cyberforensics
Download
Report
Transcript cyberforensics
INDIAN CYBERLAWSOME PERSPECTIVES
A
PRESENTATION
BY
PAVAN DUGGAL,
ADVOCATE,
SUPREME COURT OF INDIA
PRESIDENT,CYBERLAWS.NET
HEAD-PAVAN DUGGAL
ASSOCIATES
NEW DELHI-19-5-2006
PUBLIC DOMAIN BUZZ
GOAP E-TENDERING PROJECT
NOT BASED UPON DIGITAL SIGNATURES,
DESPITE BEING LAUNCHED IN 2002
ALLEGATIONS
AGAINST
THE
BACKEND
SERVICE PROVIDER, WHO HAD ACCESS TO
ALL BIDDING CONFIDENTIAL INFORMATION
NEW CASES
GOVERNMENT OF RAJASTHAN- TENDER FOR
CUSTOMIZED SOFTWARE
CAUGHT IN A LEGAL BATTLE BETWEEN
VENDORS IN THE DELHI HIGH COURT
NEW CASES( contd)
ASHOKINTEGRIX IP ADDRESS CASE- INDIA’S
FIRST JOHN DOE CASE IN INFORMATION
TECHNOLOGY LITIGATION
BIRTH OF A NEW KIND OF LIABILITY NOT
YET PERCEIVED
NEW CASES
ARIF
AZIM
CASE-
INDIA’S
FIRST
CYBERCRIME CONVICTION
BREACH OF DATA SECURITY
INTERNAL SOURCES- THE BIGGEST RISK FOR
ANY LEGAL ENTITY USING COMPUTERS
BEGINNING OF LIABLITY
S.CHANDER CASE- INDIA’S FIRST LEGAL
PRECEDENT FOR EXPOSURE TO LIABILITY
FOREMOST BANK MADE LIABLE FOR MISUSE
ON
THE
EMPLOYEE
NETWORK
BY
AN
ERRANT
CELEBRATED CASES
BAAZEE.COM CASE
KARAN BAHREE CASE
MPHASIS CASE
CYBER LAW IN INDIA
In India the Information Technology Act,
2000 is the legislation that deals with issues
related to the Internet.
THE
INFORMATION
TECHNOLOGY ACT , 2000
I.T. ACT, 2000:
OBJECTIVES
Different
regulating
approaches
and
for
facilitating
controlling,
electronic
communication and commerce.
Aim to provide legal
e-commerce in India.
infrastructure for
GOVERNMENT –NSP??
GOVERNMENTS PROVIDING SERVICES ON
THE NETWORK
GOVERNMENTS ARE INTERMEDIARIES
UNDER
THE
IT
ACT,
2000,
ALL
GOVERNMENTS, CENTRAL AND STATE, AS
ASLO ALL GOVERNMENTAL BODIES ARE
“NETWORK SERVICE PROVIDERS”
Section 79
For the removal of doubts, it is hereby
declared that no person providing any service
as a network service provider shall be liable
under this Act, rules or regulations made
thereunder for any third party information or
data made available by him if he proves that
the offence or contravention was committed
without his knowledge or that he had exercised
all due diligence to prevent the commission of
such offence or contravention.
Network Service Providers:
When Not Liable
Explanation.—For the purposes of this section,
—
(a) "network service provider" means an
intermediary;
(b) "third party information" means any
information dealt with by a network service
provider in his capacity as an intermediary.
TRANSPARENCY
NEED FOR TRANSPARENT E-GOVERNMENTAL
PROVIDERS
RIGHT TO INFORMATION ACT
GOVERNMENTAL WOULD NOW NOT BE ABLE
TO
HIDE
RECORDS
CONCERNING
GOVERNMENTAL PROCUREMENTS
E-
IT ACT, 2000-OBJECTIVES
To provide legal recognition for transactions:Carried out by means of electronic data
interchange, and
Other means of electronic communication,
commonly referred to as "electronic
commerce", involving the use of alternatives to
paper-based methods of communication and
storage of information.
OBJECTIVES (contd.)
To facilitate electronic filing of documents
with the Government agencies
To amend the Indian Penal Code, the Indian
Evidence Act, 1872, the Banker's Book
Evidence Act, 1891 and the Reserve Bank of
India Act, 1934
AUTHENTICATION OF
ELECTRONIC RECORDS
Any subscriber may authenticate an electronic
record
Authentication
signature.
Any person by the use of a public key of the
subscriber can verify the electronic record
by
affixing
his
digital
LEGALITY OF DIGITAL
SIGNATURES
Legal recognition of digital signatures.
Electronic Signatures not yet legal in India.
Certifying Authorities for Digital Signatures.
Scheme
for
Regulation
of
Authorities for Digital Signatures
Certifying
CONTROLLER OF
CERTIFYING
AUTHORITIES
Shall exercise supervision over the activities
of Certifying Authorities
Lay
down
standards
and
conditions
governing Certifying Authorities
Specify various forms and content of
Digital Signature Certificates
DIGITAL SIGNATURES &
ELECTRONIC RECORDS
Use of Electronic Records and Digital Signatures in
Government Agencies.
Publications of rules and regulations in the
Electronic Gazette.
MCA –21 Project- Usage of Digital Signatures
COMPENSATION
If a person without the permission of owner or any
other person in charge of a computer, computer
system or computer network, accesses or secures
access to such computer, computer system or
computer network, he is liable to pay statutory
damages by way of compensation, not exceeding
one Crore rupees ( Rs 10,000,000/- ) to the person
so affected.
CYBER OFFENCES
Various cyber offences defined
Cyber offences to be investigated only by a
Police Officer not below the rank of the
Deputy Superintendent of Police.
CYBER OFFENCES (contd.)
Tampering with computer source documents.
Publishing of information which is obscene in
electronic form.
Breach of confidentiality and privacy.
CYBER OFFENCES (contd.)
Hacking
Misrepresentation
Publishing Digital Signature Certificate false
in certain particulars and publication for
fraudulent purposes.
LITIGATION ALREADY
BEGUN
Litigation already begun in India relation to eprocurement.
Numerous legal issues relating to electronic
government procurement will continue to
emerge in the near future.
Need to adopt a proactive approach in dealing
with these various legal challenges
AMENDMENTS IN
IT ACT, 2000
MAKES THE LAW TECHNOLOGY
NEUTRAL
ELECTRONIC SIGNATURES INSTEAD OF
DIGITAL SIGNATURES
NEW PROVISION ON PRIVACY
WATERS DOWN THE LIABILITY OF THE
NETWORK SERVICE PROVIDERS
HUGE DRAWBACKS OF THE
PROPSOED AMENDMENTS
DATA PROTECTION
NO NEW CYBERCRIMES ADDED
PRIVACY APPROACH PRIMITIVE
INTELLECTUAL PROPERTY RIGHTS
TAXATION
E-PAYMENTS
NEED TO COMPLY
There is a need to proactively comply with the
requirements of the Indian Cyberlaw .
Necessary to limit liability and emergence of
undesirable consequences.
The Information Technology Act, 2000
currently under review by the Government.
Need to adopt a flexible approach of due
diligence.
THAT WAS A PRESENTATION
BY
PAVAN DUGGAL,
ADVOCATE, SUPREME COURT OF INDIA
PRESIDENT, CYBERLAWS.NET
HEAD-PAVAN DUGGAL ASSOCIATES
EMAIL : [email protected]
[email protected]