This document provides an overview of the legal framework for cybercrime investigations in India. It discusses the Information Technology Act 2000 and 2008 amendments, which provide the main legal statutes governing cybercrimes. The amendments aimed to address new cybercrimes, strengthen evidence collection and increase accountability of intermediaries. Key aspects covered include cybercrime definitions, investigating agency powers, adjudicating authorities, and responsibilities of network service providers.

1. Legal Framework for cybercrime
Investigations and IT Act,2000
ICAI, FAFD Course, 25 june 2013
Karnika Seth
© copyrighted ,Karnika seth

2. Book on cyberlaws by Karnika Seth

3. The cybercrimes
 Computer Crime, E-Crime, Hi-Tech Crime or
Electronic Crime is where a computer is the target
of a crime or is the means adopted to commit a
crime.
 Most of these crimes are not new. Criminals simply
devise different ways to undertake standard criminal
activities such as fraud, theft, blackmail, forgery, and
embezzlement using the new medium, often involving
the Internet .
 Cybercrimes can be categorised based on gravity or
nature of offence, or affected target group.

4. Types of Cyber crimes
 Cyber terrorism
 Hacking and sabotage
 Credit card frauds
 Phising
 Cyber pornography
 Sale of illegal articles-narcotics, weapons,
wildlife
 Online gambling
 Intellectual Property crimes- software piracy,
copyright infringement, trademarks violations,
theft of computer source code
 Email spoofing
 Forgery
 Defamation
 Cyber stalking
Crime against persons
Crime against Government
Crime against property
4Copyrighted,Seth Associates,2010

5. Levels of cyber threats and
vulnerabilities
Individual
sector
society
State level
Global
5 Copyrighted,Seth Associates,2010

6. Cyber Threats in 2009 and Beyond
Report of Georgia Tech Information Security Center (GTISC)
Malware
Botnets
Threats to VOIP and
mobile convergence
Cyber warfare
Data thefts
6 Copyrighted,Seth Associates,2010

7. Cyber Crime
mechanisms
According to the report by
NCRB Under the
Information Technology Act,
a total of 420 cases such as
hacking computer systems
or forging digital signatures
were reported in 2009,
while the figure was 142 in
2006.
Copyrighted,Seth Associates,20107
Network based attacks
Operation based attacks
User authenticationSoftware based attacks
Hardware based attacks

8. Legal statutes
 IT Act,2000 -enacted on
17th May 2000, India is 12th
nation in the world to adopt
cyber laws
 Indian Penal Code,1860
 Criminal Procedure Code
,1973
 NDPS Act
 Arms Act
 Copyright Act,1957
 Trademarks Act,1999
 Patents Act,1970
 Public Gambling Act, 1867
 PML Act ,2002

9. New cybercrimes-IT (Amendment) Act,2008
Computer related
offences –Section
66
Sending of
offensive false
messages(s.66A)
Identity theft
(s. 66C)
Cheating by
personation
(s.66D)
Violation of
privacy (s.66E)
Cyber terrorism
(s.66F)
Publishing
sexually explicit
content(s. 67A)
Child
pornography
(s.67B)
Stolen computer
resource(s.66B)
Attempt to
commit an
offence (s.84C)
Abetment to
commit an
offence(s.84B)

10. Important Sections of IPC
 Waging war against Government of India- Section 121
 Promoting enmity between different religious groups- Section 153A ,295A
 Theft- Section 379
 Receiving stolen computer resource-Section 411 IPC
 Extortion –Section 383
 Criminal breach ofTrust/Fraud- Section 406 IPC
 Cheating by personation –Section 419
 Destruction of electronic evidence- Section 204 IPC
 False electronic evidence-Section193 IPC
 Forgery of electronic record-Section 470
 Sale of obscene books –Section 292
 Criminal conspiracy-Section 120B
 Defamation- Section 500
 Criminal intimidation –Section 503, 507.
 Outraging modesty of woman-Section 509
 Copyright infringement-Section 63, 63B of Copyright Act

11. Computer Related Crimes under IPC and
Special Laws
Sending threatening messages by email Sec 503 IPC
Sending defamatory messages by email Sec 499, 500 IPC
Forgery of electronic records Sec 470, 471 IPC
Bogus websites, cyber frauds Sec 420 IPC
Email spoofing Sec 419 IPC
Online sale of Drugs NDPS Act
Web - Jacking Sec. 383 IPC
Online sale of Arms Arms Act

12. IT Act,2000
 The Act was passed in India in 2000
 based on Model law of e-commerce adopted by
UNCITRAL in 1996
 Three fold objectives in Preamble-
 Legal recognition for e-transactions
 Facilitate electronic filing of documents with govt agencies
 To amend certain acts such as IPC,1860, Evidence
Act,1872,etc

