CYBER LAWS - Smart Notes
CYBER LAWS - Smart Notes
CYBER LAWS - Smart Notes
CYBER LAW
COURSE MATERIAL
1
Strictly for Internal Circulation‐ KCL
CYBER LAWS
UNIT- I
Basics of Computer- Input/ Output, Memory, Storage Device- CPU, Operating System, Meaning
of Formatting and Processing of Datas, Data Representation, CPU and its working, Computer
Languages and Software, Network and Data Communications, Internet and Online Resources.
UNIT- II
Role of law in cyber world- right to speech and expression on the internet, Authority of
government to regulate internet (Internet Censorship), Ethics, Etiquette and Privacy in Cyber
World.
UNIT- III
UNIT- IV
The Information Technology Act, 2000- its objects, scope, legal recognition of electronic records
and digital signatures, security of electronic records and procedure there to.
UNIT- V
Offences and penalties under the I.T. Act, Controller (Appointment, function and power Cyber
Regulation Appellate Tribunals (composition and powers).
2
Strictly for Internal Circulation‐ KCL
CYBER LAWS
INFORMATION TECHNOLOGY IS ENCOMPASSING
ALL WALKS OF LIFE ALL OVER THE WORLD
Since the beginning of civilization, man has always been motivated by the need to make progress
and better the existing technologies. This has led to tremendous development and progress which
has been a launching pad for further developments. Of all the significant advances made by
mankind from the beginning till date, probably the most important of them is the development of
Internet.
However, the rapid evolution of Internet has also raised numerous legal issues and questions. As
the scenario continues to be still not clear, countries throughout the world are resorting to
different approaches towards controlling, regulating and facilitating electronic communication
and commerce.
The Parliament of India has passed its first Cyberlaw, the Information Technology Act, 2000
which provides the legal infrastructure for E-commerce in India. The said Act has received the
assent of the President of India and has become the law of the land in India.
At this juncture, it is relevant for us to understand what the IT Act, 2000 offers and its various
perspectives.
The object of The Information Technology Act, 2000 as defined therein is as under :-
"To provide legal recognition for transactions carried out by means of electronic data interchange
and other means of electronic communication, commonly referred to as "electronic methods of
communication and storage of information, to facilitate electronic filing of documents with the
Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act,
1872, the Banker's Book Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for
matters connected therewith or incidental thereto."
3
Strictly for Internal Circulation‐ KCL
CYBER LAWS
UNIT -1
BASICS OF COMPUTER
INTRODUCTION
The word “computer” comes from the word “compute” which means to calculate. Hence, a
computer is normally considered to be a calculating device, which can perform arithmetic
operations at enormous speed.
Infact, the original objective for inventing the computer was to create a fast calculating machine.
However, more than 80% of the work done by computers today is of non-mathematical or non-
numerical nature. Hence, to define a computer merely as a calculating device is to ignore over
80% of its functions.
More accurately, a computer may be defined as a device, which operates upon data. Data comes
in various shapes and sizes, depending upon the type of computer application. A computer can
store, process and retrieve data as and when desired. The fact that computers process data is so
fundamental that many people have started calling it a data processor.
The name data processor is more inclusive because modern computers not only compute in the
usual sense, but also perform other functions with the data, which flow to and from them. For
example, data processors may gather data from various incoming sources, merge (process of
mixing or putting together) them all, sort (process of arranging in some sequence- ascending or
descending) them in the desired order, and finally print them in the desired format. None of these
operations involve the arithmetic operations normally associated with the computing device, but
the term computer is often applied anyway.
The activity of processing data using a computer is called data processing. Data processing
consists of three sub-activities- capturing the input data, manipulating the data and managing the
output results. As used in data processing, information is data arranged in an order and form,
which is useful to the people who receive it. Hence, data is the raw material used as input to data
processing and information is the processed data obtained as the output of data processing.
4
Strictly for Internal Circulation‐ KCL
DEFINITIONS OF COMPUTER
“Computer is a fast operating electronic device which automatically accepts and store input data,
process them and produces results under the direction of a detailed step by step program”.
“The computer is an electronic device designed in such a way it automatically accepts and stores
input data, process them and produce the desired output”.
“The computer is an electronic device which converts raw data into valid (or) meaningful
information”.
“The computer may be defined as an electronic device, then, that operates upon information
data”.
5
Strictly for Internal Circulation‐ KCL
A computer is a very fast device. It can perform in a few seconds, the amount of work that a
human being can do in an entire year- if he worked day and night and did nothing else. A
computer does in one minute what would take a man his entire lifetime.
While talking about the speed of a computer, we do not talk in terms of seconds or even
milliseconds. Our units of speed are the microseconds, the nano seconds and even the
picoseconds. A powerful computer is capable of performing several billion simple arithmetic
operations per second.
Authenticity (Accuracy)
It denoted the accuracy of the computer. They are reliable and robust. The accuracy of a
computer is consistently high and the degree of accuracy of a particular computer depends upon
its design. It ever makes a mistake. Most probably the error occurs due to the user rather than the
computer. There may be certain hardware mistake but with the advanced technique in hand they
are overcome.
Example: Only accurate robots are used to perform the operations for the patients since human
hands are not flexible for making operations.
Spontaneous (Automatic)
The computers are automatic. It may execute the process without any intervention of user once
they are assigned to a work. Once the data or instruction are fetched from the secondary devices
such as optical disks, hard disks etc. Immediately they get stored into RAM (primary memory)
and then sequentially they get executed. However, computers being machines cannot start
themselves. They cannot go out and find their own problems and solutions. They have to be
instructed. That is, a computer works from a programme of coded instructions, which specify
exactly how a particular job is to be done. Some of the other characteristics of computers such as
speed and accuracy are due to the fact that they are automatic and work on a problem without
any human intervention.
Pertinacity (Endurance)
This denotes that the computers never get tried as the humans do. If there are surplus amount of
executions to be made then each and every execution will be executed at the same time period.
They can perform their assigned task without taking any refreshment.
6
Strictly for Internal Circulation‐ KCL
Adaptabilty (Versatile)
In our day to day life computers has been a part, with their extended flexibility they are used, all
over the world. They can be used as personal computers, for home uses, for business oriented
tasks, weather forecasting, space explorations, teaching, railways, banking, medicine etc. All
Modern computers can perform different kind of tasks simultaneously.
Storehouse (Memory)
Secondary storage devices are the key for the data storage. They store the data for which the user
wants to retrieve these data for future use. The examples for various secondary devices are
Floppy disk, Optical disks (CS and DVD), Zip drives, Thumb drives etc. The data of smaller size
can be easily fetched and they can be copied to the primary memory (RAM).
Computers are short term investment in order to achieve a long term gain. Though the
investment is high they reduce the cost of each and every transaction. They reduce man power
and leads to an elegant and efficient way for computing various tasks.
The only drawback of computer is it cannot make the decision of its own. It needs a guidance to
enhance the process. After all computers is a machine. It possesses no intelligence of its own. Its
I.Q. is zero at least until today. It has to be told what to do and in what sequence. Hence only the
user can determine what tasks a computer will perform. A computer cannot take its own decision
in this regard.
No Feelings
The computers are devoid of emotions. They have no feelings and no instincts because they are
machines. Although men have succeeded in building a memory for the computer, but no
computer possesses the equivalent of a human heart and soul. The judgments is based on the
instructions given to them in the form of programmes that are written by us.
7
Strictly for Internal Circulation‐ KCL
1. INPUTTING- The process of entering data and instructions into the computer system.
2. STORING- Saving data and instructions to make them readily available for initial or
additional processing as and when required.
4. OUTPUTTING- The process of producing useful information or results for the user,
such as a printed report or visual display.
5. CONTROLLING- Directing the manner and sequence in which all of the above
operations are performed.
INPUT UNIT- Data and instructions must enter the computer system, before any computation
can be performed on the supplied data. This task is performed by the input unit, which links the
external environment with computer system. Data and instructions enter input units in forms,
which depend upon the particular device used. For example, data are entered from a keyboard in
a manner similar to typing and this differs from the way in which data are entered through a
scanner, which is another type of input device.
a. It accepts (or reads) the instructions and data from the outside world.
b. It converts these instructions and data in computer acceptable form.
c. It supplies the converted instructions and data to the computer system for further
processing.
Various types of input devices have been developed so far. These input devices comprise the
Input Unit of computer system. Some commonly used input devices are described below:-
8
Strictly for Internal Circulation‐ KCL
1. KEYBOARD-
It is the most common input device used for almost all computer application areas. It
looks like a traditional typewriter containing various keys including alphanumeric keys
(alphabets and numbers), punctuation keys (symbols) and special keys (Control key, Alt
key, Tab key, Function keys, Capslock, Enter key etc.) The first keyboard was developed
in 1800 century and named as QWERTY Keyboards. These keyboards are classified as:
Every key on keyboard has its specific function. Nowadays, ergonomic keyboards are
also used which are helpful for painless typing.
2. MOUSE
Mouse is not a specific input device, but actually it is the pointing device. It input the
data or instructions by pointing them on computer screen. The mouse was invented by
Douglas Engelbart in 1963. It is an object containing a ball underneath. This ball is
moved on the plane surface to handle the cursor movement on screen.
The cursor is the pointer (arrow shaped) used to select an object (data/instruction) on
screen. It is very helpful for graphic designing like pencil, brush etc. the mouse may be
mechanical (controlled by ball movement) or optical (controlled by laser beam). Mouse
pad is required to move the mouse because it provides the smooth surface.
3. TRACKBALL
9
Strictly for Internal Circulation‐ KCL
It is also a pointing device and very much similar to mouse. Actually, it is an inverted
mouse, having ball upside. This ball is scrolled to handle the cursor on screen.
4. JOYSTICK
It is a lever like structure used to point somewhere on screen. It works for moving the
cursor to a specific direction. The cursor movement stops by upright position of joystick.
5. DIGITIZING TABLET
6. LIGHT PEN
10
Strictly for Internal Circulation‐ KCL
It is a pen like device which uses the photosensitive cell to select/ point an object on
screen.
7. TOUCH SCREEN
It is a computer screen, which inputs the touch-senses. Here the finger is used to point
any object on screen directly by the user.
8. TOUCH PAD
Generally it is used with portable computers as the mouse or any other pointing device.
The pointer moves on the screen, as the finger moves on pad.
9. DIGITAL CAMERA
11
Strictly for Internal Circulation‐ KCL
This camera is used to put images as input to the computer. It can store the images as
digital files further in computer system.
10. SCANNER
It is an input device, able to receive/ read the readymade data (printed on paper) from
user in the given format. It receives the image of written data, digitizes it and creates
bitmap for the image. These scanners are of various types. These may be Flat Bed
Scanner or Handy Scanner.
STORAGE UNIT- The data and instructions, which are entered into the computer system
through input units, have to be stored inside the computer before the actual processing starts.
Similarly, the results produced by the computer after the processing, must also be kept
somewhere inside the computer system, before being passed on to the output units.
a. The data and instructions required for processing (received from input devices)
b. Intermediate results of processing
c. Final Results of processing, before these results are released to an output device.
The storage unit of all computers is comprised of the following two types of storage:-
1. Primary Storage – The primary storage also known as main memory is used to hold
pieces of program instructions and data, intermediate results of processing and recently
produced results of processing of the jobs, which the computer system is currently
working on. These pieces of information are represented electronically in the main
memory chips circuitry and while it remains in the main memory, the central processing
unit can access it directly at a very fast speed. However, the primary storage can hold
information only while the computer system is on. As soon as the computer system is
switched off or reset, the information held in the primary storage disappears. Moreover,
the primary storage normally has limited storage capacity, because it is very expensive.
The primary storage of modern computer systems is made up of semiconductor devices.
12
Strictly for Internal Circulation‐ KCL
The primary memory has direct link with input unit and output unit. It stores the input
data, calculation results. This primary memory is classified into two types of memory as
follows:-
This memory is used to read and write at any part of the memory but it stores the
data temporarily till the steady flow of electricity. The data in RAM is lost, as
soon as the power supply is off. So, RAM is also called volatile memory. In
computer systems, two types of RAM is found:-
This memory allows read only operation on data. It is a memory chip having pre-
recorded data provided by manufacturing company. The data written on the ROM
chip cannot be removed. So, it stores the data permanently within itself without
being effected by power-supply failure. Hence, it is called Non-Volatile Memory.
A small ROM chip is the integral part of most of computers having the special
programmes (used for booting i.e. start up of the computer). There are various
types of ROM available as follows:-
i. PROM (Programmable Read Only Memory) - PROM chip allows to store the
programs/ data only once onto itself. These program/ data remain in the
memory always. It is previous manufactured blank, but later the programmes
are written on this memory.
ii. EPROM- (Electrically Programmable Read Only Memory) - It is a special
type of memory, whose contents can be reprogrammed by exposing it to UV
light.
iii. EEPROM (Electrically Erasable Programmable Read Only Memory) - this
memory can be erased by electrical charge. Data can be erased as required but
data can be written only once. The reprogramming is possible.
iv. Flash Memory- It is the extension of EEPROM in which the reprogramming
or erasing is done on a block of memory (differing from EEPROM)
2. Secondary Storage – The secondary storage also known as auxiliary storage is used to
take care of the limitations of the primary storage. That is, it is used to supplement the
limited storage capacity and the volatile characteristic of primary storage. This is because
secondary storage is much cheaper than primary storage and it can retain information
even when computer system is switched off or reset. The secondary storage is normally
used to hold the programme instructions, data and information of these jobs, on which the
13
Strictly for Internal Circulation‐ KCL
computer system is not working on currently but needs to hold them for processing later.
The most commonly used secondary storage medium is the magnetic disk.
Commonly used secondary storage devices are magnetic tape, magnetic disk, optical disk
etc.
a. Magnetic Tape
It is similar to audio tape containing a plastic strip coated with magnetic material.
The data is encoded on the magnetic material in the form of electric current:
conduction state (ON) represents ONE (1) and non-conduction state (OFF)
represents ZERO (0). This type of data encoding is called Binary Data Storage.
The data can be stored in binary form in the computer system.
The magnetic tapes are with large storage capacity and inexpensive but there is a
drawback with their use. The magnetic tapes are sequential access storage media,
i.e. tape must go through all previous data for reaching upto a specific data. So
these are very slow in processing. It can store data from 60 MB to 24 GB.
b. Magnetic Discs
These are the direct access storage media, where the accessing of a data is much
faster because there is no need to go through all previous data for reaching a
specific data. In this type of storage devices, there is present a round diskette
(round disk) of plastic material coated with magnetic ink on which data encoding
is done. The magnetic disks are commonly of three types: Winchester disk,
Floppy Disk, Hard Disk.
i. Winchester Disk- It is the earlier type of disk developed by IBM. It can store
30 MB of data. But now, it is rarely used.
ii. Floppy Disk- It is a magnetic disk made up of soft material coated with
magnetic ink. It is covered in a plastic jacket. It is called floppy because it
flopps on waving, but these are very useful for data transportation, because of
small size. These are very much inexpensive, but with a limited storage space.
iii. Hard Disk- These are the magnetic disk which can hold much more data than
the floppy disk. A typical hard disk can store the data from 10 MB to several
GB but these are not easily portable.
14
Strictly for Internal Circulation‐ KCL
A hard disk consists of many platters (diskette type). Each platter has read/ write
heads for each side except upper and lower platter. The upper surface of
uppermost platter and lower surface of lowermost platter do not have any read/
write head. The data is stored on racks and each platter has equal number of
tracks. The read/write heads are used to read and write data from and to the disk.
There are two types of head systems with hard disk as Fixed Head System and
Movable Head System.
c. Optical Disc
The data can be read from and write to the optical disk by laser beam. These disks
are able to store large amount of data into GB. These are available as CD-ROM,
WORM (Write Once Read Many) erasable optical disks.
In CD-ROM, data can be stored once and then read only. These are called
compact disks- Read Only Memory. These can store data from 600 MB to 1 GB.
A special device called CD-ROM player is used to read the data from CD-ROM.
PROCESSING UNIT- When the data is received by the computer; it is first stored in the
memory of computer. The storage of data is necessary, so that we can use the in future when
required. This stored data is further send for processing i.e. analysis. The processing means
actual operation on data after analyzing it. The processing device is responsible for the
processing operations.
15
Strictly for Internal Circulation‐ KCL
It is the part of computer system, where actual computing operations take place. The input data is
used by such computations and then the result is sent to the output unit. So, it is the main part of
computer system which operates on the programme instructions and called as Central Processing
Unit (CPU). It works like the brain of computer system which handles all the computing
operations. CPU consists of 3 parts as: The Memory Unit, Control Unit and The Arithmetic and
Logical Unit.
a. Memory Unit (MU) - The memory unit is considered as the part of CPU but some
scientists keep it as the separate unit of computer system having inter-relation to the
control unit. The memory unit lies among input unit, output unit and control unit. The
input data is firstly stored in the memory. The data to be produced as output is also stored
in memory. The intermediate results of calculations are also stored in the memory.
b. Control Unit (CU) - The unit controls all other units of the computer system. It instructs
the input unit to receive the data and also to store the data. Similarly, it controls the data
flow from memory to ALU and vice-versa. It also controls the data flow to output unit.
The Control Unit works as the Nervous System for the entire computer system.
c. Arithmetic and Logical Unit- It is the unit of computer system, responsible for all
calculation works, arithmetic as well as logical. The control unit (CU) supplies the
calculative data to ALU, so that ALU can perform the arithmetic operations (addition,
subtraction, multiplication, division etc) and also logical operations (comparisons and
decision making). After performing the calculations, the result is again stored to the
memory unit by control unit.
OUTPUT UNIT- The job of an output is just the reverse of that of an input unit. It supplies the
information obtained from data processing to the outside world. Hence, it links the computer
with the external environment. As computers work with binary code, the results produced are
also in the binary form. Hence, before supplying the results to the outside world, they must be
converted to human acceptable (readable) form. This task is accomplished by units called output
interfaces.
a. It accepts the results produced by the computer, which are in coded form, and hence
cannot be easily understood by us.
b. It converts these coded results to human acceptable readable form.
c. It supplies the converted results to the outside world.
The output data is produced for the user by many output devices. The output is produced in the
meaningful form. There are various output devices present in the market. Some of them are
discussed below:-
1. MONITOR
16
Strictly for Internal Circulation‐ KCL
It is the most common output device which displays the output on screen. It produces the
soft copy output.
b. Monochrome- These monitors display the result in two colours, i.e. black/ white,
green/ black or amber/black.
c. Gray Scale- it is a monochrome type of the monitor. But it displays the output using
different shades of gray, made by combination of black and white.
d. Colour Monitor- It can display the output in many colours, ranging from 16 to 1
million colours. These are also called RGB monitors because they work on three
colour signals- Red, Green and Blue. It consists of a vacuum tube with three electron
guns each for red, green and blue colours.
The monitors are also classified on the basis of signal received as analog and digital:-
a. Analog Monitor- These are traditional type of colour monitors. These are based
on CRT Technology (Cathode Ray Tube). These work like the television
screen and accept analog signal.
b. Digital Monitor- The digital monitor receives the digital signal and uses CRT
technology. The data is received from video adapter. These are fast and produce
clear images. These are of different types as CGA (Colour Graphics Array) and
SVGA (Super VGA).
The screen size of monitor is measured in diagonal inches. The resolution of monitor
indicates the pixel arrangements on screen. The pixel is a small point in an image and
represent the quality of picture.
2. PRINTER
17
Strictly for Internal Circulation‐ KCL
Printer is another output device which can produce hard copy output to be printed on paper.
There are different types of printers available.
The printers of different varieties are able to print the data at various speeds:-
a. Character Printer- These printers are able to print only one character at a time. These
work like that of type writer. The examples are Daisy Wheel Printer, Dot Matrix Printers
and Inkjet Printers.
b. Line Printer- Line Printers are used to print large amount of data. These are fast speed
printers ranging from 300 to 2500 lines per minute. Drum printers and Chain printers are
examples of this type.
c. Page Printer- These are very high speed printers which produce high quality output. Their
speed ranges from 10-25 pages per minute. Their examples are laser printers.
The various printers use different printing technologies. So the print quality is also different
for those outputs. The print quality classifies the printers into two types:-
a. Impact Printer- The impact printers produce the output by using typewriter approach.
This approach hammers the data against paper and inked ribbon. The Daisy Wheel
Printer, Dot Matrix Printer, Drum Printer, Chain Printer are the example of impact
printer.
b. Non- Impact Printer- The non impact printer do not hit the ribbon to print. They use
inkjet, thermal, chemical, electrostatic technologies to print the output. The Inkjet
Printers and Laser Printers belong to this category.
18
Strictly for Internal Circulation‐ KCL
3. PLOTTER
The plotter is the hard copy output device. It can be used to draw maps, wave structures
etc. on paper by suing pen. The Plotters are of two types as Drum Plotter and Flatbed
Plotter.
In drum plotter, a drum rotates to produce vertical motion and the paper is fixed on this
drum. Many pen holders are attached to produce horizontal motion. The simultaneous
movements of drum and pens produce the design on paper.
In flatbed plotter, the paper is fixed over a flat table. The pen holders are allowed to move
to design the graphics on paper.
A system is a group of integrated parts, which have the common purpose of achieving some
objectives. Hence the following three characteristics are key to a system:
19
Strictly for Internal Circulation‐ KCL
Since a computer is made up of integrated components (input, output, storage and CPU) which
work together to perform the steps called for in the programme being executed, it is a system.
