Cyber Laws

 The United Nations General Assembly have adopted the Model Law on Electronic
Commerce on 30th January 1997 known as United Nations Commission on
International Trade Law (UNCITRAL) on E-Commerce
 Enacted on 17th May 2000 – India is 12th nation in the world to adopt cyber laws
 India passed the Information Technology Act, 2000 on 17th October 2000
 Amended on 27th October 2009
 Amended Act is know as – The Information Technology (amendment) Act, 2008
 Objectives of IT Act
 To provide legal recognition for transactions:
• Carried out by means of electronic data interchange, and
• Other means of electronic communication, commonly referred to
as “electronic commerce”, involving the use of alternatives to
paper-based methods of communication and storage of
information
 To facilitate electronic filing of documents with the Government
agencies
 To amend the Indian Penal Code, the Indian Evidence Act, 1872, the
Bankers' Book Evidence Act, 1891 and the Reserve Bank of India
Act, 1934
 Salient features of information technology act
• The Act gives legal recognition of Electronic Documents.
• The Act gives legal recognition of Digital Signatures.
• It describes and elaborates Offenses, penalties and Contraventions.
• It gives outline of the Justice Dispensation Systems for cyber crimes.
• The Act also provides for the constitution of the Cyber Regulations Advisory Committee, which shall
advice the government as regards any rules, or for any other purpose connected with the said act.
• The said Act also proposed to amend to; The Indian Penal Code, 1860, The Indian Evidence Act, 1872,
The Bankers' Books Evidence Act, 1891, The Reserve Bank of India Act, 1934 etc.
 IT Act is not applicable to
• A negotiable instrument (other than a cheque) as defined section13 of the Negotiable Instruments
Act, 1881;
• A power-of-attorney as defined in section 1A of the Powers-of-Attorney Act, 1882;
• A trust as defined in section 3 of the Indian Trusts Act, 1882;
• A will as defined in clause (h) of section 2 of the India Succession Act, 1925 including any other
testamentary disposition
• Any contract for the sale or conveyance of immovable property or any interest in such property
• Any such class of documents or transactions as may be notified by the Central Government
Terms under IT Act
 Adjudicating Officer
 Digital Signature
 Affixing digital signature
 Appropriate
Government
 Certifying Authority
 Cyber Appellate Tribunal
 Electronic Form
 Secure System
 Electronic Gazettee
Highlights of the Amendment Act, 2008
• It focuses on privacy issues.
• It focuses on Information Security.
• It came with surveillance on Cyber
Cases.
• The Concept of Digital Signature was
elaborated.
• It clarified reasonable security practices
for corporate.
• Role of Intermediaries were focused.
• It came with the Indian Computer
Emergency Response Team.
• New faces of Cyber Crime were added.
• The Public and Private key pair comprise of two uniquely related cryptographic keys
(basically long random numbers). Below is an example of a Public Key:

3048 0241 00C9 18FA CF8D EB2D EFD5 FD37 89B9 E069 EA97 FC20 5E35 F577 EE31 C4FB C6E4 4811
7D86 BC8F BAFA 362F 922B F01B 2F40 C744 2654 C0DD 2881 D673 CA2B 4003 C266 E2CD CB02 0301
0001

• The Public Key is what its name suggests - Public. It is made available to everyone via a publicly
accessible repository or directory. On the other hand, the Private Key must remain confidential to its
respective owner.

