DAYANAND BRIJENDRA

SWARUP COLLEGE
KANPUR

SESSION – 2023-24
BACHELOR OF ARTS – FIRST SEMESTER

PROJECT ON
(Cyber Crimes and Cyber Laws)

SUBMITTED TO - Mrs. SHIKHA SAXENA

SUBMITTED BY - ANANY DIXIT

1
 ACKNOWLEDEGEMENT

I would like to express my gratitude and appreciation to my faculty guide

and my project guide whose help, suggestions and encouragement,
motivated me to complete my project and especially in writing this report.

Finally, yet importantly, I would like to express my heart full thanks to my

beloved parents for their blessings, my friends for their help and wishes
for the successful completion of this project.

2
 Cyber Crimes and Cyber Laws in India: An Overview
______________________________________________________________________________

Abstract: Internet, the worldwide connection of loosely held networks, has made the flow of data
and information between different networks easier. With data and information being transferred
between networks at distant locations, security issues have become a major concern from the
past few years. The internet has also been used by few people for criminal activities like
unauthorized access to others networks, scams, etc. These criminal activities related to the
internet are termed as Cyber Crimes. With the increasing popularity of online activities like
online banking, online shopping, etc., it is a term that we often hear in the news now-a-days.
Therefore, in order to stop and punish the cyber criminals, “Cyber Law” was introduced. Cyber
Law can be defined as law of the web, i.e., it is a part of the legal systems that deals with the
Internet, Cyberspace and with other legal issues like online security or online privacy.
Therefore, keeping the objectives in mind, this chapter is divided into different sections in order
to provide a brief overview of what is cybercrime, the perpetrators of cybercrime-hackers and
crackers, different types of cybercrimes and the evolution of cyber laws in India. The chapter
further throws light on how these laws work and the various preventive measures which can be
used to combat this “hi-tech” crime in India.

INTRODUCTION:

A computer can be defined as the machine that stores and processes information that are
instructed by the user. Cyberspace, i.e., the Internet, has made the flow of data and information
between different networks easier and more effective. The internet technology is used for various
purposes ranging from online dealing to online transactions. Since decades majority computer
users are utilizing the computer, either for their personal benefits or for other benefits. Therefore,
security related issues have become a major concern for the administrators. This has given birth
to “Cyber Crimes”. Cyber Crime can thus, be defined as the crimes committed by using
computer or computer network and usually take place over the cyberspace especially, the
3
Internet. In simple terms, cybercrimes are the offences that take place over electronic
communications or information systems. A Cybercriminal may use a device to have access to
users’ personal information, confidential business information, and government information or to
disable a device. Selling any private data or information without the consent of the owner also
falls under cybercrime. Criminals performing such activities are often referred to as hackers.
Therefore, cybercrimes are also known as electronic crimes or e-crimes, computer-related
crimes, high-tech crime, digital crime and the new age crime.

Today, Cybercrime has caused a lot of damages to individuals, organizations and even
the Government. Several laws and methods have been introduced in order to stop crimes related
to the Internet. “Cyber Law” was introduced in India with an objective to cover the part of the
legal systems that deals with the Cyberspace and legal issues, online security or online privacy,
etc. In other words, Cyber Law can be defined as the laws that govern the Cyberspace
cybercrimes, digital and electronic signatures, data protections and privacy, etc., and
comprehended by the cyber law. The UN’s General Assembly recommended the first
Information Technology (IT) Act of India in 2000. This Act was passed on the “United Nations
Model Law on Electronic Commerce (UNCITRAL) Model”.

OBJECTIVES:

This qualitative Research Paper has been written keeping in mind the following three main
objectives:

i. To spread knowledge on the crimes/criminal activities like unauthorized access to others

networks, scams, etc., that are taking place through cyberspace especially, the Internet;

ii. Generate awareness among the masses on “Cyber laws” that are imposed in order to stop the
cybercrime and/or punish the cyber criminals; and

iii. To suggest other preventive measures apart from the Cyber Law so that there can be safety of
the users in the cyberspace.

