The Internet was commercially made available to the Indian public in 1996. Though the initial response was slow it has now attracted one and all. With the growth of Internet users and its wide appeal combine with its easy access, a need for some kind of regulation was felt. The laws in India are specific and well defined for the purpose for which they were enacted. As a result the existing law like the Indian Penal Code or Criminal Procedure could not be interpreted to deal with the emergent of new forms of crimes in the new media. As such the government in 2000 enacted a law called the Information Technology Act 2000, specifically to deal with cyberspace and IT related crimes. India became the first country to enact the first I.T.Act, based on the model recommended by the United Nations General Assembly of 1997. The other name for Indian Cyber law in India is therefore the Information Technology Act 2000. Beside this the IPC served as a supporting legal framework to this Act.
To study the cyber law in India we need to understand what types of crimes and offences can be committed in cyber space. Some of the common crimes that take place includes financial crimes (cheating, credit card frauds, money laundering), child pornography, sale of illegal drugs, online gambling (which is not banned under the IT Act), intellectual property crimes (software piracy, copyright infringement, trademarks violation, etc), e-mail spoofing (sending e-mail from another person's mail), forgery (counterfeit currency notes, postage and revenue stamps), cyber defamation (someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person's friends), Hacking(unauthorized access to computer systems or networks), Virus attack (adding malicious programs that disturbs the normal functioning of computers ), time thefts (usage by an unauthorized person of the Internet hours paid for by another person) and many others.
The main feature or provisions of Cyber Laws (IT Act) in India are:
It legalized electronic documents with digital signatures.
The law for the first time gave legal recognition to the digital signatures by stipulating that any subscriber may authenticate an electronic record by affixing his or her digital signature. Digital Signature - A digital signature as defined in the Act means "authentication of any electronic record by a subscriber by means of an electronic method…." One of the most dreaded fears in the electronic media was that of impersonation with an intent to cheat / fraud. Further one of the greatest risks was 'voidable contracts'. A strong need was felt for some mode of authenticating electronic documents. This problem was remedied by providing for digital signatures. Section 5 provides that where it is required or mandatory by law to affix signature, stamp or any such symbol, instead of this (i.e. signature) the electronic document may be secured / authenticated by affixing digital signature.
As far as licensing of foreign certifying authorities are concern the power of the Controller is limited to suspension of the license only. No Certifying Authority whose license has been suspended is prevented from issuing any Digital Signature Certificate during such suspension.
E-governance
Chapter III of the Act deals with e-governance. Government offices can now accept digital or electronically produced documents thereby making its machinery more efficient. It gives legal recognition to electronic records. Instead of written, typewritten or printed form any document may be presented in electronic form for present and subsequent reference / use. Section 6 of Chapter III provides for use of electronic records and digital signature in Government and its agencies. The filing of any form, application or any document with any office, authority, body or agency owned or controlled by the appropriate Government in a manner, the issue or grant of any license, permit, sanction or approval by whatever name called in a particular manner, the receipt or payment of money in a particular manner then such requirement shall be deemed to have been satisfied if such filing, issue, grant, receipt or payment, as the case may be, is effected by means of such electronic form as may be prescribed by the appropriate government. Thus it is section 6, which actually legalizes e-governance.
Process for dissemination of Justice
In India we have a hierarchical system for justice dispensation when it comes to crimes committed in cyberspace.. They are adjudicating officers as to deal particularly with offences committed. These officers are empowered with powers enjoyed by a session judge. Further it also provides for setting up of a Cyber Regulation Appellate Tribunal (CRAT) in Chapter X. Any person aggrieved by the order of the Controller may also move the CRAT. CRAT deals with the establishment, composition, jurisdiction and powers of the Cyber Regulation Appellate Tribunal. Section 48 provides for the establishment of Cyber Appellate Tribunal. One of the outstanding features of the establishment of a Cyber Appellate Tribunal is the fast disposal of disputes.