13. Determining jurisdiction
 In a recent case, Super cassettes industries ltd v My space inc 2011 (48) PTC 49, the High
court of Delhi dealt with a case for copyright infringement wherein plaintiff alleged that
infringing songs and videos were uploaded on defendant's website that directly infringed its
copyright in the said works.The court dealt with issue of lack of jurisdiction wherein the
defendants contended:
 a)The defendant No.1 is a foreign national and engaged in
 business outside the jurisdiction of this court
 b) No part of cause of action has arisen with in the territorial
 jurisdiction of the court.
 c)The defendant No.1 is not amenable personally to jurisdiction
 of the court and cannot be compelled to submit to
 the jurisdiction of the court.
 d)The website of defendants cannot fall within the jurisdiction of the
 court as it does not qualify the tests laid down in the case of
 Banyan TreeVs.A. Murali Krishna Reddy & Anr, 2010
 (42) PTC 361 (Del).
 e)The exercise of jurisdiction by this court would mean that the
 court is giving extraterritorial effect

14.  The court considered these objections and held that the case relates to infringement of
copyright wherein the remedies are conferred under the Indian Copyright Act, which provides
in Section 62 that suit for infringement of copyright can be filed and initiated at the place
wherein the plaintiff carries on business, or personally works for gain which is additional
ground available to plaintiff apart from Section 20 of Civil Procedure Code.The court held
that even assuming that the rules of private international law may have any role to play, the
same stands overridden by the express provision of the special Act which is Copyright Act,
1957 which entitles the plaintiff to sue at the place of its own forum.The court observed
regarding two aspects of downloading and uploading of infringing content as follows-
 "In the first case, the tort or civil wrong is caused in India as the aspect of downloading to the
computer has been occurred in India when the said work is communicated to Indian users
without the permission of the plaintiff. In the second case too, the initiation of the tort or
part of the same has occurred in India as the infringing work without the authority of the
plaintiff is communicated to the defendants with a limited licence to further modify and
communicate further.The said commission of the acts or the part of the overt acts
constitutes the part of cause of action within the meaning of Section 20 (c) of the Code of
Civil Procedure."
 The court also distinguished Banyan tree case judgement from the present case on the
ground that Banyan tree case pertained to passing off which cannot be extended to copyright
infringement cases which are governed by special provisions.Also, the court applied principle
of interactivity of website and targeting of customers in India to assume jurisdiction to decide
the matter.

15. Main Features of IT Act,2000
 Conferred legal validity and recognition to electronic
documents & digital signatures
 Legal recognition to e-contracts
 Set up Regulatory regime to supervise Certifying Authorities
 Laid down civil and criminal liabilities for contravention of
provisions of IT Act,2000
 Created the office of Adjudicating Authority to adjudge
contraventions
 According to s 75 of the Act, the Act applies to any offence or
contravention committed outside India by any person
irrespective of his nationality, if such act involves a computer,
computer system or network located in India.

16. Need for amendments
 Diversifying nature of cybercrimes –all were not dealt with under IT
Act,2000-cyber terrorism, spamming, MMS attacks,etc
 Use of wireless technology had no mention in definition of “computer
network” in S2(j)
 Digital signatures only for authentication .
 Definition of ‘intermediary’ and their liability required clarification.
 Grey areas-Power of execution- Adjudicating authority
 No appointed statutorily authority for supervising cyber security of
protected systems
 Power to investigate offences –only DSP and above
 Power to intercept & decrypt information limited under Section 69

17. Important definitions added in
amended Act
 Section 2 (ha)- communication device-includes cell
phones, PDA,etc
 Section 2 (j) computer network –interconnection through
wireless added
 Section 2 (na) cybercafe
 Section 2(w)- intermediary- includes search engines, web
hosting service providers, online auction sites,telecom
service providers etc

18. Corporate Responsibility introduced in Section 43A
 Applies to Corporate bodies
handling sensitive personal
information or data in a computer
resource
 Need for data protection fulfilled-
no limit to compensation claim
 Will help combat data theft, credit
card and IP frauds
 To be r/w Section 85 IT Act,2000
 To protect from unauthorized
access, damage, use ,modification,
disclosure, or impairment
 Privacy policy mandatory

19. Section 43A
 ‘Reasonable security practices’ as may be specified by
agreement between parties
 Or Specified by any law
 Or Prescribed by Central Govt in consultation with
professional bodies
 InformationTechnology ( Reasonable security practices
and procedures and sensitive personal data or
information) Rules 2011 passed-recommend adoption of
ISO27001 .

20.  InformationTechnology ( Reasonable security practices
and procedures and sensitive personal data or
information) Rules 2011
 Body corporate mandated to share information with
government authorities without prior consent of owner
for verification of identity,
 prevention, detection, investigation, prosecution,
punishment of offences
 Government agency required to submit request for
information in writing –purpose of seeking info
 Also undertake such information not be shared with
other persons

21. Amended Section 43 –cyber
contraventions
 Earlier Section 43 –contraventions-actus reus and
Section 66-mens rea +actus reus
 Amended Section 43 , insertion of Section 43 (i) and
(j)- requirement of mens rea with actus reus
 Section 43(j) uses words “stealing” and “intention to
cause damage”. Same acts when committed
‘dishonestly’ or ‘fraudulently’ are placed under
Section 66.
 Intent is to punish under section 66 and compensate
for loss for same acts in S.43.Amended Section 43
removed ceiling limit for compensation

22. Amended Section 43 (j)
 If any person without permission of the owner or any other
person who is incharge of a computer,computer system or
computer network….steal, conceals,destroys or alters or
causes any person to steal, conceal, destroy, or alter any
computer source code used for a computer resource with an
intention to cause damage…he shall be liable to pay
damages by way of compensation to the person so affected.

