it act 2000 finall ppt (1)
TRANSCRIPT
Information Technology Act 2000
Rather Than Giving Information And Technology, Gives Rise To More
Cyber Crimes
15/04/2023Information technology Act 2000 2
Group 1
Group Members:
Jimit Mehta- 1
Siddhant Chavan- 3
Tanay Lokhare- 5
Siddhesh Waman- 7
Ayaz Mohmin-9
Pallavi Adkar- 11
Ranjit Kadam- 13
Sneha Silveri- 15
Ajinkya Wanjalkar- 17
Saumitra Panchal- 19
15/04/2023Information technology Act 2000 3
Overview
Sr. No.
Topics
1. Introduction of IT Act
2. Need of IT Act
3. Important Terms
4. IT Amendment Act, 2008
5. Digital Signature, Electronic Signature, E- Governance, Certifying authority, Data confidentiality
6. Cyber Crime (Types of Cyber crime)
7. Sections
8. NASSCOM (Initiatives by Nasscom)
9. IT Act in India and Brazil
10. Role of IT in Banking Sector
11. Case Studies
15/04/2023Information technology Act 2000 4
"The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb".
– National Research Council, "Computers at Risk", 1991.
15/04/2023Information technology Act 2000 5
Introduction Information Technology - anything related to computing
technology.
Enacted on 17th May 2000.
India - 12th nation to adopted it.
Based on - UNCITRAL
Aims to provide the legal infrastructure/framework.
Focus- recognition of electronic records &
facilitation of e-commerce.
15/04/2023Information technology Act 2000 6
Need of I.T. Act 2000
National Reasons
Increasing use of ICTs - business transactions and entering into contracts
No legal protection
Signatory to UNCITRAL
International Reasons
International trade through electronic means.
UNCITRAL had adopted a Model Law on Electronic Commerce in 1996.
The General Assembly of the United Nations- 31st January, 1997
World Trade Organization (WTO)- Electronic medium for transactions.
Crime is no longer limited to space, time or a group of people. Cyber space creates moral, civil and criminal wrongs.
15/04/2023Information technology Act 2000 7
OBJECTIVES
Legal recognition- Digital
Signature ,Transactions & books of
accounts by bankers and other companies in electronic form.
Filling document online. Electronic storage.
Computer crime and Protect privacy.
Make more power to IPO, RBI and Indian
Evidence act.
15/04/2023Information technology Act 2000 8
Advantages and Disadvantages
Advantages
Helpful to promote e-commerce
Enhance the corporate business
Filling online forms
High penalty for cyber crime
Disadvantages
Infringement of copyright has not been included in this law.
No protection for domain names.
The act is not applicable on the power of attorney, trusts and will.
Act is silent on taxation.
No, provision of payment of stamp duty on electronic documents.
There are two sides to a same coin.
15/04/2023Information technology Act 2000 9
Important terms
Computer system
Communication Device
Data
Asymmetric crypto system
Certification practice
Electronic form
Secure System
15/04/2023Information technology Act 2000 10
IT Amendment Act, 2008 Substantial addition to India's Information Technology Act (ITA-2000)
Created to address issues that the original bill failed to cover and to accommodate further development of IT and related security concerns since the original law was passed
Adopted electronic signatures as a legally valid mode of executing signatures
Corporate responsibility introduced in Section- 43A
Important definitions added- Section 2(ha)- “Communication device “ and Section 2 (w) –“intermediary”
Legal validity of electronic documents
New cybercrimes as offences under amended Act
Section 67 C to play a significant role in cyber crime
15/04/2023Information technology Act 2000 11
DIGITAL SIGNATURE
Enabling a person - traditional signature.
Function of digital signature
is to authenticate the document
to identify the person
to make the contents of the document binding on person putting digital signature.
Ensure that an electronic document - authentic.
Encryption Encoding Decoding
15/04/2023Information technology Act 2000 12
The Public Key is what its name suggests - Public. It is made available to everyone via a publicly accessible repository or directory. On the other hand, the Private Key must remain
confidential to its respective owner.
15/04/2023Information technology Act 2000 13
Electronic Signature
Various methods by which one can sign an electronic record.
Defined under section 2(ta) of the IT Act 2000 and inserted by Information Technology Amendment Act 2008 (ITAA)
Major amendments of IT act 2000 - legally valid mode of executing signatures.
Typed name or a digitized image of a handwritten signature.
