CYBERCRIME AND RELATED LAWS

Leave a Comment / Legal / By
Solutionem Consequendam

CYBERCRIME AND RELATED LAWS

Introduction

Cyber law is a legal system that deals with the internet, computer systems, cyberspace, and all problems relating to cyberspace or information technology, according to a generic definition. Cyberspace law encompasses a wide range of subjects, including contract law, privacy legislation, and intellectual property laws. It governs electronic software distribution, information and data security, and electronic commerce. Cyber law recognises e-documents as legal papers. Furthermore, the system provides a framework for electronic commerce transactions and electronic form filling. Simply described, it is a statute that deals with cybercrime. As e-commerce has grown in popularity, it has become critical to ensure that proper regulations are in place to prevent fraud.

There are numerous laws controlling cybersecurity, which vary greatly based on the territorial area of each country. The penalties also vary depending on the offence committed, ranging from fines to imprisonment. The Computer Fraud and Abuse Act of 1986 was the first cyber law ever passed. It forbids unauthorised computer access and the criminal exploitation of digital information.

Cybercrime has increased in tandem with growing Internet usage. There are numerous stories in the media today about cyber crimes such as identity theft, cryptojacking, child pornography, cyber terrorism, and so on. In cybercrime, the computer is used as either a tool or a target, or both, to commit illegal behaviour. In our fast-paced world, Electronic commerce (e-commerce) and online stock trading have skyrocketed in the digital age, fueling an increase in cybercrime.

A primer on cybercrime and cyberlaw.

What exactly is cybercrime?

A cyber crime is any criminal behaviour that involves a computer, networked device, or other linked equipment. Some cyber crimes are committed with the purpose of generating profit for the cybercriminals, whereas others are committed with the intent of directly damaging or disabling the computer or device. Others may also use computers or networks to disseminate viruses, illicit information, photos, or any other type of material.

Many sorts of profit-driven criminal actions can be conducted as a result of cyber crime, including ransomware attacks, email and internet fraud, identity theft, and scams using financial accounts, credit cards, or any other payment card. Cybercriminals may seek to steal and resell personal and corporate data.

The Information Technology Act of 2000 and the Indian Penal Code of 1860 both include cybercrime in India. It is the Information Technology Act of 2000 that addresses cybercrime and Internet commerce. However, in 2008, the Act was amended to include a definition and punishment for cybercrime. Several amendments were also made to the Indian Penal Code 1860 and the Reserve Bank of India Act.

Cybercrime Categories

Cybercrime is classified into the following categories:

Child pornography or sexually abusive material aimed towards children (CSAM):

Child sexual abuse materials (CSAMs) are defined as any material featuring sexual pictures in any form, in which both the child being exploited or abused can be seen. The publication or transmission of material depicting children in sexually explicit acts in an electronic form is prohibited under Section 67(B) of the Information Technology Act.

Cyberbullying:

A cyberbully is someone who harasses or bullies others through the use of electronic equipment such as computers, mobile phones, laptop computers, and so on. Cyberbullying is bullying that occurs via the use of digital technologies. Social media, chat systems, gaming platforms, and mobile devices are all being used could be involved This frequently entails repetitive behaviour designed to frighten, anger, or embarrass individuals being targeted.

Cyberstalking:

The act of harassing or stalking another person online via the internet and other technologies is known as cyberstalking. Cyberstalking occurs through texts, emails, social media posts, and other means, and it is frequently persistent, methodical, and planned.

Cyber grooming is a phenomenon in which a person develops a relationship with a youngster with the intention of tempting, teasing, or even pressuring them to perform a sexual act.

Online job fraud:

An online job fraud technique involves deceiving job seekers by promising a better job with higher pay while giving them false hope. The Reserve Bank of India (RBI) warned citizens not to fall victim to job scams on March 21, 2022. The RBI has highlighted how online job fraud is committed, as well as the measures that the average person should take while applying for any job opportunity, whether in India or abroad.

Online sextortion

It occurs when a cybercriminal threatens an individual with publishing sensitive and private information on an electronic platform. These criminals threaten people in order to obtain a sexual image, sexual favour, or money from them.

Phishing:

Phishing fraud occurs when an email looks to be from a reputable source but contains a malicious attachment intended to collect personal information from the user such as their ID, IPIN, Card number, expiration date, CVV, and so on and then sell the information on the dark web.