23. Recent amendments & Role of
Adjudicating Authority
 The Subject matter of its jurisdiction is widened –adjudging
more contraventions under Section 43,43A
 Power to impose penalty & award compensation both
 Excludes jurisdiction from matters where compensation
claimed is more than 5 crores
 Quantum of compensation –discretion of adjudicating officer-
 objective criteria laid down for guidance maintained-Amount
of unfair advantage gained, amount of loss, repetitive nature of
default
 IT (qualification and experience of adjudicating officers and
manner of holding enquiry ) Rules ,2003

24. Strengthening the role of
Adjudicating Authority
 Reliance on documentary evidence, investigation reports ,
other evidence
 Compounding of contraventions
 Powers of Civil court and Section 46(5)© confers power
of execution of orders passed by it- attachment of
property, arrest & detention of accused, appointment of
receiver- greater enforceability

25. Cognisability & bailability
 Most offences introduced by the 2008 amendments prescribe
punishment of upto 3 yrs , fine of one lac/2 lac
 For hacking term of imprisonment remains upto 3yrs but fine
increased from 2 lakhs to 5 lacs
 In S.67 imprisonment term reduced from 5 yrs to three yrs.
Fine increased from one lac to 5 lacs.
 Most Offences are cognisable but bailable
 This is a new challenge for cyberlaw enforcement authorities-
need quick action by trained investigators to collect and
preserve evidence as probability of tampering increases .

26. Collection of evidence streamlined
 Section 67C- Intermediaries bound to preserve and
retain such information as Central govt prescribes, for
prescribed duration- contravention punishable with upto
2yrs imprisonment ,upto one lac fine or both- but no
mandatory period for maintaining logs stipulated
 Accountability of service providers increased-Section
72A added-disclosure of information in breach of lawful
contract-punishment upto 3 years , fine upto 5 lakh or
both

27. Collection of evidence streamlined
 Section 69 -Power of Central Govt to intercept,
monitor, decrypt information
 IT (procedure and safeguards for interception,
monitoring and decryption of Information) Rules,
2009.
 Power with Secretary, Ministry of Home Affairs to
authorize an agency to intercept
 Non-cooperating Subscriber or intermediary -liable
to punishment of upto 7 yrs imprisonment and fine is
added by amendment.
 Maintenance of confidentiality, due authorisation
process, exercise power with caution.

28. Collection of evidence streamlined
 Section 69 A added- blocking of public access and under Section 69B
confers power on central govt to appoint any agency to monitor and collect
traffic data or information generated, transmitted,received,or stored in any
computer resource
 Non cooperating intermediary-liable to punishment –term upto 7 yrs and fine
 Websites containing hate speech, defamatory matter, slander, promoting
gambling, racism ,violence, terrorism, pornography, can be reasonably blocked
 IT (procedure and safeguards for monitoring and collecting traffic data or
information) Rules ,2009 -competent authority- secy to govt of India DIT –
authorised agency-intermediary
 Review committee, confidentiality, destruction of records
 InformationTechnology (Procedure and Safeguards for blocking for access of
information by public ) Rules,2009 -committee examines request to block
 Authorisation procedures laid down-Designated Authority-committee
approval- seeks Secy DIT approval- authorises DOT to block/court order
 Responsibility to maintain confidentiality-intermediaries.
 Review committee provision, destruction of records
 Non cooperating intermediary-liable to punishment –term upto 3 yrs and fine

29. EEE’s role
 Examiner of Electronic Evidence created in section
79A-
 Central Government empowered to appoint this
agency
 To provide expert opinion on electronic form of
evidence.
 “electronic form evidence” –inclusive definition-
computer evidence, digital audio, digital video,
cellphone, fax machines-information stored,
transmitted in electronic form

30. Strengthening India’s cyber
security
 Section 70- protected systems- takes within its cover the
‘Critical Information Infrastructure’
 Computer resource, incapacitation or destruction of which has
debilitating impact on national security,economy,public health,
safety.
 CERT appointed as Nodal Agency for incident response-
Section 70B
 Multiple roles- alert system ,response team, issuing guidelines
,reporting incidents
 Non cooperating service providers, intermediaries,etc
punishable with term upto one year or fine upto one lac or
both
 Excludes jurisdiction of court

31. IT (Amendment)
Act,2008
Legal recognition to
E- documents
& e-contracts
(Sec.7A,10A)
Composition of CAT-
Include members-
majority decision
(Sec52D)
other Acts applicability
(Section 77 r/w 81)
Power to investigate
-Inspectors-
(Section 78,80)

