Cyber Crime Cases Registered in India : 2010-11
Some Indian Case Studies:
There is tremendous growth of E Commerce in recent times. An influential group of business leaders has urged G 20 to improve the global trade system for the emerging digital economy as well as focus on reforms to ensure strong and sustainable growth. G 20 countries comprises 85 % of world GDP and these countries are UK, USA, India, Argentina, Germany, Maxico, Russia, Turkey, Korea etc. The relevant issues are : harmonization of customer protection rules, purchase processes, eliminate costs and administrative difficulties. This will entail more use of internet, more transactions and technical digital and other issues.
Times of India, Ahmedabad. (22 June, 2015)
2 Cyber Crime
The Cyber Crime Court of Maharashtra (Mumbai) ordered to pay compensation of Rs. 1,06,00,000 to the account holders on account of Credit Card frauds. The authority is functioning under Section 45 of Information Technology Act, 2000. There was a problem with the code for credit cards. The banks are Central Bank of India, Royal Bank of Scotland, Punjab National Bank, IndusInd Bank, Yes Bank and State Bank of India.
(TOI : 14 Jan., 2015)
3 Cyber Crimes
There is a big rise in the Cyber Crimes (as per Information Technology Act, 2000) in India. There were 4192 cyber crimes in 2013 which were 2761 in 2012. If one considers such crimes as per Indian Penal Code also, the number of crimes were 5500. Police has arrested 3301criminals in this regard.
Under Information Technology Act, 2000, there were 681 and 635 crimes in Maharashtra and Andhra Pradesh respectively. In these two states there is 50 per cent rise in cyber crimes. As per National Crimes Records Bureau (NCRB), in 2013 there was 122 per cent increase in cyber crimes in India. Such crimes in other states were : Karnatak (513), Kerala (349), Madhya Pradesh (282) and Rajasthan (239).
In the state of Gujarat, such crimes were 68 in 2012 and 61 in 2013.
(Gujarat Samachar, Ahmedabad).
3 July, 2014
4 NET NEUTRALITY
Last week, a legislation has been introduced in Senate and House of Representatives of US to ban deals where web content companies could pay internet service providers to deliver their traffic to users faster and more reliably. In US, Federal Communications Commission (FCC) is collecting public comments on new Net Neutrality rules.
The rules propose to prohibit internet providers from blocking or slowing down access to web sites. It is required that internet is a platform for free expression where the services can reach consumers based on merit rather than based on a financial relationship with a broad band provider. For real internet freedom, this is a basic requirement.
(Times of India, Ahmedabad)
19 June, 2014
5 Internet cannot override privacy
In a recent judgement, Court of Justice of European Union has opined that a person has right to instruct the internet search engines like google to keep certain personal information of individuals as secret. The Hon. Court opined that to view all the details available on internet, may be dangerous may a times, therfore, a person has the right to instruct the search engines to keep certain personal information as secret, and not accessible. This ruling provides a level of protection against invasion of privacy.
6 Unsafe Wi-Fi Zones
Usually the internet is assessed through computer or laptop. However, the use of internet through smart phones is increasing. Also, there are many open/free Wi-Fi zones in malls, offices, hotels and other places. This may be accessed by hackers and terrorists. By and large, such Wi-Fi zones are unsafe and it requires proper security. This is because, many a times it may be difficult to trace the users since it is openly used by anyone.
Bitcoin was first coined by Santoshi Nakamoto, a Chinese, in 2009. In 2012, its value was $1000. A Bitcoin is mined on a privately owned, specialized computing equipment and passed around by a global network of computers. The transactions are traceable, but the parties are not. In November, 2013, peoples Bank of China objected the use of Bitcoin and told that it is not a recognized currency. Therefore, its value dropped tp $345.
Asia's first Bitcoin ATM was installed in Singapore in February, 2014. However, the reguators and lawmakers have raised a concern that this is not a recognized currency, and be used for fraudulent purposes.
8 Open Source Licensing
Open source licensing is resorted to by many sites. However this has certain legal issues. Basically there can be an issue of copyright. Other relevant issues are questions of enforceability on account of clash of local legislation and international agreement. The rights of a programmer warranties and software patent also needs to detailed study.
