CYBERAGE – THE NEED TO CONTINUALLY INCREASE SCOPE OF IT LAWS
By Anindya Kr. Banerjee, Consultant at Centre for Good Governance Society
Due to immense increase in the use of Internet and dependency of individuals in every field, a number of new crimes related to Computer and other gadgets based on internet have evolved in the society. Such crimes where use of computers coupled with the use of Internet is involved are broadly termed as Cyber Crimes. There was no statute in India for governing Cyber Laws involving privacy issues, jurisdiction issues, intellectual property rights issues and a number of other legal questions. With the tendency of misusing of technology, there arisen a need of strict statutory laws to regulate the criminal activities in the cyber world and to protect the true sense of technology “INFORMATION TECHNOLOGY ACT, 2000″ [ITA- 2000] was enacted by Parliament of India to protect the field of e-commerce, e-governance, e-banking as well as penalties and punishments in the field of cybercrimes. The above Act was further amended in the form of IT Amendment Act, 2008 [ITAA-2008].
The major Acts , which got amended after enactment of ITA
The Indian Penal Code, 1860
The Indian Evidence Act 1872
The Bankers’ Books Evidence (BBE) Act 1891:
Issues not covered under ITA
The existing law is not suffice to tackle the menace as of now, many issues in Cybercrime and many crimes are still left uncovered, however most of the cybercrimes in the nation are still brought under the relevant sections of IPC read with the comparative sections of ITA or the ITAA which gives a comfort factor to the investigating agencies that even if the ITA part of the case is lost, the accused cannot escape from the IPC part. Of course debates often surface that a certain IPC act of ICT Act is not understood correctly and curbs on constitutional rights like freedom of expression etc.
Unlike few early starters other states are way behind to even start their Cyber Cells with the idea to tackle the growing menace, while talks in most states are on to also have a separate rank officers to oversee probes in cybercrime cases but there is in fight inside the organisation itself to come to a conclusion. I had an opportunity to learn that in a state they wanted a separate cadre for Cyber Cell inside the police department (home) and that too for two approved post through a cabinet decision. Once the same was authenticated for approval there began a fight who will be the senior among the two approved post which are contractual in nature to be recruited from the market as NICSI failed to supply the same.
There is also no policy so far to train the existing police and paramilitary staff on the growing menace of Cyber Crimes as and when the penetration of internet increases in the country. It is now evident that the country needs to add to the existing CCTNS training component on Cyber education both on laws and crimes to assist the police in all states.
Going further the training has to be given by specialists in the industry and not from academic point of view but practical cases to be solved, I recall that the Facebook account of a state head was hacked few years back and the culprit is still at large due to absence of team to track the same person. If such is the state of affairs then we are nowhere near to the objective of setting up the CCTNS network which has all hardware and software and network but no one to manage the cyber age criminals.
We now are aware that Internet crime is crime committed on the Internet, using the Internet and by means of the Internet and Computer crime is a general term that embraces such crimes as phishing, credit card frauds, bank robbery, illegal downloading, industrial espionage, child pornography, kidnapping children via chat rooms, scams, cyber terrorism, creation and/or distribution of viruses, Spam and so on. All such crimes are computer related and facilitated crimes.
With the evolution of the Internet, along came another revolution of crime where the perpetrators commit acts of crime and wrongdoing on the World Wide Web. Internet crime takes many faces and is committed in diverse fashions. The number of users and their diversity in their makeup has exposed the Internet to everyone. Some criminals in the Internet have grown up understanding this superhighway of information, unlike the older generation of users. This is why Internet crime has now become a growing problem in the United States. Some crimes committed on the Internet have been exposed to the world and some remain a mystery up until they are perpetrated against someone or some company. In India we have seen multiple cases where a company website is hacked or a national portal or state portal is defaced each year and the number is growing.
