INTRODUCTION

With the growth and advancement of technology, we are moving towards a more digitalised world. The modern era is dependent on the internet to a great extent. Hence the contracts are also getting digitalised. Basically, smart contracts are new age software-based contracts in which the software automates the business processes. It is self-performing in nature. 

KEYWORDS

Smart contract, software-based contract, blockchain, self-performing, contracts.

WHAT ARE SMART CONTRACTS?

As mentioned above, the smart contract is a new age software-based contract having a main feature of self-performing. The smart contracts are stored on blockchain and in this type of contracts the code explains the mechanisms of the transactions and final arbiter of the terms. Therefore, these contracts have become the building blocks of the entire ecosystem of decentralized applications and it represents a point of convergence of development of blockchain. Due to blockchain the requirement of intermediaries or third parties or human interactions are eliminated owing to its decentralized nature. This also ensures the smooth and trouble-free experience of virtual contract execution. Hence, there are no chances of human errors, however, once the agreement is completely codified, it cannot be altered or modified as per the need. 

Features

• It is self-performing
• It is once codified, cannot be modified or altered
• It uses blockchain technology for performance and executions of contract virtually
• For the performance and completion, it do not require submission of physical documents.

Presently, the smart contracts are best suited for two types of commonly used transactions:

• Confirming the payment of funds upon certain triggering events.
• Imposition of financial penalties if certain objectives or conditions are satisfied. 

HOW DO SMART CONTRACT WORKS?

In smart contracts, the code contains the terms. Therefore, the contract interprets and verify then automatically executes the transactions which are in accordance with the terms. For example, in case of rent, a contract of rent is made in smart contracts. The tenant will pay the rent to the house owner in cryptocurrency and once the payment is made and the house owner receives the receipt of successful transaction, he will release the key to the house. The system operates on If-Then principle and the people who are involved in blockchain will observe the transaction and will become the witnesses. The house owner will be surely paid when he releases the key and the tenant will definitely receive the key if he pays the amount. Therefore, one action will not be completed without the other and this states an efficient and effective system. 

USES

The smart contracts can be used in various such cases. Some of them are listed below:

1. Insurance- due to lack of automation process in insurance claims, this can lead to delay to process claims for months and it can be problematic to the customers. Here, adopting smart contracts can be extremely helpful. The smart contract can trigger the insurance claim automatically when certain events occur which ultimately saves time and costs. Furthermore, this makes the entire process smooth and effective.
2. Mortgages-  the smart contract assist in mortgages cases by  automatically joining the parties and by providing a frictionless process. It can also automatically process payments and release the liens from landlords when the loan is paid.
3. Supply chain management- for any company keeping a track of the flow of goods is a difficult task. Here, the smart contract helps and saves time, costs and makes the process more efficient by taking a note of the ownership rights as the products move through supply chain with confirmation who is responsible for the product at a given time.

SMART CONTRACT IN INDIA

The primary statute to regulate the contracts in India is the Indian Contract Act, 1872. Section 10 of the Act states that “all agreements are contracts if they hold the free consent of parties willing to contract, for a lawfully accepted consideration and with an object.” In simpler terms it means that an agreement to be enforceable by law must have an offer, acceptance and consideration. In smart contracts, there is offer, acceptance and consideration in form of cryptocurrency. Hence, the essential requirements of section 10 are fulfilled which means that the smart contracts are enforceable under the Indian law. However, cryptocurrency is not recognized in India as there is no such regulation which can regulate it. Here a question raises, whether cryptocurrency can be considered a valid consideration under the Indian law. In a 2020 judgment of the Supreme Court, the Hon’ble Court lifted the ban imposed by Reserve Bank of India on cryptocurrency which refused the banks and financial institutions from providing services to individuals or businesses who were engaged in cryptocurrency dealings. 

Now, question arises that whether digital signature are enforceable or not and can be admitted as an evidence in the court?

Section 5 and section 10 of the Information Technology Act, 2000 (“IT Act”)defines that a digital signature is legally acceptable and a contract of electronic means to be legitimate and enforceable. Section 65B of the Indian Evidence Act, 1872 (“Evidence Act”) states that the contracts signed digitally shall be admitted as an evidence in the courts. However, according to the Evidence Act, an electronic contract is considered valid only when if it is authenticated by way of a digital signature which should be in accordance with law and these signatures are enforceable and recognized under the IT Act and in accordance with the rules of the Central Government. In case of smart contracts, the contract may be identifiable to the contracting parties, however, these do not employ signatures in digital formats that the Indian law requires. Thus, the smart contracts may not enjoy the benefits of a contract under the Indian law.  

