The origination of the internet has brought massive change in our lives. It has made our lives better by introducing a better way of communication, faster transit and also storage of electronic data in large quantities in small spaces. People from diverse fields are enormously using the computers to create, store and transmit information in the electronic form instead of the documents, papers. The internet has evolved in decades, and every day, a new change in technology has been taking place. Mike Fitzpatrick said, “The internet has brought communities across the globe closer together through instant communication.” A single button can grab many opportunities; a broad scope of data can be accessed by just sitting at one place. The information across can the world can be accessed in a minute, making the internet, a global library. Internet was once used for only military purposes, but now, it has brought a radical change in our lives.
With the heavy dependency on the use of the internet, new crimes have started flourishing in the age of technology. People are misusing this technology on the stake of harming others. The speedy connectivity has increased offences needing a law for the protection. John W Thompson said, “First, our focus on security is on the infrastructure itself. So, it is all about how you protect the network, the device, and the application that is riding on the server.” The Indian Parliament created the first draft as the E-Commerce Act in 1998, which was redrafted as the ‘Information Technology Bill, 1999,’ finally passed in 2000. The objective of the IT Act is to provide legal recognition to legal transactions, electronic exchange of data, electronic commerce transactions and other means of communication. There are various aspects which are covered under this Act when with a particular reference to electronic media such as computers, television, social media, telephone, etc. If the alleged person tries to induce computer virus
o Penalty And Compensation for the Damage to Computer, System and other related devices.
Section 43 of the Information Technology Act emphasises on the ten sub-clauses that are mentioned in the Act which says, whoever without the permission of the owner or any other person who is the in-charge of the computer, computer system tries to access the computer system is liable to pay damages in the form of compensation to the owner of any person is in-charge of the computer system. If the person tries downloading, copying and trying to extract the data that is stored in the computer system or network without the permission of the owner is liable for damages. If the alleged person induces computer virus or contaminant into the system, or damages/causes to damage any computer system, the network, computer data, or any computer programmes installed into the computer system or network is liable under this section. Other sub-clauses include disruption, manipulation, stealing, concealment, destroying and deleting or altering any information residing in the computer system or network is included under this section.
In the case of MphasiS BPO Fraud,[1] also India’s first BPO scam in which four BPO employees working at MphasiS call centre in Pune gained the confidence of four US customers who were the customers of MphasiS’s client, Citibank and obtained their Personal Identification Numbers (PIN) which these employees were not authorised to obtain. These call centre employees then opened new bank accounts using false identities at Indian banks. Within a few months, these employees during their employment at MphasiS transferred money from the bank accounts of Citibank customers to the new accounts they had opened at the Indian banks using the PINs and account information. The employees did not break through the firewalls or decoded encrypted software, but instead, they identified glaring loopholes in the system of MphasiS. By April 2005, the Indian police managed to identify the fraudsters who scammed the U.S bank after one of the account holders complained it to the Citibank. The police could arrest the employees after they attempted to withdraw cash from the accounts at Indian banks. Court held that Section 43(a) of the IT Act is applicable here, and the employees were charged under this section due to the unauthorised access involved in committing transactions.
In the recent case in 2017 where the Navi Mumbai police arrested a Rajasthan based computer course dropout who allegedly leaked database of Jio customers on a website named Magicapk.com. An FIR was registered with the Navi Mumbai police by Reliance Jio owned by Mukesh Ambani under Section 43(2) of the IT Act of data theft in which a person downloads, extracts and copies any data on the computer network or system or the data stored in the removable storage medium, under Section 379 of theft and Section 66 which deals with computer-related offences of the IT Act.
o Tampering with Computer Source Documents
Section 65 of the IT Act states that any person knowingly or intentionally conceals, destroys or alters any computer source code used in a computer system or network, programme. Such a person will be punished with imprisonment up to three years or with fine which may extend up to two lakhs rupees or with fine and imprisonment both.[2]
This offence is a cognisable and non-bailable tried by any magistrate. The term mentioned in this section, ‘computer source code or documents,’ is the list of programmes and programme analysis of computer resource, computer commands, design and layout of computer resource which is in any form.