4
 ORIGIN OF CYBER LAW

Science the beginning of the civilization, man has constantly adapted himself with the
changing circumstances and scenarios to usher in new eras of development and
progress. Every stage of human history has been important in its own way.
Internet has become an all pervading revolution which is having an immense impact on
all aspects of human life and existence. Internet is a new phenomenon which has set
new benchmarks for the entire mankind. Internet is a global network of computers, all
speaking same language.
Internet has grown in a very rapid arbitrary and unplanned manner. Because of this
unplanned nature of internet. It was felt initially internet is a system of anarchy.
However as time flew, it began to drawn upon netizens that internet and cyberspace
need to be regulated and a regulated cyberspace would be the catalyst for the future
progress of mankind. Herein lay the seeds of origin of cyber law.
The dawning of the 21st century seems to have had a magical effect on India. The
Indian government has taken the emergence of the new millennium as a signal to
proceed forward in the direction of whole heartedly adopting technologies and giving
legal recognition to the same and regulating the same. This new chapter began with
the passing of India’s first cyber law namely, the information technology act, 2000.

5
 UNITED NATIONS DEFINITION OF CYBER
CRIME
Cybercrime spans not only state but national boundaries as well. Perhaps we should
look to international organizations to provide a standard definition of the crime. At the
Tenth United Nations Congress on the Prevention of Crime and Treatment of
Offenders, in a workshop devoted to the issues of crimes related to computer networks,
cybercrime was broken into two categories and defined thus:

a. Cybercrime in a narrow sense (computer crime): Any illegal behavior directed by

means of electronic operations that targets the security of computer systems and the
data processed by them.

b. Cybercrime in a broader sense (computer-related crime): Any illegal behavior

committed by means of, or in relation to, a computer system or network, including such
crimes as illegal possession and offering or distributing information by means of a
computer system or network.

Of course, these definitions are complicated by the fact that an act may be
illegal in oneNation but not in another.
There are more concrete examples, including
i. Unauthorized access
ii. Damage to computer data or programs
iii. Computer sabotage
iv. Unauthorized interception of communications
v. Computer espionage

6
CYBER CRIME
The term ‘cyber’ derived from cybernetics, used to describe the entire range of
things made available through the use of computer.

All crimes performed or resorted to by abuse of electronic media or otherwise, with the
purpose of influencing the functioning of computer or computer system. Cyber crime is
a term used to broadly describe criminal activity in which computers or computer
networks are a tool, a target, or a place of criminal activity and include everything from
electronic cracking to denial of service attacks. It is also used to include traditional
crimes in which computers or networks are used to enable the illicit activity. Cyber
Crime Computer crime mainly consists of unauthorized access to computer systems
data alteration, data Destruction, theft of intellectual properly. Cyber crime in the
context of national security may involve hacktivism, traditional espionage, or
information warfare and related activities.
Cyber crime is the latest and perhaps the most complicated problem in the cyber world.
“Cyber crime may be said to be those species, of which, genus is the conventional
crime, and where either the computer is an object or subject of the conduct constituting
crime”. “Any criminal activity that uses a computer either as an instrumentality, target
or a means for perpetuating further crimes comes within the ambit of cyber crime” A
generalized definition of cyber crime may be “ unlawful acts wherein the computer is
either a tool or target or both” The computer may be used as a tool in the following
kinds of activity- financial crimes, sale of illegal articles, pornography, online
gambling, intellectual property crime, e-mail spoofing, forgery, cyber defamation,
cyber stalking. The computer may however be target for unlawful acts in the following
cases- unauthorized access to computer/ computer system/ computer networks, theft of
information contained in the electronic form, e-mail bombing, data didling, salami
attacks, logic bombs, Trojan attacks, internet time thefts, web jacking, theft of
computer system, physically damaging the computer system.

