’s life these platforms are also providing various modes of cyber crimes. Valuable data and passwords are getting hacked easily from these platforms.
To understand the relativity of existing laws with the cybercrimes, firstly we have to understand the cybercrimes.
What Are Cybercrimes
Cybercrime or also known as computer-based crime is a crime that involves a computer and a network to commit a crime. Computers can be used either as a tool or as a target or both. cybercrimes can be used for threatening a person, company or any nation’s security and financial health.
TYPES OF CYBERCRIMES
In India, several types of cybercrimes are prevalent, here are some common types of cyber crimes.
i) Hacking: Hacking involves unauthorized access to computer systems or networks. For instance: In 2013, the Indian hacking group “Indian Cyber Army” was involved in hacking the websites of several government agencies and corporate organizations.
ii) Phishing: Phishing is a fraud practice used to obtain sensitive information, such as passwords and credit card details, that can be used for the criminal purpose. In general phishing attack is completed by mail messages disguising as a trustworthy entity.
For instance: SBI exposed financial information of its customers through an unprotected server. The exposed data contained partial account numbers, balances, transaction details and much more.
(SBI data breach: Bank forgets to password secure its server, ends up compromising customer details OpIndia Staff | 31 January, 2019) **
iii) Online Fraud: Online fraud encompasses various forms of fraud conducted over the internet, such as identity theft, credit card fraud, and online auction fraud.
For instance: In 2016, the “Freedom 251” scam gained attention where a company promised to sell smartphones at an extremely low price but failed to deliver the products after receiving payments from customers. (Freedom 251 scam mastermind held for framing brother-in-law in threat case ByKarn Pratap Singh Oct 10, 2021) **
iv) Cyberstalking and Cyberbullying: Cyberstalking involves the persistent harassment or intimidation of an individual using digital platforms, while cyberbullying refers to the use of technology to harass, humiliate, or threaten someone.
For instance: In 2015, the arrest of a well-known businessman’s son for stalking and harassing a woman on social media garnered significant media attention.
v) Online Child Exploitation: Online child exploitation involves the production, distribution, or possession of child pornography, as well as online grooming and solicitation of minors.
For instance: In 2017, the “Nirbhaya” case shook the nation when a man was arrested for sexually assaulting a minor and livestreaming the act on a social media platform.
vi) Data Breaches: Data breaches involve the unauthorized access and release of sensitive information, often resulting in privacy violations.
for instance: In 2020, a prominent Indian education technology company faced a data breach, where personal information of millions of users, including students and teachers, was compromised.
vii) Online Copyright Infringement: Online copyright infringement refers to the unauthorized use or distribution of copyrighted materials, such as music, movies, or software. Several cases have been registered against torrent websites and individuals involved in pirating copyrighted content.
It is to be said that the information provided here is not an exhaustive list of cybercrime types or law cases in India. Cybercrime is an evolving field, and new types of cybercrimes emerge with advancements in technology
EXISTING LEGISLATIONS ON CYBER CRIMES
In India, the primary legislation addressing cybercrime is the INFORMATION TECHNOLOGY ACT, 2000 (IT Act), which was amended in 2008 to address emerging cyber threats. The IT Act, along with its amendments, provides a legal framework for various cyber offenses and their penalties. Here are some key provisions of the Information Technology Act:
i) Unauthorized Access and Hacking: Section 43 of the IT Act covers unauthorized access to computer systems, computer networks, or any other resource, as well as hacking activities. It imposes penalties for unauthorized access, damage to computer systems, and introducing malware.
ii) Data Theft and Breach: Section 43A IT Act deals with the compensation for failure to protect sensitive personal data or information by a body corporate. It provides for the payment of damages to the affected person in case of a breach of personal data.
iii) Identity Theft: Section 66C of the IT Act addresses identity theft, including the fraudulent use of electronic signatures, identity information, and other unique identification features. It criminalizes the unauthorized use of someone else’s identity with the intent to deceive or cause harm.
iv) Cyber Fraud: Section 66D of the IT Act deals with various forms of cyber fraud, including cheating by personation using a computer resource, dishonestly receiving stolen computer resources, and the impersonation of a legitimate entity.
