INTRODUCTION
In a general connotation, Cybercrime refers to any form of crime involving the internet, use of computers and other electronic devices for the interest of a single or a group of people with the intent to harm another person or group of persons or organisations. The crimes included under this category are such as computer frauds, stalking, defamation, hacking, money laundering, impersonation and many others which are being prevalent in India till date.
The increased use of internet by the ,majority population of India for several purposes ranging from Cell phones at individual levels to internets at job places have highly ignited the malpractices against internet usage and thus increase in cybercrime and dangers to digital insecurity in India. This has equally accelerated the misuse of digital information by illegitimate persons who actually are not entitled to the usage of such information.
Due to the persistent technological development in India today, the occurrences of such cybercrimes is equally drastically increasing and as such several legislations have been enacted by the Indian parliament starting from the Computer frauds and Abuse Act 1986 as the genesis of cybercrime laws in India and subsequently followed by several other legislations which shall be discussed in the following paragraphs below.
AN ANALYSIS ON CYBERCRIMES AND CYBER LEGISLATIONS IIN INDIA
There are majorly five predominant cyber laws covering the entire cyber security in India today. In India also, where the internet is used very extensively, cyber laws become extremely crucial and important as a major subject matter of discussion in the judicial system. Stringent or deterrent cyber laws fulfil the purpose of supervising the digital circulation of information, software, information security, e-Commerce and monetary transactions within the territory of India and where territorial nexus exists, beyond India.
By providing maximum connectivity and minimizing cyber security concerns, India’s Cyber security Law has cleared the path for electronic commerce and electronic governance in the country and also broadened the scope and application of digital media altogether.
- Computer Fraud and Abuse Act 1986
This is considered the first and the genesis of cybercrime laws in India. It came into effect in the year 1986 and since then, it has been the major regulatory body in tackling issues to do with cyber security and all other related crimes within the territory of India.
- Information Technology Act, 2000
The Indian cyber law is governed by the Information Technology Act, penned down back in 2000. The principal impetus of this Act is to offer reliable legal inclusiveness to e-Commerce, facilitating registration of real-time records with the Government. But with the cyber attackers getting sneakier, topped by the human tendency to misuse technology, a series of amendments followed. The ITA, enacted by the Parliament of India, highlights the grievous punishments and penalties safeguarding the e-governance, e-banking, and e-commerce sectors. Now, the scope of ITA has been enhanced to encompass all the latest communication devices.
- Indian Penal Code (IPC) 1980
Under the IPC – Indian Penal Code, Identity thefts and associated cyber frauds are embodied in herein altogether which is invoked along with the Information Technology Act of 2000. The primary relevant section of the IPC covers cyber frauds such as Forgery (Section 464), Forgery pre-planned for cheating (Section 468), False documentation (Section 465), Presenting a forged document as genuine (Section 471), and Reputation damage (Section 469). All these offences are punishable under the Indian Penal Code and thus it is recommend ably a great legislation that suffocates the livelihood of cybercrimes in India till date.
- Companies Act of 2013
Several other references have been made towards understanding the nature of the companies’ law such as a famous reference by the corporate stakeholders as the legal obligation necessary for the refinement of daily operations in India. The directives of this Act cement all the required techno-legal compliances, putting the less compliant companies in a legal fix. The Companies Act 2013 equally vested powers in the hands of the SFIO (Serious Frauds Investigation Office) to prosecute Indian companies and their directors altogether for crimes related to cyber law and all its regulations within India and other parts of the world with territorial nexus to companies in India.
Besides, post the notification of the Companies Inspection, Investment and Inquiry Rules, 2014, SFIOs have become even more proactive and vigilant as well as stern in this regard. The legislature ensured that all the regulatory compliances are well-covered, including cyber forensics, e-discovery, and cyber security diligence.
The Companies (Management and Administration) Rules, 2014 prescribes strict guidelines confirming the cyber security obligations and responsibilities of the company directors and leaders in ensuring that these menaces are tackled at all cost in the ordinary functioning of the corporate market within the territory of India.
- NIST Compliance.
The Cyber security Framework – NCFS, authorized by the National Institute of Standards and Technology – NIST offers a harmonized and joint approach to cyber security as the most reliable global certifying body. NIST Cyber security Framework encompasses all required guidelines, standards and best practices to manage the cyber-related risks responsibly in India.
This framework has prioritized flexibility and cost-effectiveness also. It promotes the resilience and protection of critical infrastructure by allowing better interpretation, management and reduction of cyber security risks to mitigate data loss, data misuse and also the subsequent restoration costs. Determining the most important activities and critical operations to focus on securing them.
Demonstrates the trust-worthiness of organizations that secure critical assets. Helps to prioritize investments to maximize the cyber security. ROI also addresses regulatory and contractual obligations supporting the wider information security program by combining the NIST and CSF framework with ISO/IEC 27001 and thus cyber security risk management becomes simplified altogether.
- National Critical Information Infrastructure Protection Centre (NCIIPC)
This was established under the Prime Minister’s Office in 2014 under section 70A of the IT Act, 2000. It is based in New Delhi and handles matters to do with critical information only within the territory of India. Cybercrime and cyber security information in India are divided into two which are the Non-critical Information and the Critical Information altogether.
The NCIIPC is required to monitor and report critical and sensitive matters within the territory of India and these critical and sensitive information shall include the Power and energy information, banking and finance services and insurances, transportation and government information as well as strategic and policy enterprises.
- Computer Emergency Response Team (CERT-In)
The CERT-In was established in the year 2004 whose function was for analysing, forecasting, and disseminating Non-critical cyber security incidents. This was seen very important in regulating, monitoring and executing information related to computer applications and how certain specific areas are performing in matters involving frauds and computer abuses within the Indian Territory.
Therefore, this was a primary task force that helped in coordinating and reporting all matters involving computer functions to the government authorities for appropriate actions accordingly.
CONCLUSION
Cybercrime involves the use of computers and computer networks in order to commit crimes and apparently, cybercrime is not a unique phenomenon in India, it existed long time ago, as old as during the independence struggle in the Indian sub-continent.
Due to the drastic technological explosions in India in the past two decades, there has been a recommendable increase in the usage of computers and the Internet altogether which has equally accelerated the rise in computer abuses and cybercrimes within the country. As such, several cyber security laws and regulations were enacted which aimed at curtailing and reducing the impacts of cybercrimes and improve fair and free computer usages by individuals or organisations in order to meet their professional goals and improve the technological systems in India altogether.
The offences committed includes money laundering, stalking, frauds, hacking, defamation, impersonation and stealing of digital information among others. Such cyber security legislations enacted includes the companies Act, 2013, the Information Technology Act and the constitution of the Computer Emergency Response Team in order to conduct investigations, monitoring and reporting of such offenders for judicial scrutiny thus minimizing the hazards of cybercrimes in India.
