Cyber Law & IT Act Overview ”; Previous Next Cyberspace Cyberspace can be defined as an intricate environment that involves interactions between people, software, and services. It is maintained by the worldwide distribution of information and communication technology devices and networks. With the benefits carried by the technological advancements, the cyberspace today has become a common pool used by citizens, businesses, critical information infrastructure, military and governments in a fashion that makes it hard to induce clear boundaries among these different groups. The cyberspace is anticipated to become even more complex in the upcoming years, with the increase in networks and devices connected to it. Cyber security Cybersecurity denotes the technologies and procedures intended to safeguard computers, networks, and data from unlawful admittance, weaknesses, and attacks transported through the Internet by cyber delinquents. ISO 27001 (ISO27001) is the international Cybersecurity Standard that delivers a model for creating, applying, functioning, monitoring, reviewing, preserving, and improving an Information Security Management System. The Ministry of Communication and Information Technology under the government of India provides a strategy outline called the National Cybersecurity Policy. The purpose of this government body is to protect the public and private infrastructure from cyber-attacks. Cybersecurity Policy The cybersecurity policy is a developing mission that caters to the entire field of Information and Communication Technology (ICT) users and providers. It includes − Home users Small, medium, and large Enterprises Government and non-government entities It serves as an authority framework that defines and guides the activities associated with the security of cyberspace. It allows all sectors and organizations in designing suitable cybersecurity policies to meet their requirements. The policy provides an outline to effectively protect information, information systems and networks. It gives an understanding into the Government’s approach and strategy for security of cyber space in the country. It also sketches some pointers to allow collaborative working across the public and private sectors to safeguard information and information systems. Therefore, the aim of this policy is to create a cybersecurity framework, which leads to detailed actions and programs to increase the security carriage of cyberspace. Cyber Crime The Information Technology Act 2000 or any legislation in the Country does not describe or mention the term Cyber Crime. It can be globally considered as the gloomier face of technology. The only difference between a traditional crime and a cyber-crime is that the cyber-crime involves in a crime related to computers. Let us see the following example to understand it better − Traditional Theft − A thief breaks into Ram’s house and steals an object kept in the house. Hacking − A Cyber Criminal/Hacker sitting in his own house, through his computer, hacks the computer of Ram and steals the data saved in Ram’s computer without physically touching the computer or entering in Ram’s house. The I.T. Act, 2000 defines the terms − access in computer network in section 2(a) computer in section 2(i) computer network in section (2j) data in section 2(0) information in section 2(v). To understand the concept of Cyber Crime, you should know these laws. The object of offence or target in a cyber-crime are either the computer or the data stored in the computer. Nature of Threat Among the most serious challenges of the 21st century are the prevailing and possible threats in the sphere of cybersecurity. Threats originate from all kinds of sources, and mark themselves in disruptive activities that target individuals, businesses, national infrastructures, and governments alike. The effects of these threats transmit significant risk for the following − public safety security of nations stability of the globally linked international community Malicious use of information technology can easily be concealed. It is difficult to determine the origin or the identity of the criminal. Even the motivation for the disruption is not an easy task to find out. Criminals of these activities can only be worked out from the target, the effect, or other circumstantial evidence. Threat actors can operate with considerable freedom from virtually anywhere. The motives for disruption can be anything such as − simply demonstrating technical prowess theft of money or information extension of state conflict, etc. Criminals, terrorists, and sometimes the State themselves act as the source of these threats. Criminals and hackers use different kinds of malicious tools and approaches. With the criminal activities taking new shapes every day, the possibility for harmful actions propagates. Enabling People The lack of information security awareness among users, who could be a simple school going kid, a system administrator, a developer, or even a CEO of a company, leads to a variety of cyber vulnerabilities. The awareness policy classifies the following actions and initiatives for the purpose of user awareness, education, and training − A complete awareness program to be promoted on a national level. A comprehensive training program that can cater to the needs of the national information security (Programs on IT security in schools, colleges, and universities). Enhance