Add-on Course on Cyber Law (PDF)

Add on Course on Cyber Law SDM Law College Mangalore Compilation of Study materials Prepared by Karthik Anand Assistant Professor of Law SDM Law College Mangalore ...

Add on Course on Cyber Law SDM Law College Mangalore Compilation of Study materials Prepared by Karthik Anand Assistant Professor of Law SDM Law College Mangalore Unit - 1 Overview of Computer and Web Internet Internet is defined as an Information super Highway, to access information over the web. However, It can be defined in many ways as follows: Internet is a world-wide global system of interconnected computer networks. Internet uses the standard Internet Protocol (TCP/IP). Every computer in internet is identified by a unique IP address. IP Address is a unique set of numbers (such as 110.22.33.114) which identifies a computer location. A special computer DNS (Domain Name Server) is used to give name to the IP Address so that user can locate a computer by a name. For example, a DNS server will resolve a name http://www.tutorialspoint.com to a particular IP address to uniquely identify the computer on which this website is hosted. Internet is accessible to every user all over the world. Evolution The concept of Internet was originated in 1969 and has undergone several technological & Infrastructural changes as discussed below: The origin of Internet devised from the concept of Advanced Research Project Agency Network (ARPANET). ARPANET was developed by United States Department of Defense. Basic purpose of ARPANET was to provide communication among the various bodies of government. Initially, there were only four nodes, formally called Hosts. In 1972, the ARPANET spread over the globe with 23 nodes located at different countries and thus became known as Internet. By the time, with invention of new technologies such as TCP/IP protocols, DNS, WWW, browsers, scripting languages etc.,Internet provided a medium to publish and access information over the web. Internet allows us to communicate with the people sitting at remote locations. There are various apps available on the wed that uses Internet as a medium for communication. One can find various social networking sites such as: o Facebook o Twitter o Yahoo o Google+ o Flickr o Orkut One can surf for any kind of information over the internet. Information regarding various topics such as Technology, Health & Science, Social Studies, Geographical Information, Information Technology, Products etc can be surfed with help of a search engine. Apart from communication and source of information, internet also serves a medium for entertainment. Following are the various modes for entertainment over internet. o Online Television o Online Games o Songs o Videos o Social Networking Apps Internet allows us to use many services like: o Internet Banking o Matrimonial Services o Online Shopping o Online Ticket Booking o Online Bill Payment o Data Sharing o E-mail Internet provides concept of electronic commerce, that allows the business deals to be conducted on electronic systems There are always chances to loose personal information such as name, address, credit card number. Therefore, one should be very careful while sharing such information. One should use credit cards only through authenticated sites. Another disadvantage is the Spamming.Spamming corresponds to the unwanted e-mails in bulk. These e-mails serve no purpose and lead to obstruction of entire system. Virus can easily be spread to the computers connected to internet. Such virus attacks may cause your system to crash or your important data may get deleted. Also a biggest threat on internet is pornography. There are many pornographic sites that can be found, letting your children to use internet which indirectly affects the children healthy mental life. There are various websites that do not provide the authenticated information. This leads to misconception among many people. Computer: Definition A computer is a machine that can be programmed to manipulate symbols. Its principal characteristics are: It responds to a specific set of instructions in a well-defined manner. It can execute a prerecorded list of instructions (a program). It can quickly store and retrieve large amounts of data. Therefore computers can perform complex and repetitive procedures quickly, precisely and reliably. Modern computers are electronic and digital. The actual machinery (wires, transistors, and circuits) is called hardware; the instructions and data are called software. All general-purpose computers require the following hardware components: Central processing unit (CPU): The heart of the computer, this is the component that actually executes instructions organized in programs ("software") which tell the computer what to do. Memory (fast, expensive, short-term memory): Enables a computer to store, at least temporarily, data, programs, and intermediate results. Mass storage device (slower, cheaper, long-term memory): Allows a computer to permanently retain large amounts of data and programs between jobs. Common mass storage devices include disk drives and tape drives. Input device: Usually a keyboard and mouse, the input device is the conduit through which data and instructions enter a computer. Output device: A display screen, printer, or other device that lets you see what the computer has accomplished. In addition to these components, many others make it possible for the basic components to work together efficiently. For example, every computer requires a bus that transmits data from one part of the computer to another. II, Computer sizes and power Computers can be generally classified by size and power as follows, though there is considerable overlap: Personal computer: A small, single-user computer based on a microprocessor. Workstation: A powerful, single-user computer. A workstation is like a personal computer, but it has a more powerful microprocessor and, in general, a higher- quality monitor. Minicomputer: A multi-user computer capable of supporting up to hundreds of users simultaneously. Mainframe: A powerful multi-user computer capable of supporting many hundreds or thousands of users simultaneously. Supercomputer: An extremely fast computer that can perform hundreds of millions of instructions per second. Supercomputer and Mainframe Supercomputer is a broad term for one of the fastest computers currently available. Supercomputers are very expensive and are employed for specialized applications that require immense amounts of mathematical calculations (number crunching). For example, weather forecasting requires a supercomputer. Other uses of supercomputers scientific simulations, (animated) graphics, fluid dynamic calculations, nuclear energy research, electronic design, and analysis of geological data (e.g. in petrochemical prospecting). Perhaps the best known supercomputer manufacturer is Cray Research. Minicomputer It is a midsize computer. In the past decade, the distinction between large minicomputers and small mainframes has blurred, however, as has the distinction between small minicomputers and workstations. But in general, a minicomputer is a multiprocessing system capable of supporting from up to 200 users simultaneously. Workstation It is a type of computer used for engineering applications (CAD/CAM), desktop publishing, software development, and other types of applications that require a moderate amount of computing power and relatively high quality graphics capabilities. Workstations generally come with a large, high-resolution graphics screen, at large amount of RAM, built-in network support, and a graphical user interface. Most workstations also have a mass storage device such as a disk drive, but a special type of workstation, called a diskless workstation, comes without a disk drive. The most common operating systems for workstations are UNIX and Windows NT. Personal computer: It can be defined as a small, relatively inexpensive computer designed for an individual user. In price, personal computers range anywhere from a few hundred pounds to over five thousand pounds. All are based on the microprocessor technology that enables manufacturers to put an entire CPU on one chip. Businesses use personal computers for word processing, accounting, desktop publishing, and for running spreadsheet and database management applications. At home, the most popular use for personal computers is for playing games and recently for surfing the Internet. Personal computers first appeared in the late 1970s. One of the first and most popular personal computers was the Apple II, introduced in 1977 by Apple Computer. During the late 1970s and early 1980s, new models and competing operating systems seemed to appear daily. Then, in 1981, IBM entered the fray with its first personal computer, known as the IBM PC. The IBM PC quickly became the personal computer of choice, and most other personal computer manufacturers fell by the wayside. P.C. is short for personal computer or IBM PC. One of the few companies to survive IBM's onslaught was Apple Computer, which remains a major player in the personal computer marketplace. Other companies adjusted to IBM's dominance by building IBM clones, computers that were internally almost the same as the IBM PC, but that cost less. Because IBM clones used the same microprocessors as IBM PCs, they were capable of running the same software. Over the years, IBM has lost much of its influence in directing the evolution of PCs. Therefore after the release of the first PC by IBM the term PC increasingly came to mean IBM or IBM-compatible personal computers, to the exclusion of other types of personal computers, such as Macintoshes. In recent years, the term PC has become more and more difficult to pin down. In general, though, it applies to any personal computer based on an Intel microprocessor, or on an Intel-compatible microprocessor. For nearly every other component, including the operating system, there are several options, all of which fall under the rubric of PC III, Personal Computer Types Actual personal computers can be generally classified by size and chassis / case. The chassis or case is the metal frame that serves as the structural support for electronic components. Every computer system requires at least one chassis to house the circuit boards and wiring. The chassis also contains slots for expansion boards. If you want to insert more boards than there are slots, you will need an expansion chassis, which provides additional slots. There are two basic flavors of chassis designs–desktop models and tower models–but there are many variations on these two basic types. Then come the portable computers that are computers small enough to carry. Portable computers include notebook and subnotebook computers, hand-held computers, palmtops, and PDAs. Tower model The term refers to a computer in which the power supply, motherboard, and mass storage devices are stacked on top of each other in a cabinet. This is in contrast to desktop models, in which these components are housed in a more compact box. The main advantage of tower models is that there are fewer space constraints, which makes installation of additional storage devices easier. Desktop model A computer designed to fit comfortably on top of a desk, typically with the monitor sitting on top of the computer. Desktop model computers are broad and low, whereas tower model computers are narrow and tall. Because of their shape, desktop model computers are generally limited to three internal mass storage devices. Desktop models designed to be very small are sometimes referred to as slimline models. Notebook computer An extremely lightweight personal computer. Notebook computers typically weigh less than 6 pounds and are small enough to fit easily in a briefcase. Aside from size, the principal difference between a notebook computer and a personal computer is the display screen. Notebook computers use a variety of techniques, known as flat-panel technologies, to