White Collar Crime Under Cyber Law in India
White Collar Crime Under Cyber Law in India
White Collar Crime Under Cyber Law in India
LAW IN INDIA
Corruption, fraud, and bribery are some of the most common white collar
crimes in India as well as all over the world. India is a developing country and
white collar crimes are becoming a major cause for its under development
along with poverty, health, etc. The trend of white collar crimes in India poses
a threat to the economic development of the country. Edwin Sutherland’s
Definition. It was in 1939 when for the first time Edwin Sutherland, an
American sociologist, defined white collar crimes. He described it to be crimes
committed by a person of high social status and respectability who commits
such crimes during the course of their occupation.
Reasons for the growth of white collar crimes in India:-Greed, competition and lack of
proper laws to prevent such crimes are the major reasons behind the growth of white collar
crimes in India.
Most numbers of crimes on the internet are white collar crimes as they do not involve any
violence and they are only financially motivated. Before internet age these crimes only
outside the computer purview but now they are occurring at a wide pace by the source of
internet and internet world. Any crime committed on the Internet is referred to as a cyber
crime. White collar, cyber crimes seems to be innocent as there is a lack of violence and they
do not occur on the streets. The laws for these crimes has enlarged their dimensions and we
are getting more stringent laws for these white collar, cyber crimes. Many white collar crimes
occur on the internet every day. Here are some examples;
It is one of the white collar crimes, cyber crime which occurs instantly on the internet.
Hacking is a term generally defined as the accessing of computer or internet without having
proper authorization. Hacking is manipulation of the inner working of the information of the
technology. Hackers attack the private information of a user for financial gains and monetary
benefits. There are other purposes for the act of hacking like someone accessing his family’s
email account, will technically account as hackers.
In India sec 65 and 66 of the IT Act deals with the act of hacking, whereas section 70 of the
Act defines the punishment for the same. Hacking includes various activities as per the law
like introducing malicious software, destroying information, downloading of copies,
interference, unauthorized access to the information.
The revolutionary case in the field of Hacking was the case of September 1999 when some
hackers broke into the website of NASDAQ and American Stock Exchange. This case has been
remarked as a “bold electronic affront to the world’s financial market”.
The offense of hacking forms a cycle of offenses, if done with the intention of committing
further crimes, the parallel of those crimes are the offense of theft, fraud, forgery etc.
There are different forms of hacking like disruption of the information system, execution of
malicious software that modifies or destroys the data example “I love you, Melissa” a virus
which was a controversy in 1999 after taking down the internet for few days and similar
other “Trojan Horses”.
Salami Attacks
But the type of hacking which includes in the white collar crimes is the “Salami Attacks”
which occurs mainly in the financial area. These attacks go unnoticed due to their performing
very little alterations. An example of Salami Attacks are the Ziegler case, where 10 cents
was deducted from the bank’s account. it was taking place in every deposited amount.
Similarly, case which took place recently in May 2017 by the Wanna cry ransomware
demanding of ransom has taken place in the form of bitcoins cryptocurrency by the
computer users running the Microsoft Windows operating system by encrypting data.
In this, the petitioner worked in a Motor vehicle company. The accused formed fictitious bills
and entries and deleted important data from the computers. Bills for the work done were
deleted from the computer mainframe.
BSNL CASE
A similar case has taken place in 2009 by a Techie from Bangalore named N G Arun Kumar
where he was accused of altering the data of BSNL Broadband network. He got rigorous
imprisonment of 1 year with 5200 Rupees fine u/s 420 of IPC [Cheating] and 66 of IT Act
[Hacking]
Cyber/Internet Fraud
· Computer Viruses
Viruses are used by Hackers to infect the user’s computer and damage data saved on the
computer by use of “payload” in viruses which carries damaging code. Person would be liable
under I.T Act only when the consent of the owner is not taken before inserting virus in his
system. The contradiction here is that though certain viruses causes temporary interruption
by showing messages on the screen of the user but still it’s not punishable under Information
Technology Act 2000 as it doesn’t cause tangible damage. But, it must be made punishable
as it would fall under the ambit of ‘unauthorised access’ though doesn’t cause any damage.
This ambiguity needs reconsideration.
Phishing
It is mainly done for financial benefit and it takes places by impersonating someone else
electronically. It can be done by using someone’s login information for gaining access to
personal information or by application of digital signature of someone else in the electronic
The most revolutionary Identity theft was done by an Indian Married Couple in US, Amar
Singh, and Neha Punjabi Singh. They have done a scam of a $ 13 Million scam by skimming
of credit cards and phishing through the internet. The identities extracted online has been
sold to different people for staying in 5-star hotel or rent expensive cars or private jets.A
shopping market has been formed for these identities sale at discounted price.
Phishing is mainly of 3 types-Dragnet Method, Rod and Reel method and lobster pot method.
