THE ROLE OF CYBER LAW IN CYBERSECURITY IN INDIA

This article is written by Namrata Dube of 9^th Semester of B.A.LL.B. of South Calcutta Law College, Kolkata, an intern under Legal Vidhiya.

Abstract: –

In this modern period, everyone is moving towards the span of networking and digitization, which has a wide range of benefits in our day-to-day life. It is taking over the world in both good and bad ways. It is helping people in their day-to-day life on one hand, and on the other hand it is also giving rise to a new criminal method (known as cybercrime). This article deals with the meaning, types and prevention of cybercrime in India. It also deals with the concept of cybersecurity, the differences between cybercrime and it, along with various case references.

Keywords: –

Cybercrime, Information Technology Act, cyberspace, criminological, privacy

Introduction: –

Cyber law is the legal system which deals with the internet, cyberspace, computer and all matters related to information technology. It covers wide range of topics such as contract law, intellectual property laws and privacy laws.it directs the electronic circulation of information, software, data security and electronic commerce. Basically, it is a law which dals with cybercrimes. In our progressing digital age, there has been phenomenal surge in e-commerce and online stock trading, this leads to a greater number of cybercrimes.

Meaning: –

Cybercrimes is a type of crime that involves a computer or computer network. It may harm someone’s security or finances. It is defined in Information Technology Act, 2000 as- “any criminal activity which takes place on or over the medium of computers or internet or other technology recognised by the Act”. In this type of crime, computer is used as a weapon for committing crimes. Thus, it is an unlawful act wherein the computer is either a tool or a target or both. Sometimes, the crime is carried out with the intention of generating profit for the cybercriminals, other times it is carried out to damage or disable the computer or the device.

Types: –

There are various kinds of cybercrimes, they are enumerated below: –

• Cyberbullying: – It includes posting, sharing negative, harmful, false or mean content about someone else. Basically, it is the practice of harassing or bullying others using electronic devices like computers, mobile phones etc. The use of digital technology such as, social media, gaming platforms conducts this type of bullying. Also, this involves repeated behaviour i.e., intended to anger, scare or shame those being targeted.
• Cyberstalking: – It is the crime, which is committed when someone uses the internet and other technologies to harass or stalk another person online. It is usually done through emails, texts, social media posts and other forms and is often deliberate and persistent.
• Child pornography or child sexually abusive material: – It includes any material, which contains sexual image in any form, wherein both the child being abused or exploited may be seen.
• Cyber grooming: – It involves a person, who builds a relationship with a teenager and having a technique of luring, teasing or even putting pressure on them to perform a sexual act.
• Online sextortion: – When an online predator tricks someone into giving them nude pictures or videos, then blackmails and demands money or more pictures. It occurs when the cybercriminal threatens any individual to publish some private or sensitive material on an electronic medium.
• Online job fraud: – By this scheme people who are in need of job are mis leaded by promising them a better job with higher wages. On 21^st March, 2022, the Reserve Bank of India warned people not to fall prey to these job scams. It was explained there, what precautions should be taken by a common man before applying for any job.
• Credit or Debit card fraud: – In this kind of fraud, unauthorised withdrawals are made from another’s card to gain access to their funds. It occurs when a criminal gains access to the PIN number of the cardholder.
• Phishing: – It is the practice of pressuring or manipulating people, to send information or assets to the wrong people. When the emails appear to be legitimate but actually, they contain malicious attachments, which are designed to steal personal information such as, CVV, PIN, ID etc. from the user and then they are sold to the dark web.

Prevention: –

There are few steps, following which one can protect himself from cybercrime. Some of them are enumerated below: –

• Using a strong password; – This is one of the simplest ways, by which one can protect himself from cybercrime. One should avoid using simple passwords (such as, 12345…. Or abcde…) which are too easy to guess. Also, avoid using the DOB or partner’s name. Instead use a unique password which is a combination of numerals, alphabets and symbols.
• Keeping the software updated: – Normally, the cybercriminals take the advantages of glitches and flaws in one’s software for gaining access to the systems. Thus, if the software is updated to the latest version, cybercrime can be prevented to some extent.
• Protection from phishing: – Normally, it attacks call for an urgent action prompting one to click some link or act immediately to claim the attractive rewards and so on. So, in order to prevent it, one needs to identify or recognize it and avoid it.
• Talk to children: – The internet and technology have become a necessity thing in a student’s life. We should spread awareness among the children about the use of internet and the risks that come with it. One should ensure that your child comes to you, if he or she faces any online harassment or abuse.

Laws in India: –

Cyberlaw plays a very significant role in this era of internet and technology. Their founders have never imagined, this will be used in any kind of criminal activities. To prevent this increasing number of cases, proper laws are needed to deal with it. In India, the Information Technology Act,2000 contains cyber laws, whose aim is to afford legal recognition of electronic records of the government. There are various rules and regulations under cyber laws which deals with the security procedure and certifying authorities.