9 Cyber Jurisdiction
Internet creates virtual world. There are no demarcated boundaries between the people who utilize the web. The utility extends to information, e-banking, e-commerce, communication etc. the technology is open to hacking, pornography, gambling, identity-theft etc.
This requires understanding of jurisdiction. Various principles have been evolved to decide the jurisdiction. To mention (1) minimum contest test (2) personal jurisdiction (3) long arm statutes. With reference to Indian situation section 75 of Information Technology Act, 2000 contents the provisions regarding jurisdiction. Section 13(3), (4) and (5) also deal with cause of action which is of significance in internet transactions.
Jurisdiction can also be decided on the basis of choice of law, location of server, defendant’s domicile, and place of performance of contract, plaintiff’s domicile and purposeful availment.
10 Andhra Pradesh Tax Case
Dubious tactics of a prominent businessman from Andhra Pradesh was exposed after officials of the department got hold of computers used by the accused person. The owner of a plastics firm was arrested and Rs 22 crore cash was recovered from his house by sleuths of the Vigilance Department. They sought an explanation from him regarding the unaccounted cash within 10 days.
The accused person submitted 6,000 vouchers to prove the legitimacy of trade and thought his offence would go undetected but after careful scrutiny of vouchers and contents of his computers it revealed that all of them were made after the raids were conducted.
It later revealed that the accused was running five businesses under the guise of one company and used fake and computerised vouchers to show sales records and save tax.
SELECTED ASIA / PACIFIC CASES:
The following section provides a selection of actions taken against file-sharing Web sites and P2P services in the Asia/Pacific region, focusing on Australia, China, Japan and South Korea.
1. In Australia’s largest copyright infringement case, three university students received criminal sentences for running a Web site called MP3/WMA Land, which offered more than 1,800 pirated songs for download. In light of their age at the time and the fact that they never profited from their actions, the court warranted 18-month suspended sentences for two of the students and an additional fine of US$5,000 for one of them. Moreover, one student and a third participant were given 200 hours of community service.
2. Reportedly, China has become a leading exporter of counterfeit and pirated goods to the world. The U.S. industry estimates the value of counterfeit goods in China at US$19 billion to US$24 billion, with losses to U.S. companies exceeding US$1.8 billion a year. The severe piracy problems derive from a combination of cultural, historic and economic factors and are further aggravated by inconsistent, weak enforcement by officials. File-sharing Web sites and networks such as Jelawat and Kuro have been developing rapidly, too. The distributors of P2P software claim that file-sharing falls within the private use exception to copyright, but the Supreme People’s Court of China rejected this interpretation. Increasingly, copyright owners and right organizations are challenging file-sharing Web sites on copyright infringement claims.
3. The Beijing No 1 People’s Court ruled in April 2004 that the Web site chinamp3.com violated the IP rights of Hong Kong-based entertainment companies Go East Entertainment and Sony Music Entertainment (Hong Kong), and ordered the site to pay US$19,000 in damages. The suit concerned the unauthorized distribution of MP3 music files. The defendant argued that he had merely provided links for download and not a direct download service, and therefore should not be held responsible for the IP rights violations. According to observers, the court’s ruling may prove to be a significant development in the nascent field of Chinese copyright enforcement in the digital age.
11 PARLIAMENT ATTACK CASE
Bureau of Police Research and Development at Hyderabad had handled some of the top cyber cases, including analysing and retrieving information from the laptop recovered from terrorist, who attacked Parliament. The laptop which was seized from the two terrorists, who were gunned down when Parliament was under siege on December 13 2001, was sent to Computer Forensics Division of BPRD after computer experts at Delhi failed to trace much out of its contents.
The laptop contained several evidences that confirmed of the two terrorists’ motives, namely the sticker of the Ministry of Home that they had made on the laptop and pasted on their ambassador car to gain entry into Parliament House and the the fake ID card that one of the two terrorists was carrying with a Government of India emblem and seal.
The emblems (of the three lions) were carefully scanned and the seal was also craftly made along with residential address of Jammu and Kashmir. But careful detection proved that it was all forged and made on the laptop.
