1. Define computer and internet , discuss law relating to computer in United Kingdom.

2. Concept of cyber security. Reasons aim and objective of the establishment of national cyber security
policy 2013.

3. Discuss the recent issues and challenges of copyright infringement in cyber space and elaborate the
concept of digital rights management.

4. Define information technology , elaborate the nature scope and what was the need for the enatement of
information technology Act 2000.

5. Who can become certifying authority , elaborate the role and responsibilities of the certifying authorities.

6. Discuss the types of cyber jurisdiction in civil and criminal cases.

7. Discuss the authentication attribution time and dispatch and legal recognition of electronic record under
the information technology act 2000.

8. Explain e record , discuss the issues and challenges of electronic evidence and its adminisibility and
examination of witnesses by video conference under the Indian evidence Act with reference to the recent
breaking and dynamic judgement of supreme court.

9. Define intermediary, discuss the liabilities of intermediaries under the information technology
intermediate guidelines rules 2011.

10. Internet the network of networks comment in the light of internet related legal issues.

11. What is cyber space elucidate with principles of jurisdiction .

12. Define cyber crime , discuss the different types of cyber crimes and its penalties under the information
technology act 2000.

13. What is online banking , expound the issues and challenges of online transaction and its laws in India.

14. Define cyber jurisdiction along with the models and international principles of the jurisdiction in cyber
space.

15. Enunciate e commerce.

16. Enumerate the concept of freedom of speech in cyber space.

17. Explain the features of information technology act 2000, with the powers and functions of adjudicating
officer.

18. Discuss the issues and challenges related to trademark in cyber space.

19. Explain cyber terrorism in detail.

20. Explain the liabilities of intermediate conspired or abetted the commission of unlawful act under section
79 of information technology Act 2000.

21. Explain the role of United nation in international corporation in fighting cyber crime.

22. Write a detailed note on the evolution of cyber crime and the present scenario in India.

23. Discuss the provisions related to digital signatures and the light of a recent case laws, to ascertain the
authentication non reputation and integrity of electronic record.

24. Discuss the liabilities and due diligence to be observed by the Internet service providers and
intermediaries in cyber space.

25. Nature and types of cyber crime taking place in India.

26. Explain the provision relating to due diligence and reasonable care to be taken by body corporate to
protect sensitive personal information under information technology amendment Act 2008.

27. Background scope and mission of the National cyber security policy 2013.

28. Define cyber jurisdiction.

29. Explain the role of the council of Europe convention on cyber crime in international corporation in
fighting cyber crime.

30. Discuss the legal issues in relation to cyber contracts and e-commerce.

31. Discuss the various civil and criminal liability mentioned under the information technology act as
amended in 2008.

32. Discuss the concept of cyber squatting of domain names domain disputes and use of trademark as
meta tags.
 Computer Internet and Network

Computer

A computer is a programmable electronic device that accepts raw data as input and processes it with a set of
instructions (a program) to produce the result as output. It renders output just after performing mathematical
and logical operations and can save the output for future use. It can process numerical as well as non-
numerical calculations. The term "computer" is derived from the Latin word "computare" which means to
calculate.

A computer is designed to execute applications and provides a variety of solutions through integrated
hardware and software components. It works with the help of programs and represents the decimal numbers
through a string of binary digits. It also has a memory that stores the data, programs, and result of processing.
The components of a computer such as machinery that includes wires, transistors, circuits, hard disk are called
hardware. Whereas, the programs and data are called software.

It is believed that the Analytical Engine was the first computer which was invented by Charles Babbage in
1837. It used punch cards as read-only memory. Charles Babbage is also known as the father of the computer.

Internet

The internet is a web of computers all connected together. It helps us talk to people from anywhere in the
world and find all sorts of information.

When you go to a website, your computer sends a special message through cables to another computer called
a server. The server sends back the information you want, like a web page or a video.

Sometimes people use the words “internet” and “World Wide Web” interchangeably, but they’re a little
different. The World Wide Web is like a special tool we use to explore the internet and find things we want.

With the Internet, we can do lots of cool things! It allows us to connect with communities around the world,
exchange files, make money and even more.

There are special groups like IANA (Internet Assigned Numbers Authority) that make sure everything works
smoothly on the Internet. They create rules and protocols that everyone follows so we can all connect and
share information easily.

Advantages of Internet

1. Getting Information Right Away

2. Learning Resources

3. Making Life Easier

4. Easy Communication

5. Socialising

6. Source of Entertainment

7. Source of Earning

8. Staying Informed
Disadvantages of Internet

1. Online Security Risks

2. Less Face-to-Face Interaction

3. Identity Theft

4. Addiction to the Internet

5. Shorter Attention Span

Network

What Is a Computer Network?

A computer network is a system that connects two or more computing devices for transmitting and sharing
information. Computing devices include everything from a mobile phone to a server. These devices are
connected using physical wires such as fiber optics, but they can also be wireless.

The first working network, called ARPANET, was created in the late 1960s and was funded by the U.S.
Department of Defense. Government researchers used to share information at a time when computers were
large and difficult to move. We have come a long way today from that basic kind of network.

Computer networking is the branch of computer science that deals with the ideation, architecture, creation,
maintenance, and security of computer networks. It is a combination of computer science, computer
engineering, and telecommunication.

Types of Computer Networks

Nanoscale networks: These networks enable communication between minuscule sensors and actuators.

Personal area network (PAN): PAN refers to a network used by just one person to connect multiple devices,
such as laptops to scanners, etc.

Local area network (LAN): The local area network connects devices within a limited geographical area, such
as schools, hospitals, or office buildings.

Storage area network (SAN): SAN is a dedicated network that facilitates block-level data storage. This is used
in storage devices such as disk arrays and tape libraries.

Campus area network (CAN): Campus area networks are a collection of interconnected LANs. They are used
by larger entities such as universities and governments.

Metropolitan area network (MAN): MAN is a large computer network that spans across a city.

Wide area network (WAN): Wide area networks cover larger areas such as large cities, states, and even
countries.

Enterprise private network (EPN): An enterprise private network is a single network that a large organization
uses to connect its multiple office locations.

Virtual private network (VPN): VPN is an overlay private network stretched on top of a public network.
Cloud network: Technically, a cloud network is a WAN whose infrastructure is delivered via cloud services.
WWW

What is World Wide Web?

World Wide Web, which is also known as a Web, is a collection of websites or web pages stored in web
servers and connected to local computers through the internet. These websites contain text pages, digital
images, audios, videos, etc. Users can access the content of these sites from any part of the world over the
internet using their devices such as computers, laptops, cell phones, etc. The WWW, along with internet,
enables the retrieval and display of text and media to your device.

