‘“The internet is becoming the town square for the global village of tomorrow.”
The internet has been in existence since 1960’s and the World Wide Web (WWW) since 1990’s. The internet has now become all encompassing; it touches the lives of every human being. In today’s time, social media is a well-known name for every person. Merriam-Webster Dictionary defines social media as “forms of electronic communication (such as websites for social networking and micro-blogging) through which users create online communities to share information, ideas, personal messages, and other content (such as videos). Now-a-days, no letter or telegram (not a play-store application) is needed to share information. A fast medium to exchange views globally has been evolved in this fast-pacing world. Social Media has radically changed the lives of the people – for good or for bad – is a questionable matter. As social media has become an inevitable part of our lives criminal activities relating to social media has also become an inseparable part of social media. The social media has given the room for criminal activities to flourish in an online mode. No person – be it individuals, government agencies or any other private companies – has been left unconscious with the advantages of social media. However, technology while providing so many perks pose threats to individuals and the world. The creation of a virtual world where people can share information, exchange pictures, become friends, play games, fall in love, fight, etc. without having actually meeting face-to-face is the major reason behind the popularity of social media. The social media has imposed threats on the security, privacy and also the dignity of the people, which has hiked the cyber violence and puts forward a challenging mess at a global level.
SOME STATISTICS TO WONDER
In recent times, there has been a spurt in the number of users of social networking sites, especially due to Covid-19 pandemic. It can be seen from the rise in the Facebook users from 2.45 billion monthly users in 2019 to 270 billion monthly active users by June 2020 with an increment rate of 12% over a year. The International Telecommunications Union estimates that almost 40% of the world’s population and over 76% of people in developed countries are now internet users. According to the Chief of NIA (National Investigating Agency), Alok Mittal, “every sixth cyber-crime in India is committed through social media.” There were around 150 cases of cyber-crimes on social media in our country in 2016, which increased to around 300 cases in 2017. Fraud cases on social media have also increased by 43% in 2018. Approximate 44,546 cases were registered under the cyber-crime head in 2019 as compared to 27,248 cases in 2018. Therefore, a rise of 63.5% was observed in cyber-crimes by National Crime Reporting Bureau. These statistics are worthy of considering the fact that along with an increase in the number of users, there has also been a spike in the cyber-crime cases.
IMPACT OF SOCIAL MEDIA
We are generally aware of the benefits of the internet; however, its anonymous nature allows miscreants to indulge in various cyber-crimes. Taking the positive side into consideration, social networking sites allow users to connect with the families and friends within seconds residing far away from them through audio and video calls, chat-rooms and many other functions provided by it, which helps in bridging the gap between persons. The people can remain updated about the worldly affairs just with a click on their devices. The social networking sites also help in finding and providing appropriate employment and educational opportunities to finders of the same. More importantly, social media is the easiest way to express opinions and views. Therefore, social media makes life accessible and enjoyable for the people.
Nonetheless, keeping negative side in view, social media also leads to social isolation as in face-to-face interaction has become minimal in the times of pandemic. This, in turn, affects the mental, emotional, psychological health of the people and causes anxiety, fear of missing out, depression and many other issues. Privacy, these days, has become a matter of concern. The third party uses the private information of the individuals and commits cyber-bullying and cyber-theft among teenagers. The spread of obscene content on the social media makes the youth vulnerable to these things. They lose their productivity in online chatting all day. Also, the misinformation spreads faster rather than relevant one, which can be for any purpose such as advancing enmity between various ethnic and religious groups or misleading people, and aggravates virtual hate crimes.
Thus, the underlying fact is that social media has become an indispensable part of our lifestyle. And, virtual space, therefore, becomes a relatively new terrain in terms of the questions it raises about human rights and responsibilities.
CYBER-CRIMES: MEANING AND CATEGORIZATION
Cyber-crime has not been defined in any statute or rulebook. However, it is a culmination of two terms, that is, cyber and crime. Interestingly, the word ‘cyber’ is slang for anything relating to computers, information technology and internet. And, the word ‘crime’ refers to the commission of an illegal activity. Accordingly, the term ‘cyber-crime’ can be inferred as the offences committed using the medium of computers, cyber-space, world wide web, or internet. Therefore, cyber-crimes involve a computer and a network.
Cyber-crimes are “Offences that are committed against individuals or group of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat-rooms, e-mails, notice boards and groups) and mobile phones (SMS/MMS)”, defines Dr. Debarati Halder and Dr. K. Jaishankar.
Cyber-crimes can be broadly categorized into three groups against which these crimes can be committed, namely, individual, property and government.
• Individual – Cyber-crimes in the form of cyber-stalking, distributing pornography, trafficking and ‘grooming’ can be included under this category. These crimes are rapidly increasing worldwide.