A recent trend of Phishing has emerged named as Vishing. It is called the voice phishing
where someone will call you and deceive their identities by introducing themselves from the
bank and then extracting the detailed account information.These calls are interlinked with
the Fraud control department.it is very disturbing and complex system of Phishing where a
person without his knowing give his information and then suffers a huge financial and
monetary loss.
In this, there was a scam where the users get a notification that they can win 10 lakhs in 48
hours and after clicking that they reached to a site looking similar to RBI site. The users give
their personal information there like password, account number, etc.
This is one of the highest standard cases of Phishing where a clone of the site of ICC has been
formed.They lure the visitors with various schemes and offers for the world cup.The users
were asked their credit details and other personal information.This was done solely for the
purpose of financial gain.
It is an act in which the hackers, by using e-mail messages which completely resembles the
original ones ask for the verification of certain personal information, like account numbers
or passwords etc. Here the customer might get deceived by the originality of that message,
which may lead to huge financial losses if the information is used for fraudulent acts like
withdrawing money from customers account without him having knowledge of it.
· Spoofing
This is carried on by use of deceiving Websites or e-mails. These sources mimic the original
websites so well by use of logos, names, graphics and even the code of real bank’s site.
· Phone Phishing
It is done by use of in-voice messages by the hackers where the customers are asked to reveal
their account identification, and passwords to file a complaint for any problems regarding
their accounts with banks etc.
· Internet Pharming
Hacker here aims at redirecting the website used by the customer to another bogus website
by hijacking the victim’s DNS server and changing his I.P address to fake website by
manipulating DNS server. This redirects user’s original website to a false misleading website
to gain unauthorized information.
· Investment Newsletter
· Spam
The most common type of cyber crime is spam. While email spam laws are fairly new, there
have been laws on the books regarding "unsolicited electronic communications" for many
years.
· Fraud
Credit fraud is another common form of cyber crime. Certain computer viruses can log
keystrokes on your keyboard and send them to hackers, who can then take your Social
Security number, credit card number and home address. This information will be used by
the hacker for his own means.
Cyber terrorism may be defined to be “ the premeditated use of disruptive activities, or the
threat thereof, in cyber space, with the intention to further social, ideological, religious,
political or similar objectives, or to intimidate any person in furtherance of such objectives”
Another definition may be attempted to cover within its ambit every act of cyber terrorism.
(2) Affecting adversely the harmony between different religious, racial, language or regional
groups or castes or communities; or
and a cyber terrorist is the person who uses the computer system as a means or ends to
achieve the above objectives. Every act done in pursuance thereof is an act of cyber
terrorism.
Hart in his work “The Concept of Law” has said ‘human beings are vulnerable so rule of law
is required to protect them’. Applying this to the cyberspace we may say that computers are
vulnerable so rule of law is required to protect and safeguard them against cyber crime. The
reasons for the vulnerability of computers may be said to be:
2. Easy to access
3. Complex
4. Negligence
5. Loss of evidence
Statutory Provisions
The Indian parliament considered it necessary to give effect to the resolution by which the
General Assembly adopted Model Law on Electronic Commerce adopted by the United
Nations Commission on Trade Law. As a consequence of which the Information Technology
Act 2000 was passed and enforced on 17th May 2000. The preamble of this Act states its
objective to legalise e-commerce and further amend the Indian Penal Code 1860, the Indian
Evidence Act 1872, the Banker’s Book Evidence Act1891 and the Reserve Bank of India Act
1934. The basic purpose to incorporate the changes in these Acts is to make them compatible
with the Act of 2000. So that they can regulate and control the affairs of the cyber world in a
more effective manner.
Sec.43
Sec.66
Hacking (with intent or knowledge) Fine of 2 lakh rupees, and imprisonment for 3 years.
Sec.67
Sec.68
Not complying with directions of controller Fine upto 2 lakh and imprisonment of 3 years.
Sec.70
Sec.72
For breaking confidentiality of the information of computer Fine upto 1 lakh and
imprisonment upto 2 years
Sec.73
Publishing false digital signatures, false in certain particulars Fine of 1 lakh, or imprisonment
of 2 years or both.
Sec.74
Publication of Digital Signatures for fraudulent purpose. Imprisonment for the term of 2
years and fine for 1 lakh rupees.
The Information Technology Act 2000 was undoubtedly a welcome step at a time when there
was no legislation on this specialised field. The Act has however during its application has
proved to be inadequate to a certain extent. The various loopholes in the Act are-
In which the legislation was passed, without sufficient public debate, did not serve the
desired purpose.
· “Cyber laws, in their very preamble and aim, state that they are targeted at aiding e-
commerce, and are not meant to regulate cyber crime”According to Mr. Pavan Duggal the
main intention of the legislators has been to provide for a law to regulate the e-commerce
and with that aim the I.T.Act 2000 was passed, which may also be one of the reasons for its
inadequacy to deal with cases of cyber crime.
