There are two groups of crimes. One group is computer crimes where crime is committed by the computer or a tool used to commit crime is a computer. Other group is computer related crime where computer can be used in evidence.
Computer crime is done against an individual or an organization where perpetrator of a crime uses a computer or computer technology to commit crime. Computer related crimes are hacking, creation of virus, credit cards theft, electronic fund transfer fraud, etc. These are the crimes in which computer acts as a necessary tool. But computer acts as an evidence of crime which are not related to computer but where information is taken about a registered code then it is easy to prove the case.
If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with both.
Explanation.-For the purposes of this section,-
(a)the word "dishonestly" shall have the meaning assigned to it in section 24 of the Indian Penal Code (45 of 1860);
(b)the word "fraudulently" shall have the meaning assigned to it in section 25 of the Indian Penal Code (45 of 1860).
Any person who sends, by means of a computer resource or a communication device,-
(a)any information that is grossly offensive or has menacing character; or
(b)any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will, persistently by making use of such computer resource or a communication device; or
(c)any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages,
shall be punishable with imprisonment for a term which may extend to three years and with fine.
Explanation.-For the purpose of this section, terms "electronic mail" and "electronic mail message" means a message or information created or transmitted or received on a computer, computer system, computer resource or communication device including attachments in text, image, audio, video and any other electronic record, which may be transmitted with the message.
Whoever dishonestly received or retains any stolen computer resource or communication device knowing or having reason to believe the same to be stolen computer resource or communication device, shall be punished with imprisonment of either description for a term which may extend to three years or with fine which may extend to rupees one lakh or with both.
Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine with may extend to rupees one lakh.
Whoever, by means for any communication device or computer resource cheats by personating, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees.
Whoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent, under circumstances violating the privacy of that person, shall be punished with imprisonment which may extend to three years or with fine not exceeding two lakh rupees, or with both.
Explanation.-For the purposes of this section-
(a)"transmit" means to electronically send a visual image with the intent that it be viewed by a person or persons;
(b)"capture", with respect to an image, means to videotape, photograph, film or record by any means;
(c)"private area" means the naked or undergarment clad genitals, pubic area, buttocks or female breast;
(d)"publishes" means reproduction in the printed or electronic form and making it available for public;
(e)"under circumstances violating privacy" means circumstances in which a person can have a reasonable expectation that;-
(i)he or she could disrobe in privacy, without being concerned that an image of his private area was being captured; or
(ii)any part of his or her private area would not be visible to the public, regardless of whether that person is in a public or private place.
(1) Whoever,-
(A)with intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by-
(i)denying or cause the denial of access to any person authorized to access computer resource; or
(ii)attempting to penetrate or access a computer resource without authorisation or exceeding authorised access; or
(iii)introducing or causing to introduce any computer contaminant;
and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the life of the community or adversely affect the critical information infrastructure specified under section 70 or
(B)knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorised access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons of the security of the State or foreign relations; or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise,
commits the offence of cyber terrorism.
(2) Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life.'
2. Source code alteration - Section 65 - It means that if any person conceals, destroys or alters the computer source code which includes computer programs, computer commands, designs, computer network, when this source code is required to be mentioned by law then the person is said to be punished for tampering with the computer source document. Therefore, it is necessary that every organization should register its security code. Sometimes, it is difficult for an organization that the security code is their property or not. So, if they have the code, the person falling under this section is entitled to be punished for imprisonment of three years or fine of Rs. two lakh or both.
Crimes of alteration of computer data are:-
i.False Data Entry
ii.Data Leakage
iii.Virus
iv.Worms
v.Trap Doors
vi.Computer Forgery
vii.Program Piracy
viii.Fraud at Payment Points
ix.Program Manipulation
x.Software Piracy.
3. Punishment for publishing or transmitting obscene material in electronic from (Section 67)
If any person publishes or transmits or causes to be published or transmitted in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who can read, see or hear the matter contained in it, shall be punished for the term of 3 years or with fine of Rs. five lakhs and in the event of second or subsequent conviction the imprisonment will be for the term of 5 years and also with fine which may extend to Rs. ten lakhs or both.
(Section 67A) - This section is related to the publishing or transmitting of material containing sexually explicit act, etc., in electronic from. This conduct shall be punished on first conviction with imprisonment for five years and fine of ten lakhs rupees and in second conviction imprisonment of seven years and also with fine which may extend to ten lakh rupees.