• Property – Just as the traditional theft of property is committed, in the like manner, the stealing of the personal data can be committed over a computer by using malicious software. Cyber frauds and scams are also prevalent these days.
• Government – Cyber-crimes against government involves cyber-terrorism, which can cause devastation to public and create a panicking situation, if criminals get successful in circulating propaganda by hacking government databases. Recent ‘toolkit’ cases also form a part of this category.
Therefore, it can be sought from the above discussion that either the computer may be used for committing the offence, or the computer may be the target.
TYPES OF CYBER-CRIMES
In the National Cyber-crime Reporting Portal , the following types of cyber-crimes have been discussed –
• Social Media Related Crimes
(i) Cyber Bullying/Stalking/Sexting – The attacker uses the internet and other electronic devices to continuously harass the victim. Also, bullying incidents are committed using online communication medium like e-mail, social networking sites, messengers, etc. to exploit, threaten, embarrass and humiliate the victim. Sexting includes sending and receiving of offending sexual words, pictures, or videos via technology, especially mobile phones.
(ii) E-mail Phishing – The recipient is tricked by designing a fraudulent e-mail message to be a legitimate person or organization, so that, the recipient shares personal information including passwords, bank account numbers.
(iii) E-mail and Profile Hacking – A person’s device – computer, laptop or mobile phone – is broken into by the criminal by using a variety of software and gets the access to the person’s sensitive information embedded in the device from remote location. Such information is then misused by the hacker, which causes trouble to the victim of hacking.
(iv) Fake/Impersonating Profile and E-mail – A fake profile of the victim is created in any platform and then the rumours and objectionable material on social media and instant messaging platforms is circulated to cheat or defame the victim or others.
(v) Online Job Fraud – The incident involves deceiving somebody who is seeking employment by alluring them of employment or of earning high salaries or of extra income and then cheat that person by taking money.
(vi) Online Matrimonial Fraud – The fake profiles on various matrimonial websites are created for cheating purposes.
(vii) Provocative Speech and Intimidating E-mails – The perpetrators send provocative and threatening messages on the victim’s devices by e-mail or any other electronic means.
• Online Financial Frauds
( i) Business Frauds/ E-mail Takeover – The monetary frauds are committed by compromising or taking over business e-mails.
(ii) Debit Card/ Credit Card/ E-wallet/ SIM Swap Fraud – Without the knowledge of the card-holder, the fraudulent online transactions take place in their bank accounts through debit or credit cards or e-wallets.
(iii) Fraud Call/ Vishing – These instances involve receiving of fraud phone calls that appears to be from their bank. The caller pretends to be professional bank representative. This is done with an attempt to seek personal information of the receiver such as Customer ID, Net Banking Password, ATM PIN, OTP, Card Expiry Date, CVV, etc. These fraud calls also include fake, lottery or travel scam calls.
(iv) Internet Banking Related Fraud – It is a fraud or theft committed using e-technology to illicitly remove money from a bank account or transfer money to a different bank account.
(v) Cryptocurrency Related Fraud – India is not having any legal framework to deal with cryptocurrencies. Due to this, the criminals operating on the dark or hidden web use these currencies by raising suspicious requests for business transactions in Bitcoins.
(vi) Salami Attacks – To commit financial crimes, these salami attacks are planned. These attacks involve making unnoticeable alterations to facilitate easy concealment so that it would go unnoticed.
• Other Cyber-crimes
(i) Ransomware – It is a type of computer malware that locks the data holding it as hostage on devices such as computers, laptops, mobile phones, etc. Then, the victim will be asked to pay the ransom as demanded by the perpetrator in some cryptocurrency to get the device unlocked without the guarantee of getting the data unlocked even after paying the ransom.
(ii) Cyber-attacks – There are various types of attacks that can be committed by the criminals such as – Denial of Service (DOS) Attack, Virus/Worm Attacks, Malware/Spyware Attacks. Some unknown applications are downloaded on the user’s device, which halts the functioning of the computer system and causes harm to the user.
(iii) Intellectual Property Rights Violation – IPR theft is described as the theft of copyrighted material, the theft of trade secrets and trademark violations. It also includes piracy in which the person violates the copyrights and downloads music, games, movies and software unlawfully.
(iv) Hacking – These incidents involve accessing unauthorized gain from the person’s device without their permission. It also includes website defacement in which the website is attacked that changes the visual appearance of the site or a webpage. It is also known as web-jacking.
(v) Online Trafficking – The incidents of connecting over social media to buy drugs, or other regulated, controlled or banned products, or victim’s recruitment, advertising trafficking such as women, children, laborer, child pornography, selling of organs, etc. are committed using the cyberspace.
