Cyber Security Tutorial

Cyber Security Overview Cyber Security Introduction Cyber Crime Cyber Space Cyber Criminals Cyber Law Cyber Attackers Types of Hackers Functions of Cyber Security Method to Improve Data Security Cyber security frameworks Importance of Cyber Security Types of Cyber Security Cyber Security Fundamentals Applications of cyber security Cyber security in education sector Cyber security in health care industry Cyber security tools Cyber security policies Types of security policies Characteristics of cyber security policies Digital signature Cyber Security Standards NIST- National Institute of Standard and technology Information Technology Act ISO - International Standard for Organization ISO certification PCI DSS Standard FINRA Difference between Information Security and Cyber Security Cyber Security Vulnerability Elements of vulnerability management Social Engineering Vulnerability Assessment Vulnerability management Types of cyber security vulnerabilities Identification of security vulnerability Types of social engineering attacks Penetration Testing Penetration Testing Tools Types of penetration testing Process of Penetration Testing What is Phishing Elements of cyber security Difference between Spoofing and Phishing Difference between Network Security and Cyber Security Difference between Ethical Hacking & Cyber Security Role of artificial engineering in cyber security Cyber Forensics Definition Cyber Security job qualifications Cyber Security Prerequisites Cyber Security Identity and Access Management What is Cyber Forensics Different Types of Cybercrime Different types of cybercrime Tunneling Techniques in Cyber Security

Information Technology Act
2022-06-12 17:47:45

Information Technology Act

Information technology is everywhere; it is absorbed in the nerves of a human being. Without it, human goes back to their early era, and no work is conducted. It is a dire need of the moment, from filling a single form to doing world-level experiments.

Technology fulfills our personal and private work, including personal talks, health, education, business, etc. We can't imagine Indian trade without adequate technology because it will seem like a stagnant economy without modernization. Without using technology world level trading is impossible; therefore, it has become mandatory for the government to make some rules and regulations to prevent cyber attackers and cybercrime as technology is more used the bad intention of people. The government of India has made a gazette law for IT named as Information Technology Act.  

Let's learn about some of the important features and Objectives of the IT ACT.

Introduction of the IT Act

Name of the Act“Information Technology Act, 2000”, “ITA-2000”, “IT-ACT”.

Signed – 9 May 2000

Commenced – 17 October 2000

Assented to – 9 June 2000

Primary objective – Act designed as primary law dealing with electronic commerce and cyber-crime in India.

History/ Background – The Information Technology Act bill was passed in parliament in the budget session of 2000. It was signed on 9 June 2000 by president K.R Narayanan and finalized by a team of officials headed by Minister of Information Technology Pramod Mahajan.

To attain uniformity within the law in several countries, UNCITRAL- the international organization commission on Indian trade law, adopted a model law on electronic commerce (e-commerce) in 1996.

With innovations, certain amendments are written under various sections in this Act to protect people from digital frauds. 13 chapters and 90 sections in the constitution define this IT Act, while the last four sections (sections 91-94) deal with the revision of the Indian Penal Code 1860. IT Act 2000 acts as a legal section for electronic commerce, electronic transactions, e-governance, and cyber-crime. This Act consists of two schedules:

First Schedule deals with such documents where the Act shall not apply.

Second Schedule – It directly handles the electronic signature or electronic authentication method.

Objectives of the IT Act, 2000

Following are the main objectives of the IT Act, 2000:

  • It facilitates filling the form of documents electronically with different government or private departments and agencies. It also protects and stores electronic data.
  • The main objective is to legally channel e-commerce, including electronic fund transfers between financial institutions and banks, by granting legal recognition to all the transactions.
  • Now electronic communication or e-commerce has taken the place of paper-based communication and transactions with electronic data exchange. So to prevent them from being criminals and frauds need to be legalized with some strict rules and foundations.
  • Under the Evidence Act, 1891, and Reserve bank of India Act, 1934, it becomes mandatory for bankers to keep the books of accounts electronically.
  • Digital signatures have provided legal recognition for the authentication of any information and matter that require authentication.   