The building blocks of the Web are web pages which are formatted in HTML and connected by links called
"hypertext" or hyperlinks and accessed by HTTP. These links are electronic connections that link related
pieces of information so that users can access the desired information quickly. Hypertext offers the advantage
to select a word or phrase from text and thus to access other pages that provide additional information related
to that word or phrase.

A web page is given an online address called a Uniform Resource Locator (URL). A particular collection of
web pages that belong to a specific URL is called a website, e.g., www.facebook.com, www.google.com, etc.
So, the World Wide Web is like a huge electronic book whose pages are stored on multiple servers across the
world.

Small websites store all of their WebPages on a single server, but big websites or organizations place their
WebPages on different servers in different countries so that when users of a country search their site they
could get the information quickly from the nearest server.

So, the web provides a communication platform for users to retrieve and exchange information over the
internet. Unlike a book, where we move from one page to another in a sequence, on World Wide Web we
follow a web of hypertext links to visit a web page and from that web page to move to other web pages. You
need a browser, which is installed on your computer, to access the Web.

Difference between World Wide Web and Internet:

Some people use the terms 'internet' and 'World Wide Web' interchangeably. They think they are the same
thing, but it is not so. Internet is entirely different from WWW. It is a worldwide network of devices like
computers, laptops, tablets, etc. It enables users to send emails to other users and chat with them online. For
example, when you send an email or chatting with someone online, you are using the internet.

But, when you have opened a website like google.com for information, you are using the World Wide Web; a
network of servers over the internet. You request a webpage from your computer using a browser, and the
server renders that page to your browser. Your computer is called a client who runs a program (web browser),
and asks the other computer (server) for the information it needs.

Cyber security

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These
cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money
from users via ransomware; or interrupting normal business processes.

Implementing effective cybersecurity measures is particularly challenging today because there are more
devices than people, and attackers are becoming more innovative.

Types of cyber threats

1. Cybercrime includes single actors or groups targeting systems for financial gain or to cause disruption.
2. Cyber-attack often involves politically motivated information gathering.

4. Cyberterrorism is intended to undermine electronic systems to cause panic or fear.

Cybersecurity in India

1. In India, the government has appointed a nodal agency, Indian Computer Emergency Response Team
(CERT-In), under the Ministry of Electronics and Information Technology, to monitor cyberattacks taking
place within the country.

CERT-In has been designated under Section 70B of Information Technology (Amendment) Act 2008 to serve
as the national agency to perform the following functions in the area of cyber security:

-- Collection, analysis and dissemination of information on cyber incidents

-- Forecast and alerts of cyber security incidents
-- Emergency measures for handling cyber security incidents
-- Coordination of cyber incident response activities
-- Issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices,
procedures, prevention, response and reporting of cyber incidents

2. A cyber and information security division operates under the aegis of the Ministry of home affairs which
deals with matters relating to Cyber Security, Cyber Crime, National Information Security Policy &
Guidelines (NISPG), and implementation of NISPG, NATGRID, etc.

It has the following wings:

Coordination wing
Cyber-crime wing
Information security
Monitoring unit
Cyber-crime coordination center

 Freedom of speech in cyberspace

INTRODUCTION

India has been a successful and robust democracy for over six decades. Individual freedom is an integral part
of democracy. However, freedoms are not absolute. Absolute freedom to an individual may lead to
compromising other’s privacy, safety and rights. There are laws to govern and restrict people's behaviour so as
to maintain a balance in the society. Today we live in a connected world facilitated by Information and
Communication Technology (ICT).

The rapid penetration of ICT in innovative ways has led to considerable development in India and globally
with respect to peoplecentred, inclusive and development-oriented Information Society. At the same time, it
has created multidimensional and often unpredictable challenges since the technology continues to
exponentially outpace legal, policy and ethical dimensions. Cyber-crime and cyber-attacks have resulted in
changing the dimension of conflict of individual freedoms and national security to a new height. This has
become one of the serious threats to individual freedoms and rule of law which serves as the pillar of
democracy.
INTERNATIONAL PERSPECTIVE

The right to freedom of speech and expression is widely protected under international law and is recognized
under Article 19 of the Universal Declaration of Human Rights (UDHR) and Article 19(2) of International
Covenant on Civil and Political Rights (ICCPR). These provisions define this right as the ‘freedom to hold 2
opinions without interference and to seek, receive and impart information and ideas through any media and
regardless of frontiers’. In recent years, the United Nations has explicitly extended this right to online
platforms. The freedom to ‘seek, receive and impart information’ becomes particularly relevant in the context
of the Internet. Efforts are needed to be made to bridge the gap between those who have access to the Internet
and those who do not. Reducing this ‘Digital Divide’ helps realise the right to free speech, as discussed during
the World Summit for Information Society Review (WSIS+10 review). 1

INDIAN PERSPECTIVE

As the right to free speech includes the right to access and gather information as well, the Indian Government
has been working on bridging the Digital Divide through its Digital India Initiative. Bridging the digital divide
has become imperative as the Government services are increasingly being made available to citizens
electronically. In a country with a growing reliance on the Internet, it becomes important to understand the
legal framework that governs speech online.

Constitutional Provision: - Article 19 (1)(a) of the Constitution of India guarantees to citizens the fundamental
right to freedom of speech and expression: “19. (1) All citizens shall have the right- (a) to freedom of speech
and expression;..” This is a broad right that includes the right to exchange thoughts with others, both within
and outside India. It also includes freedom of the press. This right is medium neutral, which means that it is
applicable to communication on the Internet as well.

However, this right is also subject to certain restrictions which can only be imposed by a duly enacted law.
Article 19(2) provides that the such reasonable restriction must be in the interests of state security, friendly
relations with foreign states, public order, decency and morality, contempt of court, defamation, incitement to
an offense, and the sovereignty and integrity of India. Alongside the freedom of speech, one must also
consider the right to privacy, which has been read into the right to life under Article 21 of the Constitution.

Legislative Restrictions: The Indian Penal Code (IPC) places some restrictions on free speech. It criminalizes
speech that is seditious, obscene, defamatory, promoting enmity between different groups on ground of
religion, race, place of birth, residence, language, committing acts prejudicial to maintenance of harmony, or
consisting of statements, rumors, or reports that may cause fear, alarm, disturb public tranquility, or promote
enmity or ill will. The offender is liable to be punished with a jail term ranging from two to seven years, if
found guilty. Further, the Official Secrets Act also contains a provision that criminalizes wrongful
communication of information that may have an adverse effect on the sovereignty and integrity of India. All
these provisions are applicable to Internet users as well.

