Cyber business may evade law

DQW Bureau
New Update


Ascientist and a journalist were reportedly punished in China for promoting concepts of demo-cracy through the Internet. It is unclear if this was viewed as cyber crime or just as subver-sion and incitement against the state. Only after noticing a crime one searches for a law. In passing, unlike in dictatorial regimes, cyber crimes may go unpunished in countries, which have not enacted a Cyber law. With business in 24/7 ITES, Cyber law is inadequate–advent of Wireless Fidelity (more popularly known as WiFi), may confuse its purview in some aspects. One has to contend with crimes in BPO, Medical Transcription and off site business development. 

Consultants are necessary to advise the police and hopefully consultations may reduce. Pinpointing the location of a cyber crime is not easy. Presen-tly, commercial and criminal laws in other countries have caused arrests of Indian IT


Comparatively, insta-nces of arrests of IT professio-nals of other nationality are minimal. 


Under Section 61 of the In-dian IT Act 2000, no court will have jurisdiction to entertain any suit or proceedings in res-pect of any matter which an adjudicating officer–appointed under this act or the Cyber Appellate Tribunal em-powered un-der this Act–is to deter-mine. This me-ans, ‘no oppo-rtunity exists for injunction on a decision in a civil court’.

‘Compoun-ding’ in a cri-minal case is akin to ‘comp-romise’ under the direction of control-ler–between the offender and the aggrieved. Sub-Section (2) of Section 63 is interesting. If an offender commits a cogni-zable offence and is allowed to compound, the stigma of the accusation lasts only for three years from the date of com-mitting the offence. Only if the same offender commits the same offence within three successive years, the accused can be charged with repetition. If three calendar years fall in between the first offence and repetition of the same, it is still only a ‘first offence’ and not a repetition. 

An example illustrates this. If a hacker attacks a site with a virus on Dec 31 2002 and the aggrieved accepts to com-pound the offence any time before Dec 31 2005, the hacker is cleared. If the same offence is committed on or after Jan 1 2006, it is again treated afresh as a first offence. By compoun-ding, offender can be absolved of the same offence every three years!

An aggrieved party might find the data in a computer system to have been modified by a hacker. On filing a com-plaint, the controller may ask for ‘any’ document to be furni-shed. If the complainant fails to furnish, a penalty of Rs 1,50,000 can be levied under Sub-Section (a) of Section 44. There is no protection to safeguard confi-dential information unconne-cted with a ‘crime in issue’. 


An illustration follows. If a complaint refers to a hard disk of a server, hacked by an intru-der, the company may be for-ced to submit the back up in store–perhaps the disaster management support. It is unclear if the submitted docu-ment can be tre-ated ‘in camera’ –away from pr-ying eyes.

Net Banking is slowly getting recognition, but a Net client to a banker is alw-ays apprehen-sive of inherent insecurity–with Spy soft-ware lurking all over the Net. Im-movable prope-rty becomes a ‘collateral secu-rity’ while gett-ing loans. Users would be well advised not to transact ‘immo-vable property’ through e-Com (contract)–lest they may lose everything.

Transaction of imm-ovable property is excluded in the Act–so says Sub-Section (e) of Sub-Section (4) under Section 1 of the Act. 


Pager, cell phone and recor-ded conversation, as tools of crime, are evidence in criminal cases but with unclear interpre-tation. Mobile computing, WiFi device, Personal Digital Assis-tant (PDA) with Bluetooth wireless protocol–which is different from pager–mobile telephone are yet undefined in the Act. ‘Computer resource’ as defined in Sub-Section (k) un-der Section 2, refers only to co-mputer, computer system, com-puter network, data, computer database or software.

Virtual Private Network (VPN) may be spread across a few national boundaries. Further, Section 65 deals with tampering with computer source documents. Under ‘explanations’ computer source code means listing of programs and analysis of computer resource. ‘Links’ may not fall under both categories.

One sentence in IT Act 2000 confers a virtual global applica-bility. Sub-Section (2) of Section 1 specifies the applicability of the Act to ‘any’ person commi-tting any offence ‘outside’ India! Section 75 (1) reiterates this in no uncertain manner. One can stay outside India’s political boundaries but can be charged to have committed cyber crime in India. With WiFi, mobile computer on a VPN can be used to activate a fraud on the move while crossing inter-national boundary between two countries–both with enacted cyber law. Yet, they may be inadequate. 


Section 84 protects all inve-stigators–central, state gover-nments, controller, any person acting on behalf of controller, presiding officer, adjudicating officer and staff of Cyber Appe-llate Tribunal. They just have to show ‘good intention’ while investigating. The complainant cannot suspect anybody to feel aggrieved.

Development of application software does not raise eyeb-rows. If it is for the Casino in Las Vegas or the Atlantic City, it does. Gambling is legal in those places but is illegal in India, say, in the Silicon city. Can Indian law allow development of com-puter software within its boun-daries–which will help a ‘known’ crime elsewhere? This may be ‘abetting’ a cyber crime, if not a crime under IT Act 2000. Intriguing indeed.

Interestingly, Jammu & Kashmir is not separately men-tioned–as in some sections of enacted law in India. As per Sub Section (2) of Section 1, IT Act 2000 shall extend to the whole of India (J&K is not excluded).

Sqn Ldr BG Prakash