Offences and Penalties
Conditions for punishments and penalties with imprisonment up to two-three years are mentioned in Chapter VII and VIII. If damage is inflicted to computer system of anyone the compensation to be paid by the defaulter is Rs 25, 000. To see that damages are compensated an officer not below the rank of Director to the Government of India is appointed who can exercise power of a civil court ( This is in compliance with Section 345 and Section 346 of the Code of Criminal Procedure, 1908)
The provisions pertaining to offences covered and penalties provided by the Act are also scattered in Chapter IX and XI of the Act. Section 43 provides for penalty up to rupees one crore by way of damages, in case of unauthorized access, contaminating the computer/ computer system, inducing virus or causing damage. The adjudicating officer also has powers to dispense punishment of up to 10 years of imprisonment and up to one cores of financial penalty based on his findings.
Types of activities that falls under act of Offences
Chapter XI in a magnificent manner covers all aspects of cyber- crime. This chapter covers within its ambit-unauthorized access, hacking, obscenity, misrepresentation, and breach of confidentiality and privacy, fraud. One of the remarkable features of this chapter is section 75. This section gives an extraterritorial effect to offences in contravention to the provisions of this Act. Though Section 75 of the Cyber law (IT Act) provides for extra-territorial operations of this law, they could be meaningful only when backed with provision recognizing orders and warrants for Information issued by competent authorities outside their jurisdiction and measure for cooperation for exchange of material and evidence of computer crimes between law enforcement agencies.
Chapter IX of Section 43 restricts the damage to Computer, computer system; etc. A cyber-crime may be broadly directed against three basic groups – Individual (person & property of an individual), organizations (the government, firm and company, group of individuals) and society at large
The following are the crimes, which can be committed through the use of cyberspace:
Against Individuals -
i. Harassment via e-mails.
ii. Cyber-stalking.
iii. Dissemination of obscene material.
iv. Defamation.
v. Hacking/cracking.
vi. Indecent exposure.
Individual Property: -
i. Computer vandalism.
ii. Transmitting virus.
iii. Netrespass.
iv. Unauthorized control over computer system.
v. Hacking /cracking.
Against Organization: -
i. Hacking & Cracking.
ii. Possession of unauthorized information.
iii. Cyber terrorism against the government organization.
iv. Distribution of pirated software etc.
Against Society at large
.i. Pornography (basically child pornography).
ii. Polluting the youth through indecent exposure.
iii. Trafficking.
Thus the IT Act the types of acts, which come under "act of offence", or criminal acts. These include tampering with computer source documents, publishing of information which is obscene in electronic form and hacking with Computer systems, Access to protected system, Misrepresentation, Breach of Confidentiality and Privacy and Fraud.
Cyber Law on Defamation
Cyber Law for media personnel is not specifically mentioned in the IT Act. Though Section 67 of the Information Technology Act, 2000 provides for punishment to whoever transmits or publishes or causes to be published or transmitted, any material which is obscene in electronic form with imprisonment for a term which may extend to two years and with fine which may extend to twenty five thousand rupees on first convection and in the event of second may extend to five years and also with fine which may extend to fifty thousand rupees, it does not expressly talk of cyber defamation. The above provision chiefly aim at curbing the increasing number of child pornography cases and does not encompass other crimes which could have been expressly brought within its ambit such as cyber defamation.
However, the law related to online defamation is derived from the Indian Penal Code. The publisher in online sites or blogs (personal websites) is considered like any other who published newspapers or broadcast news. Chapter XXI of the IPC exclusively talks of defamation. Section 499 prescribes the offence as:
Whoever, by words either spoken or intended to be read, or by signs or by visible representations, makes or publishes any imputation concerning any person intending to harm, or knowing or having reason to believe that such imputation will harm, the reputation of such person, is said . . . to defame that person. It may amount to defamation to make an imputation concerning a company or an association or collection of persons as such.
Section 500 prescribes the punishment in such cases:
Whoever defames another shall be punished with simple imprisonment for a term, which may extend to two years, or with fine, or with both.
Cyber law held the employer liable for any published material.
If an employee, during working hours, e-mails a defamatory remark about a competitor company to a colleague, the firm could be held liable for defamation even if the employee's actions were not authorized or expressly prohibited.
