It act 2000 finall ppt (1)

Information Technology Act 2000

Rather Than Giving Information And Technology, Gives Rise To More

Cyber Crimes

15/04/2023Information technology Act 2000 2

Group 1

Group Members:

Jimit Mehta- 1

Siddhant Chavan- 3

Tanay Lokhare- 5

Siddhesh Waman- 7

Ayaz Mohmin-9

Pallavi Adkar- 11

Ranjit Kadam- 13

Sneha Silveri- 15

Ajinkya Wanjalkar- 17

Saumitra Panchal- 19


Overview

Sr. No.

Topics

1. Introduction of IT Act

2. Need of IT Act

3. Important Terms

4. IT Amendment Act, 2008

5. Digital Signature, Electronic Signature, E- Governance, Certifying authority, Data confidentiality

6. Cyber Crime (Types of Cyber crime)

7. Sections

8. NASSCOM (Initiatives by Nasscom)

9. IT Act in India and Brazil

10. Role of IT in Banking Sector

11. Case Studies


"The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb".

– National Research Council, "Computers at Risk", 1991.


Introduction Information Technology - anything related to computing

technology.

Enacted on 17th May 2000.

India - 12th nation to adopted it.

Based on - UNCITRAL

Aims to provide the legal infrastructure/framework.

Focus- recognition of electronic records &

facilitation of e-commerce.


Need of I.T. Act 2000

National Reasons

Increasing use of ICTs - business transactions and entering into contracts

No legal protection

Signatory to UNCITRAL

International Reasons

International trade through electronic means.

UNCITRAL had adopted a Model Law on Electronic Commerce in 1996.

The General Assembly of the United Nations- 31st January, 1997

World Trade Organization (WTO)- Electronic medium for transactions.

Crime is no longer limited to space, time or a group of people. Cyber space creates moral, civil and criminal wrongs.


OBJECTIVES

Legal recognition- Digital

Signature ,Transactions & books of

accounts by bankers and other companies in electronic form.

Filling document online. Electronic storage.

Computer crime and Protect privacy.

Make more power to IPO, RBI and Indian

Evidence act.


Advantages and Disadvantages

Advantages

Helpful to promote e-commerce

Enhance the corporate business

Filling online forms

High penalty for cyber crime

Disadvantages

Infringement of copyright has not been included in this law.

No protection for domain names.

The act is not applicable on the power of attorney, trusts and will.

Act is silent on taxation.

No, provision of payment of stamp duty on electronic documents.

There are two sides to a same coin.


Important terms

Computer system

Communication Device

Data

Asymmetric crypto system

Certification practice

Electronic form

Secure System


IT Amendment Act, 2008 Substantial addition to India's Information Technology Act (ITA-2000)

Created to address issues that the original bill failed to cover and to accommodate further development of IT and related security concerns since the original law was passed

Adopted electronic signatures as a legally valid mode of executing signatures

Corporate responsibility introduced in Section- 43A

Important definitions added- Section 2(ha)- “Communication device “ and Section 2 (w) –“intermediary”

Legal validity of electronic documents

New cybercrimes as offences under amended Act

Section 67 C to play a significant role in cyber crime


DIGITAL SIGNATURE

Enabling a person - traditional signature.

Function of digital signature

is to authenticate the document

to identify the person

to make the contents of the document binding on person putting digital signature.

Ensure that an electronic document - authentic.

Encryption Encoding Decoding


The Public Key is what its name suggests - Public. It is made available to everyone via a publicly accessible repository or directory. On the other hand, the Private Key must remain

confidential to its respective owner.


Electronic Signature

Various methods by which one can sign an electronic record.

Defined under section 2(ta) of the IT Act 2000 and inserted by Information Technology Amendment Act 2008 (ITAA)

Major amendments of IT act 2000 - legally valid mode of executing signatures.

Typed name or a digitized image of a handwritten signature.

Digital signatures as one of the modes of signatures


E-Governance

Chapter 3 of the IT Act, 2000 (Sections 4-10A) deals with e-governance.

