1

Cyber Crime :- the dictionary definition of Cybercrime: "It is a criminal activity committed on the internet. This is a broad term that describes everything from electronic cracking to denial of service attacks that cause electronic commerce sites to lose money". Classification of Cyber Crimes Cyber crimes have been classified on the basis of the nature and purpose of the offence and have been broadly grouped into three categories depending upon the target f the crime. It may be against person, property or Government. The Cyber crime a against person include crimes like hate messages, stalking defamation and transmission of pornographic material. The Cyber crimes involving property include unauthorized computer trespass, vandalism, and transmission of harmful programmes and unauthorized possession of computerized information. The third category of Cyber crimes targets the Governments. This category of Cyber crime is more popularly called as Cyber terrorism . The most comprehensive classification of computer crimes has been given by David L. Carter who classifies computer-related crimes into three broad categories (A) where computer is the target of the crime; (B) where computer facilitates the commission of crime; (C) where computer is incidental to the crime Computer as target of the Crime :- This category of computer crimes aims at damaging computer system or stealing valuable information stored on the system and include 1. sabotage of computer and computer systems or computer networks; 2. theft of data/information; 3. theft of intellectual property such as computer software; 4. theft of marketable information; 5. blackmail based on information gained from computerized files, such as medical information, personal history, sexual preferences, financial data, etc. 6. unlawful access to criminal justice and the Government records. Computer as an instrument of Crime :- The computer crimes falling under this category ue computer as a medium for commission of offences. The computer programmes are manipulated to defraud others. 1. fraudulent use of Automated Teller Machine (ATM) cards and accounts; 2. credit card frauds; 3. frauds involving electronic fund transfers; 4. frauds involving stock transfers; 5. frauds relating to e-commerce; 6. telecommunication frauds. Computer as incidental to the Crime :- The diverse application of Internet made it incidental to the crimes that may be classified into two broad categories.

(A) Internet crime; (B) Web based crime. Challenge of Cyber Crimes :- Cyberspace does not recognise geographical boundaries. Thi has proved a boon to the delinquents who perform illegal activities on the Internet without any fear of being identified or located. Lack of knowledge of actual working of Internet on the part of law enforcement agencies further complicates the matter. The challenges posed by Cyber crimes are classified as (i) legal challenges which are dependent on the statutory provisions to be used as a tool to investigate and control the Cyber crimes. operational challenges require a cohesive well trained and well equipped force of investigators operating and co-ordinating at national and international level. technical challenges thwarting the efforts of law enforcement agencies ability to catch and prosecute the online offenders.23 Cyber crimes are often committed beyond the national borders. The national standards of criminal behaviour vary. Furthermore, it is very difficult to identify the perpetrator of wrong because Internet facilitates anonymity. Thus, Cyber crimes pose challenges that are unique in character unlike traditional crimes. These crimes cannot be effectively dealt with by simply passing national legislation. The IT Act has extra-territorial jurisdiction and applies to any offence or contravention thereunder committed outside India by any person.24 This feature of the IT is not unusual. Similar provision is found in the IT legislations of other jurisdictions a1so. However, this provision can be effective only when there is a mutual cooperation at the international level amongst enforcement authorities and Governments. Damage to Computer, Computer system, etc. :- The IT Act expressly makes certain acts related to computer, computer system or computer network as offences. These are 1. Unauthorised Access :-If a person accesses or secures access to any computer, comphter system or computer network without the permission of the owner or any other person who is in charge of such computer, computer system or computer network, he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected. Computer means any electronic, magnetical, optical or other high speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer software, or communication facilities which are connected or related to the computer in a computer system or computer network. Computer system means a device or collection of devices, including input and output support devices and excluding calculators which are not programmable and capable of being id in conjunction with external files, which contain computer irogrammes, electronic