7
Cyber crime is use of computer and the internet by criminals to perpetrate fraud and
other crimes against companies and consumers. To avoid harm from these activities all
users should check that web sites they use all people to whom they e-mail sensitive
information are genuine. Crime committed using a computer and the internet to seal a
person’s identity or sell contraband or stalk victims or disrupt operations with
malevolent programmes. Cyber crime is a broadly use them to describe criminal
activity comm8itted on computers or the internet. Some of it is punishable by the
laws of various countries, where as others have a debatable legal status. The term ‘cyber
crime’ is a misnomer. This term has nowhere been defined in any statute/act passed or
enacted by the Indian parliament. The concept of cyber crime is not radically different
from the concept of conventional crime. Both include conduct weather act or omission,
which causes breach of rules of law and counterbalanced by the sanction of the state.

8
 CYBER SPACE

A metaphor for describing the non-physical terrain created by computer

systems. Online systems, for example, create a cyberspace within which
people can communicate with one another (via e- mail), do research, or
simply window shop. Like physical space, cyberspace contains objects
(files, mail messages, graphics, etc.) and different modes of transportation
and delivery. Unlike real space, though, exploring cyberspace does not
require any physical movement other than pressing keys on a keyboard or
moving a mouse. Some programs, particularly computer games, are
designed to create a special cyberspace, one that resembles physical reality
in some ways but defies it in others. In its extreme form, called virtual
reality, users are presented with visual, auditory, and even tactile feedback
that makes cyberspace feel real.

9
WHAT IS CYBER CRIME?

Sussman and Heuston was the first to propose the term “Cyber Crime” in the year 1995.
Cybercrime has no single definition; it is considered as a collection of acts or conduct- these acts
are based on the material offence object and modus operandi that affect computer data or
systems1. By definition, Cybercrimes are “criminal acts implemented through use of a computer
or other form of electronic communications” (Anderson & Gardener, 2015). In simple words,
acts which are punishable by the Information Technology (IT) Act, 2000 are known as “Cyber
Crimes”. In India, the IT Act, 2000 deals with the cybercrime problems. Certain amendments
were made in this Act in 2008; thereby passing the Information Technology (IT) Act, 2008
covering a wide range of area such as online commercial transactions, digital signatures, e-
commerce, etc.

Therefore, “Cyber Crime” can be defined as any malefactor or other offences where
electronic communications or information systems, including any device or the Internet or both
or more of them are involved 2.

THE PERPETRATORS-HACKERS AND CRACKERS:

i. Hacker: According to Section 66A of Information Technology (IT) Act, 20003, a person
whosoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage
to the public or any person destroys or deletes or alters any information residing in a computer
resource or diminishes its value or utility or effects it injuriously by any means is a hacker.

ii. Crackers: According to the Jargon Dictionary4, the term “cracker” is used to distinguish
“benign” hackers from hackers who maliciously cause damage to targeted computers. In other
words, a “cracker” is defined as a hacker with criminal intent who maliciously sabotages
computers, steal information located on secure computers and cause disruption to the networks
for personal or political motives.

10
CLASSIFICATION OF CYBER CRIMES:

Information technology has been misused for criminal activities in today’s world. Such
crimes may be committed against the governments, individuals and institutions. Various types of
cybercrimes exist in India and all over the World. The common types of cybercrimes are
discussed as follows:

i. Hacking: It simply refers to have an unauthorized access to another computer system. It is the
most dangerous and commonly known cybercrime. The hackers break down into the computers
system and steal valuable information, known as data, from the system without any permission.
Hacking can be done for multiple purposes like data theft, fraud, destruction of data, and causing
damage to computer system for personal gains. Therefore, hackers are able to spoof the data and
duplicate the IP address illegally.

According to the research committed by the SANS Institute (2004), there are 3 different
types of hackers:

 White Hat Hackers: These are the ethical hackers that use their hacking skills for good
reasons and do not harm the computer system.
 Black Hat Hackers: These types of hackers use their computer knowledge to gain
unauthorized access to a computer system with a malicious or harmful intention. They
may steal, modify or erase data, and insert viruses and damage the system.
 Grey Hat Hackers: They are the skilled hackers that usually do not hack for personal
gains. Therefore, they are hybrids between white hat and black hat hackers 5.