This section includes the person who:
(a)publishes or transmits any material in electronic form which depicts children engaged in sexually explicit act or conduct; or
(b)creates text or digital images, collects, seeks, browses, downloads, advertises, promotes, exchanges, distributes material in any electronic form depicting children in obscene or indescent or sexually explicit manner; or
(c)cultivates or induces children to online relationship with one or more children for and on sexually explicit act or in a matter that may offend a reasonable adult on the computer resource; or
(d)facilitates abusing children online; or
(e)records in any electronic form own abuse or that of others pertaining to sexually explicit act with children.
4.Other Computer related offences (section 66). If any person does any act as referred to in section 43 of the Indian Penal Code, then he shall be punished with imprisonment of two to three years or with fine of Rs. five lakhs or with both.
Other Offences are:
(Section 66A) - Punishment for sending offensive messages through communication services, etc. It means if any person sends any offensive message which is grossly offensive or has menacing character or if he knows it to be false or causing inconvenience, insult, injury, criminal intimidation, enmity, hatred or ill will then the punishment will be for three years or with fine or both.
(Section 66B) - This section relates to receiving or retains any stolen computer resource or communication device, and the person knows or believes that it has been stolen, then he shall be punished with imprisonment of three years or with fine of one lakh rupees or both.
(Section 66C) - Punishment for identity theft if any person fradulently make use of the electronic signature, password or other identification feature of any other person, then he shall be punished with imprisonment of three years and also liable to fine of rupees one lakh.
(Section 66D) - If any communication device or computer resource cheats by personation, then the person shall be punished with imprisonment of three years and also liable to fine of one lakh rupees.
(Section 66E) - If a person intentionally captures, publishes, transmits the image of a private person and violates his privacy then he shall be punished with imprisonment of three years or with fine not exceeding two lakh rupees or both.
(Section 66F) - Cyber Terrorism is a crime in which a person
(A)with intent to threaten the unity, integrity, security or sovereignty of India or strike terror in the people by-
(i)denying or cause the denial of access to any person authorized to access computer resource; or
(ii)attempting to penetrate or access a computer resource without authorization; or
(iii)introducing any computer contaminant and such conduct likely to cause death or injury to persons or damage or destruction of property or services which are essential to the life of community or adversely affect the critical information infrastructure specified under section 70; or
(B)knowingly or intentionally accesses a computer resource without authorisation and by means of such conduct obtains access to information data or computer database that is restricted for security of State or foreign relations and it is believed that such information, data causes injury to the sovereignty and integrity of India, the security of the State, public order, decency, morality, or in relation to contempt of court, defamation, or to advantage of any foreign nation or group of individuals commits the offence of cyber terrorism. The person shall be punished with imprisonment for life.
The other provisions of the law which are related to this section are the Indecent Representation of Women Prohibition Act and section 292 of the Indian Penal Code.
Section 292 of the Indian Penal Code is related to obscenity in physical paper material. Therefore, section 67 of I.T. Act, 2000 is a comprehensive section. This section catches the violators of law and punishes them. It is a wide section which is not restricted to only indecent representation of women.
To provide evidence to the court, it is purely upon discretion of court, whether to take the evidence as an important evidence or not. If a person is in a position to give an evidence to prove his case, then he should certify for operating of the computer. The reliability of the evidence will not be reduced in any circumstances and it is difficult for hacker to prosecute and convict himself by altering or destroying programmers as data stored in a computer system.
Ø Landmark judgment on section 67 held that if any abusive matter is contained in a book then it is necessary to find out that whether it is obscene or not and whether it deprave and corrupt the mind of persons to the extent which are open to influences of this sort; Ranjit D. Udeshi v. State of Maharashtra, (1965) 1 SCR 6556: MANU/SC/0080/1964 : AIR 1965 SC 881.
Ø Samaresh Bose v. Amal Mitra, AIR 1986 SC 967: 1986 Cr LJ 24.
In this case, the Judges expressed their view that "In our opinion, in judging the question of obscenity, the judge in the first place should try to place himself in the position of author and from the point of view of the author the judge should try to understand that what is it that the author seeks to convey and what the author conveys has any literary and artistic value. The judge thereafter should place himself in the position of a reader of every age group in whose hand the book is likely to fall and should try to appreciate what kind of possible influence the book is likely to have in the minds of the readers. The judge should thereafter apply his judicial mind dispassionately to decide whether the book in question can be said to be obscene within the meaning of the section by an objective assessment of the book as a whole and also the passage complained of as obscene separately".
