HOME > BLOGS > CYBER SECURITY

Why Does Your Organization Need to Build Cyber Resilience?


Why Does Your Organization Need to Build Cyber Resilience?


Share now!
Your Quick Guide to the Cyber Laws in India

The dawn of Cyber Laws in India started with the boom in globalization and computerization in India. The number of cyber crimes registered each year in India is shocking and it’s only getting worse. This is because the pool of gullible prey for cyber conmen has shot up with India going digital. This calls for a basic understanding of the laws that govern the cyber space in India.

In India’s Silicon Valley alone, i.e. Bengaluru, the Cyber Crime Cell has registered over 6000 complaints in just a year of its inception. Of this, 233 registered cases are pertaining to ‘serious’ card skimming.

The Cyber Laws in India or the IT Act was amended in 2008 to include cyber crimes related to banking and financial transactions. The following section shall cover the atrocities that come under the purview of cyber crimes.

What Constitutes a Cyber Crime?

It is a little tricky to define a cyber crime in the Indian legal context. This is because it has not been precisely defined in either the IT Act 2000 or the IT Amendment Act 2008 or the National Cyber Security Policy 2013 or any other Indian legislation for that matter.

However, the Indian Penal Code 1860 and a few other legislations do list down the offenses that come under the purview of a cyber crime and the punishments for the same.

In the simplest terms, a cyber crime can be defined as any such offense in which a computer is involved. Thus, when a computer or any information stored on the computer is the target, medium or the object of offense, it is recognized as a cyber crime offense.

What is a Cyber Law?

With the advent of digitization, the Internet is no longer a mere medium for research & information sharing. The Internet now forms the basis of the chosen and primary mode of communication, record maintenance, and transactions. It forms an indispensable part of government organizations and corporate houses.

Cyber Laws were brought into action to have legal guidelines for investigating offenses pertaining to intellectual property, cyber crimes, data protection and privacy, and electronic & digital signatures.

The cyber space is virtual, anonymous and boundless. This makes it really challenging to trace cyber criminals and the origin of a cyber crime. Thus, cyber laws are increasingly important to aid in creating a regulatory mechanism for the use of the cyber space.

Tracing the Origin – The History of Cyber Laws in India

Until the mid-90’s, most of the international business and transactions were carried out on paper and conveyed through post and telecommunication. Records and evidence were thus primarily in the form of paper records or some form of hard-copies.

However, global trading practices were in for the biggest revolution ever. The mid 90’s witnessed nations all across the globe resorting to digitizing their governance. The widespread globalization and digitization also saw an enormous spurt in the e-commerce segment.

With so much business and transactions being done via emails and other forms of electronic communication, there was an incumbent need for giving due recognition to electronic records.

In 1996, the Model Law on e-commerce was adopted by the United Nations Commission on International Trade Law (UNCITRAL). Eventually, the Indian Government followed suit and enacted the Information Technology Act or IT Act 2000.

Objectives of the IT Act 2000

To  quote the exact objectives of the IT Act 2000 as per the Ministry of Electronics & Information Technology, it was enacted “to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as ‘electronic commerce’, which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers’ Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.

The IT Act 2000 came into effect from October 17, 2000, and primarily deals with issues pertaining to the legal recognition of electronic documents and digital signatures, offenses and contraventions and the justice dispensation system for cyber crimes.

The Limitations of the IT Act 2000

The IT Act 2000 soon came under a string of controversies with some calling it too harsh and some tagging it as too lenient! In due course of time, there were certain omissions in the IT Act 2000 too. This resulted in more and more investigators banking on the tried and tested Indian Penal Code (IPC) even for technology-based offenses while keeping the IT Act 2000 handy.

The reliability of the IT Act 2000 was in doubts. This gave birth to the need for a major amendment to the Act. To identify the loopholes in the IT Act 2000, special advisory and industry bodies were formed.

Information Technology Amendment Act 2008

The Information Technology Amendment Act 2008 was floated in the Parliament and came into effect from October 27, 2008.

The IT Amendment Act 2008 incorporated some crucial features such as:

  • Data privacy and information security laws
  • Definition of a cyber café
  • Definition of the rational data security practices to be followed by a corporate
  • Recognition to the role of the Indian Computer Emergency Response Team
  • Authorization to an Inspector to investigate cyber crime offenses, and

Inclusion of additional cyber crimes such as child pornography and cyber terrorism in the purview of the jurisdiction.

