0cyber Tort

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 63

CYBER TORT

• An unlawful acts wherein the computer is


EITHER A TOOL OR TARGET
OR
BOTH
The computer may be used as a tool in the
following kinds of activity-
• Financial crimes
• Sale of illegal articles
• Pornography
• Online gambling
• Intellectual property crime
• E-mail spoofing
• Forgery
• Cyber defamation
• Cyber stalking
The computer may be target for unlawful
acts in the following cases-
• Unauthorized access to computer/computer system/computer
networks
• Theft of information contained in the electronic form,
• E-mail bombing
• Data didling
• Salami attacks
• Logic bombs
• Trojan attacks
• Internet time thefts
• Web jacking
• Theft of computer system
• Physically damaging the computer system
CYBER TORTS
• CYBER STALKING
• BREACH OF PRIVACY
• CYBER OBSCENITY
• CYBER DEFAMATION
• E MAIL BOMBING
CYBER STALKING
Cyberstalking is the use of
the Internet or other
electronic means to stalk
or harass an individual, a
group, or an organization
• Stalking is a continuous process, consisting of
a series of actions, each of which may be
entirely legal in itself. Technology ethics
professor Lambèr Royakkers defines
cyberstalking as perpetrated by someone
without a current relationship with the
victim. About the abusive effects of
cyberstalking, he writes that:
• “Stalking is a form of mental assault, in which
the perpetrator repeatedly, un wantedly, and
disruptively breaks into the life-world of the
victim, with whom he has no relationship (or no
longer has), with motives that are directly or
indirectly traceable to the affective sphere.
Moreover, the separated acts that make up the
intrusion cannot by themselves cause the mental
abuse, but do taken together (cumulative effect)”
 It may include
• False accusations
• Defamation, slander and libel
• Monitoring
• Identity theft
• Threats
• Solicitation for sex
• Gathering information that may be used to
threaten or harass.
• Cyber stalking is often accompanied by real
time or offline stalking. Both are criminal
offenses. Both are motivated by a desire to
control, intimidate or influence a victim.A
stalker may be an online stranger or a person
whom the target knows. He may be
anonymous and solicit involvement of other
people online who do not even know the
target.
Cyberstalking can take many forms,
including:
• .
• Harassment, embarrassment and humiliation
of the victim
• Emptying bank accounts or other economic
control such as ruining the victim's credit score
• Harassing family, friends and employers to
isolate the victim
• Scare tactics to instill fear and more
Identifying and detecting cyber stalking

• Malice,
• Premeditation,
• Repetition,
• Obsession, 
• No legitimate purpose,
• Disregarded warnings to stop,
• Harassment and threats.
• False accusations. Many cyberstalkers try to damage the
reputation of their victim and turn other people against them.
They post false information about them on websites. They
may set up their own websites, blogs or user pages for this
purpose. They post allegations about the victim to
newsgroups, chat rooms, or other sites that allow public
contributions such as Wikipedia or Amazon.com
• Attempts to gather information about the victim.
Cyberstalkers may approach their victim's friends, family and
work colleagues to obtain personal information. They may
advertise for information on the Internet, or hire a private
detective.
• Monitoring their target's online activities and
attempting to trace their IP address in an effort to
gather more information about their victims.
• Encouraging others to harass the victim. Many
cyberstalkers try to involve third parties in the
harassment. They may claim the victim has harmed
the stalker or his/her family in some way, or may
post the victim's name and telephone number in
order to encourage others to join the pursuit.
• False victimization The cyberstalker will claim that the
victim is harassing him/her.
• Attacks on data and equipment. They may try to damage
the victim's computer by sending viruses.
• Ordering goods and services. They order items or
subscribe to magazines in the victim's name. These often
involve subscriptions to objectionable materials delivered
to the victim's workplace.
• Arranging to meet. Young people face a particularly high
risk of having cyberstalkers try to set up meetings
between them.
TYPES
• Stalking by strangers
• According to Joey Rushing, a District Attorney
of Franklin County, Alabama, there isn't a
single definition of a cyberstalker, and they can
be either strangers to the victim or have a
former/present relationship. "[Cyberstalkers]
come in all shapes, sizes, ages and
backgrounds. They patrol Web sites looking for
an opportunity to take advantage of people."
• Gender-based stalking
• Harassment and stalking because of gender online
is common, and can include rape threats and
other threats of violence, as well as the posting of
the victim's personal information. It is blamed for
limiting victims' activities online or driving them
offline entirely, thereby impeding their
participation in online life and undermining their
autonomy, dignity, identity, and opportunities.
• Of intimate partners