Smart contracts are enforceable in India, however, if caution is not followed with respect to the party that is being contracted then the consequences of a failed transactions shall be carried all by own as the law has no detailed system in place for the regulation of the smart contracts. The smart contracts might not be enforceable under the Indian law if the consideration in the contract is not mutual. As the Indian law recognizes the concept of mutual consideration, absence of the same will make the contract enforceable. This situation can occur in case of unilateral contracts. Although a smart contract without consideration can still be enforceable through code. However, if such contract is breached them it shall not be held as breach in the eyes of courts of India because for the courts there is no contract in the first place as there was no mutual consideration which is a significant requirement of a contract. 

CONCLUSION

It can be concluded after reading the above piece of information on smart contracts that smart contracts have many benefits with evident disadvantages. The smart contracts are enforceable in the Indian law, however, the protection cannot be granted as there is no regulation which can regulate this type of contracts. There are several other issues as well in smart contract such as policy issues including jurisdictions problems and the possibility of fraud and etc. Therefore, the Indian law needs amendments or laws for the regulation of smart contracts in India.

REFERENCES

1. Indian Contract Act, 1872.
2. The enforceability of smart contracts in India, https://www.mondaq.com/india/contracts-and-commercial-law/874892/the-enforceability-of-smart-contracts-in-india
3. Smart contracts: Functioning and legal enforceability in India, https://www.alliance.edu.in/ijls/ijls-2021/assets/documents/Smart-Contracts.pdf
4. Smart contracts in India, https://www.mondaq.com/india/fin-tech/1133130/smart-contracts-in-india

The post EXPLAINED: SMART CONTRACTS IN INDIA appeared first on LexForti .

More often, individuals and businesses face a predicament where they are subjected to certain acts by peers, competitors, ex-employees, and other malicious entities, which do not squarely fall within the ambit of “cyber-crimes”. The end result is a few visits to the police station without any remedy to avail, or worse, a frivolous FIR resulting in an unnecessary waste of time and funds. In reality, the Information Technology Act (hereinafter referred to as ‘the Act’) is well equipped to deal with such “contraventions” under Chapter 9, Section 43 and 43-A, by awarding compensation to the victim, and in certain cases, penalty upon the offenders. These offences require a complaint to be lodged before the adjudicating officer under the Act, and this article explains exactly how to go about the process.

Offences under the Information Technology Act

The acts that comprise offences under Chapter 9 can be classified under 2 major heads, acts by persons/individuals, and acts by a body corporate. The offences by a person are covered under Section 43 of the Act, and they are elaborated in detail hereunder:

1. All such acts must first and foremost be performed without the consent of the owner or person in charge of the computer, computer system, or computer network.
2. Accessing or securing access to a computer, computer system, or computer network (hereinafter collectively referred to as “computer”). The act makes it illegal to just enter a computer by guessing the password or using third-party tools to break the machine’s security. Under section 2(a) of the Act, ‘access’ is defined to include “entry into/instructing or communicating with the logical, arithmetical or memory function resources of a computer”. As a result, even if there is indirect access to the computer’s hard drive or specific files without using traditional methods, it will be considered a violation under this article.
3. Any information/data from a computer, including data saved on removable storage media, can be downloaded, copied, or extracted. Although the term “downloading” is not defined in the Act, it refers to the copying of data from one computer system to another. This involves making a copy of the data without harming/damaging the original data. Any data, including a database of phone numbers, client lists, designs, artwork, photographs, videos, document files, etc. amounts to a violation under this subsection. There is substantial ambiguity over the precise definition of data extraction. It can either be the act of selectively acquiring data from a certain file without copying the entire file, or it can be the process of removing the original data entirely without making a copy. Direct introduction or causing contamination indirectly, of any form of a virus into a computer. This is usually done by directly introducing a virus via an external storage device, or by leaving a link or a file on the computer, which when accessed, releases the virus. Computer Contaminant has been further explained in Section 43 Explanation (i) to include any set of computer instructions that are designed:
   1. “To modify, destroy, record, transmit data or program residing within a computer, computer system or computer network;
   2. by any means to usurp the normal operation of the computer, computer system, or computer network.”