ii. Cyber Terrorism: It refers to unlawful attacks against computers, networks and the
information stored therein that are carried out to intermediates or coerce a country’s government
or citizens, having political or social objectives. Therefore, terrorism acts which are committed in
cyberspace are called cyber terrorism6. The cyber terrorism attacks and threats include:

11
  Cyber Warfare: It is an Internet based conflict which involves politically motivated
attacks on the computer system. Such attacks can disable official websites and networks,
disrupt or disable essential services, steal or alter classified data, and cripple financial
systems, among many other possibilities.
 Malicious Software: These are Internet-based software or programs that can be used to
gain access to a system to steal sensitive information or data or disrupt the software
present in computer system.
 Domain Hijacking: It refers to the act of changing the registration of a domain name
without the permission of its original registrant.

iii. Cyber Stalking: It is a criminal practice where an individual uses the Internet to
systematically harass or threaten someone. It is a willful conduct by the cyber stalkers through
any online medium like email, social media, chatrooms, etc., that actually causes the victim to
feel frightened, intimidated or molested. Usually the stalker knows their victim and majority of
the victims are women.

Earlier, the cyber stalkers were booked under Section 509 of the IPC due to lack of
punishment under the IT Act, 2000. After the Amendment of the IT Act in 2008, the cases
involving cyber stalking can be charged under Section 66A of the Act and the offender is
punishable with imprisonment up to three years, and with fine.

iv. Cyber Bullying: According to the Oxford Dictionary7, Cyber Bullying can be defined as the
“use of electronic communication to bully a person, typically by sending messages of an
intimidating or threatening nature”. It occurs when children including teenagers are threatened,
harassed, humiliated, or otherwise targeted by other children using digital technologies. Cyber
bullying may arise to the level of a cyber harassment charge, or if the child is young enough it
may result in the charge of juvenile delinquency8.

12
 Due to the increasing utilization of cell phones now-a-days, parents should keep a
check on the mood swings of their children. Rather, they should get more involved in their online
activities in order to safeguard them from cyber bullying.

v. Cyber Pornography: It refers to the act of using cyberspace to create, display, distribute, or
publish pornography or obscene materials. In other words, stimulating sexual or other erotic
activities over the Cyberspace, especially the internet is known as Cyber Pornography9. Many
websites exhibit pornographic photos, videos, etc., which can be produced quickly and cheaply
either through morphing or through sexual exploitation of women and children. Morphing refers
to the editing of an original picture through a fake identity or by an unauthorized user which is
punishable under IPC and Section 66 of the IT Act, 2000.

Child pornography is abundant on the internet. Online child pornography involves

underage persons being lured into pornographic productions or being sold or forced into
cybersex or lives of prostitution (CNN staff author, 2001). Kidnapping and international
smuggling of young girls and boys for these purposes is now a transnational crime phenomenon
often instigated in impoverished nations where victims face dire economic circumstances
(Chinov, 2000).

vi. Cyber Theft: It is another form of cybercrime used by the cyber criminals to steal information
or money from a distant location with the help of a computer or an internet. It includes various
types of crimes like:

 Identity Theft: It refers to the fraud which an individual does by making a fake identity on
the internet in order to steal money from bank accounts, credit or debit cards, etc. It is
punishable offence under Section 66C of the IT Act, 200810.
 Phishing: It is a another very common type of cybercrime which is used by hackers to
steal information which is personal like passwords, usernames, bank account number,
credit card details, etc. It is generally carried out with the help of email spoofing.
 Forgery: It means making of false document, signature, currency, revenue stamp, etc.

