Upload
aditi-bhattacharya
View
239
Download
1
Embed Size (px)
Citation preview
8/3/2019 Information Technology Act 2000 and Amendments
1/25
INFORMATION TECHNOLOGY ACT
8/3/2019 Information Technology Act 2000 and Amendments
2/25
Information Technology Act To give legal recognition to Digital signatures
To facilitate electronic filing, electronic storage of data,electronic fund transfers
To give legal recognition for keeping of books ofaccounts by bankers
8/3/2019 Information Technology Act 2000 and Amendments
3/25
S
ectionsSECTION 2: Definitions
Data
Information
Digital signature
Key pair
Computer Network
Secure system
8/3/2019 Information Technology Act 2000 and Amendments
4/25
S
ections
SECTION 3:Authentication of electronic records
Digital Signature
A digital signature or digital signature scheme is a mathematical
scheme for demonstrating the authenticity of a digital message ordocument.
8/3/2019 Information Technology Act 2000 and Amendments
5/25
S
ectionsElectronicSignature
IT Act Amendment 2008 introduces the term Electronic Signature.
Now digital signature has been made a subset of electronic signature
It indicates that a person adopts the contents of an electronic message
8/3/2019 Information Technology Act 2000 and Amendments
6/25
S
ections & CaseletsSection 7: Retention of electronic records
Section 21: License to issue DigitalS
ignature Certificates
Certifying Authorities:
1) Safescrypt 2) NIC 3) IDRBT 4) TCS5) MtnlTrustline 6) GNFC 7) e-MudhraCA
Section 43: Penalty and Compensation for damage to computer, computersystem, etc (Amended vide ITAA-2008)
Section 43A: Compensation for failure to protect data (Inserted vide ITAA-2008)
8/3/2019 Information Technology Act 2000 and Amendments
7/25
SECTIONS 65, 66, 67, 71 : Offences
Section No. Offence Penalty
65 Tampering with computersource documents
Imprisonment:- up to three yearsFine: up to two lakh rupees
or both
66 Hacking with Computer
System
Imprisonment:- up to three years
Fine: up to two lakh rupees
or both
66 A Punishment for sending
offensive messages through
communication service, etc.
Imprisonment:- up to three years with a fine
66B Punishment for dishonestly
receiving stolen computer resource
or communication device
Imprisonment:- up to three years
Fine: up to one lakh rupees
or both
66C Punishment for identity theft Imprisonment:- up to three years
Fine: up to one lakh rupees
or both
66D Punishment for cheating by
personation by using computer
resource
Imprisonment up to three years, or with fine
which may extend up to two lakh rupees, or with
both
66E Punishment for violation of privacy. Imprisonment which may extend to three years
or with fine not exceeding two lakh rupees, orwith both
8/3/2019 Information Technology Act 2000 and Amendments
8/25
Section No. Offence Penalty
66F Punishment for cyber terrorism Imprisonment:- may extend to life imprisonment
67 Publishing of information which isobscene in electronic form
First Conviction:Imprisonment:- up to three years
Fine: up to five lakh rupees
Second Conviction:
Imprisonment:- up to five years
Fine: up to ten lakh rupees
67A Punishment for publishing or
transmitting of material containing
sexually explicit act, etc., in
electronic form.
First Conviction:
Imprisonment:- up to five years
Fine: up to ten lakh rupees
Second Conviction:
Imprisonment:- up to seven years
Fine: up to ten lakh rupees
67B Punishment for publishing or
transmitting of material depictingchildren in sexually explicit act, etc.,
in electronic form.
First Conviction:
Imprisonment:- up to five yearsFine: up to ten lakh rupees
Second Conviction:
Imprisonment:- up to seven years
Fine: up to ten lakh rupees
71 Penalty for misrepresentation Imprisonment:- up to two years
Fine: up to one lakh rupees
or both
8/3/2019 Information Technology Act 2000 and Amendments
9/25
NASS
CO
M Premier Trade Body of IT Software & Services
950 members globally in the field of IT & Softwareservices
Set up to facilitate trade in software and encourageadvancement in research
Primary Objective - Act as a catalyst for the growth ITindustry in India
Partnering Govt of India as an advisor, consultant informulating IT policies
8/3/2019 Information Technology Act 2000 and Amendments
10/25
Role of NASSCOM
Aimed to strengthen data protection regime
Data protection policies in outsourcing industry
Defining personal data Specific provisions for critical information protection
Clauses to ensure new types of cyber crimes arepunishable
Recognition of more general electronic signatures
Formation of Contracts electronically
8/3/2019 Information Technology Act 2000 and Amendments
11/25
Email Fraud (African Agents)
Emails sent to people (Dr. C Thomas) to claimunclaimed money left behind by a Nigerian businessman
Advertised that the money was kept aside for charitable
hospital and was lying unclaimed in a bank On response, processing fees of 30 lakhs
was prompted
Five years of rigourous imprisonment
underSection 66D of IT Act 2008
8/3/2019 Information Technology Act 2000 and Amendments
12/25
ICICI Bank Phishing Case Customers received emails asking for their bank account
details.
