Module VI
Module VI
This section explores the legal framework governing cybercrime and digital evidence in
India, along with the complexities of jurisdiction and international cooperation.
India has specific legislation to address cybercrime and the admissibility of digital evidence.
The primary laws include:
The Information Technology Act, 2000 (IT Act, 2000) and its amendments (most
notably the Information Technology (Amendment) Act, 2008): This is the
principal legislation dealing with cyber offenses, penalties, and procedures. Key
aspects relevant to cyber forensics include:
o Section 43: Penalties for damage to computer, computer system, etc. This can
be relevant when analyzing attacks that cause data loss or system disruption.
o Section 65: Tampering with computer source documents. Crucial in
identifying evidence manipulation.
o Section 66: Computer hacking. The foundation for prosecuting unauthorized
access.
o Section 66B: Punishment for dishonestly receiving stolen computer resource
or communication device.
o Section 66C: Punishment for identity theft. Relevant in cases involving
phishing and impersonation.
o Section 66D: Punishment for cheating by personation by using computer
resource.
o Section 66E: Punishment for violation of privacy. Important when handling
personal data during investigations.
o Section 66F: Punishment for cyber terrorism. Addresses attacks aimed at
national security.
o Section 67: Punishment for publishing or transmitting obscene material in
electronic form.
o Section 67A: Punishment for publishing or transmitting of material containing
sexually explicit act, etc. in electronic form.
o Section 67B: Punishment for publishing or transmitting of material depicting
children in indecent or sexually explicit act, etc. in electronic form.
o Section 70: Protected systems. Deals with unauthorized access to critical
infrastructure.
o Section 79: Exemption from liability of intermediary in certain cases.
Important for understanding the responsibilities of service providers.
o Chapter XI (Offences) and Chapter XII (Adjudication and Penalties):
Detail various cyber offenses and their corresponding punishments.
The Indian Evidence Act, 1872 (as amended by the IT Act, 2000): This act
governs the admissibility of evidence in Indian courts. The amendments introduced
provisions for the admissibility of electronic records as evidence.
o Section 65A: Special provisions as to evidence relating to electronic record.
o Section 65B: Admissibility of electronic records. This section lays down the
crucial conditions for the admissibility of digital evidence, including the
requirement of a certificate authenticating the electronic record.
Understanding the nuances of Section 65B is paramount for cyber forensic
investigators to ensure their findings are legally sound.
The Indian Penal Code, 1860 (IPC): While not specifically focused on cybercrime,
several sections of the IPC can be applied to offenses involving computers and
networks, such as:
o Section 378 (Theft): Can be applied to the unauthorized copying of data.
o Section 403 (Dishonest misappropriation of property): Relevant in cases of
data theft and misuse.
o Section 406 (Criminal breach of trust): Applicable in cases where entrusted
digital assets are misused.
o Section 415 (Cheating): Can be used in online fraud and phishing cases.
o Section 420 (Cheating and dishonestly inducing delivery of property):
Relevant in more serious online financial frauds.
o Section 463 (Forgery) and related sections: Applicable to the creation and
use of fake digital documents.
o Section 499 (Defamation): Relevant in cases of online defamation.
Other relevant laws: Depending on the specific nature of the cybercrime, other laws
might also be applicable, such as the Copyright Act, 1957 (for software piracy), the
Patents Act, 1970 (for patent infringement involving technology), and specific
regulations issued by bodies like the Reserve Bank of India (RBI) for financial cyber
fraud.
Jurisdictional Issues: Determining which court has the authority to try a cybercrime
can be difficult. The IT Act, 2000 addresses this to some extent by specifying that an
offense committed outside India involving a computer, computer system, or computer
network located in India is also punishable under the Act. However, practical
challenges remain in enforcing these laws when offenders and evidence are located in
different countries. Factors considered in determining jurisdiction can include:
o Location of the Offender: Where the perpetrator committed the act.
o Location of the Victim: Where the harm or loss occurred.
o Location of the Servers or Infrastructure: Where the computer systems
involved are located.
International Cooperation: Effective investigation and prosecution of transnational
cybercrime require robust international cooperation. This involves:
o Mutual Legal Assistance Treaties (MLATs): These treaties facilitate the
exchange of information and evidence between countries for criminal
investigations and prosecutions. India has MLATs with several countries.
o International Conventions: The Council of Europe's Convention on
Cybercrime (Budapest Convention) is a key international framework for
harmonizing cybercrime laws and procedures, and promoting international
cooperation. While India is not a signatory to this convention, it often
collaborates with countries that are.
o Interpol and other international law enforcement agencies: These
organizations play a crucial role in coordinating investigations and sharing
intelligence across borders.
o Informal Cooperation: Law enforcement agencies from different countries
often engage in informal cooperation for information sharing and assistance in
cybercrime investigations.
2. Ethical Guidelines
This section delves into the ethical principles and professional codes that guide cyber forensic
investigators in their work.
Several organizations and professional bodies have established codes of conduct for
individuals involved in cyber forensics. These codes aim to ensure integrity, competence, and
ethical behavior. Examples include:
Understanding and adhering to these legal and ethical considerations is paramount for cyber
forensic professionals in India to ensure that their investigations are legally sound, their
findings are credible, and they uphold the principles of justice and fairness in the digital
realm.