The different types of Internet crime vary in their design and how easily they are able to be committed. Internet crimes can be separated into two different categories. There are crimes that are only committed while being on the Internet and are created exclusively because of the World Wide Web. The typical crimes in criminal history are now being brought to a whole different level of innovation and ingenuity. Such new crimes devoted to the Internet are email “phishing”, hijacking domain names, virus imitation, and cyber vandalism. A couple of these crimes are activities that have been exposed and introduced into the world. People have been trying to solve virus problems by installing virus protection software and other software that can protect their computers. Other crimes such as email “phishing” are not as known to the public until an individual receives one of these fraudulent emails. These emails are cover faced by the illusion that the email is from your bank or another bank. When a person reads the email he/she is informed of a problem with he/she personal account or another individual wants to send the person some of their money and deposit it directly into their account. The email asks for your personal account information and when a person gives this information away, they are financing the work of a criminal.
The statistics that have been obtained and reported about demonstrate the seriousness Internet crimes in the world. Just the “phishing” emails mentioned in a previous paragraph produce one billion dollars for their perpetrators.
The question about how to police these crimes has already been constructed, but this task is turning out to be an uphill battle. Since the first computer crime law, the Counterfeit Access Device and Computer Fraud and Abuse Act of 1984, the government has been trying to track down and stop online criminals. The FBI has tried many programs and investigations in order to deter Internet crime, like creating an online crime registry for employers. The reality is that Internet criminals are rarely caught. One reason is that hackers will use one computer in one country to hack another computer in another country and never get caught attitude another eluding technique used so far observed is the changing of the emails, which are involved in virus attacks and “phishing” emails so that a pattern cannot be recognized. An individual can do their best to protect themselves simply by being cautious and careful. Internet users need to watch suspicious emails, use unique passwords, and run anti-virus and anti-spyware software. Do not open any email or run programs from unknown sources. Technology has increased the methods and possibilities of commission of traditional and modern crimes. A person sitting in one part of the world may commit a cybercrime in another part of the world. Conflict of laws in cyberspace has created unique law enforcement related problems as a given act or omission may be illegal in one country and may be legal in another.
The online defamation case of Google has already reached to Indian Supreme Court. Similarly coordinating law enforcement related actions between Indian law enforcement agencies and foreign companies like Google takes lots of time making the entire exercise problematic and redundant. In the absence of a techno legal framework in India, Indian government is finding it really difficult to manage cyberspace related issues, especially tackling cybercrimes. In current situation when we have been listening to media coverage that the militant organisations are using the internet to encourage recruiting fresh blood is become more challenging a task to tackle. Applications on handheld devices are also growing in numbers to allow space to the technical mind set professionals to find a way out at the earliest.
On the other hand Cyber insurance in India has become an acceptable reality in India these days. Many companies have shown their interests in obtaining cyber insurance and some of them have actually obtained the same. Before taking up a cyber-insurance policy in India, the concerned company or individual must be well aware of the techno legal compliance requirements of India and the potential cyber risks. This alone would help it/him/her to take the most appropriate cyber insurance policy.
Similarly, an improper cyber insurance policy that is not covering the cyber risks in entirety and leaves scope for ambiguity and legal complications while claiming the insured amount should be avoided. A techno legal vetting of cyber insurance policies obtained in India is an absolute must before obtaining the same.
Just like legal due diligence, a techno legal cyber insurance policy due diligence must be conducted before signing any such cyber insurance policy. The terms and conditions of such cyber insurance policy must be thoroughly analysed line by line to avoid any unfavourable and surprise outcome. Merely signing of a cyber-insurance policy does not mean that in case of a cyber breach the concerned insurance company would release the insured amount.
Insured companies and individuals who have obtained a cyber-insurance policy must also be aware if the issues like privacy, data protection (PDF), data security, e-discovery, cyber forensics, cybercrimes investigation, etc. This does not mean that those insured themselves must be capable of managing the techno legal aspects of these issues and fields.
If I can so conclude that the Indian Society as on today is bubbling with activities in the global world while more and more it is dependent upon technology and crime based on electronic offences are on the rise as internet penetration increases in our country. The law making machinery of the nation should be in accordance with the issues we are facing today and shall face in the future as compared to the fraudsters, to keep the crimes lowest. Hence, it should be the persistent efforts of rulers and law makers to ensure that governing laws of technology contains every aspect and issues of cybercrime and further grow in continuous and healthy manner to keep constant vigil and check over the related crimes.