produce a lightweight and non-bulky display screen. The quality of notebook display screens varies considerably. In terms of computing power, modern notebook computers are nearly equivalent to personal computers. They have the same CPUs, memory capacity, and disk drives Laptop computer A small, portable computer -- small enough that it can sit on your lap. Nowadays, laptop computers are more frequently called notebook computers. Subnotebook computer A portable computer that is slightly lighter and smaller than a full-sized notebook computer. Typically, subnotebook computers have a smaller keyboard and screen, but are otherwise equivalent to notebook computers. Hand-held computer A portable computer that is small enough to be held in one’s hand. Although extremely convenient to carry, handheld computers have not replaced notebook computers because of their small keyboards and screens. The most popular hand-held computers are those that are specifically designed to provide PIM (personal information manager) functions, such as a calendar and address book. Some manufacturers are trying to solve the small keyboard problem by replacing the keyboard with an electronic pen. However, these pen- based devices rely on handwriting recognition technologies, which are still in their infancy. Hand-held computers are also called PDAs, palmtops and pocket computers. Palmtop A small computer that literally fits in your palm. Compared to full-size computers, palmtops are severely limited, but they are practical for certain functions such as phone books and calendars. Palmtops that use a pen rather than a keyboard for input are often called hand-held computers or PDAs. Because of their small size, most palmtop computers do not include disk drives. However, many contain PCMCIA slots in which you can insert disk drives, modems, memory, and other devices. Palmtops are also called PDAs, hand-held computers and pocket computers. PDA Short for personal digital assistant, a handheld device that combines computing, telephone/fax, and networking features. A typical PDA can function as a cellular phone, fax sender, and personal organizer. Unlike portable computers, most PDAs are pen- based, using a stylus rather than a keyboard for input. This means that they also incorporate handwriting recognition features. Some PDAs can also react to voice input by using voice recognition technologies. The field of PDA was pioneered by Apple Computer, which introduced the Newton MessagePad in 1993. Shortly thereafter, several other manufacturers offered similar products. To date, PDAs have had only modest success in the marketplace, due to their high price tags and limited applications. However, many experts believe that PDAs will eventually become common gadgets. By definition, components of a computer system are the primary elements which make the functioning of an electronic device smooth and faster. There are five basic components which include: 1. Input Unit 2. Output Unit 3. Memory Unit 4. Control Unit 5. Arithmetical and Logical Unit Given below are the 5 components of computer along with their purpose and function. Input Unit A computer will only respond when a command is given to the device. These commands can be given using the input unit or the input devices. For example: Using a keyboard we can type things on a Notepad and the computer processes the entered data and then displays the output of the same of the screen. The data entered can be in the form of numbers, alphabet, images, etc. We enter the information using an input device, the processing units convert it into computer understandable languages and then the final output is received by a human- understandable language. Output Unit When we command a computer to perform a task, it reverts back for the action performed and gives us a result. This result is called output. There are various output devices connected to the computer. The most basic of which is a monitor. Whatever we write using a keyboard or click using a mouse, is all displayed on the monitor. Thus, the output unit gives us the final result once the entire processing is done within the mechanism of a device. For example: when we visit an ATM, we enter our details like language, pin, amount to be withdrawn, etc. and then the final money which the cash dispenser releases is our outcome. In this case, the cash dispenser acts as an output unit. Memory Unit When we enter the data into the computer using an input device, the entered information immediately gets saved in the memory unit of the Central Processing Unit (CPU). Because of the presence of some existing programming, the Memory Unit transmits the data further to the other parts of the CPU. Similarly, when the output of our command is processed by the computer, it is saved in the memory unit before giving the output to the user. Control Unit This is the core unit which manages the entire functioning of the computer device. It is one of the most essential components of the computer system. The Control Unit collects the data entered using the input unit, leads it on for processing and once that is done, receives the output and presents it to the user. It can be said to the centre of all processing actions taking place inside a computer device. Arithmetic & Logical Unit As the name suggests, all the mathematical calculations or arithmetic operations are performed in the Arithmetic and Logical Unit of the CPU. Central Processing Unit (CPU) The Central Processing Unit is the core of any computer devices. It comprises of three major components of the computer which have been discussed above: Memory Unit Control Unit Arithmetic and Logical Unit All these three units are elements of CPU and together help in efficient working and processing of data. It is also known as the “Brain of Computer” and no action can be conducted by a device without the execution and permission of the Central Processing Unit. The device is a close knit circuit comparison microprocessor which helps in fetching the data and proving suitable results to the user. Thus, CPU is the main processing unit of the computer. Also, while discussing the various components of computers, it must be known that a device which is so complex and intricately made using circuits and wires comprises various other elements which affects its overall programming and performance. Memory is the electronic holding place for the instructions and data a computer needs to reach quickly. It's where information is stored for immediate use. Memory is one of the basic functions of a computer, because without it, a computer would not be able to function properly. Memory is also used by a computer's operating system, hardware and software. There are technically two types of computer memory: primary and secondary. The term memory is used as a synonym for primary memory or as an abbreviation for a specific type of primary memory called random access memory (RAM). This type of memory is located on microchips that are physically close to a computer's microprocessor. If a computer's central processer (CPU) had to only use a secondary storage device, computers would become much slower. In general, the more memory (primary memory) a computing device has, the less frequently the computer must access instructions and data from slower (secondary) forms of storage. How does computer memory work? When a program is open, it is loaded from secondary memory to primary memory. Because there are different types of memory and storage, an example of this could be a program being moved from a solid-state drive (SSD) to RAM. Because primary storage is accessed faster, the opened program will be able to communicate with the computer's processor at quicker speeds. The primary memory can be accessed immediately from temporary memory slots or other storage locations. Memory is volatile, which means that data in memory is stored temporarily. Once a computing device is turned off, data stored in volatile memory will automatically be deleted. When a file is saved, it will be sent to secondary memory for storage. There are multiple types of memory available to a computer. It will operate differently depending on the type of primary memory used, but in general, semiconductor-based memory is most associated with memory. Semiconductor memory will be made of integrated circuits with silicon-based metal-oxide-semiconductor (MOS) transistors. Types of computer memory In general, memory can be divided into primary and secondary memory; moreover, there are numerous types of memory when discussing just primary memory. Some types of primary memory include the following Cache memory. This temporary storage area, known as a cache, is more readily available to the processor than the computer's main memory source. It is also called CPU memory because it is typically integrated directly into the CPU chip or placed on a separate chip with a bus interconnect with the CPU. RAM. The term is based on the fact that any storage location can be accessed directly by the processor. Dynamic RAM. DRAM is a type of semiconductor memory that is typically used by the data or program code needed by a computer processor to function. Static RAM. SRAM retains data bits in its memory for as long as power is supplied to it. Unlike DRAM, which stores bits in cells consisting of a capacitor and a transistor, SRAM does not have to be periodically refreshed. Double Data Rate SDRAM. DDR SRAM is SDRAM that can theoretically improve memory clock speed to at least 200 MHz. Double Data Rate 4 Synchronous Dynamic RAM. DDR4 RAM is a type of DRAM that has a high-bandwidth interface and is the successor to its previous DDR2 and DDR3 versions. DDR4 RAM allows for lower voltage requirements and higher module density. It is coupled with higher data rate transfer speeds and allows for dual in-line memory modules (DIMMS) up to 64 GB. Rambus Dynamic RAM. DRDRAM is a memory subsystem that promised to transfer up to 1.6 billion bytes per second. The subsystem consists of RAM, the RAM controller, the bus that connects RAM to the microprocessor and devices in the computer that use it. Read-only memory. ROM is a type of computer storage containing nonvolatile, permanent data that, normally, can only be read and not written to. ROM contains the programming that enables a computer to start up or regenerate each time it is turned on. Programmable ROM. PROM is ROM that can be modified once by a user. It enables a user to tailor a microcode program using a special machine called a PROM programmer. Erasable PROM. EPROM is programmable read-only memory PROM that can be erased and re-used. Erasure is caused by shining an intense ultraviolet light through a window designed into the memory chip. Electrically erasable PROM. EEPROM is a user-modifiable ROM that can be erased and reprogrammed repeatedly through the application of higher than normal electrical voltage. Unlike EPROM chips, EEPROMs do not need to be removed from the computer to be modified. However, an EEPROM chip must be erased and reprogrammed in its entirety, not selectively. Virtual memory. A memory management technique where secondary memory can be used as if it were a part of the main memory. Virtual memory uses hardware and software to enable a computer to compensate for physical memory shortages by temporarily transferring data from RAM to disk storage. Timeline of the history and evolution of computer memory In the early 1940s, memory was only available up to a few bytes of space. One of the more significant signs of progress during this time was the invention of acoustic delay line memory. This technology enabled delay lines to store bits as sound waves in mercury, and quartz crystals to act as transducers to read and write bits. This process could store a few hundred thousand bits. In the late 1940s, nonvolatile memory began to be researched, and magnetic-core memory -- which enabled the recall of memory after a loss of power -- was created. By the 1950s, this technology