the effectiveness of the prevailing information security training programs. Plan domain-specific training programs (e.g., Law Enforcement, Judiciary, E-Governance, etc.) Endorse private-sector support for professional information security certifications. Information Technology Act The Government of India enacted The Information Technology Act with some major objectives which are as follows − To deliver lawful recognition for transactions through electronic data interchange (EDI) and other means of electronic communication, commonly referred to as electronic commerce or E-Commerce. The aim was to use replacements of paper-based methods of communication and storage of information. To facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers” Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto. The Information Technology Act, 2000, was thus passed as the Act No.21 of 2000. The I. T. Act got the President’s assent on June 9, 2000 and it was made effective from October 17, 2000. By adopting this Cyber Legislation, India became the 12th nation in the
Category: information Security Cyber Law
Cyber Law – Useful Resources
Cyber Law – Useful Resources ”; Previous Next The following resources contain additional information on Information Security Cyber Law. Please use them to get more in-depth knowledge on this topic. Useful Links on Information Security Cyber Law Cyber Law Wiki – Wikipedia reference for Cyber Law. IT Act, 200 – Wikipedia reference for IT Act 2000 of India. Useful Books on Information Security Cyber Law To enlist your site on this page, please drop an email to [email protected] Print Page Previous Next Advertisements ”;
Cyber Crimes FAQs
Cyber Crimes FAQs ”; Previous Next 1. What is Cybercrime? A. Cybercrime refers to all the activities done with criminal intent in cyberspace. Because of the anonymous nature of the internet, miscreants engage in a variety of criminal activities. The field of cybercrime is just emerging and new forms of criminal activities in cyberspace are coming to the forefront with each passing day. 2. Do we have an exhaustive definition of Cybercrime? A. No, unfortunately we don’t have an exhaustive definition of cybercrime. However, any online activity which basically offends human sensibilities can be regarded as a cybercrime. 3. What are the various categories of Cybercrimes? A. Cybercrimes can be basically divided into three major categories − Cybercrimes against persons, Cybercrimes against property, and Cybercrimes against Government. 4. Tell us more about Cybercrimes against persons. A. Cybercrimes committed against persons include various crimes like transmission of child pornography, harassment using e-mails and cyber-stalking. Posting and distributing obscene material is one of the most important Cybercrimes known today. 5. Is Cyber harassment also a Cybercrime? A. Cyber harassment is a distinct cybercrime. Various kinds of harassment does occur in cyberspace. Harassment can be sexual, racial, religious, or other. Cyber harassment as a crime also brings us to another related area of violation of privacy of netizens. Violation of privacy of online citizens is a Cybercrime of a grave nature. 6. What are Cybercrimes against property? A. Cybercrimes against all forms of property include unauthorized computer trespassing through cyberspace, computer vandalism, transmission of harmful programs, and unauthorized possession of computerized information. 7. Is hacking a Cybercrime? A. Hacking is amongst the gravest Cybercrimes known till date. It is a dreadful feeling to know that a stranger has broken into your computer system without your knowledge and has tampered with precious confidential data. The bitter truth is that no computer system in the world is hacking proof. It is unanimously agreed that any system, however secure it might look, can be hacked. The recent denial of service attacks seen over the popular commercial sites like E-bay, Yahoo, and Amazon are a new category of Cybercrimes which are slowly emerging as being extremely dangerous. Using one”s own programming abilities to gain unauthorized access to a computer or network is a very serious crime. Similarly, the creation and dissemination of harmful computer programs which do irreparable damage to computer systems is another kind of Cybercrime. 8. What is Cybercrime against Government? A. Cyber Terrorism is one distinct example of cybercrime against government. The growth of Internet has shown that the medium of cyberspace is being used by individuals and groups to threaten the governments as also to terrorize the citizens of a country. This crime manifests itself into terrorism when an individual hacks into a government or military maintained website. 9. Is there any comprehensive law on Cybercrime today? A. As of now, we don’t have any comprehensive laws on cybercrime anywhere in the world. This is the reason that the investigating agencies like FBI are finding the Cyberspace to be an extremely difficult terrain. Cybercrimes fall into that grey area of Internet law which is neither fully nor partially covered by the existing laws. However, countries are taking crucial measures to establish stringent laws on cybercrime. 