Another relevant legislation in this context is the Information Technology Act (IT Act 2000), which
criminalizes certain online activity, such as the publication or transmission of obscene or sexually explicit
content in electronic form, as well as the creation, transmission or browsing of child pornography. Section
66A (ANNEXURE II) of the Act had criminalized any information that could be considered grossly offensive,
of a menacing character, or any information that is false, but causes “annoyance, inconvenience, danger,
obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will.” Several arrests were also made for
social media posts, on the basis of this provision.

But in the 2015 landmark case of Shreya Singhal v. Union of India, the Supreme Court struck down Section
66A of the IT Act 2000 on grounds of violating Article 19 of the Constitution. In its judgment, it categorically
stated that the freedom of speech offline is equal to freedom of speech online, a principle that has been clearly
stated by the UN as well.
Section 66A was found to be an arbitrary and disproportionate restriction on the right to free speech, and
outside 5 the confines of the reasonable restrictions laid down in Article 19(2). This judgment is a critical step
for free speech jurisprudence, with the courts taking a firm stand in favour of the right to free speech on the
internet.

CURRENT SCENARIO

At present, cyberspace is also a platform for current affairs and issues all over the globe. Everyone can access
it and will be allowed to have an opinion and share it with rest of the world. Finland being the first country to
give the legal status to access of the internet.

It was by the year 2016 the UNHRC had recognized access to the internet as one of the basic human rights. In
India, it is relatively a new concept though in the case of PUCL v. union of India[3], the right to speech and
expression is guaranteed to all kinds of speeches by word, by pictures by or in any other manner. A petitioner
named Faheema Shirin RK moved the court regarding the restrictions of using mobile phones in the UG
hostel in which the outcome came to be access to the internet is the vital part of the education and part of
Article 21 this was the first case where the legal status for the use of Cybernet was also a part of fundamental
right for Indians. It was in the first amendment the reasonable restrictions for Article 19(1)(a) were imposed.

In the case of Anuradha Bhasin v/s Union of India[4], the reasonable restrictions on the use of cyberspace
imposed by the President’s rule during the public emergency were held valid. The focus on the social
networking sites is very huge these days, the political high drama, propagation of different ideologies,
promotions of lot of cinema, such being the case, the Twitter wars are also being closely monitored and some
might even be brought down, stating the reason that those tweets violate the rules and regulation or the
privacy policy of their respective platforms.

 E banking and Banking ombudsman scheme

The Banking Ombudsman is a quasi-judicial authority formed with the aim to address and resolve complaints
of the Bank’s customers. The Section 35A of the Banking Regulation Act of 1949 deals with the Banking
Ombudsman Scheme. Finance and banking aspirants are required to have an understanding of the Banking
Ombudsman scheme for the exam as well as practical purposes.

-- The Banking Ombudsman Scheme was announced by the Reserve Bank of India (RBI) in 2006.
-- The scheme not only covers the scheduled commercial banks but also regional rural banks and scheduled
primary cooperative banks.
-- Recently, the RBI extended the Banking Ombudsman concept to the NBFC (Non-Banking Financial
Institutions) as well.
-- Around 15 Banking Ombudsman have been appointed and their offices are mostly situated in the State
Capitals.

The ombudsman shall be responsible for receiving and considering the complaints filed by the aggrieved
parties irrespective of the amount of money involved in the complaint. He will be responsible for the
settlement of the dispute between the bank and the aggrieved party either by the process of mediation or
conciliation or if necessary by giving an award to the concerned party if the circumstances require so. The
appointed ombudsman has to submit a report to the governor of the Reserve Bank on 30th June of every
financial year regarding the activities conducted through his office during the preceding financial year and
also any other details as asked by the Reserve Bank.

The Banking Ombudsman Scheme allows an aggrieved customer to file a complaint of any nature regardless
of any amount involved, in the complaint with the ombudsman.
 Challenges to the Admissibility of the Electronic Evidence

Introduction

The exposure or emergence of digitalisation has not only affected our daily life but it has affected legal
aspects and legal philosophy also. It has become quite difficult to connect with people without the help of
technology because technology is playing a major role in our daily lives. Everyone is depending upon
technology for work, entertainment, connecting with different people. It is playing a vital role in the field of
law.
“Electronic Evidences” are evidences which are in the form of digital evidences which any party involved in a
suit can use at the time of the trial. These evidences are kind of information comprised in the form of
electronic media. Electronic evidences are also known as “Digital Evidences”. Electronic evidence is one of
the kinds of evidences which are significantly being accepted or admissible in the court of law to decide any
case.

What is mean by Electronic Evidence?

Here we are dealing with Electronic form of Evidences. These evidences are also known as Digital Evidence,
Electronic Evidence and “Computer Evidence”. Digital or Electronic evidences are meant to be those
evidences I which the information which is of probative value is transmitted or stored. The parties to case use
these evidence in the court of law in their trial.

What are the Guidelines for handling electronic or digital evidence?

A plethora of projects and a large number of guidelines have been made for handling and preserving
electronic evidence or digital evidence. So here some guidelines have been given for handling these types of
evidences as follows: 1. Identifying Electronic Evidence 2. Gathering Electronic Evidence 3. Preserving
Electronic Evidence 4. Storing and Transporting Electronic Evidence

Legal Framework for the admissibility of Digital Evidence

The Indian Evidence Act is pivotal for ensuring the relevancy of electronic evidence in a court of law.
3,22A,65A,65B, 85A, and 85B are particularly relevant section. Section 3 mentioned electronic records as
documents, Section 65B outlines the conditions for acknowledge electronic records as evidence, and Sections
85A and 85B establish presumptions related to certain electronic records and digital signatures.

Information Technology Act, 2000

Section 28[8] This section is of paramount importance as it empowers the government to take necessary
actions in the interest of India's integrity and sovereignty. It provides the government with the power to
eavesdrop on, keep an eye on, or decode data created, sent, received, or kept in any computer resource. This
authority is crucial for national security and the effective investigation and prevention of cyber threats.

Section 43A[9]: This section addresses the issue of compensation for failures in protecting data and sensitive
personal information. Organisations dealing with sensitive data are mandated to implement security measures.
If they fail in doing so, leading to data breaches or unauthorized access, they might be required to compensate
the impacted parties. This provision underlines the significance of data protection and security in the digital
age.

Section 43[10]: Section 43 outlines penalties for unauthorized actions related to computer systems and data. It
covers a wide range of offences, including unauthorized access to computer systems, downloading,
introducing viruses, and harming the resources of computers. These penalties serve as a deterrent against
cybercrimes and provide legal consequences for offenders.