(Smt. Amrita Choudhary vs The State Of Madhya Pradesh on 26 October, 2015) **
v) Child Pornography: Section 67B of the IT Act criminalizes the publication, transmission, or creation of child pornography. It also penalizes the usage of any online platform for the exploitation of children.
vi) Cyber Terrorism: Section 66F of the IT Act addresses cyber terrorism and imposes severe penalties for acts that threaten the unity, integrity, security, or sovereignty of India.
(Information Technology Act, 2000) **
Additionally, the INDIAN PENAL CODE (IPC) contains provisions that can be applied to cybercrime, such as Sections 419 (cheating by impersonation), 420 (cheating and dishonesty), and 499 (defamation).
PERSONAL DATA PROTECTION BILL, 2019, which aims to establish a comprehensive framework for the protection of personal data and privacy rights.
POSCO ACT 2012 it is intended to address the sexual exploitation and abuse of children such as sec-9 of act provide punishment of 5 year for child pornography which can be further extended to 7 years.
As cyber threats continue to evolve, it’s important for government to stay prepared for making legislative developments according to the changing nature of crime.
WHY LAWS ARE OUTDATED FOR CYBER CRIMES:
There is ongoing debate about whether the laws related to cybercrime in India are outdated and in need of reform. While the Information Technology Act of 2000 provides a legal framework for electronic transactions and addresses a range of cybercrimes, some experts have argued that the law is not comprehensive enough to address the full range of cyber threats faced by individuals and organizations in India.
There is one more reason to call these laws outdated it is because of the strictness in the punishment of these laws. If we compare India’s cyber law punishment to other countries, it seems less harsh and of less time period such as punishment for child pornography (which comes under posco act 2012) in India is only of 5 years whereas for same offence in America there is punishment period of 15 to 30 year.
In India mere hacking is not punishable unless it includes any crime such as fraud, money laundering, phishing etc. And even if a person has committed any major crime like money or mental harm.
Cybercriminal generally rely on the internet access therefore they can be done from their own place without leaving any major or concrete evidence at the crime seen. In India’s police system there is a lack of trained personnel, Which takes longer time in filing complaints and collecting evidence. This is another reason to debate the existing laws in relation to cybercrimes.
Hence, Laws have to be more stringent and personnel should be well trained and skilled for IT dept to trace and find out the crime so they can take immediate action on the Cyber cases. It is also necessary for judiciary to give priority to cybercrimes cases.
FUTURE TAKE AWAYS
With the rapidly changing nature of technology means that laws related to cybercrime must be updated regularly to keep pace with new threats and vulnerabilities, increase penalties for cybercrimes, and improve enforcement mechanisms to ensure that cybercriminals are held accountable for their actions.
Additionally, there may be a need to increase awareness and education around cybersecurity issues, both among the general public and within law enforcement agencies. Finally, law enforcement agencies may need to work more closely with the technology industry to develop new tools and strategies for combating cybercrime, while also respecting users’ privacy and civil liberties.
With the rapidly changing nature of technology means that laws related to cybercrime must be updated regularly to keep pace with new threats and vulnerabilities.
CONCLUSION:
As technology continues to advance at an unprecedented pace, it is imperative that legal frameworks keep pace with the evolving threat landscape. Outdated laws hinder the effective prevention, investigation, and prosecution of cybercrime. To address this issue, governments and international bodies must prioritize the development of comprehensive, harmonized, and up-to-date cybercrime legislation. Such laws should account for the global nature of cybercrime, provide clear definitions and classifications, and enable effective international cooperation. Furthermore, investments in resources, training, and technological capabilities are necessary to equip law enforcement agencies with the tools they need to combat cybercriminals in this digital age. Only through concerted efforts and proactive measures can societies hope to counter the ever-increasing threat of cybercrime.
REFRENCES
2)https://infosecawareness.in/cyber-laws-of-india
3)https://journal.ijresm.com/index.php/ijresm/article/download/958/924
4)https://www.indiacode.nic.in/bitstream/123456789/13116/1/it_act_2000_updated.pdf