had been improved and commercialized and led to the invention of PROM in 1956. Magnetic-core memory became so widespread that it was the main form of memory until the 1960s. Metal-oxide-semiconductor field-effect transistors, also known as MOS semiconductor memory, was invented in 1959. This enabled the use of MOS transistors as elements for memory cell storage. MOS memory was cheaper and needed less power compared to magnetic-core memory. Bipolar memory, which used bipolar transistors, started being used in the early 1960s. In 1961, Bob Norman proposed the concept of solid-state memory being used on an integrated circuit (IC) chip. IBM brought memory into the mainstream in 1965. However, users found solid-state memory to be too expensive to use at the time compared to other memory types. Other advancements during the early to mid-1960s were the invention of bipolar SRAM, Toshiba's introduction of DRAM in 1965 and the commercial use of SRAM in 1965. The single-transistor DRAM cell was developed in 1966, followed by a MOS semiconductor device used to create ROM in 1967. From 1968 to the early 1970s, N-type MOS (NMOS) memory also started to become popularized. By the early 1970s, MOS-based memory started becoming much more widely used as a form of memory. In 1970, Intel had the first commercial DRAM IC chip. One year later, erasable PROM was developed and EEPROM was invented in 1972. Unit 2 – Cyber Law and IPR The Law on the subject is covered by the Copyright Act; the Trade and Merchandise Marks Act; Patents Act and the Designs Act. These are mainly based on the English law on the subject. The law is poised for fundamental changes to meet the international commitment of the Indian Government under the TRIPS/WTO Agreement. Intellectual property (IP) refers to any novel and indescribable creations of the human intellect, viz., creative work, literary, scientific, or technical conception, which is corporeal or incorporeal; however, the intellectual property rights (IPR) have been defined as the ideas, inventions, and creative expressions based on which there is a public compliance to confer the status of property. There are numerous types of protection of IPR, viz., patent, copyright, trademark, trade secret, geographical indications, industrial design, etc. Hence, intellectual property is a combination of both science and technology which mandates the legally competent scientists or scientifically qualified lawyers to undertake the task of developing and improving the intellectual property rights to suit the needs of the modern digital and biotechnological world. BRIEF HISTORY The laws and administrative procedures relating to IPR have their roots in Europe. The trend of granting patents started in the fourteenth century. In comparison to other European countries, in some matters England was technologically advanced and used to attract artisans from elsewhere, on special terms. The first known copyrights appeared in Italy. Venice can be considered the cradle of IP system as most legal thinking in this area was done here; laws and systems were made here for the first time in the world, and other countries followed in due course. Patent act in India is more than 150 years old. The inaugural one is the 1856 Act, which is based on the British patent system and it has provided the patent term of 14 years followed by numerous acts and amendments. Types of Intellectual Properties and their Description Originally, only patent, trademarks, and industrial designs were protected as ‘Industrial Property’, but now the term ‘Intellectual Property’ has a much wider meaning. IPR enhances technology advancement in the following ways (a) it provides a mechanism of handling infringement, piracy, and unauthorized use (b) it provides a pool of information to the general public since all forms of IP are published except in case of trade secrets. IP protection can be sought for a variety of intellectual efforts including (i) Patents (ii) Industrial designs relates to features of any shape, configuration, surface pattern, composition of lines and colors applied to an article whether 2-D, e.g., textile, or 3-D, e.g., toothbrush (iii) Trademarks relate to any mark, name, or logo under which trade is conducted for any product or service and by which the manufacturer or the service provider is identified. Trademarks can be bought, sold, and licensed. Trademark has no existence apart from the goodwill of the product or service it symbolizes (iv) Copyright relates to expression of ideas in material form and includes literary, musical, dramatic, artistic, cinematography work, audio tapes, and computer software (v) Geographical indications are indications, which identify as good as originating in the territory of a country or a region or locality in that territory where a given quality, reputation, or other characteristic of the goods is essentially attributable to its geographical origin A patent is awarded for an invention, which satisfies the criteria of global novelty, non-obviousness, and industrial or commercial application. Patents can be granted for products and processes. As per the Indian Patent Act 1970, the term of a patent was 14 years from the date of filing except for processes for preparing drugs and food items for which the term was 7 years from the date of the filing or 5 years from the date of the patent, whichever is earlier. No product patents were granted for drugs and food items. A copyright generated in a member country of the Berne Convention is automatically protected in all the member countries, without any need for registration. India is a signatory to the Berne Convention and has a very good copyright legislation comparable to that of any country. However, the copyright will not be automatically available in countries that are not the members of the Berne Convention. Therefore, copyright may not be considered a territorial right in the strict sense. Like any other property IPR can be transferred, sold, or gifted Interface of IPR and Cyber law Intellectual property means knowledge or information in any form which has a commercial value and Intellectual property rights can be defined as a mix of ideas, inventions and creations i.e. Copyright, Patent, Trademark, Design are some of the types of Intellectual Properties. These things are creations of the human mind and hence called Intellectual Property The IT Act,2000 has addressed the misuse of technology in form of cyber crimes. It has however failed to discuss Intellectual Property issues and its protection. Likewise, the Indian Trademark Act, 1999 and Copyright Act, 1957 are also silent on issues arising out of online Trademark and Copyright infringement. Though computer programmes are protected under the Copyright Act but it does not provide remedies for online software piracy. Cyber squatting is also not punishable directly under the IT Act. Copyright and cyber law Copyright is a legal term describing rights given to creators for their literary and artistic works. The kinds of works covered by copyright include: literary works such as novels, poems, plays, reference works, newspapers and computer programs; databases; films, musical compositions, and choreography; artistic works such as paintings, drawings, photographs and sculpture; architecture; and advertisements, maps and technical drawings. Copyright subsists in a work by virtue of creation; hence it‟s not mandatory to register. However, registering a copyright provides evidence that copyright subsists in the work and creator is the owner of the work. Creators often sell the rights to their works to individuals or companies best able to market the works in return for payment. These payments are often made dependent on the actual use of the work, and are then referred to as royalties. These economic rights have a time limit, (other than photographs) is for life of author plus sixty years after creator‟s death. Online Copyright violation- Caching One of the basic copyright issues in the internet is determining the border between private and public use. The Indian Copyright Act, 1957 makes a distinction between reproduction for public use and can be done only with the right holder‟s permission. The right of reproduction presents certain fundamental problems over the internet. This is because of the basic nature of internet transmission. Reproduction takes place at every stage of transmission. Temporary copying (known as caching) is an essential part of the transmission process through internet without which messages cannot travel through the networks and reach their destinations. In the Indian Law, reproduction has to be in a material form but includes “storing of it in any medium by electronic means” making caching also violative of copyright. Plagiarism Technological progress has made copying of copyright material easy and simple. Consequently, the control of copyright infringement has very difficult and often impossible. Books, videos, films, music can be copied without any difficulty and thousands of copies can made from it and distributed. Taking content from one site, modifying it or just reproducing has been made possible by digital technology. This has posed new challenges for the traditional interpretation of individual rights and protection under the Copyright Act. Protection of Database The Indian Copyright Act 1957 protects “Databases” as “Literary Works” under Section 13(1) a. Of the Act which says that copyright shall subsist throughout India in original literary, dramatic, musical and artistic works. The term computer Database has been defined in the Information Technology Act 2000 for the first time. Section 43 of the I.T. Act 2000 provides for compensation to the aggrieved party up to one Crore rupees from a person who violates the copyright and cyberspace norms. Also Section 66 of I.T.Act 2000 provides for penal liabilities in such a case. Protection of computer software According to section 2(ffc) of the Copyright Act, a computer programme is a "set of instructions expressed in words, codes, schemes or in any other form, including a machine readable medium, capable of causing a computer to perform a particular task or achieve a particular results". Computer software is "computer programme" within the meaning of the Copyright Act. Under the T.R.I.P.S (Trade Related aspects of Intellectual Property Rights) agreement, computer programs now qualify for copyright protection just as any other literary work as well as other forms of Intellectual Property Rights protection These computer software are also subject matter of copyright protection under the Copyright Act. Computer programmes are included in the definition of literary work under the Copyright Act. Owner of the computer software possesses with various right including the right to grant software licenses. Software licenses can be of various types such as freeware license, open source license, demoware etc. Software copyright owner has the right to reproduce and make any number of copies of his work as he likes. Secondly, he may display his software on the internet which would amount to display to the public. He is also vested with the rights of selling, renting, transferring, updating, modifying his software copyrighted work. No person can use such copyrighted work for his own benefit without prior permission of the owner. Nevertheless if any person exploits the copyrighted work for any commercial purpose or to cause any monetary loss to the owner, then it will amount to infringement of copyright. Even though the software copyright owner enjoys many exclusive rights yet they are not absolute and are subject to certain limitations and exceptions in order to protect and safeguard the public interest particularly of the users of the software. In certain circumstances, the use of the copyrighted work is allowed even without the permission of its author in some socially desirable circumstances such as literary, dramatic, musical or artistic work