12 State of Tamil Nadu Vs Suhas Katti
The Case of Suhas Katti is notable for the fact that the conviction was achieved successfully within a relatively quick time of 7 months from the filing of the FIR. Considering that similar cases have been pending in other states for a much longer time, the efficient handling of the case which happened to be the first case of the Chennai Cyber Crime Cell going to trial deserves a special mention.
The case related to posting of obscene, defamatory and annoying message about a divorcee woman in the yahoo message group. E-Mails were also forwarded to the victim for information by the accused through a false e-mail account opened by him in the name of the victim. The posting of the message resulted in annoying phone calls to the lady in the belief that she was soliciting.
Based on a complaint made by the victim in February 2004, the Police traced the accused to Mumbai and arrested him within the next few days. The accused was a known family friend of the victim and was reportedly interested in marrying her. She however married another person. This marriage later ended in divorce and the accused started contacting her once again. On her reluctance to marry him, the accused took up the harassment through the Internet.
On 24-3-2004 Charge Sheet was filed u/s 67 of IT Act 2000, 469 and 509 IPC before The Hon’ble Addl. CMM Egmore by citing 18 witnesses and 34 documents and material objects. The same was taken on file in C.C.NO.4680/2004. On the prosecution side 12 witnesses were examined and entire documents were marked as Exhibits.
The Defence argued that the offending mails would have been given either by ex-husband of the complainant or the complainant her self to implicate the accused as accused alleged to have turned down the request of the complainant to marry her.
Further the Defence counsel argued that some of the documentary evidence was not sustainable under Section 65 B of the Indian Evidence Act. However, the court relied upon the expert witnesses and other evidence produced before it, including the witnesses of the Cyber Cafe owners and came to the conclusion that the crime was conclusively proved. Ld. Additional Chief Metropolitan Magistrate, Egmore, delivered the judgement on 5-11-04 as follows:
" The accused is found guilty of offences under section 469, 509 IPC and 67 of IT Act 2000 and the accused is convicted and is sentenced for the offence to undergo RI for 2 years under 469 IPC and to pay fine of Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1 year Simple imprisonment and to pay fine of Rs.500/- and for the offence u/s 67 of IT Act 2000 to undergo RI for 2 years and to pay fine of Rs.4000/- All sentences to run concurrently."
The accused paid fine amount and he was lodged at Central Prison, Chennai. This is considered as the first case convicted under section 67 of Information Technology Act 2000 in India.
13 Baazee.com case
CEO of Baazee.com was arrested in December 2004 because a CD with objectionable material was being sold on the website. The CD was also being sold in the markets in Delhi. The Mumbai city police and the Delhi Police got into action. The CEO was later released on bail. This opened up the question as to what kind of distinction do we draw between Internet Service Provider and Content Provider. The burden rests on the accused that he was the Service Provider and not the Content Provider. It also raises a lot of issues regarding how the police should handle the cyber crime cases and a lot of education is required.
14 Pune Citibank MphasiS Call Center Fraud
US $ 3,50,000 from accounts of four US customers were dishonestly transferred to bogus accounts. This will give a lot of ammunition to those lobbying against outsourcing in US. Such cases happen all over the world but when it happens in India it is a serious matter and we can not ignore it. It is a case of sourcing engineering. Some employees gained the confidence of the customer and obtained their PIN numbers to commit fraud. They got these under the guise of helping the customers out of difficult situations. Highest security prevails in the call centers in India as they know that they will lose their business. There was not as much of breach of security but of sourcing engineering.
The call center employees are checked when they go in and out so they can not copy down numbers and therefore they could not have noted these down. They must have remembered these numbers, gone out immediately to a cyber café and accessed the Citibank accounts of the customers.
All accounts were opened in Pune and the customers complained that the money from their accounts was transferred to Pune accounts and that’s how the criminals were traced. Police has been able to prove the honesty of the call center and has frozen the accounts where the money was transferred.
There is need for a strict background check of the call center executives. However, best of background checks can not eliminate the bad elements from coming in and breaching security. We must still ensure such checks when a person is hired. There is need for a national ID and a national data base where a name can be referred to. In this case preliminary investigations do not reveal that the criminals had any crime history. Customer education is very important so customers do not get taken for a ride. Most banks are guilt of not doing this.