PROLOGUE
As the world moves to a modern age where anything will be possible with the click of a button, the problem of stolen data and private information has become continuously troubling. This is interesting to see that the most reliable source of knowledge and data store might turn out to be a big forum for stealing information from others. The Information and Technology Act, 2000 (IT Act) regulates all forms of cyber-crime committed in the country like hacking.
Hacking historically used to refer to an offense according to section 43 of the IT Act but at the same time, ethical hacking or white-collar hacking was considered legitimate. Ethical hacking is also taught at schools and universities by qualified experts. And a desire to differentiate between good and bad hacking was felt. The term ‘hacker’ was dropped from the Act under the modification IT Act in 2008. The justification for the same was that a lot of professionals at different schools and colleges are teaching ethical hacking, and colleges can’t teach anything illegal. So they shouldn’t use the same word. Through withdrawing the term hacking from the Act, the provision rephrased section 66 and section 43. This article explores
BASIC UNDERSTANDING
Hacking is an attempt to hack a computer program or a private network within a device. Put, it is the unauthorized access to or power of computer network security mechanisms for an illegal reason.
Hacking is an unwanted intrusion into a network or a device to capture or exploit information, data, or files. Computer hacking is achieved using various kinds of programs such as Rootkit, Trojan, Keylogger, etc. Hackers often employ tactics as browser hijacks, spoofing, phishing, etc. to collect user’s personal or financial information. Whereas a Hacker is a person who discovers and exploits the vulnerability in computer systems and/or networks to obtain access. Hackers are knowledge-based computer programmers with knowledge of computer security.
Crime is both a psychological problem and an economic one. This is as old as human civilization. Most ancient texts from primitive days and mythological tales have talked of offenses committed by persons, or against other people like ordinary robbery and vandalism, or the country like espionage, treason, etc. Kautilya’s Arthashastra written about 350 BC, considered an authoritative administrative treatise in India, addresses the numerous crimes, protection measures to be taken by the authorities, potential crimes in a state, etc. and also supports penalty for the list of such stipulated offenses. Various forms of penalties were recommended for the offenses mentioned, and the idea of returning the damage to the victims was also discussed in it.
Cyber criminality is not defined under either the Information Technology Act 2000 or the I.T. Amendment Act 2008 in India or any other legislation. It just can’t be that way either. Offense or felony was dealt with in detail by specifying different offenses and sentences for each case, in compliance with the Indian Penal Code, 1860, as well as many other rules. Therefore, we might claim to describe the cyber-crime, it is just a mixture of crime and machine. Putting it ‘any wrongdoing or violation that uses a machine is a cybercrime.’ Ironically, only a minor offense such as stealing or pick-pocket may fall under the wider spectrum of the cybercrime if the specific data or assistance to such an offense is a database or information stored by the fraudster on a database used (or misused) by it. The I.T. Act describes a machine, computer network, records, knowledge, and all other essential ingredients that are part of cybercrime we will talk in depth right now.
In a cyber attack, device or data itself, the target or the offender entity or resource in committing some other offender supplying the necessary inputs for the offense. Both these illegal activities will come under the wider concept of cybercrime.1
CONSTITUTIONAL VIEW
According to constitutional values, hacking interferes with Article 21 which corresponds with the right to life and personal liberty and comprises the right to live with dignity. Furthermore, the act of hacking also infringes the right to privacy of a person which is a constitutional right today.
HACKING IN INDIA:
Chapter III deals with problems and procedures about electronic governance, and the legal recognition of electronic documents is discussed in detail in Section 4, accompanied by a review of procedures related to electronic documents, preservation and management, and acknowledgment of the legality of electronic contracts. The following parts also laid down protocols relating to electronic signatures and administrative requirements for credential authorities. Chapter IX on Fines, Enforcement, and Adjudication is a vital step in mitigating data theft, demanding liability, implementing best measures, etc. discussed in Section 43 and worthy of a comprehensive description.
The civil and criminal offenses of identity theft or hacking are protected by Chapter 43 and Section 66 of the IT Act accordingly.
Within section 43, a simple criminal violation in which an individual accesses the device without the owner’s consent and collects any data or claims that the data stored therein is civilly liable. The cracker is responsible for paying money to the persons affected. The annual payout limit was fine at Rs under ITA 2000. One crore at that. In the 2008 update, Section 43A was introduced to cover corporate sheds where the workers stole information from the company’s confidential files.
Section 66B includes retribution for receiving information or services from the stolen computers. The sentence requires one year’s imprisonment or a fine of one lakh or all rupees. Mens rea is a significant ingredient covered by section 66A. Intention or awareness to allow other persons to suffer unjust harm i.e. The presence of unlawful intent and evil nature, i.e. the principle of mens rea, degradation, elimination, modification or decrease in the worth or utility of evidence, are all the key ingredients in bringing in any action under this Act.