The input or output units cannot function, until they receive signals from the CPU. Similarly, the
storage unit or the CPU alone is of no use. Hence, the usefulness of each unit depends on other
units and can be realized only when all units are put together (integrated) to form a system.
CONCLUSION
1. All computer systems perform the following five basic operations for converting raw input
data into useful information- inputting, storing, processing, outputting and controlling.
2. The Input Unit allows data and instructions to be fed to the computer system from the outside
world, in computer acceptable form.
3. The Input Interfaces transform the input data and instructions fed to the computer, through its
input devices, into the binary codes, which are acceptable to the computer.
4. The output unit allows the computer system to supply the information obtained from data
processing to the outside world in human acceptable (readable) form.
5. The storage unit of a computer system holds the data and instructions to be processed and the
intermediate and final results of processing. The two types of storage are primary and
secondary storage. As compared to primary storage, secondary storage is slower in operation,
larger in capacity, cheaper in price and can retain information even when the computer
system is switched off or reset.
6. During data processing, the actual execution of the instructions takes place in the Arithmetic
Logic Unit (ALU) of a computer system.
7. The control unit of a computer system manages and coordinates the operations of all the
other components of the computer system.
8. The control unit and the arithmetic logic unit of a computer system are jointly known as the
Central Processing Unit (CPU) which serves as the brain of the computer system and is
responsible for controlling the operations of all other units of the system.
20
Strictly for Internal Circulation‐ KCL
21
Strictly for Internal Circulation‐ KCL
OPERATING SYSTEM
Introduction
The 1960’s definition of an operating system is “the software that controls the hardware”. In
brief, an operating system is the set of programs that controls a computer. Some examples of
operating systems are UNIX, Mach, MS-DOS, MS-Windows, Windows/NT, Chicago, OS/2,
MacOS, VMS, MVS, and VM.
Controlling the computer involves software at several levels. We will differentiate kernel
services, library services, and application-level services, all of which are part of the operating
system. Processes run Applications, which are linked together with libraries that perform
standard services. The kernel supports the processes by providing a path to the peripheral
devices. The kernel responds to service calls from the processes and interrupts from the devices.
The core of the operating system is the kernel, a control program that functions in privileged
state (an execution context that allows all hardware instructions to be executed), reacting to
interrupts from external devices and to service requests and traps from processes. Generally, the
kernel is a permanent resident of the computer. It creates and terminates processes and responds
to their request for service.
Operating Systems are resource managers. The main resource is computer hardware in the form
of processors, storage, input/output devices, communication devices, and data. Some of the
operating system functions are: implementing the user interface, sharing hardware among users,
allowing users to share data among themselves, preventing users from interfering with one
another, scheduling resources among users, facilitating input/output, recovering from errors,
accounting for resource usage, facilitating parallel operations, organizing data for secure and
rapid access, and handling network communications.
Modern Operating systems generally have following three major goals. Operating systems
generally accomplish these goals by running processes in low privilege and providing service
calls that invoke the operating system kernel in high-privilege state.
An abstraction is software that hides lower level details and provides a set of higher-level
functions. An operating system transforms the physical world of devices, instructions,
memory, and time into virtual world that is the result of abstractions built by the
operating system. There are several reasons for abstraction.
22
Strictly for Internal Circulation‐ KCL
First, the code needed to control peripheral devices is not standardized. Operating
systems provide subroutines called device drivers that perform operations on behalf of
programs for example, input/output operations.
Second, the operating system introduces new functions as it abstracts the hardware. For
instance, operating system introduces the file abstraction so that programs do not have to
deal with disks.
Third, the operating system transforms the computer hardware into multiple virtual
computers, each belonging to a different program. Each program that is running is called
a process. Each process views the hardware through the lens of abstraction.
An operating system controls how processes (the active agents) may access resources
(passive entities).
The user interacts with the operating systems through the user interface and usually
interested in the “look and feel” of the operating system. The most important components
of the user interface are the command interpreter, the file system, on-line help, and
application integration. The recent trend has been toward increasingly integrated
graphical user interfaces that encompass the activities of multiple processes on networks
of computers.
One can view Operating Systems from two points of views: Resource manager and Extended
machines. Form Resource manager point of view Operating Systems manage the different parts
of the system efficiently and from extended machines point of view Operating Systems provide a
virtual machine to users that is more convenient to use. The structurally Operating Systems can
be design as a monolithic system, a hierarchy of layers, a virtual machine system, an exokernel,
or using the client-server model. The basic concepts of Operating Systems are processes,
memory management, I/O management, the file systems, and security.
23
Strictly for Internal Circulation‐ KCL
Introduction
Computer data processing is any process that uses a computer program to enter data and
summarize, analyze or otherwise convert data into usable information. The process may be
automated and run on a computer. It involves recording, analyzing, sorting, summarizing,
calculating, disseminating and storing data. Because data is most useful when well-presented and
actually informative, data-processing systems are often referred to as information systems.
Nevertheless, the terms are roughly synonymous, performing similar conversions; data-
processing systems typically manipulate raw data into information, and likewise information
systems typically take raw data as input to produce information as output.
Data processing may or may not be distinguished from data conversion, when the process is
merely to convert data to another format, and does not involve any data manipulation.
Data Analysis
When the domain from which the data are harvested is a science or an engineering field, data
processing and information systems are considered terms that are too broad and the more
specialized term data analysis is typically used. This is a focus on the highly-specialized and
highly-accurate algorithmic derivations and statistical calculations that are less often observed in
the typical general business environment. In these contexts data analysis packages like DAP,
gretl or PSPP are often used. This divergence of culture is exhibited in the typical numerical
representations used in data processing versus numerical; data processing's measurements are
typically represented by integers or by fixed-point or binary-coded decimal representations of
numbers whereas the majority of data analysis's measurements are often represented by floating-
point representation of rational numbers.
Processing
Basically, data is nothing but unorganized facts and which can be converted into useful
information. This process of converting facts to information is Processing. Practically all
naturally occurring processes can be viewed as examples of data processing systems where
"observable" information in the form of pressure, light, etc. are converted by human observers
into electrical signals in the nervous system as the senses we recognize as touch, sound, and
vision. Even the interaction of non-living systems may be viewed in this way as rudimentary
information processing systems. Conventional usage of the terms data processing and
information systems restricts their use to refer to the algorithmic derivations, logical deductions,
and statistical calculations that recur perennially in general business environments, rather than in
the more expansive sense of all conversions of real-world measurements into real-world
information in, say, an organic biological system or even a scientific or engineering system.
24
Strictly for Internal Circulation‐ KCL
In order to be processed by a computer, data needs first be converted into a machine readable
format. Once data is in digital format, various procedures can be applied on the data to get useful
information. Data processing may involve various processes, including:
@ Data summarization
@ Data aggregation
@ Data validation
@ Data tabulation
@ Statistical analysis
25
Strictly for Internal Circulation‐ KCL
DATA REPRESENTATION
Introduction
Data Representation refers to the methods used internally to represent information stored in a
computer. Computers store lots of different types of information:
@ numbers
@ text
@ graphics of many varieties (stills, video, animation)
@ sound
At least, these all seem different to us. However, all types of information stored in a computer
are stored internally in the same simple format: a sequence of 0's and 1's. How can a sequence of
0's and 1's represent things as diverse as your photograph, your favorite song, a recent movie,
and your term paper?
It all depends on how we interpret the information. Computers use numeric codes to represent all
the information they store. These codes are similar to those you may have used as a child to
encrypt secret notes:
Example-
Let 1 stand for A, 2 stand for B, etc. With this code, any written message can be represented
numerically. The codes used by computers are a bit more sophisticated, and they are based on the
binary number system (base two) instead of the more familiar (for the moment, at least!) decimal
system. Computers use a variety of different codes. Some are used for numbers, others for text,
and still others for sound and graphics.
26
Strictly for Internal Circulation‐ KCL
Binary Numbers
Normally we write numbers using digits 0 to 9. This is called base 10. However, any positive
integer (whole number) can be easily represented by a sequence of 0's and 1's. Numbers in this
form are said to be in base 2 and they are called binary numbers.
Base 10 numbers use a positional system based on powers of 10 to indicate their value. The
number 123 is really 1 hundred + 2 tens + 3 ones. The value of each position is determined by
ever-higher powers of 10, read from left to right. Base 2 works the same way, just with different
powers. The number 101 in base 2 is really 1 four + 0 twos + 1 one (which equals 5 in base 10).
For more of a comparison, click here.
Text
Text can be represented easily by assigning a unique numeric value for each symbol used in the
text. For example, the widely used ASCII code (American Standard Code for Information
Interchange) defines 128 different symbols (all the characters found on a standard keyboard, plus
a few extra), and assigns to each a unique numeric code between 0 and 127.
In ASCII, an "A" is 65," B" is 66, "a" is 97, "b" is 98, and so forth. When you save a file as
"plain text", it is stored using ASCII. ASCII format uses 1 byte per character 1 byte gives only
256 (128 standard and 128 non-standard) possible characters The code value for any character
can be converted to base 2, so any written message made up of ASCII characters can be
converted to a string of 0's and 1's.
Graphics
Graphics that are displayed on a computer screen consist of pixels: the tiny "dots" of color that
collectively "paint" a graphic image on a computer screen. The pixels are organized into many
rows on the screen. In one common configuration, each row is 640 pixels long, and there are 480
such rows. Another configuration (and the one used on the screens in the lab) is 800 pixels per
row with 600 rows, which is referred to as a "resolution of 800x600." Each pixel has two
properties: its location on the screen and its color.
A graphic image can be represented by a list of pixels. Imagine all the rows of pixels on the
screen laid out end to end in one long row. This gives the pixel list, and a pixel's location in the
list corresponds to its position on the screen. A pixel's color is represented by a binary code, and
consists of a certain number of bits. In a monochrome (black and white) image, only 1 bit is
needed per pixel: 0 for black, 1 for white, for example. A 16 color image requires 4 bits per
pixel. Modern display hardware allows for 24 bits per pixel, which provides an astounding array
of 16.7 million possible colors for each pixel!
27
Strictly for Internal Circulation‐ KCL
Compression
Files today are so information-rich that they have become very large. This is particularly true of
graphics files. With so many pixels in the list, and so many bits per pixel, a graphic file can
easily take up over a megabyte of storage. Files containing large software applications can
require 50 megabytes or more! This causes two problems: it becomes costly to store the files
(requires many floppy disks or excessive room on a hard drive), and it becomes costly to
transmit these files over networks and phone lines because the transmission takes a long time. In
addition to studying how various types of data are represented, you will have the opportunity
today to look at a technique known as data compression. The basic idea of compression is to
make a file shorter by removing redundancies (repeated patterns of bits) from it. This shortened
file must of course be de-compressed - have its redundancies put back in - in order to be used.
However, it can be stored or transmitted in its shorter compressed form, saving both time and
money.
The main objective of the CPU is to perform mathematical calculations on binary numbers; still
there are other goals of using CPU as well. It can provide high throughput for multiple programs.
It is aimed to consume less power with better performance. It provides viable connectivity to
develop more advance and parallel systems. The cost is less and the performance is more. It can
be redesigned and converted to small size, in order to increase the performance of the system,
lower the cost and increase the speed of the system. It can provide very good compatibility with
very large scale integrated circuits, which helps in compressing the transistors on one chip and
hence the speed of system is enhanced. This is because tiny transistors switch in a fast and swift
manner. The early designs of CPU were based on clock rate however today micro electrical
designs are more popular.
CPU is the central working unit for any computer however it is designed to perform various
functions. The main focus of the CPU is on the areas such as control units which further
manages the data paths, it also monitors cache and registers, it helps in managing clock
distribution management, performs Pad transceiver circuitry and the supervision of logic gate
cell library the popularly used logic styles include microprogramming, finite state machines and
programmable logic array. The CPU can be customized or cannot be. The CPU which is
designed for commercial purposes is build to achieve high frequency with low power indulgence
and high speed.
CPU is a complex design which is comprised of many hardware components like motherboard
and circuits. This machine works by receiving set of instructions, logic gates are used to execute
and follow the set of instructions. This set of instructions is commonly known as a program. The
representation of numbers in a processor is based on the design of the CPU. The early design of
the CPU allowed only numeral and decimal system to represent the numbers. However the
design of the modern CPUs allows them to present numbers in binary form.
The performance of the CPU is dependent upon the clock rate. The working and design of the
most CPUs is based on the synchronization of the signal. This signal is usually known as clock
signal helps in determining the movement of the electrical signal to the circuits of the CPU. The
designers use it to determine the correct period of the clock signals. Besides the logical working
the structure of the CPU has control unit, logical unit and registers. There are number of registers
in a CPU like program counter, instruction register, accumulator and process status register. The
control unit is helpful in managing instructions and flow of data within the parts of the computer.
It also helps in regulating the time of the processing.
The design and working of the arithmetic logic unit is complicated. It is ALU which helps the
CPU to perform calculations and take logical decisions. The registers have their own assigned
duties to perform like the accumulator stores ultimate and midway results of the calculation. His
magic machine is small in size, complex in design but is really powerful and swift.
29
Strictly for Internal Circulation‐ KCL
Computers use two types of storage: Primary storage and secondary storage. The CPU interacts
closely with primary storage, or main memory, referring to it for both instructions and data. For
this reason this part of the reading will discuss memory in the context of the central processing
unit. Technically, however, memory is not part of the CPU.
Recall that a computer's memory holds data only temporarily, at the time the computer is
executing a program. Secondary storage holds permanent or semi-permanent data on some
external magnetic or optical medium. The diskettes and CD-ROM disks that you have seen with
personal computers are secondary storage devices, as are hard disks. Since the physical attributes
of secondary storage devices determine the way data is organized on them, we will discuss
secondary storage and data organization together in another part of our on-line readings.
The control unit of the CPU contains circuitry that uses electrical signals to direct the entire
computer system to carry out, or execute, stored program instructions. Like an orchestra leader,
the control unit does not execute program instructions; rather, it directs other parts of the system
to do so. The control unit must communicate with both the arithmetic/logic unit and memory.
30
Strictly for Internal Circulation‐ KCL
The arithmetic/logic unit (ALU) contains the electronic circuitry that executes all arithmetic and
logical operations.
The arithmetic/logic unit can perform four kinds of arithmetic operations, or mathematical
calculations: addition, subtraction, multiplication, and division. As its name implies, the
arithmetic/logic unit also performs logical operations. A logical operation is usually a
comparison. The unit can compare numbers, letters, or special characters. The computer can then
take action based on the result of the comparison. This is a very important capability. It is by
comparing that a computer is able to tell, for instance, whether there are unfilled seats on
airplanes, whether charge- card customers have exceeded their credit limits, and whether one
candidate for Congress has more votes than another.
@ Equal-to condition. In a test for this condition, the arithmetic/logic unit compares two
values to determine if they are equal. For example: If the number of tickets sold equals
the number of seats in the auditorium, then the concert is declared sold out.
@ Less-than condition. To test for this condition, the computer compares values to
determine if one is less than another. For example: If the number of speeding tickets on a
driver's record is less than three, then insurance rates are $425; otherwise, the rates are
$500.
@ Greater-than condition. In this type of comparison, the computer determines if one
value is greater than another. For example: If the hours a person worked this week are
greater than 40, then multiply every extra hour by 1.5 times the usual hourly wage to
compute overtime pay.
The following table summarizes the characteristics of the various kinds of data storage in
the storage hierarchy.
The Central Processing Unit, in association with memory, executes a computer program. In fact,
31
Strictly for Internal Circulation‐ KCL
most computers today can execute only one instruction at a time, though they execute it very
quickly. Many personal computers can execute instructions in less than one-millionth of a
second, whereas those speed demons known as supercomputers can execute instructions in less
than one-billionth of a second.
Machine Cycle
Before an instruction can be executed, program instructions and data must be placed into
memory from an input device or a secondary storage device (the process is further complicated
by the fact that the data will probably make a temporary stop in a register). Once the necessary
data and instruction are in memory, the central processing unit performs the following four steps
for each instruction:
The control unit eventually directs memory to release the result to an output device or a
secondary storage device. The combination of I-time and E-time is called the machine cycle.
32
Strictly for Internal Circulation‐ KCL
33
Strictly for Internal Circulation‐ KCL
COMPUTER LANGUAGES
A computer language is the means by which instructions and data are transmitted to computers.
Put another way, computer languages are the interface between a computer and a human being.
There are various computer languages, each with differing complexities. For example, the
information that is understandable to a computer is expressed as zeros and ones (i.e., binary
language). However, binary language is incomprehensible to humans. Computer scientists find it
far more efficient to communicate with computers in a higher level language.
Block-structured language
First-generation language is the lowest level computer language. Information is conveyed to the
computer by the programmer as binary instructions. Binary instructions are the equivalent of the
on/off signals used by computers to carry out operations. The language consists of zeros and
ones. In the 1940s and 1950s, computers were programmed by scientists sitting before control
panels equipped with toggle switches so that they could input instructions as strings of zeros and
ones.
34
Strictly for Internal Circulation‐ KCL
Assembly or assembler language was the second generation of computer language. By the late
1950s, this language had become popular. Assembly language consists of letters of the alphabet.
This makes programming much easier than trying to program a series of zeros and ones. As an
added programming assist, assembly language makes use of mnemonics, or memory aids, which
are easier for the human programmer to recall than are numerical codes.
The introduction of the compiler in 1952 spurred the development of third-generation computer
languages. These languages enable a programmer to create program files using commands that
are similar to spoken English. Third-level computer languages have become the major means of
communication between the digital computer and its user.
By 1957, the International Business Machine Corporation (IBM) had created a language called
FORTRAN (FORmula TRANslater). This language was designed for scientific work involving
complicated mathematical formulas. It became the first high-level programming language (or
"source code") to be used by many computer users.
Within the next few years, refinements gave rise to ALGOL (ALGOrithmic Language) and
COBOL (COmmon Business Oriented Language). COBOL is noteworthy because it improved
the record keeping and data management ability of businesses, which stimulated business
expansion.
In the early 1960s, scientists at Dartmouth College in New Hampshire developed BASIC
(Beginner's All-purpose Symbolic Instruction Code). This was the first widespread computer
language designed for and used by nonprofessional programmers. BASIC enjoyed widespread
popularity during the 1970s and 1980s, particularly as personal computers grew in use.
35
Strictly for Internal Circulation‐ KCL
Fourth-generation languages attempt to make communicating with computers as much like the
processes of thinking and talking to other people as possible. The problem is that the computer
still only understands zeros and ones, so a compiler and interpreter must still convert the source
code into the machine code that the computer can understand. Fourth-generation languages
typically consist of English-like words and phrases. When they are implemented on
microcomputers, some of these languages include graphic devices such as icons and onscreen
push buttons for use during programming and when running the resulting application.
Many fourth-generation languages use Structured Query Language (SQL) as the basis for
operations. SQL was developed at IBM to develop information stored in relational databases.
Eventually, it was adopted by the American National Standards Institute (ANSI) and later by the
International Standards Organization (ISO) as a means of managing structured, factual data.
Many database companies offer an SQL-type database because purchasers of such databases
seek to optimize their investments by buying open databases, i.e., those offering the greatest
compatibility with other systems. This means that the information systems are relatively
independent of vendor, operating system, and computer platform.
36
Strictly for Internal Circulation‐ KCL
DATA COMMUNICATION
AND
NETWORKING
DATA COMMUNICATION
For communication of information and message we use telephone and postal communication
systems. Similarly data and information from one computer system can be transmitted to other
systems across geographical areas. Thus data transmission is the movement of information using
some standard methods. These methods include electrical signals carried along a conductor,
optical signals along an optical fibers and electromagnetic areas.
The data is represented by binary digit or bit has only two values Os and 1s. Infact, anything
which computer deals with 0s and 1s.
Data communication concerns itself with the transmission (sending and receiving) of information
between two locations by means of electrical signals. The two types of electronic signals are
ANALOG and DIGITAL.
Data communication is the name given to the communication where exchange of information
takes place in the form of 0s and 1s over some kind of media such as wire or wireless. The
subject- data communication deals with the technology, tools, products and equipment to make
this happen.
The following are the basic requirements for working of a communication system:-
In data communication, four basic terms are frequently used. They are:-
a. Data- a collection of facts in raw forms that become information after processing.
b. Signals- Electric or electromagnetic encoding of data.
c. Signaling- Propagation of signals across a communication medium.
37
Strictly for Internal Circulation‐ KCL
COMMUNICATION PROTOCOLS
The computers send and receive data across communication links through data communication
software. It is this software that enables us to communicate with other systems. The data
communication software instructs computer systems and devices as to how exactly data is to be
transferred from one place to another. The procedure of data transformation in the form of
software is commonly known as protocol.
The data transmission software or protocols perform the following functions for the efficient and
error free transmission of data:-
Data is transmitted from one point to another point by means of electrical signals that may be in
digital and analog form.
In analog signal, the transmission power varies over a continuous range with respect to sound,
light and radio waves. On the other hand, a digital signal may assume only discrete set of values
within a given range. Examples are computer and computer related equipment. Analog signal is
measured in Volts and its frequency is in Hertz (Hz).
A digital signal, is a sequence of voltage represented in binary form. When digital data are to be
sent over an analog form the digital signal must be converted to analog form. So the technique by
which a digital signal is converted to analog form is known as modulation and the reverse
process, that is the conversion of analog signal to its digital form is known as demodulation. The
device, which converts digital signal into analog and reverse is known as modem.
38
Strictly for Internal Circulation‐ KCL
In synchronous mode, the saved data is transmitted block by block. Each block can contain many
characters. Synchronous transmission is well suited for remote communication between a
computer and related devices like card reader and printers.