32. Intermediaries Guidelines
 InformationTechnology ( Intermediaries guidelines) Rules
2011.
 Privacy policy and User Agreement mandatory
 Inform the users not to ‘host, display, upload, modify, publish,
transmit, update or share information’ that they donot have a
right to, grossly harmful, harassing, defamatory, obscene,
invades privacy, hatespeech, encourages money laundering, or
gambling, unlawful, harmful to minors, infringes IPR, spoofing,
sends grossly offensive information, impersonation, software
virus spread., threatens unity, integrity, security of
India….friendly relations with foreign states…public order ,
causes incitement to commission of any cognisable offence,
prevents investigation, or insults other nation’

33. Liability of ISP revisited
 Under earlier Section 79, network service providers were liable for third party
content only if they failed to prove offence was committed without knowledge
or due diligence was exercised. Burden of proof was on Network service
provider.
 The amended section excludes certain service providers and holds
intermediary liable only if he has conspired , abetted or induced whether by
threats or promise or otherwise in the commission of unlawful act
(S.79(3)(a).Onus to prove conspiracy, abetment, is shifted on Complainant.
 Intermediary is liable also if on receipt of actual knowledge or on receipt of
intimation from govt agency, it fails to remove or disable such website’s access.
 Temporary storage exempted-no human editorial control, removal of access on
actual knowledge
 Electronically signed complaint by affected party- action within 36 hrs to
disable content
 Intermediary's right to terminate access /use if breach of user agreement
 Intermediary to provide information to government investigating agencies-
verification of identity, prevention, detection, investigation,
prosecution,cybersecurity incidents, punishment of offences on a written
request stating purpose.
 Intermediary to comply with Reasonable security practices Rules, 2011

34. Compliances by Cybercafes
 InformationTechnology ( Guidelines for cybercafe ) Rules
,2011
 Agency for registration of cybercafe
 Identification of user mandatory-school icard,photo credit
card, passport, voter id, PAN card, photo icard, driving
license, UID
 Photocopy/scanned id proof duly signed by user and
cybercafe representative to be maintained for one year.
 May also be photographed signed by user, cybercafe rep
part of log register maintained in physical or electronic
form.
 online version to be electronically signed

35.  Name, address ,gender, contact number, type and detail of
identification document, date, computer terminal used, log
in , logout
 Monthly reports of log registers –submit to agency
directed by registration agency by 5th of next month.
 Cybercafe owners to maintain backup of logs of history
of websites accessed on a computer
 Logs of proxy server at the café
 Guidelines for auditing and logging- CISG 2008-01
updated by CERT-see www.cert-in.org.in
 Record of its staff for one year

36. Investigations- Important provisions under
CrPC
 Under CrPC, Section 41-When police may arrest without warrant
 Search by police officer–Section 47
 Summons to produce a document or thing-Section 91
 Search warrant by magistrate-Section 93, Section 94- for stolen goods/forged documents
 Power to seize property-Section 102
 Arrest to prevent commission of cognizable offences- Section 151
 Section 154- Information/complaint in cognizable cases
 Section 157-procedure to investigate –send report to magistrate
 Section 160 r/w 161-power to require attendance of witness& their examination
 Section 165-search by police investigating an offence -copies of record sent to magistrate
 Section 166-officer required another police station to issue search warrant
 Section 166A –letter of request by criminal court for outside India search
 Section 167- producing accused before magistrate on expiry of 24 hrs
 Section 172-Diary of proceedings to be maintained
 Section 173-Police Report
 Section 175-Power to summon persons

37. Determining Jurisdiction
 Place of inquiry/trial- Section 177- where offence was
committed.
 Section 178-offence committed in more than one jurisdiction-
any of the relevant jurisdictions
 Section 178- act where it is done and consequence where felt-
any of these jurisdictions
 Section 181-theft, stolen property, extortion- where
committed, stolen property is possessed
 Offences committed by letters, messages- where sent/received
 Section 188-offence committed outside India by citizen of
India, on a ship/aircraft registered in India trial as if committed
in India with prior sanction of central government.
 Section 468-period of limitation to take cognizance.

38. Important provisions under IT Act,2000
 Section 77r/w 81- IT Act,2000-confiscation- Any computer or
accessory liable to be confiscated if used for commission of
offence
 compensation, penalty, confiscation not to interfere with other
remedies under other statutes
 Section 77 A –compounding of offences –below 3 year
sentence
 Section 77B- offences with 3 yr punishment bailable
 Section 78-power to investigate- inspector and above
 Inspection provisions- consistent with Section 80 –power of
police inspectors /officers to search & arrest, without warrant
any person who has committed, is committing or about to
commit any offence under IT Act.

39. CBI manual chapter 18-Investigating
cybercrimes
 Disks or Cartridges ─ these can be used to store copies of files from the computer
 for use in his investigation.
 (2) Labels ─ to label cables, where they plug in, disks, the various parts of the
 computer and to write/protect disks.
 (3) Screwdrivers and other tools used to dismantle the hardware for seizure.
 (4) Gloves ─ remember that often, latent prints can be taken from disks or other
 storage media or hardware.
 (5) Packing materials – rubber bands, tape, boxes, bubble wrap, and if he does not
 have access to anti-static wrap, paper bags should be used, because they have
 less static charge than plastic bags.
 (6) Camera equipment – to videotape and photograph the scene.
 (7) Chain of custody report sheets and other paper to inventories seized evidence.

