This article is written by Shreyansh Pandey of Department of P.G. Studies and Research in Law of R.D. University, Jabalpur, an intern under Legal Vidhiya
ABSTRACT
The article titled “ Relevant Provisions Of Cyber Law From Indian Penal Code, Indian Evidence Code, Evidence Act, Bankers Book Evidence Act, Reserve Bank Of India Act ” delves into the intricate of different Indian legislation containing provisons which in absence of or in addition to information technology Act, 2000 deals with cyber crime, norms, and the evolving legal landscape that shapes the international framework governing jurisdiction in cyberspace. In today’s world, where the internet transcends physical boundaries, traditional principles of jurisdiction face unprecedented challenges. This paper explores Indian perspectives of the complex issues arising from disputes over jurisdiction in the digital realm, including the borderless nature of cyberspace, the difficulty of attributing cyberattacks, and conflicts between different legal systems.
Key words : Cyber Law, Penal, Banker Books, Evidence, Digital.
INTRODCTION
The nature of cyber crimes challenges traditional doctrines of detecting and punishing crime and its jurisdictional principles that have historically governed legal matters. In the early days of the internet, there was a hands-off approach, leading to limited international agreement on the matter of jurisdiction in cyberspace.[1] However, as the digital realm expanded, and cybercrimes grew, nations grappled with the necessity to define and assert authority over activities occurring in this unrestricted domain. The supreme courts judgementin Shreya Singhal v. Union of India[2] clearly indicates the fact that even the information and technology Act 2000 is not exhaustive and perfect.This paper seeks to offer a comprehensive overview of the national landscape regarding cyber crime . It examines the complex challenges arising due to various provisons relating to cyber crime under Indian legislation and tries to find out solutions for simultaneous laws punishing the cybercrimes in India apart from Information and technology Act, 2000.
CYBER LAW AND INDIAN PENAL CODE, 1860[3]
These are the cyber crimes punished under both Indian penal code, 1860 and Information and Technology Act, 2000:
1) Loss or theft of a mobile phone: Under IPC, Section 379, a person can face up to 3 years of imprisonment, a fine, or both.
2) Receiving stolen computer, mobile phone, or data owned by you: – Under IPC, Section 411, one may be sentenced to a maximum of 3 years in prison, a fine, or both. Under the IT Act, Section 66B, the penalty is up to 3 years in prison or a fine of up to Rs. 1 lakh, or both.
3) Theft of data owned by you or your company: Under IPC, Section 379, the punishment can be up to 3 years of imprisonment, a fine, or both.Under the IT Act, Section 66, the penalty is up to 3 years of imprisonment, a fine of up to Rs. 5 lakhs, or both.
4) Theft and fraudulent use of a password: Depending on the circumstances, this can lead to penalties under IPC, Sections 419 and 420, or under the IT Act, Sections 66C and 66D.
5) Unauthorized access to an email using a stolen password – Punishable under the IT Act, Section 66, and Section 66C.
6) Misuse of a biometric thumb impression: – Covered by the IT Act, Section 66C.
7) Sending phishing emails in your name: Can lead to penalties under IPC, Section 419, and the IT Act, Section 66D. In State of Tamil Nadu v. Suhas Katti,[4] In this case, the Madras High Court upheld Section 66A of ITA 2000, which criminalized offensive online communication. This decision later led to the Supreme Court striking down Section 66A in Shreya Singhal v. Union of India (2015) and also punished the accused under sexual harassment provisions under Indian Penal Code, 1860.
8) Unauthorized capture, publication, or transmission of private images:– Penalties under IPC, Section 292, and IT Act, Section 66E.
9) Tampering with computer source documents: – Addressed by the IT Act, Sections 65 and 66.
10) Data modification: – Covered under the IT Act, Section 66.
11) Sending offensive messages through communication services: – Covered by IPC Sections 500, 504, 506, 507, 508, and 509.
12) Publishing or transmitting obscene material in electronic form: – Penalties under IPC Section 292 and IT Act, Section 67.