In the case of State v Mohd. Afzal And Ors.[3] Which is also known as the Parliament Act in which several terrorists attacked the Parliament House in December 2001. The digital evidence was obtained, which played an essential role in the prosecution. Several storage disks and devices, a laptop was recovered after getting the information by the two suspects from the truck at Srinagar. Though, the accused claimed that the devices recovered can be quickly tempered and hence, the prosecution should not rely on it. The fake identity cards and video clips of the political leaders with Parliament at the back of the video were recovered with supposedly was shot from T.V news channels. It was held in this case that if the challenger is questioning the validity of the computer evidence, then there should be clear arguments against it as mere generic doubts, suspicion and theoretical doubts cannot be held as evidence.
o Hacking with a Computer System or Network
Section 66 is in reference with Section 43, states that if any person does any act mentioned in Section 43 fraudulently or dishonestly, then the person shall be punishable with imprisonment up to three years or a fine which may extend up to five lakhs rupees. This section details on hacking and the data theft stated in Section 43[4]. We know there is a remedy of compensation and damages, which makes it a simple civil offence in section 43. However, the same offence under Section 43 is committed with criminal intent; then, it becomes a criminal offence. The Act of data theft stated in Section 43 if done with a criminal intention, i.e. fraudulently or dishonestly then it becomes a punishable offence under Section 66 and sentences imprisonment up to three years or a Rs 5 Lakhs as fine or both. Before hacking was defined in this section but as an offence. After the amendment, the data theft that was mentioned in Section 43 is referred to Section 66, and the word, ‘hacking’ is not used. Earlier, hacking was seen as a crime in this section but was taught academically as ‘ethical hacking.’ This led to people questioning the validity of the section as an illegal activity was taught academically.
In 2017, Podium Systems mobile app, ‘Review Dede[5],’ which was their first product was hacked, and Rs 10,500 vouchers were stolen after they discovered the codes of vouchers that were purchased by the company. Then, Podium Systems registered a complaint under the IT Act. After investigating for several weeks, the cybercrime cell at Pune finally registered an FIR at the Police station and arrested the accused, Vivek Rajole. He was booked under Section 66 and 66(d) of the IT Act and also Section 420 for cheating and Section 380 for theft of Indian Penal Code(IPC).
In the case of BSNL unauthorised access, the accused logged into the BSNL broadband Internet connection. The accused managed to get the unauthorised access to the Joint Academic Network (JANET) and be manipulated with the data like deleting, adding files and changing passwords to deny access to the authorised users. He altered the computer database concerning broadband internet user accounts by being the authorised genuine user. The accused was registered under cybercrime by the CBI and carried out investigations on the complaint made by the Press Information Bureau, Chennai which first detected unauthorised use of the internet. The subscribers incurred a loss of Rs 38,248 because of the accused. He was convicted under Section 66 of the IT Act.
o Publishing of Obscene Information in Electronic Form
Section 67 deals with publishing or transmitting obscene information in electronic form. The IT Act was widened in the IT Amendment Act. 2008 by also adding child pornography and retention of records.
Any person who publishes or transmits any lascivious material or appears to be prurient and is likely to corrupt the persons who read the matter it entails is punishable up to 3 years and up to Rs 5 lakhs of fine and a term of five years and fine up to ten lakh rupees or both in the second conviction.
In the case of The State of Tamil Nau v Suhas Katti[6], a known family friend of the victim who was a divorcee woman. The accused was posting obscene, defamatory messages about the victim on the Yahoo message group. A fake email account in the name of the victim was opened by the accused and mails were forwarded to the victim for information. The posting on the group resulted in annoying phone calls to the victim. The accused was interested in marrying her, but she married someone else and ended in divorce and hence, the accused started to contact her again. However, the victim’s reluctance to marry the accused resulted in harassing her. Under Section 67 of the IT Act, section 469 and 509 IPC, the accused was found guilty.
CONCLUSION
The society is gradually getting dependant upon technology at the same time, and crime is flourishing at a faster rate. With ageing technology, there is an advancement in the way cyber crimes are being committed. Awareness should be spread across people to remain cautious like keeping a check on their passwords of social media or any other platforms, bank statements by following the bank’s protocol. Technology can be both a curse and a potion at the same time, enabling us to understand the dynamic power it holds.
[1] Abhay Vaiya, India’s first BPO scam unraveled, The Times of India (April 23, 2005), https://timesofindia.indiatimes.com/home/sunday-times/deep-focus/Indias-first-BPO-scam-unraveled/articleshow/1086438.cms
[2] Firos vs State Of Kerala, AIR 2006 Ker 279 : 2006 (3) KLT 210 : 2007 (34) PTC 98 Ker
[3] State vs Mohd. Afzal And Ors. 2006 (1) ALD Cri 96 : (2005) CriLJ 4314
[4] The Information Technology Act 2000, Chapter IX-18/36
[5] Salonee Mistry, Hacker steals Rs 10,500 from city co’s new app, Pune Mirror (July 20, 2017), https://punemirror.indiatimes.com/pune/civic/hacker-steals-rs-10500-from-city-cos-new-app/articleshow/59671248.cms
[6] Arohi Ambade, Case Summary: State of Tamil Nadu v Suhas Katti, LAWLEX.ORG (July 20, 2020), https://lawlex.org/case-summary/case-summary-state-of-tamil-nadu-vs-suhas-katti/24568