INTRODUCTION
In its general connotation, cybercrime refers to any form of criminal activity involving the Internet, the use of computers and other electronic devices for the benefit of an individual or a group of people with the intention of harming another person or group of persons or organizations. Crimes included in this category include computer fraud, stalking, defamation, hacking, money laundering, impersonation and many more which are prevalent in India till date.
The increased use of the internet by the majority population of India for several purposes, from mobile phones at individual levels to the internet at workplaces, has greatly fuelled malpractices against internet usage, thereby increasing cybercrime and the dangers of digital insecurity in India.
This has also accelerated the misuse of digital information by illegitimate persons who are not actually authorized to use the information. Due to the continuous technological development in India today, the incidence of such cyber crimes is increasing drastically as well and therefore the Indian Parliament has enacted several laws starting with the Computer Fraud and Abuse Act 1986 which was the origin of the Cyber Crime laws in India and followed by several other legislations, which will be discussed in the following paragraphs below.
ANALYSIS OF COMPUTER CRIME AND CYBER LAWS IN INDIA
In India today, there are mainly five prevailing cyber laws covering the entire cyber security. Also in India where the internet is used very extensively, cyber laws are becoming extremely crucial and important as a major subject of discussion in the judicial system.
Strict or deterrent cyber laws serve the purpose of overseeing the digital flow of information, software, information security, e-commerce and monetary transactions within India and, where there is territorial connectivity, beyond India.
By providing maximum connectivity and minimizing cyber security concerns, India’s Cyber Security Act has paved the way for e-commerce and e-governance in the country and has also completely expanded the scope and application of digital media.
- Computer Fraud and Abuse Act 1986
This is considered to be the first and genesis of cybercrime laws in India. It came into force in 1986 and since then it has been the main regulatory body in dealing with issues related to cyber security and all other related crimes within the territory of India.
- Information Technology Act, 2000
Indian cyber law is governed by the Information Technology Act, which was drafted way back in 2000. The main thrust of this Act is to offer a reliable legal incorporation for e-commerce and facilitate real-time registration of records with the government.
But as cyber attackers become more insidious, led by the human tendency to abuse technology, a number of changes have followed. Enacted by the Parliament of India, the ITA emphasizes harsh punishments and penalties to protect the e-governance, e-banking and e-commerce sectors. Now the scope of ITA has been expanded to include all the latest communication devices.
- Indian Penal Code (IPC) 1980
Under the IPC – Indian Penal Code, identity theft and related cyber frauds are fully embodied here, which is invoked along with the Information Technology Act, 2000. The primary relevant section of the IPC covers cyber frauds such as forgery (Section 464), forgery pre-planned for cheating (Section 468), false documentation (Section 465), Presenting a forged document as genuine (Section 471) and Damage to reputation (Section 469). All these offenses are punishable under the Indian Penal Code and therefore a great legislation can be recommended which is still suffocating the livelihood of cybercrimes in India.
- Companies Act 2013
Several other references have been made to understanding the essence of company law, such as the famous reference of the company’s stakeholders as a legal obligation necessary to refine day-to-day operations in India.
The guidelines of this law consolidate all the required technical-legal compliance and bring less compliant companies into the legal framework. The Companies Act, 2013 also vested powers in the hands of the SFIO (Serious Fraud Investigation Office) to prosecute Indian companies and their directors for offenses related to cyber law and all its regulations in India and other parts of the world with territorial links to companies. In India.
Moreover, after the notification of the Companies Inspection, Investment and Investigation Rules, 2014, the SFIOs have become even more active and vigilant in this regard as well as strict. The legislation has ensured that all regulatory provisions are well covered, including cyber forensics, e-discovery and cyber security care.
The Companies (Governance and Governance) Rules, 2014 prescribe strict guidelines confirming the duties and responsibilities of directors and senior executives of companies in the field of cyber security to ensure that these threats are addressed at all costs in the normal functioning of the corporate market in India.
- NIST Compliant.
Cybersecurity Framework – NCFS, authorized by the National Institute of Standards and Technology – NIST offers a harmonized and common approach to cybersecurity as the most trusted global certification body. The NIST Cyber security Framework includes all the required guidelines, standards and best practices for responsible cyber risk management in India.
This framework also prioritized flexibility and cost-effectiveness. It supports the resiliency and protection of critical infrastructure by enabling better interpretation, management and mitigation of cybersecurity risks to mitigate data loss, data misuse as well as subsequent recovery costs. Determining the most important activities and critical operations with a focus on their security. It demonstrates the credibility of organizations that secure critical assets.
It helps prioritize investments to maximize cybersecurity. ROI also addresses regulatory and contractual obligations in support of the broader information security agenda by combining the NIST and CSF framework with ISO/IEC 27001, making cybersecurity risk management completely simple.
- National Critical Information Infrastructure Protection Centre (NCIIPC)
This was established under the Office of the Prime Minister in 2014 under Section 70A of the IT Act, 2000. It is based in New Delhi and deals with matters related to critical information within the territory of India only. Information on cyber crime and cyber security in India is divided into two parts, which are non-critical information and critical information together.
NCIIPC is required to monitor and report critical and sensitive matters within the territory of India and such critical and sensitive information will include Power and energy resources, finance services and insurances as well as transportation services altogether.
- Computer Emergency Response Team (CERT-In)
The CERT-In was established in the year 2004 whose function was for analysing, forecasting, and disseminating Non-critical cyber security incidents. This was seen very important in regulating, monitoring and executing information related to computer applications and how certain specific areas are performing in matters involving frauds and computer abuses within the Indian Territory.
Therefore, this was a primary task force that helped in coordinating and reporting all matters involving computer functions to the government authorities for appropriate actions accordingly.
CONCLUSION
Cybercrime involves the use of computers and computer networks in order to commit crimes and apparently, cybercrime is not a unique phenomenon in India, it existed long time ago, as old as during the independence struggle in the Indian sub-continent.
Due to the drastic technological explosions in India in the past two decades, there has been a recommendable increase in the usage of computers and the Internet altogether which has equally accelerated the rise in computer abuses and cybercrimes within the country. As such, several cyber security laws and regulations were enacted which aimed at curtailing and reducing the impacts of cybercrimes and improve fair and free computer usages by individuals or organisations in order to meet their professional goals and improve the technological systems in India altogether.
The offences committed includes money laundering, stalking, frauds, hacking, defamation, impersonation and stealing of digital information among others. Such cyber security legislations enacted includes the companies Act, 2013, the Information Technology Act and the constitution of the Computer Emergency Response Team in order to conduct investigations, monitoring and reporting of such offenders for judicial scrutiny thus minimizing the hazards of cybercrimes in India.