In other leading case, in which test of obscenity is done is Miler v. California, 413 US 15 is also called the 'Miler Test':-
(1)Whether "the average person", applying for community standard, would find the work appealing to the prurient interest.
Here community standards in different places are different, e.g., in California, in case of modern taxes, the orthodox standards have to be seen.
(2)Whether the work depicts or describes in a patently offensive way, sexual conduct specifically defined by State law.
(3)Whether the work lacks serious literary, artistic, political or scientific value.
(4)Whether the work so made is obscene or corrupts the minds of persons.
If the above mentioned questions are satisfied or if the above test is done, then it will be proved that the matter in question is obscene or not. To prove that the matter is obscene it is mandatory to do the above test and satisfy the above question.
(1)In the leading metropolitan case of PANCARDS, an individual was forging PANCARDS to be used as identity proof. Offender forged more and more PANCARDS for those people who were paying him more advance with fictitious address to claim the refund.
(2)Computer Virus:-It is a program which is spread to whole of computer system, attaching copies itself to ordinary programs. The latest case that took place on Feb 3, 2006 was the Kama Sutra Virus. Many countries networks were affected due to this virus.
"Kama Sutra" is a mass mailing worm that attempts to lower your security settings and disable anti-virus software. It arrives in your mail box, pretending to be from someone you know, with a variety of subject lines, including: "My Photos", "Funny", "A Great Video", "Hot Movie" and others. Once activated, on the 3rd day of each month, the worm begins overwriting Word and Excel documents, as well as .zip, .pdf, and others, and thus destroying their contents. In some instances, an infected computer may have the addition of the tray icon "Update Please wait" in the lower right hand corner of your screen. Kama Sutra has been rated a "low" risk by McAfee.com but may be upgraded soon due to the escalating rate of infection.
(3)Black Mail:-Now-a-days, people are blackmailing each other by putting up a message which contains virus in the other person's system. The virus are also sent through mobile phones in order to destroy them.
(4)Pornography:-It is easily seen on internet as it gives the whole situation of the depravity of the society. It is duty of internet services provider to prevent the use of these services to distribute pornographic material and remove it whenever it is detected.
Example:-The Delhi Public School case of MMS was the famous case in which the school boy and school girl having sex were caught up by a camera phone. Mass mailing was held with a speed and on line sale also took place. The same was also put on line at Bazee.com by a student of IIT, Kanpur. It was the case of pornography in which an alarming situation of society was available on internet.
(5)Threatening e-mails:-There are many cases of threatening e-mails with the growing and powerful instrument. It is affecting the personal life of individuals and also disturbing the social environment as a whole. Recently, a person had sent a threatening e-mail from
Tamil Nadu to Parliament mentioning that there was a bomb placed in Parliament premises.
(6)Telecommunication Fraud:-It is also increasing day-by-day. Information of telephone calls which is stored on a computer that is linked to a telecommunications system is valuable. The world of telecommunications is giving rise to many crimes. A new era of wireless devices has also come up. Crimes related to telecommunications are non-payment of call once the service is activated, an unsigned number is provided to the user that does not have an account with the network, etc.
(7)Identity Theft:-Financial frauds are committed with the help of this crime. If the hacker comes to know about the credit card details or other bank account details of the victim then he can place himself in the place of victim and perform all fraudulent activities like transferring of money in his account.
(8)Conspiracy to defraud:-Under this fraud, two or more persons operate a computer by passing a password which they should not do. They do this act to transfer the funds in their own account. They have the intention to commit crime and this act is committed by two or more than two persons, so, at the time of trial, they all will be tried as they all are liable for this act.
(9)Alteration of Input Data:-It is a situation where data stored in the computer is altered in order to use it again or sell it, with an intention to commit crime. The data which is so altered is without the permission of data holder.
Section 70-Section 70 of I.T. Act, 2000 states that the appropriate government may declare any computer resource which directly or indirectly affects the facility of Critical Information Infrastructure to be a protected system. Only authorised persons can have access to the protected system. Any person who secures access or attempts to secure access to a protected system in contravention of the provision, then he shall be punished with imprisonment of either description for a term which may extend to ten years and shall also be liable to fine.
The Central Government shall prescribe the information security practices and procedures for such protected system.
Section 70 of I.T. Act, 2000 has the deterrent effect over and above section 66 of the Act. For example:-Railway Reservation network is declared as a protected system under section 70 of this Act. Then if some one hacks into such Railway Reservation network then he would get an imprisonment upto ten years. But suppose if Railway Reservation network is not protected under section 70 of the I.T. Act, 2000 wherein he may get imprisonment upto three years. It is thus important that in order to protect IT infrastructure related to national security, operational networks like income-tax department, airport authority, railways, etc., should be declared as "Protected System" under section 70 of I.T. Act, 2000 by the appropriate government by notification in Official Gazette. The hacker of same will also be tried under section 70 of the I.T. Act, 2000 and will be punished accordingly.
