Module III Flashcards
Original Intent of the IT Act
The IT act was primarily drafted to facilitate and protect e commerce, not to be a comprehensive code regulating aspects of internet or cybercrime
Terminology of crimes in IT act
Does not use the general term cybercrime instead identifies and defines some specific offences
How can a computer be defined in a cyber crime
- As the target or object of the crime
- As the physical site of the crime
- As the instrument used to commit the crime
What constitutes cybercrime?
Crimes Using Internet/computer - Traditional crimes committed using computers or networks.
Crimes against the internet/computer - Target the integrity or availability of a computer/network
Definition of cybercrime in the IT Act
IT Act does not provide a definition for computer crime, cyber crime or internet crime.
Knowledge-based focus for defining computer crimes
A common definition of computer crimes is “any violations of the law that involve knowledge of computer technology for their perpetration, investigation or prosecution”. For example: Stealing a laptop is theft, but stealing it and destroying it to destroy data involves computer knowledge, making it closer to a computer crime.
Characteristics of Cybercrime
- Prevalence
- Low Conviction Rates
- Low Perpetration Cost
- Encryption protects cybercrime (e2e for example)
- Involvement of third parties (ISPs)
- Anonymity and evasion easy
What is the concept of access
Access related offences like trespass and hacking are fundamental types of internet crimes. Defined under the IT act. Means gaining entry into the computer system.
Plugging in a pen drive is considered access?
Yes, plugging it into a computer and attempting to bypass is an attempt to communicate with the device. Clearly access.
Broad Provisions
IT Act has intentionally broad provisions to maximize consent based protections.
Relevance of “Secures access” in the penalising provision of IT Act - Section 43
Ability to access, like having the key/password, is treated similarly to actively accessing in the cyber context.
Broad scope of computer definition
Critical and intentional, means even devices like pen drives and external hard drives qualify, even when not physically connected.
Hacking originally
Section 66 of the original IT Act, whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to public or any person destroys or deletes or alters any information
Criticism of original definition of hacking
- Focus on Damage, Not acess
- Ignored Consent (which was the core issue)
- Dictionary definition v legal definition (dictionary also focused on unauthorized access, while the legal one focused on the resultant harm)
- Impact (Doing nothing after accessing would not have constituted hacking)
Comparison of old hacking definition with Trespass
Section 441 - Criminal tresspass involves entering property with intent to commit offence, intimidate, insult, or annoy or remaining there unlawfully after lawful entry with such intent.
Comparison of old hacking definition with Mischief
- Mischief (IPC Sec 425) involves causing wrongful loss or damage by destroying property or making changes that diminish its value or utility.
- The original Sec 66 definition of hacking showed more resemblance to Mischief (due to its emphasis on destruction/damage/diminishing value) than to Trespass.
Breaking down the original 66 in terms of intent and actus
- Required Mens Rea (with the intent to cause or knowing that likely to cause
- Actus Reus
Difference between Section 43 and Section 66
Section 43 lists various wrongful acts related to computers and establishes civil liability. The forum is the Adjudicating Officer (often the State IT Secretary), not a civil court.
Section 66: Establishes criminal liability if down dishonestly or fraudulently
Dishonestly Meaning
Dishonestly (IPC Sec 24): Doing anything with the intention of causing wrongful gain to one person or wrongful loss to another.
Fraudulently meaning
Fraudulently (IPC Sec 25): Doing anything with intent to defraud.
What is the impact of the amendment to hacking section?
- Wider Scope from just “hacking”
- Higher Mens Rea standard
- Potential Negative Effect on Conviction rate as burden of mens rea is higher now
- Exclusion of negligence from criminal section
Some notes about Section 43
- Independent of Copyright, even though copyright infringement might apply as well
- Extraction means transferring contents, permanently or temporarily, inspired by EU directives
How broad is the scope for 43(g), providing assistance to any person to facilitate access? Will a blog post explaining hacking techniques constitute facilitation?
Section 84B already covers abetment; requires more direct involvement/nexus/intent; information might have legitimate educational uses. Depends on facts, circumstances, intent, nexus. “Facilitation” might imply more direct aid than just publishing information.
Facts of USA v. Morris
Robert Morris, a Cornell PhD student, created an internet worm intended to gauge internet size non-disruptively. Authorized to use Cornell systems. When released onto the internet, a flaw caused rapid self-replication, crashing many computers.