Victims’ personal information is stolen using their phones in vishing. Cybercriminals utilise sophisticated social engineering techniques to trick victims into disclosing personal information and gaining access to personal accounts. Vishing, like phishing and smishing, deceives victims into thinking they are being courteous by replying to the call. Callers can frequently pose as representatives of the government, the tax department, the police department, or the victim’s bank.

Smishing:

As the name implies, smishing is a type of fraud that employs text messages sent through mobile phones to deceive victims into dialling a phoney phone number, accessing a fraudulent website, or installing harmful software that is installed on the victim’s computer.

Credit card (or debit card) fraud occurs when unlawful purchases or withdrawals are made with another person’s card in order to get access to their funds.

Credit/debit card fraud

It  occurs when illegal purchases or cash withdrawals are made from a customer’s account. When a criminal obtains access to the cardholder’s debit/credit card number or personal identification number, fraudulent conduct happens (PIN). Untrustworthy personnel or hackers may get your information.

Impersonation and identity theft:

 A person is impersonated or exposed to identity theft when they employ a false electronic signature, password, or other unique identifier on behalf of another person.

Cybercrime prevention

According to the International Maritime Organization’s (IMO) standards, the cyber-attack risk should be tackled using the following framework:

  • The first stage is to establish the roles and duties of the cyber risk management people.
  • The second step is to identify the systems, assets, data, or capabilities that will put the operation at stake if disrupted.
  • It is critical to create risk-control processes and contingency plans to protect against a potential cyber catastrophe and ensure operational continuity.
  • It is also critical to design and put in place procedures to detect cyber-attacks as soon as possible.
  • Preparation and execution of plans to restore important systems and ensure their continuing operation through resilience.
  • Finally, determine and implement backup and restoration procedures for any affected systems.

The following are some ways for preventing cybercrime

Analyse your risk exposure: To appropriately prepare for a cyber assault, you must estimate the threat and take it into account. Companies should think about the following:

  • They should consider all areas where they are vulnerable to cyberattacks, as well as any operational vulnerabilities that may arise as a result of them.
  • A vulnerability assessment of all systems is required to identify those that are critical to the business, understand the potential vulnerabilities of each, and assess the impact of any cyber-attack on business continuity.
  • Businesses should audit their IT and operational technology systems.

Preventive measures: Businesses should implement national or international technical standards that give a high level of protection. These general preventative measures are advised for businesses that lack the essential technical or financial capabilities. The following are some preventive measures:

  • Using many layers of defence, starting with physical security and progressing to management policies and procedures, firewalls and network design, computer policies, account management, security upgrades, and eventually antivirus programmes.
  • Implementing the principle of least privilege, which limits information and access to only those individuals who require that information.
  • Implementing network-hardening measures, ensuring adequate patch management, and proactively reviewing patch management.
  • Using technology such as protocol-aware filtering and segregation to secure vital systems.
  • Assuring that removable devices are encrypted and that any USB used in conjunction with another device is virus-free.
  • Furthermore, it is critical to build business continuity strategies, identify key individuals, and execute processes in order to minimise the negative impact of a cyberattack from increasing further and to restore corporate operations.
  • Organizing regular training and awareness sessions for all employees can also assist.
  • Third-party service provider compliance audits will also be advantageous.

India’s cybercrime legislation

There are five major sorts of cybersecurity legislation that must be obeyed. Cyber laws are becoming increasingly essential in countries with widespread internet use, such as India. Cyberspace is governed by tight rules that oversee the usage of information, software, electronic commerce, and financial activities in the digital world. India’s cyber laws have aided the growth of electronic commerce and electronic government in the country by ensuring maximum connection while minimising security concerns. This has also increased the breadth and effectiveness of digital media by making it available in a wider range of applications.

The Information Technology Act of 2000 (the IT Act):

A Summary of the Act:

The Indian Parliament has enacted the country’s first cyberlaw. During the course of the investigation in Kumar v. Whiteley (1991), the accused acquired illegal access to the Joint Academic Network (JANET) and deleted, added, and modified files. According to investigations, Kumar had been signing on to a BSNL broadband Internet connection as if he were a legal authorised user and changing computer records relevant to customers’ broadband Internet user accounts. The CBI registered a cyber crime case against Kumar based on an anonymous complaint and conducted investigations after discovering unauthorised use of Kumar’s computer has high-speed Internet access. Kumar’s unlawful act also resulted in a Rs 38,248 loss for the subscribers. The Additional Chief Metropolitan Magistrate condemned N G Arun Kumar. The magistrate sentenced him to a year in prison and a Rs 5,000 fine under Sections 420 of the IPC and 66 of the IT Act.

