Cyber Crime and Applicable Laws | Bhavya Sharma & Associates

 

The Perspective: 

There is no doubt that the information and communication technologies have grown tremendously with time in India. Everything nowadays relies more on the internet and the devices connected to it. From buying groceries to sending critical organizational data, there has been a huge shift in the dependency on the internet and technology.  As the use of the internet grows, so do cybercrimes. And as there are improvements in technology, so have the techniques to hack these technologies developed with time.

Online banking or internet banking have emerged as a common necessity in today's digital India. We use internet banking while shopping, healthcare and almost every other service as they have many benefits over the traditional methods of cash payment like access to account 24/7, keeping track of every transaction, online balance check and easy payment methods. As more and more people started using internet banking, the number of financial frauds also started to increase. In Chennai, almost 80 per cent of cases in cybercrime division are related to revealing ATM passwords, OTPs and details of bank accounts, as stated by Chennai police commissioner AK Viswanathan. Also, the Reserve Bank of India (RBI), stated that it has discovered around 50,000 cyber frauds in the country in 2018-19 fiscal.

Most of the banking frauds are a result of targeted fishing attacks on high-net-worth individuals or bulk messaging frauds like phishing emails sent to customers by a scammer to retrieve banking information from people who are unaware of the online threats. Other methods of banking frauds by skilled cybercriminals include SIM swapping frauds where a hacker takes control of your mobile number and then access the data and accounts connected to it and the ATM skimmer frauds where the hackers place their device under the keypad or the card scanner that copies your card details and the PIN you enter.

Governing Laws:

The abuse of technology has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000. The Act provides a legal framework for electronic governance. It defines cybercrimes and attached penalties for such crime. Information Technology Act, 2000 apply to the whole of India. The Act governs the provisions pertaining to the crimes related to the computer or network located in India. 

The list of offences and penalties related thereto as provided under the Information Technology Act, 2000:

S.No	Corresponding Section	Description	Penalty
1	Section 65: Tampering with computer source documents	If a person knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force.	Imprisonment up to three years, or/and with fine up to ₹200,000
2	Section 66: Computer related offences	If a person with the intent to cause or knowing that he is likely to cause wrongful loss or damage, destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means.	Imprisonment up to three years, or/and with fine up to ₹500,000
3	Section 66B: Punishment for dishonestly receiving stolen computer resource or communication device.	Whoever dishonestly receive or retains any stolen computer resource or communication device Knowing or having reason to believe the same to be stolen computer resource or communication device.	Imprisonment up to three years, or/and with fine up to ₹100,000
4	Section 66C:  Punishment for identity theft.	Whoever, fraudulently or dishonestly make use of the Electronic signature, password or any other unique identification feature of any other person.	Imprisonment up to three years, or/and with fine up to ₹100,000
5	Section 66D: Punishment for cheating by personation by using computer resource.	Whoever, by means of any communication device or computer resource cheats by personation.	Imprisonment up to three years, or/and with fine up to ₹100,000
6	Section 66E: Punishment for publishing of private images of others.	Whoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent.	Imprisonment up to three years, or/and with fine up to ₹200,000
7	Section 66F: Punishment for cyber terrorism	If a person denies access to an authorized personnel to a computer resource, accesses a protected system or introduces contaminants into a system, with the intention of threatening the unity, integrity, sovereignty or security of India, then he commits cyber terrorism.	Imprisonment up to life.
8	Section 67: Punishment for publishing or transmitting obscene material in electronic form	Whoever publishes or transmits or causes to be published or transmitted in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it.	On first conviction with imprisonment of either description for a term which may extend to three years and with fine which may extend to five lakh rupees                                          and In the event of second or subsequent conviction with imprisonment of either description for a term which may extend to five years and also with fine which may extend to ten lakh rupees.
9	Section 67A: Punishment for publishing or transmitting of material containing sexually explicit act, etc., in electronic form	Whoever publishes or transmits or causes to be published or transmitted in the electronic form any material which contains sexually explicit act or conduct.	on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to ten lakh rupees and in the event of second or subsequent conviction with imprisonment of either description for a term which may extend to seven years and also with fine which may extend to ten lakh rupees.
10	Section 67B:  Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc., in electronic form.	Whoever publishes or transmits, creates text or digital images, records in any electronic form own abuse or that of others pertaining to sexually explicit act with children.	On first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to ten lakh rupees and in the event of second or subsequent conviction with imprisonment of either description for a term which may extend to seven years and also with fine which may extend to ten lakh rupees.
11	Section 67C: Preservation and retention of information by intermediaries	Failure to maintain records or information as an intermediary for stipulated time period and in such manner and format as the Central Government may prescribe.	Imprisonment for a term which may extend to three years and also be liable to fine
12	Section 68:  Failure to comply with orders of controller	Any person who intentionally or knowingly fails to comply with any order shall be guilty of an offence.	Imprisonment for a term not exceeding two years or a fine not exceeding one lakh rupees or with both.