Incidentally, Asia's first case of cyber defamation has been filed in India in the case of SMC Numatics Ltd. v. Jogesh Kwatra . Defamatory emails were allegedly sent to the top management of SMC Numatics by the defendant, who has since been restrained by the Delhi High Court from sending any form of communication to the plaintiff. This order of Delhi High Court assumes tremendous significance as this is for the first time that an Indian Court assumes jurisdiction in a matter concerning cyber defamation and grants an ex-parte injunction restraining the defendant from defaming the plaintiffs by sending derogatory, defamatory, abusive and obscene emails either to the plaintiffs or their subsidiaries. However, the offence of defamation as defined in the IPC when extended to cyberspace may not achieve desired results
The IT Act does give extra-territorial jurisdiction to law enforcement agencies, but such powers are largely inefficient. This is because India does not have reciprocity and extradition treaties with a large number of countries. We are now beginning to see new categories and varieties of cyber crimes, which have not been addressed in the IT Act. This includes cyber stalking, cyber nuisance, cyber harassment, cyber defamation and the like which do not fall under the IT Act. Just mere amendment to the IPC is not adequate to check emerging new threats.
Criminal Defamation
India is the only country, which has both civil as well as criminal defamation in its legal books. That is another reason why rights of the people should clearly be laid down. People in India are liable for defamation not just to the extent of payment of damages but also undergoing imprisonment. Millions of people could be charged for defamation just by giving their opinion that in the eyes of some may be defamatory. Wouldn't this then be against the right of freedom of speech guaranteed under our Constitution?
The problems for ISP's are just beginning. Some sites have already been blocked due to government directives. Bloggers in India are getting together to protest against the sudden blocking of popular Google-owned blog-hosting site Blogger by some (ISPs) like Spectranet, Mahanagar Telephone Nigam Limited (MTNL), Reliance Powersurfer, Airtel Broadband and Sify.
In July 15, 2006 the Department of Telecommunications (DoT) had sent ISPs a list of sites to be blocked. R H Sharma, senior engineer with MTNL, said the list ran into some 22 pages. Now, several bloggers have organized themselves into a Blogger's Collective and are planning to file a Right to Information application to obtain the list.
Under the Information Technology Act, 2000 the Computer Emergency Response Team, whose main task is in the domain of Internet security and oversees Internet censorship in the name of 'balanced flow of information' in 2003, approve the blocking of an obscure mailing list run by a banned militant outfit, the Hynniewtrep National Liberation Council (HNLC) of the Khasi tribe in Meghalaya. But it backfires and led to its popularity despite it being blocked by all ISPs. Many could still see the list via email or proxy surfing. Whether such blocking is arbitrary, unreasonable and unfair and in violation of Articles 14, 19 and 21 of the Constitution of India is a question, which remains to be answered by the Indian Courts.
Amendments of other laws
The framers of cyber law in the country also acknowledge the fact that the enormous challenge of tracking cyber crime will not be affective unless existing laws were amended. As a result, amendments was brought about in the Penal Code to widen the scope pf the term" document" to bring within its ambit electronic documents.
An amendment was also made in the India Evidence Act. As stated above the important change brought in the Evidence Act is that of inclusion of electronic document in the definition of evidence. The third schedule amends the Banker's Books Evidence Act. This amendment brings about change in the definition of "Banker's-book" to include printouts of data stored in a floppy, disc, tape or any other form of electromagnetic data storage device. A similar change has been brought about in the expression "Certified-copy" to include such printouts within its purview. The fourth schedule amends the Reserve Bank of India Act. This amendment particularly pertains to the regulation of fund transfer through electronic means between the banks or between the banks and other financial institution.
Conclusion
Cyber Law despite its inception since 5 years ago has not been very effective. Only less than 30 cases have been registered under the IT Act and no final verdict has been passed. This is because the Act itself is still a mystery to many. Not only from the perception of the common man, but also from the perception of lawyers, law enforcing agencies and even the judiciary Beside this the reluctance of companies to file charges of cyber crimes to avoid their reputation is another problem.
Another notable problem is the practicality of implementing the guidelines and passing judgments of cases pertaining beyond the political boundary of the country. Most of the time cyber crimes are not committed from within but from a second country. So, filing of any suits is highly debatable. Cyber law in the country also did not specify any checks and balances to prevent misuse of the powers of the adjudicating officers. As cyber space is accessible from anywhere in any country the law in one country may not be applicable to some other countries. The existing laws will have to give way to alternative method of dispute resolution. Thus the I.T Act or otherwise cyber law basic aim and achievement lies in legalizing "electronic Commerce" and providing ground for "electronic governance". That is to say that the most important distinguishing characteristic of cyber law in our country has been to provided legal recognition to the virtual electronic medium and keeping in check child pornography.