  • Section 66B: This section explains the penalty for receiving stolen communication devices or computers fraudulently and confirms a three-year prison sentence. A fine of up to Rs. 1 lakh may also be levied, depending on the gravity of the offence.
  • Section 66C is concerned with digital signatures, password hacking, and other types of identity theft. This clause carries a maximum sentence of three years in prison and a fine of one lakh rupees.
  • Provision 66D: This section deals with cheating by personation via computer resources. Punishment

If found guilty, you could face up to three years in prison and/or a Rs 1 lakh fine.

  • Provision 66E: Taking photographs of private regions, publishing or transferring them without the consent of the subject is a crime under this section. If found guilty, the penalties include imprisonment for up to three years and/or a fine of up to Rs 2 lakh.
  • Section 66F: Cyberterrorism Acts A person guilty of a crime may face life imprisonment. A threat email was addressed to the Bombay Stock Exchange and the National Stock Exchange, challenging security forces to prevent a terror assault on both institutions. The offender was captured and charged under Section 66F of the Information Technology Act.
  • Section 67: This entails electronic publication.Section 67: This covers the electronic publication of profanity. If convicted, the sentence may be up to five years in prison and a fine of up to Rs 10 lakh.

The Indian Penal Code (IPC) of 1860:

  • If the IT Act is insufficient to cover specific cyber offences, law enforcement agencies can use the IPC sections listed below:
  • 292 Section: The original intent of this provision was to handle the selling of obscene materials, but in this digital age, it has expanded to encompass a variety of cyber offences as well. This section also governs how obscene content or sexually explicit activities or exploits of youngsters are published or disseminated online. Such crimes are punishable by imprisonment and fines of up to 2 years and Rs. 2000, respectively.
  • For repeat (second-time) offenders, the punishment for any of the aforementioned crimes may be up to five years in prison and a fine of up to Rs. 5000.
  • 354C Section: In this clause, cybercrime is defined as taking or disseminating images of a woman’s intimate parts or actions without her consent. Vogueurism is handled specifically in this section because it considers observing a woman’s sexual activity as a crime. In the absence of the fundamental features of this section, Sections 292 of the IPC and 66E of the IT Act are broad enough to cover analogous offences. Depending on the offence, first-time offenders may face up to three years in jail, while repeat offenders may face up to seven years.
  • Section 354D: This chapter describes and punishes stalking, including physical and cyberstalking. Cyber-stalking is the tracking of a woman by technological means, such as the internet or email, or the attempt to contact her despite her reluctance. This offence is punishable by up to 3 years in jail for the first offence and up to 5 years in prison for the second offence, as well as a fine in both circumstances.

In the matter of Kalandi Charan Lenka v. State of Odisha(2017), a victim got a series of vulgar messages from an unknown number, which harmed her reputation. The accused reportedly sent emails to the victim and set up a bogus Facebook account with modified photographs of her. As a result, the accused was declared prima facie guilty of cyberstalking on several offences under the IT Act and Section 354D of the IPC by the High Court.

In addition to the laws listed above, there are many additional parts of the IT Act and the Indian Penal Code that deal with cyber offences.

The Bombay High Court examined the problem of non-bailable and non-compoundable offences under Sections 408 and 420 of the IPC in conflict with those under Sections 43, 65, and 66 of the IT Act, which are bailable and compoundable, in Gagan Harsh Sharma v. The State of Maharashtra (2018).

IT Rules (Information Technology Rules):

The IT Rules address a number of aspects of data collection, transfer, and processing, including the following:

  • The 2011 Rules on Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information): These laws require companies that possess sensitive personal information about persons to adhere to specific security standards.
  • The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021: These regulations govern the role of intermediaries, especially social media intermediaries, in preventing the transmission of dangerous content on the internet in order to protect the safety of consumers’ data online.
  • The Rules for Information Technology (Guidelines for Cyber Cafes), 2011: These recommendations require cybercafés to register with an official organisation and keep a record of users’ names and internet usage.
  • The 2011 Information Technology (Electronic Service Delivery) Regulations: Essentially, these regulations provide the government the ability to specify the electronic delivery of certain services, such as applications, certifications, and licences.
  • The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013 (the CERT-In Rules): The CERT-In rules provide for the operation of CERT-In in a variety of ways. A 24-hour Incident response helpdesk must be operational at all times, according to CERT-In rule 12. If an individual, organisation, or company is experiencing a cybersecurity event, they can report it to Cert-In. The Rules include an Annexure that lists specific Incidents that must be reported to Cert-In right away.

