Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rohas Nagpal Asian School of Cyber Laws.  Information Technology Act, 2000 came into force in October 2000  Amended on 27 th October 2009  Indian Penal.

Similar presentations


Presentation on theme: "Rohas Nagpal Asian School of Cyber Laws.  Information Technology Act, 2000 came into force in October 2000  Amended on 27 th October 2009  Indian Penal."— Presentation transcript:

1 Rohas Nagpal Asian School of Cyber Laws

2  Information Technology Act, 2000 came into force in October 2000  Amended on 27 th October 2009  Indian Penal Code  Evidence Act

3  Voyeurism is now specifically covered.  Acts like hiding cameras in changing rooms, hotel rooms etc is punishable with jail upto 3 years.  This would apply to cases like the infamous Pune spycam incident where a 58-year old man was arrested for installing spy cameras in his house to ‘snoop’ on his young lady tenants.

4  Publishing sexually explicit acts in the electronic form is punishable with jail upto 3 years.  This would apply to cases like the Delhi MMS scandal where a video of a young couple having sex was spread through cell phones around the country.

5  Collecting, browsing, downloading etc of child pornography is punishable with jail upto 5 years for the first conviction.  For a subsequent conviction, the jail term can extend to 7 years. A fine of upto Rs 10 lakh can also be levied.

6  The punishment for spreading obscene material by email, websites, sms has been reduced from 5 years jail to 3 years jail.  This covers acts like sending ‘dirty’ jokes and pictures by email or sms.  Bangalore student sms case

7  Compensation is not restricted to Rs 1 crore anymore on cyber crimes like: accessing or securing access to a computer downloading, copying or extracting data computer contaminant or virus damaging computer disrupting computer

8  Compensation is not restricted to Rs 1 crore anymore on cyber crimes like: providing assistance to facilitate illegal access computer fraud destroying, deleting or altering or diminishing value or utility or affecting injuriously stealing, concealing, destroying or altering computer source code

9  The Adjudicating Officers will have jurisdiction for cases where the claim is upto Rs. 5 crore.  Above that the case will need to be filed before the civil courts.

10  A special liability has been imposed on call centers, BPOs, banks and others who hold or handle sensitive personal data.  If they are negligent in “implementing and maintaining reasonable security practices and procedures”, they will be liable to pay compensation.

11  It may be recalled that India’s first major BPO related scam was the multi crore MphasiS-Citibank funds siphoning case in 2005.  Under the new law, in such cases, the BPOs and call centers could also be made liable if they have not implemented proper security measures.

12  Refusing to hand over passwords to an authorized official could land a person in prison for upto 7 years.  The offence of cyber terrorism has been specially included in the law. A cyber terrorist can be punished with life imprisonment.

13  Sending threatening emails and sms are punishable with jail upto 3 years.  Hacking into a Government computer or website, or even trying to do so in punishable with imprisonment upto 10 years.

14  Cyber crime cases can now be investigated by Inspector rank police officers.  Earlier such offences could not be investigated by an officer below the rank of a deputy superintendent of police.

15  The Information Technology Act, 2000 took a "technology dependent" approach to the issue of electronic authentication.  This was done by specifying digital signatures as the means of authentication.

16  The defect in this approach is that the law is bound by a specific technology, which in due course of time may be proven weak.  The advantage of using a technology neutral approach is that if one technology is proven weak, others can be used without any legal complexities arising out of the issue.

17  An example of this is the MD5 hash algorithm that at one time was considered suitable.  MD5 was prescribed as suitable by Rule 6 of the Information Technology (Certifying Authorities) Rules, 2000.

18  MD5 was subsequently proven weak by mathematicians.  In fact, Asian School of Cyber Laws had filed a public interest litigation in the Bombay High Court on the same issue.

19  Subsequently, the Information Technology (Certifying Authorities) Amendment Rules, 2009 amended the Rule 6 mentioned above.  MD5 was replaced by SHA-2.

20  The Information Technology (Amendment) Act, 2008 amends the technology dependent approach.  It introduces the concept of electronic signatures in addition to digital signatures.

21  Digital signatures are one type of technology coming under the wider term “electronic signatures”.

22  1. based on the knowledge of the user or the recipient e.g. passwords, personal identification numbers (PINs)  2. those based on the physical features of the user (e.g. biometrics)  3. those based on the possession of an object by the user (e.g. codes or other information stored on a magnetic card).

23  Digital signatures within a public key infrastructure (PKI)  biometric devices

24  PINs  user-defined or assigned passwords,  scanned handwritten signatures,  signature by means of a digital pen,  clickable “OK” or “I accept” boxes.

25  Hybrid solution like combined use of passwords and secure sockets layer (SSL)  It is a technology using a mix of public and symmetric key encryptions.

26

27  Fraudulently or dishonestly using someone else’s electronic signature, password or any other unique identification feature  3 years jail and fine upto Rs 1 lakh.  New provision

28  Section 65  Conceal / destroy / alter source code  3 years jail and / or fine upto Rs 2 lakh  Unchanged provision

29  Section 66  3 years jail and / or fine upto 5 lakh  New provision  Replaces ‘hacking’

30  dishonestly or fraudulently: accessing or securing access to a computer downloading, copying or extracting data computer contaminant or virus damaging computer disrupting computer denial of access

31  dishonestly or fraudulently: providing assistance to facilitate illegal access computer fraud destroying, deleting or altering or diminishing value or utility or affecting injuriously stealing, concealing, destroying or altering computer source code

32  Section 66A  3 years jail and fine  New provision

33  Covers following sent by sms / email: grossly offensive menacing false information sent for causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will phishing, email spoofing

34  Email spoofing  SMS spoofing  Phishing

35

36

37 Asian School of Cyber Laws


Download ppt "Rohas Nagpal Asian School of Cyber Laws.  Information Technology Act, 2000 came into force in October 2000  Amended on 27 th October 2009  Indian Penal."

Similar presentations


Ads by Google