BY GROUP 5

1.LEGAL PERSPECTIVE OF
CYBERCRIME
2.IT ACT 2000 AND ITS
AMENDMENTS
 ABSTRACT
Modernisation in India translated into the use of information
technology and over 560 million people are connected to the
internet increasing the rate of hacking, identity theft, phishing,
cyberstalking, cyber fraud, and cyber pornography cases. The
primary legislation to fight these crimes is the Information
Technology Act of 2000 of India (IT Act), supported by the Indian
Penal Code and other laws such as the Companies Act, 2013, and
National Cyber Security Policy, 2013. Section 66 deals with
hacking, Section 67 deals with obscenity, Section 69 deals with
interception of computer data, and Section 43A in relation to data
privacy all these provisions are meant to govern and penalize
cyber-related incidences. However, there are within the mentioned
legal framework certain obstacles that hinder cybersecurity
enforcement effectively; these are concerns of jurisdiction, legal
awareness, lack of enough technical personnel among law
enforcement agencies, and the dynamic nature of cyber threats.
INTRODUCTION
India being one of the emerging economies in the digital
world has experienced a giant leap in the growth of its
Internet-using population. This has impacted drastically the
way people communicate, conduct businesses, and in the
overall governance systems. Nevertheless, as societies
progress and exploit these devices possible threats have
risen as well, among which includes cyber security.
Terrorism as the mere use of computer technologies to
perpetrate unlawful activities against persons, firms, or
establishments in India has pervaded. From hacking attacks
on critical organisations to small-scale frauds like fake
identity theft these crimes target heterogenic systems and
quite often have a cross-border nature, making jurisdiction a
difficult issue for police to handle. Information technologies
are dynamic in nature and this puts constant pressure on the
legal and regulatory structures to be able to respond to
these threats effectively.
 LEGAL FRAMEWORK IN INDIA
India’s system of addressing digital crime is grounded in the Information Technology Act, of 2000 which
has been amended to keep pace with technological developments. Major vittles of the IT Act are:

1). Section 66: Penal provision for hacking and data theft. It prescribes jail terms and nes for illegally
accessing computer resources.

2). Section 67: Discipline for publishing or transmitting stag material in electronic form. This attracts
imprisonment and penalty fees imposed on offenders.

3). Section 69: Government powers of interception, monitoring and decryption information, etc., if security
purposes require it. This provides the legal basis for surveillance in the interest of national security.

4). Section 43A: Compensation for failure to protect personal data. Organisations can be held liable to
compensate individuals if they do not adopt reasonable security practices.

fi
Apart from the IT Act, there are other laws that also deal with cybercrime.

1). Indian Penal Code (IPC): Several sections related to IPC are used along with IT Act to
prosecute cybercrimes. For example, sections about cheating, fraud, and criminal
intimidation are often invoked during cyber-crime investigations.

2). Companies Act, 2013: This act includes provisions related to cybersecurity within the
corporate governance framework which is integrated into the Companies Act Compliance
Checklist.

3). National Cyber Security Policy, 2013: A policy framework whose goals are to protect
public and private infrastructure from cyber threats and build a safe cyber ecosystem.
PREVENTIVE MEASURES AND BEST PRACTICES

It is necessary to have the combination of public awareness, systems with stronger infrastructure, and political measures and attitudes
important to cause cybercrimes to be ineffective. The major preventive measures and best practices are as follows:

1. The exercise of the Public Awareness Campaigns: Protection of people from online fraud, best practices on safe online activities,
and the rights they have under the law. Public awareness programs can help individuals and businesses acknowledge and treat the
vulnerabilities they may face.
2. Reinforcing Cyber Infrastructure: Improving the safety of critical digital systems, such as the networks of the government & non-
banking nancial institutions, and telecommunications. Frequent security assessments and vulnerability tests are a must.
3. Cooperation and Data Exchange: Uniting government agencies with the private sector and international bodies to work together.
The knowledge sharing of the threat landscape and the best practices involved can contribute to the fast detection and mitigation of
threats of cybercrime avoiding suspicious links and attachments.
4. Regular Updates to Legislation: Always updating the law to meet the new or advanced cyber threats. In the last few years, cyber
threats have become more and more rapid, thus, legislative frameworks are more and more robust and adaptive to the constantly
changing cyber landscape.
5. Capacity Building for Law Enforcement: The main area of investment in the police force which includes skills and tools for
cybercrime prosecution.
6. Cyber Hygiene Practices: The foremost endeavour to drive common practices including the usage of strong passwords, regular
software updates, and avoidance of dubious links and attachments.
fi
RECENT DEVELOPMENTS AND CASE STUDIES

To bring out the variations and nuances of cybercrime in India, the following case studies bring into focus some of the major
incidents and the corresponding legal measures:

Case Study 1: The 2018 Aadhaar Data Breach

In 2018, the Aadhaar data breach in India was committed, resulting in the leakage of millions of people’s personal information.
Such a breach was the rst major aw in the protection of digital data and also a possible threat to privacy and security. The case
took a legal turn, based on the data protection concept, and made it compulsory to implement more stringent data protection
statutes. The past year not only witnessed the necessity of augmenting the security means but also prompted the legislation that
strictly ruled data protection.

Case Study 2: The 2020 Twitter Hack

During the year 2020, an organised cyber assault was perpetrated on Twitter that had celebrities, politicians, and business leaders
among its victims. The account holders that were targeted by the hackers were used to launch a cryptocurrency scam, and as a
result, the responsible individuals were able to achieve large nancial gains regardless of the damage that was in icted upon their
social standing. This international situation has presented the ow and burden of cybercrimes in every direction, hence the
immediate requirement for international cooperation and stringent cybersecurity measures has been con rmed.
fi
fl
fi
fl
fi
fl
What Is the Information Technology Act 2000?

