Author:Yash Gupta, Amity University, Noida
The Role Of Cyber Law In Cyber Security
The computer-generated environment of the internet is usually referred to as cyberspace, and the laws that control or are in effect in this realm are referred to as cyber laws or IT laws. All users of this cyberspace are subject to these laws because they have global jurisdiction. When illegal or unauthorised access to data or access to a computer or other device occurs, it is referred to as cybercrime. Cybercrime is on the rise, and this encompasses fraud, abuse, and gadget misuse. In India, cyberlaw is not a separate legal framework, rather it's an unique composition consisting of contract, intellectual property, data privacy, and data protection. With computers and the internet infiltrating every part of our lives, Strong foundation for cyber laws are required. Information, software, information security, e-commerce, and monetary transactions are all governed by cyber laws.
"The Cyber Laws in India has paved the way for electronic commerce and electronic governance in the country by ensuring maximum connectivity and minimum cybersecurity risks. Also, enhancing the scope and expanding the use of digital mediums" says Advocate Krishnamohan K Menon.
As of October 2020, an estimated 4.66 billion individuals were online, accounting for more than 60% of the global population, according to the data accumulated from various surveys and researches. This has had a significant impact on how the entire globe communicates. The number of people who use the internet regularly has steadily increased in recent years. However, because of the COVID-19 epidemic, the increase was bigger than ever this year. Because of the coronavirus, the world had practically ground to a halt, and everything had to be relocated on the Internet causing a massive paradigm shift. Employees had to begin working from home in a remote setting, meetings were being held via video conferencing using communication applications like Microsoft teams and skype, and schools and universities had to adapt and begin teaching their students online. However, as the internet has become easily accessible to everyone anywhere in the world, cybercrime has become increasingly frequent. As the internet and technology grow in popularity, society’s reliance on technology grows, increasing the number of crimes based on electronic or digital law breaking.
Advantages of Cyber Laws
Secured E-Commerce Infrastructure for online businesses
Digitally sign your contracts/ papers
Introduced new businesses for Certifying Authorities
Proficient use of E-Forms as prescribed
Secured websites with Digital Certificates
Meticulous monitoring on the web traffics
Electronic Transactions safeguarded
Emails are a legal form of communication and are approved in the court of law.
CYBER LAWS IN INDIA
Every country in the world, including India, is concerned about cyber security. Because India is one of the countries where the internet is widely utilised in our day-to-day life, strict cyber regulations are all the more important.
There are four major cyber-security regulations in India, which have cleared the way for electronic commerce and electronic governance, as well as expanded the scope and applicability of digital media.
Information Technology Act, 2000
The implement of an IT legislation was critical in India when the emphasis was on the need for cyber law or cybersecurity laws. As a result, India's IT (Information Technology) Act, 2000, often known as the Indian Cyber Act or the Internet Law, went into effect, This act alone governs most cyber legislation in India. The Indian Internet Laws have been drafted ,since the enactment, to give legal legitimacy to all electronic documents and online/electronic activities. The IT Act also addresses fundamental security issues that are essential to the success of electronic transactions. The Indian Internet Laws not only validate digital signatures, but also specify how documents that have been accepted and generated using digital signatures can be done. It provides for penalties in the case of unauthorised access to data and damage to computers and data on computers through cyber-attacks, including through viruses. The Act also has a specific provision to protect children on the online platform, which is Section 67B.
INDIAN PENAL CODE (IPC), 1980
As previously indicated, cybercrime will include typical criminal behaviours such as theft, fraud, forgery, defamation, and mischief, all of which are covered by the Indian penal law and subject to its restrictions. As a result, thefts and related cyber scams are defined in Indian criminal law, in combination with the information technology act of 2000. 464, 468, 465, 471, and 469 are all pertinent sections.
COMPANIES ACT, 2013
This act is referred to by company stakeholders as a legal responsibility that is essential for improving and monitoring daily operations. The Serious Fraud Investigation Office (SFIO) was founded under the Companies Act , and it was given the jurisdiction to prosecute Indian companies and their directors. The SFIO has become harsher and more proactive in this area since the publication of the company's inspection, investment, and inquiry guidelines in 2014. The Act ensures that all regulatory compliances are appropriately covered, including cyber forensics, e-discovery, and cyber-security diligence. Strong standards have been stated about the roles and responsibilities of company directors and leaders in confirming cyber-security under the Companies (Management and Administration) Rules of 2014.
By providing a standardised approach to cyber-security, the National Institute of Standards and Technology (NIST) has authorized cyber-security framework (NCFS) making itself established as the most credible global certifying organisation. The NIST cyber-security framework includes all of the necessary principles, standards, and practises for effectively managing cyber-related risks. This framework places a premium on adaptability and cost-effectiveness. It contributes to critical infrastructure resilience and protection by:
Allowing for better cyber-security risk management, interpretation, and mitigation in order to prevent data misuse, data loss, and the resulting restoration costs.
Identifying the most vital activities and operations and concentrating on securing them
By proving the reliability of organisations that protect important assets.
Making the contractual and regulatory duties addressed.
Aiding in prioritising investments so that cyber-security ROI is maximised
Supporting the information security programme as a whole.
ADDITIONAL IMPORTANT PROVISIONS OF IT ACT,2002
Section 66E: According to this section, publication or transmission of images of a private area of a person without the consent of such person is made punishable if such images are captured under circumstances violating privacy.
Section 66C: This section deals explicitly with identity theft and cybercrimes. This section prescribes punishment for any individual who fraudulently or dishonestly uses personal information like passwords or e-signatures of other people. Section 66D: This provision imposes punishment on a person who cheats by impersonating another.
Section 43A: Children's Personal and Sensitive Data— Though this provision imposes civil liability in the form of "compensation", it requires individuals and institutions handling personal data and sensitive information of people to take care of such information as against illegal use and exposure. This provision is wide enough to cover the personal data and sensitive personal information of children.
Conclusion & Findings
Cybercrime is a huge threat to all developing and developed countries of the world, as well as to a country's economic progress, as financial institutions are the most vulnerable to cybercrimes. Cybercrime suspects are frequently based in a country with no or weak cyber laws, limiting identification and punishment prospects. Cyber laws govern today's cybercrimes, which is a key role of cyber security in India, as these types of crimes are becoming more widespread. Organizations can now use the legal framework established by the IT Act of 2000 to conduct e-commerce. Legal validity and sanction have been granted to digital signatures. It also assists the government in issuing web-based notifications, ushering in e-governance. However, the information technology act was last revised in 2008, and technology has advanced significantly since then, consequently, it is critical that the regulations remain current with evolving technologies and improvements. Cybercrime has the potential to be extremely devastating on a global scale. Keeping in mind the consequences of a slack system, regulations must be regularly modified regularly, and new laws enacted to keep up with modern-day offences.
Yash Gupta – Amity University, Noida