39
Strictly for Internal Circulation‐ KCL
COMPUTER NETWORK
TYPES OF NETWORKS
There are many different types of networks. However, from an end user’s point of view there are
two basic types:-
The computers are geographically close together (that is in the same building). LAN is a
computer network that spans a relatively small area. Most LANs are confined to a single building
or group of buildings. However, one LAN can be connected to other LANs over any distance via
telephone lines and radio waves. A system of LANs connected in this way is called a Wide Area
Network (WAN).
Most LANs as shown connect workstations and personal computers. Each node (individual
computer) in a LAN has its own CPU with which it executes programs but it is also able to
access data and devices anywhere on the LAN This means that many users can share expensive
devices, such as laser printers, as well as data. Users can also the LAN to communicate with each
other, by sending e-mail or engaging in chart sessions.
There are many different types of LANs – token- ring networks, Ethernets and Arcnets being the
most common for PCs.
40
Strictly for Internal Circulation‐ KCL
LANs are capable of transmitting data at very fast rates, much faster than data can be transmitted
over a telephone line: but the distance are limited and there is also a limit on the number of
computers that can be attached to a single LAN.
The computers are further apart and are connected by telephone lines or radio waves. A WAN is
a computer network that spans a relatively large geographical area. Typically, a WAN consists of
two or more local area networks (LANs).
Computers connected to a wide area network are often connected through public networks, such
as the telephone system. They can also be connected through leased lines or satellites. The
largest WAN in existence is the Internet.
In addition to these types, the following characteristics are also used to categorize different types
of networks.
¾ TOPOLOGY
The geometric arrangement of a computer system. Common toplogies include bus, star and ring.
¾ PROTOCOL
The protocol defines a common set of rules and signals that computers on the network use to
communicate. One of the most popular protocols for LANs is called Ethernet. Another popular
LAN protocol for PCs is the IBM token ring network.
¾ ARCHITECTURE
Networks can be broadly classified as using either peer- to – peer or client/ server architecture.
Computers on network are sometimes called nodes. Computers and devices that allocate
resources for a network are called servers.
¾ NETWORK TOPOLOGIES
41
Strictly for Internal Circulation‐ KCL
¾ STAR NETWORK
The star network is frequently used to connect one or more small computers or peripheral
devices to a large host computer or CPU. Many organizations use the star network or a variation
of it in a time-sharing system in which several users are able to share a central processor.
Star network is frequently used in a LAN to connect several micro computers to a central unit
that works as a communications controller. Access and control of star network typically is
maintained by a polling system. Polling means that the central computer or communications
controller “polls” or asks each device in the network if it has a message to send and then allows
each in turn to transmit data.
¾ RING NETWORK
The ring network is a Local Area Network whose topology is a ring- can be as simple as circle or
point-to-point connections of computers at dispersed locations, with no central host computer or
communications controller. That is, all of the nodes are connected in a closed loop. Messages
travel around the ring, with each node reading those messages addressed to it. One of the
advantages of ring networks is that they can span larger distance than other types of networks,
such as bus networks because each node regenerates messages as they pass through it.
42
Strictly for Internal Circulation‐ KCL
¾ BUS NETWORK
Bus networks are similar to ring network that the ends are not connected. All
communications are carried on a common cable or bus and are available to each device on
the network.
Access and control of bus networks are typically maintained by a method called contention,
whereby if a line is unused, a terminal or device can transmit its message at will but if two or
more terminals initiate messages simultaneously, they must stop and transmit again at
different intervals.
In the last decade, many startup e-commerce companies have rapidly stolen market share from
traditional retailers and service providers, pressuring these established traditional players to
deploy their own commerce websites or to alter company strategy in retaliation. This effect is
most pronounced in travel services and consumer electronics. As traditional brick and mortar
firms continue to lose market share to e-commerce players, they will likely see continued
declines in their revenues, operating margins, and profits. It is important to note that most e-
commerce players are at a competitive advantage to retailers. They have lower operating
43
Strictly for Internal Circulation‐ KCL
expenses and better inventory management due to operating in a virtual commerce environment.
For example, Amazon.com (AMZN) has revenue per employee of nearly $850k while its retail
counterpart, Best Buy (BBY), generates revenue per employee of only $270k. Clearly, e-
commerce vendors will have the most to gain if they successfully disrupt retail customer
acquisition, disintermediate distributors/resellers, and under-price retail establishments. As a
consequence of e-commerce vendor gains, financial transaction processors and parcel shipping
companies are among ancillary vendors who will gain.
44
Strictly for Internal Circulation‐ KCL
IMPORTANT QUESTIONS
UNIT – 1
Q.4. How to determine the Regulatory Authority who will be hearing and deciding
claim petitions?
Q.5. Explain the World Wide Web? How it governs its functions?
Q.6. How to make electronic documents more secure? How to maintain its
authenticity?
Q.7. Illustrate the Fire Wall and how it functions. What it its purpose?
45
Strictly for Internal Circulation‐ KCL
UNIT -2
Since the beginning of civilization, man has always been motivated by the need to make progress
and better the existing technologies. This has led to tremendous development and progress which
has been a launching pad for further development. Internet is believed to be full of anarchy and a
system of law and regulation there it seems contradictory. However, cyber space is being
governed by a system of law called cyber law. Cyber law is a generic term which refers to all the
legal and regulatory aspects of internet.
Cyber law is a constantly evolving process as the internet grows numerous legal issue arises. As
one of the most important issue concerning cyber space today is that of cyber crime. As the
category of cyber crimes, relate to cyber crimes against the cyber terrorism is the distinct kind of
crime in this category. The growth of internet has shown that the medium of cyber space is being
used by individuals and groups to threaten the internationals governments as also to terrorize the
citizens of a country.
The crime manifest itself into terrorism when as individual cracks into a govt./military
maintained website. Since cyber crime is newly specialized field growing in cyber laws, a lot of
development has to taken place in terms of putting into place the relevant legal mechanism for
controlling and preventing cyber crime. As the internet has grown in a very rapid, arbitrary and
unplanned manner, of this unplanned nature of internet, it was felt initially that internet is a
system of anarchy and no useful purpose would be solved total lack of disorder control in trying
to do the same.
As it is also essential to introduce laws against computer crime and such other cyber laws would
help build the national information infrastructure, the laws have to take into consideration the
emergency use of electronic data inter change (EDI), Electronic commerce Electronic fund
transfer, Electronic cash, copyright and digital intellectual property rights.
46
Strictly for Internal Circulation‐ KCL
@ The legal safeguards of people rights to see what information may be held about them in
a computer data base.
@ Protection of thefts destruction or damage of software and data held in a computer
memory.
@ Eg: Govt. departments and commercial companies hold personal data in computers.
In order to provide a favourable legal environment for the commerce activities, the IT act 2000
has been enacted. It provides legal recognition for transactions carried out by means of electronic
data interchange and other means of electronic communication commonly referred of e-
commerce which involves the use of alternatives of paper based methods of communication &
storage of information.
OBJECTIVES OF ACT
APPLICATION OF ACT
This act shall not apply to negotiable instruction or power of attorney, will & codicil, documental
under immovable property, documental under immovable property such other documents or
transactions may be notified by the central Govt. is official gazette.
It states that there is an urgent need not only to computerize departments or ministers but a
central mechanism is required so that govt. can get feedback from citizen only in India. The
outdated Indian laws require a quick change. It is also essential to introduce laws require cyber
crimes and other cyber laws that would help building the national information structures.
Law plays an important role in growth of information technologies, law has to take into
consideration in emergence of EDI (Electronic data internet), e-commerce electronic fund
transfer copyright & digital IPR.
ROLE OF LAW:
47
Strictly for Internal Circulation‐ KCL
1. Where any law requires that any information or matter should be in the type written or
printed from the such requirement shall be deemed to be satisfied, if it is in an electronic
form
2. Where any law requires that information or document or other matter authenticated by
signature, such requirement shall be deemed to have been satisfied if it is authenticated
by means of digital signatures affixed in such manner as may be prescribed by rules
framed by the central govt.
3. The filing of any form application or other document creation, retention or preservation
of records issue or grant of any license or permit/receipt or payment in govt. offices and
its agencies may be done through the electronic form.
4. Where any law provides that document records or information shall be retained for any
specified period then that requirement shall be deemed to have been same as retained in
electronic form.
5. Where any law requires the publication of any rule regulation, order bye-law, notification
or any other matter should be published in the official gazette such registration shall be
satisfied if same is done in electronic forms.
In comparison to traditional print-based media, the accessibility and relative anonymity of cyber
space has torn down traditional barriers between an individual and his or her ability to publish.
Any person with an internet connection has the potential to reach an audience of millions with
little-to-no distribution costs. Yet this new form of highly accessible authorship in cyber space
raises questions and perhaps magnifies legal complexities relating to the freedom and regulation
of speech in cyberspace.
These complexities have taken many forms, three notable examples being the Jake Baker
incident, in which the limits of obscene Internet postings were at issue, the controversial
distribution of the DeCSS code, and Gutnick v Dow Jones, in which libel laws were considered
in the context of online publishing. The last example was particularly significant because it
epitomized the complexities inherent to applying one country's laws (nation-specific by
definition) to the internet (international by nature). In 2003, Jonathan Zittrain considered this
issue in his paper, "Be Careful What You Ask For: Reconciling a Global Internet and Local
Law".
Encryption & cryptography the two modes of communication possess a threat to National
integrity.
@ The process of encryption is like sending a postal mail to another party with a code lock
on the envelope the code which is known only to the sender and the recipient
@ The field of cryptography deals with study of secret codes. Thus, while encryption is the
actual process cryptography involves the study of the same and is of wider connotation.
@ The practice of encryption and its study cryptography provides individual with means of
communication that no third party can understand unless specifically permitted by the
communicators themselves.
@ Cryptography, if used to code messages containing such vital information b/w the
individuals regarding to the state security raises security concerns.
Technology is a double edged sword on the one hand it enable to maintain privacy & freedom of
speech & expression & on the other hand the same techniques can be decipheral to the integrity
& soul of the nation.
The other cyber offences such as Hacking with computer system may cause threat to national
security. Computer hacking is the accessing of a computer system W/O the express/ implied
permission of the owner of that computer system. Through the offence of hacking the govt.
related informations on the internet or on websites of govt. May be targetted by studying their
security features and tools to gain authorized access & impair the normal functioning of a
computer or computer system. The information so received through the , illegal access to the
govt. websites may be transmitted thereby, raising security concerns.
2. U/S 69 of IT, Act 2000: The controller of certifying authority has power to encrypt or
decrypt any information from the computer if it is threat to the integrity & sovereignty of
nation.
The possessor of the information i.e. data subject has to across all information he has & in case,
he does not cooperate - he can be punished for not following the directions of controller.
ETHICS
@ In legal way and its prospectus are a very wide terms and very much intermingled. These
cannot be confined by works. Ethics and morality in different circumstances can notes
varied and complex meaning. Each and everything which is opposed to public policy.
Against public welfare and which may disturb public tranquility may be termed to be
immoral and unethical.
@ In past terms such as imperlism colonism, apartheid which were burning issues have
given way to cyber crime, hacking , cyber ethics etc.
@ Today in the present era we need to evolve “cyber jurisdiction” based on which we can
evaluate and criticize cyber ethics.
@ Many businesses have devised guidelines for the use of information technology and
computer systems may computer related professional groups have also published
guidelines for their members.
@ Most organization and school guidelines encourage all system users to act responsibility
ethically and legally when using computers and to follows accepted rules of online
etiquette as well federal & state laws.
@ The computers ethics institute is research education and policy study organization with
members from the IT professional and from academic, corporate and public policy
communities.
@ As ethics shows the guidelines as it prohibit (a) Using a computer to harm others (b)
Snooping in others people files (c) Using a computer to steal (d) Copying or using
proprietary software without paying for it.
FUNCTIONS:
The govt. has regulated various certifying authorities to run by the controller, deputy controller
and Assistant controller shall discharge functions of Central Govt:
50
Strictly for Internal Circulation‐ KCL
IMPORTANT QUESTIONS
UNIT – 2
51
Strictly for Internal Circulation‐ KCL
Q.3. Discuss the relationship between Law of contract and Cyber Space.
Q.4. How Law of Tort is influence by Cyber Crime & its Laws.
Q.5. Is there any provision for Internet Crimes and what remedial actions are being
taken to prevent them?
Q.6. How Human Rights are connected with field of cyber Law? What rights are
enumerated in the I.T. Act 2000?
Q.8. What are the various modes by which online Disputes can be resolved easily?
UNIT -3
THE INDIAN TELEGRAPH ACT, 1885
52
Strictly for Internal Circulation‐ KCL
The Indian Telegraph Act, 1885 was enacted 115 years back with the main object being "to give
power to the Government and to any company or person licensed under section 4 of the Indian
Telegraph Act, 1876, and specially empowered in this behalf, to place telegraph lines under or
over property belonging whether to private persons or to public bodies." The preamble of the
Telegraph Act says that it is an act to amend to the law relating to telegraphs in India.
DEFINITIONS - SECTION 3
(1) "telegraph" means any appliance, instrument, material or apparatus used or capable of use for
transmission or reception of signs, signals, writing, images and sounds or intelligence of any
nature by wire, visual or other electro-magnetic emissions, Radio waves or Hertzian waves,
galvanic, electric or magnetic means.
(2) "telegraph officer" means any person employed either permanently or temporarily in
connection with a telegraph established, maintained or worked by [the Central Government] or
by a person licensed under this Act;
(3) "message" means any communication sent by telegraph, or given to telegraph officer to be
sent by telegraph or to be delivered;
(4) "telegraph line" means a wire or wires used for the purpose of a telegraph, with any casing,
coating, tube or pipe enclosing the same, and any appliances and apparatus connected therewith
for the purpose of fixing or insulating the same;
(5) "post" means a post, pole, standard, stay, strut or other above ground contrivance for
carrying, suspending or supporting a telegraph line;
(6) "telegraph authority" means the Director General of [Posts and Telegraphs], and includes any
officer empowered by him to perform all or any of the functions of the telegraph authority under
this Act;
(7) "local authority" means any municipal committee, district board, body of port commissioner
or other authority legally entitled to, or entrusted by" the Central or any State Government] with,
the control, management of any municipal or local fund.
The Indian Telegraph Act, 1885 is a law in India that governs the use of telegraphy, phones,
communication, radio, telex and fax in India. It gives the Government of India exclusive
privileges of establishing, maintaining and working telegraphs. It also authorizes the government
to tap phone lines under appropriate conditions
LEGAL FRAMEWORK
53
Strictly for Internal Circulation‐ KCL
Telecommunication is an item in the Union List, implying that only central government can
make laws relating to the subject. The following are the major legislations pertaining to the
telecommunication sector:-
The Indian Telegraph Act, 1885 was the only statute that could be used to regulate modern
telephony as “telegraph” was defined as any apparatus for transmission or reception of signals,
images and sounds by wire, visual or other electric magnetic emissions.
According to the Act, the central government has the exclusive right to be an operator and a
licensing authority for establishing, maintaining and working telegraphs but it may grant licences
to establish, maintain or work a telegraph within any part of India. These licenses may be
revoked. All the initial licences were granted under this Act and this has leased to a series of
legal challenges.
The Indian Wireless Telegraphy Act 1933 provides that no person may possess wireless
telegraphy apparatus unless such person has been issued a licence under the Indian Telegraph
Act, 1885. Any person in possession of a wireless transmitter in contravention of the provisions
of the Indian Telegraph Act will be liable with fine and / or imprisonment. The central
government has the authority to make rules for the purpose of carrying into effect the provisions
of the Act.
The Telecommunications Regulatory Authority of India Act 1997 provided for the establishment
of the Telecommunications Regulatory Authority of India. The powers under Section 11 (1) (d)
which empowered the TRAI to frame regulations, was interpreted in January 2000 by the High
Court of New Delhi. The High Court held that the TRAI was merely a recommendatory body
and struck down the Telecommunications Regulatory Authority’s regulations specifically higher
charges payable by fixed telephone subscribers and revenue sharing arrangements.
The National Telecommunications Policy 1999 defines the role of the Telecommunications
Regulatory Authority as strong and independent regulator with comprehensive powers and clear
authority to effectively evolve and implement a regulatory framework and adequate safeguards
to ensure fair competition and protection of consumer interests.
The government is not bound to follow the recommendations of the TRAI in the following
areas:-
54
Strictly for Internal Circulation‐ KCL
1. Within India, the Central Government shall have the exclusive privilege of establishing,
maintaining and working telegraphs: Provided that the Central Government may grant a
licence, on such conditions and in consideration of such payments as it thinks fit, to any
person to establish, maintain or work a telegraph within any part of India:
Provided further that the Central Government may, by rules invade under this Act and
published in the Official Gazette, permit, subject to such restrictions and conditions as it
thinks fit, the establishment, maintenance and working:
(a) of wireless telegraphs on ships within Indian territorial waters and on aircraft within
or above India, or Indian territorial waters, and (b) of telegraphs other than wireless
telegraphs within any part of India.
2. The Central Government may, by notification in the Official Gazette, delegate to the
telegraph authority all or any of its powers under the first proviso to sub-section (1). The
exercise by the telegraph authority of any power so delegated shall be subject to such
restrictions and conditions as the Central Government may, by the notification, think fit
to impose.
SECTION 5- Power for Government to take possession of licensed telegraphs and to order
interception of messages:
On the occurrence of any public emergency, or in the interest of the public safety, the Central
Government or a State Government, or any officer specially authorised in this behalf by the
Central Government or a State Government, may, if satisfied that it is necessary or expedient so
to do,
¾ Take temporary possession (for so long as the public emergency exists or the interest of
the public safety requires the taking of such action) of any telegraph establishes,
maintained or worked by any person licensed under this Act.
55
Strictly for Internal Circulation‐ KCL
Any Railway Company, on being required so to do by the Central Government, shall permit the
Government to establish and maintain a telegraph upon any part of the land of the Company, and
shall give every reasonable facility for working the same.
(1) The Central Government may, from time to time, by order, notify the rates at which, and the
other conditions and restrictions subject to which messages shall be transmitted to any country
outside India. (2) In notifying the rates under sub-section (l), the Central Government shall have
due regard to all or any of the following factors, namely:-
i. the rates for the time being in force, for transmission of messages, in countries outside
India;
ii. the foreign exchange rates for the time being in force;
iii. the rates for the time being in force for transmission of messages within India;
iv. such other relevant reactors as the Central Government may think fit in the circumstances
of the case.
(1) The Central Government may, from time to time, by notification in the Official Gazette,
make rules consistent with this Act for the conduct of all or any telegraphs, established,
maintained or worked by the Government or by persons licensed under this Act.
(2) Rules under this section may provide for all or any of the following among other matters, that
is to say:
(a) the rates at which, a lid the other conditions and restrictions subject to which,
messages shall he transmitted [within India];
56
Strictly for Internal Circulation‐ KCL
(b) the precautions to be taken for preventing the improper interception or disclosure of
messages-,
(c) the period for which, and the conditions subject to which, telegrams and other
documents belonging to, or being in the custody of, telegraph officers shall be preserved;
(d) the fees to be charged for searching for telegrams or other documents in the custody
of any telegraph officer;
(e) the conditions and restrictions subject to which any telegraph line, appliance or
apparatus for telegraphic communication shall he established, maintained, worked,
repaired, transferred, shifted, withdrawn or disconnected;]
(ee) the charges in respect of any application for providing any telegraph line, appliance
or apparatus;
(f) the charges in respect of- (i) the establishment, maintenance, working, repair, transfer
or shifting of any telegraph line, appliance or apparatus; (ii) the services of operators
operating such line, appliances or apparatus;
(g) the matters in connection with the transition from a system whereunder rights and
obligations relating to the establishment, maintenance, working, repair, transfer or
shifting of any telegraph line, appliance or apparatus for telegraphic communication
attach by virtue of any agreement to a system wherunder such rights and obligations
attach by virtue of rules made under this section;
(h) the time at which, the manner in which, the conditions under which and the persons
by whom the rates, charges and fees mentioned in this sub-section shall be paid and the
furnishing of security for the payment of such rates, charges and fees;
(i) the payment of compensation to the Central Government for any loss incurred in
connection with the provision of any telegraph line, appliance or apparatus for the benefit
of any person-
(a) where the line, appliance or apparatus is, after it has been connected for use,
given up by that person before the expiration of the period fixed by these rules, or
(b) where the work done for the purpose of providing the line, appliance, or
apparatus is, before it is connected for use, rendered abortive by some act or
omission on the part of that person;
(j) the principles according to which and the authority by whom the compensation
referred to in clause (i) shall be assessed;
(jj) the qualifications to be possessed and the examinations, if any, to be passed by the
persons employed for the establishment, maintenance or working of any telegraph and
the fees to be charged for admission to such examinations; and
57
Strictly for Internal Circulation‐ KCL
(k) any other matter for which provision is necessary for the proper and efficient conduct
of all or any telegraphs under this Act.
(3) When making rules for the conductor any telegraph established, maintained or worked by any
person licensed under this Act, the Central Government may by the rules prescribe fines for any
breach of the same:
Provided that the fines so prescribed shall not exceed the following limits, namely:-
(i) when the person licensed under this Act is punishable for the breach, one thousand
rupees, and in the case of a continuing breach a further fine of two hundred rupees for
every day after the first during the whole or any part of which the breach continues;
(ii) when a servant of the person so licensed, or any other person, is punishable for the
breach, one-fourth of the amounts specified in clause (i).