10. Is there any recent case which demonstrates the importance of having a cyber law on cybercrime within the national jurisdictions of countries? A. The most recent case of the virus “I love you” demonstrates the need for having cyber laws concerning cybercrimes in different national jurisdictions. At the time of the web publication of this feature, Reuters has reported that “The Philippines has yet to arrest the suspected creator of the ”Love Bug” computer virus because it lacks laws that deal with computer crime, a senior police officer said”. The fact of the matter is that there are no laws relating to cybercrime in the Philippines. 11. What is Vishing? A. Vishing is the criminal practice of using social influence over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to sensitive information such as credit card details from the public. The term is a combination of “Voice” and phishing. 12. What is Mail Fraud? A. Mail fraud is an offense under United States federal law, which includes any scheme that attempts to unlawfully obtain money or valuables in which the postal system is used at any point in the commission of a criminal offense. 13. What is ID Spoofing? A. It is the practice of using the telephone network to display a number on the recipient”s Caller ID display which is not that of the actual originating station. 14. What is Cyber espionage? A. It is the act or practice of obtaining secrets from individuals, competitors, rivals, groups, governments, and enemies for military, political, or economic advantage using illegal exploitation methods on the internet. 15. What is the meaning of Sabotage? A. Sabotage literally means willful damage to any machinery or materials or disruption of work. In the context of cyberspace, it is a threat to the existence of computers and satellites used by military activities 16. Name the democratic country in which The Cyber Defamation law was first introduced. A. South Korea is the first democratic country in which this law was introduced first. 17. What are Bots? A. Bots are one of the most sophisticated types of crime-ware facing the internet today. Bots earn their unique name by performing a wide variety of automated tasks on behalf of the cyber criminals. They play a part in “denial of service” attack in internet. 18. What are Trojans and Spyware? A. Trojans and spyware are the tools a cyber-criminal might use to obtain unauthorized access and steal information from a victim as part of an attack. 19. What are Phishing and Pharming? A. Phishing and Pharming are the most common ways to perform identity theft which is a form of cyber-crime in which criminals use
Network Security
Network Security ”; Previous Next Network security is the security provided to a network from unauthorized access and risks. It is the duty of network administrators to adopt preventive measures to protect their networks from potential security threats. Computer networks that are involved in regular transactions and communication within the government, individuals, or business require security. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password. Types of Network Security Devices Active Devices These security devices block the surplus traffic. Firewalls, antivirus scanning devices, and content filtering devices are the examples of such devices. Passive Devices These devices identify and report on unwanted traffic, for example, intrusion detection appliances. Preventative Devices These devices scan the networks and identify potential security problems. For example, penetration testing devices and vulnerability assessment appliances. Unified Threat Management (UTM) These devices serve as all-in-one security devices. Examples include firewalls, content filtering, web caching, etc. Firewalls A firewall is a network security system that manages and regulates the network traffic based on some protocols. A firewall establishes a barrier between a trusted internal network and the internet. Firewalls exist both as software that run on a hardware and as hardware appliances. Firewalls that are hardware-based also provide other functions like acting as a DHCP server for that network. Most personal computers use software-based firewalls to secure data from threats from the internet. Many routers that pass data between networks contain firewall components and conversely, many firewalls can perform basic routing functions. Firewalls are commonly used in private networks or intranets to prevent unauthorized access from the internet. Every message entering or leaving the intranet goes through the firewall to be examined for security measures. An ideal firewall configuration consists of both hardware and software based devices. A firewall also helps in providing remote access to a private network through secure authentication certificates and logins. Hardware and Software Firewalls Hardware firewalls are standalone products. These are also found in broadband routers. Most hardware firewalls provide a minimum of four network ports to connect other computers. For larger networks − e.g., for business purpose − business networking firewall solutions are available. Software firewalls are installed on your computers. A software firewall protects your computer from internet threats. Antivirus An antivirus is a tool that is used to detect and remove malicious software. It was originally designed to detect and remove viruses from computers. Modern antivirus software provide protection not only from virus, but also from worms, Trojan-horses, adwares, spywares, keyloggers, etc. Some products also provide protection from malicious URLs, spam, phishing