13) Publishing or transmitting sexually explicit material: – Addressed by IPC Section 292 and IT Act, Section 67.
14) Publishing or transmitting material depicting children in sexually explicit acts: – Penalties under IPC Section 292 and IT Act, Section 67B.
15) Misusing Wi-Fi against the state: – Covered by the IT Act, Section 66 and Section 66F.
16) Planting computer viruses against the state: – Addressed by the IT Act, Section 66 and Section 66F.
17) Conducting a denial-of-service attack against a government computer: – Punishable under the IT Act, Section 66 and Section 66F.
18) Stealing data from a government computer with national security significance: – Covered by the IT Act, Section 66 and Section 66F.
19) Not allowing authorities to decrypt communications:– Addressed by the IT Act, Section 69.
20) Intermediaries not providing access to information:– Punishable under the IT Act, Section 69.
21) Failure to block websites when ordered: – Covered by the IT Act, Section 69A.
22) Sending threatening messages by email: – Penalties under IPC Sections 504, 506, 507, 508, and 509.
23) Insulting the modesty of a woman: – Covered by IPC, Section 509.
24) Sending defamatory messages by email: – Punishable under IPC, Section 500.
25) Online frauds and bogus websites: – Penalties under IPC, Sections 419 and 420.
26) Email spoofing: – Addressed by IPC, Sections 465 and 468, and the IT Act, Section 66C.
27) Making false documents: – Covered under IPC, Section 465.
28) Forgery for the purpose of cheating or harming reputation: – Addressed by IPC, Sections 468 and 469, and the IT Act, Section 66D.
29) E-mail abuse: – Punishable under IPC, Section 500.
30) Criminal intimidation: – Covered by IPC, Section 506.
31) Copyright infringement: – The Law Addressed by the Copyright Act, 1957, and the IT Act, Section 66.
32) Theft of computer hardware:- Punishable under IPC, Section 379.
33) Online sale of drugs or arms:– Covered by the respective acts.
These provisions cover a wide range of cybercrimes and their associated penalties.
CYBER LAW AND INDIAN EVIDENCE ACT, 1872[5]
With the widespread use of computers, electronic devices, and the internet, cybercrimes have become increasingly common. These crimes encompass a wide range of activities, including fraud, impersonation, child pornography, and denial of service attacks.
The traditional legal system, which relies on physical evidence and eyewitness testimonies, faces significant challenges when dealing with these sophisticated cyberattacks. Cybercrimes often leave behind digital traces instead of tangible evidence. Courts must analyze this digital evidence to determine liability. However, the sheer volume of digital records and their susceptibility to tampering pose challenges in establishing their authenticity and using them as evidence.[6]
One crucial question in addressing cybercrimes is the admissibility of digital evidence in court. What types of digital evidence can be presented in court? How should this evidence becollected and submitted? How much weight does the court give to digital evidence, and is expert testimony required to support it?[7]
Regarding legislative provisions on the admissibility of documentary evidence, the Indian Evidence Act, 1872, categorizes documentary evidence into primary and secondary evidence. Primary evidence refers to the actual document itself, while secondary evidence is used to prove the content of a document when the primary evidence is unavailable or inaccessible. Section 63 of the Indian Evidence Act lists acceptable forms of secondary evidence, including certified copies, mechanically produced copies, and oral accounts by individuals who have seen the original.
Section 65 of the Indian Evidence Act allows the use of secondary evidence in situations where the original document cannot be produced due to various reasons, such as being in possession of the opposing party, being lost or destroyed, or being a public document. Section 64 stipulates that documents must generally be proven with primary evidence, except when Section 65 conditions apply.
CYBER LAWS AND BANKERS BOOK EVIDENCE ACT, 1891
Before the enactment of the Information Technology Act (ITA), banks were required to present their original ledgers and physical documents as evidence in court. However, with the introduction of the ITA, the BBE Act’s definition was updated to include electronic records. It now covers a range of digital data storage formats like floppies, discs, tapes, and other electromagnetic devices. In such cases, a certified printout of the data entry and a certificate describing the computer system and its security measures are required for admissibility as evidence.
