Jurisprudential aspects of Cyber Laws in India

Introduction:

The development of Electronic Commerce has given rise to the need for vibrant and effective regulatory mechanisms that will further improve the legal framework that is essential to the progress of Electronic Commerce. Many of these regulatory mechanisms and legal infrastructures come within the context of cyber law. Cyber law is important because it affects almost all aspects of the Internet, World Wide Web and cyberspace transactions and activities. Every cyberspace activity and reaction has some legal and cyber legal viewpoints. The primary provision of cyber law in India is the Data Technology Act, 2000 (I.T. Act) which came into force on 17 October 2000. The first aim of the Act is to provide legal recognition for electronic commerce and to encourage the filing of electronic records by the Government. Besides, the I.T. Act penalises a variety of cybercrimes and provides for stringent penalties (imprisonment terms up to ten years and compensation up to Rs one crore).

Associate Government Order of 12 September 2002 included guidance pertaining to the provisions of the Act with regard to the covered structures and the implementation of the Digital Signature Certificate. Minor mistakes under the Act have been resolved by the 2002 Computer Technology (Removal of Difficulties) Order, which was passed on 19 September 2002. The I.T. Act was modified by the Negotiable Instruments (Amendments and Miscellaneous Provisions) Act of 2002. This introduced the concept of automated checks and truncated checks. Data Technology (Use of Electronic Records and Digital Signatures) Rules 2004 provided for the necessary legal system for filing papers with the Gunner as well as for licencing by the Gunner. It further allows for the collection and acceptance of fees in respect of the agencies of the State. The Computer Technology (Certifying Authorities) Regulations, 2000 also came into effect on the same day. These guidelines provide for the qualifications, appointment and care of Certifying Authorities (C.A.). Also, these regulations set out the technical specifications, protocols and protection methods to be used by the C.A.

History of Cyber Law

The Information Technology Act is the result of a resolution of the United Nations General Assembly of 30 January 1997, which approved the Model Law on Electronic Commerce and adopted the Model Law on Electronic Commerce in International Trade. This resolution suggested, inter alia, that all States give favourable consideration to the said Model Law during the analysis of existing legislation, with a view to ensuring consistency in the laws of various cyber-nations applicable to alternatives to paper-based forms of communications and information storage. The bill was drafted by the Department of Electronics (DoE) in July 1998.

However, it could only be introduced in the House on 16 December 1999 (after nearly one and a half years) when the new I.T. Ministry was set up. It has undergone significant changes, with suggestions made by the Minister of Commerce on e-commerce and issues relating to the World Trade Organization’s commitments (WTO). This joint plan was then reviewed by the Ministry of Law and Industry. Following its presentation to the House, the bill was forwarded to the 42-member Standing Committee of the Parliament following a motion from the Members.

The Standing Committee also made a set of suggestions to be introduced into the bill. However, only those guidelines approved by the Ministry of Information Technology have been adopted. One of the proposals that were very much discussed was that the owner of a cyber cafe would have a log to document the names and addresses of all the people visiting his café, As well as a list of the pages they were surfing. This initiative was made in an attempt to reduce cybercrime and to make it possible to identify cybercriminals quickly. Around the same time, though, it was mocked as it would violate the anonymity of a net surfer and would not be commercially feasible. This proposal was ultimately discarded by the I.T. Ministry in its final report. The bill was approved by the Cabinet of the Union on 13 May 2000 and the Indian Parliament passed the Information Technology Bill on 17 May 2000.

The bill was signed by the President on 9 June 2000 and became known as the Information Technology Act, 2000. The Act came into force on 17 October 2000. When technology advanced, and new forms of committing crimes using the Internet and computers arose over time, It was felt that it was necessary to update the I.T. Act 2000 to introduce new ways of cyber-crime and to close other loopholes that prevented the effective enforcement of the I.T. Act 2000. This led to the passage of the 2008 Legislation on Information Technology (Amendment) which entered into force on 27 October 2009. The I.T. (Amendment) Act, 2008 has made several significant changes to the I.T. Act, 2000.

Cyber Jurisprudence

Cyber Jurisprudence, like all other legal science, is a study in cyber-laws. While technology is conquering the physical world at an unparalleled pace, questions about its legal ramifications are still evolving, raising questions for jurists across the globe. As the “cyber” world knows no national boundaries, all such laws demanded common outlook and uniformity, requiring cooperative efforts and a range of efforts from nations across the globe. This is cyber science.

What Is Cyber Law?