attacks, botnets, DDoS attacks, etc. Content Filtering Content filtering devices screen unpleasant and offensive emails or webpages. These are used as a part of firewalls in corporations as well as in personal computers. These devices generate the message “Access Denied” when someone tries to access any unauthorized web page or email. Content is usually screened for pornographic content and also for violence- or hate-oriented content. Organizations also exclude shopping and job related contents. Content filtering can be divided into the following categories − Web filtering Screening of Web sites or pages E-mail filtering Screening of e-mail for spam Other objectionable content Intrusion Detection Systems Intrusion Detection Systems, also known as Intrusion Detection and Prevention Systems, are the appliances that monitor malicious activities in a network, log information about such activities, take steps to stop them, and finally report them. Intrusion detection systems help in sending an alarm against any malicious activity in the network, drop the packets, and reset the connection to save the IP address from any blockage. Intrusion detection systems can also perform the following actions − Correct Cyclic Redundancy Check (CRC) errors Prevent TCP sequencing issues Clean up unwanted transport and network layer options Print Page Previous Next Advertisements ”;
Cyber Law – Quick Guide
Cyber Law – Quick Guide ”; Previous Next Cyber Law – Introduction Cyberspace Cyberspace can be defined as an intricate environment that involves interactions between people, software, and services. It is maintained by the worldwide distribution of information and communication technology devices and networks. With the benefits carried by the technological advancements, the cyberspace today has become a common pool used by citizens, businesses, critical information infrastructure, military and governments in a fashion that makes it hard to induce clear boundaries among these different groups. The cyberspace is anticipated to become even more complex in the upcoming years, with the increase in networks and devices connected to it. Cybersecurity Cybersecurity denotes the technologies and procedures intended to safeguard computers, networks, and data from unlawful admittance, weaknesses, and attacks transported through the Internet by cyber delinquents. ISO 27001 (ISO27001) is the international Cybersecurity Standard that delivers a model for creating, applying, functioning, monitoring, reviewing, preserving, and improving an Information Security Management System. The Ministry of Communication and Information Technology under the government of India provides a strategy outline called the National Cybersecurity Policy. The purpose of this government body is to protect the public and private infrastructure from cyber-attacks. Cybersecurity Policy The cybersecurity policy is a developing mission that caters to the entire field of Information and Communication Technology (ICT) users and providers. It includes − Home users Small, medium, and large Enterprises Government and non-government entities It serves as an authority framework that defines and guides the activities associated with the security of cyberspace. It allows all sectors and organizations in designing suitable cybersecurity policies to meet their requirements. The policy provides an outline to effectively protect information, information systems and networks. It gives an understanding into the Government’s approach and strategy for security of cyber space in the country. It also sketches some pointers to allow collaborative working across the public and private sectors to safeguard information and information systems. Therefore, the aim of this policy is to create a cybersecurity framework, which leads to detailed actions and programs to increase the security carriage of cyberspace. Cyber Crime The Information Technology Act 2000 or any legislation in the Country does not describe or mention the term Cyber Crime. It can be globally considered as the gloomier face of technology. The only difference between a traditional crime and a cyber-crime is that the cyber-crime involves in a crime related to computers. Let us see the following example to understand it better − Traditional Theft − A thief breaks into Ram’s house and steals an object kept in the house. Hacking − A Cyber Criminal/Hacker sitting in his own house, through his computer, hacks the computer of Ram and steals the data saved in Ram’s computer without physically touching the computer or entering in Ram’s house. The I.T. Act, 2000 defines the terms − access in computer network in section 2(a) computer in section 2(i) computer network in section (2j) data in section 2(0) information in section 2(v). To understand the concept of Cyber Crime, you should know these laws. The object of offence or target in a cyber-crime are either the computer or the data stored in the computer. Nature of Threat Among the most serious challenges of the 21st century are the prevailing and possible threats in the sphere of cybersecurity. Threats originate from all kinds of sources, and mark themselves in disruptive activities that target individuals, businesses, national infrastructures, and governments alike. The effects of these threats transmit significant risk for the following − public safety security of nations stability of the globally linked international community