Section 80: This section empowers senior police officers or authorised government officials to enter public
places, conduct searches, and make arrests without a warrant if they reasonably suspect someone of
committing a cybercrime under this Act. This provision enables swift and decisive action in response to
cybercrime incidents.

Admissibility of Digital Evidence

The digital evidence can be admissible depending on various factors such as:

Authenticity: The proof must be unequivocal about where it came from, attesting to the fact that it was
obtained from a certain place or electronic communication device.
Its integrity must be guaranteed, and it must be a full and accurate copy of the obtained digital evidence.
Consistency and avoiding evidence taint depend on establishing an appropriate chain of custody.

This chain discloses where the evidence came from and as well as everyone in charge of it at the time of
acquisition. To ensure that the digital evidence hasn't been tampered with after it was acquired, there must be
sufficient documentation.

Reliability: There are two methods that are frequently employed to evaluate the dependability of digital
evidence.
Assessing the regularity of operation of the electronic communication device used to gather the evidence.
Verifying if the digital evidence gathered from the electronic communication equipment has been tampered
with, tainted, or damaged. The collection and examination of the evidence shouldn't give rise to any questions
about its veracity and validity. There should be no contamination or outside influence on the evidence.

Completeness: The proof must encompass all aspects of the alleged incidence, guaranteeing that it is adequate
to demonstrate or refute a particular activity.

Relevance: Any digital evidence introduced in court must be directly related to the topics under discussion.

Challenges in Admissibility of Digital Evidence

-- Electronic evidence may be challenged as fundamentally tampered with by parties during a trial on the
grounds that it has been altered. When appropriate safety measures are not followed, tampering is a serious
risk. Given how simple it is to tamper with digital evidence, determining its authenticity is a significant
challenge. Protections against tampering and chain of custody are essential.
-- One major obstacle to the relevancy of electronic evidence is the software's dependability, which might be
contested in court.
-- It is frequently difficult to confirm the identity of the person who performed an activity using a password,
PIN, or "I accept" option, which can have an impact on the admissibility and reliability of electronic
evidence.
-- The inclusion of digital evidence might be complicated by hearsay laws, particularly when statements are
made to substantiate the claimed truth. It is concerning when the author of word documents, emails, or SMS
messages is challenged. It can be difficult to demonstrate how the author and the evidence are related.
-- Because social media networks are anonymous and allow several individuals to use a single account, it can
be challenging to authenticate information from them. It can be difficult to determine who wrote a piece of
content originally. Credibility concerns around digital evidence could include allegations of falsification,
alteration, or manipulation.
-- The authenticity and admissibility of electronic evidence are impacted when numerous people gain access
to the same device because it becomes more difficult to determine to whom a message or other content was
directed.
-- The validity of information obtained through social media sites, considering the in court, the frequency of
phone accounts and excessive sharing may be contested. The swift advancement of technology poses
difficulties when evaluating the dependability of novel digital evidence formats.
-- Local Network Data: When several computers share a network, it can be challenging to assign activities to
particular devices and times, which might have an impact on the admissibility of electronic evidence.
-- Internet Data Variability: It might be difficult to determine if electronic evidence is real and admissible
since data on the internet can differ between devices and sources. Courts may have trouble comprehending
the technical intricacy of digital evidence, which compromises its credibility and applicability.
-- Dynamic Data Updates: The legitimacy and admissibility of electronic evidence may be contested by data
that is changed regularly, such as transactional databases and webpages.
-- Destruction of Data Information held on electronic devices can be quickly destroyed by viruses and
mechanical damage, which emphasizes the need for proper maintenance.

“State v. Mohd. Afzal and Ors.”1 In this case it was held that “computer generated electronic records is
specified by section 65B of the Indian Evidence Act, 1872”. It was also held that electronic evidence are
admissible as evidence. If someone challenges the accuracy of a computer evidence or electronic record on
the grounds of misuse of system or operating failure or interpolation, then the person challenging it must
prove the same beyond reasonable doubt”

“Anvar PV v. PK Basheer” 3 , In this particular case it was held by the court that “Section 65B of Indian
Evidence Act has been inserted by way of an amendment by the information Technology Act, 2000.
Inasmuch it is a special provision which governs digital evidence and will override the general provisions
with respect to adducing secondary evidence under the Evidence Act”4 .

“State of Maharashtra v. Dr. Praful B Desai” 5 , it was held in this case by Supreme Court that “video
conferencing could be resorted for the purpose of taking evidence of a witness”5 .

 IT Act and the new intermediary guidelines

Introduction

The Internet has become an indispensable part of our lives. Social media platforms such as WhatsApp,
Instagram, Facebook, Twitter etc. have become our constant companions as we use them to communicate with
our friends, to follow our interests, to give our opinions and for a host of other innumerable activities. Also,
many of us prefer to buy our clothes and other stuff online from e-commerce sites such as Myntra and
Amazon. The crucial question that arises is, “Whether these e-Commerce websites, social media platforms
and search engines and the like (Intermediaries) can be held liable for any unlawful content, hateful remarks,
fake news posted on these platforms, websites by a third party?”
In this article, the author will attempt to answer this question while taking you through the important legal
provisions and case laws relating to Intermediaries, their liability and the conditions under which they can be
exempted from such liability.

Who are intermediaries under the IT Act

Generally speaking, an intermediary is a person or a third party that acts as a link between two parties and
facilitates communication between the two. We can also say that an intermediary is someone who facilitates
the use of the internet.

The term ‘Intermediary’ is defined in broad terms in the Information Technology Act, 2000. Section 2(1)
(w) of the Information Technology Act 2000 defines an intermediary as a person who receives, stores or
transmits any electronic record and provides any service relating to such record on the behalf of another
person. Intermediary includes network service providers, telecom service providers, internet service providers,
search engines, web-hosting service providers, online-auction sites, online payment sites, online-marketplaces
and cyber cafes.
Intermediaries perform functions such as hosting content, collecting information and evaluating information,
facilitating communication and information exchange, facilitating the use of the internet etc.
Safe Harbour model

India operates on the ‘Safe Harbour model’, under which the intermediaries are provided protection against
liability for the acts of third parties who use the infrastructure provided for committing unlawful acts. For
example, a social media platform will not be held liable for the defamatory content posted by a user.

Intermediaries under IT Act

Section 79 of the IT Act

Under the IT Act, as originally enacted, only the network service providers were granted protection from
liability for illegal acts of third parties. But after the Amendment Act of 2008, the definition of the
intermediary under the Act and Section 79 of the Act were amended to provide for a wider scope of protection
to intermediaries.