A legal framework proposed by the Indian Parliament, the

Informational Technology Act of 2000, is the primary legislation in
India dealing with cybercrime and electronic commerce. It was
formulated to ensure the lawful conduct of digital transactions and
the reduction of cyber crimes, on the basis of the Model Law on
Electronic Commerce adopted by the United Nations Commission on
International Trade Law. This legal framework, also known as IT Act
2000, comes with 94 sections, divided into 13 chapters and 4
schedules.
When IT Act 2000 Came Into Effect?

The bill of this law was passed in the Budget by a group of

Parliament members, headed by the then Minister of Information
Technology and signed by the President on 9 May 2000. It nally
came into effect on 17 October 2000, imposing restrictions on all
individuals regardless of their nationality and geographic location.
fi
Importance of IT Act 2000
1). The Act provides legal recognition to electronic records, resulting in the growth of e-commerce and digital transactions in
India.

2). It has established electronic signatures as the legal equivalent of physical signatures.

3). The formulation of this act has come up with the establishment of the Controller of Certifying Authorities (CCA), a
government body that is responsible for issuing and maintaining the security of digital signatures as well as certi cates.

4). The Act has made it mandatory for companies to obtain consent from consumers when it comes to collecting or using their
personal information.

5). With the Act becoming effective, individuals have the right to seek compensation in case of damage or misuse of their
personal data by an unauthorised party.

6). Through the Act, the Government of India can criminalise cybercrime, hacking and spreading of computer viruses.

7). The Information Technology Act 2000 also authorised the establishment of the Appellate Tribunal, a specialised of cial
body to enforce the Act.

fi
fi
Objectives of the Information Technology Act 2000

1). Promote ef cient delivery of government services electronically or facilitate digital transactions
between rms and regular individuals.

2). Impose penalties upon cybercrimes like data theft, hacking, identity theft, cyberstalking and so
on, in order to create a secure cyber landscape.

3). Formulate rules and regulations that monitor the cyber activity and electronic mediums of
communication and commerce.

4). Promote the expansion and foster innovation and entrepreneurship in the Indian IT/ITES sector.
fi
fi
Features of the Information Technology Act 2000
1). The provisions of this Act are implemented by the Central Government to regulate electronic commerce
and penalise cybercrime.

2). The Act states the roles and responsibilities of intermediaries as well as conditions under which their
liability can be exempted.

3). The Information Technology Act is associated with CERT-In (Indian Computer Emergency Response Team),
a nodal agency that is responsible for cybersecurity and cyber incident response.

4). The Act provides validity to electronic records and signatures in business.

5). It facilitates to manage records electronically in government of ces.

6). The provisions of this Act provides for securing personal and sensitive information.

7). It recognises and establishes the legality of digital signatures.

fi
IT Act 2000 and Its Amendments
As technology evolved over time, the Indian Parliament recognised the need to revise the Act in order to align it
with societal needs, resulting in its amendment. Two signi cant amendments made to the IT Act 2000 are as
follows:
1. Amendment of 2008
The 2008 amendment came up with modi cations to Section 66A of the IT Act, 2000. This section outlined penalties for
sharing offensive messages electronically. However, this was omitted by the Jan Vishwas (Amendment of Provisions)
Act, 2023. Other signi cant changes made to the Act by the 2008 amendment was the introduction of electronic signature
to authenticate electronic records. It provided that contracts formed through electronic means are valid.

The amendment also provided that if any company handles sensitive personal data or information in a negligent way
which causes wrongful loss to any person, such company should pay damages to the affected person. It provides
punishments for disclosure of information of contract terms in a breach of lawful contract.

2. Amendment Bill 2015

In 2015, another bill was initiated to amend Section 66A with the aim of safeguarding the fundamental rights guaranteed
to citizens by the country's Constitution. This was later accomplished by declaring it as violative of Article 19 of the
Constitution and omitting Section 66A from the Act.
fi
fi
fi
Advantages and Disadvantages of IT Act 2000
While the IT Act of 2000 offers numerous bene ts, it also carries certain disadvantages. Let us begin by exploring its
advantages.

1). Before the Act was enacted, emails, messages and such other means of communication were not legally
recognised and thus not admissible as evidence in court. However, with the introduction of the IT Act of
2000, electronic communications gained legal recognition.
2). By leveraging the legal infrastructure provided by this Act, companies can engage in e-commerce or e-
business.
3). With the legalisation of digital signatures, it has become easier to carry out transactions online or verify
the identity of an individual on the internet.
4). Corporations get statutory remedies in the event of unauthorised access or hacking into their computer
systems or networks.
5). Individuals get monetary assistance or compensation as a remedy for damages of any kind incurred in
computer systems.
6). The Act identi es and penalises various cybercrimes such as hacking, spamming, identity theft, phishing,
and so on, which were previously not addressed in any legislation.
7). he Act permits companies to serve as certifying authorities and issue digital certi cates.
8). It empowers the Indian Government to issue notices on the internet through e-governance.
fi
fi
fi
Let us now walk through a list of disadvantages that came forth after the enactment of the
Information Technology Act 2000:

1). The Information Technology Act of 2000 fails to address the issues involving domain names,
and the rights, and liabilities of domain owners.

2). Despite the prevalence of copyright and patent issues in India, the Act still does not protect
Intellectual Property Rights when it comes to computer programs and networks.

3). Various kinds of cybercrimes such as cyberstalking, cyber fraud, chat room abuse, theft of
internet hours, and many more are not covered by this Act.

4). The IT Act has also failed to address critical issues such as privacy and content regulation.
THANK YOU