Notable Cases: 

• In February 2001, in one of the first cases, the Delhi police arrested two men running a web-hosting company. The company had shut down a website over non-payment of dues. The owner of the site had claimed that he had already paid and complained to the police. The Delhi police had charged the men for hacking under Section 66 of the IT Act and breach of trust under Section 408 of the Indian Penal Code. The two men had to spend 6 days in Tihar jail waiting for bail.

• In February 2017, M/s Voucha Gram India Pvt. Ltd, owner of Delhi based Ecommerce Portal www.gyftr.com made a Complaint with Hauz Khas Police Station against some hackers from different cities accusing them for IT Act / Theft / Cheating / Misappropriation / Criminal Conspiracy / Criminal Breach of Trust / Cyber Crime of Hacking / Snooping / Tampering with Computer source documents and the Web Site and extending the threats of dire consequences to employees, as a result, four hackers were arrested by South Delhi Police for Digital Shoplifting.

Cyber Crimes during pandemic:

Now in today's COVID effected world, the usage of the internet has increased exponentially. India’s internet consumption rose by 13% since the nationwide lockdown was put in place, according to telecom ministry data. As per the records, Indians consumed 308 petabytes (PB) or 308,000 terabytes (TB) of data daily on an average for the week beginning March 22, 2020.

These figures reflect the changes in the lifestyle of the people around the country. The working conditions have changed and the employees are working from home. Increased amounts of online transactions are taking place on a daily basis opening a wide range of opportunities for hackers and cyber criminals to take advantage of any lack in security practice. People are using social media platforms to stay connected to their dear ones. The financial crisis is spreading all around. The image of cybercrime has also changed in the pandemic and the hackers have sorted to newer ways to steal hard-earned money taking advantage of present mental and financial conditions of people. 

Identity theft and synthetic identity frauds have increased these days significantly. Cyber criminals gathers publicly available information on the internet like images from social media, personal details from job portals and information from data breaches available on the dark web, using it for making fake profiles on public platforms to impersonate people's identity and taking wrong advantages.

There have been cases where hackers create fake impersonating accounts of an individual and contact the acquaintances of a person asking them for financial favors. Due to the present financial situation around the globe, people do not check the authenticity of the message and send the asked amount to the hacker's account. A case came across were the principal of a city-based private college in Ludhiana, came to know from his friend and family members that there was a fake account on Facebook created on his name sending messages asking for Rs 5000 as an urgent help in this pandemic situation. He immediately reported the account as impersonation. From this incident, we can assume how a cyber-criminal can create a fake identity and attempt such crimes. Others had their fake profiles created on Facebook and then messages were sent from these fake accounts to their connections requesting for money. Imposters and hackers on social media also targeted people in high institutional positions. 

Precautions:

As we move into the digital world we need to be prepared for the risks present on it. Hence we need to educate ourselves to defend our identities. Hackers will come across multiple ways to steal your information and hard-earned money, but we have to imply the right security practices on public platforms and follow cyber hygiene while using the internet to prevent any financial frauds in the future.

Some of the right practices are:

 Change passwords frequently and use a strong and complex password

 Use different passwords for every account to avoid all your accounts from being hacked if one account password is exposed.

 Avoiding replying spam mails

 Make your social media accounts private

 Using Two-Factor Authentication for all your accounts to provide a second layer of security to protect your account in case your passwords are compromised

 Avoid the use of personal or business emails for online services to prevent spammers from send phishing and spam mails

 Avoid revealing account credentials and OTPs to anyone

 Avoid logging into a shared device. Always log out of such devices after your work is complete.

 Do not use public wifi for logging into your account or making any online transactions as these public networks can be easily monitored by a hacker and your information can be disclosed

 Always use https websites for online bank transactions to prevent your information travelling in the network in plain text. Your browser will show a lock icon in front of these URLs. 

Conclusion: Cyber law contains the provisions for almost all aspects of transactions and activities on and concerning the Internet and one has to bear the consequences for in case of wrongdoing or abuse of technology in any manner.  Whereas, the Government of India is issuing an advisory to the public to not to fall prey to these only crimes and take precautions while filling their details and passwords on online sites and for the same GOI launched National Cyber Crime Reporting Portal. This portal is an initiative of Government of India to facilitate victims/ complainants to report cybercrime complaints online. This portal caters all types of cybercrime complaints. Hence, one should be cautious while sharing their personal details, data or any other personal information which can cause be used by cyber criminals. Though not all the peoples are victims to cyber-crimes but they are still at risk but precaution is always better than a cure.

Article By: Ms Bhavya Sharma, a Practising Company Secretary from Delhi. For further details you may contact us at legal@bhavyasharmaandassociates.com or for more details you can visit: www.bhavyasharmaandassociates.com

Disclaimer: Although due care and diligence have been taken in preparation and uploading this Article, Bhavya Sharma & Associate shall not be responsible for any loss or damage, resulting from any action taken on the basis of the contents of this Article. Anyone wishing to act on the basis of the material contained herein should do so after cross checking with the circulars, notifications, applicable acts, press release issued by the concerned department or seek appropriate counsel for their situation.