• Because the key pair is mathematically related, whatever is encrypted with a Public Key may only be
decrypted by its corresponding Private Key and vice versa.
 For example, if Bob wants to send sensitive data to Alice, and wants to be sure that only Alice may be
able to read it, he will encrypt the data with Alice's Public Key. Only Alice has access to her
corresponding Private Key and as a result is the only person with the capability of decrypting the
encrypted data back into its original form.
 As only Alice has access to her Private Key, it is possible that only Alice can decrypt the encrypted
data. Even if someone else gains access to the encrypted data, it will remain confidential as they
should not have access to Alice's Private Key.
Digital Signature
 Section Offence Punishment Bailability and Congizability
65 Tampering with Computer Source Code Imprisonment up to 3 years or Offence is Bailable, Cognizable and
fine up to Rs 2 lakhs triable by Court of JMFC.
66 Computer Related Offences Imprisonment up to 3 years or Offence is Bailable, Cognizable and
fine up to Rs 5 lakhs
66-A Sending offensive messages through Imprisonment up to 3 years and Offence is Bailable, Cognizable and
Communication service, etc... fine triable by Court of JMFC
(Struck down by supreme court – Shreya
Singhal vs U.O.I)
66-B Dishonestly receiving stolen computer Imprisonment up to 3 years Offence is Bailable, Cognizable and
resource or communication device and/or fine up to Rs. 1 lakh triable by Court of JMFC
66-C Identity Theft Imprisonment of either Offence is Bailable, Cognizable and
description up to 3 years and/or triable by Court of JMFC
fine up to Rs. 1 lakh
66-D Cheating by Personation by using Imprisonment of either Offence is Bailable, Cognizable and
computer resource description up to 3 years and /or triable by Court of JMFC
fine up to Rs. 1 lakh
66-E Violation of Privacy Imprisonment up to 3 years Offence is Bailable, Cognizable and
and /or fine up to Rs. 2 lakh triable by Court of JMFC
66-F Cyber Terrorism Imprisonment extend to Offence is Non-Bailable,
imprisonment for Life Cognizable and triable by Court of
Sessions
Section Offence
67 Publishing or transmitting
obscene material in electronic
form
67-A Publishing or transmitting of
material containing sexually
explicit act, etc... in electronic
form
67-B Publishing or transmitting of
material depicting children in
sexually explicit act etc., in
electronic form
67-C Intermediary intentionally or
knowingly contravening the
directions about Preservation
and retention of information
68 Failure to comply with the
directions given by Controller
69 Failure to assist the agency
referred to in sub section (3) in
regard interception or
monitoring or decryption of any
information through any
computer resource
Punishment Bailability and Congizability
On first Conviction, imprisonment up to 3 years Offence is Bailable, Cognizable and
and/or fine up to Rs. 5 lakh On Subsequent triable by Court of JMFC
Conviction imprisonment up to 5 years and/or
fine up to Rs. 10 lakh
On first Conviction imprisonment up to 5 years Offence is Non-Bailable, Cognizable
and/or fine up to Rs. 10 lakh On Subsequent and triable by Court of JMFC
Conviction imprisonment up to 7 years and/or
fine up to Rs. 10 lakh
On first Conviction imprisonment of either Offence is Non Bailable, Cognizable
description up to 5 years and/or fine up to Rs. and triable by Court of JMFC
10 lakh On Subsequent Conviction
imprisonment of either description up to 7
years and/or fine up to Rs. 10 lakh
Imprisonment up to 3 years and fine Offence is Bailable, Cognizable.
Imprisonment up to 2 years and/or fine up to Offence is Bailable, Non-Cognizable.
Rs. 1 lakh
Imprisonment up to 7 years and fine Offence is Non-Bailable, Cognizable.
 Section Offence Punishment Bailability and Congizability
69-A Failure of the intermediary to comply with the direction Imprisonment up to 7 years and fine Offence is Non-Bailable, Cognizable.
issued for blocking for public access of any information
through any computer resource
69-B Intermediary who intentionally or knowingly contravenes Imprisonment up to 3 years and fine Offence is Bailable, Cognizable.
the provisions of sub-section (2) in regard monitor and
collect traffic data or information through any computer
resource for cybersecurity
70 Any person who secures access or attempts to secure Imprisonment of either description up Offence is Non-Bailable, Cognizable.
access to the protected system in contravention of to 10 years and fine
provision of Sec. 70
70-B Indian Computer Emergency Response Team to serve as Imprisonment up to 1 year and/or Offence is Bailable, Non-Cognizable
national agency for incident response. Any service provider, fine up to Rs. 1 lakh
intermediaries, data centres, etc., who fails to prove the
information called for or comply with the direction issued
by the ICERT.
71 Misrepresentation to the Controller to the Certifying Imprisonment up to 2 years and/ or Offence is Bailable, Non-Cognizable.
Authority fine up to Rs. 1 lakh.
72 Breach of Confidentiality and privacy Imprisonment up to 2 years and/or Offence is Bailable, Non-Cognizable.
fine up to Rs. 1 lakh.
72-A Disclosure of information in breach of lawful contract Imprisonment up to 3 years and/or Offence is Cognizable, Bailable
fine up to Rs. 5 lakh.
73 Publishing electronic Signature Certificate false in certain Imprisonment up to 2 years and/or Offence is Bailable, Non-Cognizable.
particulars fine up to Rs. 1 lakh
74 Publication for fraudulent purpose Imprisonment up to 2 years and/or Offence is Bailable, Non-Cognizable.
fine up to Rs. 1 lakh