• Cyberstalking of intimate partners is the online harassment of a


current or former romantic partner. It is a form ofdomestic violence,
and experts say its purpose is to control the victim in order to
encourage social isolation and create dependency. Harassers may send
repeated insulting or threatening e-mails to their victims, monitor or
disrupt their victims' e-mail use, and use the victim's account to send
e-mails to others posing as the victim or to purchase goods or services
the victim does not want. They may also use the Internet to research
and compile personal information about the victim, to use in order to
harass him or her.
• Of celebrities and public persons
• Profiling of stalkers shows that almost always they
stalk someone they know or, via delusion, think they
know, as is the case with stalkers of celebrities or
public persons in which the stalkers feel they know
the celebrity even though the celebrity does not
know them.As part of the risk they take for being in
the public eye, celebrities and public figures are
often targets of lies or made-up stories in tabloids as
well as by stalkers, some even seeming to be fans.
• In one noted case in 2011, actress Patricia Arquette
quit Facebook after alleged cyberstalking. In her
last post, Arquette explained that her security
warned her Facebook friends to never accept friend
requests from people they do not actually know.
Arquette stressed that just because people seemed
to be fans did not mean they were safe. The media
issued a statement that Arquette planned to
communicate with fans exclusively through
herTwitter account in the future.
• By anonymous online mobs
• Web 2.0 technologies have enabled online
groups of anonymous people to self-organize
to target individuals with online defamation,
threats of violence and technology-based
attacks. These include publishing lies and
doctored photographs, threats of rape and
other violence, posting sensitive personal
information about
• victims, e-mailing damaging statements
about victims to their employers, and
manipulating search engines to make
damaging material about the victim more
prominent. Victims frequently respond by
adopting pseudonyms or going offline
entirely.
• Experts attribute the destructive nature of anonymous
online mobs to group dynamics, saying that groups with
homogeneous views tend to become more extreme. As
members reinforce each others' beliefs, they fail to see
themselves as individuals and lose a sense of personal
responsibility for their destructive acts. In doing so they
dehumanize their victims, becoming more aggressive
when they believe they are supported by authority
figures. Internet service providers and website owners
are sometimes blamed for not speaking out against this
type of harassment.
• A notable example of online mob harassment was
the experience of American software developer and
bloggerKathy Sierra. In 2007 a group of anonymous
individuals attacked Sierra, threatening her with
rape and strangulation, publishing her home
address and Social Security number, and posting
doctored photographs of her. Frightened, Sierra
cancelled her speaking engagements and shut down
her blog, writing "I will never feel the same. I will
never be the same."
• Corporate cyberstalking
• Corporate cyberstalking is when a company
harasses an individual online, or an individual
or group of individuals harasses an
organization. Motives for corporate
cyberstalking are ideological, or include a
desire for financial gain or revenge.
EMAIL BOMB
Email bomb

• In Internet usage, an email bomb is a form of


net abuse consisting of sending huge
volumes of email to an address in an attempt
to overflow the mailbox or overwhelm
the server where the email address is hosted
in adenial-of-service attack
• Email bombing is a form of denial of service
attack that floods an inbox and mail server
with messages. If enough messages are sent,
the systems may be overloaded and they will
stop working. Many Internet service
providers (ISPs) regard email bombing as a
violation of the terms of service and they will
suspend accounts of people involved in such
attacks.
Methods of email bombing