for the purpose of private use, including research, criticism or review, in order to utilize the computer program for the purpose for which was supplied or to make back-up copies purely as a temporary protection against loss, destruction or damage in order only to utilize the computer program for the purpose for which it was supplied Trademark and cyber law – Trademark is a distinctive sign that identifies certain goods or services as those produced or provided by a specific person or enterprise. It may be one or a combination of words, letters, and numerals. They may consist of drawings, symbols, three-dimensional signs such as the shape and packaging of goods, audible signs such as music or vocal sounds, fragrances, or colours used as distinguishing features. Patents in Information Technology: Any kinds of practical application in the computer device are known to be patentable. Not all soft wares are patentable but devices like pacemakers are very much patentable. A particular computer program is authorized for patenting only when it contributes to an art. If this program enhances the speed and the efficiency of the existing program, it has the eligibility to get a patent for the same program. A few software patents are as follows: – Program algorithms – Program language translations – Menu arrangements – OS functions – Editing functions and interface features – Display presentations The United States of America has recognized the patents for businesses like online stock trading, gambling, e-commerce, etc. What is non-patentable? Soft wares are basically a form of intangible properties that are safeguarded by copyrights and not patents, as in the case of literary and artistic works. Programming languages are treated as any basic languages like English, French, etc are also not patentable but are protected under the copyright law. Many countries have been debating regarding this to make even the software programming languages to be protected under the patent law as the patent law provides for a larger protection. The computer programmes and languages are not considered as a new invention as they only solve a mathematical or a computer related problem and thus is not used in any practical application and field. Difference between a patent and a copyright? The protection granted by a patent is much stronger as compared to the protection granted under the copyright act. The patent law safeguards the whole concept with which the invention has been made whereas the copyright safeguards the overall outcome of the invention and the concept. In the programming languages, if any program code has the same function of another, the patent law is said to be violated. Patents have a longer process that includes filing whereas a copyright is effective immediately after they are given the publication right. In India, the patent once granted is valid only for a period of 14 years whereas the copyright once granted is effective for as long as the original creator lives as well as another 60 years. The patent is known to give a stronger protection to the programming language and it is known to violate the patent if a similar program is made and not the copyright law. Patents are known to be statutory and are thus protected by the Government body that comes within that particular jurisdiction. On the other side, copyrights are known to be a universal right. Software patent law in India There is no specific provision pertaining to the protection of software in the Indian Patent Law. The Indian Patent Office does not follow any guidelines with regards to the computer software. As the computer coding programmes and languages are not patentable, depending on the functioning of the particular programme, it may be granted the patent. India has taken a step forward in granting registration for patents. Cyber laws India has enacted various legislations such as the Information Technology Act, 2000 which issues various guidelines pertaining to the activities that could be carried out in the cyberspace. As per the cyber laws in India, the Intellectual Properties may be used by anyone strictly only for research purposes, and this does not mean that the researcher can use the exact same work. He must give the credits and references to the original author. Cyber Crime A cyber crime is given under the Information Technology Act, 2000 as any unauthorised access into the computer system or network to cause disruption of the data stored and misuse it. The cyber criminal may choose to cause damage to the network by introducing computer contaminants into the software, by hacking into the system. The provisions of the said Act attempt at penalising each cyber offence committed. The punishment differs from case to case depending on the crime committed as well as the facts and circumstances of the case. Patent misuse: It is an illegal behaviour committed by the owner of the patent rights. It is an affirmative defence which is recognises the fact that it is possible that the owner of the patent to abuse the exclusive patent right granted to him. When a patent misuse has been constituted, the patent would be deemed useless. It constitutes an illegal behaviour where the patent owner may constitute a patent misuse: The patent owner may either violate the antitrust laws or improperly widen the scope of the patent with an ill intention to derive profits out of the same. The patent in dispute must be held unenforceable until the dispute has been resolved between the two parties. For instance, a patent misuse is said to be constituted when the original patent holder tries to expand his product with the particular patent by entering into other licensing agreements. This is the intentional misuse of a patent by the original creator himself. Patent misuse in the technology industry: It is extremely easy for technological products to overlap with another similar product which basically constitutes a technological patent infringement or misuse. Following are a few famous cases: – The Amazon company made an attempt in adopting the one-click patent. – Microsoft and Google resolved a patent issue for over five years regarding the X-Box gaming console as well as the smartphones of the brand name – Motorola. A few landmark cases pertaining to the misuse and infringement of patent are as follows. – The famous case of O’Reilly V. Morse concluded that mere copying of the idea does not constitute the misuse of the patent. Patent misuse is said to be constituted only when the copied idea is executed. – In the case of Manufacturing Company V. Convertible Top Replacement Company, it was held that a clear distinction must be made between the repairing of a patented product as well as the reconstruction of a patented product. – The famous case of KSR V. Teleflex held that for any inventions made that have an obvious concept, there must not be any patent right. It was said that the patent rights must be given only to innovative inventions. – The case of Alice Corporation V. CLS Bank held that a few inventions and ideas are too vague and abstract to be given the patent right. Apple V. Samsung: A very famous case in the field of patent infringement is the case of Apple V. Samsung that went on for about 7 years. The dispute revolved around allegations made by Apple that Samsung has copied the phone design, similar features like tapping on the screen to zoom as well as the similarities in the layout of the home screen. The dispute was resolved in the Court of Law in the United States of America. More than 50 patent dispute cases had been filed by the two parties in various countries across the globe such as Italy, Japan, England, France, etc. In 2010, Apple had sent a notice to Samsung to be aware of copying and creating a similar software and filed a suit in 2011. Samsung denied the accusations by saying that Apple copied the patents of Samsung, but the jury has favoured Apple by asking them to pay a sum of around 1 billion dollars. In the revision trial when the Jury finally said that there has been a mutual patent infringement that has been constituted by both the parties, the companies came into a mutual agreement to drop all the patent infringement cases that had been filed. 16 smartphones that were in the dispute of patent infringement were not available in the market during the trials of the suit. Finally, in 2018, the Supreme Court rejected the plea saying that the patent infringement has occurred but not of the entire device but only a part of it. Samsung was ordered to pay around 540 billion dollars to Apple as compensatory charged for copying of features. Various guidelines have been issued in various Conventions such as the Berne Convention, OECD Convention on Data Protection, the WIPO Performance and Phonograms treaty, etc. to ensure that the Intellectual Property Rights are safeguarded and not misused even on the wide online platforms. As the world is swiftly adapting to the cyber space and living in a virtual world, the rights of an individual too must be protected with utmost care as it is very easy to fall prey to the cyber-crimes owing to the advantages that the cyber offender has as his identity remains anonymous. The legislations that we have now are not efficient enough and this can be clearly understood with the enormously increasing cyber-crimes on a daily basis. Trademark Litigation If we see in the field of trademark remedies against Trademark breach is of mainly two nature: (a) Civil & (2) Criminal. And a user who’s Trademark right shas been infringed has statutory rights and sometimes also common law rights which are not codified and accepted under common law remedy as it breaches general essence of society, which resembles right and wrong morally and ethically. Hence, describing the nature of Trademark litigation, lets focus on both the perspectives; Civil Remedies: In the part of Trademark, whether the mark is registered or not civil remedies are provided, if the statutory and common law presence is breached, the civil remedy is provided. If we segregate it and talk based on validity of trademarks then, civil remedies are taken into consideration into two parts: (a) For Registered Trademark; Section 29 of the Trade Marks Act prescribes the infringement of a trademark. In simple words, when the exclusive rights of the owner of the registered Trademark are violated, it is said to be an infringement of Trademark. The trademark registration provides the exclusive rights to the brand name to the proprietor i.e. the applicant. The certificate of trademark registration provides exclusive rights to the proprietor to use the brand name for their business activity falling under the class in which it is registered. In case, a third party uses the brand name in course of trade without permission of the owner, it is the violation of owner’s right and is called as the infringement of Trademark. Civil Remedies for Trademark Infringement are available in following heads: In form of Injunction: The action of an injunction is referred as stopping one person from doing particular activity or task through the judicial process. With respect to trademark infringement, it is restraining a person from unauthorised use of the trademark. Through a temporary or permanent stay, the Court grants protection to the trademark owner. In form of Damages: Damages refer to the recovery of loss faced by the trademark owner through the trademark infringement. The monetary value of financial loss or brand impairment is recovered under this head. The amount of damages will be granted by the court after considering the actual and anticipated loss of owner due to infringement. The damages in Trademark law as a relief has increasingly assumed importance and the main aim of the damages is to monetarily compensate. Custody of infringing materials: This remedy suggests that the Court may ask the infringer to deliver all the goods or products that are labelled with the brand name. Here, the Court may direct