Explanation: Section 43 of Information Technology Act, 2000

1. “Computer Contaminant” means any set of computer instructions that are designed:
   1. to modify, destroy, record, transmit data or program residing within a computer, computer system, or computer network.
   2. by any means to usurp the normal operation of the computer, computer system, or computer network.
2. “Computer Database” means a representation of information, knowledge, facts, concepts, or instructions in text, image, audio, a video that is being prepared or have been prepared in a formalized manner or have been produced by a computer, computer system, or computer network and are intended for use in a computer, computer system or computer network.
3. “Computer Virus” means any computer instruction, information, data, or program that destroys, damages, degrades, or adversely affects the performance of a computer resource or attaches itself to another computer resource and operates when a program, data, or instruction is executed or some other event takes place in that computer resource.
4. “Damage” means to destroy, alter, delete, add, modify or re-arrange any computer resource by any means.
5. “Computer Source Code” means the listing of programs, computer commands, design and layout, and program analysis of computer resources in any form.

Landmark News and Case Laws

1. Reliance Jio owned by Mukesh Ambani had registered an FIR with the Navi Mumbai police under section 379 (theft) of the IPC and section 43 (2) (data theft – downloads, copies or extracts any data, computer database or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium) and 66 (computer-related offenses) of the Information Technology Act. In this respect, the Maharashtra police have arrested a computer course dropout from Rajasthan for allegedly leaking a database of Reliance Jio customers on a website – Magicapk.com. He will be produced in a court in Rajasthan for transit remand and will then be brought to Navi Mumbai. Also, Forensic analysis is underway to find out if Jio’s database has been leaked and how the accused managed to get his hands on the data.
2. Poona Auto Ancillaries Pvt. Ltd., Pune vs. Punjab National Bank, HO New Delhi & Others: In 2013, in one of the largest compensations awarded in legal adjudication of a cybercrime dispute, Maharashtra’s IT secretary Rajesh Aggarwal had ordered PNB to pay Rs 45 lakh to the Complainant Manmohan Singh Matharu, MD of Pune based firm Poona Auto Ancillaries. A fraudster had transferred Rs 80.10 lakh from Matharu’s Account in PNB, Pune after Matharu responded to a phishing email. The complainant was asked to share the liability since he responded to the phishing mail but the Bank was found negligent due to a lack of proper security checks against fraud accounts opened to defraud the Complainant.

Methods to recover compensation under the Information Technology Act

1. Appointment of Adjudicating Officer:Section 46 of the Act empowers the Central Government to appoint any person not below the rank of Director to the Govt. of India or an equivalent officer of a State Government to be an adjudicating officer under the Act, and such an officer has the powers to hold inquiries and award penalties, to adjudicate any contravention under the Act, rules, regulation, direction or order. This provision enables the government to appoint a quasi-judicial authority to adjudicate upon these contraventions.
2. Jurisdiction:The pecuniary jurisdiction vested upon the adjudicating officer is to the extent of Rs. 5 crores, i.e., the adjudicating officer can order compensation or penalties to the maximum amount of Rs 5 crores. There seems to be some lacuna around the jurisdiction aspect, due to the bar of a civil court’s jurisdiction under Section 61 of the Act, thereby leaving a victim remediless in case he prays for compensation for damages beyond Rs 5 crore in his complaint.

This lacuna can be easily removed by a harmonious interpretation, and in my view, the bar in jurisdiction extends only “to entertain any suit or proceeding in respect of any matter which an adjudicating officer appointed under this Act or the Cyber Appellate Tribunal constituted under this Act is empowered by or under this Act”. As complaints involving a prayer beyond Rs 5 crore are not suits or proceedings that an adjudicating officer or Appellate Tribunal is empowered to adjudicate, the civil court should ordinarily have jurisdiction.

The post Section 43 of Information Technology Act, 2000 appeared first on LexForti .

However, this led to an intensified friction between the Government of India and Twitter as the latter has failed to with the IT (Guidelines for Intermediaries and Digital Media Ethics Code) Rules, 2021.

The Ministry of Electronics and Information Technology has served last notice to the social media giant, Twitter with respect to compliance mechanism related to IT Rules.

According to the Ministry, a letter has been addressed to Mr. Jim Baker of Twitter wherein it has been said that the particular company has failed to provide the details of its Chief Compliance Officer. The Ministry also pointed out that the resident grievance officer and nodal contact person are not related to the company.

It also been stated that the mentioned office address is not actually of Twitter but of a law firm situated in India.

Due to a gesture of goodwill, the government served one last notice to the company as the actual last date was May 26. The government clarified that upon non-compliance of last notice, the protection granted to Twitter as an intermediary under Section 79 of IT Act would be withdrawn. The government also warned of penal consequences.