(4) Nothing in this section or in any rules made hereunder shall be construed as-
(a) precluding the Central Government from entering into all agreement with a person for
the establishment, maintenance and working by that Government on terms and conditions
specified in the agreement, of any telegraph line, appliance or apparatus for the purpose
of affording means of telegraphic communication, where having regard to the number of
the lines, appliance or apparatus required by that person for telegraphic communication, it
is necessary or expedient to enter into such agreement with him, or
(b) subjecting the Central Government to any obligation to provide any telegraph line,
appliance or apparatus for the purpose of affording means of telegraphic communication.
(5) Every rule made under this section shall he laid as soon as may be after it is made before each
House of Parliament while it is in session for a total period of thirty days which may be
comprised in one session or in two or three successive sessions, and if, before the expiry of the
session immediately following the session or the successive sessions aforesaid, both Houses
agree in making any modification in the rule, or both the Houses agree that the rule should not be
made, the rule shall thereafter have effect only in such modified form or be of no effect, as the
case may be; so however, that any such modification or annulment shall be without prejudice to
the validity of anything previously done under that rule.
SECTION- 7B. Arbitration of disputes: 1) Except as otherwise expressly provided in this Act,
if any dispute concerning any telegraph line, appliance or apparatus arises between the telegraph
authority and the person for whose benefit the line, appliance or apparatus is, or has been,
provided, the dispute shall be determined by arbitration and shall, for the purposes of such
determination, be referred to an arbitrator appointed by the Central Government either specially
for the determination of that dispute of generally for the determination of disputes under this
section.
58
Strictly for Internal Circulation‐ KCL
(2) The award of the arbitrator appointed under sub-section (1) shall be conclusive between the
parties to the dispute and shall not be questioned in any Court.
SECTION- 8. Revocation of licences: The Central Government may, at any time, revoke any
license granted under section 4, on the breach of any of the conditions therein contained, or in
default of payment of any consideration payable there under.
SECTION- 9. Government not responsible for loss or damage: The Government shall not be
responsible for any loss or damage which may occur in consequence of any telegraph officer
failing in his duty with respect to the receipt, transmission or delivery of any message; and no
such officer shall be responsible for any such loss or damage, unless he causes the same
negligently, maliciously or fraudulently.
59
Strictly for Internal Circulation‐ KCL
PENALTIES
SECTION 20. Establishing, maintaining or working unauthorized telegraph: (1) If any
person establishes, maintains or works a telegraph within India in contravention of the provisions
of section 4 or otherwise than as permitted by rules made under that section, he shall be
punished, if the telegraph is a wireless telegraph, with imprisonment which may extend to three
years, or with fine, or with both, and, in any other case, with a fine which may extend to one
thousand rupees.
(2) Notwithstanding anything contained in the Code of Criminal Procedure, 1898 (5 of 1898),
offences under this section in respect of a wireless telegraph shall, for the purposes of the said
Code, he bailable and non-cognizable.
(3) When any person is convicted of all offence punishable under this section, the court before
which he is convicted may direct that the telegraph in respect of which the offence has been
committed, or any part of such telegraph, be forfeited to Government.
SECTION 20A. Breach of condition of license: If the holder of a license granted under section
4 contravenes any condition contained in his license, he shall be punished with fine which may
extend to one thousand rupees, and with a further fine which may extend to five hundred rupees
for every week during which the breach of the condition continues.
SECTION 21. Using un-authorized telegraphs: lf any person, knowing or having reason to
believe that a telegraph has been established or is maintained or worked in contravention of this
Act, transmits or receives any ,message by such telegraph, or performs any service incidental
thereto, or delivers any message for transmission by such telegraph or accepts delivery of any
message sent thereby, he shall be punished with fine which may extend to fifty rupees.
lf any person- (a) without permission of competent authority, enters the signal-room of a
telegraph office of the Government, or of a person licensed under this Act, or (b) enters a fenced
enclosure round such a telegraph office in contravention of any rule or notice not to do so, or (c)
refuses to quit such room or enclosure on being requested to do so by any officer or servant
employed therein, or (d) wilfully obstructs or impedes any such officer or servant in the
performance of his duty, he shall be punished with fine which may extend to five hundred
rupees.
60
Strictly for Internal Circulation‐ KCL
If any person does any of the acts mentioned in section 23 with the intention of unlawfully
learning the contents of any message, or of committing any offence punishable under this act, he
may (in addition to the fine with which he is punishable under section 23) be punished with
imprisonment for a term which may extend to one year.
If any person, intending- (a) to prevent or obstruct, the transmission or delivery of any message,
or (b) to intercept or to acquaint himself with the contents of any message, or (c) to commit
mischief, damages, removes, tampers with or touches any battery, machinery, telegraph lines,
post or other thing whatever, being part of or used in or about any telegraph be punished with
imprisonment for a term which may extend to three months, or with fine which may extend to
one hundred rupees, or with both.
If any person, without due authority,- (a) makes or issues any document of a nature reasonably
calculated to cause it to be believed that the document has been issued by, or under the authority
of, the Director-General of Posts and Telegraphs, or (b) makes on any document any mark in
imitation of, or similar to, or purporting to be, any stamp or mark of any telegraph office under
the Director-General of Posts and Telegraphs, or a mark of a nature reasonably calculated to
cause it to be believed that the document so marked has been issued, by or under the authority of,
the Director-General of Posts and Telegraphs, he shall he punished with fine which may extend
to fifty rupees.
SECTION 30- Retaining a message delivered by mistake: If any person fraudulently retains,
or wilfully secrets, makes away with or detains a message which ought to have been delivered to
some other person, or, being required by a telegraph officer to deliver up any such message,
neglects or refuses to do so, he shall be punished with imprisonment for a terms which may
extend to two years, or with fine, or with both.
A telegraph officer shall be deemed a public servant within the meaning of sections 161, 162,
163, 164 and 165 of the Indian Penal Code, 1860 (45 of 1860); and in the definition of "legal
remuneration" contained in the said section 161, the word "Government", shall, for the purposes
of this Act, be deemed to include a person licensed under this Act. 32. Attempts to commit
offences: Whoever attempts to commit any offence punishable under this Act shall he punished
with the punishment herein provided for the offence.
61
Strictly for Internal Circulation‐ KCL
ON TELEPHONE MATTERS
Telecommunications service becomes essential for day-to-day activities of the people. The
number of users of this service is on the increase now-a-days. The grievances experienced by the
consumers are also not less. Indian Telegraph Act, 1885 provides a dispute mechanism for the
consumers.
Provides arbitration for settlement of disputes. The said section provides that except as otherwise
expressly provided in the Act, if any dispute concerning any telegraph line, appliance arises
between the telegraph authority and the person or whose benefit the line, appliance or apparatus
is, or has been provided, the dispute shall be determined by arbitration and shall, for the purpose
of such determination, be referred to an arbitrator appointed by the Central Government either
specifically for the determination of the dispute or generally for the determination of disputes
under this section. The award of the arbitrator appointed shall be conclusive between the parties
to the dispute and shall not be questioned in any court. The term ‘telegraph authority’ means the
service provider.
The Consumer Protection Act, 1986 provides relief to consumers where there is deficiency in
service provided by the service provider. Sec. 3 of the Consumer Protection Act, 1986
provides that the provisions of the said Act are in addition to the existing laws and not in
derogation of the provisions of the existing laws. Accordingly the Consumer Protection Act is
not having an overriding effect of the provisions of Indian Telegraph Act.
But in many cases the State Commissions, National Commission held that Consumer Forum is
having jurisdiction to entertain complaints on telecom. Matters despite the provisions contained
in Sec. 7-B of Indian Telegraph Act. The High Court, Kerala in ‘General Manager, Telecom V.
M. Krishenan’ – AIR 2000 Kerala 250 held that section 7-B of the Indian Telegraphs Act does
not oust the jurisdiction of Consumer Commission or for a vis-à-vis cases pertaining to telephone
appliances, apparatus or services. Remedy given under section 3 of the Consumer Protection Act
is additional remedy which is not in derogation of the other acts. In ‘Secretary, Thirumurugan
Co-operative Agricultural Society V. M. Lalitha’ – 2004 (1) Supreme 326 the Supreme Court
held that the plea of ousting the jurisdiction of courts/tribunals as per the mandates of section 90
of the Co-operative Societies Act was negative so far as the operation of Consumer Protection
Act was concerned. The Supreme Court further held that having due regard to the scheme of the
Act and purpose to be achieved to protect the interest of the consumers better, the provisions are
to be interpreted broadly, positively and purposefully in the context of the present case to give
meaning to additional extended jurisdiction, particularly when sectkion3 seeks to provide remedy
under the Act in addition to other remedies provided under other acts unless there is clear bar.
In ‘M.A. Suherwardy V. District Manager, Telecom District and another’ -2009 (4) CPR 58
the State Commission, Jammu & Kashmir held that the Telegraph Act was enacted 100 years ago
when the Consumer Protection act was not enacted. Parliament at the time of enacting the Act
knew that there are special acts like Telegraph Act, Cooperative Societies Act, Advocates Act,
Arbitration Act, Contract Act, etc., but did not create any bar in section 3 of the Act. In view of
62
Strictly for Internal Circulation‐ KCL
this matter, now the choice is with the consumer either to come under section 3 of the Act or
section 7-B of the Telegraph Act. However the court further held that the Court did not lose the
sight of the fact that excessive billing cannot be determined in the absence of expert opinion but
adverting to the facts of the present case, the Court found that the alleged excessive billing has
been made in a casual and cavalry manner by violating the rules and procedure of the Telecom
Department.
But the Supreme Court decided differently. In ‘General Manager, Telecom. V. M. Krishnan
and another’ in Civil Appeal No. 7687 of 2004 decided on 1st September, 2009 BSNL filed
appeal against the full bench judgment dated 14.02.2003 of the High Court of Kerala at
Ernakulam whereby the Writ Appeal filed by the appellant has been dismissed. The dispute in
this case was regarding non payment of telephone bill for the telephone connection provided to
the respondent No. 1 and for the said non payment of the bill the telephone was disconnected.
The subscribed aggrieved against the disconnection filed a complaint before the District
Consumer Forum, Kozhikode which allowed the complaint and directed the appellant to
reconnect the telephone and pay compensation of Rs.5,000/- with interest @ 12% per annum
from the date of filing the complaint.
Against this the appellant filed a writ petition before the High Court of Kerala challenging the
jurisdiction of the consumer forum. The said writ petition was dismissed by the single Judge of
the High Court. The appellant field a writ appeal before the Division Bench of the High Court
which felt that the matter required consideration by a larger bench and the matter was placed
before the Full Bench. The Full Bench of the High Court has dismissed the writ appeal.
The Supreme Court held that in their opinion that there is a special remedy provision in Section
7-B of the Indian Telegraph Act regarding disputes in respect of telephone bills, then the
remedy under the Consumer Protection Act is by implication barred. Rule 413 of the Telegraph
Rules provide that all services relating to telephone are subject to Telegraph Rules. A telephone
connection can be disconnected by the Telegraph Authority for default of payment under Rule
443 of the Rules. It is well settled that the special law overrides the general law. Hence in the
opinion of the Supreme Court the High Court was not correct in approach. The Supreme Court
agreed with the view taken by the National Commission in ‘Chairman, Thiruvalluvar
Transport Corporation V. Consumer Protection Council’ (1995) 2 SCC 479 that the
National Commission has no jurisdiction to adjudicate upon claims for compensation arising out
of the motor vehicles accidents. The Supreme Court allowed the appeal. Thus the Consumer
Forum is having no jurisdiction over the telephone services rendered to the consumers.
TELECOM REGULATORY
AUTHORITY OF INDIA ACT, 1999
INTRODUCTION
63
Strictly for Internal Circulation‐ KCL
The Telecom Regulatory Authority of India or TRAI (established 1997) is the independent
regulator established by the Government of India to regulate the telecommunications business in
India.
The Telecom Sector in India has, over the last few years witnessed a significant growth and the
number of subscribers are very large. Increasingly, the subscriber base is also extending to the
rural areas. There is also intense competition amongst service providers with the objective of
improving their subscriber base.
From time to time, the Telecom Regulatory Authority of India has been issuing various
regulations and orders to protect the interests of the consumers of telecom services. It is
important that consumers are aware of these so that their rights and privileges can be effectively
safeguarded.
HISTORY
The Telecom Regulatory Authority of India (TRAI) was established in 1997 through an Act of
Parliament, viz, The Telecom Regulatory Authority of India Act, 1997.
The mission of Telecom Regulatory Authority of India (TRAI) is to ensure that the interests of
consumers are protected and at the same time to nurture conditions for growth of
telecommunications, broadcasting and cable services in a manner and at a pace which will enable
India to play a leading role in the emerging global information society.
For achieving these objectives, the Authority issues from time to time regulations, directions,
orders or guidelines with the focus on:
TRAI gives highest importance for consumer protection as it is embodied in the preamble to
the Act, reproduced below:-
“An Act to provide for the establishment of the Telecom Regulatory Authority of India and the
Telecom Disputes Settlement and Appellate Tribunal to regulate the telecommunication services,
adjudicate disputes, dispose of appeals and to protect the interests of service providers and
64
Strictly for Internal Circulation‐ KCL
consumers of telecom sector to promote and ensure orderly growth of the telecom sector and for
matters connected therewith or incidental thereto.”
The framework for consumer protection, mandated as one of the functions of TRAI under the
TRAI Act, is as under:-
“Lay down the standards of quality of service to be provided by the service providers and ensure
the quality of service and conduct the periodical survey of such service provided by the service
providers so as to protect interest of the consumers of telecommunication service”.
¾ CONSTITUTION
TRAI consists of a chairperson, 2 whole time members, and 2 part time members. The
chairperson of Telecommunication Regulatory Authority of India is Sh. Nripendra Misra, the
whole time members are Sh. A. K. Sawheny and Sh. R. N. Prabhakar, and the part time members
are Dr. Rajiv Kumar and Prof. N. Balakrishnan.
¾ FUNCTIONS OF TRAI
ENSURING
65
Strictly for Internal Circulation‐ KCL
a. By order notify in the official gazette the rates at which the telecommunication service
within India and outside India shall be provided including the rates at which messages
will be transmitted to any country outside India.
b. Regulate arrangements among service providers for sharing their revenue derived from
providing telecommunication services.
c. Levy fees and other charges at such rates and in respect of such services as may be
determined by regulations.
¾ OTHER FUNCTIONS
a. Lay down the time period for providing local and long distance circuits for
telecommunication different service providers.
b.
c. Monitor the quality of service and conduct periodical survey of such services.
d. Inspect the equipment used in the network and recommend the type of equipment to be
used by the service providers.
e. Maintain Register of Interconnect Agreement and of all such other matters as may be
provided in the regulations
f. Protect the interest of consumers of telecommunication service.
g. Facilitate competition & promote efficiency in the operation of telecommunication
services so as to facilitate growth in such services.
h. Perform such other functions including such administrative and financial functions as
may be entrusted to it by the Central Govt. or as may be necessary.
a. Frame Regulations
b. Levy Fees
c. Fix Tariffs
d. Call for Information
e. Institute Enquiries
f. Sanction prosecution for disobedience.
¾ INDEPENDENT REGULATOR
TRAI's role as an independent and effective regulator has been ensured through the following
provisions in the TRAI Act:-
66
Strictly for Internal Circulation‐ KCL
(a) Chairperson and Members of the Authority are to be appointed by the Central Government
after satisfying that the persons to be appointed do not have any financial or other interest as is
likely to affect prejudicially their functions as members of the Authority.
(c) Terms and conditions of appointment of Members once fixed cannot be changed to their
disadvantage.
(d) Members are barred from holding any office under State/ Central Governments for life.
Commercial employment cannot be taken up for two years after demitting office. Scope of
commercial employment includes consultancy work in any sector.
(e) The Central Government may remove from office any member on grounds of -
-- Insolvency
-- Incapacity
-- In case of conflict of interest and abuse of powers, removal will be possible only after
an enquiry by the Supreme Court of India.
Govt. has the Authority to issue directives, but only after consultation with the Authority.
a. Transparency in working
All decisions/ orders to be published and included in the Annual Report to be placed before the
Parliament. Decision - making to be transparent.
b. Source of Funding
Financial requirements to be met from grants sanctioned after due appropriation by Parliament.
The Authority can generate additional resource by levying fees etc.
c. Working/ Implementation
67
Strictly for Internal Circulation‐ KCL
(b) non-separation of the policy making and service provision functions of the
Government, giving rise to a conflict of interest in these roles.
This gave rise to Litigation by the Government on the jurisdiction of TRAI in the matter of its -
recommendatory and dispute settlement powers. Presently at the stage of second appeal in the
Delhi High Court.
Telecom services & segments in which liberalization has been undertaken so far in this sector
are, from all accounts, crisis ridden - mobile cellular sector, basic services sector, paging
services. Other value-added services such as E-mail etc which were liberalized earlier have fared
no better.
There is an emerging consensus that the genesis of this crisis is the abnormally high licence fees
by the successful bidders.
That is only a part of the story. The whole licensing policy, including in particular the terms and
conditions of licenses, the institutional arrangement for implementation and enforcement of
licensing conditions and response time to the problems of the new entrants are also responsible
for the present state of affairs.
Options to resolve the crisis - hold the existing licensees to their commitments by revoking their
licences for non-performance of their obligations under licences including in particular payment
of licence fee, and start afresh on a new basis.
An excellent option provided a quick and clean exit of the existing licensees is possible, but
given the existing structure of the licences, their one-sided -nature and laches on the part of the
licensor in regard to the provision of resource etc the prospects of prolonged legal battles cannot
be ruled out.
TELECOMMUNICATION REGULATIONS
There is no provision in the TRAI Act for redressal of individual consumer complaints by the
Authority. As per the TRAI Act, individual complaints are maintainable before the consumer
disputes redressal fora/ commissions established under Consumer Protection Act 1986. Taking
cognizance of the fact that going to a dispute redressal forum or commission is time consuming
and also costly compared to the telecom issues at stake, the Authority through the Telecom
Consumers Protection and Redressal of Grievances Regulation 2007 has sought to establish an
institutional mechanisms for resolution of consumers’ grievances, within the company at the
level of Call Centre, Nodal Officer and Appellate Authority.
68
Strictly for Internal Circulation‐ KCL
FEATURES
¾ The first level for the consumers to register their complaint is the Call Centre.
¾ Consumers can contact the Call Centre of service provider on toll free numbers.
¾ The call centre has to communicate the docket number of the complaint to the
consumer after registration.
¾ Complaints pertaining to fault repair, service disruption and disconnection of
service have to be attended within a maximum period of 3 days.
¾ Other complaints to be attended by the Call Centre within a maximum period of
7 days, subject to time limits laid down in Regulations on Quality of Service.
¾ The call centre has to intimate the action taken on the complaint and also the
contact details of the Nodal Officer (including his name, telephone no. and
address) to the customer.
¾ In case, the consumer is not satisfied with the redressal of the grievance at the
Call Centre level or in case the Call Centre does not attend to the complaint
within the prescribed time limit, he can approach the Nodal Officer for redressal
of his grievance.
¾ All grievances received by the Nodal Officer with respect to fault repair, service
disruption and disconnection of service to be got redressed within a maximum
period of 3 days.
¾ Other grievances to be redressed by the Nodal Officer within a maximum period
of 10 days of the registration of the grievance.
¾ Nodal Officers to communicate within three days from date of the receipt of the
complaint, the unique complaint number to the consumer.
¾ Intimate the consumer about the resolution or decision thereon within the time
limit specified.
¾ In case the consumer is still not satisfied with the redressal of his grievance by the
Nodal Officer within the time limit specified or no reply is received regarding
resolution of the complaint from Nodal Officer, he can appeal to the appellate
authority of the service provider for redressal of his grievance.
¾ Appellate Authority to decide every appeal within 3 months.
¾ The service provider has to publish a manual of practice for handing consumer
complaints containing the terms and conditions of service, details of call centre,
Nodal Officer and Appellate Authority including time limits for redressal of
69
Strictly for Internal Circulation‐ KCL
grievances and other authority including time limits for redressal of grievances
and other information which is affects the consumers and provide the same to
each consumer at the time of his subscription to the service.
Under the TRAI Act, the authority responsible to settle disputes between a service provider and
a group of consumers is the “ Telecom Disputes Settlement and Appellate Tribunal” (TDSAT)
set up by the Central Government.
The Central Government shall by notification establish an Appellate Tribunal to be known as the
“ Telecom Disputes Settlement and Appellate Tribunal” (TDSAT) to-
2. Hear and dispose of appeal against any direction, decision or order of the
authority under this Act.
The various powers and functions of Telecommunication Regulatory Authority of India are that
the authority promotes efficiency and encourage competition in the telecommunication operation
services in order to encourage growth in the services, in the telecommunication services protect
the consumers interest, and lay down the period of time for providing long distance and local
telecommunication circuits between various different service providers. Also the various powers
and functions of TRAI (Telecommunication Regulatory Authority of India) are make an
inspection of the various equipments that are being used in the network, recommend the kind of
equipments that the service providers must use, monitor the service quality, and also conduct
survey periodically of the service that is being provided by the service providers.
70
Strictly for Internal Circulation‐ KCL
TRAI (Telecommunication Regulatory Authority of India) has been set up by the government of
India in order to ensure the growth of the telecommunications sector in the country. The
Telecommunication Regulatory Authority of India thus should make all efforts to encourage the
growth of the telecommunications sector in the country for this will ensure that the country will
play an important role in the emerging world information society.