40. Investigation in cybercrime cases
 On the crime scene if computer screen is on, click pictures,
video or note in seizure memo.
 Digital evidence in hard disk, Smartcards, biometric
devices,answering machines,digital cameras,
printers,PDAs,modems,servers,CDs, scanners,pendrives,
phones, Drives, digital watches, fax machine,GPS,keyboard,
mouse
 Draw the network architecture sketch/video/photograph it.
Prepare set of questions for FSL lab to investigate, note
individuals present there, position of equipment, password
slips, papers, note network connections, details of modem,list
of suspects,mitigation actions, logs, after incident use, any
system alarms, user names, service provider details, back up
plan, CCTV, user management software, type of wifi
connection,protect media from magnetic field .Access rights
informationetc.

41. Techniques of cyber investigation-
Cyber forensics
 Computer forensics, also called
cyber forensics, is the application
of computer investigation and
analysis techniques to gather
evidence suitable for presentation
in a court of law.
 The goal of computer forensics is
to perform a structured
investigation while maintaining a
documented chain of evidence to
find out exactly what happened on
a computer and who was
responsible for it.
Archival
Articulation
Analysis
Authentication
Acquisition
Assessment

42. Rules of evidence
 Computer forensic components-
 Identifying
 Preserving
 Analysing
 Presenting evidence in a legally
admissible manner

43. Classification of computer forensics
 Disk based forensics
 Network based forensics
 Mobile forensics
 E-mail forensics etc
 Disk imaging and analysis-
 Tool must have the ability to image every bit of data on storage medium,
tool must not make any changes to the source medium.
 Examples-
 DCFLDD-www.prdownloads.sourceforge.net/biatchux
 ODD-open data duplicator
 ODESSA-creating a qualified duplicate image with Encase-
www.odessa.sourceforge.net

44. Recovering deleted data
 Encase
 FTK
 Stellar Phoenix
 PCI file recovery
 Undelete
 Recover4allGet data back
 Fast file recovery
 Active undelete

45. Access data

46. Results displayed by category

47. FBI handbook of forensic investigation-
techniques for computer forensics
Examine type of content in
computer
Comparison of data files
Transactions-to know time
and sequence when data files
were created
Data files can be extracted
from computer
Deleted data files can be
recovered from the computer
Data files can be converted
from one format to the other
Key word searching Passwords, log in and log out
time, use of applications, wifi
Limited source code can be
analysed and compared
Storage media with
standalone word processors
can be examined

48. Sources of Evidence
 Existing Files
 Deleted Files
 Logs
 Special system files (registry etc.)
 Email archives, printer spools
 Administrative settings
 Internet History
 Chat archives
 Misnamed Files
 Encrypted Files / Password Protected files
 Steganography /hidden files

49. E-mail forensics
 E-mail composed of two parts- header and body
 Examine headers
 Request information from ISP
 Trace the IP
 Tools-Encase,FTK,Final email
 Sawmill groupwise
 Automation for logging
 Cracking the password- brute force attack, smart search, dictionary search,
date search, customised search, guaranteed decryption, plaintext attack
 Passware, ultimate zip cracker,office recovery enterprise,etc

50. The criminal prosecution pyramid
Conviction/acquittal
Trial
Contents of charge
Issue of process –summons, warrant
Examine the witnesses
Examine the complainant on oath
Initiation of criminal proceedings-cognizance of offences by magistrates

51. Amendments- Indian Evidence Act
1872
 Section 3 of the Evidence Act
amended to take care of
admissibility of ER as evidence
along with the paper based
records as part of the documents
which can be produced before the
court for inspection.
 Section 4 of IT Act confers legal
recognition to electronic records
 Section79A of the IT Amendment
Act ,2008 defines electronic
evidence .includes computer
evidence, digital audio/video,
cellphones, digital fax machines

52. Sections of Evidence Act,1872
 Section 47A- opinion of Certifying Authority with respect to
Electronic signatures
 Section 67A- mandates proof of electronic signature of
subscriber
 Section 85A- presumption in favour of electronic signature on
an electronic record purporting to be an agreement
containing electronic signature
 Section 85C-presumption in favour of certain information
listed in Electronic signature certificate
 Section 90A- presumption in favour of electronic signature on
electronic record that is 5yrs old
 Section 73A-proof of digital signature
 Section 45A opinion of Examiner of Electronic Evidence

53. Societe Des products Nestle SA case
2006 (33 ) PTC 469
 By virtue of provision of Section 65A, the contents of electronic records may be proved in evidence
by parties in accordance with provision of 65B.
 Held- Sub section (1) of section 65B makes admissible as a document, paper print out of electronic
records stored in optical or magnetic media produced by a computer subject to fulfillment of
conditions specified in subsection 2 of Section 65B .
a) The computer from which the record is generated was regularly used to store or process
information in respect of activity regularly carried on by person having lawful control over the
period, and relates to the period over which the computer was regularly used.
b) Information was fed in the computer in the ordinary course of the activities of the person having
lawful control over the computer.
c) The computer was operating properly, and if not, was not such as to affect the electronic record or
its accuracy.
d) Information reproduced is such as is fed into computer in the ordinary course of activity.
 In the context of Section 65B(2)(c) the condition that throughout the material part of the period to
 which the computer operations related, the computer was operating properly has to be complied
with.
 Secondary evidence can be led –apart from certification procedure in Section 65B(d)
 State v Mohd Afzal,
2003 (7) AD (Delhi)1