The Ministry submitted that the reluctant behaviour of Twitter shows its lack of commitment and the efforts towards providing a safer experience to its users on its platform. It was also stated the company has refused to form mechanisms that would enable the citizens’ to timely resolve their issues and in a transparent manner.

It is to be noted that entities like Google and WhatsApp have challenged the constitutionality of new IT Rules before the Delhi HC. Moreover, few news portals have also approached the High Court w.r.t to the flaws in the Rules.

The post Centre serves last notice to Twitter for complying with IT Rules appeared first on LexForti .

In the instant case, Google LLC preferred an appeal against the order of a single judge bench which had directed it to globally remove a content which was addressed as objectionable and offensive by the female petitioner. According to her, the content had been taken from her social media accounts (Facebook and Instagram) without her consent and posted on pornographic website.

The petitioner alleged that despite her privacy settings being activated, her photos had been taken from her accounts. Such an offence was violative of her privacy and was punishable under Section 67 of the IT Act.

The appellant had submitted that it had no issues against the directions of court in case of the petitioner, rather was aggrieved by the blanket template directions delivered by the bench under the shade of Information Technology (Intermediary Guidelines and Digital Ethics Code) Rules 2021.

According to the appeal, Google had been classified as a social media intermediary under the new IT Rules and was directed to remove a particular post and ones flagged like it globally within 24 hours.

The counsel submitted that the appellant sought for a protection against any coercive action upon its failure to take down particular posts as it is not an SMI. The counsel contended that being a search engine, it would not be covered under the definition of SMI under the IT Rules.

In furtherance to this, the counsel submitted that though the content may be offensive under the Indian Law, it might not be offensive in countries outside India, thus blanket order to remove the post could not be issued.

Lastly, the counsel submitted that due to such template directions, a bad precedent might be set. Had the petitioner approached the appellant, they would’ve dealt with the matter.

Based upon such blanket directions, the appellant had filed an appeal and sought for interim protection.

The post Our search engine is not a social media intermediary- Google before Delhi HC while seeking protection against IT Rules 2021 appeared first on LexForti .

Meaning of the term “Cyber Terrorism”

Cyber terrorism is described as the use of cyberspace to harm the general public while also disrupting the target country’s legitimacy and sovereignty. The electronic medium or the interconnected network of computers is referred to as cyberspace.

According to Black’s Law dictionary, cyber terrorism is defined as the act of “Making new viruses to hack websites, computers, and networks”.

The U.S Federal Bureau of Investigation defines cyber terrorism as a “premeditated attack against a computer system, computer data, programs, and other information with the sole aim of violence against clandestine agents and subnational groups”.

Modes of Cyber Terrorism

Following are some of the modes of Cyber Terrorism:

1. Hacking into the systems and databases owned by the government of the target country and appropriating sensitive information of national importance.
2. Destructing and destroying the entire database of the government hosted on cyberspace along with all backups by introducing a virus or malware into the systems.
3. Temporarily causing disruptions to the network of the government of the target nation and distracting the top officials so that they can pursue other means of terrorism.
4. Distributed denial of service attack (“DDOS”): The terrorists through this attack first infect the systems by introducing viruses and then take control over the systems. The systems are then accessed by the terrorists from any location who manipulate the data and access the information.

Steps taken, to curb the situation

National Cyber Crime Reporting Portal: It is a government of India project to make it easier for victims and complainants to register cyber-crime grievances online. This website only handles complaints about cybercrime, with an emphasis on cybercrime against women and children.

Indian Computer Emergency Response Team: It is the national nodal agency for responding to computer security incidents as and when they occur.

National Cyber Security Policy: This is a policy framework by the Department of Electronics and Information Technology. It aims to protect the public and private infrastructure from cyber-attacks.

www.cybercrime.gov.in: The Government has launched online cybercrime reporting to enable complainants to report complaints pertaining to Child Pornography/Child Sexual Abuse Material, rape/gang rape imageries, or sexually explicit content. The Central Government has rolled out a scheme for the establishment of the Indian Cyber Crime Coordination Centre (I4C) to handle issues related to cybercrime in the country in a comprehensive and coordinated manner.

Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre): It has been launched for providing detection of malicious programs and free tools to remove such programs.