Features of the Information Technology Act, 2000

Some of the features of this Act are as follows:-

  • This Act consists of legal recognition for digital signatures as this system uses an uneven cryptosystem and hash function/operator for protecting the data.
  • It legally validates the electronic contracts created through secure electronic channels.
  • Regulates penalties and punishments for various cyber-crimes and digital/ electronic format frauds.
  • This law charged a penalty for any crime related to a computer or network located in India or foreign by establishing a cyber restrictive Appellant judicature under a provision in the Act. Here all the appeals created against the order of the controller/ Adjudicating officer are handled under this judicature. Still, an appeal or complaint against the cyber appellant tribunal is only placed in the high court.
  • It includes the provision of a Cyber Regulations Advisory committee in the constitution that advise the central government and Controller.
  • It also indulges provisions related to offenses and contraventions committed outside India.
  • The Controller is the repository of the digital signature, which is appointed under the appointment of the Controller of certifying authorities to license (CCA) and regulate its working.
  • This Act provides permission and right to the senior and other police officers to enter any public place to detect and search. Even they can arrest someone without a warrant.

List of punishments and offenses defined under IT Act, 2000

  • Penalties on the following:
    • Misrepresentation of data
    • Breach of privacy and confidentiality
    • Interference without other permission
    • Publishing fake digital signature signature
    • Publishing for fraud purposes
  • Confiscation
  • For the protection of the system
  • Hacking of system
  • Tampering with digital documents and data
  • Criminal mind with malicious purpose
  • Power of Controller to give directions
  • Have the power to investigate illegal offenses
  • Publishing of digital information without permission
  • It applies to electronic contravention and offenses committed outside India
  • The offense is done by cybercriminals and attackers
  • The direction was given to Controller for a subscriber to extend facilities to decrypt information.

Section defined under Information Technology Act, 2000  

       Section                                 Offense and  Punishment
Section 43This is a very important section that handles the Act of breaching the information from the computer system. Any act of destroying, stealing, altering, or deleting data from a computer system/ network with malicious intentions and without authorization or permission from the owner. This Act is liable for compensation paid to the owner.
Section 43AAny private firm or corporate body that deals with the user's sensitive information fails to protect the authenticity and confidentiality of the information due to the non-implementation of reasonable security practices. Because of this user suffers and is liable for compensation form the company.
Section 66Under this section, cyber hackers are punished for hacking the computer system with malicious intentions. This Act is punishable with 3year imprisonment or a fine of Rs. 500,000 or both.
Section 66 B, C, DThis section covers all the frauds and dishonesty done on a digital platform (transmitting information or identity theft. These are punishable offenses with 3years imprisonment and Rs. 100,000 fine or both
Section 66EThis section includes privacy violation, which includes sharing personal images or private area. This Act is punishable with a 200,000 fine and 3-year imprisonment.
Section 66 FThis section handles the result of cyber terrorism that affects India's integrity, security of data, and unity & sovereignty via digital platforms. Terrorist is liable for life imprisonment.    
Section 67Regarding pornography, publishing, and transmission of obscene information or content publically. These all crimes are liable for imprisonment of up to 5 years or a fine of Rs. 100,00,00 and can be both.
Section 69 AThis Act is for the government, which empowers them to block internet sites in the nation's interest. Under this Act, government authorities or cyber cells intercept, monitor, or decrypt any information received/stored, transmitted, or generated in any computer resource or network. This can be done in favor of sovereignty or integrity of the nation, security of the state, defense of India, public order or friendly relation with foreign countries/ states, for investigation of any offense, for preventing incitement to the commission of any cognizable offense.  
Section 79 (2) (C)This Act handles online intermediaries who are observed due diligence while discharging their duties (internet service providers (ISPs), social media platforms, and social engines are kept under surveillance). It also observes other guidelines prescribed by the central government.  

Conclusion

The information technology act is necessary for this digital world to protect and preserve the integrity and confidentiality of information for individuals and safeguard the nation. It's a legal framework that defines cyber crimes, designed for electronic governance by giving recognition of digital signatures and electronic records and prescribing penalties for them. According to the needs in cyber security, the government will make new amendments for the public and the nation.