Digital signatures as one of the modes of signatures
15/04/2023Information technology Act 2000 14
E-Governance
Chapter 3 of the IT Act, 2000 (Sections 4-10A) deals with e-governance.
Application of ICTs to the processes of government functioning.
Technology driven governance.
Purpose-
for delivering government services
exchange of information communication transactions
integration of various stand-alone systems and services
Three main target groups
15/04/2023Information technology Act 2000 15
Government to
Customer (Citizen)
Government to
employees
Government to
Government
Government to
Business.
Four basic models are available in E-
Governance
15/04/2023Information technology Act 2000 16
CERTIFYING AUTHORITY Section 24 under Information Technology Act 2000.
Certifying Authority" - granted a license to issue Digital Signature Certificates.
Central responsibility –
issue
renew and
provide directories of Digital Certificates.
Equivalent - the passport issuing office in the Government.
a user's certificate - acts as a proof.
License-
Controller of Certifying Authority,
Ministry of Information Technology, and
Government of India
15/04/2023Information technology Act 2000 17
DATA CONFIDENTIALITY
Social Security number
Credit card number
Driver’s license number
Bank account number
Protected health information
Information Technology Amendment Act, 2008 through Sections 43A and 72A.
CASE: : Government Department admits inappropriate access to records by an official
Confidential data
15/04/2023Information technology Act 2000 18
Cyber CrimeA crime in which a computer is the object .
CYBER CRIMES
Cybercrimes against persons.
Cybercrimes against
property.
Cybercrimes against
government.
• Coders• Kids• Drops• Mobs
Cyber Criminals
15/04/2023Information technology Act 2000 19
Types of Cyber Crimes
Hacking
Identity Theft
Pornography
• Phishing• Email Spoofing
Case Study
15/04/2023Information technology Act 2000 20
SectionsSection 43: Penalty and compensation for damage to computer, computer• A person without
the permission of an owner or person in-charge of computer, accesses or secures access to such computer.
• Damages any computer
• Causes disruption to any computer
• Destroys, deletes or alters information
• Steals, conceals, destroys any computer source code
Section 43 (A): Compensation for
failure to protect data
When a body corporate dealing any sensitive or personal data is negligent in
maintaining reasonable security
practices and procedures.
Section 66 (A) : Punishment for
sending offensive messages through
communication service
• Information that is grossly offensive or has menacing character.
• Electronic mail message causing annoyance and misleading the recipient about origin of such messages.
15/04/2023Information technology Act 2000 21
Section 66 E: Punishment for
violation of Privacy Policy
• Anybody intentionally capturing or publishing the image of private area of any person without their consent.
• Imprisonment : 3 years, or fine not exceeding Rs. 2 lacs
Example: Engineering students arrested by police in Nagpur
Section 66 F : Punishment for Cyber
Terrorism
Person with the intention to threaten the unity, integrity, security or sovereignty of India.
CASE ON PARLIAMENT ATTACK
Section 66 D: Punishment for cheating by personation by using
computer resource
• Whoever cheats by using communication or computer device should be imprisoned (extent to 3 years) or liable to fine which may exceed Rs. 1 lacs
Example: A complaint filed by the representative of a Company engaged in the business of trading and distribution of petrochemicals in India and overseas
15/04/2023Information technology Act 2000 22
Section 67: Punishment for publishing or transmitting obscene material in electronic form
• Example: The CEO of online auction website bazee.com arrested
Section 67 B: Punishment for publishing or transmitting material depicting children in sexually explicit act
• Whoever transmits material in any electronic form which depicts children engaged in sexual activity
15/04/2023Information technology Act 2000 23
NASSCOM Trade association of Indian Information Technology (IT) and Business
Process Outsourcing (BPO) industry
Helps the IT and IT enabled products and services industry in India
One of the major objectives: Facilitate growth and maintain India’s leadership position as a trusted and safe place to do business
Activities:
(i) Policy advocacy: Enabled strong partnership with government
(ii) Industry development : Strong focus on industry research and tracking industry performance
(iii) Membership engagement : Enabled special interest groups
(iv) Entrepreneurship: Promoting and nurturing small companies
(v) Enabling environment: Creation of special programs and rewards
15/04/2023Information technology Act 2000 24
Recent initiatives by NASSCOM
Global trade development
EGov Reach
Start- up warehouse
15/04/2023Information technology Act 2000 25
India and Brazil(Background)
Brazil – India relations refers to the bilateral relations.
Historical ties as a result of the Portuguese Empire.