Section 79 of the IT Act provides for ‘Exemption from liability of intermediary in certain cases:

Exemption from liability

Section 79(1) provides for exemption from liability of an intermediary for any third party information, data,
or communication link made available or hosted by him. However, this shall be subject to provisions of sub-
section (2) and sub-section (3) of Section 79.

When exempted
Section 79 (2) provides for the conditions which must be fulfilled for granting exemption from liability to an
intermediary, which are as follows:

-- The intermediary’s function is limited to providing access to a communication system over which
information made available by third parties is transmitted, hosted or stored;

-- The intermediary does not:

initiate the transmission,
select who receives the transmission, and
select or modify the information contained in the transmission,

-- The intermediary observes due diligence while performing his duties under this Act and also observes such
other guidelines prescribed by the Central Government.

-- Third-party information
According to the explanation attached to Section 79 of the IT Act, ‘third party information’ means
information that is dealt with by an intermediary in his capacity as an intermediary.

When can intermediaries be held liable

Section 79 (3) of the IT Act provides an exception to the immunity granted to intermediaries from liability for
third party information and acts under Section 79 (1) of the Act. Intermediaries can be held liable for third
party content hosted by them in the following cases:

The intermediary is guilty of conspiring, abetting, aiding or inducing the commission of the unlawful act;
Intermediary fails to expeditiously remove or disable access to any material residing in or connected to a
computer resource upon receiving actual knowledge, or on being notified by the Government that any
information residing in or connected to such computer resource controlled by the intermediary is being used to
commit an unlawful act. Such removal or disabling of access has to be done without vitiating the evidence in
any manner.
Thus, the immunity provided to intermediaries is not absolute but is subject to fulfilment of certain duties and
following of certain guidelines or rules issued as by the government.

Section 67C
The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021

The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 were
notified by the Central Government on 25th February 2021. These rules have been framed by the central
government in exercise of the power conferred on it by Section 87 of the IT Act and will supersede
the Information Technology (Intermediary Guidelines) Rules, 2011. These rules are divided into three parts,
namely,
Preliminary providing for Definitions
Due Diligence by intermediaries
Code of ethics and procedure and safeguards in relation to digital media

Part II of the rules (Rule 3-7) dealing with ‘Due Diligence by intermediaries and grievance redressal
mechanism’ provide for due diligence requirements to be followed by all social media intermediaries and
additional due diligence requirements to be followed by significant social media intermediaries. Thus, the
rules categorise the digital intermediaries into two categories:

Social Media Intermediaries (SMI);

Significant Social Media Intermediaries (SSMI).

Significant social media intermediary means a social media intermediary having such number of
Section
registered users (50 lakh or more) in India above such threshold as notified by the central
2(1)(v)
government.
Social Media Intermediary means an intermediary which primarily enables online interaction between
Section
two or more users and allows creating, uploading, sharing, dissemination, modification or access to
2(1)(w)
information using these services.

Rule 7 of the said rules provides that failure to observe these rules shall disqualify an intermediary from
exemption from liability under Section 79(1) of the IT Act and such intermediary shall be punishable under IT
Act and the Indian Penal Code 1860.

Due diligence requirements for social media intermediaries

-- Publishing of details
The intermediary is required to publish following information on its website, mobile-based application or
both:

Rules and regulations,

User agreement, and
Privacy policy.

Such rules and regulations, privacy policy or user agreement must inform the user about the types of
objectionable information which they shall not host, display, upload, modify, publish, transmit or store etc.
Intermediaries must inform the users at least once a year about the rules and regulations, user agreement,
privacy policy or any changes in the same and that the intermediary reserves the right of terminating a user’s
access or removing any non-compliant information from its platform.

-- Disabling access
Intermediaries are prohibited from storing, hosting or publishing any unlawful information which is
prohibited by any law in relation to the categories mentioned in Rule 3(1)(d) of the rules. The intermediary
must remove such information if it is so hosted, stored or published or disable access to as early as possible
but no later than 36 hours from the receipt of the court order or on being notified by the Government under
Section 79(3)(b) of the IT Act.
-- Preservation of information
Intermediaries shall preserve or retain the following information for 180 days:

Information that has been removed or access to which has been disabled
User’s registration information, after cancellation or withdrawal of such registration.

-- Furnishing of information or assistance to the government agency

Intermediaries must provide information that is under its control or possession or give assistance for
verification of identity or for preventing, detecting, investigating, or prosecution, of any offence, or cyber
security incidents to any lawfully authorised government agency as soon as possible but within 72 hours of
receiving a written order.

-- Grievance redressal mechanism

The intermediary must publish the following details on its website, mobile-based application or both:

Name and contact details of the Grievance Officer.

Complaint Mechanism by which a user or a victim may file a complaint.
The Grievance Officer shall acknowledge the complaint within 24 hours of receiving it and has to dispose it
off within 15 days.

-- Removal of explicit content

The intermediary shall take all reasonable and practicable measures for removing or disabling access to any
content hosted, stored, published or transmitted by it which exposes the private area of any individual, or
shows such individual in nudity or in any sexual act etc. within 24 hours of receiving the complaint.

Additional due diligence to be observed by significant social media intermediaries

Rule 4 of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
provides for ‘Additional due diligence to be observed by significant social media intermediaries’. Social
media intermediaries with fifty lakh registered users or more have been classified as significant social media
intermediaries and are subject to due diligence requirements in addition to those prescribed for intermediaries
in general.

Rule 6 provides for the power of the Ministry to extend the additional due diligence obligations to any other
social media intermediary which is not a significant social media intermediary in certain cases.

 Appointment of certain officers and contact persons

 Periodic Compliance Report

 Identifying the first originator of information

 Active monitoring

 Voluntary verification

 Removal of information or disabling access to information

 Grievance redressal
 National Cyber Security Policy

What Is Cyber Security?

Cyber security is the activity of protecting computers, servers, mobile devices, electronic systems, networks,
and data against hostile assaults. It is the technique of guarding against digital assaults on systems, networks,
and programmes. With an expanding number of people, devices, and programmes in the contemporary
organization, as well as an increasing deluge of data, cybersecurity is becoming increasingly important.

What is the National Cyber Security Policy

National Cyber Security Policy is a policy framework by Department of Electronics and Information
Technology (DeitY) It aims at protecting the public and private infrastructure from cyber attacks. The policy
also intends to safeguard “information, such as personal information (of web users), financial and banking
information and sovereign data”. Ministry of Communications and Information Technology (India) defines
Cyberspace as a complex environment consisting of interactions between people, software services supported
by worldwide distribution of information and communication technology.