From the perspective of the corporate sector, companies shall be able to carry out electronic
commerce using the legal infrastructure provided by the IT Act, 2000 which was not possible
earlier because there was no legal infrastructure to regulate commercial transactions online.
· Corporate will now be able to use digital signatures to carry out their transactions online.
These digital signatures have been given legal validity and sanction under the IT Act, 2000.
· IT Act, 2000 has defined various cyber crimes which includes hacking and damage to the
computer code. Prior to the coming into effect of the Indian Cyber law, the corporate were
helpless as there was no legal redress for such issues.
Electronic commerce is based on the system of domain names. The IT Act, 2000 does not
even touch the issues relating to domain names.
· The IT Act, 2000 does not deal with any issues concerning the protection of Intellectual
Property Rights in the context of the online environment.
· As the cyber law is growing, so are the new forms and manifestations of cyber crimes. The
offences defined in the IT Act, 2000 are by no means exhaustive. The IT Act, 2000 does not
cover various kinds of cyber crimes and Internet related crimes. Certain crimes which
doesn’t comes under the ambit of the IT Act, 2000 are-
b) Cyber theft;
c) Cyber stalking;
d) Cyber harassment;
e) Cyber defamation;
· The IT Act, 2000 has not tackled several vital issues pertaining to e-commerce sphere like
privacy and content regulation.
· Another grey area of the IT Act is that the same does not touch upon any anti- trust issues.
· The most serious concern about the Indian Cyber law relates to its implementation. The IT
Act, 2000 does not lay down parameters for its implementation. It seems that the Parliament
would be required to amend the IT Act, 2000 to remove the grey areas mentioned above.
Another kind of white collar crime on the internet is the cyber fraud which occurs when a
person intercept/ hacks the other person’s computer for accessing personal information
which mainly involves credit card information, social security numbers, and other bank
account information. As like hacking cyber frauds are also unidentifiable. Online auction
fraud is also a crime an individual may commit unknowingly, or be unaware of the severe
consequences .There is another category in the list of fraud i.e., Wire fraud which takes place
via email, text, fax, etc. It involves interstate communication and is illegal .It can be against
both the individual or corporations .The banking and financial sector are the fraud against
the corporation.
In India, we don’t have any direct law for cyber fraud except the frauds relating to e-
commerce u/s 44 of the IT Act which is not even a criminal liability.
But, section 25(Fraudulent Act), section 415 and 416(Cheating by Impersonation) and
Section 417 to 420(Aggravated Cheating) of IPC can deal with internet fraud it comes within
the section 415 of IPC i.e., “Cheating”, due to debate on the term “Fraud”.
Theft of identity
This white collar cyber crime is related to the theft of data or data related crimes. It occurs
when the identity of one appropriated by another.
There are different types of Identity Theft namely IP spoofing, page jacking, cross-site
scripting, etc. In Ip spoofing an individual impersonates the computer of the victim for
accessing the privileged protocols without authorization, It is done by the help of software.
Page jacking is the faking of the website so that the user reached to some other site thinking
of a different site. It is done by reprogramming the logo or link to that particular site.
Cross-site crossing forced the computer of the user to send restricted information without
the permission of that user/owner.
These identity thefts are mainly for gaining in the terms of financial or information based.
These white collar crimes on the internet occur instantly without our knowing.
The biggest case of Identity theft has taken place in January 2009, when a person named
Albert Gonzalez, arrested for launching a global scheme for stealing data from 130 million
credit and debit cards by hacking into 7 major companies. He is America’s one of most cyber
crime kingpins.
In India, before the 2008 amendment data theft comes under Section 66 of IT Act .But after
the amendment, there has been the introduction of new offences in sections 66A to 66D in
the IT Act. In India, in Gurgaon, only 70 cases of identity theft and fake social networking
profiles have been registered till now in 2012.
Copyright Piracy
It is one of the most common and consistent white collar crime occurring online. Every now
and then people distribute, download and share the copyrighted data on the internet. The
most widely used copyrighted data download hub is the torrent. This activity attracts
Intellectual property laws which can include everything from trade secrets, music, movies,
Conclusion
The innovation of technology has given rise to white collar crimes in the internet world.
These crimes are unidentifiable as they do little alteration but the overall impact of these
crimes is much more than we think. The laws regarding these white collar cyber crimes are
very broad, far-reaching, constantly changing, and often difficult to understand. To worsen
matters, law enforcement often lags behind the technological world, and prosecutors may
seek harsher charges and punishments for crimes they don’t quite understand. One another
problem with the white collar cyber crimes is that the investigation for these crimes takes
very long time, may be a month or a year. These crimes take place in silence, but our laws
has started to evolve and trying to cope up with these unethical activities. One day we will
have regulations which will restrict this fusion of white collar and computer world.
References
http://www.legalservicesindia.com/article/255/White-Collar-Crimes---cyber-crimes.html
http://www.cahillcriminaldefense.com/blog/2015/august/4-internet-activities-that-
may-constitute-white-/ .