the authorities to withhold the related materials accounts and destruct all such goods. Where the trademark relates to services, i.e. a Service Mark is infringed; the order may be passed to stop the provision of the services immediately by the infringer. The jurisdiction of to commence the proceedings against the infringer is also decided in line with the provisions prescribed. Section 134 of the Trade Marks Act, provides the jurisdiction of filing suit for infringement. The trademark owner may have instituted infringement suit before District Court. The appropriate District Court is the one falling within the local limits under whose jurisdiction, the person instituting the suit, i.e. the owner of trademark resides or carry on the business activities. (b) For Unregistered Trademarks; The Trademarks Act, 1999 (herinafter referred to as 'the Act) gives rights and protection in the form of remedies to not only registered but also unregistered trademarks. Even though a registered trademark is given a statutory remedy under section 28 of the Act, but 27(2) of the Act also provides for remedy for an unauthorized use of an unregistered trademark. Passing off is common law tort which is most commonly used to protect goodwill that is attached to the unregistered trademarks. Passing off is basically when one person is passing off his goods or services as that of another person. An action of passing off is available to both registered and unregistered trademarks, but a suit for infringement is available for only registered trademarks. While the objective that is aimed to be achieved remains the same in both suits, still they are a very different concept. Kinds of relief available in both the suits are permanent injunction, interim injunction, damages or account of profits, delivery of the infringing goods for destruction and cost of the legal proceedings The burden of proof under a suit of infringement is not as high as it is under a passing off action. While in an infringement suit, proving deceptive similarity would be enough to establish that the infringer is liable, under an action of passing off, the plaintiff will not only have to prove deceptive similarity but also prove how the defendant's mark is likely to cause confusion among the public and also has a likelihood of causing injury to plaintiff's goodwill. It is important for the plaintiff to prove how his mark has become distinctive to his goods and people associate the mark to his own goods. The first step to proving passing off is for the plaintiff to establish that the plaintiff was a prior user of the mark. As stated in Consolidated Foods Corporation v. Brandon & Co. pvt Ltd.,Priority in adoption and use of a trade mark is superior to priority in registration. Supreme Court has also laid emphasis on prior use in the case of Satyam Infoway Ltd. vs. Siffynet Solutions (P) Ltd, (2004) 6 SCC 145 The action is normally available to the owner of a distinctive trademark and the person who, if the word or name is an invented one, invents and uses it. If two trade rivals claim to have individually invented the same mark, then the trader who is able to establish prior user will succeed. The question is, as has been aptly put, who gets these first? It is not essential for the plaintiff to prove long user to establish reputation in a passing off action. It would depend upon the volume of sales and extent of advertisement. The word misrepresentation does not mean that the plaintiff has to prove any malafide intention on the part of the defendant. What has to be established is the likelihood of confusion in the minds of the public, (the word public being understood to mean actual or potential customers or users) that the goods or services offered by the defendant are the goods or the services of the plaintiff. Under a passing off action, establishing goodwill and harm caused or possible harm that could be caused to the goodwill is a major ingredient. An unregistered trademark, thus has a higher burden than a registered trademark. While under an infringement suit, a legal right is already available with the plaintiff, a user of an unregistered trademark doesn't have this inherent right. The House of Lords in in case of Reckitt & Colman Ltd V Borden Inc called Reputation, Misrepresentation and Damage to goodwill the Classical trinity under a case of passing off. These are the fundamental elements that have to be established by a person. Passing off suits also face another drawback when it comes to filing of suits. While a suit for infringement as per section 134 of the Act can be filed in District Court / High Court (enjoying Ordinary Original Civil jurisdiction such as High Court of New Delhi, Mumbai, Kolkata or Chennai) wherein the registered proprietor can file suit in the local limits of where actually and voluntarily resides or carries on business or personally work for gain, during the institution of the suit. But a suit of passing off has to follow the regular rules of jurisdiction as per section 20 of Code of Civil procedure which means that a passing off suit can only be filed in a District Court. Criminal Remedies Criminal offences relating to the use of false trademarks, false trade descriptions and other forms of false marking on goods, and the sale of goods bearing such false markings are dealt with in ss. 101 to 121 of the Trade Marks Act 1999. These provisions are substantially the same as in the Trade and Merchandise Marks Act 1958 except for the enhancement of punishment. As indicated in the preamble, one of the objects of the new Act is to prevent the use of fraudulent marks. The nature of the offences and the penalties thereof are contained in Chapter XII (ss. 101 to 121). For the purposes of this Chapter (except s. 107) trade mark is defined in s. 2(1)(zb)(i). The expression trade description and false trade description which are used in connection with the offences are defined in ss. 2(1)(za) and 2(1)(i) respectively. For the definition of deceptively similar, see s. 2(1)(h). Package is defined in 2(1)(q). Sections 81 and 82 deal with the stamping of textile goods and determination of the character of such goods by sampling. For the purposes of offences under Chapter XII of the Act, a trade mark includes a registered as well as unregistered trade mark. Under Section 156 of the Code of Criminal Procedure, 1973 the police have the power to investigate cognizable cases. Sub section 3 Section 156 provides that in case of refusal by the police to lodge a FIR or initiate criminal action, the aggrieved can file a complaint before the Magistrate, procedure w.r.t. which are laid down in section 190 of the Code of Criminal Procedure, 1973. The offences under the Trade Marks Act, 1999 by virtue of the First Schedule table II of the Code of Criminal Procedure, 1973, are classified as cognizable offences though the same is not provided for in the said Acts. Patent Litigation Unfortunately, in Patents only Civil Remedy is available and no criminal remedy is available for the infringement of Patents Rights. Section 104 of the Act provides that a suit for infringement cannot be instituted in any court inferior to a District Court having jurisdiction to try the suit other than High Court, in an appropriate situation. When an action for infringement has been instituted in a high court and district court and the defendants make a counter claim for revocation of the patents, the suit is transferred to the High Court for decision because high court has the jurisdiction to try cases of revocation. Further, section 104A provides for burden of proof in case of suits concerning infringement. The most effective way to enforce patent rights includes a civil action seeking the following remedies: Temporary injunction – The court can impose a temporary restraining order on the defendant until final disposal of the civil suit or for such time as stated in the court order; Permanent injunction – the court can issue a final order restraining the defendant from carrying out activities constituting patent infringement in India; Damages or account of profits; delivery up or destruction of infringing articles; or legal costs. Copyright Litigation Any act that is the sole and exclusive prerogative of the copyright holder (or its licensee), under the provisions of section 14 of the Copyright Act. Making infringing copies (reproducing copyrighted work) with the intention to sell, make available for sale, publicly display or offer to sell the infringing copies. Distributing infringing copies of a work for trading purposes. Also, distributing infringing copies in a way that prejudices the copyright holder. Exhibiting infringing copies of work protected by copyright to the public. Importing infringing copies into India, excluding copies used for private and domestic use. The statutory basis for secondary infringement can be found in section 51(1)(a)(ii) of the Copyright Act. It stipulates that the act of permitting one’s place (either place of business or of residence or any other venue, either digital or in the physical world) to be used for communicating infringing work to the public with a view to profiting from it constitutes infringement of copyright. Remedies for Infringement of Copyright (I) Civil remedy: According to Section 55 of The Copyright Act, 1957, where copyright in any work has been infringed upon, the owner of the copyright shall be entitled to all such remedies by way of injunction, damages, & accounts. The most importance civil remedy is the grant of interlocutory injunction since most actions start with an application for some interlocutory relief and in most cases the matter never goes beyond the interlocutory stage. The other civil remedies include damages - actual and conversion; rendition of accounts of profits and delivery up. This paper is confined to remedies available in common law jurisdictions and it may well be that in civil law countries, the emphasis or focus is somewhat different. It includes: Interlocutory Injuctions Pecuniary Remedies Anton Piller Orders Mareva Injunction Norwich Pharmacal Orders (II) Criminal remedy: According to Section 63 of The Copyright Act, 1957, the copyright holder can take criminal proceedings against the infringer, in which there is a provision of at least six-month imprisonment, which may be extended to 3 years and with a fine of Rs. 50,000, which may extend to 2 lakhs. It further includes: Punishment through imprisonment which, under Indian law, may not be less than six months but which may extend to three years; Fines which, under Indian law, shall not be less than Rs.50.000. and which may extend to Rs.200,000. Search and seizure of the infringing goods including plates which are defined as including blocks, moulds, transfers, negatives, duplicating equipment or any other device used or intended to be used for printing or reproducing copies of the work. Delivery up of infringing copies or plates to the owner of the copyright Provided that if the defendant proves that at the date of the infringement he was not aware and had no reasonable ground for believing that copyright subsisted in the work, the plaintiff shall not be entitled to any remedy for the whole or part of the profits made by the defendant by the sale of the infringing copies as the court may in the circumstances deem reasonable. Also it is provided that, any police officer, not below the rank of a sub-inspector, may, if he is satisfied that an offence under section 63 in respect of the infringement of copyright in any work has been committed, can seize copies without a warrant to produce before Magistrate. The purpose of copyright is to protect the rights of the owners of original work and provide economic benefits to them for their creativity and diligence. Although the registration of work is not necessary, but it is highly recommended to register as soon as one's idea is transforming into writings as it will be strong proof to be presented before the court in