instructions, input data, and output data, I hot. performs logic, arithmetic, data storage and retrieval, and other functions The term Accesst has been defined in Section 2(1) (a) of the IT Act as gaining entry into, instructing or communicating with the logical, arithmetical or memory function resources of a computer, computer system or computer network. This sectior makes intention of the person, having unauthorized access, irrelevant. This section will be satisfied even where it is established that the accused has simply switched on a computer without the permission of the owner or in charge of the computer. An offence of unauthorized access will, therefore, include (a) switching on computer, (b) using a Software Program installed on a computer, (c) viewing the contents of a floppy disk or CD ROM, (d) taking a computer printout, (e) logging on to the Internet (f) pinging a computer. There are different techniques available to gain unauthorized access which include, Packet sniffing, Tempest attack, password cracking and butter overflow. Packet Sniffing :- When client computer makes a request for some information to server computer that information is first located. It is then broken into small pieces called Datagrams. These Datagrams are then enveloped in a bundle of instructions called packets. These packets are of different size depending on the network bandwidth as well as amount of data being carried in the packet. Each packet contains a label for identification called a header. The header carries not only the addresses of the sender as well as that of addressee but details of the information, e.g., information of the source, destination, protocol, size of packet, total number of packets in sequence and the unique number of the packet. The data in the packets is carried in an encrypted form. Any encryption method is applied to the data called plitiiitext which is then converted into a coded message called cipher text or hex of the data. Tempest attack :- term TEMPEST stands for Transient Electromagnetic Pulse Emanation Standard. Tempest enables to measure electromagnetic emissions from computers which makes reconstruction of data possible. This also facilitates remote monitoring of network cables or remotely viewing monitors Computer Contaminant or Computer Virus :- if a person without permission of the owner o any other person who is in charge of a computer, computer system or computer network introduces, causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network, he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected.) Computer contaminant means any set of computer instructions that are designed : (a) to modify destroy, record, transmit data or programme residing within a computer, computer system or computer network; or (b) by any means to usurp the normal operation of the computer, computer system, or computer network. Computer virus means any computer instruction,

information, data or programme that destroys, damages, degrades or adversely affects the performance of a computer resource or attaches itself to another computer resource and operates when a programme, data or instructions is eecuted or some other event takes place in that computer resource. Damage does not mean physical damage caused to a computer or computer system but means to destroy, alter, delete, add, modify or rearrange any computer resource by any means,

Various types of computer viruses and computer contaminats are placed under a single head called malicious code, The primary object of writing a malicious code is to cause damage to any computer resource or to run away with a valuable information. There are different types of viruses and . Various types of malicious codes are discussed here; (a) Viruses :- Viruses are computer programmes that migrate from roinputer to computer and attach to the computers operating oystem.4 A virus is a programme that infects a computer by iwwrting a copy of itself into the computer and damages the (olnputer in some manner, generally without the computer users awareness.. It attaches itself to other programmes. The sole object of inserting virus is to corrupt data on the computer, on puter system or computer network or damage hardwar, The effect of the virus may be temporary or permanent depending upon the purpose for which a virus is inserted. All viruses are not harmful. But even harmless virus is called virus. A person, however, will be liable under the IT Act only when he introduces virus without the permission of the owner or in charge of computer, computer system, computer network and that virus causes damage, etc. to such computer, computer system or computer network. It remains to be seen whether prior rmission will absolve a person from any liability for introducing any computer contaminant or computer virus because such contaminant or virus is likely to cause damage not only to the computer or computer system but to the whole network connected to that computer or computer system. (b) Logic Bomb : Generally, viruses need to be triggered or activated before they could execute the desired task. A virus may remain dormant and thus go undetected if the required push has not been made. \These viruses which may activate at a desired time or date are called time bomb and the virus which activate upon the happening of some event are called logic bombs. Sometimes logic bombs and time bombs are used interchangeably and together they are called drop dead devices, as they can be executed at the will of the person.) It is a sort of code that is added to computer system and goes off at specific time, thus making the system unusable. Vendors sometimes fix logic bomb to their programme in order to ensure payment, The system will not work unless bomb is deactivated. It can be used for transferring money from one bank to another and can also be used as a means for sabotage. The logic bomb is similar to other viruses with a difference that it goes off at the will of the person. (c) Worms : Worms infect a computer system without getting attached to its operating part, It moves from one computer to another computer. Worm has many things common with virus but is different from a virus in many respects. Worm can multiply without any known intervention