Personal Data Protection Bill: The Personal Data Protection Bill, 2019 was introduced by the Ministry of Electronics and Information technology in Lok Sabha. It was inspired by the principles of the General Data Protection Regulation, 2016. The aim and premise of this Bill are to protect personal information and create a Data Protection Authority to do so. It aims to control the use of data by both public and private entities. It regulates the collection of data by both Indian governments and businesses. It also applies to international companies that deal with the personal data of Indian citizens.

As half of the world population has started using the internet for various purposes, the concern about data is very important. The smartphone that we use has AI that analyses us. It collects information about us from our habits to health issues. And usage of these AI technologies is inevitable in this 21st century. So, it is very important to protect the details of the individuals. Thus, countries around the world have started to pay attention to creating data-related laws and policies to protect people.

In India, the protection of data, its usage, and issues related to it are regulated by the Information Technology Rules, 2011 under the IT Act, 2000. This rule states that a company shall be held liable if any negligence happened while maintaining data security standards.

Any processing of data can only be done by the consent of the data principle. This bill provides certain rights to data principles with respect to their personal data, such as confirmation on whether their personal data has been processed, seeking correction, completion, or erase of their data, and restricting continuing disclosure of their personal data.

To examine and provide recommendations on the said bill, a Joint Parliamentary Committee (JPC) is formed. It was constituted in December 2019. It consists of 20 members from Lok Sabha and 10 from Rajya Sabha. On 21st September, P.P. Chaudhary (Member of JPC) moved the motion for a time extension. Through a voice vote, the motion was passed by Lok Sabha. The house extended the time up to the second week of the winter session of the parliament 2020 for submission of reports and recommendations.

Indian Penal Code on Cyber Terrorism:

Section 292 of IPC: Although this Section was drafted to deal with the sale of obscene material, it has evolved in the current digital era to be concerned with various cybercrimes. The publication and transmission of obscene material or sexually explicit act containing children, etc. which are in electronic form are also governed by this section. Though the crimes mentioned above seem to be alike, they are recognized as different crimes by the IT Act and IPC. The punishment imposed upon the commission of such acts is imprisonment and fine of up to 2 years and Rs. 2000. If any of the aforementioned crimes are committed for the second time, the imprisonment could be up to 5 years and the fine could be imposed up to Rs. 5000.

Section 354C of IPC: The cybercrime deal with under this provision is capturing or publication of a picture of private parts or acts of a woman without such person’s consent. This section exclusively deals with the crime of ‘voyeurism’ which also recognizes watching such acts of a woman as a crime. If the essentials of this Section (such as gender) are not satisfied, Section 292 of IPC and Section 66E of IT Act, 2000 is broad enough to consider the offences of a similar kind. The punishment includes 1 to 3 years of imprisonment for first-time offenders and 3 to 7 years for second-time offenders.

Section 354D of IPC: This section describes and punishes ‘stalking’ including both physical and cyberstalking. If the woman is being monitored through electronic communication, the internet, or email or is being bothered by a person to interact or contact despite her disinterest, it amounts to cyber-stalking. The latter part of the Section states the punishment for this offence as imprisonment extending up to 3 years for the first time and 5 years for the second time along with a fine imposed in both instances.

In the case of Kalandi Charan Lenka v. The State of Odisha, the victim received certain obscene messages from an unknown number which damages her character. Moreover, emails were sent and the fake Facebook account was created by the accused which contained morphed pictures of the victim. Hence, the accused was found prima facie guilty for cyberstalking by the High Court under various provisions of the IT Act and Section 354D of IPC

Section 411 of IPC: This deals with a crime that follows the offences committed and punished under Section 379. If anyone receives a stolen mobile phone, computer, or data from the same, they will be punished in accordance with Section 411 of IPC. It is not necessary that the thief must possess the material. Even if it is held by a third party knowing it to be others, this provision will be attracted. The punishment can be imposed in the form of imprisonment which can be extended up to 3 years or fine or both.

Section 419 and Section 420 of IPC: These are related provisions as they deal with frauds. The crimes of password theft to meet fraudulent objectives or the creation of bogus websites and commission of cyber frauds are certain crimes that are extensively dealt with by these two sections of IPC. On the other hand, email phishing by assuming someone’s identity demanding password is exclusively concerned with Section 419 of IPC. The punishments under these provisions are different based upon the gravity of the committed cybercrime. Section 419 carries a punishment up to 3 years of imprisonment or fine and Section 420 carries up to 7 years of imprisonment or fine.

Section 468 of IPC: If the offences of email spoofing or online forgery are committed for committing other serious offences i.e., cheating, Section 468 comes into the picture which defines the punishment of seven years of imprisonment or fine or both.