(vi) Online Gambling – This is done by providing illegal online gambling links or content through SMS or other messaging platforms such as WhatsApp, Hike, etc.
(vii) Cyber-chasing – It is a process by which a person’s location is provided by using data which is available online. Geotagging has become a trend these days.
Surprisingly, there are ‘n’ number of ways of committing these crimes. The above-mentioned ways are only handful in number by which cybercrimes are committed. To prevent these crimes, India had enacted a legislation way back in 2000’s known as Information Technology Act, 2000.
INDIAN LEGISLATIVE FRAMEWORK
Article 19(1)(a) of the Indian Constitution provides for the ‘right to freedom of speech and expression’, giving citizens the freedom to express their views by whatever medium they think fit. Therefore, the medium can be offline and online. This creates an obligation on the government that “the same rights that people have offline must also be protected online.” Therefore, keeping pace with the changing generation, the Parliament of India enacted the Information and Technology Act, 2000 , which was conceptualized on the model of United Nations Commissions on International Trade Law (UNCITRAL) recommended by the United Nations General Assembly (UNGA).
Later, in 2008, the Act was amended giving a new dimension to the IT Laws in the country.
The Act was enacted with an objective “to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, the Banker’s Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.” The Act extends to the whole of India and it applies also to any offence or contravention committed outside India by any person.
The existing IT Act consists of 13 Chapters, having 90 Provisions and 2 Schedules. Out of these 13 Chapters, Chapter XI (Section 65 – Section 78) is of utmost importance as it provides for the offences under the Act. The Act covers the following offences –
(i) Section 65 – Tampering with computer source document
(ii) Section 43 & 66 – Hacking
(iii) Section 66A* – Sending of offensive messages through communication service
(iv) Section 66B – Dishonestly receiving stolen computer resource or communication device
(v) Section 66C – Identity theft
(vi) Section 66D – Cheating by personation by using computer resource
(vii) Section 66E – Violation of privacy
(viii) Section 66F – Cyber terrorism
(ix) Section 67 – Publishing or transmitting obscene material in electronic form
(x) Section 67A – Publishing or transmitting of material containing sexually explicit act in electronic form
(xi) Section 67B – Publishing or transmitting of material depicting children in sexually explicit act in electronic form
(xii) Section 71 – Misrepresentation
(xiii) Section 72 – Breach of confidentiality and privacy
(xiv) Section 72A – Disclosure of information in breach of lawful contract
(xv) Section 73 – Publishing electronic signature certificate false in certain particulars
(xvi) Section 74 – Publication for fraudulent purposes
The Act provides for a wide range of penalties to be inflicted upon the perpetrators of the above-mentioned offences. Also, the computer and other devices are made liable to be confiscated if contravenes the provisions of the Act under Section 76. Further, the Act has made certain offences compoundable. Section 77A describes that unless the offence has been committed against women, or children below the age of 18 years, or affects the socio-economic conditions of the country, it can be compounded by the competent adjudicating authority if the punishment does not exceed 3 years of imprisonment. The offences punishable with imprisonment of three years and above shall be cognizable and the offences punishable with imprisonment of three years shall be bailable. To investigate cyber offences under the Act, the police officer not below the rank of Inspector, has been given the powers. Interestingly, Section 70A and Section 70B of the Act are worth noticing as they lay out the establishment of National Nodal Agency and Indian Computer Emergency Response Team respectively for ensuring the cyber-security of the country.
Although the IT Act is not all encompassing relating to the offences it covers, but other legislations such as Indian Penal Code, 1860 fulfil the pressing priority.
LANDMARK JUDGMENTS OF INDIAN COURTS
To trace the evolution of cyber law regime in India, it is apt to refer to the landmark judgments delivered by the Indian Courts. The judgments are provided as under –
Shreya Singhal v. Union of India
The Hon’ble Supreme Court, in the instant case, dealt with the validity of Section 66A of the IT Act. A petition was filed alleging that Section 66A violated the fundamental right of free speech and expression, thus, challenging its constitutionality. In its decision, the Court reiterated the three concepts of discussion, advocacy and incitement. It observed that “mere discussion or even advocacy of a cause, no matter how unpopular, is at the heart of the freedom of speech and expression.” It was found that “Section 66A was capable of restricting all forms of communication and it contained no distinction between mere advocacy or discussion on a particular cause which is offensive to some and incitement by such words leading to a causal connection to public disorder, security, health, and so on.” Therefore, the Supreme Court of India struck down Section 66A of the IT Act, 2000 in its entirety.
Syed Asifuddin and Others v. State of Andhra Pradesh and Another
In this case, the Court held that a telephone handset covers under the ambit of “computer” as defined under Section 2(1)(i) of the IT Act. The Court, further, stated that alteration of ESN is an offence under Section 65 of the IT Act which provides for the tampering of the computer source document.
Avnish Bajaj v. State of (NCT) of Delhi
In this case, the three persons were arrested namely – Delhi School-boy, IIT Kharagpur’s Ravi Raj and the service provider Avnish Bajaj – under Section 67 of the IT Act, 2000 and other provisions of IPC, 1860 regarding obscenity. The Court gave a judgment in favour of the service provider Mr. Bajaj stating the fact that he is nowhere involved in the broadcasting of pornographic material. The school-boy was granted bail by Juvenile Justice Board. However, the burden lies on the accused that he was merely the service provider and does not provide content.
STATE OF TAMIL NADU V. SUHAS KATTI
This case involved an accused opening a fake e-mail account in the name of the victim and posted defamatory, obscene and annoying information about the victim because of some previous differences between the victim and the accused. A charge-sheet was filed u/s 67 of the IT Act and 469 and 509 of the IPC, 1860. The Additional Chief Metropolitan Magistrate, Egmore convicted the accused person under the said offences. It is a landmark case for its efficient handling and disposal of case within 7 months from the date of filing of FIR.
SMC PNEUMATICS (INDIA) PRIVATE LIMITED V. JOGESH KWATRA
In this case, due to the lack of direct evidence that defendant was the one who was involved in sending the defamatory, derogatory, vulgar, abusive and filthy e-mails to his employers and to different subsidiaries of the said company, the Court did not give plaintiffs the relief of perpetual injunction as prayed as the Court did not qualify the certified evidence u/s 65B of the Indian Evidence Act, 1872. However, the Court restrained the defendant from publishing or transmitting any derogatory information in the cyber-space about the plaintiffs.
The cases discussed are just a handful of instances of happening of the cyber-crimes. These crimes are exploding all over the country and the world. Despite of inexhaustive nature of the IT Act, the Indian Courts are handling these matters in the best of their capabilities to meet the ends of justice.
THE WAY FORWARD
To cope with the challenges that this techno-savvy world put forward, revamp in the cyber-security has become an absolute necessity. There needs to be a way forward. Some of the suggestive measures that could be taken to enhance security in the cyber-space are as follows-
The proportional growth of cyber-related laws all over the globe is the first and foremost measure that needs to be taken. Due to this disproportionality, the problem aggravates. Yes, the IT Act and amendments in IPC has given India a good start, but complexities in these acts prevail.
As the cyber-crimes know no territorial boundaries, the jurisdiction becomes a debatable problem. Therefore, the concept of territorial jurisdiction under Criminal Procedure Code, 1973 and Indian Penal Code, 1860 needs a re-look.
To prevent the loss of information and evidence, a highly technical staff to build an infrastructure related to e-crimes and investigation is the need of the hour.
The full article is available on thedailyguardian.com
Section 75 of the IT Act, 2000 discusses about the extra-territorial jurisdiction of the statute. But this could be made an effective provision only when competent authorities will issue warrants and directions for the sharing of information and evidence regarding cyber-crimes between enforcement agencies.
Along with these measures, to adjudicate the cyber-crimes, the judges having cyber and technology knowledge are exigent. Judiciary plays the role of the mediator in realizing the enactment consistent with the social order.
Finally, simple measures such as using of anti-virus software, avoiding misuse of personal information with any stranger, secured e-payments, not clicking on any unauthorized links, should be adopted by keeping vigilance and awareness intact.
These suggestions are not absolute but can definitely help in tackling cyber-crimes and enhancing cyber-security to some extent. Some reforms in the IT Act and personal awareness can be an aid in checking these e-crimes.
Surprisingly, “India was the second most cyber-attacked country in Asia-Pacific in 2020”, read the headline in The New Indian Express Newspaper. This ranking is not a good sign for a country which is having cyber-related laws. These laws are not exhaustive and, therefore, need reforms with the changing need of the hour. The conviction rate in minimal in spite of having stringent laws in the country dealing with cyber-crimes. This is because of the lack of absolute evidences. Therefore, cyber forensics is the new and emerging field and it is encouraged to detect the cyber evidences through appropriate methods. In the country where ‘Media’ is the fourth pillar of democracy, it becomes the responsibility of the media to create awareness among people and not becoming victim of these cyber-crimes itself.
The moot question of the present paper regarding the analysis of relationship between social media and crimes can be concluded by stating that ‘the relationship between social media and crimes is directly proportional.’ As social media is gaining more and more popularity, the cyber-crime is setting its foot more swiftly and inexplicably.