IMPORTANT QUESTIONS
UNIT – 3
Q.1. What are the privileges and powers of the Government under Indian Telegraph
Act, 1885?
Q.2. Explain Section- 9 Why Government is not responsible for loss or damage ?
Q.4. What is the aim of Telecom Regulatory Authority of India Act, 1999
Q.7. How disputes are settled of TRAI? Is there any telecom regulatory body?
Q.8. Highlight the main essence of TRAI and its regulatory body.
UNIT -4
THE INFORMATION TECHNOLOGY
ACT, 2000
INTRODUCTION
An Act to provide legal recognition for transactions carried out by means of electronic data
interchange and other means of electronic communication, commonly referred to as "electronic
commerce", which involve the use of alternatives to paper-based methods of communication and
storage of information, to facilitate electronic filing of documents with the Government agencies
and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books
Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected
therewith or incidental thereto.
72
Strictly for Internal Circulation‐ KCL
Whereas the General Assembly of the United Nations by resolution A/RES/51/162, dated the
30th January, 1997 has adopted the Model Law on Electronic Commerce adopted by the United
Nations Commission on International Trade Law; and whereas the said resolution recommends
inter alia that all States give favourable consideration to the said Model Law when they enact or
revise their laws, in view of the need for uniformity of the law applicable to alternatives to paper-
cased methods of communication and storage of information; and whereas it is considered
necessary to give effect to the said resolution and to promote efficient delivery of Government
services by means of reliable electronic records. be it enacted by Parliament in the Fifty-first
Year of the Republic of India.
In the 2008 version of the Act, there are 124 sections (excluding 5 sections that have been
omitted from the earlier version) and 14 chapters. Schedule I and II have been replaced.
Schedules III and IV are deleted.
The Information Technology Act, 2000 also aims to provide for the legal framework so that legal
sanctity is accorded to all electronic records and other activities carried out by electronic means.
The Act states that unless otherwise agreed, an acceptance of contract may be expressed by
electronic means of communication and the same shall have legal validity and enforceability.
Chapter-II of the Act specifically stipulates that any subscriber may authenticate an electronic
record by affixing his digital signature. It further states that any person can verify an electronic
record by use of a public key of the subscriber.
Chapter-III of the Act details about Electronic Governance and provides inter alia amongst
others that where any law provides that information or any other matter shall be in writing or in
the typewritten or printed form, then, notwithstanding anything contained in such law, such
requirement shall be deemed to have been satisfied if such information or matter is -rendered or
made available in an electronic form; and accessible so as to be usable for a subsequent
reference. The said chapter also details the legal recognition of Digital Signatures.
Chapter-IV of the said Act gives a scheme for Regulation of Certifying Authorities. The Act
envisages a Controller of Certifying Authorities who shall perform the function of exercising
supervision over the activities of the Certifying Authorities as also laying down standards and
conditions governing the Certifying Authorities as also specifying the various forms and content
of Digital Signature Certificates. The Act recognizes the need for recognizing foreign Certifying
Authorities and it further details the various provisions for the issue of license to issue Digital
Signature Certificates.
73
Strictly for Internal Circulation‐ KCL
Chapter-VII of the Act details about the scheme of things relating to Digital Signature
Certificates. The duties of subscribers are also enshrined in the said Act.
Chapter-IX of the said Act talks about penalties and adjudication for various offences. The
penalties for damage to computer, computer systems etc. has been fixed as damages by way of
compensation not exceeding Rs. 1,00,00,000 to affected persons. The Act talks of appointment
of any officers not below the rank of a Director to the Government of India or an equivalent
officer of state government as an Adjudicating Officer who shall adjudicate whether any person
has made a contravention of any of the provisions of the said Act or rules framed there under.
The said Adjudicating Officer has been given the powers of a Civil Court.
Chapter-X of the Act talks of the establishment of the Cyber Regulations Appellate Tribunal,
which shall be an appellate body where appeals against the orders passed by the Adjudicating
Officers, shall be preferred.
Chapter-XI of the Act talks about various offences and the said offences shall be investigated
only by a Police Officer not below the rank of the Deputy Superintendent of Police. These
offences include tampering with computer source documents, publishing of information, which
is obscene in electronic form, and hacking.
The Act also provides for the constitution of the Cyber Regulations Advisory Committee,
which shall advice the government as regards any rules, or for any other purpose connected with
the said act. The said Act also proposes to amend the Indian Penal Code, 1860, the Indian
Evidence Act, 1872, The Bankers' Books Evidence Act, 1891, The Reserve Bank of India Act,
1934 to make them in tune with the provisions of the IT Act.
In view of the growth in transactions and communications carried out through electronic records,
the Act seeks to empower government departments to accept filing, creating and retention of
official documents in the digital format. The Act has also proposed a legal framework for the
authentication and origin of electronic records / communications through digital signature.
From the perspective of e-commerce in India, the IT Act 2000 and its provisions contain many
positive aspects. Firstly, the implications of these provisions for the e-businesses would be that
email would now be a valid and legal form of communication in our country that can be duly
produced and approved in a court of law.
74
Strictly for Internal Circulation‐ KCL
ITA 2008 (Information Technology Amendment Act 2008) as the new version of Information
Technology Act 2000 is often referred has provided additional focus on Information Security. It
has added several new sections on offences including Cyber Terrorism and Data Protection.
SCOPE OR
Cyber laws are meant to set the definite pattern, some rules and guidelines that defined certain
business activities going on through internet legal and certain illegal and hence punishable. The
IT Act 2000, the cyber law of India, gives the legal framework so that information is not denied
legal effect, validity or enforceability, solely on the ground that it is in the form of electronic
records.
One cannot regard government as complete failure in shielding numerous e-commerce activities
on the firm basis of which this industry has got to its skies, but then the law cannot be regarded
as free from ambiguities.
MMS porn case in which the CEO of bazee.com (an Ebay Company) was arrested for allegedly
selling the MMS clips involving school children on its website is the most apt example in this
reference. Other cases where the law becomes hazy in its stand includes the case where the
newspaper Mid-Daily published the pictures of the Indian actor kissing her boyfriend at the
Bombay nightspot and the arrest of Krishan Kumar for illegally using the internet account of
Col. (Retd.) J.S. Bajwa.
The IT Act 2000 attempts to change outdated laws and provides ways to deal with cyber crimes.
75
Strictly for Internal Circulation‐ KCL
1. The E-commerce industry carries out its business via transactions and communications done
through electronic records. It thus becomes essential that such transactions be made legal.
Keeping this point in the consideration, the IT Act 2000 empowers the government
departments to accept filing, creating and retention of official documents in the digital
format. The Act also puts forward the proposal for setting up the legal framework essential
for the authentication and origin of electronic records / communications through digital
signature.
2. The Act legalizes the e-mail and gives it the status of being valid form of carrying out
communication in India. This implies that e-mails can be duly produced and approved in a
court of law, thus can be a regarded as substantial document to carry out legal proceedings.
3. The act also talks about digital signatures and digital records. These have been also awarded
the status of being legal and valid means that can form strong basis for launching litigation in
a court of law. It invites the corporate companies in the business of being Certifying
Authorities for issuing secure Digital Signatures Certificates.
4. The Act now allows Government to issue notification on the web thus heralding e-
governance.
5. It eases the task of companies of the filing any form, application or document by laying down
the guidelines to be submitted at any appropriate office, authority, body or agency owned or
controlled by the government. This will help in saving costs, time and manpower for the
corporates.
6. The act also provides statutory remedy to the corporates in case the crime against the accused
for breaking into their computer systems or network and damaging and copying the data is
proven. The remedy provided by the Act is in the form of monetary damages, not exceeding
Rs. 1 crore ($200,000).
7. Also the law sets up the Territorial Jurisdiction of the Adjudicating Officers for cyber crimes
and the Cyber Regulations Appellate Tribunal.
8. The law has also laid guidelines for providing Internet Services on a license on a non-
exclusive basis.
The IT Law 2000, though appears to be self sufficient, it takes mixed stand when it comes
to many practical situations. It looses its certainty at many places like:
1. The law misses out completely the issue of Intellectual Property Rights, and makes no
provisions whatsoever for copyrighting, trade marking or patenting of electronic information
and data. The law even doesn’t talk of the rights and liabilities of domain name holders, the
first step of entering into the e-commerce.
2. The law even stays silent over the regulation of electronic payments gateway and segregates
the negotiable instruments from the applicability of the IT Act, which may have major effect
on the growth of e-commerce in India. It leads to make the banking and financial sectors
irresolute in their stands.
3. The act empowers the Deputy Superintendent of Police to look up into the investigations and
filling of charge sheet when any case related to cyber law is called. This approach is likely to
result in misuse in the context of Corporate India as companies have public offices which
would come within the ambit of "public place" under the Act. As a result, companies will not
be able to escape potential harassment at the hands of the DSP.
76
Strictly for Internal Circulation‐ KCL
4. Internet is a borderless medium; it spreads to every corner of the world where life is possible
and hence is the cyber criminal. Then how come is it possible to feel relaxed and secured
once this law is enforced in the nation??
* The IT Act is silent on filming anyone’s personal actions in public and then distributing it
electronically. It holds ISPs (Internet Service Providers) responsible for third party data and
information, unless contravention is committed without their knowledge or unless the ISP has
undertaken due diligence to prevent the contravention.
* For example, many Delhi based newspapers advertise the massage parlors; and in few cases
even show the ‘therapeutic masseurs’ hidden behind the mask, who actually are prostitutes.
Delhi Police has been successful in busting out a few such rackets but then it is not sure of the
action it can take…should it arrest the owners and editors of newspapers or wait for some new
clauses in the Act to be added up?? Even the much hyped case of the arrest of Bajaj, the CEO of
Bazee.com, was a consequence of this particular ambiguity of the law. One cannot expect an ISP
to monitor what information their subscribers are sending out, all 24 hours a day.
Cyber law is a generic term, which denotes all aspects, issues and the legal consequences on the
Internet, the World Wide Web and cyber space. India is the 12th nation in the world that has
cyber legislation apart from countries like the US, Singapore, France, Malaysia and Japan.
Section 2(1) (p) of the Information Technology Act defines the tem Digital Signature. As per
this, “Digital Signature” means authentication of any electronic record by a subscriber by means
of an electronic method or procedure in accordance with the provision of Sec.3.
SECTION 3 deals with the authentication of electronic records. This section provides the
conditions subject to which any electronic records may be authenticated by mans of affixing
Digital signature. The digital signature is treated in following two different steps:
Electronic record is converted into a message digest by using a mathematical function known as
Hash Function, which digitally freezes the electronic records and the electronic record. Any
tampering with the contents of the electronic record will immediately invalidate the digital
signature.
By digital signature the identity of the person affixing it is authenticated through the use of
Private Key which is attached to the message digest and which can be verified by any person
who has the Public key corresponding to such private key.
77
Strictly for Internal Circulation‐ KCL
Section 38 of the Act, deals with the revocation of the digital signature certificate under certain
circumstances. A certifying authority may revoke the digital signature certificate in the following
cases:
a) Where a material fact represented in the digital signature certificate is false or has been
concealed;
b) Where a requirement of the issuance of the digital signature certificate was not satisfied;
c) Where the certifying authority’s security system was compromised affecting digital
signature reliability;
d) Where the subscriber has been declared insolvent or dead
78
Strictly for Internal Circulation‐ KCL
79
Strictly for Internal Circulation‐ KCL
DIGITAL SIGNATURES
Electronic Record
1. Very easy to make copies
2. Very fast distribution
3. Easy archiving and retrieval
4. Copies are as good as original
5. Easily modifiable
6. Environmental Friendly
Because of 4 & 5 together, these lack authenticity
@ Hash value of a message when encrypted with the private key of a person is his digital
signature on that e-Document
o Digital Signature of a person therefore varies from document to document thus
ensuring authenticity of each word of that document.
o As the public key of the signer is known, anybody can verify the message and the
digital signature
@ Each individual generates his own key pair
@ [Public key known to everyone & Private key only to the owner]
@ Each individual generates his own key pair
@ [Public key known to everyone & Private key only to the owner]
@ Public Key – Used to verify the digital signature
80
Strictly for Internal Circulation‐ KCL
Encryption
Char 1 2
3 4 5 6 7 8 9
a b c
d e f g h i j
b c d
e f g h i j k
c d e
f g h i j k l
Caesar Cipher d
e
e
f
f
g h i
g
h i j
j
k
k
l
l
m
m
n
3 changes
The shift is linear and equidistributed
f
g
h
i
g
h
i
j
h
i j k
i
j k l
j
k l m
k
l mn
l
m
n
o
m
n
o
p
n
o
p
q
o
p
q
r
I agree lcdjuhh j
k
l
k
l
m
l
mn o
m
n o p
n
o p q
p
q
r
q
r
s
r
s
t
s
t
u
m n o
p q r s t u v
i+3=l n o p
q r s t u v w
o p q
r s t u v w x
Space=c [+3] p q r
s t u v w x y
q r s
t u v w x y z
r s t
u v w x y z 0
s t u
v wx y z 0 1
Key Cipher t u v
wx y z 0 1 2
u v w
x y z 0 1 2 3
k.n.gupta 62 mewam3rzjba z
0
0
1
1
2 3 4
2
3 4 5
5
6
6
7
7
8
8
9
1 2 3
4 5 6 7 8 9 .
2 3 4
5 6 7 8 9 .
k+2=m 3 4 5
6 7 8 9 . a
4 5 6
7 8 9 . a b
5 6 7
8 9. a b c
(dot)=e [+6] 6 7 9. 8 a b c d
7 8 . 9a b c d e
8 9 .a b c d e f
n=w [+9] 9 . a b c d e f g
. (Dot) a b c d e f g h
Space a b c d e f g h i
81
Strictly for Internal Circulation‐ KCL
ENCRYPTION DECRYPTION
Message 1 Encrypted Message 1
Central to the growth of e-commerce and e- 9a46894335be49f0b9cab28d755aaa9cd98571b
governance is the issue of trust in electronic 275bbb0adb405e6931e856ca3e5e569edd13528
environment. 5482
Same Key
Message 2 SYMMETRIC
The Internet knows no geographical boundaries. Encrypted Message 2
It has redefined time and space. Advances in a520eecb61a770f947ca856cd675463f1c95a9a2b
computer and telecommunication technologies 8d4e6a71f80830c87f5715f5f59334978dd7e97da
have led to the explosive growth of the Internet. 0707b48a1138d77ced56feba2b467c398683c7db
This in turn is affecting the methods of eb86b854f120606a7ae1ed934f5703672adab0d7
communication, work, study, education, be66dccde1a763c736cb9001d0731d541106f50b
interaction, leisure, health, governance, trade b7e54240c40ba780b7a553bea570b99c9ab3df13
and commerce. d75f8ccfdddeaaf3a749fd1411
Encrypted Message 2 Message 2
a520eecb61a770f947ca856cd675463f1c95 The Internet knows no geographical boundaries. It has
a9a2b8d4e6a71f80830c87f5715f5f5933497 redefined time and space. Advances in computer and
8dd7e97da0707b48a1138d77ced56feba2b4 telecommunication technologies have led to the
67c398683c7dbeb86b854f120606a7ae1ed9 explosive growth of the Internet. This in turn is
Different Keys
34f5703672adab0d7be66dccde1a763c736c affecting the methods of communication, work, study,
b9001d0731d541106f50bb7e54240c40ba7 education, interaction, leisure, health, governance,
[Keys of a pair – Public and Private]
80b7a553bea570b99c9ab3df13d75f8ccfddd trade and commerce.
ASYMMETRIC
eaaf3a749fd1411
[PKI]
82
Strictly for Internal Circulation‐ KCL
Message
Message
Sent thru’ Internet
++ Message
Message
signature ++
signature Signature
Signature
if
COMPARE
COMPARE OK
Hash
Hash Signe Signatures
M ess d
age verified
SIGN
SIGNhash
hash Hash
Hash
With
WithSender’s
Sender’s
Private
Privatekey
key
Decrypt
Decrypt
Signature
Signature
With
WithSender’s
Sender’s
Sender Receiver Public
PublicKey
Key
Certifying Authority
• Must be widely known and trusted
• Must have well defined Identification process before issuing the certificate
• Provides online access to all the certificates issued
• Provides online access to the list of certificates revoked
83
Strictly for Internal Circulation‐ KCL
84
Strictly for Internal Circulation‐ KCL
VS.
Trust Path
• Controller is the Root certifying authority responsible for regulating Certifying
Authorities (CAs)
• Controller certifies the association of CA with his public key
• Certifying Authority (CA) is the trusted authority responsible for creating or certifying
identities.
• CA certifies the association of an individual with his public key
Role of controller
Controller of Certifying Authorities as the “Root” Authority certifies the technologies,
infrastructure and practices of all the Certifying Authorities licensed to issue Digital Signature
Certificates.
85
Strictly for Internal Circulation‐ KCL
The Act has adopted the Public Key Infrastructure (PKI) for securing electronic transactions. As
per Section 2(1)(p) of the Act, a digital signature means an authentication of any electronic
record by a subscriber by means of an electronic method or procedure in accordance with the
other provisions of the Act. Thus a subscriber can authenticate an electronic record by affixing
his digital signature. A private key is used to create a digital signature whereas a public key is
used to verify the digital signature and electronic record. They both are unique for each
subscriber and together form a functioning key pair.
Section 5 provides that when any information or other matter needs to be authenticated by the
signature of a person, the same can be authenticated by means of the digital signature affixed in a
manner prescribed by the Central Government. Under Section 10, the Central Government has
powers to make rules prescribing the type of digital signature, the manner in which it shall be
affixed, the procedure to identify the person affixing the signature, the maintenance of integrity,
security and confidentiality of electronic records or payments and rules regarding any other
appropriate matters.
Once the subscriber has accepted the DSC, he shall generate the key pair by applying the
security procedure. Every subscriber is under an obligation to exercise reasonable care and
caution to retain control of the private key corresponding to the public key listed in his DSC. The
subscriber must take all precautions not to disclose the private key to any third party. If however,
the private key is compromised, he must communicate the same to the Certifying Authority (CA)
without any delay.
Writing requirements:
Section 4 of the Act states that when under any particular law, if any information is to be
provided in writing or typewritten or printed form, then notwithstanding that law, the same
information can be provided in electronic form which can also be accessed for any future
reference. This non-obstante provision will make it possible to enter into legally binding
contracts on-line!
Chapter IV of the Act explicates the manner in which electronic records are to be attributed,
acknowledged and dispatched. These provisions play a vital role while entering into agreements
electronically.
86
Strictly for Internal Circulation‐ KCL
Section 11 states that an electronic record shall be attributed to the originator as if it was sent by
him or by a person authorised on his behalf or by an information system programmed to operated
on behalf of the originator.
As per Section 12, the addressee may acknowledge the receipt of the electronic record either in a
particular manner or form as desired by the originator and in the absence of such requirement, by
communication of the acknowledgement to the addresses or by any conduct that would
sufficiently constitute acknowledgement. Normally if the originator has stated that the electronic
record will be binding only on receipt of the acknowledgement, then unless such
acknowledgement is received, the record is not binding. However, if the acknowledgement is not
received within the stipulated time period or in the absence of the time period, within a
reasonable time, the originator may notify the addressee to send the acknowledgement, failing
which the electronic record will be treated as never been sent.
Section 13 specifies that an electronic record is said to have been dispatched the moment it
leaves the computer resource of the originator and said to be received the moment it enters the
computer resource of the addressee.
According to the provisions of the Act, any forms or applications that have to be filed with the
appropriated Government office or authorities can be filed or any licence, permit or sanction can
be issued by the Government in an electronic form. Similarly, the receipt or payment of money
can also take place electronically.
Moreover, any documents or records that need to be retained for a specific period may be
retained in an electronic form provided the document or record is easily accessible in the same
format as it was generated, sent or received or in another format that accurately represents the
same information that was originally generated, sent or received. The details of the origin,
destination, date and time of the dispatch or receipt of the record must also be available in the
electronic record.
Furthermore, when any law, rule, regulation or byelaw has to be published in the Official Gazette
of the Government, the same can be published in electronic form. If the same are published in
printed and electronic form, the date of such publication will be the date on which it is first
published.
However, the above mentioned provisions do not give a right to anybody to compel any Ministry
or Department of the Government to use electronic means to accept, issue, create, retain and
preserve any document or execute any monetary transaction. Nevertheless, if these electronic
methods are utilised, the Government will definitely save a lot of money on paper!
A CA is a person who has been granted a license to issue digital signature certificates. These
CAs are to be supervised by the Controller of CAs appointed by the Central Government. Deputy
87
Strictly for Internal Circulation‐ KCL
or Assistant Controllers may also assist the Controller. The Controller will normally regulate and
monitor the activities of the CAs and lay down the procedure of their conduct.
The Controller has the power to grant and renew licenses to applicants to issue DSCs and at the
same time has the power to even suspend such a license if the terms of the license or the
provisions of the Act are breached. The CAs have to follow certain prescribed rules and
procedures and must comply with the provisions of the Act.
As per Section 35, any interested person shall make an application to the CA for a DSC. The
application shall be accompanied by filing fees not exceeding Rs. 25,000 and a certification
practice statement or in the absence of such statement, any other statement containing such
particulars as may be prescribed by the regulations. After scrutinising the application, the CA
may either grant the DSC or reject the application furnishing reasons in writing for the same.
While issuing the DSC, the CA must inter alia, ensure that the applicant holds a private key
which is capable of creating a digital signature and corresponds to the public key to be listed on
the DSC. Both of them together should form a functioning key pair.