13
  Web jacking: It refers to hi jacking of the victims account with the help of a fake
website in order to damage it or change the information of the victims’ webpage. The
attacker sends a link to the victims email. When the victim opens the link, a new page
appears with the message of clicking another link. By clicking on the link, the victim will
be redirected to a fake page.
 Cyber Embezzlement: Such type of crime is performed by employers who already have
legitimate access to the company’s computerized system. An employee may perform
such a crime in order to earn more money.
 Corporate Espionage: This is a type of crime committed by individuals in order to gain
competitive advantage in the market. Under this crime, the cybercriminal may be from
within or outside the company and he/she may use the company’s network to steal the list
of clients, marketing strategies, financial data, trade secrets, etc.
 Plagiarism: It is used to steal someone else original writings and call it as their own.
Since most of the data is available online and people are now having more access to the
internet and the computers, the problem of plagiarism is increasing day-by-day. There are
certain software’s that are used to detect plagiarism.

vii. Email Spoofing: According to Techopedia, email spoofing is a fraudulent email

activity/technique used to hide the original address of the email message, although the mail
appears to have come from a legitimate source11. It is very common now-a-days. Such tactics are
usually done by spammers having malicious intentions such as to gain access to someone’s
banking information or to spread virus. The offender is charged with forgery under Section 463
of the IPC for committing such offences.

14
 NEED OF CYBER LAW
1. Coming of internet.
2. Greater cultural, economic, political and social transformation in the history of human
society.
3. Complex legal issues arising leading to the development of cyber law.
4. Different approaches for controlling, regulating and facilitating electronic
communication and commerce.
5. Cyberspace has complete disrespect for jurisdictional boundaries. A person in India
could break into a bank’s electronic vault hosted on a computer in USA and transfer
millions of Rupees to another bank in Switzerland, all within minutes. All he would
need is a laptop computer and a cell phone.
6. Cyberspace handles gigantic traffic volumes every second. Billions of emails are
crisscrossing the globe even as we read this, millions of websites are being accessed
every minute and billions of dollars are electronically transferred around the world by
banks every day.
7. Cyberspace is absolutely open to participation by all.

4.1 Information technology law

2. Florida electronic security act

3. Illinois electronic commerce security act
4. Texas penal code – computer crimes statute
5. Maine criminal code – computer crimes
6. Singapore electronic transaction act
7. Malaysia computer crimes act
8. Malaysia digital signature act
9. UNCITRAL model law on electronic commerce
10. Information technology act 2000 of India

15
CYBER LAW IN INDIA
The primary source of cyber law in India is the Information Technology Act, 2000
(IT Act) which came into force on 17 October 2000. The primary purpose of the Act is
to provide legal recognition to electronic commerce and to facilitate filing of
electronic records with the Government. The IT Act also penalizes various cyber
crimes and provides strict punishments (imprisonment terms upto 10 years and
compensation up to Rs 1 crore).

Jurisprudence of Indian Cyber Law

The primary source of cyber law in India is the Information Technology Act, 2000
(IT Act) which came into force on 17 October 2000. The primary purpose of the Act is
to provide legal recognition to electronic commerce and to facilitate filing of electronic
records with the Government. The IT Act also penalizes various cyber crimes and
provides strict punishments (imprisonment terms upto 10 years and compensation up to
Rs 1 crore). An Executive Order dated

12 September 2002 contained instructions relating to provisions of the Act with regard
to protected systems and application for the issue of a Digital Signature Certificate.
Minor errors in the Act were rectified by the Information Technology (Removal of
Difficulties) Order, 2002 which was passed on 19 September 2002. The IT Act was
amended by the Negotiable Instruments (Amendments and Miscellaneous Provisions)
Act, 2002. This introduced the concept of electronic cheques and truncated cheques.
Information Technology (Use of Electronic Records and Digital Signatures) Rules,
2004 has provided the necessary legal framework for filing of documents with the
Government as well as issue of licenses by the Government. It also provides for
payment and receipt of fees in relation to the Government bodies.

16
On the same day, the Information Technology (Certifying Authorities) Rules, 2000 also
came into force. These rules prescribe the eligibility, appointment and working of
Certifying Authorities (CAs). These rules also lay down the technical standards,
procedures and security methods to be used by a CA. These rules were amended in
2003, 2004 and 2006 Information Technology (Certifying Authority) Regulations,
2001 came into force on 9 July 2001. They provide further technical standards and
procedures to be used by a CA. Two important guidelines relating to CAs were issued.
The first are the Guidelines for submission of application for license to operate as a
Certifying Authority under the IT Act. These guidelines were issued on 9 July
2001. Next were the Guidelines for submission of certificates and certification
revocation lists to the controller of Certifying Authorities for publishing in the
National Repository of Digital Certificates. These were issued on 16 December 2002.