and without the need to be attached to a file. Worms are computer programmes that migrate from computer to computer without attaching to the computer operating system. (d) Trojan Horse Programme :- Trojan Horse Programme has been coined on the basis of a story in Lliad. In this story, Trojans were at war with Greeks. Greeks apparently made a peace offer to Trojan by offering a big wooden horse with a long hollow belly carrying some Greek soldiers unknown to Trojans. When Trojans took the horse to their walled city, the soldiers came out of the horses belly during night and opened the doors for their colleagues. Trojans were caught unawares and were defeated. Trojan Horse programme also works in the same manner. Trojan Horse is apparently innocuous. cIt contains hidden functions. These functions are loaded into the computers hard drive and executed along with the regular programme. The apparently innocuous programme carries inside its belly a sub-program that performs a function that is generally unknown to its user. Trojan programmes can take the form of a popular programme where the original source code has been altered to hide the Trojan Payload.) Trojan programme is non duplicating that is disguised as something useful like screen saver, game or attack. It can spread in the guise of anything that has a mass appeal such as free game, nude picture, mpz song, etc. In Trojan programme, a perpetrator adds or modifies instructions in the software before it is operated. After it is operated, the new instructions are executed along with the remainder of the programme An expert in the field can introduce self-destroying instructions in the programme. Thus, making to impossible to detect an illegal activity. Tampering with Computer Source Documents :- The IT Act makes it an offence to knowingly or intentionally conceal, destroy, alter or intentionally or knowingly cause another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer network, where the computer source code is required to be kept or maintained by law for the time being in force. The punishment for violating this provision is an imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both Computer source code is defined as the listing of programmes, computer codes, design and layout and programme analysis of computer resource in any form. The source code is computer programme statements that are readable by humans. It is written in high level or assembly language. Object codes, on the other hand, are designed to be machine-readable. Programmes are normally sold only in machine language format that cannot be read or modified.

Hacking :- Hacking means unauthorised access to computers. When a person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means with intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person, he is said to have committed an offence of hacking. The person who commits an offence of hacking is called lacker. Hacker is a person who intends to gain unauthorized access to a computer system. Hacker shall be punished with imprisonment up to three years, r with fine which may extend up to two Iakh rupees, or with both.

Jargon Dictionary traces the origin of the term hacker to someone who makes furniture with an axe and the term has been used for the first time in 1960s as a badge by hacker culture surrounding the Tech Model Railroad Club (TMRC) at Massachusetts Institute of Technology when its members began to work with computers. The word hacker represents now any person (a) who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary, (b) who programmes enthusiastically, (c) who enjoys programming rather than just theorizing about programming, (d) capable of appreciating hack value, which is defined as the reason or motivation for expending effort toward a seemingly useless goal, the point being that the accomplished goal is a hack, (e) who is good at programming quickly, (f) who is an expert at a particilar programme or one who frequently does work using it or on it. Websters Dictionary defines the term hacker as a computer enthusiast who enjoys learning everything about a computer Mystem or network and through clever programming, pushing the system to its highest possible level of performance. A hacker is a computer expert whose intrinsic curiosity persuades him to break in computers to satiate his quest for learning and knowing. A hacker does not include only an intruder with malicious design but also an enthusiast whose motive is innocent and sometimes even helpful in many respects. Hacking is computer trespass. There may, or may not, be any intent to engage in any other criminal activity. It is because of this reason that the IT Act does not make hacking per .se an offence but is dependent on mens rca.) The relevant section provides that a person commits hacking when with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or affects it injuriously by any means. Based on the intention, hackers are divided into two groups : (1) Hackers who have no intent to do any criminal activity, These hackers do not consider breaking into a computer system a crime. They consider themselves members of an elite meritocracy based on ability and trade hacker techniques. They are skilled computer users who penetrate computer system, with a sole purpose to gain knowledge about computer system and their actual working. (2) Crackers who intend to engage in criminal activity. This dichotomy of hacker and cracker has come on the scene in 1985 to distinguish between benign hackers from hackers who have malicious intention. Crackers maliciously sabotage computers, steal information located on secure computers, and cause disruption to the networks for personal or political motives.