Need for a National Cyber Security Strategy

-- India’s society is increasingly reliant on digital technology for communication, banking, and other areas of
daily life. The use of social media and digital payments has increased significantly.
-- In 2022, ransomware occurrences increased by 51%, according to the Indian Computer Emergency
Response Team (CERT-In).
-- Cybercrime against individuals and institutions is on the rise. Rogue elements and criminal syndicates have
become more adept in their local and international hacking operations and targeted phishing attempts.
-- In light of increasing geopolitical dynamics in South Asia and the Indo-Pacific, cyber-attacks by India’s
rivals have increased. State and non-state actors have launched attacks against India’s nuclear
infrastructure, electricity systems, telecom equipment ecosystems, and financial systems.
-- After Galway, China already attacked India’s energy network and attempted to enter the National Security
Adviser in 2010. These attempts have had a profound influence on India’s view of national security.

Objectives of National Cyber Security Policy

 To build a safe cyber environment in the country, develop appropriate trust and confidence in I.T.
systems and cyberspace transactions, and so increase I.T. adoption in all sectors of the economy.
 To provide information protection when in process, processing, storage, and transport to preserve citizen
data privacy and reduce economic losses due to cybercrime or data theft.
 To improve law enforcement skills and allow successful cybercrime prevention, investigation, and
conviction by appropriate legislative action.
 To raise awareness of the integrity of I.C.T. goods and services by developing infrastructure for testing
and validating their security.
 To give firms financial incentives for adopting standard security procedures and processes.
 Through a successful communication and promotion approach, a culture of cyber security and privacy
will be established, allowing responsible user behaviour and activities.
 To meet national security needs by developing appropriate indigenous security technologies through
frontier technology research, solution-oriented research, and commercialization.
 To provide an assurance framework for the establishment of security policies, as well as to promote and
enable activities for conformance to global security standards and best practices through conformity
assessment.
 To fortify the regulatory framework to ensure a secure cyberspace ecology.
National Cyber Security Policy Mission

 To protect information and information infrastructure in cyberspace.

 To build capabilities to prevent and respond to cyber threats.
 To reduce vulnerabilities and minimize damage from cyber incidents through a combination of
institutional structures, people, processes, technology and cooperation.

Main Components of the National Cyber Security Strategy

 Strengthening the Regulatory Framework

 Promotion of Research & Development in cyber security

 Securing E-Governance services

 Encouraging Open Standards

 Creating an assurance framework

 Creating a secure cyber ecosystem

Conclusion

The Government is concerned about increasing cyber risks and vulnerabilities as India’s population and
government services become more online. This fear prompted numerous ministries to take action. However,
India’s cyber security system has a long way to go. While India’s primary reaction to cyberattacks has been to
conduct audits and strengthen network security, a national Cyber Security Policy might establish a more
comprehensive framework that can be used consistently across the country. Launching an updated and
comprehensive national Cyber Security Policy is critical.

 Nature scope importance of the information technology act

Introduction

Rapid advancements in Information Technology sector have revolutionised work and personal lives of people
globally. Technology has entered every sphere of life like banks, work place, social networking, stock
markets, shopping etc. resulting in sharing of one’s personal information with every bit of machine one comes
across. With the availability of personal information on a single click, the data is vulnerable to cyber-crime. In
mid-90s liberalization of Indian economy resulted in manifold increase in e-transactions. Therefore, the need
to bring technology under legislation was felt. With this objective in view, Parliament of India, passed the
Information Technology Act in 2000.

This first cyber law addressed various issues with a view to discourage misuse of digital medium and
punishment for various offenses prescribed. Later on with more technological advancements, further
amendments and notifications were issued to counter the menace of growing cyber - crime.
Digital information, communications, computers (in the form of pc, notebook, mobile phones
etc.), software - the constituents of the information age - has entered in our life voluntarily or surreptitiously.
Now, information technology has become an invaluable manager, touching every sphere of life i.e. social
linkages via e-mail, Facebook, sms; Finances - spreadsheets online/internet banking, financial markets;
Unscrupulous people have successfully siphoned off funds by misuse of data. With extensive use of
information available through computer resources, India was not adequately equipped to deal with cyber
security concerns till the year 2000. With a view to maintain reasonable standard of security and privacy, a
number of steps have been taken through various legislations.

It was only in the year 2000 that an effort was made to address concerns regarding digital medium when IT
Act saw light of the day in the country. In this first cyber law of its kind, various issues relating to edocuments
were addressed so as to discourage misuse of digital medium and punishment for various offenses prescribed.
It is of paramount importance that such grave concerns regarding potential misuse of sensitive information are
addressed precisely so as to guarantee the integrity of systems and establish confidence for the reliability of
the system.

This guarantee of security and privacy of information has proven to be a milestone in restoring the credibility
of the customers.
Although an act such as IT Act is an evolving process but still a legal framework in the form of various
laws/amendments/ is in place. The aim of this paper is to analyse the IT Act in a broader perspective by listing
its amendments and notifications issued by the government.

Nature of the Information Technology Act

Information technology is one of the important law relating to Indian cyber laws. In May 2000,
both the houses of the Indian Parliament passed the Information Technology Bill. The Bill received assent of
the President in August 2000 and came to be known as the Information Technology Act, 2000. Cyber laws are
contained in the IT Act, 2000.

This act is helpful to promote business with the help of internet. It contains set of rules and regulations which
apply on any electronic business transaction. It is “An Act to provide legal recognition for transactions carried
out by means of electronic data interchange and other means of electronic communication, commonly referred
to as “electronic commerce” which involve the use of alternatives to paper-based methods of communication
and storage of information, to facilitate electronic filing of documents with the Government agencies and
further to amend the Indian Penal Code, the Indian Evidence Act, 1872,
the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected
therewith or incidental thereto”.

IT Act, 2000 focuses on three main highlights:

a) Providing legal recognition to the transactions which are carried out through electronic
means or use of Internet.
b) Empowering the government departments to accept filing, creating and retention of
official documents in the digital format and
c) To amend outdated laws and provide ways to deal with cybercrimes.

Objectives of IT Act 2000: The following are the objectives of IT Act 2000

a) To give legal recognition to any transaction which is done by electronic way or use of internet?
b) To give legal recognition to digital signature for accepting any agreement via computer.
c) To provide facility of filling documents online relating to school admission or registration in employment
exchange.
d) According to I.T. Act 2000, any company can store their data in electronic storage.
e) To stop computer crime and protect privacy of internet users.
f) To give more power to IPO, RBI and Indian Evidence act for restricting electronic crime.
g) To give legal recognition for keeping books of accounts by bankers and other companies in electronic form.
Scope of the Information Technology Act

Scope of IT Act: The act shall apply to

a) Processing of personal data or partly by automatic means, and
b) Other processing of personal data which form part of or are intended to form part of personal data filing
system.