case of infringement. Therefore, it is strongly advised to avoid plagiarism. Unit - 3 What Is Electronic Commerce (e-commerce) Electronic commerce or e-commerce (sometimes written as eCommerce) is a business model that lets firms and individuals buy and sell things over the internet. E-commerce operates in all four of the following major market segments: Business to business Business to consumer Consumer to consumer Consumer to business E-commerce, which can be conducted over computers, tablets, or smartphones may be thought of like a digital version of mail-order catalog shopping. Nearly every imaginable product and service is available through e-commerce transactions, including books, music, plane tickets, and financial services such as stock investing and online banking. As such, it is considered a very disruptive technology. E-commerce is the buying and selling of goods and services over the internet. E-commerce can be a substitute for brick-and-mortar stores, though some businesses choose to maintain both. Almost anything can be purchased through e-commerce today. Understanding Electronic Commerce (e-commerce) E-commerce has helped businesses establish a wider market presence by providing cheaper and more efficient distribution channels for their products or services. For example, the mass retailer Target has supplemented its brick-and-mortar presence with an online store that lets customers purchase everything from clothes to coffeemakers to toothpaste to action figures. By contrast, Amazon launched its business with an e-commerce-based model of online sales and product delivery. Not to be outdone, individual sellers have increasingly engaged in e-commerce transactions via their own personal websites. Finally, digital marketplaces such as eBay or Etsy serve as exchanges where multitudes of buyers and sellers come together to conduct business. The Advantages and Disadvantages of Electronic Commerce E-commerce offers consumers the following advantages: Convenience. E-commerce can occur 24 hours a day, seven days a week. Increased selection. Many stores offer a wider array of products online than they carry in their brick-and-mortar counterparts. And many stores that solely exist online may offer consumers exclusive inventory that is unavailable elsewhere. E-commerce carries the following disadvantages: Limited customer service. If you are shopping online for a computer, you cannot simply ask an employee to demonstrate a particular model's features in person. And although some websites let you chat online with a staff member, this is not a typical practice. Lack of instant gratification. When you buy an item online, you must wait for it to be shipped to your home or office. However, retailers like Amazon make the waiting game a little bit less painful by offering same-day delivery as a premium option for select products. Inability to touch products. Online images do not necessarily convey the whole story about an item, and so e-commerce purchases can be unsatisfying when the products received do not match consumer expectations. Case in point: an item of clothing may be made from shoddier fabric than its online image indicates. Types of E-Commerce Models Electronic commerce can be classified into four main categories. The basis for this simple classification is the parties that are involved in the transactions. So the four basic electronic commerce models are as follows, 1. Business to Business This is Business to Business transactions. Here the companies are doing business with each other. The final consumer is not involved. So the online transactions only involve the manufacturers, wholesalers, retailers etc. 2. Business to Consumer Business to Consumer. Here the company will sell their goods and/or services directly to the consumer. The consumer can browse their websites and look at products, pictures, read reviews. Then they place their order and the company ships the goods directly to them. Popular examples are Amazon, Flipkart, Jabong etc. 3. Consumer to Consumer Consumer to consumer, where the consumers are in direct contact with each other. No company is involved. It helps people sell their personal goods and assets directly to an interested party. Usually, goods traded are cars, bikes, electronics etc. OLX, Quikr etc follow this model. 4. Consumer to Business This is the reverse of B2C, it is a consumer to business. So the consumer provides a good or some service to the company. Say for example an IT freelancer who demos and sells his software to a company. This would be a C2B transaction. Examples of E-Commerce Amazon Flipkart eBay Fiverr Upwork Olx Quikr Advantages of E-Commerce E-commerce provides the sellers with a global reach. They remove the barrier of place (geography). Now sellers and buyers can meet in the virtual world, without the hindrance of location. Electronic commerce will substantially lower the transaction cost. It eliminates many fixed costs of maintaining brick and mortar shops. This allows the companies to enjoy a much higher margin of profit. It provides quick delivery of goods with very little effort on part of the customer. Customer complaints are also addressed quickly. It also saves time, energy and effort for both the consumers and the company. One other great advantage is the convenience it offers. A customer can shop 24×7. The website is functional at all times, it does not have working hours like a shop. Electronic commerce also allows the customer and the business to be in touch directly, without any intermediaries. This allows for quick communication and transactions. It also gives a valuable personal touch. Disadvantages of E-Commerce The start-up costs of the e-commerce portal are very high. The setup of the hardware and the software, the training cost of employees, the constant maintenance and upkeep are all quite expensive. Although it may seem like a sure thing, the e-commerce industry has a high risk of failure. Many companies riding the dot-com wave of the 2000s have failed miserably. The high risk of failure remains even today. At times, e-commerce can feel impersonal. So it lacks the warmth of an interpersonal relationship which is important for many brands and products. This lack of a personal touch can be a disadvantage for many types of services and products like interior designing or the jewelry business. Security is another area of concern. Only recently, we have witnessed many security breaches where the information of the customers was stolen. Credit card theft, identity theft etc. remain big concerns with the customers. Then there are also fulfillment problems. Even after the order is placed there can be problems with shipping, delivery, mix-ups etc. This leaves the customers unhappy and dissatisfied. UNCITRAL Model Law on Electronic Commerce (1996) Purpose The Model Law on Electronic Commerce (MLEC) purports to enable and facilitate commerce conducted using electronic means by providing national legislators with a set of internationally acceptable rules aimed at removing legal obstacles and increasing legal predictability for electronic commerce. In particular, it is intended to overcome obstacles arising from statutory provisions that may not be varied contractually by providing equal treatment to paper-based and electronic information. Such equal treatment is essential for enabling the use of paperless communication, thus fostering efficiency in international trade. Why is it relevant? The MLEC was the first legislative text to adopt the fundamental principles of non- discrimination, technological neutrality and functional equivalence that are widely regarded as the founding elements of modern electronic commerce law. The principle of non-discrimination ensures that a document would not be denied legal effect, validity or enforceability solely on the grounds that it is in electronic form. The principle of technological neutrality mandates the adoption of provisions that are neutral with respect to technology used. In light of the rapid technological advances, neutral rules aim at accommodating any future development without further legislative work. The functional equivalence principle lays out criteria under which electronic communications may be considered equivalent to paper-based communications. In particular, it sets out the specific requirements that electronic communications need to meet in order to fulfil the same purposes and functions that certain notions in the traditional paper-based system - for example, "writing," "original," "signed," and "record"- seek to achieve. Key provisions Besides formulating the legal notions of non-discrimination, technological neutrality and functional equivalence, the MLEC establishes rules for the formation and validity of contracts concluded by electronic means, for the attribution of data messages, for the acknowledgement of receipt and for determining the time and place of dispatch and receipt of data messages. It should be noted that certain provisions of the MLEC were amended by the Electronic Communications Convention in light of recent electronic commerce practice. Moreover, part II of the MLEC, dealing with electronic commerce in connection with carriage of goods, has been complemented by other legislative texts, including the United Nations Convention on Contracts for the International Carriage of Goods Wholly or Partly by Sea (the "Rotterdam Rules") and may be the object of additional work of UNCITRAL in the future. Introduction to E- CONTRACTS E-contract is one of the divisions of e-business. It is similar to a traditional business wherein goods and services are switched for a particular amount of consideration. The important factor involved is that the contract takes place through a digital mode of communication. It provides an opportunity for the sellers to reach the end of consumer directly without the involvement of the middlemen. E-contract is any kind of contract formed in the course of e-commerce by the interaction of two or more individuals using electronic means, such as e-mail, the interaction of an individual with an electronic agent, such as a computer program, or the interaction of at least two electronic agents that are programmed to recognize the existence of a contract. The Indian Contract Act, 1872 governs the manner in which contracts are made and performed in India. ESSENTIALS OF AN ELECTRONIC CONTRACT: 1. An offer requirements to be made 2. The offer needs to be acknowledged 3. There has to be legal consideration 4. There has to be an intention to create lawful relations 5. The parties must be able to contract 6. There must be free and unaffected consent 7. The object of the contract need to be lawful 8. There must be conviction and possibility of performance A. OFFER Under section 2(a) of The Indian Contract Act, speaks of offer. “When one person signifies his willingness to do or to abstain from doing anything with a view to obtain assent of that other to such act or abstinence, he is said to make a proposal The question which arises is, does it apply in electronic contracts? Is it when it enters the computer resource as provided under Section 13 of the IT Act or when the offeror receives acknowledgement as in section 12 of the IT Act? It is clear that a message can enter into a person’s mailbox without him seeing it, thus, the element necessary for determining communication of offer in case of posts cannot be the same in electronic communication. The communication of offer is complete when it comes to the knowledge of the offeree and acknowledgement is received by him. The offeror is able to revoke the offer any time before the communication of acceptance is complete as provided in section 5 of Indian Contract Act and has not been altered by IT Act. B. ACCEPTANCE. One difficult task about entering electronic contract is to know when an agreement has been reached. Once an offer is accepted, a contract is concluded except the postal acceptance rule applies. The postal acceptance