The Cyber Regulations Appellate Tribunal (Procedure) Rules, 2000 also came into
force on 17 October 2000. These rules prescribe the appointment and working of the
Cyber Regulations Appellate Tribunal (CRAT) whose primary role is to hear appeals
against orders of the Adjudicating Officers. The Cyber Regulations Appellate Tribunal
(Salary, Allowances and other terms and conditions of service of Presiding Officer)
Rules, 2003 prescribe the salary, allowances and other terms for the Presiding Officer
of the CRAT. Information Technology (Other powers of Civil Court vested in Cyber
Appellate Tribunal) Rules 2003 provided some additional powers to the CRAT.

17
 On 17 March 2003, the Information Technology (Qualification and Experience of
Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003 were passed. These rules
prescribe the qualifications required for Adjudicating Officers. Their chief responsibility under
the IT Act is to adjudicate on cases such as unauthorized access, unauthorized copying of data,
spread of viruses, denial of service attacks, disruption of computers, computer manipulation etc.
These rules also prescribe the manner and mode of inquiry and adjudication by these officers.
The appointment of adjudicating officers to decide the fate of multi-crore cyber crime cases in
India was the result of the public interest litigation filed by students of Asian School of
Cyber Laws (ASCL).

18
 Computer Emergency Response Team (CERT-IND) can instruct Department of
Telecommunications (DoT) to block a website. The Indian Penal Code (as amended by
the IT Act) penalizes several cyber crimes. These include forgery of electronic records,
cyber frauds, destroying electronic evidence etc. Digital evidence is to be collected and
proven in court as per the provisions of the Indian Evidence Act (as amended by the IT
Act). In case of bank records, the provisions of the Bankers’ Book Evidence Act (as
amended by the IT Act) are relevant. Investigation and adjudication of cyber crimes is
done in accordance with the provisions of the Code of Criminal Procedure and the IT
Act. The Reserve Bank of India Act was also amended by the IT Act. The Information
Technology (Amendment) Act, 2008, which came into force on 27th October, 2009
has made sweeping changes to the Information Technology Act, 2000.

The following rules have also come into force on the same day:

(1) Information Technology (Procedure and Safeguards for Interception,

Monitoring andDecryption of Information) Rules, 2009

(2) Information Technology (Procedure and Safeguard for Monitoring and Collecting
Traffic Dataor Information) Rules, 2009

(3) Information Technology (Procedure and Safeguards for Blocking for Access of
Information byPublic) Rules, 2009

(4) The Cyber Appellate Tribunal (Salary, Allowances and Other Terms and Conditions
of Serviceof Chairperson and Members) Rules, 2009

Cyber Appellate Tribunal (Procedure for Investigation of Misbehavior or Incapacity of

Chairperson and Members) Rules, 2009.

19
PREVENTION OF CYBER CRIMES:

In order to stop crimes committed through the computer resources and Internet
technology, “Cyber Law” was introduced. “Cyber Laws” can be defined as the legal issues that
are related to the utilization of communication technology, concretely “cyberspace”, i.e. the
Internet. It is an endeavor to integrate the challenges presented by human action on the Internet
with legacy system of laws applicable to the physical world. It is important as it is concerned to
almost all aspects of activities and transactions that take place either on the internet or other
communication devices. Whether we are aware of it or not, each action in Cyberspace has some
legal and cyber legal views12.

Based on the United Nations Model Law on Electronic Commerce (UNCITRAL), 1996,
the Indian Parliament passed the Information Technology Act, 2000 (also known as the IT Act
no. 21 of 2000) on 17th October, 2000. This law was introduced in India to deal with the digital
crimes or cybercrimes and electronic commerce.

Some key points of the Information Technology (IT) Act, 2000 are as follows:

 E-mail is now considered as a valid and legal form of communication.