This act shall not apply to the following:

a) Information technology Act 2000 is not applicable on the attestation for creating trust via electronic way.
Physical attestation is must.
b) Contract of sale of any immovable property.
c) Attestation for giving power of attorney of property is not possible via electronic record.

Importance of the Information Technology Act

From the perspective of e-commerce in India, the IT Act 2000 and its provisions contain
many positive aspects.
a) Firstly, the implication of these provisions for the e-businesses is that email is now a valid and legal form of
communication in our country that can be duly produced and approved in a court of law.
b) Companies are now able to carry out electronic commerce using the legal infrastructure provided by the
Act.
c) Digital signatures have been given legal validity and sanction in the Act.
d) The Act opens the doors for the entry of corporate companies in the business of being Certifying
Authorities for issuing Digital Signature Certificates.
e) The Act now allows Government to issue notification on the web thus heralding e-governance.
f) The Act enables the companies to file any form, application or any other document with any office,
authority, body or agency owned or controlled by the appropriate Government in electronic form by means
of such electronic form as may be prescribed by the appropriate Government.
g) The IT Act also addresses the important issues of security, which are critical to the success of electronic
transactions. The Act has given a legal definition to the concept of secure digital signatures that would be
required to be passed through a system of a security procedure, as stipulated by the Government at a later
date.

Under the IT Act, 2000, it is possible for corporate to have a statutory remedy in case if anyone breaks into
their computer systems or network and causes damages or copies data. The remedy provided by the Act is in
the form of monetary damages, not exceeding Rs. 5 crores.

Conclusion

During the last two decades, Information Technology sector has witnessed exponential growth. Technology
has become part and parcel of our daily life and has multiplier effect in every sector of industry .The major
pitfall of this phenomenal growth has given rise to cybercrimes at an alarming rate.

To combat this growing challenge, first legislation came in the year 2000. Since Cyber Criminals were found
to be a step ahead of technology, regular amendments became need of the hour. Therefore, after introduction
of Act 2000 many amendments/notifications are being issued as per requirement. In this answer we have
discussed the legislations so far introduced and proposed the improvements that can be incorporated on issues
like spamming, phishing, integrity of transactions and pornography in further amendments of IT Act.
 Cyber terrorism

What is cyberterrorism?

“Cyberterrorism is the convergence of cyberspace and terrorism. It refers to unlawful attacks and threats of
attacks against computers, networks and the information stored therein when done to intimidate or coerce a
government or its people in furtherance of political or social objectives. Further, to qualify as cyberterrorism,
an attack should result in violence against persons or property, or at least cause enough harm to generate fear.
Attacks that lead to death or bodily injury, explosions, or severe economic loss would be examples. Serious
attacks against critical infrastructures could be acts of cyberterrorism, depending on their impact. Attacks that
disrupt nonessential services or that are mainly a costly nuisance would not.”

Cyber terrorism and it’s scope isbased on the place where it occurs than through the medium i.e. the
virtual/cyber world. Thus it is not a distinguished crime but a form of terrorism executed through a unique
mode dismissing every claim of it being an independent crime. There have been no concrete set of rules,
definitions or provisions related to cyber terrorism in the international arena, except countries having their
code of conduct, hence, giving en edge to the greater importance of defining cyberterrorism in an apt manner.
Terrorism in today’s age consists of conventional terrorism, where classic weapons are used to destroy
property and kill victims in the physical world and techno terrorism, in which weapons are used to destroy
infrastructure, targets and causes a disruption in cyberspace and cyberterrorism is where new weapons like
malicious software, electromagnetic and microwave weapons will operate to destroy data in cyberspace to
destroy certain aspects of the physical world.

A terrorist attack can be carried out through cyberspace or by using information and communication
technologies and, particularly, the internet to carry out a series of actions linked to the objectives it pursues
which do not necessarily constitute cyberterrorism but may lead to the existence of facilitation of future
cyberterrorism behaviours. The definition of cyberterrorism has come to include both disruption and violence
in cyberspace in the same manner as in the traditional form of terrorism with physical destruction and
violence. The upcoming use of new technology is helping terrorist groups to have a global reach although they
may have very few members.

Harm principle

Establishing the harm principle helps identify the sufferers of a crime and the people being targeted to bear the
consequences. Cyberterrorism does not immediately attack an individual interest. It majorly affects an interest
that is owned by the general public. It can also be affirmed that cyberterrorism constitutes an attack against
institution, state, or national interests to violate the constitutional order and create a greater impact with long-
lasting consequences to prove and extend a political agenda.

Elements

Cyberterrorism in its entirety consists of two crucial elements, the teleological element and instrumental
element. The teleological element describes cyberterrorism being committed with the objectives of altering
the constitutional order or to capsize the legitimately elected government, through a major political agenda
The instrumental element perpetrates that acts must be executed in a manner that instill a sense of terror in
people’s minds, establishing a belief that anyone anywhere could be a victim of cyberterrorism, involving the
realization of an indiscriminate attack “in” or “through” the cyberspace, with devastating consequences like
deaths, serious injuries or other similar outcomes in the real world.

Weapons

The weapons of the cyberterrorists exist to destroy or modify computer data and files with the weapons and
the targets being the electrons moving within cyberspace.
Joseph Seanor of CIBIR Corporation gave his viewpoint on the Methods of Operations of Cyberterrorists.
According to him, The critical element in cyberterrorism, and information warfare, is knowledge. He also
talks about the potential weapons in cyber-terrorism that can cause the required destruction –

 Viruses
 Trojan Horses
 Worms
 Humans
 Electro-Magnetic Pulse Weapons

Cybersecurity

Cyber Security is defined under Section 2(1)(nb) of IT Act, 2000 as the protection of information, Equipment,
devices, computer resources, communication devices and information from unauthorised access, use,
disclosure, disruption, modification and destruction.

Cybersecurity deals with technologies, processes, and practices that are designed to protect networks, devices,
software, systems, programs, and data and sensitive information from attack, damage, or uninvited access.

Cybersecurity aims at protecting the information from being placed in the wrong hands. The most difficult
challenge and barrier in the implementation of cybersecurity is the evolving nature and uncertainty of security
risks.