The CA also has the power to suspend the DSC in public interest on the request of the subscriber
listed in the DSC or any person authorised on behalf of the subscriber. However, the subscriber
must be given an opportunity to be heard if the DSC is to be suspended for a period exceeding
fifteen days. The CA shall communicate the suspension to the subscriber.
There are two cases in which the DSC can be revoked. Firstly, as per Section 38 (1), it may be
revoked either on the request or death of the subscriber or when the subscriber is a firm or
company, on the dissolution of the firm or winding up of the company. Secondly, according to
Section 38(2), the CA may suo moto revoke it if some material fact in the DSC is false or has
been concealed by the subscriber or the requirements for issue of the DSC are not fulfilled or the
subscriber has been declared insolvent or dead et al.
Summary
• Each individual has a pair of keys
• Public key of each individual is certified by a CA (Certifying Authority)
• Public keys of CAs are certified by the Controller
• Public key of the Controller is self certified
• Public keys of everyone are known to all concerned and are also available on the web
• Certification Practice Statement is displayed on the web site
88
Strictly for Internal Circulation‐ KCL
Applications in Judiciary
1. Instant posting of judgment on the web.
2. Secured electronic communications within judiciary
3. Authentic archiving of Judicial records
4. Submission of affidavits
5. Giving certified copies of the Judgment
Applications in Telecommunications
A. Subscribers
¾ Subscriber’s services management
• STD/ISD, Opening, Closing, Initializing Password
¾ Shifting of telephones, Accessories (Clip, Cordless)
¾ Small Payments through telephones bills
• Books, gifts, Internet purchases
¾ Mobile Authentication of SMS
• Share market trading, Intra/Inter office instructions
¾ Mobile Phones as Credit cards
• Mobile operator can venture into credit card business
B. Internal
¾ Intra/Inter offices authentic communications
• OBs, approvals, Instructions, requests
¾ Procurement of material
• Calling/Receiving bids, Purchase orders, Payment instructions
¾ Network Management functions
• Change of configuration, Blocking/unblocking routes
89
Strictly for Internal Circulation‐ KCL
A cyber security strategy has been outlined by DIT [Department of Information Technology] to
address the strategic objectives for securing country's cyber space and is being implemented
through the following major initiatives:
a) Security Policy, Compliance and Assurance
b) Security Incident Early Warning & Response
c) Security training skills/competence development & user end awareness.
d) Security R&D for Securing the Infrastructure, meeting the domain specific needs and
enabling technologies
e) Security Promotion & Publicity
Consistent with the need, the primary objectives for securing country's cyber space are:
To pursue the strategic objectives the following major initiatives have been identified:
90
Strictly for Internal Circulation‐ KCL
IMPORTANT QUESTIONS
UNIT – 4
Q.1. What are the objects, scope of Information Technology Act 2000?
91
Strictly for Internal Circulation‐ KCL
Q.4. What do you mean by digital signatures? Is there any threat of using digital
signatures?
Q.6. Is there any dispute settlement mechanism for grievance of digital signature
users?
Q.8. What are the security provisions for Electronic Records under I.T. Act ?
UNIT -5
92
Strictly for Internal Circulation‐ KCL
Computer Crime, E-Crime, Hi-Tech Crime or Electronic Crime is where a computer is the target
of a crime or is the means adopted to commit a crime.
Most of these crimes are not new. Criminals simply devise different ways to undertake standard
criminal activities such as fraud, theft, blackmail, forgery, and embezzlement using the new
medium, often involving the Internet
COMPUTER VULNERABILITY
Cyber Crimes
Cyber crime refers to crimes committed using computers and the internet. Passion drives a person to steal
information from sites, or cause damage to, a computer or computer network for his own benefits. Greed
drives some persons to indulge in denial of service attacks for the purpose of extortion which may
eventually result in significant damage both to the system and the profitability of the site targeted. Skills
and innate gullibility lead to fraudulent behaviour of a criminal no matter how it is committed.
1. Software Piracy
93
Strictly for Internal Circulation‐ KCL
Software piracy is very common in cyberspace across the globe. Software piracy is the illegal
reproduction and distribution of software applications whether for business or personal use.
2. Hacking
A hacker is an unauthorized user who attempts or gains access to an information system. There are three
kinds of hackers : white hat, black hat and grey hat.White hat hackers are ethical hackers involved in
penetration testing. Normally they work for a company to try to break into the company system so that
loopholes can be found and fixed. Black hat hackers or crackers cause damage after intrusion and or
steal/modify data, insert viruses etc. Grey hat hackers typically ethical but occasionally violate ethics and
hack into networks, stand alone computers and or software.
4. Corporate espionage
It is the theft of trade secrets through illegal means such as wire taps, bribery and cyber intrusions.
5. Money Laundering
Money laundering is transferring illegally acquired money through financial and other systems so that it
appears to be legally acquired. Some of the techniques for money laundering are: a) Transfer to an
overseas country with less stringent banking regulations and then moving it back into his country via
loans on which the borrower has to pay interest which can be deducted from his taxes. b) Transfer cash
into goods like real estate, luxury items etc. c) Smurfing or breaking large sums into smaller sums and
depositing them into different amounts maximum permissible for deposit at a time.
6. Identity Theft
Obtaining identity information without permission and later using it to purchase goods or services
fraudulently. Criminals use dumpster diving, shoulder surfing methods for committing this crime.
7. Phishing
Criminals play tricksters by sending emails and solicit confidential information or impersonate some
authority and get such information. Such information is used fraudulently.
9. Child pornography
Child pornography is use of images of minors engaged in sexually explicit conduct. It is illegal to display
child pornography on the internet.
94
Strictly for Internal Circulation‐ KCL
Indian Parliament has enacted Information Technology Act, 2000, a comprehensive act to deal with cyber
crimes in India. The Information Technology Act has been amended in 2008 to make the Act more
effective.
Object: The object of the section is to protect the “intellectual property” invested in the
computer. It is an attempt to protect the computer source documents (codes) beyond what is
available under the Copyright Law
This section extends towards the Copyright Act and helps the companies to protect their source
code of their programmes.
Cyber jurisdiction is the extension of principles of international jurisdiction into the cyber space.
Cyber space has no physical boundaries. Jurisdiction is the power of court to hear & determine a
case without jurisdiction a courts judgment is ineffective & unimportant such jurisdiction is
essentially of 2 types:
95
Strictly for Internal Circulation‐ KCL
To formulate whether the jurisdiction of the courts is exclusive or non-exclusive in the internet
setting must involve the jurisdictional principles as given in the CPC as follows:
a) Pecuniary
b) Subject matter
c) Territorial
d) Cause of action
There is convention on cyber crime in Budapest on 23 Nov, 2001, as it was first ever
international treaty or criminal offence on criminal as criminal of committed against or with the
help of computers on such as internet. The preamble of the convention states that the objective is
to have a common policy aim at the protection of society. Cyber crime by adopting appropriate
and postering international cooperation The convention deals in particular with offences related
to infringement of copyright, computer related fraud child pornography and offences connected
& with network security.
Extraditionable offence:- Procedures are designed not only to ensure that criminals are returned
from one country to another but also to protect the rights of those who are accused of crimes by
requisiting country. Sufficient evidence has to be produced to show a prima facie case against the
accused and the rule of specially protects the accused from being tried for any crime other than
that for which he was extradition.
The convention on cyber crime has made cyber crime extraditable offences. The offence is
extraditable if punishment under the laws in both contracting parties by imprisonment for more
than 1 year or by penalty. As it is significant to note that almost every kind cyber crime have
been made extraditable under the convention. Moreover convention has the force of international
law behind it, as to investigate search seize, arrest, prosecute & extradiate cyber criminals for
cyber crimes a proper legal framework as given in it.
Examples:-
1)Indian airlines was defrauded of several lakh rupees when open-ended tickets for shorter
sectors were issued in fictitious names by some staff. Member’s computer records were tempered
with to show longer sectors & refunds obtained.
96
Strictly for Internal Circulation‐ KCL
2) In the purulia Arms Drop case, the main players used the internet extensively for international
communication, planning logistics.
3) Post-Pokhran centre computers system & pulled out vital data.
4) Computer professionals who prepared the software in an MBBS examination were found
responsible for altering data by manipulating the computer’s corrector reader. They had been
giving an upward revision of scores to students is return for a hefty fee.
CASE LAWS:
1. Frios v/s State of Kerela
Facts: In this case it was declared that the FRIENDS application software as protected system.
The author of the application challenged the notification and the constitutional validity of
software under Section 70. The court upheld the validity of both. It included tampering with
source code. Computer source code the electronic form, it can be printed on paper.
Held: The court held that Tampering with Source code are punishable with three years jail and
or two lakh rupees fine of rupees two lakh rupees for altering, concealing and destroying the
source code.
Facts: In this case the Tata Indicom employees were arrested for manipulation of the electronic
32- bit number (ESN) programmed into cell phones theft were exclusively franchised to Reliance
Infocom.
Held: Court held that Tampering with source code invokes Section 65 of the Information
Technology Act.
Facts: In this case several terrorist attacked on 13 December, 2001Parliament House. In this the
Digital evidence played an important role during their prosecution. The accused argued that
computers and evidence can easily be tampered and hence should not be relied.
In Parliament case several smart device storage disks and devices, a Laptop were recovered from
the truck intercepted at Srinagar pursuant to information given by two suspects. The laptop
included the evidence of fake identity cards, video files containing clips of the political leaders
with the background of Parliament in the background shot from T.V news channels. In this case
design of Ministry of Home Affairs car sticker, there was game “wolf pack” with user name of
‘Ashiq’. There was the name in one of the fake identity cards used by the terrorist. No back up
was taken therefore it was challenged in the Court.
97
Strictly for Internal Circulation‐ KCL
Held: Challenges to the accuracy of computer evidence should be established by the challenger.
Mere theoretical and generic doubts cannot be cast on the evidence.
(1) Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or
damage to the public or any person destroys or deletes or alters any information residing in a
computer resource or diminishes its value or utility or affects it injuriously by any means,
commits hacking.
(2) Whoever commits hacking shall be punished with imprisonment up to three years, or with
fine which may extend up to two lakh rupees, or with both.
Case Laws:
In this case it is observed that the accused gained access to the British telecom Prestl Gold
computers networks file amount to dishonest trick and not criminal offence.
2. R v/s Whiteley.
In this case the accused gained unauthorized access to the Joint Academic Network (JANET) and
deleted, added files and changed the passwords to deny access to the authorized users.
The perspective of the section is not merely protect the information but to protect the integrity
and security of computer resources from attacks by unauthorized person seeking to enter such
98
Strictly for Internal Circulation‐ KCL
The official website of the government of Maharashtra was hacked by Hackers Cool Al- Jazeera,
and claimed them they were from Saudi Arabia.
Whoever publishes or transmits or causes to be published in the electronic form, any material
which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave
and corrupt persons who are likely, having regard to all relevant circumstance, to read see or hear
the matter contained or embodied in it, shall be punished on first conviction with imprisonment
of either description for a term which may extend to five years and with fine which may extend
to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of
either description for a term which may extend to ten years and also with fine which may extend
to two lakh rupees.
Penalties: Punishment: (1) On first conviction --- imprisonment which may extend up to five
years. Fine: up to on first conviction which may extend to one lakh rupees.
(2) On second conviction ---- imprisonment up to which may extend to ten years and Fine which
may extend up to two lakh rupees.
Case Laws:
Facts: This case is about posting obscene, defamatory and annoying message about a divorcee
woman in the Yahoo message group. E-mails were forwarded to the victim for information by
the accused through a false e- mail account opened by him in the name of the victim. These
postings resulted in annoying phone calls to the lady. Based on the complaint police nabbed the
accused. He was a known family friend of the victim and was interested in marrying her. She
married to another person, but that marriage ended in divorce and the accused started contacting
her once again. And her reluctance to marry him he started harassing her through internet.
Held: The accused is found guilty of offences under section 469, 509 IPC and 67 of IT Act 2000
and the accused is convicted and is sentenced for the offence to undergo RI for 2 years under 469
99
Strictly for Internal Circulation‐ KCL
IPC and to pay fine of Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1 year
Simple imprisonment and to pay fine of Rs.500/- and for the offence u/s 67 of IT Act 2000 to
undergo RI for 2 years and to pay fine of Rs.4000/- All sentences to run concurrently.”
The accused paid fine amount and he was lodged at Central Prison, Chennai. This is considered
the first case convicted under section 67 of Information Technology Act 2000 in India.
2. Avnish Bajaj (CEO of bazzee.com – now a part of the eBay group of companies) case.
Facts: There were three accused first is the Delhi school boy and IIT Kharagpur Ravi Raj and
the service provider Avnish Bajaj.
The law on the subject is very clear. The sections slapped on the three accused were Section 292
(sale, distribution, public exhibition, etc., of an obscene object) and Section 294 (obscene acts,
songs, etc., in a public place) of the Indian Penal Code (IPC), and Section 67 (publishing
information which is obscene in electronic form) of the Information Technology Act 2000. In
addition, the schoolboy faces a charge under Section 201 of the IPC (destruction of evidence),
for there is apprehension that he had destroyed the mobile phone that he used in the episode.
These offences invite a stiff penalty, namely, imprisonment ranging from two to five years, in the
case of a first time conviction, and/or fines.
Held: In this case the Service provider Avnish Bajaj was later acquitted and the Delhi school boy
was granted bail by Juvenile Justice Board and was taken into police charge and detained into
Observation Home for two days.
4. DASKHINA Kannada police have solved the first case of cyber crime in the district.
A press release by Dakshina Kannada Police said here on Saturday that a Father at a Christian
institution in the city had approached the Superintendent of Police with a complaint that he was
getting offensive and obscene e-mails.
Police said that all the three admitted that they had done this to tarnish the image of the Father.
As the three tendered an unconditional apology to the Father and gave a written undertaking that
they would not repeat such act in future, the complainant withdrew his complaint. Following
this, the police dropped the charges against the culprit.
The release said that sending of offensive and obscene e-mails is an offence under the Indian
Information Technology Act 2000. If the charges are framed.
100
Strictly for Internal Circulation‐ KCL
(1) The Controller may, by order, direct a Certifying Authority or any employee of such
Authority to take such measures or cease carrying on such activities as specified in the order if
those are necessary to ensure compliance with the provisions of this Act, rules or any regulations
made there under.
(2) Any person who fails to comply with any order under sub-section (1) shall be guilty of an
offence and shall be liable on conviction to imprisonment for a term not exceeding three years or
to a fine not exceeding two lakh rupees or to both.
(1) If the Controller is satisfied that it is necessary or expedient so to do in the interest of the
sovereignty or integrity of India, the security of the State, friendly relations with foreign States or
public order or for preventing incitement to the commission of any cognizable offence; for
reasons to be recorded in writing, by order, direct any agency of the Government to intercept any
information transmitted through any computer resource.
(2) The subscriber or any person in charge of the computer resource shall, when called upon by
any agency which has been directed under sub-section (1), extend all facilities and technical
assistance to decrypt the information.
(3) The subscriber or any person who fails to assist the agency referred to in subsection
(2) shall be punished with an imprisonment for a term which may extend to seven years.
Penalties: Punishment: imprisonment for a term which may extend to seven years.
The offence is cognizable and non- bailable.
(1) The appropriate Government may, by notification in the Official Gazette, declare that any
computer, computer system or computer network to be a protected system.
(2) The appropriate Government may, by order in writing, authorize the persons who are
authorized to access protected systems notified under sub-section (1).
101
Strictly for Internal Circulation‐ KCL
(3) Any person who secures access or attempts to secure access to a protected system in
contravention of the provision of this section shall be punished with imprisonment of either
description for a term which may extend to ten years and shall also be liable to fine.
Explanation: This section grants the power to the appropriate government to declare any
computer, computer system or computer network, to be a protected system. Only authorized
person has the right to access to protected system.
Penalties: Punishment: the imprisonment which may extend to ten years and fine.
(1) Whoever makes any misrepresentation to, or suppresses any material fact from, the
Controller or the Certifying Authority for obtaining any license or Digital Signature Certificate,
as the case may be, shall be punished with imprisonment for a term which may extend to two
years, or which fine which may extend to one lakh rupees, or with both.
Save as otherwise provide in this Act or any other law for the time being in force, any person
who, in pursuance of any of the powers conferred under this Act, rules or regulation made there
under, has secured assess to any electronic record, book, register, correspondence, information,
document or other material without the consent of the person concerned discloses such material
to any other person shall be punished with imprisonment for a term which may extend to two
years, or with fine which may extend to one lakh rupees, or with both.
Explanation: This section relates to any to nay person who in pursuance of any of the powers
conferred by the Act or it allied rules and regulations has secured access to any: Electronic
record, books, register, correspondence, information, document, or other material.
If such person discloses such information, he will be punished with punished. It would not apply
to disclosure of personal information of a person by a website, by his email service provider.
Section 73. Penalty for publishing Digital Signature Certificate false in certain particulars:
(1) No person shall publish a Digital Signature Certificate or otherwise make it available to any
other person with the knowledge that-
102
Strictly for Internal Circulation‐ KCL
(a) The Certifying Authority listed in the certificate has not issued it; or
(b) The subscriber listed in the certificate has not accepted it; or
(c) The certificate has been revoked or suspended, unless such publication is for the purpose of
verifying a digital signature created prior to such suspension or revocation.
(2) Any person who contravenes the provisions of sub-section (1) shall be punished with
imprisonment for a term which may extend to two years, or with fine which may extend to one
lakh rupees, or with both.
The Certifying authority may also suspend the Digital Signature Certificate if it is of the opinion
that the digital signature certificate should be suspended in public interest.
A digital signature may not be revoked unless the subscriber has been given opportunity of being
heard in the matter. On revocation the Certifying Authority need to communicate the same with
the subscriber. Such publication is not an offence it is the purpose of verifying a digital signature
created prior to such suspension or revocation.
Case Laws:
In this case the publication has been stated that ‘publication means dissemination and
circulation’. In the context of digital medium, the term publication includes and transmission of
information or data in electronic form.
103
Strictly for Internal Circulation‐ KCL
Section 75. Act to apply for offence or contravention committed outside India:
(1) Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any
offence or contravention committed outside India by any person irrespective of his nationality.
(2) For the purposes of sub-section (1), this Act shall apply to an offence or Contravention
committed outside India by any person if the act or conduct constituting the offence or
contravention involves a computer, computer system or computer network located in India.
Case Laws:
Facts: In this case the Citibank faced the wrath of a hacker on its cash management system,
resulting in illegal transfer of funds from customers account in to the accounts of the hacker,
later identified as Valdimer Levin and his accomplices. After Levin was arrested he was
extradite to the United States. One of the most important issues was jurisdictional issue, the
‘place of origin’ of the cyber crime.
Held: The Court helds that the real- time nature of the communication link between Levin and
Citibank computer meant that Levin’s keystrokes were actually occurring on the Citibank
computer.
It is thus important that in order to resolve the disputes related to jurisdiction, the issue of
territoriality and nationality must be placed by a much broader criteria embracing principles of
reasonableness and fairness to accommodate overlapping or conflicting interests of states, in
spirit of universal jurisdiction.
Any computer, computer system, floppies, compact disks, tape drives or any other accessories
related thereto, in respect of which any provisions of this Act, rules, orders or regulations made
there under has been or is being contravened, shall be liable to confiscation :
104
Strictly for Internal Circulation‐ KCL
Provided that where it is established to the satisfaction of the court adjudicating the confiscation
that the person in whose possession, power or control of any such computer, computer system,
floppies, compact disks, tape drives or any other accessories relating thereto is found is not
responsible for the contravention of the provisions of this Act, rules orders or regulations made
there under, the court may, instead of making an order for confiscation of such computer,
computer system, floppies, compact disks, tape drives or any other accessories related thereto,
make such other order authorized by this Act against the person contravening of the provisions
of this Act, rules, orders or regulations made there under as it may think fit.
Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer
not below the rank of Deputy Superintendent of Police shall investigate any offence under this
Act.
Conclusion:
Due to the increase in the digital technology various offences has also increased. Since new-new
technology come everyday, the offences has also increased therefore the IT Act 2000 need to be
amended in order to include those offences which are now not included in the Act. In India cyber
crime is of not of high rate therefore we have time in order to tighten the cyber laws and include
the offences which are now not included in the IT Act 2000.
Crime against
Government
Crime against
property
Crime against
persons
Computer Viruses
Viruses
A computer virus is a computer program that can infect other computer programs by modifying
them in such a way as to include a (possibly evolved) copy of it. Note that a program does not
have to perform outright damage (such as deleting or corrupting files) in order to be called a
"virus".
105
Strictly for Internal Circulation‐ KCL
Viruses
Cyber crimes
Web jacking
INTERNATIONAL INITIATIVES
Representatives from the 26 Council of Europe members, the United States, Canada, Japan and
South Africa in 2001 signed a convention on cybercrime in efforts to enhance international
cooperation in combating computer-based crimes.
The Convention on Cybercrime, drawn up by experts of the Council of Europe, is designed to
coordinate these countries' policies and laws on penalties on crimes in cyberspace, define the
formula guaranteeing the efficient operation of the criminal and judicial authorities, and establish
an efficient mechanism for international cooperation.
In 1997, The G-8 Ministers agreed to ten "Principles to Combat High-Tech Crime" and an
"Action Plan to Combat High-Tech Crime."
106
Strictly for Internal Circulation‐ KCL
Main objectives-
The following cyber crime statistics illustrate of some of the general trends in the field of hi-tech
crimes. Marked increases in cyber crime statistics result in an increasing need for professionals
capable of responding to and investigating cyber crimes, and conducting computer forensic
examinations of evidence in these cases.