Malicious use of information technology can easily be concealed. It is difficult to determine the origin or the identity of the criminal. Even the motivation for the disruption is not an easy task to find out. Criminals of these activities can only be worked out from the target, the effect, or other circumstantial evidence. Threat actors can operate with considerable freedom from virtually anywhere. The motives for disruption can be anything such as − simply demonstrating technical prowess theft of money or information extension of state conflict, etc. Criminals, terrorists, and sometimes the State themselves act as the source of these threats. Criminals and hackers use different kinds of malicious tools and approaches. With the criminal activities taking new shapes every day, the possibility for harmful actions propagates. Enabling People The lack of information security awareness among users, who could be a simple school going kid, a system administrator, a developer, or even a CEO of a company, leads to a variety of cyber vulnerabilities. The awareness policy classifies the following actions and initiatives for the purpose of user awareness, education, and training − A complete awareness program to be promoted on a national level. A comprehensive training program that can cater to the needs of the national information security (Programs on IT security in schools, colleges, and universities). Enhance the effectiveness of the prevailing information security training programs. Plan domain-specific training programs (e.g., Law Enforcement, Judiciary, E-Governance, etc.) Endorse private-sector support for professional information security certifications. Information Technology Act The Government of India enacted The Information Technology Act with some major objectives which are as follows − To deliver lawful recognition for transactions through electronic data interchange (EDI) and other means of electronic communication, commonly referred to as electronic commerce or E-Commerce. The aim was to use replacements of paper-based methods of communication and storage of information. To facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers” Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto. The Information Technology Act, 2000, was thus passed as the Act No.21 of 2000. The I. T. Act got the President’s assent on June 9, 2000 and it was made effective from October 17, 2000. By adopting this Cyber Legislation, India became the 12th nation
Cyber Law Summary
IT Security & Cyber Law Summary ”; Previous Next Cyber Laws are the sole savior to combat cyber-crime. It is only through stringent laws that unbreakable security could be provided to the nation’s information. The I.T. Act of India came up as a special act to tackle the problem of Cyber Crime. The Act was sharpened by the Amendment Act of 2008. Cyber Crime is committed every now and then, but is still hardly reported. The cases of cyber-crime that reaches to the Court of Law are therefore very few. There are practical difficulties in collecting, storing and appreciating Digital Evidence. Thus the Act has miles to go before it can be truly effective. In this tutorial, we have tried to cover all the current and major topics related to Cyber Laws and IT Security. We would like to quote the words of a noted cyber law expert and Supreme Court advocate Mr Pavan Duggal to conclude this tutorial. While the lawmakers have to be complemented for their admirable work removing various deficiencies in the Indian Cyberlaw and making it technologically neutral, yet it appears that there has been a major mismatch between the expectation of the nation and the resultant effect of the amended legislation. The most bizarre and startling aspect of the new amendments is that these amendments seek to make the Indian cyberlaw a cyber-crime friendly legislation; − a legislation that goes extremely soft on cyber criminals, with a soft heart; a legislation that chooses to encourage cyber criminals by lessening the quantum of punishment accorded to them under the existing law; …. a legislation which makes a majority of cybercrimes stipulated under the IT Act as bailable offences; a legislation that is likely to pave way for India to become the potential cyber-crime capital of the world. Print Page Previous Next Advertisements ”;
Policies To Mitigate Cyber Risk ”; Previous Next This chapter takes you through the various policies laid to minimize cyber risk. It is only with well-defined policies that the threats generated in the cyberspace can be reduced. Promotion of R&D in Cybersecurity Due to the ever-increasing dependence on the Internet, the biggest challenge we face today is the security of information from miscreants. Therefore, it is essential to promote research and development in cybersecurity so that we can come up with robust solutions to mitigate cyber risks. Cybersecurity Research Cybersecurity Research is the area that is concerned with preparing solutions to deal with cyber criminals. With increasing amount of internet attacks, advanced persistent threats and phishing, lots of research and technological developments are required in the future. Cybersecurity Research-Indian Perspective In the recent years, India has witnessed an enormous growth in cyber technologies. Hence it calls for an investment in the research and development activities of cybersecurity. India has also seen many successful research outcomes that were translated into businesses, through the advent of local cybersecurity companies. Threat Intelligence Research work to mitigate cyber-threats is already being commenced in India. There is a proactive response mechanism in place to deal with cyber threats. Research and Development activities are already underway at various research organizations in India to fight threats in cyberspace. Next Generation Firewall Multi-identity based expertise such as Next Generation Firewall that offers security intelligence to enterprises and enable them to apply best suited security controls at the network perimeter are also being worked on. Secured Protocol and Algorithms Research in protocols and algorithms is a significant phase for the consolidation of cybersecurity at a technical level. It defines the rules for information sharing and processing over cyberspace. In India, protocol and algorithm level research includes − Secure Routing Protocols Efficient Authentication Protocols Enhanced Routing Protocol for Wireless Networks Secure Transmission Control Protocol Attack Simulation Algorithm, etc. Authentication Techniques Authentication techniques such as Key Management, Two Factor Authentication, and Automated key Management provide the ability to encrypt and decrypt without a centralized key management system and file protection. There is continuous research happening to strengthen these authentication techniques. BYOD, Cloud and Mobile Security With the adoption of varied types of mobile devices, the research on the security and privacy related tasks on mobile devices has increased. Mobile security testing, Cloud Security, and BYOD (Bring Your Own Device) risk mitigation are some of the areas where a lot of research is being done. Cyber Forensics Cyber Forensics is the application of analysis techniques to collect and recover data from a system or a digital storage media. Some of the specific areas where research is being done in India are − Disk Forensics Network Forensics Mobile Device Forensics Memory Forensics Multimedia Forensics Internet Forensics Reducing Supply Chain Risks Formally, supply chain risk can be defined as − Any risk that an opponent may damage, write some malicious function to it, deconstruct the design, installation, procedure, or maintenance of a supply item or a system so that the entire function can be degraded. Supply Chain Issues Supply chain is a global issue and there is a requirement to find out the interdependencies among the customers and suppliers. In today’s scenario it is important to know − What are the SCRM problems? and How to address the problems? An effective SCRM (Supply Chain Risk Management) approach requires a strong public-private partnership. Government should have strong authorities to handle supply chain issues. Even private sectors can play a key role in a number of areas. We cannot provide a one-size-fits-all resolution for managing supply chain risks. Depending on the product and the sector, the costs for reducing risks will weigh differently. Public Private Partnerships should be encouraged to resolve risks associated with supply chain management. Mitigate Risks through Human Resource Development Cybersecurity policies of an organization can be effective, provided all its employees understand their value and exhibit a strong commitment towards implementing them. Human resource directors can play a key role in keeping organizations safe in cyberspace by applying the following few points. Taking Ownership of the Security Risk Posed by Employees As most of the employees do not take the risk factor seriously, hackers find it easy to target organizations. In this regard, HR plays a key role in educating employees about the impact their attitudes and behavior have on the organization’s security. Ensuring that Security Measures are Practical and Ethical Policies of a company must be in sync with the way employees think and behave. For example, saving passwords on systems is a threat, however continuous monitoring can prevent it. The HR team is best placed to advise whether policies are likely to work and whether they are appropriate. Identifying Employees who may Present a Particular Risk It also happens that cyber-criminals take the help of insiders in a company to hack their network. Therefore it is essential to identify employees who may present a particular risk and have stringent HR policies for them. Creating Cybersecurity Awareness Cybersecurity in India is still in its evolution stage. This is the best time to create awareness on issues related to cyber security. It would be easy to create awareness from the grass-root level like schools where users can be made aware how Internet works and what are its potential threats. Every cyber café, home/personal computers, and office computers should be protected through firewalls. Users should be instructed through their service providers or gateways not to breach unauthorized networks. The threats should be described in bold and the impacts should be highlighted. Subjects on cybersecurity awareness should be introduced in schools and colleges to make it an ongoing process. The government must formulate strong laws to enforce cybersecurity and create sufficient awareness by broadcasting the same through television/radio/internet advertisements. Information Sharing United States proposed a law called Cybersecurity Information Sharing Act of 2014 (CISA) to improve cybersecurity in the country through enhanced sharing of information about cybersecurity threats. Such laws