Another requirement under Rule 12 is that service providers, intermediaries, data centres, and corporate organisations notify CERT-In of cybersecurity events within a reasonable timeframe. Cybersecurity incidents can be reported in a variety of formats and ways, as well as information on vulnerability reporting and incident response procedures, thanks to the Cert-In website. In addition to reporting cybersecurity events to CERT-In in compliance with its rules, Rule 3(1)(I) of the Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules, 2021 mandates all intermediaries to disclose cybersecurity incident information to CERT-In.

Companies Act, 2013:

 The majority of corporate stakeholders believe that the Companies Act of 2013 is the most important legal need for properly managing everyday activities. This Act enshrines in law all of the techno-legal standards that must be satisfied, applying the legislation as a challenge to noncompliant corporations. The SFIO (Severe Fraud Investigation Office) is empowered by the Corporations Act 2013 to investigate and prosecute serious frauds perpetrated by Indian companies and their directors.

As a result of the announcement of the Companies Inspection, Investment, and Inquiry Rules, 2014, the SFIOs have been even more proactive and serious about this. The law ensures that every component of cyber forensics, e-discovery, and cybersecurity diligence is effectively addressed by assuring proper coverage of all regulatory compliances. Furthermore, the Companies (Management and Administration) Rules, 2014 establish a tight set of criteria that confirm company directors’ and senior management’s cybersecurity roles and responsibilities.

NFCS

The National Institute of Standards and Technology (NIST), the most authoritative global certification organisation, has validated the Cybersecurity Framework (NCFS) as a framework for unifying the cybersecurity strategy. The NIST Cybersecurity Framework offers guidelines, standards, and best practices for managing cyber-related risks responsibly. Flexibility and affordability are critical, according to this approach. Furthermore, it seeks to promote resilience and protect vital infrastructure by implementing the following measures:

  • A better understanding of, management of, and reduction of cybersecurity threats.
  • Prevent data loss, misuse, and costly restoration.
  • Determine which activities and operations are the most vital and must be protected.
  • Provides evidence of the dependability of companies that safeguard important assets.
  • Prioritise investments to maximise cybersecurity return on investment (ROI).
  • Meets regulatory and contractual obligations
  • Contributes to the overall information security programme.

Using the NIST CSF framework in conjunction with ISO/IEC 27001 simplifies cybersecurity risk management. Furthermore, the NIST cybersecurity guideline facilitates collaboration within the firm as well as across the supply chain, allowing for more effective communication.

Why are cybercrime laws in India so strict?

Our country, like other countries, is too concerned about cyber security and related crimes. There are an increasing number of cyber security risks, particularly in India, and it is vital that they are addressed. According to an Economic Times research on cyber crime, the government is losing about R. 1.25 lakh crore each year as a result of cyber-attacks.

According to another Kaspersky report, the number of attacks in India climbed from 1.3 million to 3.3 million between the first and second quarters of 2020. India recorded 4.5 million attacks in July 2020, which was the highest number recorded thus far. In the summer of 2021, Mastercard Asia/Pacific Pte Ltd (Mastercard) was barred from onboarding new domestic customers for violating the Reserve Bank of India’s instructions on the storage of payment system data. A cyber security policy, on the other hand, does not provide an adequate technique of preventing the dangers posed by the internet, nor does it provide the most effective methods of dealing with them.

This is accomplished through training. The government must devote enormous resources to safeguarding critical data assets. Cyberlaw must be updated to reflect the most recent legal and technological advancements and to handle the problems created by technology’s rapid development.