Child pornography has been concerned with primarily under Section 67B. This provision covers portraying children engaging in sexually suggestive activities, making text or visual materials or advertising or endorsing certain content portraying children in a pornographic or inappropriate way, etc., or encouraging child violence online or enticing children into internet interactions with one or more children, etc. ‘Children’ denotes people that, for the purposes of this Article, are not 18 years of age. Penalty for the first prosecution is imprisonment for a term of five years and a fine of ten lakh rupees and, in the case of additional arrest, seven years imprisonment and a fine of ten lakh rupees.
In cyber laws, the jurisdiction of the case is still contested. There is no cybercrime happening in a given territory. This is less borderless and less territorial. Then it is very difficult to ascertain the authority in which the lawsuit will be filed. Assume a person works from multiple locations and his data is stolen from a city while residing in another city, a dispute will arise as to where the complaint should be filed.
OTHER ACTS AMENDED BY THE ITA (INFORMATION TECHNOLOGY ACT)
INDIAN PENAL CODE, 1860
The provisions dealing with records and documents in the Indian Penal Code, 1860 were revised by Information Technology Act, 2000 by adding the term ‘electronic’ while holding electronic records and documents on a par with actual records and documents. Parts concerned with fraudulent entry of a report or fake document etc. (e.g. 192, 204, 463, 464, 464, 468 to 470, 471, 474, 476, etc.) have since been modified as electronic records and electronic documentation adding all offenses to electronic records and electronic documentation within the framework of IPC as well as actual acts of falsification or digital data falsification. However, in practice, the investigating agencies file with ITA / ITAA ( Information Technology Association of America) Sections 43 and 66 the cases citing the relevant sections of the IPC in addition to those corresponding in ITA as offenses under IPC 463,464, 468 and 469, to ensure that the evidence or punishment stated in at least one of the laws can be easily brought about.
THE INDIAN EVIDENCE ACT 1872:
That is another ITA-amended legislation. Before ITA died, all testimony at a trial was in physical shape alone. With the ITA accepting all online records and documentation, it was only reasonable that the nation’s evidentiary laws be revised in accordance with it. The “all documentation like online data” was substituted in the meanings that were part of the Act itself. Words such as ‘digital signature,’ ‘electronic type,’ ‘safe electronic record’ ‘data,’ as used in ITA, have all been added to make them part of the legislative proof process. The admissibility as verification in electronic documents as enshrined in section 65B of the Act takes on importance. This is a lengthy portion and a landmark piece of legislation created by a machine or mobile system in the field of testimony.
To put it plainly, proof (information) derived from computers or electronic storage systems and produced as print-outs or in electronic media is legitimate whether it is collected from a properly managed system with no possibility for data manipulation and maintaining the validity of data generated directly with or without human interference, etc. And followed by a certificate signed by a competent individual stating that the documents taken from a device are accurate, a computer with all the safeguards set out in the Chapter.
As the third schedule in ITA, the Bankers’ Books Evidence (BBE) Act 1891 Extension to this Act was included. Before ITA elapsed, any proof from a bank to be presented in court necessitated the creation at some point of the original ledger or other documents for authentication, with the copy kept as exhibits in the court documents. The meanings part of the BBE Act was amended with the passing of ITA as follows: “‘Bankers’ books’ include ledgers, day sheets, cash records, account books and all other documents used in a bank’s ordinary operation, whether held in paper form or as printouts of records stored on a floppy, disk, tape or some other type of electromagnetic data storage unit.”
The next legislation which ITA modified is the Reserve Bank of India Act, 1934. Section 58 of the Act sub-section ( 2), contrary to provision (p), a provision on controlling transfers of funds by 15 electronic means between banks (i.e. transactions such as RTGS and NEFT and other transfers of funds) has been incorporated to allow these transfers of electronic funds and to ensure the proper admissibility of documents and records therein.2
Scope of Cyber Law:3
Cyber laws include various forms of use. Some laws set rules for how individuals and companies use computers and the internet although some laws prevent people from being the victims of crime by unlawful internet activities. The main areas of cyber law entail:
- Fraud: As to defend themselves from online fraud, Consumers rely upon the cyber regulations. The laws are prepared to avoid identity theft, credit card theft and other economic offenses occur online. An individual shall be faced with confederate or state charges who commit identity theft. They might also come across a civil action carried by a sufferer. The advocates of the parties work accordingly.