Co-operated in the multilateral level on issues such as international trade and development, environment, reform of the UN and the UNSC expansion.
Co-operation - science and technology, pharmaceuticals and space.
15/04/2023Information technology Act 2000 26
I.T. Act in India and Brazil
India It does not establish any
specific data protection or privacy principles, no such term as “personal data” is defined.
In June, 2011, India passed a new privacy package that included various new rules that apply to companies and consumers.
Credit Information Companies (Regulation) Act - May 2005.
Steps to ensure that the data relating to the credit information.
Brazil There are only basic protection
laws (Privacy laws) and no data protection law in Brazil – Personal data defined.
Brazil recognizes the central value of the protection of the privacy of individuals.
June 9th 2011- Credit Information Law (CIL).
This legal instrument forbids the processing of excessive information and sensitive information.
15/04/2023Information technology Act 2000 27
Statistics
The Top 10 Countries chart is lead by US which suffered nearly
1 attack on 2, well ahead of UK (5%) and India (3%).
15/04/2023Information technology Act 2000 28
The following graph shows the upward trend or growth ofCyber crimes from the year 2011 to expected growth in 2015
% of growth compared toPrevious year:
• 2012- 65.85%• 2013- 225.39%• 2014- 107.93%• 2015- 102%
15/04/2023Information technology Act 2000 29
State-wise cases per section
15/04/2023Information technology Act 2000 30
82.71% 66.10% 52.92% 48.16%
The following are the percentage of arrests compared to cases registeredIt shows a declining trend in the cases registered and arrests
15/04/2023Information technology Act 2000 31
Role of IT in Banking Sector
India has already started make use of IT in various sectors - Automobile, Advertisements and Banking.
Banking sector got a boost by introduction of IT .
Technological changes in banking sector.
Growth of banking sector facilitates economic growth.
Ease in opening bank accounts.
Increased privacy, security.
Intellectual property protection.
Monitoring money becomes easy for government.
IT improves the front end operations with back end operations and helps in bringing down the transaction costs for the customers
15/04/2023Information technology Act 2000 32
IT can reduce banks’ operational costs
IT can facilitate transactions among customers within the same network(ATM)
Arrival of card-based payments- Debit/ Credit card in late 1980s and 90s.
Introduction of Electronic Clearing Services (ECS) in late 1990s.
Introduction of Electronic Fund Transfer (EFT) in early 2000s.
Introduction of RTGS in March 2004.
Introduction of National Electronic Fund Transfer (NEFT) as a replacement to Electronic Fund Transfer/Special Electronic Fund Transfer in 2005/2006.
CTS in 2007.
15/04/2023Information technology Act 2000 33
Emerging Trends in Banking Sector Financial Inclusion
Mobile Banking
Electronic Payments
CRM Initiatives
IT Implementation and Management
IT for Internal Effectiveness
Managing IT Risk
T for business innovation
IT can reduce banks’ operational costs
transforming the “Brick-and-mortar” bank branches to a modified network system in “core banking solutions”.
Persons also can shift funds in a straight line using e- wallets
It act helps in curbing credit card and atm frauds.
15/04/2023Information technology Act 2000 34
CASE 1: Pune Citibank Mphasis BPO Fraud: 2005
December 2004
four call center employees
Obtained PIN codes from four customers of Mphasis’ client, CitiGroup.
Withdraw cash from the falsified accounts
$426,000 was stolen -- recovered was $230,000.
Verdict: Court held that Section 43(a) was applicable here due to the nature of unauthorized access involved to commit transactions.
SECTION 43(A). Compensation for failure to protect data
15/04/2023 35
CASE 2: Parliament Attack Case
SECTION 66 F : Punishment for Cyber Terrorism
Terrorists attacked the Parliament House on 13th December, 2001
Several killed by police in the encounter
Digital evidence played an important role in this case
A laptop, several smart media storage disks and devices recovered from a truck intercepted at Srinagar
Mohammad Afzal Guru (1969 - 9 February 2013), convicted by Indian court for the December 2001 attack on the Indian Parliament
Conclusion of the court
Information technology Act 2000
15/04/2023Information technology Act 2000 36
CASE 3: HSBC customers hit by phishing attack
The phishing attack follows a reported hacking attack on Emirates Bank and a fraud incident in dubai
Credentials verification- Security emails Phishing and Trust Manipulation
Paypal Verification Credentials Theft
HSBC Verification Credentials Stealing
15/04/2023Information technology Act 2000 37
THANKYOU