Offences and Penalties
Offences & Penalties ”; Previous Next The faster world-wide connectivity has developed numerous online crimes and these increased offences led to the need of laws for protection. In order to keep in stride with the changing generation, the Indian Parliament passed the Information Technology Act 2000 that has been conceptualized on the United Nations Commissions on International Trade Law (UNCITRAL) Model Law. The law defines the offenses in a detailed manner along with the penalties for each category of offence. Offences Cyber offences are the illegitimate actions, which are carried out in a classy manner where either the computer is the tool or target or both. Cyber-crime usually includes the following − Unauthorized access of the computers Data diddling Virus/worms attack Theft of computer system Hacking Denial of attacks Logic bombs Trojan attacks Internet time theft Web jacking Email bombing Salami attacks Physically damaging computer system. The offences included in the I.T. Act 2000 are as follows − Tampering with the computer source documents. Hacking with computer system. Publishing of information which is obscene in electronic form. Power of Controller to give directions. Directions of Controller to a subscriber to extend facilities to decrypt information. Protected system. Penalty for misrepresentation. Penalty for breach of confidentiality and privacy. Penalty for publishing Digital Signature Certificate false in certain particulars. Publication for fraudulent purpose. Act to apply for offence or contravention committed outside India Confiscation. Penalties or confiscation not to interfere with other punishments. Power to investigate offences. Example Offences Under The It Act 2000 Section 65. Tampering with computer source documents Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer program, computer system or computer network, when the computer source code is required to be kept or maintained by law for the being time in force, shall be punishable with imprisonment up to three year, or with fine which may extend up to two lakh rupees, or with both. Explanation − For the purpose of this section “computer source code” means the listing of programs, computer commands, design and layout and program analysis of computer resource in any form. Object − The object of the section is to protect the “intellectual property” invested in the computer. It is an attempt to protect the computer source documents (codes) beyond what is available under the Copyright Law Essential ingredients of the section knowingly or intentionally concealing knowingly or intentionally destroying knowingly or intentionally altering knowingly or intentionally causing others to conceal knowingly or intentionally causing another to destroy knowingly or intentionally causing another to alter. This section extends towards the Copyright Act and helps the companies to protect their source code of their programs. Penalties − Section 65 is tried by any magistrate. This is cognizable and non-bailable offence. Penalties − Imprisonment up to 3 years and / or Fine − Two lakh rupees. The following table shows the offence and penalties against all the mentioned sections of the I.T. Act − Section Offence Punishment Bailability and Congizability 65 Tampering with Computer Source Code Imprisonment up to 3 years or fine up to Rs 2 lakhs Offence is Bailable, Cognizable and triable by Court of JMFC. 66 Computer Related Offences Imprisonment up to 3 years or fine up to Rs 5 lakhs Offence is Bailable, Cognizable and 66-A Sending offensive messages through Communication service, etc… Imprisonment up to 3 years and fine Offence is Bailable, Cognizable and triable by Court of JMFC 66-B Dishonestly receiving stolen computer resource or communication device Imprisonment up to 3 years and/or fine up to Rs. 1 lakh Offence is Bailable, Cognizable and triable by Court of JMFC 66-C Identity Theft Imprisonment of either description up to 3 years and/or fine up to Rs. 1 lakh Offence is Bailable, Cognizable and triable by Court of JMFC 66-D Cheating by Personation by using computer resource Imprisonment of either description up to 3 years and /or fine up to Rs. 1 lakh Offence is Bailable, Cognizable and triable by Court of JMFC 66-E Violation of Privacy Imprisonment up to 3 years and /or fine up to Rs. 2 lakh Offence is Bailable, Cognizable and triable by Court of JMFC 66-F Cyber Terrorism Imprisonment extend to imprisonment for Life Offence is Non-Bailable, Cognizable and triable by Court of Sessions 67 Publishing or transmitting obscene material in electronic form On first Conviction, imprisonment up to 3 years and/or fine up to Rs. 5 lakh On Subsequent Conviction imprisonment up to 5 years and/or fine up to Rs. 10 lakh Offence is Bailable, Cognizable and triable by Court of JMFC 67-A Publishing or transmitting of material containing sexually explicit act, etc… in electronic form On first Conviction imprisonment up to 5 years and/or fine up to Rs. 10 lakh On Subsequent Conviction imprisonment up to 7 years and/or fine up to Rs. 10 lakh Offence is Non-Bailable, Cognizable and triable by Court of JMFC 67-B Publishing or transmitting of material depicting children in sexually explicit act etc., in electronic form On first Conviction imprisonment of either description up to 5 years and/or fine up to Rs. 10 lakh On Subsequent Conviction imprisonment of either description up to 7 years and/or fine up to Rs. 10 lakh Offence is Non Bailable, Cognizable and triable by Court of JMFC 67-C Intermediary intentionally or knowingly contravening the directions about Preservation and retention of information Imprisonment up to 3 years and fine Offence is Bailable, Cognizable. 