54. Mohd Afzal case- Parliament attack case-
cyber terrorism
 I-Cards, slips of papers containing telephone numbers and mobile phones were seized from
accused. The laptop which was seized from the two terrorists, who were gunned down when
Parliament was under siege on December 13 2001, was sent to Computer Forensics Division
of BPRD after computer experts at Delhi failed to trace much out of its contents.

The laptop contained several evidences that confirmed of the two terrorists’ motives, namely
the sticker of the Ministry of Home that they had made on the laptop and pasted on their
ambassador car to gain entry into Parliament House and the fake ID card that one of the
two terrorists was carrying with a Government of India emblem and seal.

The emblems (of the three lions) were carefully scanned and the seal was also craftly made
along with residential address of Jammu and Kashmir. But careful detection proved that it was
all forged and made on the laptop.
 investigate about the mobile numbers found written on the slips of paper recovered from the
terrorists-also the mobile phones recovered from the terrorists and the three SIM cards
recovered from the purse of terrorist-a) SIM cards corresponding to telephone number
9810693456 recovered from the purse of Mohd. was used in six instruments.
 b) Last call made from this mobile number 9810693456 was made to mobile No. 9811489429
(the number on the I. Cards recovered from the terrorists) at 11.25 A.M. on 13.12.2001 (Time
was when attack was on).
 Phone tapping was adopted and accused were found to have connections from Srinagar.

55. State vs Mohd Afzal
 Held- “The testimony of PW.35 and PW.36 establishes that the call details
Ex.PW.35/2 to Ex.PW.35/8 and Ex.PW.36/1 to Ex.PW. 36/5 were computer
generated and pertained to the respective periods indicated in the print
outs.Testimony establishes that they related to the services provided by
the respective companies in respect of the different mobile phone numbers.
It is true that neither witness made a positive statement that during the
relevant period, the computers worked properly but reading the statement
as a whole, the same is implicit.No suggestion was given to the witness
that their computers were malfunctioning.”
 “We are satisfied that on the evidence on record, the prosecution has duly
proved the electronic record Ex.PW.35/2 to Ex.PW.35/8 and Ex.PW.36/1 to
36/5.The technical flaw whereby on four occasions double entries have
been recorded are explainable, in that,they are double entries pertaining to
the called and caller numbers. Even otherwise as held in Ana Marcolino
(Supra) the malfunction is not sufficient to cast a doubt upon the capacity
of the computer to process information correctly. It does not establish in
any way that the capacity of. the computer to process, store and retrieve
information used to generate the statement, tendered in evidence, was
effected”.

56. State v Navjot Sandhu
(2005)11 SCC 600
 Held, while examining Section 65 B Evidence Act, it may be
that certificate containing details of subsection 4 of Section 65
is not filed, but that does not mean that secondary evidence
cannot be given.
 Section 63 & 65 of the Indian Evidence Act enables secondary
evidence of contents of a document to be adduced if original is
of such a nature as not to be easily movable.

57. Syed Asifuddin and Ors. V. The State of AP.
& Anr., 2005CriLJ4314

Facts of the case:
Pioneer Scheme a third generation digital handset costing about Rs. 10.500/- for a mere payment of Rs.
3.350/- with a condition to sail with their network for a period of 3 years with option to exit either by
surrendering the handset or paying the cost of the handset to the company. Investigation also reveals that
there is an agreement existing between the Samsung manufacturers and LG manufacturersWith Reliance
Infocomm regarding their exclusive models Samsung N191 and LG-2030.These model handsets are to be
exclusively used by Reliance India Mobile Limited only.
 Tata Indicom employees were arrested for manipulation of the electronic 32-bit number (ESN)
programmed into cell phones that were exclusively franchised to Reliance Infocomm.
The court held that such manipulation amounted to tampering with computer source code as envisaged by
section 65 of the InformationTechnology Act, 2000.
A cell phone is a computer as envisaged under the InformationTechnology Act.
ESN and SID come within the definition of "computer source code" under section 65 of the Information
TechnologyAct.
When a customer of second respondent opts for its services, the MIN and SID are programmed into the
handset.If some one manipulates and alters ESN, as per the case of second respondent,Samsung/LG
handsets which are exclusively used by them become usable by other service providers like TATA Indicom.

