/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsA couple of weeks ago, India saw numerous attacks on various websites. Among
those hacked into, were the websites of AIIMS, the Atomic Energy Research Board
as well as that of the Delhi High Court Bar Association. Companies who are
victims of attacks typically try to investigate the matter internally and update
their anti-virus software and firewalls. Rarely does a company consider
reporting the matter to the police and not without reason.
For reporting the matter to the police means inviting more headaches for an
already harassed corporate entity. Reporting the matter results in negative
media publicity. It also deters potential customers from approaching the company
for further business. Finally, it also rightly or wrongly leads to a media trial
about the security capabilities of the said company or its network, often even
without giving the company an opportunity to express its side of the story.
Further, the hassles of going to court and producing evidence are other strong
deterrents.
|
/dq/media/post_attachments/55440b9b74088fc0e47ea748db297a6fb87b09164d24299168a47cf41b24220c.jpg)
Unfortunately, this scenario prevails not only in India but also worldwide.
However, as a result, cyber crimes like hacking go unreported. Governments bask
under a false sense of security that their companies, netizens and networks are
free from cyber crime. Very few cases are reported to the police and
consequently there are very few convictions.
Even in countries that have expeditious judicial systems, it is taking quite
sometime for cyber crime cases to progress. For instance, David Smith, who
authored the Melissa Virus, pleaded guilty for causing more than 80 million
dollars damage. Even two years later, David has not been sentenced. The
suspected author of the famous I Love You virus namely, Onel de Guzman could not
be prosecuted despite concerted efforts by Philippines and the US because at the
time when the virus was released, Philippines did not have adequate laws to
counter cyber crime. Similarly, the author of the Anna Kournikova worm namely
Jan de Wit, despite being found guilty by a Dutch Court, was only sentenced to
150 hours of community services. This clearly is not enough.
In the Indian scenario though, a couple of hacking cases have been registered
under Section 66 of the IT Act, yet none of them have been decided till date. As
such, at the time of writing this piece, no person in India stands convicted for
the offence of hacking or any other cyber crime. There is a need for companies
to start reporting cases of cyber crime to the police. In addition, the
government needs to ensure that the law enforcement mechanism is not
intimidating and creates an atmosphere that encourages people to report cyber
crimes. There is a need for collaboration between the Government and the private
sector on the issue of fighting cyber crime, especially hacking.
Similarly, under the IT Act, there is a provision which allows people to seek
damages when somebody without their knowledge or permission, enters into their
computer, computer system or computer network and destroys, copies, deletes or
downloads data or causes any computer contaminant to be released, or causes any
of these said acts to be done. The Indian Cyberlaw proposes damages in such a
situations up to Rs1 crore and these damages are to be awarded by the
adjudicating officers. It is high time that we started giving more deterrent
punishments and awarding heavy damages to perpetuators of cybercrime and
establish appropriate methods and infrastructure by means of which companies
would feel comfortable and confident while reporting cyber crime and sharing
evidence with the police.
There is a further need for strengthening the law and having specific cyber
crime code, which would act in supplementation to the existing Indian Penal
Code, apart from the cybercrimes mentioned in the Information Technology Act,
2000. Specialized cyber crime police stations need to be established. The
government in the state of Karnataka has already taken the first step in this
direction–it recently established the Bangalore Cyber Crime Police Station
That’s a start.
Pavan Duggal is a Cyberlaw consultant
and a practicing advocate at the Supreme Court of India