Uncovered Issues in Cybercrime under ITA:
While the ITA and ITAA represent significant milestones in India’s technological progress, there are still areas where the existing laws fall short. One major issue is the lack of clear jurisdictional guidelines, particularly in cases involving cybercrimes that transcend geographic boundaries. This issue is not adequately addressed in the ITA, and determining which police jurisdiction should handle a cybercrime, such as hacking someone’s email from a different state, can be challenging.[8]
Preservation of evidence is another significant concern. In many cases under the IT Act, crucial evidence can be easily destroyed, as it may be stored on intermediaries’ computers or even on the perpetrator’s system. This makes it essential to establish proper procedures for evidence preservation .Currently, most cybercrimes in India are prosecuted under relevant sections of the Indian Penal Code (IPC), supplemented by corresponding IT Act provisions. Ensuring proper training for all stakeholders involved in handling cybercrimes is crucial, as these crimes are not confined to specific geographic locations and can span multiple jurisdictions. This training would help address the challenges posed by cybercrimes effectively.
CYBER LAW AND RESERVE BANK OF INDIA ACT, 1934
THE FORUTH SCHEDULE: Amendment to the Reserve Bank of India Act, 1934
In the Reserve Bank of India Act, 1934 in section 58, in sub-section (2), after clause (p), the following clause shall be inserted, namely:- “(pp) the regulation of fund transfer through electronic means between the banks or between the banks and other financial institution referred to in clause (c) of section 45-I, including the laying down of the conditions subject to which banks and other financial institutions shall participate in such fund transfers, the manner of such fund transfers and the rights and obligations of the participants in such fund transfers.[9]
The Reserve Bank of India Act, 1934, will have an amendment in its Section 58, Sub-section (2). After clause (p), a new clause, specifically clause (pp), will be added. This new clause pertains to the regulation of electronic fund transfers between banks and other financial institutions mentioned in Section 45-I(c). It includes setting conditions for banks and financial institutions participating in such transfers, defining the process for these transfers, and outlining the rights and responsibilities of the participants in these electronic fund transfers.[10]
CONCLUSION
The laws in India or anywhere in world has diverse application. It can be applied differently in different circumstances. The national framework on cybercrime is a complex and evolving landscape. As the digital world continues to expand, the need for a coherent and comprehensive framework becomes increasingly pressing. While progress has been made through national legislations, evolving jurisprudence, and ongoing discussions, challenges remain. Navigating the full fledged nature of cybercrime requires cooperation, coordination, and a shared commitment to upholding the rule of law in this virtual domain. The national community must continue to work together to address these challenges and establish a robust framework that ensures the responsible and lawful use of cybercrime for the benefit of all. It delves into the complexities surrounding the determination of cybercrime, the challenges it poses to the national community, and the evolving efforts to establish an exhaustive national framework.
[1] Aster & Wheeler, the deep intricacies of digital world, 284-289, Oxford University Press, 2016.
[2] AIR 2015 SC 1523.
[3] Singh, Simon. The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography,304-306, (fourth estate and double day, 1999)
[4] AIR 2004 SC 4680.
[5] Zuboff, Shoshana. The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power, 54-56 (Profile books, 2019)
[6] Cyberhub.com, https://www.cyberhub.com/ITAct/4583/informationandtechnology, last visited 23-09-2023
[7] Technopedia.com, https://www.techopedia.com/definition/5298387/cybercrimeunder-different-laws, last visited 23-09-2023.
[8] Venables A ,Modelling Cyberspace to Determine Cybersecurity Training Requirements, Vol-6, frontiers Journal, fronc. Educs, 676,803, [2021].
[9] Halder, D.,& Jaishankar, K., Cyber Crimes and Laws in India, 54-87, Taylor & Francis, 2016.
[10] Dr. Sarabjit Singh, cyber Laws and IT protection,86-92, Lexis Nexis, 2017.