Sunday, 20 October 2013

Offences and Punishment under the Information Technology Act, 2000

The various offences and the punishment provided for them are contained in Chapters IX and XI of the Act. These offences are briefly stated as follows:—

1. Unauthorised Access (Section 43):

The section lays down that any person who accesses or secures access to a computer, computer system or computer network without permission of the owner or any person in charge of such computer, computer system or computer network, shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person who is so affected.
The term “access” as defined in Section 2(1)(a) of the I.T. Act, means “gaining entry into, instructing or communicating with the logical, arithmetical or monetary function resources of a computer, computer system or computer network.”
The following acts have been construed to fall within the purview of the term ‘access’ as contemplated by the Act:—
(a) Unlawfully switching over a computer;
(b) Using a software program installed on a computer;
(c) Viewing the contents of a floppy disk illegally;
(d) Illegally switching off a computer;
(e) Taking a computer print-out illegally;
(f) Logging on the Internet; and
(g) Pinging a computer.
The offence of unauthorised access is completed when data, data-base or information is downloaded, copied or extracted illegally from one computer to another. The term “download” connotes transfer of information from one computer to another.
A new Section 43-A inserted in the principal Act by the amendment Act of 2008 provides for compensation (to the person affected) for failure to protect personal data or information in a computer resource. The section thus seeks to provide security to personal data and information against unauthorised assess.

2. Failure to furnish information, return etc. (Section 44):

Where a person is required under this Act or any rules made there under to furnish any document, return or report to the Controller or Certifying Authority, fails to furnish the same, he shall be liable to pay penalty not exceeding 1.5 lakh rupees for each failure and in case of default, a penalty of 5,000/- rupees for everyday during which such failure or default continues.
Section 45 of the Act provides for penalty for contravention of any rules made under the Act for which no penalty is specially provided in the Act. Thus, this section relates to residuary penalty and applies to certain sections of tine Act.
Section 46 of the Act provides for adjudication of penalties to be imposed on the contravener after giving him reasonable opportunity of making representation in his case. The Adjudication officer shall have power to adjudicate matters in which the claim for injury or damage does not exceed five crore rupees. However, where the claim or damage exceeds this limit the jurisdiction to adjudicate shall vest in the competent court.

3. Tampering with computer source documents (Section 65):

Tampering with the computer source documents is made punishable under Section 65 of the I.T. Act. The offences in respect of computer source documents (codes) are to be kept or maintained by law include knowingly or intentionally (i) concealing; (ii) destroying; (iii) altering; (iv) causing another to conceal; (v) causing another to destroy; (vi) causing another to alter the computer source code. In simpler words, for the purpose of Section 65, tampering means to conceal (hide or keep secret), destroy (demolish or reduce to nothing) or alter (change in characteristic or position) the computer source document.

4. Hacking (Section 66):

The essential ingredients of the hacking are intention to cause wrongful loss or damage to any person by unlawful means or having knowledge that information residing in a computer resource document if concealed, destroyed or altered would cause damage to any person. This offence is punishable under this section with imprisonment which may extend to three years or with fine, which may extend to two lakh rupees or with both.

5. Publishing of information which is obscene in electronic form (Section 67):

Pornography on the internet is punishable under section 67 of the I.T. Act. The term ‘publishing’ for the purpose of this section means, “To make generally known, formally promulgate or issue copies for sale to public.” This disseminating of pornographic material on the website is an offence punishable with imprisonment upto three years or with fine which may extend to two lakh rupees, or with both.

6. Failure to comply with directions of Controller (Section 68):

Section 68 authorises the Controller or Certifying Authority to intercept any information transmitted through any computer resource whenever it is expedient to do so. Failure to comply with such order shall render a person liable to imprisonment for a term upto three years or fine upto two lakh rupees, or with both. However, the order passed by the Controller or Certifying Authority should be made if it is necessary to ensure compliance of any of the provisions of the I.T. Act or the rules made there under.

7. Power to issue directions of interceptions or monitoring or decryption of any information through any computer resource. (Section 69):

The Controller or Certifying Authority or any employee of such Authority is authorised to intercept any information transmitted through any computer resource when it is expedient to do so in the interest of the sovereignty or integrity of India, the security of the state, friendly relations with foreign states or public order or for preventing incitement to commission of any cognizable offence.
The new Section 69-A inserted in the principal Act by the Amendment Act of 2008 further empowers the Central Government to issue directions for blocking for public access of any information through any computer resource, in the interest of sovereignty and integrity of India. The reasons for doing so, should, however, he recorded in writing. The intermediary who fails to comply with the direction issued by the Government under this Section, shall be punished with imprisonment for a term which may extend to seven years, and shall also be liable to fine.
Section 69-B as inserted by the I.T. (Amendment) Act of 2008 further empowers the Government to authorise monitoring and collection of traffic data or information through any computer resource for cyber security purposes. The punishment for contravention of this provision by the intermediary shall be imprisonment which may extend to three years and also fine.
The information referred to in this section would apply to e-mail messages, pass-word protected files, encrypted information etc.

8. Accessing Protected System (Section 70):

The special provisions contained in Section 70 relate to protected systems. The section provides that the appropriate Government may, by notification in the Official Gazette, declare any computer, computer system or computer network to be a ‘protected system’.
Any person who secures access or attempts to secure access to a protected system in contravention of the provisions of this section shall be liable to punishment with imprisonment of either description which may extend to ten years and shall also be liable to fine.
Two new sections, namely, Secs. 70-A and 70-B have been inserted in the principal Act by the IT. (Amendment) Act, 2008 which provide for appointment of a National Nodal Agency which will be responsible for all measures including Research and Development relating to protection of Central Information Infrastructure. Any organisation of the Govt, may be designated as the National Nodal Agency for this purpose. The National Nodal Agency so appointed, shall be called the Indian Computer Emergency Response Team (Section 70-B).