Cyberlaw is like any other civil code or legislation that can be followed in our day-to-day lives to stay out of any form of trouble. These laws are established from keeping several themes in mind, such as our history, morals, computer ethics, etc. The key difference is that cyber law refers only to the Internet and Internet-related technologies. Cyberlaw is intended to uphold discipline and justice in the cyber world. This field is used in the criminal system as a function of the relevant incident. Cyberlaw ensures legal protection for individuals using the Internet, including businesses and ordinary citizens. It is important for anyone accessing the Internet to be aware of their country’s and local cyber laws so that they know what is legal online and what is not. In India, the Central Legislation exclusively on cyberspace was enacted in the form of the Information Technology Act 2000 (I.T. Act) which entered into force on 17 October 2000.[1]

The Act sets down the principles of the Overarching Legislation of Indian Cyber-laws. As stated in the preamble, the I.T. Act provides for legal recognition of transactions carried out by electronic data exchange and other modes of electronic correspondence, commonly referred to as electronic commerce, which involves the use of alternatives to paper-based methods of communication and recording of records in order to facilitate the electronic filing of documents with the Government of India. The Act further seeks to promote the efficient delivery of government resources through reliable electronic records.

Need For Cyber Law

The future is growing more and more in today’s technologically advanced techno-savvy world, so are the crimes. The Internet was initially developed as an unregulated analysis and information sharing platform. As time progressed, e-commerce e-government, e-procurement, etc. became more transactional. Legal matters relating to computer crime are dealt with through cyber laws[2]. As the number of Internet users is on the rise, the need for and regulation of cyber laws has also gained momentum. Almost everybody in today’s highly digitalized world is affected by cyber law.

•  Nearly all businesses rely heavily on their computer networks;
• And keep the precious data in electronic form. Government forms, including income tax returns, corporate law forms, etc.
• Consumers increasingly use credit cards for shopping.
• Many users use Facebook, mobile phones, and SMS texts. Contact. Communication.
• In cases of non-cyber-crime” significant evidence is found in Computers/cell phones, e.g., in cases of divorce, kidnapping, robbery, tax.
• Fraud, organised crime, terrorism operations, counterfeit money, etc.
• Cybercriminals such as online financial theft, online share trading
• Fraud, source code stealing, credit card fraud, tax avoidance, attacks on malware,
• Cyber sabotage, phishing attacks, e-mail hijacking, denial of service,
• Hacking, pornography and so on are becoming popular.
• Digital signatures and e-contracts are easily replaced by regular method, Methods of corporate transacting business.

Information Technology Act 2000

Against this context, the Government of India has adopted the Information Technology Act 2000 on its own with the objectives set out in the preface to the Act.

‘To include legal recognition for transactions carried out by electronic data exchange and other forms of electronic communications, generally referred to as electronic commerce,’ including the use of alternatives to paper-based ways of contact and management of information, to facilitate the electronic filing of papers with government agencies and to further amend the Indi.

The Information Technology Act, 2000 was later enacted as Act No. 21 of 2000, received the President’s permission, which was made effective on 9 June and 17 October 2000. The I.T. Act of 2000 was created to encourage the I.T. sector, control e-commerce, foster e-government and deter cybercrime. The Act also aimed to encourage security activities within India that will benefit the nation in a global sense. The amendment was developed to resolve topics that were not addressed by the initial bill and to handle future changes in I.T. and associated security problems after the original act was enacted. The I.T. Act, 2000 consists of 90 parts spread over 13 chapters [Sections 91, 92, 93 and 94 of the Principal Act were omitted by the Information Technology (Amendment) Act 2008 and has two schedules.[Schedules III and IV were omitted by the Information Technology (Amendment) Act 2008].

Amendment Act 2008

As the nation’s first legislation on technology, machines and e-commerce and e-communication, the Act was the subject of much debate, in-depth study and extensive criticism, with one section of business criticising certain aspects of the Act as draconian and the other as excessively distorted and lenient. Some obvious omissions have increasingly resulted in investigators relying on the time-tested (one-and-a-half-century) Indian Penal Code, particularly technology-based I.T. Cases, sir. The Act is often applied to in a phase that relies primarily on the IPC rather than the ITA.

The need for an amendment – a comprehensive one – was then felt by the I.T. Act itself in about the year 2003-04. Broad business groups have been consulted and specialist panels have been set up to discuss possible I.T. shortcomings. Conduct to put it into line with the current legislation of other countries to make recommendations. These recommendations were analysed and ultimately implemented as a comprehensive reform statute and, after substantial regulatory procedures, a consolidated amendment called the Information Technology Amendment Act 2008 was tabled in Parliament and passed without discussion by the end of 2008 (by which time the Mumbai terrorist attack of 26 November 2008 had taken place). This Reform Act was enacted by the President on 5 February 2009 and entered into force on 27 October 2009.