¾ In 2006, the Internet Crime Complaint Center received and processed over 200,000
complaints.
¾ More than 86,000 of these complaints were processed and referred to various local, state,
and federal law enforcement agencies.
¾ Most of these were consumers and persons filing as private persons.
¾ Total alleged dollar losses were more than $194 million.
¾ Email and websites were the two primary mechanisms for fraud.
¾ Although the total number of complaints decreased by approximately 7,000 complaints
from 2005, the total dollar losses increased by $15 million.
¾ The top frauds reported were auction fraud, non-delivery of items, check fraud, and credit
card fraud.
¾ Top contact mechanisms for perpetrators to victims were email (74%), web page (36%),
and phone (18%) (there was some overlap).
* The Internet Crime Complaint Center is a clearinghouse for online economic crime complaints.
It is maintained by the National White Collar Crime Center and the Federal Bureau of
Investigations. To review the results of the study, visit the National White Collar Crime Center’s
site.
Cyber Crime Statistics from the 12th Annual Computer Crime and Security Survey*
107
Strictly for Internal Circulation‐ KCL
¾ Between 2006 and 2007 there was a net increase in IT budget spent on security.
¾ Significantly, however, the percentage of IT budget spent on security awareness training
was very low, with 71% of respondents saying less than 5% of the security budget was
spent on awareness training, 22% saying less than 1% was spent on such training.
¾ 71% of respondents said their company has no external insurance to cover computer
security incident losses.
¾ 90% of respondents said their company experienced a computer security incident in the
past 12 months.
¾ 64% of losses were due to the actions of insiders at the company.
* The complete results of this study, as well as past studies, which are conducted annually by the
Computer Security Institute, can be found at the CSI website www.gocsi.com . Interestingly,
these statistics are compiled from voluntary responses of computer security professionals. Thus,
there is certainly an inference that the damages due to computer security incidents are much
higher than those cited here, as companies without responding security professionals
undoubtedly were the victim of computer security incidents.
Cyber Crime Statistics from the Online Victimization of Youth, Five Years Later study*
¾ Increasing numbers of children are being exposed to unwanted sexual materials online.
¾ Reports of online sexual solicitations of youth decreased while reports of aggressive
sexual solicitation of youth did not (perhaps indicating that some prevention and
education measures may be working, while the most serious offenders may not be
deterred).
¾ Online child solicitation offenses are rarely reported to any authority.
¾ Incidents of online harassment and bullying increased.
*This is an empirical study based on approximately 1500 surveys conducted with online youth in
2005 that were compared to the results of a similar study in 2001. The study was conducted by
the National Center for Missing and Exploited Children, the Crimes Against Children Research
Center, and the Office for Juvenile Justice and Delinquency Prevention at the United States
Department of Justice. The complete results of the study can be found here
http://www.missingkids.com.
REPORTED CASES
108
Strictly for Internal Circulation‐ KCL
Delhi Police
o M/s Softweb Solutions
o Website www.go2nextjob.com hosted
o Complaint of hacking by web hosting service
Cyber crime is now a bigger threat to India Inc than physical crime. In a recent survey by IBM, a
greater number of companies (44%) listed cyber crime as a bigger threat to their profitability than
physical crime (31%).
The cost of cyber crime stems primarily from loss of revenue, loss of market capitalisation,
damage to the brand, and loss of customers, in that order.
About 67% local Chief Information Officers (CIOs) who took part in the survey perceived cyber
crime as more costly, compared to the global benchmark of 50%.
109
Strictly for Internal Circulation‐ KCL
Sending pornographic or obscene emails are punishable under Section 67 of the IT Act.
An offence under this section is punishable on first conviction with imprisonment for a term,
which may extend to five years and with fine, which may extend to One lakh rupees.
In the event of a second or subsequent conviction the recommended punishment is imprisonment
for a term, which may extend to ten years and also with fine which may extend to Two lakh
rupees.
Emails that are defamatory in nature are punishable under Section 500 of the Indian Penal
Code (IPC), which recommends an imprisonment of upto two years or a fine or both.
Threatening emails are punishable under the provisions of the IPC pertaining to criminal
intimidation, insult and annoyance (Chapter XXII), extortion (Chapter XVII)
Email spoofing
Email spoofing is covered under provisions of the IPC relating to fraud, cheating by personation
(Chapter XVII), forgery (Chapter XVIII)
110
Strictly for Internal Circulation‐ KCL
Chapter IX
Section Offences Compensation / Punishment or Both
43 Compensation for Damage to Computer, Computer
Not exceeding Rs. 1 Crore
System etc.
44 Penalty for Failure fails to furnish the same Rs.1.5 Lakhs for each such failure
to furnish fails to file return or furnish the
Rs. 5000 per day
information, returns same within the time specified
etc. fails to maintain the same 10,000 for every day
45 Residuary Penalty 25000
Chapter XI
Section Offences Compensation / Punishment or Both
65 Tampering with Source codes/documents 2 lakhs/3yrs or Both
66 Computer related accesses downloads, copies or 2 lakhs/1yr or Both
offencesIf any extracts any data, denies or causes
person, dishonestly the denial of access
or fraudulently,
without permission
of the owner or of causes to be introduced any 5 lakhs/2yrs or Both
any other person computer contaminant
who is in charge of
a computer
resource.
67 Publishing in electronic form of information which is 5 lakhs/2yrs or Bothin second or
obscene subsequent conviction 10lakhs/5yrs or
Both
68 Power Of Controller to give directions 2 lakhs/3yrs or Both
68A
69 Failure to cooperate in Decryption to the Government (7 years)
regulatory agencies
111
Strictly for Internal Circulation‐ KCL
1. The Central Government may, by notification in the Official Gazette, appoint a Controller of
Certifying Authorities for the purposes of this Act and may also by the same or subsequent
notification appoint such number of Deputy Controllers and Assistant Controllers as it
deems fit.
2. The Controller shall discharge his functions under this Act subject to the general control and
directions of the Central Government.
3. The Deputy Controllers and Assistant Controllers shall perform the functions assigned to
them by the Controller under the general superintendence and control of the Controller.
4. The qualifications, experience and terms and conditions of service of Controller, Deputy
Controllers and Assistant Controllers shall be such as may be prescribed by the Central
Government.
112
Strictly for Internal Circulation‐ KCL
5. The Head Office and Branch Office of the office of the Controller shall be at such places as
the Central Government may specify, and these may be established at such places as the
Central Government may think fit.
1. The Controller may perform all or any of the following functions, namely: -
2. exercising supervision over the activities of the Certifying Authorities.
3. certifying public keys of the Certifying Authorities.
4. laying down the standards to be maintained by the Certifying Authorities.
5. specifying the qualifications and experience which employees of the Certifying
Authorities should possess.
6. specifying the conditions subject to which the Certifying Authorities shall conduct their
business.
7. specifying the contents of written, printed or visual materials and advertisements that
may be distributed or used in respect of a Digital Signature Certificate and the public key.
8. specifying the form and content of a Digital Signature Certificate and the key.
9. specifying the form and manner in which accounts shall be maintained by the Certifying
Authorities.
10. specifying the terms and conditions subject to which auditors may be appointed and the
remuneration to be paid to them.
11. facilitating the establishment of any electronic system by a Certifying Authority either
solely or jointly with other Certifying Authorities and regulation of such systems.
12. specifying the manner in which the Certifying Authorities shall conduct their dealings
with the subscribers.
13. resolving any conflict of interests between the Certifying Authorities and the subscribers.
14. laying down the duties of the Certifying Authorities.
15. maintaining a data base containing the disclosure record of every Certifying Authority
containing such particulars as may be specified by regulations, which shall be accessible
to public.
113
Strictly for Internal Circulation‐ KCL
114
Strictly for Internal Circulation‐ KCL
ARTICLE ON
CYBER TERRORISM
Cyber terrorism is the premeditated use of disruptive activities, or the threat thereof, in cyber
space, with the intention to further social, ideological, religious, political or similar objectives,
or to intimidate any person in furtherance of such objectives.
Computers and the internet are becoming an essential part of our daily life. They are being used
by individuals and societies to make their life easier. They use them for storing information,
processing data, sending and receiving messages, communications, controlling machines, typing,
editing, designing, drawing, and almost all aspects of life.
The most deadly and destructive consequence of this helplessness is the emergence of the
concept of “cyber terrorism”. The traditional concepts and methods of terrorism have taken new
dimensions, which are more destructive and deadly in nature. In the age of information
technology the terrorists have acquired an expertise to produce the most deadly combination of
weapons and technology, which if not properly safeguarded in due course of time, will take its
own toll. The damage so produced would be almost irreversible and most catastrophic in nature.
In short, we are facing the worst form of terrorism popularly known as "Cyber Terrorism". The
expression "cyber terrorism" includes an intentional negative and harmful use of the information
technology for producing destructive and harmful effects to the property, whether tangible or
intangible, of others. For instance, hacking of a computer system and then deleting the useful and
valuable business information of the rival competitor is a part and parcel of cyber terrorism.
The definition of "cyber terrorism" cannot be made exhaustive as the nature of crime is such that
it must be left to be inclusive in nature. The nature of "cyberspace” is such that new methods and
technologies are invented regularly; hence it is not advisable to put the definition in a
straightjacket formula or pigeons hole. In fact, the first effort of the Courts should be to interpret
the definition as liberally as possible so that the menace of cyber terrorism can be tackled
stringently and with a punitive hand.
The law dealing with cyber terrorism is, however, not adequate to meet the precarious intentions
of these cyber terrorists and requires a rejuvenation in the light and context of the latest
developments all over the world.
The word “cyber terrorism” refers to two elements: cyberspace and terrorism.
Another word for cyberspace is the “virtual world” i,e a place in which computer programs
function and data moves. Terrorism is a much used term, with many definitions. For the purposes
of this presentation, we will use the United States Department of State definition:” The term
‘terrorism’ means premeditated, politically motivated violence perpetrated against noncombatant
targets by sub national groups or clandestine agents.”
115
Strictly for Internal Circulation‐ KCL
The basic definition of Cyber-terrorism subsumed over time to encompass such things as simply
defacing a web site or server, or attacking non-critical systems, resulting in the term becoming
less useful. There is also a train of thought that says cyber terrorism does not exist and is really a
matter of hacking or information warfare. Some disagree with labeling it terrorism proper
because of the unlikelihood of the creation of fear of significant physical harm or death in a
population using electronic means, considering current attack and protective technologies.
From American point of view the most dangerous terrorist group is Al-Qaeda which is
considered the first enemy for the US. According to US official’s data from computers seized in
Afghanistan indicate that the group has scouted systems that control American energy facilities,
water distribution, communication systems, and other critical infrastructure.
After April 2001 collision of US navy spy plane and Chinese fighter jet, Chinese hackers
launched Denial of Service (DoS) attacks against American web sites.
A study that covered the second half of the year 2002 showed that the most dangerous nation for
originating malicious cyber attacks is the United States with 35.4% of the cases down from 40%
for the first half of the same year. South Korea came next with 12.8%, followed by China 6.2%
then Germany 6.7% then France 4%. The UK came number 9 with 2.2%. According to the same
study, Israel was the most active country in terms of number of cyber attacks related to the
number of internet users. There are so many groups who are very active in attacking their targets
through the computers.
The Unix Security Guards (USG) a pro Islamic group launched a lot of digital attacks in May
2002.
Another group called World's Fantabulas Defacers (WFD) attacked many Indian sites. Also there
is another pro Pakistan group called Anti India Crew (AIC) who launched many cyber attacks
against India.
Cyber terrorist prefer using the cyber attack methods because of many advantages for it.
It is Cheaper than traditional methods.
The action is very difficult to be tracked.
They can hide their personalities and location.
116
Strictly for Internal Circulation‐ KCL
The law of privacy is the recognition of the individual's right to be let alone and to have his
personal space inviolate. The right to privacy as an independent and distinctive concept
originated in the field of Tort law, under which a new cause of action for damages resulting from
unlawful invasion of privacy was recognized. In recent times, however, this right has acquired a
constitutional status, the violation of which attracts both civil as well as criminal consequences
under the respective laws. The intensity and complexity of life have rendered necessary some
retreat from the world. Man under the refining influence of culture, has become sensitive to
publicity, so that solitude and privacy have become essential to the individual. Modern enterprise
and invention have, through invasions upon his privacy, subjected him to mental pain and
distress, far greater than could be inflicted by mere bodily injury. Right to privacy is a part of the
right to life and personal liberty enshrined under Article 21 of the Constitution of India. With the
advent of information technology the traditional concept of right to privacy has taken new
dimensions, which require a different legal outlook. To meet this challenge recourse of
Information Technology Act, 2000 can be taken.
The various provisions of the Act aptly protect the online privacy rights of the citizens. Certain
acts have been categorized as offences and contraventions, which have tendency to intrude with
the privacy rights of the citizens.
The information technology can be misused for appropriating the valuable Government secrets
and data of private individuals and the Government and its agencies. A computer network owned
by the Government may contain valuable information concerning defence and other top secrets,
which the Government will not wish to share otherwise. The same can be targeted by the
terrorists to facilitate their activities, including destruction of property. It must be noted that the
definition of property is not restricted to moveables or immovable alone.
In R.K. Dalmia v Delhi Administration the Supreme Court held that the word "property" is used
in the I.P.C in a much wider sense than the expression "movable property". There is no good
reason to restrict the meaning of the word "property" to moveable property only, when it is used
without any qualification. Whether the offence defined in a particular section of IPC can be
committed in respect of any particular kind of property, will depend not on the interpretation of
the word "property" but on the fact whether that particular kind of property can be subject to the
acts covered by that section.
117
Strictly for Internal Circulation‐ KCL
The aim of e-governance is to make the interaction of the citizens with the government offices
hassle free and to share information in a free and transparent manner. It further makes the right to
information a meaningful reality. In a democracy, people govern themselves and they cannot
govern themselves properly unless they are aware of social, political, economic and other issues
confronting them. To enable them to make a proper judgment on those issues, they must have the
benefit of a range of opinions on those issues. Right to receive and impart information is implicit
in free speech. This, right to receive information is, however, not absolute but is subject to
reasonable restrictions which may be imposed by the Government in public interest.
The cyber terrorists may also use the method of distributed denial of services (DDOS) to
overburden the Government and its agencies electronic bases. This is made possible by first
infecting several unprotected computers by way of virus attacks and then taking control of them.
Once control is obtained, they can be manipulated from any locality by the terrorists. These
infected computers are then made to send information or demand in such a large number that the
server of the victim collapses. Further, due to this unnecessary Internet traffic the legitimate
traffic is prohibited from reaching the Government or its agencies computers. This results in
immense pecuniary and strategic loss to the government and its agencies.
It must be noted that thousands of compromised computers can be used to simultaneously attack
a single host, thus making its electronic existence invisible to the genuine and legitimate citizens
and end users. The law in this regard is crystal clear.
The main aim of cyber terrorist activities is to cause networks damage and their disruptions. This
activity may divert the attention of the security agencies for the time being thus giving the
terrorists extra time and makes their task comparatively easier. This process may involve a
combination of computer tampering, virus attacks, hacking, etc.
Cyber terrorists can destroy the economy of the country by attacking the critical infrastructure in
the big towns such as electric power and water supply, still the blackout of the North Western
states in the US in Aug. 15, 2003 is unknown whether it was a terrorist act or not, or by attacking
the banks and financial institutions and play with their computer systems.
Cyber terrorists can endanger the security of the nation by targeting the sensitive and secret
information (by stealing, disclosing, or destroying).
118
Strictly for Internal Circulation‐ KCL
The intention of a cyber terrorism attack could range from economic disruption through the
interruption of financial networks and systems or used in support of a physical attack to cause
further confusion and possible delays in proper response. Although cyber attacks have caused
billions of dollars in damage and affected the lives of millions, we have yet witness the
implications of a truly catastrophic cyber terrorism attack. What would some of the implications
be?
In India there is no law, which is specifically dealing with prevention of malware through
aggressive defense. Thus, the analogous provisions have to be applied in a purposive manner.
The protection against malware attacks can be claimed under the following categories:
(1) Protection available under the Constitution of India, and
The protection available under the Constitution of any country is the strongest and the safest one
since it is the supreme document and all other laws derive their power and validity from it. If a
law satisfies the rigorous tests of the Constitutional validity, then its applicability and validity
cannot be challenge and it becomes absolutely binding. The Constitutions of India, like other
Constitutions of the world, is organic and living in nature and is capable of molding itself as per
the time and requirements of the society.
119
Strictly for Internal Circulation‐ KCL
The protection available under the Constitution is further strengthened by various statutory
enactments. These protections can be classified as:
(A) Protection under the Indian Penal Code (I.P.C), 1860, and
(B) Protection under the Information Technology Act (ITA), 2000.
H. Conclusion-
The problems associated with the use of malware are not peculiar to any particular country as the
menace is global in nature. The countries all over the world are facing this problem and are
trying their level best to eliminate this problem. The problem, however, cannot be effectively
curbed unless popular public support and a vigilant judiciary back it. The legislature cannot enact
a law against the general public opinion of the nation at large. Thus, first a public support has to
be obtained not only at the national level but at the international level as well. The people all
over the world are not against the enactment of statutes curbing the use of malware, but they are
conscious about their legitimate rights. Thus, the law to be enacted by the legislature must take
care of public interest on a priority basis. This can be achieved if a suitable technology is
supported by an apt legislation, which can exclusively take care of the menace created by the
computers sending the malware. Thus, the self-help measures recognized by the legislature
should not be disproportionate and excessive than the threat received by the malware. Further,
while using such self-help measures the property and rights of the general public should not be
affected. It would also not be unreasonable to demand that such self-help measures should not
themselves commit any illegal act r omission. Thus, a self-help measure should not be such as
may destroy or steal the data or secret information stored in the computer of the person sending
the malware. It must be noted that two wrongs cannot make a thing right. Thus, a demarcating
line between self-help and taking law in one’s own hand must be drawn. In the ultimate analysis
we must not forget that self-help measures are “watchdogs and not blood-hounds”, and their
purpose should be restricted to legitimate and proportionate defensive actions only. In India,
fortunately, we have a sound legal base for dealing with malware and the public at large has no
problem in supporting the self-help measures to combat cyber terrorism and malware.
120
Strictly for Internal Circulation‐ KCL
(1) The Central Government shall, by notification, establish one or more appellate tribunals
to be known as the Cyber Regulations Appellate Tribunal.
(2) The Central Government shall also specify, in the notification referred to in sub-section
(1), the matters and places in relation to which the Cyber Appellate Tribunal may
exercise jurisdiction.
Though the aforesaid sub-section (1) provides for appointment of one or more appellate tribunals
by the Central Government but the language of the Rule 13 of the Cyber Regulations Tribunal
(Procedure) Rules, 2000 makes it clear that there shall only be one tribunal and it shall ordinarily
hold its sittings at New Delhi.
If at any time, the Presiding Officer of the Tribunal is satisfied that circumstances exist which
render it necessary to have sittings of the Tribunal at any place other than New Delhi, he may
direct to hold the sittings at any such appropriate place. The Tribunal shall notify to the parties
the date and place of hearing of the application (Rule 12).
Union of India Vs. Paras Laminates (P) Ltd. (1990) 4SCC 453
The Supreme Court held that there is no doubt that the Tribunal functions as a court within the
limits of its jurisdiction. It has all the powers conferred expressly by the statute. Furthermore,
being a judicial body, it has all those incidental and ancillary powers which are necessary to
make fully effective the express grant of statutory powers. The powers of Tribunal are no doubt
limited. Its area of jurisdiction is clearly defined, but within the bounds of its jurisdiction, it has
all the powers expressly and implied granted.
121
Strictly for Internal Circulation‐ KCL
A Cyber Appellate Tribunal shall consist of one person only (hereinafter referred to as the
Presiding Officer of the Cyber Appellate Tribunal) to be appointed, by notification, by the
Central Government.
A Cyber Appellate Tribunal is headed by one person only, called the Presiding Officer being
appointed by notification by the Central Government. The Cyber Appellate Tribunal does not
constitute an “expert body”.
Section- 50. Qualifications for appointment as Presiding Officer of the Cyber Appellate
Tribunal.
A person shall not be qualified for appointment as the Presiding Officer of a Cyber Appellate
Tribunal unless he -
The aforesaid section identifies the qualifications necessary for appointment as Presiding Officer
of the Cyber Appellate Tribunal. The focus is primarily on the legal rather than on technical
qualifications. Thus, the tribunal ought to be doubly careful while interfering with the Controller
or the Adjudicating Officers findings on facts.
The Presiding Officer of a Cyber Appellate Tribunal shall hold office for a term of five years
from the date on which he enters upon his office or until he attains the age of sixty-five years,
whichever is earlier.
It provides a five year term for the Presiding Officer of a Cyber Appellate Tribunal. The term
starts from the date on which he enters upon his office. It will last for five years or until he
attains the age of sixty-five years, whichever is earlier.
Section- 52. Salary, allowances and other terms and conditions of service of Presiding
Officer.
The salary and allowances payable to, and the other terms and conditions of service including
pension, gratuity and other retirement benefits of, the Presiding Officer of a Cyber Appellate
Tribunal shall be such as may be prescribed:
122
Strictly for Internal Circulation‐ KCL
Provided that neither the salary and allowances nor the other terms and conditions of service of
the Presiding Officer shall be varied to his disadvantage after appointment.
Under Section 87(2) (r) of the Act, the Central Government has the power to make rules
regarding the salary, allowances and the other terms and conditions of service of the Presiding
Officer. The Central Government has notified the Cyber Regulations Appellate Tribunal (Salary,
Allowances and other terms and conditions of service of Presiding Officer) Rules, 2003 it has
laid that Presiding Officer shall be paid such salary and allowances as admissible to a Secretary
to the Government of India, including all the benefits that a Secretary is entitled to.
If, for reason other than temporary absence, any vacancy occurs in the office n the Presiding
Officer of a Cyber Appellate Tribunal, then the Central Government shall appoint another
person in accordance with the provisions of this Act to fill the vacancy and the proceedings may
be continued before the Cyber Appellate Tribunal from the stage at which the vacancy is filled.
Being the first stage of appeal, the office of the Presiding Officer of a Cyber Appellate Tribunal
is an important one. It directs the Central Government to appoint another person in case of
occurrence of any vacancy in the office of the Presiding Officer in accordance with the
provisions of the Act. The objective of this is to maintain the continuity of the appellate process
that begins with filing of application to the Registrar of Cyber Appellate Tribunal.
(1) The Presiding Officer of a Cyber Appellate Tribunal may, by notice in writing under his hand
addressed to the Central Government, resign his office:
Provided that the said Presiding Officer shall, unless he is permitted by the Central Government
to relinquish his office sooner, continue to hold office until the expiry of three months from the
date of receipt of such notice or until a person duly appointed as his successor enters upon his
office or until the expiry of his term of office, whichever is the earliest.
(2) The Presiding Officer of a Cyber Appellate Tribunal shall not be removed from his office
except by an order by the Central Government on the ground of proved misbehaviour or
incapacity after an inquiry made by a Judge of the Supreme Court in which the Presiding Officer
concerned has been informed of the charges against him and given a reasonable opportunity of
being heard in respect of these charges.
(3) The Central Government may, by rules, regulate the procedure for the investigation of
misbehaviour or incapacity of the aforesaid Presiding Officer.
It is for the Central Government to relieve him on the receipt of such notice or permit him to
continue to hold office until the expiry of three months from the date of receipt of such notice or
until a person duly appointed as his successor enters upon his office or until the expiry of his
term of office, whichever is the earliest.
123
Strictly for Internal Circulation‐ KCL
Under S.87 (2) (s) of the Act, the Central Government has the power to make rules regarding the
procedure for investigation of misbehaviour or incapacity of the Presiding Officer. Recently in
the Official Gazette, the Central Government has published Cyber Regulation Appellate Tribunal
(Procedure for Investigation of Misbehaviour for Investigation of Misbehaviour or Incapacity of
Presiding Officer) Rules, 2003 to regulate the procedure for the investigation of misbehaviour of
incapacity of the presiding officer.
(1) The Central Government shall provide the Cyber Appellate Tribunal with such officers and
employees as that Government may think fit.
(2) The officers and employees of the Cyber Appellate Tribunal shall discharge their functions
under general superintendence of the Presiding Officer.
(3) The salaries, allowances and other conditions of service of the officers and employees or the
Cyber Appellate Tribunal shall be such as may be prescribed by the Central Government.
The office of Cyber Appellate Tribunal is like an organization where the officers and employees
discharge their respective functions under general superintendence of the Presiding Officer.
Under S.87 (2) (t) of the Act, the Central Government has the power to make rules regarding the
salary and allowances and other conditions of service of other officers and employees of the
Tribunal. Till date, no such rules have been made by the Central Government.
Section- 55. Orders constituting Appellate Tribunal to be final and not to invalidate its
proceedings.
No order of the Central Government appointing any person as the Presiding Officer of a Cyber
Appellate Tribunal shall be called in question in any manner and no act or proceeding before a
Cyber Appellate Tribunal shall be called in question in any manner on the ground merely of any
defect in the constitution of a Cyber Appellate Tribunal.
It takes away the power of the judicial review by giving the Central Government a carte blanche
to appoint any person as the Presiding Officer of a Cyber Appellate Tribunal, without being
questioned in any manner. It is considered a privilege of the Executive to appoint any person as
the Presiding Officer of a Cyber Appellate Tribunal.
Furthermore, no act or proceeding before a Cyber Appellate Tribunal shall be called in question
in any manner on the ground merely of any defect in the constitution of a Cyber Appellate
Tribunal. The provision indicates that it is a pre-emptive method employed by the legislature to
protect Cyber Appellate Tribunal’s judicial processes/ proceedings from getting bogged down
under frivolous/ unnecessary litigation merely on the pretext of some defect in the constitution of
a Cyber Appellate Tribunal.
124
Strictly for Internal Circulation‐ KCL
(1) Save as provided in sub-section (2), any person aggrieved by an order made by Controller or
an adjudicating officer under this Act may prefer an appeal to a Cyber Appellate Tribunal
having jurisdiction in the matter.
(2) No appeal shall lie to the Cyber Appellate Tribunal from an order made by an adjudicating
officer with the consent of the parties.
(3) Every appeal under sub-section (1) shall be filed within a period of tony-five days from the
date on which a copy of the order made by the Controller or the adjudicating officer is received
by the person aggrieved and it shall be in such form and be accompanied by such fee as may be
prescribed:
Provided that the Cyber Appellate Tribunal may entertain an appeal after the expiry of the said
period of forty-five days if it is satisfied that there was sufficient cause tor not filing it within that
period.
(4) On receipt of an appeal under sub-section (1), the Cyber Appellate Tribunal may, after
giving the parties to the appeal, an opportunity of being heard, pass such orders thereon as it
thinks fit, confirming, modifying or setting aside the order appealed against.
(5) The Cyber Appellate Tribunal shall send a copy of every order made by it to" the parties to
the appeal and to the concerned Controller or adjudicating officer.
(6) The appeal filed before the Cyber Appellate Tribunal under sub-section (1) shall be dealt
with by it as expeditiously as possible and endeavour shall be made by it to dispose of the appeal
finally within six months from the date of receipt of the appeal.
Right of appeal is the creature of a statute and it is for the legislature to decide whether the right
of appeal should be given unconditional to an aggrieved party or it should be conditionally given.
The two things which are required to constitute appellate jurisdiction are the existence of the
relation of superior and inferior court and the power on the part of the former, to review
decisions of the latter.
It grants an unconditional right of appeal to any aggrieved party, who has been aggrieved by an
order made by Controller or an adjudicating officer under this Act. It has included even those
persons who were not even the original contesting parties (complainant/defendant) before the
Controller or Adjudicating Officer in a given case.
Moreover, Rule 3(4) (a) of the Cyber Regulation Appellate Tribunal (Procedure) Rules, 2000
deals with subject of Joinder of Appeals. It states that persons against whom similar orders, in
similar matters have been passed by the Controller or the Adjudicating Officer may file a joint
125
Strictly for Internal Circulation‐ KCL
appeal. It is important to look into Order I, Rule 1 who may be joined as plaintiffs of the Code of
Civil Procedure, 1908 provisions for Joinder of appeals before the Tribunal.
Furthermore, the Cyber Appellate Tribunal does not allow any aggrieved person to file an appeal
if it has been against the order made by an adjudicating officer with the consent of the original
contesting parties (complainant/defendant).
The Supreme Court has observed that in exercising discretion under S.5 of the Limitation Act
the courts should adopt a pragmatic approach. The courts has to exercise the discretion on the
facts of each case keeping in mind that in construing the expression “sufficient cause” the
principle of advancing substantial justice is of prime importance.
(1) The Cyber Appellate Tribunal shall not be bound by the procedure laid down by the Code of
civil Procedure, 1908 but shall be guided by the principles of natural justice and, subject to the
other provisions of this Act and of any rules, the Cyber Appellate Tribunal shall have powers to
regulate its own procedure including the place at which it shall have its sittings.
(2) The Cyber Appellate Tribunal shall have, for the purposes of discharging its functions under
this Act, the same powers as are vested in a civil court under the Code of Civil Procedure, 1908,
while trying a suit, in respect of the following matters, namely: -
(a) Summoning and enforcing the attendance of any person and examining him on oath; (b)
Requiring the discovery and production of documents or other electronic records; (c) Receiving
evidence on affidavits; (d) Issuing commissions for the examination of witnesses or documents;
(e) Reviewing its decisions; (f) Dismissing an application for default or deciding it ex pane; (g)
Any other matter which may be prescribed.
(3) Every proceeding before the Cyber Appellate Tribunal shall be deemed to be a judicial
proceeding within the meaning of sections 193 and 228, and for the purposes of section 196 of
the Indian Penal Code and the Cyber Appellate Tribunal shall be deemed to be a civil court for
the purposes of section 195 and Chapter XXVI of the Code of Criminal Procedure, 1973.
The Cyber Appellate Tribunal is not bound by the procedure laid down by the Code of Civil
Procedure, 1908 and instead it shall be guided by the principles of natural justice. The principle
of natural justice revolve around the premise that the authority should hear the person concerned
before passing any decision, direction or order against him. Further Cyber Appellate Tribunal
shall have powers to regulate its own procedure including the place at which it shall have its
sittings.
Cellular Operators Association of India Vs. Union of India (2003) 3 SCC 186
126
Strictly for Internal Circulation‐ KCL
It is an established law that in the absence of any procedure laid down the provisions of the Code
of Civil Procedure should be followed.
Supreme Court has held that power of authority to summon witnesses, enforce their attendance,
examine them on oath or require discovery and production of documents show the quasi judicial
nature of proceedings before the authority.
It states that by virtue of Ss. 193 and 228 of the Indian Penal Code, all proceedings before the
Cyber Appellate Tribunal shall be deemed to be judicial proceedings.
The appellant may either appear in person or authorise one or more legal practitioners or any of
its officers to present his or its case before the Cyber Appellate Tribunal.
The provisions of the Limitation Act, 1963, shall, as far as may be, apply to an appeal made to
the Cyber Appellate Tribunal.
Supreme Court held that the established rule of limitation is that law of limitation is not
applicable to a plea taken in defence unless expressly a provision is made in the statute.... the
Limitation Act does not extinguish a defence, but only bars the remedy.
No court shall have jurisdiction to entertain any suit or proceeding in respect of any matter
which an adjudicating officer appointed under this Act or the Cyber Appellate Tribunal
constituted under this Act is empowered by or under this Act to determine and no injunction shall
be granted by any court or other authority in respect of any action taken or to be taken in
pursuance of any power conferred by or under this Act.
The Act empowers both Adjudicating Officer and Cyber Appellate Tribunal to have an exclusive
jurisdiction to entertain any suit and proceeding in respect of any matter under this Act. It
excludes the jurisdiction of civil courts to entertain any suit or proceeding in respect of any
matter.
Dhruv Green Field Ltd. Vs. Hukam Singh (2002) 6 SCC 416
127
Strictly for Internal Circulation‐ KCL
Supreme Court held that the jurisdiction of courts to try all suits of civil nature is very expensive
as is evident from the plain language of S.9 of CPC. This is because of the principle ubi jus ibi
remedium. It is only where cognizance of a specified type of suit is barred by a statute either
expressly or impliedly that the jurisdiction of the civil court would be ousted to entertain such a
suit. The general principle is that a statute excluding the jurisdiction of civil courts should be
construed strictly.
Any person aggrieved by any decision or order of the Cyber Appellate Tribunal may file an
appeal to the High Court within sixty days from the date of communication of the decision or
order of the Cyber Appellate Tribunal to him on any question of fact or law arising out of such
order
Provided that the High Court may, if it is satisfied that the appellant was prevented by sufficient
cause from filing the appeal within the said period, allow it to be filed within a further period not
exceeding sixty days.
(1) The Central Government shall, by notification, establish one or more appellate tribunals to
be known as the Cyber Regulations Appellate Tribunal.
(2) The Central Government shall also specify, in the notification referred to in sub-section (1),
the matters and places in relation to which the Cyber Appellate Tribunal may exercise
jurisdiction.
The Act provides a second forum of appeal in the form of High Court (the first being Cyber
Appellate Tribunal) to any person aggrieved by any decision or order of the Cyber Appellate
Tribunal. An appeal is to be filed within 60 days from the date of communication of the decision.
The Supreme Court held that if a jurisdictional question or the extent thereof is disputed before a
tribunal, the tribunal must necessarily decide it unless the statute provides otherwise. Only when
a question of law or mixed question of fact and law are decided by a tribunal, the High Court or
the Supreme Court can exercise its power of judicial review.
(1) Any contravention under this Chapter may, either before or after the institution of
adjudication proceedings, be compounded by the Controller or such other officer as may be
specially authorised by him in this behalf or by the adjudicating officer, as the case may be,
subject to such conditions as the Controller or such other officer or the adjudicating officer may
specify:
Provided that such sum shall not, in any case, exceed the maximum amount of the penalty which
may be imposed under this Act for the contravention so compounded.
128
Strictly for Internal Circulation‐ KCL
(2) Nothing in sub-section (1) shall apply to a person who commits the same or similar
contravention within a period of three years from the date on which the first contravention,
committed by him, was compounded.
(3) Where any contravention has been compounded under sub-section (1), no proceeding or
further proceeding, as the case may be, shall be taken against the person guilty of such
contravention in respect of the contravention so compounded.
The compounding contraventions would be under Penalties and Adjudication as it may be either
before or after the institution of adjudication proceedings. It provides that the maximum amount
of the penalty, which may be imposed under this Act for the contravention, so compounded not
to exceed One Crore of Rupees.
If a person commits the same or similar contravention within a period of three years from the
date on which the first contravention, committed by him, shall not be compounded by the
Controller or such officer. Any contravention committed after the expiry of a period of three
years from the date on which the contravention was previously compounded shall be deemed to
be a first contravention.
The compounding of a contravention signifies that the person against whom the contravention
has been committed has received some gratification, not necessary of a pecuniary character, to
act as an inducement for his desiring to abstain from prosecution. This if a contravention is
compounded, it shall result into an acquittal.
A penalty imposed under this Act, if it is not paid, shall be recovered as an arrear of land
revenue and the licence or the Digital Signature Certificate, as the case may be, shall be
suspended till the penalty is paid.
The penalty amount on account of contraventions must not exceed one crore rupees. In case of a
person’s inability to pay the penalty amount imposed under the act, the same shall be recovered,
as an arrear of land revenue and the licence or Digital Signature Certificate, as the case may be
shall remain suspended till the penalty is paid.
Section-75. Act to apply for offence or contravention committed outside India. - (1) Subject
to the provision of sub-section (2), the provisions of this Act shall apply also to any offence or
contravention committed outside India by any person irrespective of his nationality.
(2) For the purposes of sub-section(1), this act shall apply to an offence or contravention
committed outside India by any person if the act or conduct constituting located in India.
Section- 76. Confiscation. - Any computer, computer system, floppies, compact disks, tape
drives or nay other accessories related thereto, in respect of the if which any provision of this
Act, rule, orders or regulations made thereunder has been or is being contravened, shall be liable
to confiscation:
129
Strictly for Internal Circulation‐ KCL
Provided that where it is established to the satisfaction of the court adjudicating the confiscation
that the person in whose possession, power or control of any such computer, computer system,
floppies, compact disks, tape drives or any other accessories relating thereto is found is not
responsible for the contravention of the provisions of this Act, rules, orders or regulations made
there under, the court may, instead of making an order for confiscation of such computer,
computer system, floppies, compact disks, tape drives or any other accessories related thereto,
make such other order authorised by this Act against the person contravening of the provisions of
this Act, rules, orders or regulations made there under as it may think fit.
The Committee will advise the Central Government either generally as regards any rules or for
any rules or for any other purposes as well as the Controller of Certifying Authority (CCA) in
framing the regulations under the Act. The establishment and constitution of this Committee has
an important role to play in the growth of information technology law along the right lines.
Section- 88. Constitution of Advisory Committee. - (1) The Central Government shall, as soon
as may be after the commencement of this Act, constitute a Committee called the Cyber
Regulations Advisory Committee.
(2) The Cyber Regulations Advisory Committee shall consist of a Chairperson and such number
of other official and non-official members representing the interests principal affected or having
special knowledge of the subject-matter as the Central Government may deem fit.
(3) The Cyber Regulations Advisory Committee shall advice- (a) The Central Government either
generally as regards any rules or for any other purpose connected with this Act.
(4) There shall be paid to the non-official members of such Committee such travelling and other
allowances as the Central Government may fix.
130
Strictly for Internal Circulation‐ KCL
131
Strictly for Internal Circulation‐ KCL
IMPORTANT QUESTIONS
UNIT – 5
OFFENCES & PENALTIES UNDER
INFORMATION TECHNOLOGY ACT, 2000
Q.1. What are the Regulatory Authorities under Information Technology Act 2000?
Q.2. Discuss the working of Cyber Regulation Appellate Tribunal and explain its
powers.
Q.6. Briefly explain the role of Certifying Authorities under IT Act 2000?
Q10. Critically analyze the judicial interpretation / intervention for protection and
prevention from cyber offenders.
Q.11. What are online transactions and types of online transactions? What
requirements do your need for transaction security?
132
Strictly for Internal Circulation‐ KCL
The Act has not really catered to issues such as intellectual property rights (IPR), privacy and
data protection and content regulation. The mushrooming of internet companies and availability
of various sites with millions of pages of information and data has opened a new era of
information flow and a pandora box on copyright.
It has neither talked about the infringement of intellectual property rights of other entitles nor
does it speak about the copying of the content provided by ISP or net service provider. The Act
does not talk about the liability of a person but only speaks of the liability of the intermediary for
the third party data and information.
The IT Act also does not apply to negotiable instruments, trusts, testamentary dispositions (in
other words you cannot have a will distributing your assets in an electronic format) and contracts
for conveyance of immovable property.
Its scope is wide enough as it applies to offences or contravention committed outside India and to
any person irrespective of nationality, if the offence involves a computer, computer system or
computer network located in India. This raises several international jurisdictional issues.
Moreover, to implement this clause, ideally India should sign extradition treaties with other
countries to deal with cyber crime
While referring to hacking, the words used are `intent’. Proving intent in a court of law is likely
to be difficult as it is a subjective term. The suggestion that cyber-cafes should be forced to
maintain details about all persons visiting the cafe and the web-sites accessed by them have been
considered unnecessary by critics. There is a section of the act, which allows an officer of the
rank of deputy superintendent of police to search and arrest without a warrant. This section has
caused concern.
The Cyber Appellate Tribunal is a one member body. He has the statutory authority to examine
the correctness, legality or propriety of the decision or order passed by the Controller of
Certifying Authorities or the Adjudicating Officer under the Act. But by looking into the various
provisions under the Chapter X- Cyber Regulations Appellate Tribunal it seems that it would
have been more appropriate and effective if instead of being a one member body, the Tribunal
could have been an “expert body” (Commission) consisting of members having varied
qualifications to appreciate the legal, technical and factual questions involved in the appeals in
the first appellate stage itself.
133
Strictly for Internal Circulation‐ KCL
CONCLUSION
The introduction of the internet has brought the tremendous changes in our lives. People of all
fields are increasingly using the computers to create, transmit and store information in the
electronic form instead of the traditional papers, documents. Information stored in electronic
forms has many advantages, it is cheaper, easier to store, easier to retrieve and for speedier to
connection. Though it has many advantages, it has been misused by many people in order to gain
themselves or for sake or otherwise to harm others. The high and speedier connectivity to the
world from any place has developed many crimes and these increased offences led to the need of
law for protection. Some countries have been rather been vigilant and formed some laws
governing the net. In order to keep in pace with the changing generation, the Indian Parliament
passed the law --- Information Technology Act 2000. The IT Act 2000 has been conceptualized
on the United Nations Commissions on International Trade Law (UNCITRAL) Model Law.
Though legal provisions necessary for facilitating the e-commerce and checking the cyber crimes
have been brought into the Statute Book of the Country for facilitating the e-governance, but
legal mechanism for checking cyber crimes as provided in the I.T. Act has yet not been made
operational. The Cyber Appellate Tribunal has not yet been made operational. Though its new
Office and the Court Room of the Cyber Regulation Appellate Tribunal inaugurated on 27th July,
2009 but only on paper.
Our Justice Delivery System depends heavily on Doctrine of precedent. In criminal trials,
lawyers have to cite the decisions of the higher courts in similar matters in support of their
arguments. But in the absence of decisions relating to cyber related crimes in the country, our
own jurisprudence has yet not been developed and hence, in cases relating to cyber offences, one
has to depend on foreign decisions on similar issues.
Though a number of cases have been registered in different parts of the country such as sending
obscene SMSs to film actresses in Mumbai, sending threatening E-mails by terrorists groups etc.,
FIRs have been lodged and criminal investigations or trial is in progress, but no final decision
has yet been reported in any of such cases.
It has now been realised that there are still gaps in legal provisions relating to e-governance and
cyber crimes. Thus it is a high time that Ministry of Communications and Information
Technology should make serious efforts to bring out necessary amendments in IT Act for
rectifying the shortcomings in I.T. Act or should suggest for a separate legislation, if needed and
serious efforts should be made to make the Cyber Appellate Tribunal operational. Efforts should
also be made to conduct suitable training programmes for investigating officers to provide them
necessary training for investigating the cyber related crimes so that more and more trained
persons may be available for investigating and adjudicating the cyber related crimes.
Through this, I urge the Ministry of Communications and Information Technology, Government
of India for filling the gaps in existing cyber laws and for strengthening the legal machinery for
adjudicating the cyber crimes expeditiously.
134
Strictly for Internal Circulation‐ KCL
SUGGESTED READINGS