Application of ICTs to the processes of government functioning.

Technology driven governance.

Purpose-

for delivering government services

exchange of information communication transactions

integration of various stand-alone systems and services

Three main target groups


Government to

Customer (Citizen)

Government to

employees

Government to

Government

Government to

Business.

Four basic models are available in E-

Governance


CERTIFYING AUTHORITY Section 24 under Information Technology Act 2000.

Certifying Authority" - granted a license to issue Digital Signature Certificates.

Central responsibility –

issue

renew and

provide directories of Digital Certificates.

Equivalent - the passport issuing office in the Government.

a user's certificate - acts as a proof.

License-

Controller of Certifying Authority,

Ministry of Information Technology, and

Government of India


DATA CONFIDENTIALITY

Social Security number

Credit card number

Driver’s license number

Bank account number

Protected health information

Information Technology Amendment Act, 2008 through Sections 43A and 72A.

CASE: : Government Department admits inappropriate access to records by an official

Confidential data


Cyber CrimeA crime in which a computer is the object .

CYBER CRIMES

Cybercrimes against persons.

Cybercrimes against

property.

Cybercrimes against

government.

• Coders• Kids• Drops• Mobs

Cyber Criminals


Types of Cyber Crimes

Hacking

Identity Theft

Pornography

• Phishing• Email Spoofing

Case Study


SectionsSection 43: Penalty and compensation for damage to computer, computer• A person without

the permission of an owner or person in-charge of computer, accesses or secures access to such computer.

• Damages any computer

• Causes disruption to any computer

• Destroys, deletes or alters information

• Steals, conceals, destroys any computer source code

Section 43 (A): Compensation for

failure to protect data

When a body corporate dealing any sensitive or personal data is negligent in

maintaining reasonable security

practices and procedures.

Section 66 (A) : Punishment for

sending offensive messages through

communication service

• Information that is grossly offensive or has menacing character.

• Electronic mail message causing annoyance and misleading the recipient about origin of such messages.


Section 66 E: Punishment for

violation of Privacy Policy

• Anybody intentionally capturing or publishing the image of private area of any person without their consent.

• Imprisonment : 3 years, or fine not exceeding Rs. 2 lacs

Example: Engineering students arrested by police in Nagpur

Section 66 F : Punishment for Cyber

Terrorism

Person with the intention to threaten the unity, integrity, security or sovereignty of India.

CASE ON PARLIAMENT ATTACK

Section 66 D: Punishment for cheating by personation by using

computer resource

• Whoever cheats by using communication or computer device should be imprisoned (extent to 3 years) or liable to fine which may exceed Rs. 1 lacs

Example: A complaint filed by the representative of a Company engaged in the business of trading and distribution of petrochemicals in India and overseas


Section 67: Punishment for publishing or transmitting obscene material in electronic form

• Example: The CEO of online auction website bazee.com arrested

Section 67 B: Punishment for publishing or transmitting material depicting children in sexually explicit act

• Whoever transmits material in any electronic form which depicts children engaged in sexual activity


NASSCOM Trade association of Indian Information Technology (IT) and Business

Process Outsourcing (BPO) industry

Helps the IT and IT enabled products and services industry in India

One of the major objectives: Facilitate growth and maintain India’s leadership position as a trusted and safe place to do business

Activities:

(i) Policy advocacy: Enabled strong partnership with government

(ii) Industry development : Strong focus on industry research and tracking industry performance

(iii) Membership engagement : Enabled special interest groups

(iv) Entrepreneurship: Promoting and nurturing small companies

(v) Enabling environment: Creation of special programs and rewards


Recent initiatives by NASSCOM

Global trade development

EGov Reach

Start- up warehouse


India and Brazil(Background)

Brazil – India relations refers to the bilateral relations.

Historical ties as a result of the Portuguese Empire.

Co-operated in the multilateral level on issues such as international trade and development, environment, reform of the UN and the UNSC expansion.