Cyber terrorism in the world

“We are at risk. Increasingly, America depends on computers. . . . Tomorrow’s terrorist may be able to do
more damage with a keyboard than with a bomb.”- The National Academy of Sciences

Terrorism is a global phenomenon that is not limited to any national borders. Terrorism doesn’t take into
account geographical limitations and transcends the boundaries. Due to the increasing dependence on
computer networks and virtual connections, a global sphere in cyberspace has been created which has the
greatest potential to be misused, to carry out cyberterrorism and pursue other international terrorist goals.
With new technology coming up every day and changes in its usage and development, the risks of potential
threats have been rising continuously, ranging from leaking of valuable information to misuse of the power
and irreversible consequences across the globe.

There is a rapid growth in the numbers of cyber terrorism acts with the progress and development to a digital
world as-

 The countries are slowly taking their functions to a digital platform with excess dependence on the virtual
space. This dependence is making the governments and their sensitive information prone and vulnerable
to attacks which slow down their functions.
 Digital space allows a widespread impact and a far reach as compared to the traditional attack, thus
making it a more severe and dangerous form of terrorism.
 The Internet is a very unpredictable and unexplored medium which can easily create tension and threats
in the mind of the people thus making it an apt tool to be misused.
 Virtual attacks are easy to be conducted and do not require one’s physical presence thus a winning
situation to maintain anonymity and create the required impact without actually being present in the
situation.

Cyber terrorism in India

India has begun its development and reliance on technology depicting its steady growth and shifting to a
modern form of governance. Sectors like income tax, passports and visas have taken the driver seat to e-
governance with police and judiciary culminating its way upward. This growth has both positive as well as
negative aspects to it. With use comes greater responsibility of handling data online with care as any damage
can have catastrophic consequences and India cannot afford to collapse. The episodes of online warfare and
cyber-attacks are high against India. Time and again we have been attacked in full force by China and
Pakistan.

China, who on one hand is strengthening its ability to wage electronic warfare, on the other hand, Pakistan has
increased cyber attacks on India and its crucial websites in retaliation to the Jammu and Kashmir issue, thus
extending their warfare to completely new, unpredictable and dangerous zones like cyberspace. Hacker groups
have intensified their raging attacks on India and we need a strong and structured system to fight the digital
war. The acts of cybercrimes and terrorism have multiplied in lots and bounds, the Parliament of the Republic
of India has not yet enacted any legislation that specifically addresses the problem of cyber coercion.
However, there are some existing legislation and some amendments to incorporate it at intervals to deal with
the issues.

The use of technology in the Mumbai attacks of November 2008 made India adopt the amendments to its
2000 IT Act in December 2008, which inculcated provisions related to cyber terrorism, which might be
applied in the future. In the purview of these amendments, Section 66F had been inserted in the Act by
Information Technology (Amendment) Act, 2008. This section contains the substantive offence of committing
the act of cyber terrorism. The insertion of this provision was a necessary step to prevent jeopardy of civil
liberties as we are increasingly relying on information technology to serve our essential government services.
This section attracts imprisonment or life imprisonment in case the offence is committed to threaten the
integrity, unity, sovereignty and security of India along with inciting terror in the minds of the people.

It constitutes the denied access to a person who is authorized to access computer resources or Attempting to
penetrate or access a computer resource without authorization or exceeding the limits of authorized access or
Introducing any computer contaminant.

The section says if by the means of such conduct, the person causes or is very likely to cause death or injuries
to persons or to damage to or disrupts or knowing that it is like to cause damage or disruption of supplies and
services essential to the life of the community or destruction of property or is likely to adversely affect the
critical information infrastructure specified under section 70, the act would be punishable.

If the person knowingly or intentionally accesses a computer resource without the authority or exceeding the
authorized access, and obtains access to information, data or computer database that is restricted for reasons
for the security of the state or foreign relations, or any restricted information, with sufficient reasons to
believe that such information, data or computer database can be misused, will have committed an offence.

The scope of cyber terrorism is exhaustive according to this section.

The Sections 66-F, 70, 70-A and 70-B of the Information Technology Act, 2000 makes it possible for the
government to maintain cybersecurity in the country.

The term “Critical Information Infrastructure” in Section 66F is defined in the Explanation enshrined in the
amended Section 70. It talks about protected systems and allows the government to notify a computer
resource affecting the facility of critical information infrastructure to be a protected system.

Section 70A has been formed to secure the CII through a National Nodal Agency which will be established by
the Central Government.

Section 70B gives power to the Indian Computer Emergency Response Team (CERT-IN) as the national focal
point for gathering information on threats and to facilitate the Central Government‟s response to computer
centred incidents.

Sections 70-A and 70-B cover both the investigatory process and the preventive measures.
The section under the IT Act deals with a wide variety of issues including:
 hacking ( Sections 43 & 66 )
 phishing ( Sections 66C, 66D & 74)
 identity fraud ( Sections 66C )
 electronic theft (Sections 72 & 72A)

All offences under the IT Act have extraterritorial jurisdiction as long as it is committed using a resource or
network located in India.

The cybersecurity measures in India are provided under the Information and Technology ruled (CET-In rules)
2013 which direct the entities to request for assistance if a victim of any such cyber offences. This helps in
identifying, monitoring, preventing, detecting, mitigating and management of the incidents. Apart from this,
many other such security-related compliances guide and monitor the incidents like SPDI – rules and CMA
rules.

Famous cases and incidents

The WannaCry outbreak

9/11

Ahmedabad Bomb Blast

26/11

Conclusion

Modern Information technologies can leverage economic as well as social benefits. The states have
continuously strived to achieve a shared vision of a secure, open, peaceful and accessible ICT environment.
Despite all the efforts the problem doesn’t seem to go away. The psychological perspective shows the
combination of two growing yet compelling fears, cyber and terrorism which are yet bewildered and need
stringent exploration to conquer the dread of the unknown. The fear and anxiety revolving around these
concepts paired with the uncertainty give all the more reason to acknowledge the grave consequences of its
presence. The source of the problem is not just the technologies which are prone to vulnerabilities, errors and
flaws but human behaviour is too at fault due to its inclination towards the negative and destructive forces,
mainly to overcome insecurities, feelings of revenge, cheating and rebel to destroy.

A lot of State and non-State actors have been using cyberspace and related ICT tools for a range of malicious
purposes. Thus affecting the trust of the people in the technologies and related products and services and
undermining trust between governments threatening international peace and security.

The Information Technology Act,2000 has outlined bound offences and penalties to overpower omissions,
that are known to return inside the characterization of cybercrimes. A change is inevitable and required due to
which the dilemmas posed by the new advancements in technology every day cannot be avoided. The
criminals have modified their strategies and adopted the advanced technology, and to protect the society, the
legal, and the enforcement authorities, the non-public companies and organizations in India will have to
modify their mechanism to combat the issues in unity.