rule is an exception to the general rule that acceptance of a contract must be communicated to the offeror before a contract can be in existence. Under the rule, acceptance of a contract is said to occur at the time the acceptance is posted. Hence, the communication of acceptance is complete against the proposer when it is put in the course of transmission to him and as against the acceptor when it comes to the knowledge of the proposer, that is, when the acknowledgement enters into the into the designated computer resource. There is no disparity between Indian and Common law in this regard as seen in Lalman Shukla v. Gaurie Datta Sharma where in spite of the fact that he found the boy whose uncle had promised Rs. 501 to anyone who finds was denied the reward seeing that he came to know only after finding the boy. Both offer and acceptance can be generally done through email, website forms, and online agreements. REVOCATION OF OFFER AND ACCEPTANCE The Information Technology Act of 2000 is not a complete one and as a result, the Indian Contract Act of 1882 is still in use even for electronic contracts. However, the both Acts still complement each other. Section 5 which speaks of revocation will not be applicable as there will be no much time or time lag in case of electronic contracts, the dispatch and receipt of mail happens within split of minutes and simultaneously. MINOR IMAGE RULE This is a common law principle that denotes that the acceptance must be a mirror image of the offeror’s offer. This implies that an acceptance which varies in terms as against the original offer is not an acceptance but a counter proposal which will now have to be accepted by the original offeror before the contract can be said to be concluded. The terms of the contract will now become the terms of the counter proposal and it is called Last Shot doctrine which implies that the terms of the final document in the series leading to the conclusion forms the contract. C. LAWFUL CONSIDERATION The Indian Contract Act of 1872 reads that “ In the present scenario, once an item has been supplied and the price has been paid, the consideration is executed and the requirement is satisfied. Problems may arise at a time when the consideration is merely executor. This arises when the seller's computer has done no more than "promise" to supply that item. A key intention that lies behind such promises is, of course, the intention to be bound by that promise in other words, the intention to create legal relations. The Contract law cannot entirely apply in e-contracts as in sometimes when an autonomous computer is used. D. LAWFUL OBJECT The purpose of such contract must be a lawful one. Courts will not enforce contracts that are illegal or violate public policy. Such contracts are considered void. An agreement which calls for the commission of a crime is illegal and therefore void. For example, a person could not enforce an agreement with another party to burn a house down. Also, an agreement that calls for the commission of a civil wrong (such as a tort) is illegal and void. E. COMPETENT PARTIES TO CONTRACT It is generally accepted that both natural persons and legal persons are capable of entering contracts, Computers are clearly not natural persons ,and neither American nor English contract law, at present, deem them to be legal persons. Computers, therefore, are not capable of being parties to contracts. In our scenario, both the buyer and the seller are natural persons, and consequently, are capable of being parties to the transaction. The autonomous computer, however, clearly cannot be a contractual party as the law now stands. F. FREE CONSENT The consent of the both parties must be free from any deceit, mistake, fraud etc. E contracts can be broadly categorized into: - Shrink Wrap Agreements - Click Wrap Agreements Shrink Wrap agreements are those which can only be read and accepted by the consumer after the opening of a particular product. The term is described after the shrink wrap plastic wrapping that is used to cover software or other boxes. Installing software from a CD into your PC is an example of a shrink wrap agreement. Click Wrap agreements are mostly found in the software installation process. The user has to click either ‘Accept’ or ‘Decline’ to accept or reject the agreement respectively. These agreements lack a certain amount of bargain power. Choosing to make payments online or choosing to reject it is an example of using a click wrap agreement. Either ways, the consent to such must be free. This is quite difficult to determine because sometimes the margin used to determine the strict rule of free consent gets narrower. G. CERTAINTY OF TERMS Keeping a record of the contract as agreed is vital. This can be difficult if there have been several email exchanges (perhaps each attaching documents intended to form part of the terms of the contract) including counter offers and negotiations between the contracting parties. As noted above, it may be difficult in such a scenario to determine who is the offeror and who has accepted the final offer, which may determine which party’s terms and conditions apply. In any event, it is important to ensure that the parties are clear on the content of the final contractual terms. NATURE OF E-CONTRACT 1. The parties do not, in most cases, meet physically. 2. There are no physical boundaries. 3. No handwritten signature and in most times, no hand writing is required. 4. Since there is no utmost security, risk factor is very high. 5. Jurisdictional issues are a major setback on e-contracts in case of breach. 6. There is no single authority to monitor the whole process especially in shrink wrap contracts. 7. Digital Signatures are used and electronic records are used as evidences in court n when need arises. 8. The three main methods of contracting electronically are e-mail, World Wide Web (www), and Cyber contracts (Click to agree/online contract). 9. The subject matter includes: (A). Physical goods, where goods are ordered onlineand paid over internet and physical delivery is made. (B). Digitised products such as software which can also be ordered for. (C). Services like electronic banking, sale of shares, financial advice etc. Digital Signature Digital signatures are used to authenticate the identity of the sender. It is like signing a message in electronic form. A digital signature is a protocol that produces the same effect as a real signature. It is a mark that only the sender can make and other people can easily recognize that it belongs to the sender. A digital signature is also used to confirm agreement to a message. A digital signature must be unforgeable and authentic. In a digital signature process, the sender uses a signing algorithm to sign the message. The message and the signature are sent to the receiver. The receiver receives the message and the signature and applies the verifying algorithm to the combination. If the result is true, the message is accepted otherwise it is rejected. A conventional signature is like a private key belonging to the signer of the document. The signer uses it to sign documents. The copy of the signature on a file is like a public key so anyone can use it to verify a document to compare it to the original signature. In digital signature the signer uses her private key applied to a signing algorithm to sign the document. The verifier uses the public key of the signer applied to verifying algorithm to verify the sign. When a document is signed anyone including Bob can verify it because everyone has access to Alice’s public key. Alice must never use her public key to sign the document because anyone could forge her signature. Digital signatures have assumed great significance in the modern world of web- commerce. Many countries have made provisions for recognizing digital signature as a valid authorization mechanism like paper-based signatures. Unit 4 – Cyber Crimes What is cybercrime? Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations. Some cybercriminals are organized, use advanced techniques and are highly technically skilled. Others are novice hackers. Rarely, cybercrime aims to damage computers for reasons other than profit. These could be political or personal. Types of cybercrime Here are some specific examples of the different types of cybercrime: Email and internet fraud. Identity fraud (where personal information is stolen and used). Theft of financial or card payment data. Theft and sale of corporate data. Cyberextortion (demanding money to prevent a threatened attack). Ransomware attacks (a type of cyberextortion). Cryptojacking (where hackers mine cryptocurrency using resources they do not own). Cyberespionage (where hackers access government or company data). Most cybercrime falls under two main categories: Criminal activity that targets Criminal activity that uses computers to commit other crimes. Cybercrime that targets computers often involves viruses and other types of malware. Cybercriminals may infect computers with viruses and malware to damage devices or stop them working. They may also use malware to delete or steal data. Cybercrime that stops users using a machine or network, or prevents a business providing a software service to its customers, is called a Denial-of-Service (DoS) attack. Cybercrime that uses computers to commit other crimes may involve using computers or networks to spread malware, illegal information or illegal images. Sometimes cybercriminals conduct both categories of cybercrime at once. They may target computers with viruses first. Then, use them to spread malware to other machines or throughout a network. Cybercriminals may also carry out what is known as a Distributed-Denial-of-Service (DDos) attack. This is similar to a DoS attack but cybercriminals use numerous compromised computers to carry it out. The US Department of Justice recognizes a third category of cybercrime which is where a computer is used as an accessory to crime. An example of this is using a computer to store stolen data. The US has signed the European Convention of Cybercrime. The convention casts a wide net and there are numerous malicious computer-related crimes which it considers cybercrime. For example: Illegally intercepting or stealing data. Interfering with systems in a way that compromises a network. Infringing copyright. Illegal gambling. Selling illegal items online. Soliciting, producing or possessing child pornography. Examples of cybercrime So, what exactly counts as cybercrime? And are there any well-known examples? In this section, we look at famous examples of different types of cybercrime attack used by cybercriminals. Read on to understand what counts as cybercrime. Malware attacks A malware attack is where a computer system or network is infected with a computer virus or other type of malware. A computer compromised by malware could be used by cybercriminals for several purposes. These include stealing confidential data, using the computer to carry out other criminal acts, or causing damage to data. A famous example of a malware attack is the WannaCry ransomware attack, a global cybercrime committed in May 2017. Ransomware is a type of malware used to extort money by holding the victim’s data or device to ransom. WannaCry is type of ransomware which targeted a vulnerability in computers running Microsoft Windows. When the WannaCry ransomware attack hit, 230,000 computers were affected across 150 countries. Users were locked out of their files and sent a message demanding that they pay a BitCoin ransom to regain access. Worldwide, the WannaCry cybercrime is estimated to have caused $4 billion in financial losses. Phishing A phishing campaign is when spam emails, or other forms of communication, are sent en masse, with the intention of tricking recipients into doing something that undermines their security or the security of the organization they work for. Phishing campaign messages may contain infected attachments or links