Saturday, August 13, 2022
Views & Reviews

Law In Motion: Cyber Crimes

By EMN Updated: May 20, 2021 11:18 pm

1. What are the various types of cyber-crimes?

Ans-30 It is virtually impossible to list out all categories of cyber-crimes and the numerous variations which are possible. However, the Information Technology Act 2000 of India, broadly defines/categorises the following offences:

Section 65. Tampering with computer source documents.

Section 66.  Computer related offences.

Section 66A.  Punishment for sending offensive messages through communication service, etc.

Section 66B. Punishment for dishonestly receiving stolen computer resource or communication device.

Section 66C.  Punishment for identity theft.

Section 66D.  Punishment for cheating by personation by using computer resource.

Section 66E.  Punishment for violation of privacy.

Section 66F.  Punishment for cyber terrorism. Section67.  Punishment for publishing or transmitting obscene material in electronic form.

Section 67A.  Punishment for publishing or transmitting of material containing sexually explicit act, etc., in electronic form.

Section67B. Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc., in electronic form.

These, however, are legal-technical definitions of crimes of possible cyber-crimes which, in practice take many dimensions. In the subsequent sections, it may make sense to examine some definitions in the IT Act or the definitions of offences to understand things better.

The other method is the one for use by a common man – the methods by which you can be duped or you can be victimised or you may commit acts which can be categorised offences. This is an easier categorisation and some of the categories are as listed in the sections below.

2. What are some of the cyber-crimes in common parlance?

Ans 31. Cyber-crimes have been fairly-well documented and elaborated in common parlance. For ease of use and understanding, while their Act and the rules under it provide a legal framework, the cyber security experts and investigators use some of the following categorisations:

i. Hacking

ii. Virus Dissemination

iii. Logic Bombs

iv. Denial-of-Service Attacks

v. Phishing

vi. Email Bombing and Spamming

vii. Web-Jacking

viii. Cyber-Stalking

ix. Data-diddling

x. Identity theft and Credit Card Frauds

xi. Salami Slicing

xii. Software Piracy and Theft

xiii. Internet Pornography

xiv. Ransomware

However, no such list can be comprehensive, nor exhaustive. Therefore, it is better to keep discussing cyber-crimes, as and when new modes of crime are adopted by the criminals.

3.  What are some of the important legal definitions in the IT Act and the Information technology world?

Computer: means any electronic, magnetic, optical or other high-speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or related to the computer in a computer system or computer network;

Communication device: means cell phones, personal digital assistance or combination of both or any other device used to communicate, send or transmit any text, video, audio or image;

Computer network: means the inter-connection of one or more computers or computer systems or communication device through–

(i) the use of satellite, microwave, terrestrial line, wire, wireless or other communication media; and

(ii) terminals or a complex consisting of two or more interconnected computers or communication device whether or not the inter-connection is continuously maintained;

Computer resource: means computer, computer system, computer network, data, computer data base or software;

Computer system: means a device or collection of devices, including input and output support devices and excluding calculators which are not programmable and capable of being used in conjunction with external files, which contain computer programmes, electronic instructions, input data and output data, that performs logic, arithmetic, data storage and retrieval, communication control and other functions;

Cyber café: means any facility from where access to the internet is offered by any person in the ordinary course of business to the members of the public; 1. Subs. by Act 10 of 2009, s. 2, for ―digital signature;

Cyber security: means protecting information, equipment, devices, computer, computer resource, communication device and information stored therein from unauthorised access, use, disclosure, disruption, modification or destruction;

Data: means a representation of information, knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalised manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer;

Information: includes [data, message, text,] images, sound, voice, codes, computer programmes, software and data bases or micro film or computer generated micro fiche;

Intermediary: with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes;

Originator: means a person who sends, generates, stores or transmits any electronic message or causes any electronic message to be sent, generated, stored or transmitted to any other person but does not include an intermediary;

Secure system: means computer hardware, software, and procedure that– (a) are reasonably secure from unauthorised access and misuse; (b) provide a reasonable level of reliability and correct operation; (c) are reasonably suited to performing the intended functions; and (d) adhere to generally accepted security procedures;

4. What does the interpretation of these definitions basically imply?

The basic implications of this set of definitions is that the cyber world is very big – huge, infact. It includes all computers, communication devices, computer networks, computer resources, computer systems etc whether they are in cyber cafes or offices or organisations or even on the hands of individuals where data or information is either stored, accessed or shared or transmitted between an originator and a receiver using intermediaries or transmission systems or devices in a manner which is secure.

These definitions are wide enough to cover personal computers, laptops, mobile phones and smartphones, tablets as stand alone devices connected to the internet individually or through computer networks – whether of governments or business organisations or conglomerates, or even series of computers or super-computers in a network or servers (individually or as a network) to transmission devices like mobile phone towers or telephone lines to satellite channels or even the optical-fibre cables which may be subterranean, overhead or even submarine cables.

All data, wherever it originates, should be presumed to travel across the globe through these network or satellites and cables.

Some of this data is available on the internet for access while it is estimated that almost 70-75% of the data and information is ordinarily inaccessible but exists on the ‘dark-net’.

Even the data which exists in open-space is ordinarily divided and compartmentalised in secure pockets by individuals and organisations. This security, at the level of an individual may be provided by the mobile smartphones which we use and at the level of governments and businesses and organisations, extra levels of security are added. Data generated on the internet-interface is like ‘private parts’ of the body – one would not want to be shown naked to others all the time, going by the quantity and diversity of information which we generate on the internet.

Data and information on us or about us as individuals makes us possible targets of attacks as well as potential targets by criminals as well as businesses. Therefore, security of data and information is of paramount importance.

All crimes which can be committed traditionally can be now committed with an IT interface: in fact, more modes of crimes have opened up in this world and newer forms of crimes have emerged as have newer modes of committing crimes.

5. What are some of the features to qualify an act as criminal offences?

The exact nature and definitions of offences and the penalties for cyber crimes are defined in Sections 65 to Section 67B. It may be difficult to condense the acts into offences but briefly, these could be like:

Tampering with Computer source documents – this refers to the ‘back end’ of computers – the softwares etc., which contain codes and instructions to computers – both hardwares and softwares to perform certain specific set of computer commands or programmes or functions or instructions or designs. It takes years of efforts and innovations to produce new products – hardware/software. Usually these codes are called ‘computer source codes’ and are patented property of the innovators (persons or companies). Any efforts to alter or damage any such codes whether intentionally or knowingly, are cyber-crimes.

Hacking Computer Systems – Means intentionally altering or destroying or damaging or deleting information residing in a computer or a network of computers or doing something which reduces the value or utility of the information/data.

Publication of Obscene Information – If anyone publishes or attempts to publish information which is obscene or lascivious or which appeals to prurient interests in such a manner that it can be read or seen or heard is said to be committing an offence. However, penalizing the publication of obscene information is a country specific – different criteria are adopted by different countries and cultures. However, usually, publication of obscene information without consent or where consent is fraudulent or about children are universally accepted as criminal acts and also cyber-crimes.

Rupin Sharma

By EMN Updated: May 20, 2021 11:18:08 pm