 Digital signatures are given legal validity within the Act.
 The Act has given birth to new business to companies to issue digital certificates by
becoming the Certifying Authorities.
 This Act allows the government to issue notices on internet through e-governance.
 The communication between the companies or between the company and the government
can now be through internet also.
 Addressing the issue of security is the most important feature of this Act. It introduced
the concept of digital signatures that verifies the identity of an individual on the internet.
 In case of any loss or harm done to the company by criminals, the Act provides a remedy
in the form of money to the company.

20
 Since the Information Technology Act, 2000 did not covered all the aspects of
cybercrimes committed; amendments were done in the Rajya Sabha on 23rd December, 2008,
renaming the Act as the Information Technology (Amendment) Act, 2008 and was referred to as
ITAA, 2008. Eight new Cyber Offences were added to ITAA, 2008 under the following sections:

Sr. No. Sections under the Information Technology Punishment

(Amendment) Act, 2008
1. Section 66A: Cyber Stalking, i.e., sending Imprisonment up to 3
offensive messages through any communication years long with a fine.
services like a computer or mobile phone

2. Section 66B: Receiving stolen computer’s Imprisonment which

resources or communication device dishonestly may extend up to 3
years, or with a fine of
rupee 1 lakh or both.
3. Section 66C: Identity Theft Imprisonment which
may extend up to 3
years along with a fine
that may extend up to
rupee 1 lakh.
4. Section 66D: Phishing, i.e., punishment for Imprisonment which
cheating by personation by the use of computer’s may extend up to 3
resources years along with a fine
that may extend up to
rupee 1 lakh.

21
 5. Section 66E: Voyeurism, i.e. punishment for Imprisonment for 3
violating privacy of an individual years along with a fine
which may be extended
up to 2 lakh rupees or
both.
6. Section 66F: Cyber Terrorism Life imprisonment.

7. Section 67A: Publishing/ or transmitting Imprisonment up to 5

material in electronic form containing sexually years along with a fine
explicit contents that could extend up to
10 lakh rupees in the
first convict; and
imprisonment can be
extended up to 7 years
with fine of 20 lakh
rupees in the second
convict.
8. Section 67B: Child pornography Imprisonment up to 5
years along with a fine
that could extend up to
10 lakh rupees in the
first conviction; and
imprisonment can be
extended up to 7 years
with an extended fine of
10 lakh rupees in the
second conviction.

Following are some of the important Sections under Indian Penal Code for protection of
individuals from Cybercrimes:
22
 Sr. No. Sections under Indian Penal Code (IPC) Punishment
1. Section 354A punishes the offence of Sexual 3 years of imprisonment
Harassment and/or fine.
2. Section 354C criminalizes the offence of 3 years of imprisonment
Voyeurism, i.e., the act of capturing the image for the first conviction and
of a woman engaging in a private act, and/or 7 years of imprisonment on
disseminating said image, without her consent the second conviction
along with fine.
3. Section 503 punishes Criminal Intimidation as Imprisonment which may
threats made to any person with injury to her extend up to 2 years, and/or
reputation fine.
4. Section 507 punishes Criminal Intimidation by Imprisonment which may
an anonymous communication extent up to two years.
5. Section 228A deals with vengeful posting of Imprisonment which may
images or videos of rape victims extend up to two years and
fine.

Apart from the above mentioned Sections under the IPC and ITAA, 2008, the
Government of India has taken the following steps for prevention of Cybercrimes:

 Cybercrime cells have been set up in states and U.T’s for reporting and investigation of
Cybercrime cases.
 The Government under the IT Act, 2000 has also set up Cyber Forensic and Training
Labs in states of Kerala, Assam, Mumbai, Mizoram, Manipur, Nagaland, Arunachal
Pradesh, etc., for awareness creation and training against Cybercrimes.
 In collaboration with Data Security Council of India (DSCI), NASSCOM, Cyber
Forensic Labs have been set up at Mumbai, Bengaluru, Pune and Kolkata for awareness
creation and training.

23
  Various programs have been conducted by the Government of India to generate
awareness about Cybercrimes. National Law School, Bengaluru and NALSAR University
of Law, Hyderabad are engaged in conducting several awareness and training programs
on Cyber Laws and Cybercrimes for Judicial officers.