to malicious sites. Or they may ask the receiver to respond with confidential information A famous example of a phishing scam from 2018 was one which took place over the World Cup. According to reports by Inc, the World Cup phishing scam involved emails that were sent to football fans. These spam emails tried to entice fans with fake free trips to Moscow, where the World Cup was being hosted. People who opened and clicked on the links contained in these emails had their personal data stolen. Another type of phishing campaign is known as spear-phishing. These are targeted phishing campaigns which try to trick specific individuals into jeopardizing the security of the organization they work for. Unlike mass phishing campaigns, which are very general in style, spear-phishing messages are typically crafted to look like messages from a trusted source. For example, they are made to look like they have come from the CEO or the IT manager. They may not contain any visual clues that they are fake. Distributed DoS attacks Distributed DoS attacks (DDoS) are a type of cybercrime attack that cybercriminals use to bring down a system or network. Sometimes connected IoT (internet of things) devices are used to launch DDoS attacks. A DDoS attack overwhelms a system by using one of the standard communication protocols it uses to spam the system with connection requests. Cybercriminals who are carrying out cyberextortion may use the threat of a DDoS attack to demand money. Alternatively, a DDoS may be used as a distraction tactic while other type of cybercrime takes place. A famous example of this type of attack is the 2017 DDoS attack on the UK National Lottery website. This brought the lottery’s website and mobile app offline, preventing UK citizens from playing. How to protect yourself against cybercrime So, now you understand the threat cybercrime represents, what are the best ways to protect your computer and your personal data? Here are our top tips: Keep software and operating system updated Keeping your software and operating system up to date ensures that you benefit from the latest security patches to protect your computer. Use anti-virus software and keep it updated Using anti-virus or a comprehensive internet security solution like Kaspersky Total Security is a smart way to protect your system from attacks. Anti-virus software allows you to scan, detect and remove threats before they become a problem. Having this protection in place helps to protect your computer and your data from cybercrime, giving you piece of mind. If you use anti-virus software, make sure you keep it updated to get the best level of protection. Use strong passwords Be sure to use strong passwords that people will not guess and do not record them anywhere. Or use a reputable password manager to generate strong passwords randomly to make this easier. Never open attachments in spam emails A classic way that computers get infected by malware attacks and other forms of cybercrime is via email attachments in spam emails. Never open an attachment from a sender you do not know. Do not click on links in spam emails or untrusted websites Another way people become victims of cybercrime is by clicking on links in spam emails or other messages, or unfamiliar websites. Avoid doing this to stay safe online. Do not give out personal information unless secure Never give out personal data over the phone or via email unless you are completely sure the line or email is secure. Make certain that you are speaking to the person you think you are. Contact companies directly about suspicious requests If you get asked for data from a company who has called you, hang up. Call them back using the number on their official website to ensure you are speaking to them and not a cybercriminal. Ideally, use a different phone because cybercriminals can hold the line open. When you think you’ve re-dialed, they can pretend to be from the bank or other organization that you think you’re speaking to. Be mindful of which website URLs you visit Keep an eye on the URLs you are clicking on. Do they look legitimate? Avoid clicking on links with unfamiliar or spammy looking URLs. If your internet security product includes functionality to secure online transactions, ensure it is enabled before carrying out financial transactions online. Keep an eye on your bank statements Our tips should help you avoid falling foul of cybercrime. However, if all else fails, spotting that you have become a victim of cybercrime quickly is important. Keep an eye on your bank statements and query any unfamiliar transactions with the bank. The bank can investigate whether they are fraudulent. How is cyber-crime investigation conducted For conducting cyber-crime investigation, certain special skills and scientific tools are required without which the investigation is not possible. Due to the Information Technology Act, 2000 (“IT Act”), certain provisions of Criminal Procedure Code and the Evidence Act, have been amended. Along with this, certain new regulations had been enforced by the Indian legal system to meet with the need of cyber-crime investigation. Who can investigate? The power to investigate the accused in regard to the cyber offences, has been entailed in Section 78 of the IT Act, which says that “notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer not below the rank of Inspector shall investigate any offence under this Act”. Nevertheless, the IT Act is not sufficient to meet the necessity, therefore the Criminal Procedure Code, 1978 and the Indian Penal Code, 1860, were also amended accordingly to introduce cyber-crime under their ambit. This gives power to the Inspector to register and investigate the cyber-crime as like another crime. Process of search & arrest The power of the police office and other officers to enter, search etc. is entailed in Section 80 (1) of the IT Act, which says that, notwithstanding anything contained in the Code of Criminal Procedure, 1973, any police officer, not below the rank of the Inspector or any other officer of the Central Government or State Government authorized by the Central Government in this regard, may enter any public place, search and arrest without warrant any person, who is reasonably suspected of having committed or of committing or about to commit an offence under the IT Act. Pursuant to Section 80 (2) of the IT Act, any person who is arrested under sub-section (1) by an officer other than a police officer then such officer shall, without any unreasonable delay, take or send the person arrested before a magistrate having jurisdiction in the case or before the officer-in-charge of a police station. The Government of India had launched the online cyber-crime reporting portal, www.cybercrime.gov.in, which is a citizen-centric initiative, to allow the complainants to lodge complaints relating to child pornography/child sexual abuse material or any content which is sexual in nature. The Central Government has launched a scheme for formulating of Indian Cyber Crime Coordination Centre (I4C) to handle the cybercrime incidents in India, in an inclusive & coordinated manner. The said scheme has following seven components: National Cybercrime Threat Analytics Unit (TAU) National Cybercrime Forensic Laboratory (NCFL) National Cybercrime Training Centre (NCTC) Cybercrime Ecosystem Management Platform for Joint Cybercrime Investigation Team National Cybercrime Reporting Portal National Cyber Research and Innovation Centre (NCR&IC) The government is also planning to set up Regional Cyber Crime Coordination Centres at respective States/UTs. One can report a cyber-crime by: Filing a written complaint in nearest, any Cyber Cell Lodging an F.I.R (First Information Report) Filing a complaint at https://www.cybercrime.gov.in/Accept.aspx In case the response has not been appropriate then the complainant can write to State / UT Nodal Officer and Grievance Officer, the details of which can be accessed here: https://www.cybercrime.gov.in/Webform/Crime_NodalGrivanceList.aspx. Recently, for Delhi only, a new feature “Citizen Financial Cyber Fraud Reporting and Management System” has been activated for prevention of money loss in case of Cyber Financial Fraud; for immediate reporting the complainant can Call 155260 (9 AM – 6 PM only) and further details can be accessed from ‘Citizen Manual’ under “Resources Section” at www.cybercrime.gov.in. Prosecution for cyber-crimes Some common cyber-crimes incidents which attracts prosecution as per the applicable provisions of the IT Act, are provided herein below: It is created for provoking a religious group to act or pass obnoxious/ objectionable remarks against a public figure or the country etc. Online hate community Applicable provisions: Section 66A of IT Act + 153A & 153B of the Indian Penal Code (IPC) If a person’s email account is hacked and offensive / indecent emails are sent to Email people who are in person’s address book. account hacking Applicable provisions: Sections 43, 66, 66A, 66C, 67, 67A and 67B of IT Act. The Website’s homepage is swapped with a defamatory or pornographic content/ Web page. defacement Applicable provisions: Sections 43 and 66 of IT Act and Sections 66F, 67 and 70 of IT Act also apply in some cases. Cyber The terrorists are using virtual & physical storage for hiding data & records of terrorism their illegal business. Applicable provisions: terrorism laws apply + Section 66F & 69 of IT Act. Phishing and It involves acquiring sensitive information fraudulently by masquerading as a email scams reliable & legitimate entity. Applicable provisions: Section 66, 66A and 66D of IT Act + Section 420 of IPC Unit – 5 Information Technology Act Information Technology (Amendment) Act, 2008 BRIEF HISTORY The Indian Information Technology Act 2000 (“Act”) was a based on the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law; the suggestion was that all States intending to enact a law for the impugned purpose, give favourable consideration to the said Model Law when they enact or revise their laws, in view of the need for uniformity of the law applicable to alternatives to paper-based methods of communication and storage of information. Thus the Act was enacted to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involved the use of alternatives to traditional or paper- based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies. Also it was considered necessary to give effect to the said resolution and to promote efficient delivery of Government services by means of reliable electronic records. The Act received the assent of the President on the 9th of June, 2000. The Act was subsequently and substantially amended in 2006 and again in 2008 citing the following objectives: With proliferation of information technology enabled services such as e-governance, ecommerce and e-transactions, protection of personal data and information and implementation of security practices and procedures relating to these applications of electronic communications have assumed greater importance and they require harmonization with the provisions of the Information Technology Act. Further, protection of Critical Information Infrastructure is pivotal to national security, economy, public health and safety, so it has become necessary to declare such infrastructure as a protected system so as to restrict its access. A rapid increase in the use of computer and internet has given rise to new forms of crimes like publishing sexually explicit materials in electronic form, video voyeurism and breach of confidentiality and leakage of data by intermediary, e-commerce frauds like personation commonly known as Phishing, identity theft and offensive messages through communication services. So, penal provisions are required to be included in the Information Technology Act, the Indian Penal Code, the Indian Evidence Act and the Code of Criminal Proced

Add-on Course on Cyber Law (PDF)

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue