Data Theft

Download as pdf or txt
Download as pdf or txt
You are on page 1of 3

Section 43. [Penalty and compensation] for damage to computer, computer system, etc.

--If any
person without permission of the owner or any other person who is in charge of a computer,
computer system or computer network,--

(a) accesses or secures access to such computer, computer system or computer network 3 [or
computer resource];
(b) downloads, copies or extracts any data, computer data base or information from such
computer, computer system or computer network including information or data held or
stored in any removable storage medium;
(c) introduces or causes to be introduced any computer contaminant or computer virus into any
computer, computer system or computer network;
(d) damages or causes to be damaged any computer, computer system or computer network,
data, computer data base or any other programmes residing in such computer, computer
system or computer network;
(e) disrupts or causes disruption of any computer, computer system or computer network;
(f) denies or causes the denial of access to any person authorised to access any computer,
computer system or computer network by any means;
(g) provides any assistance to any person to facilitate access to a computer, computer system or
computer network in contravention of the provisions of this Act, rules or regulations made
thereunder;
(h) charges the services availed of by a person to the account of another person by tampering
with or manipulating any computer, computer system, or computer network;
• destroys, deletes or alters any information residing in a computer resource or
diminishes its value or utility or affects it injuriously by any means;
• steal, conceal, destroys or alters or causes any person to steal, conceal, destroy or
alter any computer source code used for a computer resource with an intention to
cause damage;

he shall be liable to pay damages by way of compensation to the person so affected.

Explanation.--For the purposes of this section,--

(i) "computer contaminant" means any set of computer instructions that are designed--

(a) to modify, destroy, record, transmit data or programme residing within a computer, computer
system or computer network; or

(b) by any means to usurp the normal operation of the computer, computer system, or computer
network;

(ii) "computer data-base" means a representation of information, knowledge, facts, concepts or


instructions in text, image, audio, video that are being prepared or have been prepared in a
formalised manner or have been produced by a computer, computer system or computer network
and are intended for use in a computer, computer system or computer network;

(iii) "computer virus" means any computer instruction, information, data or programme that
destroys, damages, degrades or adversely affects the performance of a computer resource or
attaches itself to another computer resource and operates when a programme, data or instruction is
executed or some other event takes place in that computer resource;

(iv) "damage" means to destroy, alter, delete, add, modify or rearrange any computer resource by
any means.
(v) "computer source code" means the listing of programme, computer commands, design and
layout and programme analysis of computer resource in any form

Section 72. Penalty for Breach of confidentiality and privacy.

Save as otherwise provided in this Act or any other law for the time being in force, if any person who,
in pursuance of any of the powers conferred under this Act, rules or regulations made thereunder,
has secured access to any electronic record, book, register, correspondence, information, document
or other material without the consent of the person concerned discloses such electronic record,
book, register, correspondence, information, document or other material to any other person shall
be liable to penalty which may extend to five lakh rupees.

Section 66B. Punishment for dishonestly receiving stolen computer resource or communication
device.

Whoever dishonestly receive or retains any stolen computer resource or communication device
knowing or having reason to believe the same to be stolen computer resource or communication
device, shall be punished with imprisonment of either description for a term which may extend to
three years or with fine which may extend to rupees one lakh or with both.

BNS
Section 303(1) of BNS clearly states the provisions for Theft as:

Whoever, intending to take dishonestly any movable property out of the possession of any person
without that person’s consent, moves that property in order to such taking, is said to commit theft.

Subsection (2) states that whoever commits theft shall be punished with imprisonment of either
description for a term which may extend to three years, or with fine, or with both and in case of
second or subsequent conviction of any person under this section, he shall be punished with rigorous
imprisonment for a term which shall not be less than one year but which may extend to five years
and with fine.

In cases of theft where the value of the stolen property is less than five thousand rupees it is non
cognizable & Bailable, and if a person is convicted for the first time, shall upon return of the value of
property or restoration of the stolen property, shall be punished with community service.

Theft of property valued at more than Rs 5,000 is generally considered a cognizable and non-bailable
offence, meaning bail cannot be granted automatically and requires court intervention.

Section 314. Whoever dishonestly misappropriates or converts to his own use any movable property,
shall be punished with imprisonment of either description for a term which shall not be less than six
months but which may extend to two years and with fine.

Explanation 1.—A dishonest misappropriation for a time only is a misappropriation within the
meaning of this section.

Explanation 2.—A person who finds property not in the possession of any other person, and takes
such property for the purpose of protecting it for, or of restoring it to, the owner, does not take or
misappropriate it dishonestly, and is not guilty of an offence; but he is guilty of the offence above
defined, if he appropriates it to his own use, when he knows or has the means of discovering the
owner, or before he has used reasonable means to discover and give notice to the owner and has
kept the property a reasonable time to enable the owner to claim it.

It is not necessary that the finder should know who is the owner of the property, or that any
particular person is the owner of it; it is sufficient if, at the time of appropriating it, he does not
believe it to be his own property, or in good faith believe that the real owner cannot be found.

Under the Bharatiya Nyaya Sanhita (BNS), data theft is considered a punishable offense as the
definition of "property" within the law is broadly interpreted to include digital data, meaning
unauthorized access and theft of electronic information can be prosecuted as a crime.

BNSS
Section 173: Information in cognizable cases.

(1) Every information relating to the commission of a cognizable offence, irrespective of the area
where the offence is committed may be given orally or by electronic communication and if given to
an officer in charge of a police station,—

(i) orally, it shall be reduced to writing by him or under his direction, and be read over to the
informant; and every such information, whether given in writing or reduced to writing as aforesaid,
shall be signed by the person giving it;

(ii) by electronic communication, it shall be taken on record by him on being signed within three days
by the person giving it,

and the substance thereof shall be entered in a book to be kept by such officer in such form as the
State Government may prescribe in this behalf.

DATA THEFT INVESTIGATION:


In India, data theft is primarily investigated by the Indian Computer Emergency Response Team
(CERT-In), which operates under the Ministry of Electronics and Information Technology (MeitY) and
is responsible for handling cyber security incidents, including data breaches, across the country;
complaints can be filed through the National Cyber Crime Reporting Portal managed by law
enforcement agencies.

You might also like