However, this does not mean that the hackers do not cause damage but the damage caused is unintentional. Publishing of Obscene Information in Electronic Form :- The IT Act prohibits publishing or transmitting of any material in the electronic form that is lascivious or appeals to the prurient interest. It also prohibits any material in the electronic form that tends to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it. Not only the person who himself publishes or transmits any material having the stated characteristics but also anyone who causes such publication shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to tn years and also with fine which may extend to two lakh rupees.) Test of Obscenity :- An early English standard of obscenity was propounded by Cockburn C.J. in Regina v. Hicklin. This standard is whether the tendency of the matter charged as obscenity is to deprave and corrupt those whose minds are open to such immoral influences, and into whose hands a publication of this sort may fall. The Hicklin test was initially adopted in America also but later on it was discarded in Roth v. United States.88 The Roth court held that obscenity falls outside constitutional protection and should be judged by the average person applying contemporary community standards and to the most vulnerable members of society as propounded by the Hiklin court. In India, Hicklins test has been adopted by the Supreme Court in a leading case of Ranjeet D. Udeshi v. State of Maharashtra. This case has decided many issues pertaining to obscenity. The apex court did not consider obscenity a vague concept but a word that is well understood even if persons differ in their attitude to what is obscene and what is not. The court admitted that the Indian Penal Code does not define the word obscene and no one has so far attempted a definition of obscenity because the meaning can be laid bare without attempting a definition by describing what must be looked for. This onerous task of how to distinguish between that which is artistic and that which is obscene has to be performed by the courts. The court, however, sounded a note of caution that treating with sex and nudity in art and literature cannot be regarded as evidence of obscenity without something more. In the words of the court, It is not necessary that the angels and saints of Michael Angelo should be made to wear breaches before they can be viewed. If the rigid test of treating with sex as the minimum ingredient were accepted hardly any writer of fiction today would escape the fate Lawrence had in his days. Half the book-shops would close and the other half would deal in nothing but moral and religious books. Elaborating further the test of obscenity, the court said that treating with sex in a manner offensive to public decency and morality and these are the words of our fundamental law, judged by our national standards and considered likely to pander to lascivious, prurient or sexually precocious minds, must determine the result. The court stressed on the need of maintaining

balance between the fundamental right of freedom of speech and expression and public decency and morality, but made it clear that when the latter is substantially transgressed the former must give way. It was laid down that an overall view of the obscene matter in the setting of the whole work would, of course, be necessary, but the obscene matter must be considered by itself and separately to find out whether it is so gross and its obscenity so decided that it is likely to deprave and corrupt those whose minds are open to influences of this sort and into whose hands the book is likely to fall. An obscene matter posted or transmitted through Internet can traverse many jurisdictions and can be accessed in any part of the globe. The question arises : whose community standard or national standard will determine the nature of matter? Is it the standard of the place of origin or place of destination? Or any place through which the material traversed. Or is there need to create a new definition of community for an online obscenity case?

Publication of Obscene Matter :- Mere possession of obscene matter is not an offence. It is the oubliation of obscene matter that makes it an offence In the words of Thurgood Marshall expressed in Stanley v. Georgia,2 the first Amendment does not mandate a state to tell a person sitting alone in his house, what book he may read or what film he may watch. The latter courts have clarified that an individual has the right to read or view obscenity in his own home but that right (loGs not include a right to distribute it, transport it, or view it outside of the home. Publication includes sale, distribution, i mnportation, printing, public exhibition and offer of sale. The IT Act punishes any person who publishes or transmits nr causes to be published in the electronic form any obscene matter. This covers not only publication but also transmission of my obscene matter. Any person who posts any obscene matter on the website to be viewed by others will be liable for making iublication. If a person hires a third person for publication or transmission of obscene matter, hirer will be liable for causing its publication or transmission Knowledge of Obscenity :- Section 67 of the IT Act provides : whoever publishes or transmits or causes to be published in the electronic form.... The question arises is it necessary for the prosecution to establish scienter or knowledge of obscenity on the part of the defendant. As. already stated, Section 67 is analogous to Section 292 of the Indian Penal Code. The Supreme Court while delineating the scope of Section 292 in Ranjit D. Udeshi v. State of Maharashtra, held that unlike other provision which have words like knowingly or negligently and thus make mens rea a condition precedent to establish the guilt, Section 292 does not make knowledge of obscenity an ingredient of the offence. The prosecution need not prove something which the law does not burden it with. The difficulty of obtaining legal evidence of the offenders knowledge of the obscenity of the book, etc. has made the liability strict. The absence of such knowledge may be taken in mitigation but does not take the case out of the provision.

Applying the ratio of Ranjit D. Udeshi to Section 67 of the IT Act, it can be concluded that mere publication or transmission of obscene material is an offence notwithstanding the mental state of the offender. However, this cannot be a blanket rule applicable to all and sundry. For instance, the liability standard for service provider is to be determined under Section 79 of the IT Act and not under Section 67.