Section 70A of the I.T. Act provides that the Central Government may designate any organisation of the Government or the National Nodal Agency which will be responsible for all measures including research and development relating to protection of the Critical Information Infrastructure.
Section 70B of the I.T. Act lays down that the Central Government shall appoint an agency of the Government to be called the Computer Emergency Response Team. The team shall serve as the notional agency for performing the following function in the area of cyber security:-
(a)collection, analysis and dissemination of information on cyber incidents;
(b)forecast and alerts of cyber security incidents;
(c)emergency measures for handling cyber security incidents;
(d)coordination of cyber incidents response activities;
(e)issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents;
(f)other functions relating to cyber security.
The Indian Computer Emergency Response Team may call for information and give direction to the service providers, intermediaries, data centres, corporate body and any other person. If any such service providers, intermediaries fail to provide the information called for or fails to comply with the directions, shall be punishable with imprisonment for a term which may extend to one year or with fine which may extend to one lakh rupees or with both.
Section 72 of I.T. Act, 2000 states that any person who, in pursuance of any of the power confined under the I.T. Act, has secured access to any electronic record, book, register, correspondence, information, document, or any other material without the consent of any other person or discloses it to any other person then he will be punished with imprisonment upto two years or fine of one lakh rupees or both.
Under this section, it is also mentioned that "any person who, in pursuance of any of the power conferred". Therefore, limited persons who are empowered under this Act are Controller of Certifying Authority, its staff, Presiding Official, police officers and network service providers. Scope of section 72 is limited to these persons only. Power and functions of Controller are mentioned under section 18 of I.T. Act, 2000 in detail.
Right to privacy is provided as a Fundamental Right under article 21 of the Constitution of India which states that "no person shall be deprived of his life or personal liberty except according to procedures established by law".
The first case where for the first time Hon'ble Supreme Court introduced the Right to Privacy under article 21.
Kharak Singh v. State of Uttar Pradesh, MANU/SC/0085/1962 : AIR 1963 SC 1295: 1963 (2) Cr LJ 329.
Appellant was harassed and tortured by police under regulation 236(b) of Uttar Pradesh Police Regulation which permits the right of domiciliary visits at night to the appellant. But in this case, appellant's right was taken away by police and he was not allowed for domiciliary rights at night.
It was held that regulation 236 is unconstitutional and in violation of the article 21 of the Constitution of India. Judge ruled that article 21 of the Constitution to include "right to privacy" as a part of the right to "protection of life and personal liberty".
In R. Rajagopal v. State of Tamil Nadu, MANU/SC/0056/1995 : (1994) 6 SCC 632: AIR 1995 SC 264.
It was held that the right of privacy includes the right to life and life guaranteed to the citizen by article 21. Every citizen has right to safeguard the privacy of his family, marriage, motherhood, childbearing, education and himself. No other person has a right to interfere with the right of other person. In the above case, for the first time, Court has winded the concept of "right to privacy".
In India, we do not have any specific data protection or a legislation dealing with privacy of an individual. Therefore, the courts used article 21 to interpret privacy rights guaranteed to citizens by our Indian Constitution.
PUCL v. Union of India, MANU/SC/0149/1997 : (1997) 1 SCC 301: AIR 1997 SC 568.
Facts of the case: PUCL filed a case under article 32 against the incidents of telephone tapping of political persons. The issue had constitutional validity of section 5(2) of the Indian Telegraph Act, 1885 in light of article 21 and article 19(1)(a) of the Constitution of India. Section 7 of the Indian Telegraph Act, 1885 talks about framing of procedure guidelines for the effective use of section 5(2), this Act came into force in 1885 which deals with phone tapping and it is regulated by Secretary, Ministry of Home Affairs. It was held in this case that right to privacy is a part of "right to life and personal liberty" which is mentioned under article 21 of the Constitution. No other person has a right to curtail this right except according to procedure established by law. Therefore, in this case, right to have telephonic conversation in the privacy of ones home or office without any interference comes under "right to privacy". No other person has a right to listen or interfere in the telephonic conversation of any person. Hence, telephonic conversation does not come under article 21 of the Constitution of India unless it is permitted under the procedure established by law. Also, when a person is talking on phone, he is expressing his views and he has a right to freedom of speech and expression, enumerated under article 19(1)(a) of the Constitution.