Training is imparted to Police officers and Judicial officers in the Training Labs
established by the Government.13

OTHER PREVENTIVE MEASURES:

Due to borderless nature of Cybercrimes, innovative measures are required to curb the
issue of “hi-tech crime”. Therefore, apart from the Cyber Laws, one should keep the following
points in mind for safety in Cyberspace while surfing the Internet:

i. Awareness should be generated among the students at the grassroot level, i.e., knowledge
about cybercrimes and cyber laws. Cyber literacy should be given to the students in Computer
Centers, Schools, Colleges and Universities as well. Cyber Law awareness programme can be
organized in any educational institute in order to provide basic knowledge of Internet and
Internet’s security.

ii. Bank and Credit Card statements should be reviewed on regular basis to reduce the impact of
identity theft and crimes committed online.

iii. Keep your computer system up-to-date in order to keep attackers away from your computer.
By keeping your computer updated, you block attackers from being able to take advantage of
software flaws that they could otherwise use to enter into your system and hack it for illegal
purposes.

iv. Unique and strong passwords of eight characters by using a combination of symbols, words
and figures, should be kept for online activities like online banking. Avoid using your email id,
login name, last name, date of birth, month of birth or any such personal information as your
passwords that can be traced easily.

24
v. Same passwords should not be kept for every online service you use. Keep different
passwords for different online activities.

vi. Enable Two-step Authentication in the webmail in order to make your webmail or social
media account secured. Add mobile no. to your mail account so that you get notified in case
someone else tries to gain access to your account.

Under Two-step Authentication, your username and password is required to open your
account. But, a verification code is sent to your registered mobile no. in case you forget your
password for personal security purposes. A hacker may be able to crack your password but
without the temporary verification code, he/she cannot have access to your account.

vii. For basic online security, your computer must be protected by security software since the
software helps to protect from online threats. Therefore, these softwares are essential for staying
safe on the Internet. It includes Firewall and Antivirus programs. Firewall controls who and what
can communicate with your computer online. Antivirus also maintains all online activities such
as email messages and web browsing and protects the system from viruses, worms, Trojans horse
and other types of malicious programs.

Integrated security programs such as Norton Internet Security combine Firewall,

Antivirus, Antispyware with other features such as Antispam and parental controls have become
popular now-a-days since they offer all the security software needed for online protection in a
single package.

viii. Do not respond to emails that ask for personal information and don’t click on the links in
these messages as they may take you to fraudulent and malicious websites. Pay attention to
privacy policy on Websites and in software before you share your data with them because
legitimate companies do not use email messages to ask for your personal information.

25
CONCLUSION:

To conclude, we can say that the advent computer networking and newly developed
technologies have given rise to cybercrimes in the past few years. This has created great threats
to mankind because the victim is known to the attacker and he/she with malicious intentions like
causing harm to the computer system, stealing or erasing data saved in the system, changing
password, hacking credit card details, and bank account number, etc., commits such crimes.
Different types of cybercrimes like cyber stalking, cyber terrorism, cyber pornography,
morphing, forgery, email spoofing, identity theft, etc., have serious impacts over the society. The
cybercriminal gains unauthorized access to computer resources or any other personal information
of the victim by hacking their account. It is, therefore, very important for every individual to be
aware of these crimes and remain alert and active to avoid any personal or professional loss.

However, in order to solve the problem of Cybercrime having global dimensions, the
government of India enacted the Information Technology Act in 2000 to deal with such “hi-tech”
crimes. The Act was passed again in 2008 with certain amendments. Eight new offences were
added and the Act was renamed as the Information Technology (Amendment) Act, 2008 referred
to as ITAA, 2008. Apart from this act, certain Sections under the Indian Penal Code (IPC) are
also used as legal measures to punish the individuals committing such crimes. Legal provisions
on Cyber Stalking and Online Harassment are also included under the Sexual Harassment of
Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013. Thus, to ensure justice
to the victims and punish the criminals, the judiciary has come up with the above discussed
legislations.

26