The important provisions of the Act: –

• Section 43- It applies to individuals who indulge in cybercrimes such as damaging the computers of the victim, without taking the due permission of him.
• Section 66 – It applies to any conduct described in Section 43 which is fraudulent or fraudulent.
• Section 66B – It describes the penalties for fraudulently receiving stolen communication devices or computers and confirms a possible three-years prison sentence.
• Section 66C- The aim of this section is digital signatures, password hacking and other forms of identity theft.
• Section 66D- It involves cheating by personating using computer resources.
• Section 66E- Under this section, it is a punishable offence to take pictures of private areas, publish or transmit them without a person’s consent.
• Section 67- It involves electronically publishing obscenities. 

If the IT Act is not sufficient enough to cover the specific cybercrimes, then few Sections of IPC (viz, Sec 292, Sec354C, Sec354D, Sec379, Sec420, Sec 463, Sec 465, Sec 468) can be applied. Also, the Companies Act,2013 was set up to prosecute companies and their directors in India. The Act ensures that all regulatory code and standards are properly covered. These cyber laws have led to the growth of e-governance and e-commerce by ensuring maximum connection and reducing security concerns in the country.

Cybersecurity: –

It is defined as the practice of protecting systems, networks and programs from digital attacks. It defends the computers and servers from malicious attacks. Basically, it is defined as the collection of processes, technologies and practices which are intended to prevent devices, data, networks and programs from being attacked, accessed or damaged by unauthorised persons. It is also referred to as Information Technology Security.

Differences between Cybercrime and Cybersecurity: –

The aim of cybersecurity is to prevent the unauthorised persons from finding and exploiting vulnerabilities in corporate and government networks. On the other hand, cybercrime tends to focus more on protecting the privacy of individuals engaged with online activities. The difference between them is listed below: –

• In cybersecurity, the main target of attack is on a computer program, hardware or computer network. By contrast, cybercrime is a crime where a specific person or a group of people, along with their data is the main target.
• In cybersecurity, the corporation and the governments are the primary targets, but in case of cybercrime, victims can range from individuals, families, organizations etc.
• Cybersecurity covers the subject matter related to computer science, information technology and computer engineering. While cybercrime covers criminological, sociological and psychological categories.

Developments: –

The first case of cyber-crime was seen in the late 1980s, coinciding with the fast growth of use of emails. When an email was circulating across the world, a slew of frauds erupted. A cyber form, known as “Moris Worm” infected roughly 6000 computers connected to the internet at that time (in the late 1980s). The cyber worm caused slowness of the computer. When internet web browsers were introduced on the 1990s, thieves discovered a new technique to get access to the computer systems through deception. The cyber thieves used to release the viruses on the internet and the virus would infect the website that a user would subsequently visit. The virus would also affect the user’s PC after they have visited the website. The internet in early 2000s, ushered in a new era of social media and online entertainment. During this time period, cyber crime progressed to the next level. People started sharing their personal information on social media and thus it gave rise to identity theft, personal information were collected from the users. In the year 2000, the Information Technology Act became law, and it primarily recognises the electronic records and signatures as valid and also deals with computer related offences through electronic means. In the recent days, IT brought some notable changes, they are enumerated below: –

• To focus on data privacy,
• Definition of cybercafe,
• Introduced information security practices,
• Responsibilities on companies to implement reasonable security practices,

and various other changes mentioned above in the sections of IT Act, 2000.

Case Laws: –

• Shreya Singhal v. Union of India (AIR 2015 SC 1523) – In this landmark case of cyber law, the court has offered exceptional and enhanced clarity to free speech jurisprudence in India. It was held that the Section 66A of the IT Act is a derogative provision to Article 19(1)(a) of the Indian Constitution.
• Avnish Bajaj v. State (NCT) of Delhi (2005) 3 Comp LJ 364 Del – Section 79(1)[2] of the IT Act was amended, based on this case. The apex court held that commission of an offence by the company was an express condition precedent to attract the liability of others in charge of the company. Since, there was no case made against the company, Avnish Bajaj was acquitted.
• Kalandi Charan Lenka v. State of Odisha, 2017 – The High Court found the accused prima facie guilty of cyberstalking on various charges under the IT Act and Section 354D of IPC for sending obscene messages and emails to the victim, that has damaged her reputation.
• Poona Auto Ancillaries Pvt. Ltd., Pune v. Punjab National Bank, HO New Delhi & Others (2018) – The bank was ordered by the Delhi High Court to pay Rs. 45 lakhs to a customer who suffered losses in a phishing scam.
• Shankar v. State Rep. (13^th December,2010) – The charge sheet submitted against the petitioner cannot be annulled as per law of non-granting of sanction of prosecution under section 72 of the IT Act.

Conclusion: –

As the technology is advancing, the disturbing elements are appearing on the dark web that is disturbing. The internet and technology have numerous advantages, but along with that there are various drawbacks and challenges. Although, the government has taken initiatives by enacting rules and regulations, it is still necessary to implement new and stricter laws to strengthen cybersecurity. The regulations need to be revised constantly to consider new crimes committed every day.

Reference: –

1. Jasraj Singh Bhatia, The role of cyber law in cybersecurity in India, (Bhatia 2022)
2. Batuk Lal, Indian Penal Code, (Lal n.d.)
3. Dr. Vishwanath Paranjape, Cyber Crimes & Law, (Paranjape n.d.)
4. Apar Gupta, Information Technology Act, (Gupta n.d.)