Cyber Crime Offenses covered under the Cyber Laws in India

Stated below are the offences covered under the Information Technology Act (IT Act):

  • Sec.65 – Tampering with computer source Documents 
  • Sec.66 – Hacking with computer systems, Data Alteration
  • Sec.66A  Sending offensive messages through communication service, etc.
  • Sec.66B – Dishonestly receiving stolen computer resource or communication device
  • Sec.66C – Identity Theft
  • Sec.66D – Cheating by personation by using the computer resource 
  • Sec.66E – Violation of privacy
  • Sec.66F – Cyber terrorism
  • Sec .67 – Publishing or transmitting obscene material in electronic form 
  • Sec.67A – Publishing or transmitting of material containing sexually explicit act, etc. in electronic form.
  • Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc. in electronic form – Sec.67B
  • Preservation and retention of information by intermediaries – Sec.67C
  • Powers to issue directions for interception or monitoring or decryption of any information through any computer resource – Sec.69
  • Power to issue directions for blocking for public access of any information through any computer resource – Sec.69A
  • Power to authorize to monitor and collect traffic data or information through any computer resource for Cyber Security – Sec.69B
  • Unauthorized access to protected system – Sec.70
  • Penalty for misrepresentation – Sec.71
  • Breach of confidentiality and privacy – Sec.72
  • Publishing False digital signature certificates – Sec.73
  • Publication for fraudulent purpose – Sec.74
  • Act to apply for offence or contraventions committed outside India – Sec.75
  • Compensation, penalties or confiscation not to interfere with other punishment – Sec.77
  • Compounding of Offences – Sec.77A
  • Offences with three years’ imprisonment to be cognizable – Sec.77B
  • Exemption from liability of intermediary in certain cases – Sec.79
  • Punishment for abetment of offences – Sec.84B
  • Punishment for attempt to commit offences – Sec.84C
  • Offences by Companies – Sec.85
  • Sending threatening messages by e-mail – Sec.503 Indian Penal Code (IPC)
  • Word, gesture or act intended to insult the modesty of a woman – Sec.509 IPC
  • Sending defamatory messages by e-mail – Sec.499 IPC
  • Bogus websites , Cyber Frauds – Sec.420 IPC
  • E-mail Spoofing – Sec.463 IPC
  • Making a false document – Sec.464 IPC
  • Forgery for purpose of cheating – Sec.468 IPC
  • Forgery for purpose of harming reputation – Sec.469 IPC
  • Web-Jacking – Sec .383 IPC
  • E-mail Abuse – Sec .500 IPC
  • Punishment for criminal intimidation – Sec.506 IPC
  • Criminal intimidation by an anonymous communication – Sec.507 IPC
  • When copyright infringed: Copyright in a work shall be deemed to be infringed – Sec.51
  • Offence of infringement of copyright or other rights conferred by this Act. Any person who knowingly infringes or abets the infringement of – Sec.63
  • Enhanced penalty on second and subsequent convictions63A
  • Knowing use of infringing copy of computer program to be an offence Sec.63B
  • Obscenity Sec. 292 IPC
  • Printing etc. of grossly indecent or scurrilous matter or matter intended for blackmail – Sec.292A IPC
  • Sale, etc. of obscene objects to young person – Sec .293 IPC
  • Obscene acts and songs – Sec.294 IPC
  • Theft of Computer Hardware – Sec. 378
  • Punishment for theft – Sec.379
  • Online Sale of Drugs – NDPS Act
  • Online Sale of Arms – Arms Act

Note: Sec.78 of the IT Act empowers Police Inspector to investigate cases falling under this Act

Incognito Forensic Foundation (IFF Lab) – A Name Synonymous with Quality Cyber Crime Investigations

Incognito Forensic Foundation (IFF Lab) is a private forensic science laboratory that has created a venerable niche for itself in the cyber crime investigation and cyber security domains. With its headquarter in Chennai and a state-of-the-art cyber and digital forensic lab in Bangalore, IFF Lab has been assisting law enforcement agencies and various other private and public organizations with cyber crime investigations.

IFF Lab leverages the latest digital forensic tools and technologies to get to the bottom of any offense committed in the cyber space in a speedy and effective manner. IFF Lab deploys its competence in examining digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing, and presenting facts and opinions about the digital information.

Be it corporate frauds, data thefts or breach of data privacy, or any other cyber crime that comes under the purview of the cyber laws in India, IFF Lab provides an astute investigation mechanism by employing its technologies and able digital forensic team.

Get in Touch with IFF Lab for Cyber Crime Investigations and Cyber Security Management.