Ø Under this Act Cr. P.C., Schedule I, Part II is also followed.
Ø Under the First schedule, classification of offences is done.
Ø These are the offences under the Indian Penal Code.
Ø Cognizable offences are those for which a police officer may arrest without a warrant.
Ø Non-cognizable offences are those for which a police officer shall not arrest without warrant.
If for a particular offence, a person is punished with death, imprisonment for life or imprisonment for more than seven years then it will be cognizable offence and it will be triable by Court of Session.
If for a particular offence, person is punished with imprisonment for three years and upward but less than seven years, then it will also be cognizable and non-bailable offence and it will triable by Magistrate of First Class.
Therefore, if for a particular offence, a person is punished with imprisonment for less than three years and with fine only, then it will be non-cognizable and bailable offence and it will be triable by any Magistrate.
Section 65 |
Tampering with computer source document |
Cognizable/Non-bailable |
Section 66 |
Computer related offences |
Cognizable/Non-bailable |
Section 67 |
Publishing of obscene informationin electronic form |
Cognizable/Non-bailable |
Section 70 |
Protected System |
Cognizable/Non-bailable |
Section 72 |
Breach of confidentiality and privacy |
Cognizable/Non-bailable |
Section 43 of the I.T. Act provides that if any person without permission of the owner or any other person who is incharge of a computer, computer system or computer network,-
(a)accesses or secures access to such computer, computer system, computer network or computer source;
(b)downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium;
(c)introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network;
(d)damages or causes to be damaged any computer, computer system or computer network, data, computer data base or any other programmes residing in such computer, computer system or computer network;
(e)disrupts or causes disruption of any computer, computer system or computer network;
(f)denies or causes the denial of access to any person authorised to access any computer, computer system or computer network by any means;
(g)provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder;
(h)charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network;
(i)destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or effects it injuriously by any means;
(j)steals, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage;
he shall be liable to pay damages by way of compensation to the person so affected.
'Access' means giving entry into instructing or communicating the logical, arithmetical or memory function resource of a computer, computer system, computer network. Damage to the computer also includes downloading of data, copying or extracting any data, computer data base or information from such computer, computer system, computer network including the data which is stored. Irremovable sabotage medium computer database is also explained under this Act. It means representation of information, knowledge, facts, concept, instructions in image, audio, video which are prepared in a formalised manner or have been produced by a computer, computer system, computer network. If any person has introduced or put up any virus or computer contaminant, then he will be punishable under section 43.
Damage to computer also includes disruption of any computer, computer system or computer network, the denial of access to any person authorised to access any computer, computer system or computer network by any means, provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention to provisions of this Act, charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system or computer network. It also includes destroying, deleting or altering any information stored in computer system and diminishes its value and affects injuriously, steals, conceals, destroys or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage.
The person doing the above mentioned act shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected.
Computer contaminant, is also defined under section 43 of this Act. It means any set of computer instructions that are designed to modify, destroy, record, transmit data or programming residing within a computer, computer system or computer network.
Computer virus means any computer data, instructions or information which degrades, damages, or destroys and affects the working or performance of the computer. Even this virus operates in such a manner that it can take place in a computer when it is attached to another computer resource and starts programming.
This section also covers the persons who are not the owners of the computer resource or they do not have the permission to use the computer system and they cause damage or destroy the computer, computer system, computer network, data, computer base. Damage by these persons include destroying, deleting, adding, modifying, or rearranging of any means.
It he disrupts or causes any disruption of any computer, computer system, computer network or if he denies to any other person authorized to access any computer, computer system, computer network by any means, then also he will be covered under this Act.
The person can also provide any kind of assistance to any person to facilitate access to a computer, computer system, computer network in contravention of the provision of this Act, rules and regulations made thereunder and if he charged the services availing the person to the account of another person by tampering with or manipulating any computer, computer system, computer network,.
Then in all of the above circumstances, person will be covered under section 43 of I.T. Act, 2000 and he has to pay the damages by way of compensation to the person so affected.
(Section 43A) - Compensation for failure to protect data - Where a corporate body handling any sensitive data or information in a computer, computer resource which it owns, controls or operates, is negligent in maintaining reasonable security practices and procedures and causes loss, damage and wrongful gain to any person, then such corporate body shall be liable to pay damages by way of compensation to the person so affected.
© Universal law Publishing Co.