58. Presumptions in law- Section 85 B
Indian Evidence Act
 The law also presumes that in any proceedings, involving secure digital
signature, the court shall presume, unless the contrary is proved, that the
secure digital signature is affixed by the subscriber with the intention of
signing or approving the electronic record
 In any proceedings involving a secure electronic record, the court shall
presume, unless contrary is proved, that the secure electronic record has
not been altered since the specific point of time, to which the secure status
relates

59. Presumption as to electronic messages- Section 88A
of Evidence Act
 The court may treat electronic messages received as if they
were sent by the originator, with the exception that a
presumption is not to be made as to the person by whom
such message was sent.
 It must be proved that the message has been forwarded from
the electronic mail server to the person ( addressee ) to
whom such message purports to have been addressed
 An electronic message is primary evidence of the fact that the
same was delivered to the addressee on date and time
indicated.

60. Ziyauddin Burhanuddin Bukhari Vs. Brijmohan
Ramdass Mehra & Ors (1976) 2 SCC 17
 court relied on R.Vs. Maqsud Ali -held that the tape-recordings
of speeches were admissible in evidence on fulfillment of the
following conditions:
 "(a)The voice of the person alleged to be speaking must be duly
identified by the maker of the record or by others who know it.
 (b) Accuracy of what was actually recorded had to be proved by the
maker of the record and satisfactory evidence, direct or
circumstantial, had to be there so as to rule out possibilities of
tampering with the record.
 (c)The subject-matter recorded had to be shown to be relevant
according to rules of relevancy found in the Evidence Act.“

61. Bazee.com case-cyberporn
 Required user to register on site
 Seller to post item & write description
 Telephonic verification of seller
 Safety and trust division ran objectionable material filter check
 Bazee .com received commission on sales
 Ravi Raj was registered user with e-mail id psell@sify.com
 He used new name as Alice Electronics gave a kharakpur address sold item under
books and magazines
 Word ‘sex ‘at serial 23 of filter list , sexual at ’70’ still listing took place
 Seller on receiving confirmation of payment will mail it as e-mail attachment to
buyer ‘dps_rkpuram-sex-scandle.zip’
 On 27th nov 2004 e-mail received from Amit vohra intimating the illegal activity , on
29th it was closed.-sold 8 copies
 Avnish Bajaj arrested.
 As regards Section 292, no vicarious liability of director but under Section 67, read
with Section 85, director is primafacie liable
.-listing primafacie obscene. “Delhi girls having fun”

62. Aneeta Hada v M/s. Godfather Travels &
Tours
 Thereafter, in Aneeta Hada v M/s. Godfather Travels &Tours (P)
ltd 2012 (5) SCC 661, the Hon'ble Supreme court considered
criminal appeal no.1483 of 2009 titled Avjnish Bajaj v State
along with other criminal appeals involving same question of
law,whether a director can be held liable even where a
company is not arraigned as an accused .The Hon'ble court
took the view that under Section 85 of the Information
Technology Act,2000,which provides for deemed liability of
directors incase of offences committed by companies, a
director cannot be held liable without impleading the company
as an accused.The court quashed the proceedings against the
appellant director as the company was not even arraigned as
an accused.The court applied the doctrine of strict
construction, and took the view that commission of offence by
the company is an express condition precedent to attract the
vicarious liability of others.

63. Identity thefts
 A complaint was filed in by Sony India Private Ltd, which runs a website called sony-
sambandh.com, targeting Non Resident Indians.The website enables NRIs to
send Sony products to their friends and relatives in India after they pay for it online.
 In May 2002,someone logged onto the website under the identity of Barbara
Campa and ordered a Sony ColourTelevision set and a cordless head phone.A lady
gave her credit card number for payment and requested that the products be
delivered to Arif Azim in Noida.
 At the time of delivery, the company took digital photographs showing the
delivery being accepted by Arif Azim.The transaction closed at that, but after one
and a half months the credit card agency informed the company that this was an
unauthorized transaction as the real owner had denied having made the purchase.
The company lodged a complaint for online cheating at the Central Bureau of
Investigation which registered a case under Section 418, 419 and 420 of the
Indian Penal Code.
The matter was investigated into and Arif Azim was arrested. Investigations
revealed that Arif Azim, while working at a call centre in Noida gained access
to the credit card number of an American national which he misused on the
company’s site.

64. Spoofing
 A 16 year old student from Ahmadabad who threatened to blow up Andheri
Railway station in an email message was found guilty by the Juvenile court in
Mumbai.
A private news channel received an email on 18 March 2008 claiming sender as
Dawood Ibrahim gang saying a bomb would be planted on an unspecified train to
blow it up.
The case was registered in Andheri Police station under section 506 of IPC and
transferred to cyber crime investigation cell. During Investigation CCIC traced
the cyber cafe from which the email account was created and threatening email
was sent.
Cafe owner told police about users which had come that day to surf the
net.Police Summoned them and found that the system which was used to send
email was accessed by only one customer. On 22nd March 08, police arrested the
boy a Class XII science student who during interrogation said that he sent the
email for fun of having his prank flashed as “breaking news’’ on
television.