Section 469 of IPC: If the forgery is committed by anyone solely to disrupt a particular person or know that such forgery harms the reputation of a person, either in the form of a physical document or through online, electronic forms, he/she can be imposed with the imprisonment up to three years as well as fine.

Section 500 of IPC: This provision penalizes the defamation of any person. With respect to cybercrimes, sending any kind of defamatory content or abusive messages through email will be attracted by Section 500 of IPC. The imprisonment carried with this Section extends up to 2 years along with a fine.

Section 504 of IPC: If anyone threatens, insults, or tries to provoke another person to effect peace through email or any other electronic form, it amounts to an offence under Section 504 of IPC. The punishment for this offence extends up to 2 years of imprisonment or fine or both.

Section 506 of IPC: If a person tries to criminally intimidate another person either physically or through electronic means with respect to the life of a person, property destruction through fire or chastity of a woman, it will amount to an offence under Section 506 of IPC and punishment of imprisonment where the maximum period is extended up to seven years or fine or both.

Section 509 of IPC: This Section deals with the offence of uttering a word, showing a gesture, and committing an act that has the potential to harm the modesty of a woman. It also includes the sounds made and the acts committed infringing the privacy of a woman. If this offence is committed either physically or through electronic modes, Section 509 gets attracted and the punishment would be imprisonment of a maximum period of one year or fine or both.

Timeline of some Cyber Crime Cases

1. 2010: Stuxnet worm was found by VirusBlokAda. Stuxnet was unusual in that while it spread via Windows computers. 
2. 2011: Sony announced that a hacker stole details for 77 million PlayStation Network users, including personally identifiable information and financial details.
3. 2012: Shamoon virus began destroying over 35,000 computer systems, rendering them inoperable. The virus was used to target the Saudi government by destroying the state-owned national oil company Saudi Aramco.
4. 2013: Yahoo experienced a data breach that resulted in the theft of 3 billion user accounts.
5. 2014: US retailer Home Depot’s point of sale systems were breached. Attackers stole 50 million personal credit card details.
6. 2015: Carbanak case was a $1 billion heist that combined the elements of an APT attack, malware-facilitated fraud, ATM malware, and high street crime.
7. 2016: The largest-ever distributed denial of service (DDoS) attack took place, which used over 1 million connected devices in the Internet of Things, that was compromised by the attackers due to software vulnerabilities. 
8. 2017: WannaCry attack, allegedly launched by North Korea, unleashed a type of ransomware that not only locks down content on user devices but also rapidly spreads in the system.
9. 2018: Iranian hackers were alleged of making a data-wiping malware called Dustman.
10. 2019: International law enforcement agencies made 61 arrests and shut down 50 dark web accounts used for illegal activity in a joint operation
11. 2020: High-profile Twitter accounts were hacked.

Conclusion

Modern Information technologies can leverage economic as well as social benefits. The states have worked diligently to realize a common vision of an ICT environment that is safe, free, peaceful, and accessible. In all attempts, the issue does not seem to be resolved. From a psychological perspective, cyber and terrorism are two growing yet convincing fears that remain unresolved and need rigorous analysis to resolve the fear of the unknown. The fear and anxiety that accompanies these ideas, coupled with the confusion, makes it all the more necessary to consider the serious implications of their existence. The source of the problem is not just the technologies that are prone to vulnerabilities, errors, and flaws but human behaviour is too at fault due to its inclination towards the negative and destructive forces, mainly to overcome insecurities, feelings of revenge, cheating, and rebel to destroy.

Cyberspace and associated ICT methods have been used by several State and non-State actors for a variety of malicious purposes. As a consequence, people’s trust in technology and related goods and services is eroding daily.

The Information Technology Act, 2000 has outlined bound offences and penalties to overpower omissions, that are known to return inside the characterization of cybercrimes. Change is necessary and needed, as the dilemmas posed by new technical advances every day cannot be prevented. Criminals have changed their tactics and embraced advanced technologies, and non-public corporations and organizations in India will have to change their mechanisms to tackle the issues in a coordinated manner to protect society, the legal system, and compliance authorities.

The post Laws against Cyber Terrorism in India appeared first on LexForti .

The rules have been accumulated in the Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules, 2021.

The Rules consist of a Code of Ethics and a three-tier content regulation mechanism. All these have been introduced under the two-decade old Information Technology Act, 2000.

All the rules would come into force when the same is notified under the Official Gazette.