• Mass mailing
• Mass mailing consists of sending numerous duplicate mails
to the same email address. These types of mail bombs are
simple to design but their extreme simplicity means they
can be easily detected by spam filters. Email-bombing
using mass mailing is also commonly performed as a DDoS
attack by employing the use of "zombie"botnets;
hierarchical networks of computers compromised
by malware and under the attacker's control. Similar to
their use in spamming the attacker instructs the botnet to
send out millions or even billions of emails,
• but unlike normal botnet spamming, the emails are all
addressed to only one or a few addresses the attacker wishes
to flood. This form of email bombing is similar in purpose to
other DDoS flooding attacks. As the targets are frequently the
dedicated hosts handling website and email accounts of a
business, this type of attack can be just as devastating to both
services of the host.
• This type of attack is more difficult to defend against than a
simple mass-mailing bomb because of the multiple source
addresses and the possibility of each zombie computer
sending a different message or employing stealth techniques
to defeat spam filters.
• List linking
• List linking means signing a particular email address up to
several email list subscriptions. The victim then has to
unsubscribe from these unwanted services manually. In order
to prevent this type of bombing, most email subscription
services send a confirmation email to a person's inbox when
that email is used to register for a subscription. This method
of prevention is easily circumvented: if the perpetrator
registers a new email account and sets it to automatically
forward all mail to the victim, he or she can reply to the
confirmation emails, and the list linking can proceed.
• Zip bombing
• A ZIP bomb is a variant of mail-bombing. After most commercial
mail servers began checking mail with anti-virus software and
filtering certain malicious file types, EXE, RAR, Zip, 7-Zip, mail
server software was then configured to unpack archives and
check their contents as well. A new idea to combat this solution
was composing a "bomb" consisting of an enormous text file,
containing, for example, only the letter z repeating millions of
times. Such a file compresses into a relatively small archive, but
its unpacking (especially by early versions of mail servers)
would use a greater amount of processing, which could result in
a DoS (Denial of Service).
DATA BREACH
• A data breach is an incident in which
sensitive, protected or confidential data has
potentially been viewed, stolen or used by an
individual unauthorized to do so. Data
breaches may involve personal health
information (PHI), personally identifiable
information (PII), trade secrets or intellectual
property.
• The most common concept of a data breach
is an attacker hacking into a corporate
network to steal sensitive data. However, not
all data breaches are so dramatic. If an
unauthorized hospital employee views a
patient's health information on a computer
screen over the shoulder of an authorized
employee, that also constitutes a data
breach.
• A number of industry guidelines and government compliance
regulations mandate strict governance of sensitive or
personal data to avoid data breaches. Within a corporate
environment, for example, the Payment Card Industry Data
Security Standard (PCIDSS)dictates who may handle and use
sensitive PII such as credit card numbers, PINs and bank
account numbers in conjunction with names and addresses.
Within a healthcare environment, the Health Insurance
Portability and Accountability Act (HIPAA) regulates who may
see and use PHI such as name, date of birth, Social Security
number and health history information.
• If anyone who is not specifically authorized to
do so views such information, the corporation
or healthcare organization charged with
protecting that information is said to have
suffered a data breach. If a data breach results
in identity theft and/or a violation of
government or industry compliance mandates,
the offending organization may face fines or
other civil or criminal prosecution.
Scottrade announces data breach affecting 4.6M customers

• Scottrade, a retail brokerage firm, announced


late last week that it suffered an intrusion by
cyber hackers who stole client contact
information of 4.6 million customers. The
intrusion occurred between late 2013 and
early 2014 (coincidentally, the same time as
the Target intrusion, the Excellus intrusion
and others).
• Although the hackers reportedly only stole
customers’ names and street addresses, and
did not have access to Social Security
numbers or other sensitive data, Scottrade
will offer identity theft protection services to
the 4.6 million customers affected by the
data breach. Unfortunately, hackers use
contact information for fishing expeditions
and social engineering strategies.
• Scottrade announced the data breach on Friday,
October 2nd, and was hit with a proposed class
action data breach suit the same day in California
federal court. The suit alleges that Scottrade was
negligent in failing to exercise reasonable
security precautions, and that Scottrade had
experienced previous incursions and had been
warned that its security measures were
inadequate, and failed to heed those warnings.
Experian data breach exposes personal information of 15 million T-Mobile customers