Co-operation - science and technology, pharmaceuticals and space.


I.T. Act in India and Brazil

India It does not establish any

specific data protection or privacy principles, no such term as “personal data” is defined.

In June, 2011, India passed a new privacy package that included various new rules that apply to companies and consumers.

Credit Information Companies (Regulation) Act - May 2005.

Steps to ensure that the data relating to the credit information.

Brazil There are only basic protection

laws (Privacy laws) and no data protection law in Brazil – Personal data defined.

Brazil recognizes the central value of the protection of the privacy of individuals.

June 9th 2011- Credit Information Law (CIL).

This legal instrument forbids the processing of excessive information and sensitive information.


Statistics

The Top 10 Countries chart is lead by US which suffered nearly

1 attack on 2, well ahead of UK (5%) and India (3%).


The following graph shows the upward trend or growth ofCyber crimes from the year 2011 to expected growth in 2015

% of growth compared toPrevious year:

• 2012- 65.85%• 2013- 225.39%• 2014- 107.93%• 2015- 102%


State-wise cases per section


82.71% 66.10% 52.92% 48.16%

The following are the percentage of arrests compared to cases registeredIt shows a declining trend in the cases registered and arrests


Role of IT in Banking Sector

India has already started make use of IT in various sectors - Automobile, Advertisements and Banking.

Banking sector got a boost by introduction of IT .

Technological changes in banking sector.

Growth of banking sector facilitates economic growth.

Ease in opening bank accounts.

Increased privacy, security.

Intellectual property protection.

Monitoring money becomes easy for government.

IT improves the front end operations with back end operations and helps in bringing down the transaction costs for the customers


IT can reduce banks’ operational costs

IT can facilitate transactions among customers within the same network(ATM)

Arrival of card-based payments- Debit/ Credit card in late 1980s and 90s.

Introduction of Electronic Clearing Services (ECS) in late 1990s.

Introduction of Electronic Fund Transfer (EFT) in early 2000s.

Introduction of RTGS in March 2004.

Introduction of National Electronic Fund Transfer (NEFT) as a replacement to Electronic Fund Transfer/Special Electronic Fund Transfer in 2005/2006.

CTS in 2007.


Emerging Trends in Banking Sector Financial Inclusion

Mobile Banking

Electronic Payments

CRM Initiatives

IT Implementation and Management

IT for Internal Effectiveness

Managing IT Risk

T for business innovation

IT can reduce banks’ operational costs

transforming the “Brick-and-mortar” bank branches to a modified network system in “core banking solutions”.

Persons also can shift funds in a straight line using e- wallets

It act helps in curbing credit card and atm frauds.


CASE 1: Pune Citibank Mphasis BPO Fraud: 2005

December 2004

four call center employees

Obtained PIN codes from four customers of Mphasis’ client, CitiGroup.

Withdraw cash from the falsified accounts

$426,000 was stolen -- recovered was $230,000.

Verdict: Court held that Section 43(a) was applicable here due to the nature of unauthorized access involved to commit transactions.

SECTION 43(A). Compensation for failure to protect data

15/04/2023 35

CASE 2: Parliament Attack Case

SECTION 66 F : Punishment for Cyber Terrorism

Terrorists attacked the Parliament House on 13th December, 2001

Several killed by police in the encounter

Digital evidence played an important role in this case

A laptop, several smart media storage disks and devices recovered from a truck intercepted at Srinagar

Mohammad Afzal Guru (1969 - 9 February 2013), convicted by Indian court for the December 2001 attack on the Indian Parliament

Conclusion of the court

Information technology Act 2000


CASE 3: HSBC customers hit by phishing attack

The phishing attack follows a reported hacking attack on Emirates Bank and a fraud incident in dubai

Credentials verification- Security emails Phishing and Trust Manipulation

Paypal Verification Credentials Theft

HSBC Verification Credentials Stealing


THANKYOU

It act 2000 finall ppt (1)

Law

Transcript of It act 2000 finall ppt (1)