Email takes them to website which had same look and feel.
Funds transferred by the scammers.
Customers informed the bank and lodged a complaintagainst the bank
Bank was found guilty underSection 85(Offences bycompanies) under IT Act 2000
Liable underSection 46(Power to Adjudicate) of the Act tocompensate the victim under IT Act 2000
8/3/2019 Information Technology Act 2000 and Amendments
13/25
Citibank Mphasis CC Case
Fraud done by employees of call center at Mphasis BFL,Pune.
Targeted US customers who called into Mphasis call
centers. Obtained their account information and transferred funds
from their account
Police recovered Rs 1 million.
Found guilty under
Section 67 of the IT Act, 2000
IPC sections 420, 465, 467 and 671
8/3/2019 Information Technology Act 2000 and Amendments
14/25
Baazee.com
Case involved posting of an obscene video for auction
Influential Baazee.com conspired to change the lawsthrough the amendments of IT Act 2000
Parliamentary Committee pointed out manyinadequacies of the proposal
However, charge underSec 292 of the
was under dispute
Violated Sec 67 & 85 of the IT Act 2000
Sec 292 & 294 of the IPC
8/3/2019 Information Technology Act 2000 and Amendments
15/25
NapsterScenario
Napster services are illegal.
Illegal downloads were thought to cause a decline insales.
RIAA (Recording Industry Association of America) filedsuit for copyright violation
Injunction was issued on March 5, 2001 ordering Napsterto prevent the trading of copyrighted music
Napster agreed to pay music creators and
copyright owners a $26 million settlement for past
8/3/2019 Information Technology Act 2000 and Amendments
16/25
Hypothetical Case Study
Background of the case:
Story revolves around Raja
Hypothetical situations involving
cyber crimes
Part I: College Life crimes
Part II: Work Life crimes
8/3/2019 Information Technology Act 2000 and Amendments
17/25
Hypothetical Case Study
Offenses Covered:
Music &S
oftware Piracy S
ections 43 & 66, IT Act Email Account Hacking Sections 43 & 66, IT Act
Virus & Trojan Attacks Sections 43 & 66, IT Act
Social Networking Fake Profile Accounts Section 67, ITAct
Source Code Thefts Sections 43, 65 & 66, IT Act
Theft of Confidential Information Sections 43 & 66, IT Act
Cyber Pornography Section 67, IT Act
8/3/2019 Information Technology Act 2000 and Amendments
18/25
Advantages
Online filling, creating and retention of official documentsis legally accepted
Digital Signature & Digital Records can be used as legalproof in court
8/3/2019 Information Technology Act 2000 and Amendments
19/25
Loopholes
Issues relating to confidentiality
Lenient view on most cyber crimes
Absence of issues pertaining to spam and electronicdiscovery
Issues pertaining to jurisdiction
Reduction in quantum of punishment
Changes in Investigation procedure
Complicated issues of encryption
8/3/2019 Information Technology Act 2000 and Amendments
20/25
Recommendations
Educating the common man using mass media
Investigation, prosecution of cyber criminals requiresefficient international cooperation regime and procedures
8/3/2019 Information Technology Act 2000 and Amendments
21/25
Global Scenario
China - Regulations on Internet email Services
Australia - Spam Act 2003
USA - Cybersecurity Act of 2009 UK - Privacy and Electronic
Communications Regulations 2003
South Korea - Act on Promotion of
Information and Communication and CommunicationsNetwork Utilization and Information Protection of 2001
Brazil PL 84/99 (Proposed Law)
8/3/2019 Information Technology Act 2000 and Amendments
22/25
Effect of IT Act on otherSectors
Banking Sector
E-commerceS
ector
Industrial/ Manufacturing Sector
Telecom Sector
8/3/2019 Information Technology Act 2000 and Amendments
23/25
Awareness Analysis
Downloading songs fromInternet is a cyber crime?
When hacked, did you try totrace the hacker?
Well protected against cybercrimes?
Aware of provisionsof IT Act?
8/3/2019 Information Technology Act 2000 and Amendments
24/25
Steps we should take
Look for spam and emails with viruses and trojans
Regular virus scans, trojan scans
Avoid publishing personal details online Check for secured (HTTPS) connections for socialnetworking sites
Take regular backup of data
Finally, If you are affected by a cyber crime
Approach the Cyber Crime Investigation Cell
8/3/2019 Information Technology Act 2000 and Amendments
25/25