Some of the notable features of the ITAA are as follows:

• Focussing on data privacy
• Focussing on Information Security
• Defining cyber café
• Making digital signature technology-neutral
• Defining reasonable security practices to be followed by corporate
• Redefining the role of intermediaries
• Recognising the role of Indian Computer Emergency Response Team
• Inclusion of some additional cyber crimes like child pornography and cyber terrorism
• Authorizing an Inspector to investigate cyber offences (as against the DSP earlier)[3]

Indian Evidence Act, 1872

The revisions to the Proof Act were carried out in Section 92 and the Second Schedule of the I.T. Act, 2000. Pursuant to the enactment of the Information Technology (Amendment) Act, 2008, Section 92 has been deleted and the provisions relating to the Indian Evidence Act are set out in Part IV of the Amending Act.[4]

National Policy on Information Technology, 2012

The 2012 National Information Technology Strategy was recently approved by the Cabinet of the Union in September 2012. The plan seeks to use Information & Communication Technology (ICT) to meet the economic and development problems of the planet. The policy vision is to improve and reinforce India’s role as a global I.T. centre and to use I.T. and cyberspace as a driving force for fast, inclusive and significant growth in the national economy.” Among other objectives, the plan envisages an increase in I.T. and I.T. sector revenue from USD 100 billion at present to USD 300 billion by 2020 and an increase in exports from USD 69 billion at present to the U.S.

Case Laws

Firos vs. State of Kerala[5]

In this case, the notification issued by the Government of Kerala pursuant to Section 70 of the I.T. Act declaring the FRIENDS programme as a security system. The author of the application programme appealed against the notice in the High Court. It also questioned the procedural legitimacy of section 70 of the I.T. Act. The Court confirmed the validity of both Section 70 of the I.T. Act and the notice issued by the Government of Kerala and held that Section 70 of the I.T. Act is not contradictory but subject to the provisions of the Copyright Act. Government cannot arbitrarily designate any method to be “protected” other than “Government work” coming under Section 2(k) of the Copyright Act to which the Government refers.[6]

Syed Asifuddin and Ors. V. The State of A.P. & Anr[7]

Tata Indicom employees were arrested for interfering with an electronic 32-bit number (ESN) programmed on cell phones that had been tampered with exclusively by Reliance Infocomm. The Court held that such manipulation contributed to the altering of the programme source code as envisaged in section 65 of the Information Technology Act, 2000.

State vs. Mohd. Afzal and others[8]

In this case, the accused persons contested the same case before the High Court of Delhi, where the prosecution relied on digital facts, such as computerised mobile phone call records, electronic forensics of evidence obtained from a laptop used by Terrorist, etc. Both the conviction and the admissibility of such data have been confirmed by the Court, meaning that if anyone disputes the authenticity of the electronic proof on the grounds of manipulation of the device or operating malfunction or interpolation, the challenger must establish the challenge and that only theoretical and general concerns cannot be placed on the facts.

Conclusion

Implementation of cyberspace laws is a major step in establishing a safe and secure climate for users on cyber networks. Software forensic science should focus on ethical hacking preparation and the creation of cyber-protection plans to overcome today’s human, procedural and technological issues in the battle against cybercrime. Strict cyber regulation is the need for a period in which technology is growing at a faster pace and the budgets have not been raised to keep up with this rate of technology transition.

The Indian legal framework for promoting and regulating e-Transaction based applications is not “Soft” against cyber-crimes and provides for harsher punishments than those provided for under conventional criminal legislation. Yet Indian cyber-jurisprudence is also in its infancy. The belief ratio is negligible. India’s advance in information technology has not been reflected in the cracking and elimination of cyber-related incidents. Proving cyber-crime in a modern enemy modelled criminal justice environment is cumbersome for both the prosecution and the suspect. Unjust law not technically excused—is indeed a matter of serious concern, leading even educated masses to play with cyber-crimes, especially linked to pornography and piracy.

With a growth in I.T. prevalence in India, cyber-jurisprudence provides legal practitioners with resources and challenges. The Indian Courts, following their counterparts in the United States, Canada and the United Kingdom, have also started to insist on a soft text. Another government machinery such as I.T., Passport, Federal Excise, P.F. promotes e-filing of records. The importance of cyber law awareness cannot be overstressed. It is now time for recruiting bodies to address cyber law awareness in the Curriculum-Vitae for legal professionals. Major law firms have also made cyber-education compulsory for their new associates. To say, in the coming ages, experience of cyber law is no longer a question of academic curiosity, but a matter of subsistence, for one who wishes to pursue a legal profession.

---

References:

[1] Kratikal Academy. (2020, March 26). What is cyber law and why it is important? Medium. https://kratikalacademy.medium.com/what-is-cyber-law-and-why-it-is-important-e21d76d74f47

[2] https://www.cs.auckland.ac.nz/~pgut001/pubs/icommerce.pdf

[3] Crimes in cyberspace: Right to privacy and other issues. (2014, August 7). Academike. https://www.lawctopus.com/academike/cyber-crimes-other-liabilities/

[4] (n.d.). India Code. https://www.indiacode.nic.in/bitstream/123456789/2188/1/A1872-1.pdf

[5] AIR 2006 Ker 279

[6] http://www.legalservicesindia.com/article/1987/Cyber-Jurisprudence-An-Internalisation-In-Indian-Matrix.html

[7] 2005 CriLJ 4314

[8] 2003 VIIAD Delhi 1, 107