65. JCB INDIA LTD vs I.P. ADDRESS
:122.163.98.166 & ORS
 in March 2008 the plaintiffs became aware of the fact that the applicant had
joined M/s Escorts Construction Equipment Ltd., its direct competitor.The
plaintiff was also notified by its security staff that some documents, papers
containing print outs of email messages pertaining to the private email
account of the applicant being abhinavdeepti@indiatimes.com were found.
 A reading of the documents, it is averred, revealed that they CS (OS)
Nos.691/2008 & 1021/2008 Page 3 contained confidential information
pertaining to the intellectual property of the plaintiff company.The plaintiff,
therefore, alleges that the applicant during his stint in the plaintiff company
transferred such confidential information and trade secrets to the local PC
and thereafter on to his personal email id.
 It is alleged that an examination of the computer records of the applicant
revealed that mails were being sent frequently to the aforesaid email id and
that these contained the plaintiff's valuable confidential,including drawing
for a backhoe bucket, tanks, fender, post leg etc., all of which were made on
Product Lifecycle Management (PLM), the software used by the plaintiff to
store itsconfidential data.

66. Nirav Navinbhai Shah And 4 Ors. vs State
Of Gujarat And Anr. on 28/9/2006
 The gist of the complaint was that the accused No. 1
hacked with the help of the other accused the
complainant's computers and stole important data.The
offence was investigated and report came to be filed by
police and Criminal Case No. 3528 of 2004 began.
 The complainant and three other witnesses have already
been examined. It is stated in this application that in the
meanwhile some settlement was arrived at between the
parties to end all civil as well as criminal litigations
pending between them in various courts including court
in United Kingdom.

67. Sri. P. Padmanabh S/O Papanna @ ... vs Syndicate Bank
Limited, ... on 15 November, 2007
 A nationalised bank had issued a ATM card to the defendant; that the card enabled the
defendant to draw money/cash from the ATM counter established by the bank and that the
amount drawn by the defendant would be debited to the Savings Bank account maintained by
the defendant with the bank;
 that it was linked to the Savings Bank account of the defendant; that the defendant could have
drawn amounts from the ATM bank upto the extent of balance maintained in the Savings Bank
account,
 but the defendant taking advantage of some snapping of link between the ATM and the
computer maintaining the bank accounts and other transaction of the bank had drawn sums
of Rs. 5,000/- on three days though there was no sufficient balance in the account.
 This fact having been noticed by the bank,later the bank had put the defendant on notice
calling upon him to make good the amount; that amount having not been paid, a legal notice
was also issued but the defendant not having responded positively to make good the amount,
it had become necessary for the plaintiff to sue the defendant for the recovery of the amount,
 particularly, for the three transactions of drawal of Rs. 5,000/- on each occasion through the
ATM machine by the defendant with costs and consequence.The defendant while admitted
the maintenance of Savings Bank account and also the issue of ATM card by the bank, denied
having operated ATM machine for drawal of the amounts as indicated in the plaint

68.  petitioner had not established the liability of defendant for payment of the amounts
in terms of three withdrawal transactions through the ATM machine; that the
defendant was enabled to withdraw amounts under the ATM card only upto the
balance maintained in the account and not beyond and that special circumstance
pleaded in the plaint regarding snapping of the link between the ATM machine and
the main computer was never to the knowledge of the defendant but had no
occasion to use the ATMmachine;
 that even as admitted by the plaintiff there was malfunctioning of the ATM machine
or the computer and therefore no presumption about the accuracy of the entries
could have been drawn in favour of theplaintiff - bank;
 that the very fact the bank had allowed the Savings Bank account to become
irregular and did not even care to apprise the defendant for more than three
months is proof enough of the irregularity of the maintenance of books of
accounts in the normal course of business
 that therefore, no presumption could have been drawn and the learned trial judge,
when had declined to draw the presumption in favour of the plaintiff in terms of
Section 65-B(2) Clause (b) of Indian Evidence Act, 1872 with Section 65-B

69. MCQ Test
 Q.1.The role of Certifying Authority appointed under the IT Act,2000 is-
 (1) to issue digital signatures (2) to grant compensation for contraventions (3) to punish an
accused (4) to make new rules under IT Act,2000
 Q.2 Liability of intermediaries under IT Act is provided under –
 (1) Section 79 of IT Act (2) Section 67 (3)Section 85 (4) Section 46
 Q.3 Electronic Evidence in form of affidavit by Chief Technology officer as per Section 65A
and B of evidence Act is-
 (1) admissible as secondary evidence (2) admissible as primary evidence (3) not admissible
(4) depends on facts of a case
 Q.4 Forging of electronic document is punishable under Section 470 read with Section 465
IPC with a period of imprisonment of a term that may extend to –
 (1) five years (2) three years (3) two years (4) one year
 Q.5 using a digital signature of a director malafidely without permission to sign a document
amounts to a –
 (1) identity theft (2) negligence (3) perfectly legal act (4) tort

70. Copyrighted,Seth Associates,201070
Thank you!
SETH ASSOCIATES
ADVOCATESAND LEGAL CONSULTANTS
New Delhi Law Office:
C-1/16, Daryaganj, New Delhi-110002, India
Tel:+91 (11) 65352272, +91 9868119137
Corporate Law Office:
B-10, Sector 40, NOIDA-201301, N.C.R ,India
Tel: +91 (120) 4352846, +91 9810155766
Fax: +91 (120) 4331304
E-mail: mail@sethassociates.com