• Hackers have carried out a massive cyber


attack at Experian, one of the major credit
rating bureaus in the US used by companies
to conduct credit checks, leaving the personal
information of about 15 million T-Mobile
consumers exposed.
CYBER OBSCENITY
The character or quality of being o
bscene; an act,utterance, or item
tending to corrupt the public moral
s by its indecency or lewdness.
•  Obscenity includes pornography, but may als
oinclude nude dancing, sexually oriented co
mmercialtelephone messages, and scatologic
al comedy routines.
Samresh Bose v. Amal Mitra
• Samresh Bose v. Amal Mitra the court held
that:

• “the concept of obscenity would differ from co
untry to countrydepending on the standards of
 morals of contemporary society”.And that
obscenity has a tendency to deprave and
corrupt thosewhose minds are open to such
immoral influences”
Miller test

• The Miller test also called the Three Prong


Obscenity Test is the United States Supreme
Court ‘’s test for determining whether speech
or expression can be labeled obscene,
 Miller v. California
• The Defendant, Miller’s (Defendant) conviction for mailing
advertisements for “adult” books to unwilling recipients was
vacated and remanded in an effort to shift the burden of obscenity
determinations to the state and local courts.

Synopsis of Rule of Law. In determining whether speech is obscene,


the basic guidelines for the trier of fact must be: (a) whether “the
average person, applying contemporary community standards”
would find the material, taken as a whole, appeals to the prurient
interest of sex, (b) whether the work depicts or describes, in a
patently offensive way, sexual conduct specifically defined by the
applicable state law, and (c) whether the work, taken as a whole,
lacks serious literacy, artistic, political, or scientific value.
Issue. Whether state statutes may regulate obscene material without limits?

• Held. No. Judgment of the lower court


vacated and remanded for further
proceedings. In determining whether speech
is obscene, the basic guidelines for the trier
of fact must be:
• (a) whether “the average person, applying
contemporary community standards” would find
the material, taken as a whole, appeals to the
prurient interest of sex,

• (b) whether the work depicts or describes, in a


patently offensive way, sexual conduct specifically
defined by the applicable state law, and
• (c) whether the work, taken as a whole, lacks serious literacy,
artistic, political, or scientific value. The Supreme Court of the
Untied States (Supreme Court) does not adopt as a
constitutional standard the “utterly without redeeming social
value” test. If a state law that regulates obscene material is
thus limited, as written or construed, First Amendment
constitutional values are adequately protected by the
ultimate power of appellate courts to conduct an
independent review of constitutional claims when necessary.
Criticism
• Problem of jurisdiction in the internet age
• The advent of the Internet has made the
"community standards" part of the test even
more difficult to judge; as material published
on a web server in one place can be read by a
person residing anywhere else, there is a
question as to which jurisdiction should
apply.
• In United States of America v. Extreme Associates, a
pornography distributor from North Hollywood,
California, was judged to be held accountable to the
community standards applying in western
Pennsylvania, where the Third Circuit made its ruling,
because the materials were available via Internet in
that area. The United States Court of Appeals for the
Ninth Circuit has ruled in United States v. Kilbride that a
"national community standard" should be used for the
internet, but this has yet to be upheld at the national
level.
OBSCENITY IN ELECTRONIC FORM

• In India, the Information Technology Act


regulates obscene material inelectronic form.
Section 67 of the Act reads thus:

• “whoever publishes or transmits or causes to


be published in the electronic form, any
material which is lascivious or appeals to
theprurient interest or if its effect is such as to
tend to deprave
• Andorrupt persons who are likely, having regard to 
all relevantcircumstances, to read, see or hear the 
matter contained orembodied in it, shall be punish
ed on first conviction with imprisonment of either
description for a term which may extend tofive
years and with fine which may extend to one lakh
rupees and in  the event of a second or subsequent
conviction with imprisonmentof either description
for a term which may extend to ten years andalso
with fine which may extend to two lakh rupees”.
The ingredients of an offence under this
section are:
•  
• a)Publication or transmission in the electronic
form
• b)Lascivious material appealing to prurient
interests
• c)Tendency to deprave and corrupt persons.
• d)Likely-audience
• e)To read, see or hear the matter contained or
embodied electronicform
Avnish Bajaj Vs. State (N.C.T.) of Delhi
(2005)3CompLJ364 (Del), 116(2005) DLT427, 2005(79) DRJ576

• Facts –
• Avnish Bajaj – CEO of Baazee.com, a customer-to-customer website, which
facilitates the online sale of property. Baazee.com receives commission
from such sales and also generates revenue from advertisements carried on
its web pages.
• An obscene MMS clipping was listed for sale on Baazee.com on 27th
November, 2004 in the name of “DPS Girl having fun”. Some copies of the
clipping were sold through Baazee.com and the seller received the money
for the sale.
• Avnish Bajaj was arrested under section 67 of the Information Technology
Act, 2000 and his bail application was rejected by the trial court. He then
approached the Delhi High Court for bail.
Findings of the court

• It has not been established from the evidence that any publication took place by the
accused, directly or indirectly.
• The actual obscene recording/clip could not be viewed on the portal of Baazee.com.
• The sale consideration was not routed through the accused.
• Prima facie Baazee.com had endeavored to plug the loophole.
• The accused had actively participated in the investigations.
• The nature of the alleged offence is such that the evidence has already crystallized
and may even be tamper proof.
• Even though the accused is a foreign citizen, he is of Indian origin with family roots
in India.
• The evidence that has been collected indicates only that the obscene material may
have been unwittingly offered for sale on the website.
• The evidence that has been collected indicates that the heinous nature of the
alleged crime may be attributable to some other person.
Decision of the court

• The court granted bail to Mr. Bajaj subject to


furnishing two sureties of Rs. 1 lakh each.
• The court ordered Mr. Bajaj to surrender his
passport and not to leave India without the
permission of the Court.
• The court also ordered Mr. Bajaj to
participate and assist in the investigation.
•  
Dr. Prakash v. State of Tamil Nadu (2002) 7
SCC 759.
• The petitioner in this case was detained under section 3
 (1) of the TamilNadu Prevention of Dangerous
Activities of Bootleggers, Drug Offenders,Goondas,
Immoral Traffic Offenders and Slum Grabbers
Act. The main grounds of detention were that he was in
dulging in offencesunder section 67 of the Information
Technology Act, 2000, sections 4 and6 of the Indecent
Representation of Women (Prohibition) Act, 1986
andunder section 27 of the Arms Act, 1969. The
petitioner challenged hisdetention under Article 32
of the Constitution.
• The petition was dismissed, as the Supreme Court did not
find much meritin the plea that the delay of two days in furnishing
translated copies
of documents had caused any prejudice to the detenu. It held that 
the contents of the letter received from members of the public pro
bonopublic, were not extraneous or
irrelevant. This case highlights the importance of the courts exercis
ing the interestsof the contemporary society and particularly the
influence of the ‘obscenematerial in electronic form’ on it while
interpreting section 67. For
thispurpose, even the State Governments may have to apprehend
perpetrators of ‘cyber obscenity’ by invoking local state legislations
accordingl
Maqbool Fida Husain v. Raj Kumar Pandey Delhi HC Crl. Rev.
Pet.No. 280 and 282/2007.

• The petitions have been clubbed into one petition. 
The petitions seek tochallenge summoning orders
issued against the petitioner over certain paintings
which celebrate nudity. The Ld. ACMM, Delhi
issued summons to
the petitioner for various offences Under Section 2
92/294/298 of theIndian Penal Code ('IPC' for short
) against which the present revisionpetitions have
been filed.
Vaibhav Jain v. Vice Chancellor, Devi Ahilya Vishwa Vidyalaya &
OrsMadhya Pradesh HC, W.P 837 and 859/2001. Date of Judgment-3/1/2002.

You might also like