The significance of cybercrime legislation

The following examples demonstrate the significance of cyber laws:

  • One key purpose of any cyber law is to pursue persons who engage in illicit internet activity. Significant efforts must be made to properly punish these types of crimes, such as cyber abuse, assaults on other websites or individuals, record theft, interrupting every company’s online operation, and other criminal acts, which is where cyber laws come into play.
  • When there is a violation of cyber law, action is taken against the individual based on his location and how he was involved in the offence.
  • The most important thing is to prosecute or retract hackers because most cyber crimes fall outside the scope of a felony, which is not a crime.
  • The usage of the internet is also related with security problems, and there are certain evil individuals who seek to acquire unauthorised access to the computer device and perpetrate fraud in the future using it. As a result, all rules and cyber laws are intended to safeguard internet businesses and consumers against illegal access and destructive cyber-attacks. Individuals or organisations can take action against people who commit criminal crimes or violate cyber laws in a variety of ways.

India requires cybercrime legislation.

Cyberlaw is especially important in nations where the internet is widely utilised, such as India. The law was enacted to safeguard both individuals and corporations against cybercrime. Other people are permitted under cyberlaw. or organisations to take legal action against someone who breaches and breaks the law’s provisions.

Conclusion

As technology advances, strange components that are alarming are appearing on the dark web. The Internet has evolved into a weapon for evil activities, which intelligent people use for ill purposes and occasionally for financial benefit. Thus, at this point in time, cyber laws enter the picture and are critical for all citizens. Because cyberspace is such a tough territory to navigate, some acts are classed as grey activities that are not authorised by law.

To keep up with the rising dependency of humans on technology, cyber laws in India and around the world must be constantly updated and refined. As a result of the epidemic, there has also been a large growth in the number of remote employees, which has raised the demand for application security. Legislators must take extra precautions to stay ahead of imposters and take action against them as soon as they appear. It can be avoided if lawmakers, internet service providers, banks, shopping websites, and other intermediaries collaborate. However, it is ultimately up to users to take part in the fight against cybercrime. The best way to increase online safety and resilience. The only way for online safety and resilience to flourish is for these stakeholders’ actions to be scrutinised to ensure they remain within the bounds of cyberspace law.

Leave a Comment

Your email address will not be published. Required fields are marked *

https://vulkan-vegas-kasino.com, https://mostbet-az24.com, https://mostbetuzonline.com, https://vulkan-vegas-spielen.com, https://kingdom-con.com, https://vulkan-vegas-casino2.com, https://vulkan-vegas-erfahrung.com, https://mostbet-qeydiyyat24.com, https://mostbetcasinoz.com, https://mostbet-azerbaycan-24.com, https://1xbetaz2.com, https://mostbetaz777.com, https://mostbet-uzbekistons.com, https://1xbetsitez.com, https://vulkanvegasde2.com, https://1x-bet-top.com, https://mostbet-kirish777.com, https://1xbet-az-casino2.com, https://1xbet-az24.com, https://pinup-azerbaycanda24.com, https://mostbet-azerbaycanda.com, https://most-bet-top.com, https://pinup-az24.com, https://1winaz888.com, https://pinup-bet-aze.com, https://1win-az-777.com, https://1win-azerbaycanda24.com, https://mostbetsportuz.com, https://1winaz777.com, https://mostbet-az.xyz, https://vulkan-vegas-bonus.com, https://mostbetuzbekiston.com, https://1xbet-az-casino.com, https://mostbetuztop.com, https://mostbet-ozbekistonda.com, https://mostbetaz2.com, https://1win-azerbaijan2.com, https://1xbetaz888.com, https://1win-azerbaijan24.com, https://mostbet-azerbaijan.xyz, https://mostbet-uz-24.com, https://vulkanvegas-bonus.com, https://1xbet-azerbaycanda24.com, https://1xbetaz777.com, https://1xbetcasinoz.com, https://mostbetsitez.com, https://pinup-azerbaijan2.com, https://1xbet-azerbaijan2.com, https://pinup-qeydiyyat24.com, https://vulkan-vegas-888.com, https://mostbet-azerbaijan2.com, https://1xbet-azerbaycanda.com, https://mostbet-az-24.com, https://1xbetaz3.com, https://1win-qeydiyyat24.com, https://mostbettopz.com, https://mostbet-royxatga-olish24.com, https://vulkan-vegas-24.com, https://mostbet-azer.xyz, https://1win-az24.com, https://mostbet-oynash24.com, https://vulkanvegaskasino.com, https://pinup-bet-aze1.com, https://mostbet-azerbaycanda24.com, https://1xbetkz2.com