9. Misrepresentation (Section 71):

Any misrepresentation while applying for a digital signature certification to the Controller or Certifying Authority has been made an offence under section 71 of the Act. Both, misrepresentation of any material fact and/or suppressing any material fact from the Controller or Certifying Authority for obtaining licence or digital signature certificate shall constitute an offence.
A person while applying for a licence has to fill in the form as required by Rule 10 of the I.T. (Certifying Authorities) Rules, 2000 giving full details about himself. In case of applying for a digital signature certificate, a person is required to fill in the form prescribed by Rule 23 with complete information about himself.
If any of the above information/details are misrepresented or suppressed, then the person guilty of such misrepresentation shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees or with both.

10. Penalty for breach of confidentiality or privacy (Section 72):

Any person who wrongfully secures access to any electronic record, book, register, correspondence, information, document or other material in contravention of any provisions of the I.T. Act or rule framed there under shall be punished with imprisonment which may extend to two years or with fine upto one lakh rupees, or with both. However, this provision would not apply to disclosure of personal information of a person by a website by his/her e-mail service provider.
A new Section 72-A has been inserted by the Information Technology (Amendment) Act, 2008 providing punishment for disclosure of information in breach of lawful contract and securing access to any material containing personal information with intent to cause wrongful loss to a person or wrongful gain by the disclosure. The offence shall be punishable with imprisonment for a term which may extend to three years, or with fine which may extend to five lakh, or with both.

11. Publishing Digital Signature Certificate false in certain particulars (Section 73):

Publishing digital signature certificate false in certain particulars is a cyber offence punishable under section 73 of the Act. The punishment may extend to imprisonment upto two years, or with fine which may extend to one lakh rupees, or with both.
It may be stated that provisions relating to acceptance of the Digital Signature Certificate by the subscriber are contained in Section 41 of the I.T. Act whereas the provisions relating to suspension of digital signature certificate are enshrined in Section 37 of the Act.
The I.T. Act prohibits making available a Digital Signature Certificate with the knowledge that—
(a) The Certifying Authority listed in the certificate has not issued it; or
(b) The subscriber listed in the certificate has not accepted it; or
(c) The certificate has been revoked or suspended.

12. Publishing Digital Signature Certificate for fraudulent purposes (Section 74):

This section provides that whoever knowingly creates, publishes or otherwise makes available a Digital Signature Certificate for any fraudulent or unlawful purpose or knowingly publishes or makes it available for any such purpose, commits an offence under the I.T. Act and the offender may be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.

13. Compounding of Offences (Section 77-A):

The new section inserted in the principal Act by the I.T. (Amendment) Act, 2008, provides for compounding of offences under the Act by the court of competent jurisdiction provided they are not punishable with imprisonment for life or imprisonment for a term exceeding three years. However, the court shall not compound any offence where the accused by reason of his previous conviction is liable to enhanced punishment or the accused is charged for any socio-economic offence or the offence has been committed against a child below 18 years of age or a woman.

14. Offences with three years punishment to be bailable (Section 77-B):

The new section added in the principal Act by the Amendment Act of 2008 provides that the offences punishable under the Act upto three years imprisonment shall be cognizable and bailable notwithstanding anything contained in the Code of Criminal Procedure 1973.
Initially, the power to investigate offence under the Act was vested in a police office not below the rank of Deputy Superintendent of Police vide Section 78 of the Act, but this section has been amended by the I.T. (Amendment) Act, 2008 and now this power vests in the Inspector of Police.
It must, however, be stated that the primary objective of the Information Technology Act, 2000 was to create an enabling environment for e-commerce, certain omissions and commissions of criminals while using computers have not been included. Besides, there are several offences having bearing on cyber arena are also registered under the appropriate sections of the Indian Penal Code with legal recognition of electronic records by the amendments made in several sections of the IPC by the Information Technology Act, 2000.
The cases of cyber crimes and persons arrested under the Information Technology Act, 2000 during the five year period 2003-2007 are shown in the table given below:
Cyber Crimes/Cases Registered and Persons Arrested under Information Technology Act during 2004-2009:
SI.
Crime Heads
 
Cases Reported
   
Persons Arrested
 
No.
 
2004
2005
2006
2007
2009
2004
2005
2006
2007
2009
1.
Tempering computer source department
2
10
10
11
21
0
10
8
2
6
2.
Hacking Computer Systems (i) Loss/damage to computer resource/utility
14
33
25
30
115
31
27
34
25
63
 
(ii) Hacking
12
41
34
46
118
1
14
29
23
44
3.
Obscene publication/ transmission in electronic form
34
88
69
99
139
21
125
81
86
141
4.
Failure
(i) Of compliance/orders of certifying authority
0
1
0
2
3
0
0
0
1
06
 
(ii) To assist to decoy or the information in interception by Government Agency
0
0
0
2
0
0
0
0
0
0
5.
Unauthorised access/ attempt to access of protected Computer system
0
0
0
4
0
0
0
0
0
16
6.
Obtaining Licence or Digital Signature by misrepresen­tation/suppression of fact
0
0
0
11
01
0
0
0
11
01
7.
Publishing false digital Signature certificate
0
0
0
0
01
0
0
0
0
0
8.
Fraud Digital/Signature
0
1
1
3
04
0
3
0
3
06
9.
Breach of confidentiality/ privacy
8
3
3
0
10
7
13
2
3
05
10.
Others
0
0
0
0
01
0
0
0
0
0
11.
Total
70
177
142
217
413
60
192
154
154
288

No comments:

Post a Comment