The Code of Ethics would basically be applicable on the publishers of the online content. The publisher would be supposed to take due caution while posting any content on its platform, and make sure that the same does not affect the sovereignty, integrity of India or endangers and jeopardizes the security of the nation.

The Code also includes the parameters based on which U or A certificate would be granted to the content. Moreover, the Ministry has also established a grievance portal, whereby the general public could raise and redress their issues.

Under the three-tier grievance Redressal framework, the grievances would be addressed by three entities; firstly by the entity itself, secondly by the self-regulating bodies of applicable bodies, and thirdly by the Central Government.

Apart from this, inter-departmental committee would also be formed, constituting members from different ministries like Defence, External Affairs, Law and Justice, etc.

The intermediaries would also be required to undertake due diligence and set up requisite posts for the same.

Overall, the guidelines have been drafted, keeping in mind the grievances put by the general public. Numerous petitions had been filed before the Apex Court and the High Courts requesting the Centre to formulate rules which could regulate content on the online content curators.

The post Centre issues draft rules for regulation of content on Social Media, OTT and other Media Platforms appeared first on LexForti .

Afroz Khan Vs State of U.P & Anr.

Abstract

Humankind has achieved great technological advancement. The Internet has been an important medium of communication because of which anybody can share anything online. The consequences of such advancements are cyberbullying and harassment, which many of the children as well as adults face in some or other way. On 15.10.2020 in Afroz Khan Vs State of U.P, the Allahabad High Court observed that the technology is being misused to commit the offense, particularly against the women.

Facts of the Case

The accused had obtained the number of the victim, He started sending dirty and obscene messages to the victim. He hacked her social media accounts such as Instagram Snapchat, etc. He had sent obscene and objectionable messages from the Instagram and Snapchat of the victim to the other students/ boys. He was pressurizing her to lodge a case against the family members by dialing 1090. When the victim refused to do so, he threatened to kill her younger brother in an accident if she didn’t give him 2 lakh Rupees. He also threatened her to make viral the footage, audio, and video of the victim and also said that if the information was given to the police then the entire family would be killed.

Laws charged against the accused-appellant

Sec.386 of Indian Penal Code 1860(IPC): Extortion by putting a person in fear of death or grievous hurt.—Whoever commits extortion by putting any person in fear of death or of grievous hurt to that person or any other, shall be punished with imprisonment of either description for a term which may extend to ten years, and shall also be liable to fine.
Sec.354A of IPC: Sexual harassment and punishment for sexual harassment.
Sec.66C Information Technology Act: Punishment for identity theft.–Whoever, fraudulently or dishonestly make use of the electronic signature, password, or any other unique identification feature of any other person shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.

Judgment

The Hon’ble Allahabad High Court observed that:
• The statements given by the prosecutrix have supported the case reiterated the allegation made in the FIR.
• The court stated that the technology is being misused to commit offense particularly against women in society. The accused has been blackmailing and threatening the victim thus destroying and disrupting her life.
• It observed that these kinds of crimes are increasing day by day.
After considering these observations, the Hon’ble Court rejected the bail plea made by the accused stating the heinousness of the crime committed.

Case Analysis

• In today’s era the laws regarding misuse of technology should be stringent. There has been a substantive increase in cybercrime over the past few years. Everyone is technologically dependent.
• The decision of the court for not granting bail to the accused-applicant has empowered the case as the court recognized the heinousness of the case. Private sexual images are used to control and blackmail to coerce women into sexually abusive situations which affect them mentally and emotionally.
• According to recent studies some of the ways the women are harassed are Mobile text message (SMS) monitoring, Intimate photos and video blackmail, mobile phone tracking, e-stalking, hacking social media accounts. These kinds of crimes must be recognized with a maximum punishment

Conclusion

Technology has its pros and cons. In this case, the rationale of the court behind the order was clear, to categorize virtual bullying and harassment as a heinous crime. Information and communications technologies like the internet and mobile phones are a double-edged sword – they can be used by abusers to deepen their control and by survivors of violence to connect to help and by women’s rights defenders to inform, denounce and strategize to end violence.

The post Misuse of technology in the Cyberspace appeared first on LexForti .

Internet is used today in every domain. Online shopping, gaming, education, banking etc have become very common and have been increasing rapidly. With the excess use of virtual platform, there come more chances of being a victim of cyber crimes.

Cyber crimes are basically crimes committed by using computers or its networks, over internet. It is done by various modes and attacks diverse groups including businesses, children, government etc. 