- Copyright: Copyright violations become very simple through Internet. Near the beginning of the internet communication, copyright exploitation was too simple. So as to compel copyright safeguards, both corporate and individuals require advocates to take legal actions. The violation of copyright is a scope of cyber legislation that protects the corporate and individual’s right to provide benefit from their original workings.
- Defamation: A lot of people make use of the internet to speak their intelligence. It crosses the line of defamation when people use to say things are not correct while using the internet. Defamation regulations were made to save the person from false community statements which can affect the business or someone’s private status. While people make use of the internet to bring such statements that infringe the civil laws, which are known as Defamation law.
- Harassment and Stalking: Now and again the statements on the internet can even go against the criminal laws that prohibit harassment and stalking. There is an infringement of both civil and criminal laws, where an individual makes intimidating statements repeatedly about someone else on the internet. The cyber advocates prosecute and defend them through the internet or other form of electronic communication.
- Freedom of Speech: Freedom of speech is a very significant field of cyber law; it always permits people to have a word even when cyber laws prohibit certain behaviors on the internet. Cyber lawyers ought to counsel their clients to confines of free speech including laws that forbid obscenity. Whenever there is a fright concerning whether their actions consist of allowable free speech, a lawyer shall protect their clients.
- Trade Secrets: Often corporate indulging in online businesses rely upon cyber legislation to safeguard their trade secrets. Like, Google and many internet exploration engines pay out lots of moment developing the algorithms which generate search results. They furthermore spend a lot of time developing other features e.g. maps, intelligent support, and trip search services to name only some. As in order to defend their business secrets, cyber legislation aid these corporate to obtain legal action whenever required.
- Contracts and Employment Law: Cyber law has been used by the people every time whenever they click a button which says you concur to the terms and conditions of using a website. Those websites which are on the way and other linked to privacy concerns are always bound with the terms and conditions.
HOW TO FILE A COMPLAINT ABOUT HACKING
A cybercrime case may be lodged internationally at every cyber jail. India has numerous cyber-crime cells; a report may be filled in at each of these- Initially write an application to the department head of the cyber cell and the complaint should include the name, address, e-mail, and telephone number. Furthermore, send a cell with the supporting information;
Database logs-log files that immediately get when files are accessed with the database. It saves a list of daily activities performed.
Printed copy and soft copy of the defected material-all material that the hacker has tempered with must be admitted as evidence with the cyber cell.
A hard copy of the data web pages and the current versions of both the original and the defaced content will be submitted in order to make it easier for the investigation to find the defaced or distorted content.
Description of the monitoring system that the claimant needs to say the names of those with login and device access.
When another individual is arrested, a list of suspects should also be provided for further reference and could assist the cyber cell in the examination.
There are also arrangements these days for the claimant to get access to the case lodged and to monitor the availability online without going outside.4
RECENT NEWS
In India, Chinese cyber attackers are steadily attacking specific markets, with more than 40,300 cyber-attack efforts being made in just the last five days. The information was released by the cyber security cell of Maharashtra, which acknowledged the increasing involvement of State-backed Chinese hackers attacking numerous sectors in India. Though Chinese threat agents are established perpetrators in cybercrime worldwide, the recent rise in hacker activity comes in light of growing geopolitical tensions at the Indo-China border in Galwan Valley.5
CONCLUSION
The malicious software poses no longer a serious threat to the modern world. Not many people are aware of the crime in the world. The government’s rules are strict but the culture needs a bit of enforceability and understanding. Most of the minor hacking cases go unnoticed because people are abstaining from filing cases for small crimes even when there is harsh punishment for this. Moreover, owing to a lack of resources it is very difficult to trace a computer hacker. Since hacking can happen anywhere in the world, tracking him and catching him in another country is difficult for police. Often, the penalty should be a little tougher to discourage people from indulging in these acts.
SOURCES
- https://www.latestlaws.com/wp-content/uploads/2015/05/Cyber-laws-in-India.pdf
- https://www.latestlaws.com/wp-content/uploads/2015/05/Cyber-laws-in-India.pdf
- https://www.geeksforgeeks.org/cyber-law-it-law-in-india/
- https://blog.ipleaders.in/laws-hacking-india/
- https://www.news18.com/news/tech/chinese-hackers-made-over-40000-cyber-attacks-on-india-in-past-5-days-maha-cyber-dept-2683591.html
This blog is written by Akriti Sharma, Banasthali University
Some of her blogs-
- INTRODUCTION TO INDIAN EVIDENCE LAW
- INDIAN EVIDENCE AMENDMENT BILL, 2016
- BURDEN OF PROOF (Section 101-114)
- INHERENT POWERS OF THE COURT
Visit our Instagram page @lawyergyan at this link.