EMERGING TRENDS IN CYBERSECURITY LAWS IN INDIA

Introduction 

Digitization has gradually led to the storing of all types of information, including sensitive data, in all parts  of human existence, such as healthcare, education, and business. Security is the process of securing digitized  information against theft or physical harm while retaining information confidentiality and availability.  However, as technology advances, the number and complexity of cybercrime grows. The use of inadequate  software, expired security tools, design faults, programming errors, freely accessible online hacking tools,  public lack of awareness, high rates of financial returns, and other factors are contributing to this significant  increase in cybercrime. More advanced attack tools are developed in order to investigate the target’s  vulnerabilities and thereby attack by technical attack to the victim. As a result, new attacks in various versions  that are difficult to detect may emerge. The increased reliance on the internet in all aspects of life, the digital  nature of data in massive volumes amassed through online transactions, and the decentralization of data  repositories have all contributed to the creation of effective security algorithms. The ever-changing nature of  cybercrime makes it tough to handle and avoid new threats. The mission of securing cyberspace is the most  demanding and challenging, as advanced threats play an active role. As a result, it is vital to gain  understanding of the ideas of security defense mechanisms, various methodologies, and trending topics in  the field of information security. 

I. Cyber Crime – Cybercrime refers to robbery and crime of commission committed via a computer.  The United States Department of Justice has broadened the definition of cybercrime to include any  crime that involves the use of a device for evidence storage. The growing list of cybercrimes includes  computer crimes such as network intrusions and computer viruses, as well as computer-based  versions of traditional crimes such as stealing, stalking, intimidation, and coercion. In common  parlance, cybercrime is described as crimes performed using a PC and the internet to steal an  individual’s identity or sell an individual to victims of smuggling, stalking, or disrupting activities  using malicious software. Because technology plays such an important role in people’s lives,of an  extremely individual day by day, cybercrime too can increase alongside technological  advancement. 

II. Cyber Security – Privacy and information protection can be the key security behaviors that any  firm is concerned with on a daily basis. We favor square measurements in a highly digital or cyber specific environment where all data is kept. While social networking sites provide a safe place for  users to interact with friends and family, cyber thieves also utilize social media sites to steal personal  information. 

Historical background of Cyber Law 

Cybercrime is not specified in the Information Technology Act of 2000, the Information Technology  Amendment Act of 2008, or any other Indian statute. In truth, it cannot be. Under the Indian Penal Code,  1860, and a number of other statutes, offense or crime has been carefully dealt with, listing specific crimes  and the consequences for each. As a result, we can define cybercrime as a combination of crime and  computers. To put it simply, “any offense or crime in which a computer is used is a cyber crime. Interestingly,  even minor offenses such as stealing or pick-pocketing can be brought under the jurisdiction of cyber crime¹ the primary data or aid to such an act is a computer or information kept in a computer utilized (or  misused) by the fraudster. The I.T. The Act outlines a computer, computer network, data, information, and all  other necessary components of a cyber crime, which we will now go over in depth. 

In a cyber crime, the computer or the data itself is the target or the goal of the crime, or it is used as a tool in  committing another crime, providing the essential inputs for that offense. All such criminal conduct will fall  under the broad term of cybercrime. Let us now go over the Information Technology Act of 2000 and the  Information Technology Amendment Act of 2008 in detail, with a focus on banking and financial activities.  Before moving into the section-by-section or chapter-by-chapter discussion of the Act’s many sections, let us  first explore the history of similar legislation in India, the conditions under which the Act was passed, and  the goal or objectives in passing it. 

Objectives of L.T. legislation in India:  

In this context, the Government of India passed the Information Technology Act of 2000, with the following  aims mentioned in the Act’s introduction. “to provide legal recognition for transactions carried out by means  of electronic data interchange and other means of electronic communication, commonly referred to as  “electronic commerce,” which involve the use of alternatives to paper-based methods of communication and  information storage, to facilitate electronic filing of documents with Government agencies, and to amend the  Indian Penal Code, the Indian Evidence Act, 1872, the Bankers’ Books Evidence Act, and the Bankers’  Books Evidence Act, 1872, and the Bankers’ Books Evidence Act, 1872, and the Bank . 

The Information Technology Act of 2000 was passed , was thus passed as the Act No. 21 of 2000, got  president assent on 9 June and was made effective from 17 October 2000. 

The Act essentially deals with the following issues: 

• Legal Recognition of Electronics Documents  

• Legal Recognition of Digital Signatures 

• Offenses and Contraventions 

• Justice Dispensation System for Cyber crimes 

Amendment Act 2008: This Act was the subject of extensive debates, elaborate reviews, and detailed  criticisms as the nation’s first legislation on technology, computers, ecommerce, and e-communication, with  one arm of the industry criticizing some sections of the Act as draconian and the other claiming it is too  diluted and lenient. There were some notable exclusions as well, resulting in investigators relying more and  more on the time-tested (one and a half century-old) Indian Penal Code even in technology-based crimes,  with the I.T. Act also being referenced to in the process and the reliance more on the IPC rather than the ITA. 