Today, online gaming has become one of the fastest and successful industries in the world. However, there can be seen an increasing trend in the number of cyber crimes due to online gaming. During the Covid-19 times, the cyber crimes in India surged drastically and lured thousands of people. Various advisories were issued by cyber crime control authorities to warn the internet users and guide them in preventing data, accounts etc. from being hacked. 

Various types of cyber crimes that could happen while online gaming include:

1. Hacking– It is invasion of other’s computer and seeing, copying or using their data for various purposes.

Example: Intrusion into original source code of the game to defeat others.

• Pornography– It is frequently inserted in these games, permitting children to participate in virtual or mimicked sex acts to collect more points if they click it. The pictures of men and women are delineated in these games are likewise frequently unmistakably sexual, and numerous games praise savagery and sexual abuse.
• Cyber-bullying and violence– It is online harassment or bullying. Children who appreciate vicious computer games are altogether bound to both experience and execute cyber bullying. Games of wrestling, shooting with guns, virtual physical attacks.

Example: In pubG, the open mike assists the players to talk to each other. This gives the scope to abuse in foul language resulting in cyber-bullying. 

• Privacy issues– By providing access to social networking accounts, google accounts, payment information, geographical locations the privacy of the users will be compromised.

Example: Candy crush saga.

• Cyber stalking– Many online gamers experience this kind of cyber crime. The details of the players such as their name is used to stalk them at social networking platforms and repeatedly bothered. 

Eg: If you link your gaming account with your facebook account, the gamers you play with get access to your name and then cyber stalking would follow. 

• Virus attacks- By clicking on certain ads, pop-ups which come up during playing of games, there are chances that your computer system or gadget might get inflicted to virus, malware, Trojan etc. and your system starts producing copies.

Example: More often on sites like Zapak. 

With the advancement of technology, there is advancement in the types of cyber crimes as well. The list of the cyber crimes is not exhaustive. One has to take utmost care while playing an online game so that his privacy is not compromised later. In India, the Information Technology Act, 2000 is enacted to protect and prevent cyber crimes. 

HOW TO PREVENT CYBER CRIMES

With a horde of dangers in internet gaming, both financial and physical, it’s particularly imperative to follow cyber security best practices. The gaming network is dynamic, connected with, and energetic—and cyber criminals will exploit that as well as could be expected. There is a need to take safety measures to prevent cyber crimes and the losses which may arise from them.

Few of the preventive measures are as follows:

1. Abstain from utilizing pirated games. These may set save your money, however will likewise make you progressively helpless against malware and other internet gaming protection.
2. Be aware of phishing attacks. On the off chance that somebody you don’t know sends you links, don’t tap on or open them.
3. Set a strong password and keep changing it from time to time, set tight security with multi-factor authentication, minimal disclosure of sensitive information.

Example: No need to reveal the details of University in which you are studying, the year of course, other accomplishments, address of your home, names of family members or friends, their numbers etc. 

• Do not link your Google or social media accounts to gaming apps unless you have checked the track record and security measures undertaken by the online gaming platform or game developer.
• Do not use unsecured Wi-Fi for playing online games as they have the potential to hack your credentials such as usernames, passwords etc.
• If possible. Keep your geographic location turned off.
• Avoid synchronizing your contacts, photos, videos and other items with your games. There could be repercussions of such synchronization in the future which may lead to leaking of your photos, personal info, your contacts getting unwanted messages or mails.
• It is always a better alternative to have an e-mail account exclusively for gaming purposes with limited revealing of personal data. This saves you from the attempt of cyber stalking, hacking and various other cyber crimes by cyber-criminals.
• It is better to read the privacy policy of the gaming companies before actually using the gaming application or website provided by them for gaming purposes. 
• If you feel that there is a chance that your personal data will be compromised, do not wait and report it as soon as possible,
• Delete the cache and cookies after you are done playing the game.
• Choose wisely and after a diligent scrutiny, the website or gaming applications for online gaming.
•  Do not provide the payment details quickly such as Debit/Credit card number, CVV, Date of expiry etc. It is advisable to not keep the details saved for future use. Also, never share the One Time Passwords (OTP’s) via email, or messaging or on gaming chats. 

The cyber risks are growing day-by-day. During the unprecedented crisis faced by the world due to Covid-19, cyber crimes increased at an exponential rate. One should take care to not fall a prey to such cyber crimes by taking precautionary measures and acting diligently. 

The post Cyber Crimes by Playing Online Games: A Threat During Covid appeared first on LexForti .