68 Failure to comply with the directions given by Controller Imprisonment up to 2 years and/or fine up to Rs. 1 lakh Offence is Bailable, Non-Cognizable. 69 Failure to assist the agency referred to in sub section (3) in regard interception or monitoring or decryption of any information through any computer resource Imprisonment up to 7 years and fine Offence is Non-Bailable, Cognizable. 69-A Failure of the intermediary to comply with the direction issued for blocking for public access
Intellectual Property Right
Intellectual Property Right ”; Previous Next Intellectual property rights are the legal rights that cover the privileges given to individuals who are the owners and inventors of a work, and have created something with their intellectual creativity. Individuals related to areas such as literature, music, invention, etc., can be granted such rights, which can then be used in the business practices by them. The creator/inventor gets exclusive rights against any misuse or use of work without his/her prior information. However, the rights are granted for a limited period of time to maintain equilibrium. The following list of activities which are covered by the intellectual property rights are laid down by the World Intellectual Property Organization (WIPO) − Industrial designs Scientific discoveries Protection against unfair competition Literary, artistic, and scientific works Inventions in all fields of human endeavor Performances of performing artists, phonograms, and broadcasts Trademarks, service marks, commercial names, and designations All other rights resulting from intellectual activity in the industrial, scientific, literary, or artistic fields Types of Intellectual Property Rights Intellectual Property Rights can be further classified into the following categories − Copyright Patent Patent Trade Secrets, etc. Advantages of Intellectual Property Rights Intellectual property rights are advantageous in the following ways − Provides exclusive rights to the creators or inventors. Encourages individuals to distribute and share information and data instead of keeping it confidential. Provides legal defense and offers the creators the incentive of their work. Helps in social and financial development. Intellectual Property Rights in India To protect the intellectual property rights in the Indian territory, India has defined the formation of constitutional, administrative and jurisdictive outline whether they imply the copyright, patent, trademark, industrial designs, or any other parts of the intellectual property rights. Back in the year 1999, the government passed an important legislation based on international practices to safeguard the intellectual property rights. Let us have a glimpse of the same − The Patents (Amendment) Act, 1999, facilitates the establishment of the mail box system for filing patents. It offers exclusive marketing rights for a time period of five years. The Trade Marks Bill, 1999, replaced the Trade and Merchandise Marks Act, 1958 The Copyright (Amendment) Act, 1999, was signed by the President of India. The sui generis legislation was approved and named as the Geographical Indications of Goods (Registration and Protection) Bill, 1999. The Industrial Designs Bill, 1999, replaced the Designs Act, 1911. The Patents (Second Amendment) Bill, 1999, for further amending the Patents Act of 1970 in compliance with the TRIPS. Intellectual Property in Cyber Space Every new invention in the field of technology experiences a variety of threats. Internet is one such threat, which has captured the physical marketplace and have converted it into a virtual marketplace. To safeguard the business interest, it is vital to create an effective property management and protection mechanism keeping in mind the considerable amount of business and commerce taking place in the Cyber Space. Today it is critical for every business to develop an effective and collaborative IP management mechanism and protection strategy. The ever-looming threats in the cybernetic world can thus be monitored and confined. Various approaches and legislations have been designed by the law-makers to up the ante in delivering a secure configuration against such cyber-threats. However it is the duty of the intellectual property right (IPR) owner to invalidate and reduce such mala fide acts of criminals by taking proactive measures. Print Page Previous Next Advertisements ”;
Cyber Law – Discussion
Discuss IT Security & Cyber Law ”; Previous Next The Internet has now become all-encompassing; it touches the lives of every human being. We cannot undermine the benefits of Internet, however its anonymous nature allows miscreants to indulge in various cybercrimes. This is a brief tutorial that explains the cyber laws that are in place to keep cybercrimes in check. In addition to cyber laws, it elaborates various IT Security measures that can be used to protect sensitive data against potential cyber threats. Print Page Previous Next Advertisements ”;