Thus, the necessity for a detailed reform to the IT Act was apparent fairly immediately in 2003-04. Major  industry bodies were consulted, and advisory groups were formed to investigate alleged gaps in the I.T. Act,  compare it to similar legislation in other countries, and provide recommendations. Such recommendations  were analyzed and later adopted as a comprehensive Amendment Act, and after extensive administrative procedures, the consolidated amendment known as the Information Technology Amendment Act 2008 was  introduced in Parliament and passed without much debate near the end of 2008 (by which time the Mumbai  terrorist attack on November 26, 2008 had occurred). This Amendment Act received the President’s approval  on February 5, 2009, and was made effective from 27 October 2009. 

How the Act is structured: The Act totally has 13 chapters and 90 sections (the last four sections namely  sections 91 to 94 in the ITA 2000 dealt with the amendments to the four Acts namely the Indian Penal Code  1860, The Indian Evidence Act 1872, The Bankers’ Books Evidence Act 1891 and the Reserve Bank of India  Act 1934). The Act begins with preliminary and definitions and from thereon the chapters that follow deal  with authentication of electronic records, digital signatures, electronic signatures etc. 

I. Section 43: deals with sanctions and compensation for computer and computer system  damage, etc. This clause is India’s first big and substantial legislative measure to address data  theft.  

The Indian IT industry has long advocated for legislation to address the crime of data theft,  just as it does physical theft or larceny of goods and commodities. This Section handles the  civil offense of data theft. If, without the permission of the owner or any other person in  charge of a computer, a person accesses or downloads, copies or extracts any data, introduces  any computer contaminant such as a virus, damages or disrupts any computer, denies access  to a computer to an authorized user, or tampers, etc…he shall be liable to pay damages to the  persons so affected. Earlier in the ITAA 2008. 

II. Section 65 : deals with tampering with source documents. Hiding, destroying, or modifying  any computer source code where it is required by law to be kept or maintained is a crime  punishable by three years in prison, two lakh rupees, or both. Fabrication of an electronic  record or forgery through interpolations in a CD used as evidence in court (Bhim Sen Garg vs  State of Rajasthan and others, 2006, Cri LJ, 3463, Raj 2411) are punishable under this  Section. This Section defines computer source code as any listing of programmes, computer  commands, design and layout, and so forth. 

III. Section 66 : This Section deals with computer-related offenses. This Section refers to the  data theft mentioned in Section 43. Whereas in that Section it was a simple civil offense with  merely the remedy of compensation and damages, here it is the same act but with a criminal  intent, making it a criminal infraction. The act of data theft or the offense listed in Section 43  becomes a chargeable offense under this Section if done dishonestly or fraudulently and  involves imprisonment for up to three years or a fine of five lakh rupees, or both. Previously,  hacking was defined as an offense in Section 66. 

IV. Section 67 : Section 67 deals with the publication or transmission of obscene content in  electronic form. The former Section in the ITA was later broadened as per ITAA 2008, which  included child pornography and the retention of records by intermediaries. 

V. Section 67: A deals with publishing or transmitting material containing sexually explicit  acts in electronic form. Contents of Section 67 when combined with the material containing  sexually explicit material attract a penalty under this Section. 

VI. Section 69 : This is an important section in that it allows the government or agencies  specified in the Section to intercept, monitor, or decrypt any information generated, sent, ²received, or stored in any computer resource, subject to conformity with the procedures  specified here.  

This power may be exercised if the Central Government or the State Government, as the case  may be, is satisfied that it is necessary or expedient in the interest of India’s sovereignty or  integrity, defense, security of the State, friendly relations with foreign States, or public order,  or to prevent incitement to the commission of any cognizable offense relating to the  foregoing, or to investigate any offense. 

Conclusion 

To summarize, while a crime-free society is a pipe dream, there should be a continuing effort  of rules to keep crime at a minimum. Especially in a society that is becoming increasingly  reliant on technology, criminality based on electronic offenses is sure to rise, and lawmakers  must go above and beyond to keep fraudsters at bay. Technology is always a two-edged  sword that may be utilized for both good and evil purposes. Steganography, Trojan Horse,  Scavenging (and even DoS or DDoS) are all technologies that, in and of themselves, are not  crimes; nonetheless, when they fall into the hands of criminals looking to capitalize or exploit  them, they enter the realm of cybercrime and become penal offenses. As a result, rulers and  legislators must work hard to ensure that technology evolves in a healthy way and is  employed for legal and ethical corporate growth rather than committing crimes.

1. htps://www.researchgate.net/publication/347373943_Cyber_Security_Challenges_and_its_Emerging_Trends_on_Latest_Technologies ↩︎
2.  htps://iritm.indianrailways.gov.in/uploads/files/1360312590693-12.Cyber-Laws-chapter-in-Legal-Aspects-Book.pdf ↩︎