Cyber law: cyberlaw is a much newer phenomenon having emerged much after the onset of internet .

Internet grew in a completely unplanned and unregulated manner. Even the inventors of internet could not have really anticipated the scope and far reaching consequences of cyberspace. The growth rate of cyberspace has been enormous. Internet is growing rapidly and with the population of internet doubling roughly every 100 days, cyberspace is becoming the new preferred environment of the world. With the spontaneous and almost phenomenal growth of cyberspace, new and ticklish issues relating to various legal aspects of cyberspace began cropping up. In response to the absolutely complex and newly emerging legal issues relating to cyberspace, cyberlaw or the law of internet came into being. The growth of cyberspace has resulted in the development of a new and highly specialised branch of law called cyberlaws- laws of the internet and the world wide web. Cyberlaw is a generic term which refers to all the legal and regulatory aspects of internet and the world wide web. Anything concerned with or related to or emanating from any legal aspects or issues concerning any activity of netizens in and concerning cyberspace comes within the ambit of cyberlaw.

Baazee.com case 1:
CEO of Baazee.com was arrested in December 2004 because a CD with objectionable material was being sold on the website. The CD was also being sold in the markets in Delhi. The Mumbai city police and the Delhi Police got into action. The CEO was later released on bail. This opened up the question as to what kind of distinction do we draw between Internet Service Provider and Content Provider. The burden rests on the accused that he was the Service Provider and not the Content Provider. It also raises a lot of issues regarding how the police should handle the cyber crime cases and a lot of education is required.

REVIEW: Case background: Cyberlaw is a much newer phenomenon having emerged much after the onset of internet . Internet grew in a completely unplanned and unregulated manner. Cyberlaw is a generic term which refers to all the legal and regulatory aspects of internet and the World Wide Web. Anything concerned with or related to or emanating from any legal aspects or issues concerning any activity of netizens in and concerning cyberspace comes within the ambit of cyberlaw.

Case Facts
CEO of Baazee.com was arrested in December 2004 because a CD with objectionable material was being sold on the website. The case opened up the question as to what kind of distinction do we draw between Internet Service Provider and Content Provider. The burden rests on the accused that he was the Service Provider and not the Content Provider. The Mumbai city police and the Delhi Police got into action. The CEO was later released on bail. It also raises a lot of issues regarding how the police should handle the cyber crime cases and a lot of education is required.

Review:
Lack of evidence of content producer Lack of knowledge of cyber laws bylaw and regulations to police officials Lack of strong law enforcing practice for cyber criminals Easier grant of bail to the suspects and criminals

Case 2: karan bahare.com(Monday July 27th 2009)

The Gurgaon BPO fraud has created on embarrassing situation for infinity e search the company in which Mr. Karan Baharee was employed. A British news paper has reported has one of its undercover reporters has purchased personal information of 1,000 British customers from an Indian call centre employee. However the employee of infinity esearch, a New Deli based web designing company who was reportedly involved in the case denied any wrong doing. The company has also said that it had nothing to do with the incident. In the instant case the journalist used an intermediary offered a job, requested on a presentation on a CD and later claimed that the CD contained some confidential data. The fact that CD contained such data is itself substantiated by the journalist. In this sort of situation we can only say the journalist has used Bribery to induce a out of normal behaviour of an employee. This is not an observation of a fact but creating a factual incident by intervention. Investigation is still on in this matter. CASE STUDY 3

Baaze.com case study: pune citibank mphasis call center fraud

Us $ 3,50,000 from accounts of four us customers were dishonestly transferred to bogus accounts. This will give a lot of ammunition to those lobbying against outsourcing in us. Such cases happen all over the world but when it happens in india it is a serious matter and we can not ignore it. It is a case of sourcing engineering. Some employees gained the confidence of the customer and obtained their pin numbers to commit fraud. They got these under the guise of helping the customers out of difficult situations. Highest security prevails in the call centers in india as they know that they will lose their business. There was not as much of breach of security but of sourcing engineering. The call center employees are checked when they go in and out so they can not copy down numbers and therefore they could not have noted these down. They must have remembered these numbers, gone out immediately to a cyber caf and accessed the citibank accounts of the customers. All accounts were opened in pune and the customers complained that the money from their accounts was transferred to pune accounts and thats how the criminals were traced. Police has been able to prove the honesty of the call center and has frozen the accounts where the money was transferred. There is need for a strict background check of the call center executives. However, best of background checks can not eliminate the bad elements from coming in and breaching security. We must still ensure such checks when a person is hired. There is need for a national id and a national data base where a name can be referred to. In this case preliminary investigations do not reveal that the criminals had any crime history. Customer education is very important so customers do not get taken for a ride. Most banks are guilt of ns $ 3,50,000 from accounts of four us customers were dishonestly transferred to bogus

accounts. This will give a lot of ammunition to those lobbying against outsourcing in us. Such cases happen all over the world but when it happens in india it is a serious matter and we can not ignore it. It is a case of sourcing engineering. Some employees gained the confidence of the customer and obtained their pin numbers to commit fraud. They got these under the guise of helping the customers out of difficult situations. Highest security prevails in the call centers in india as they know that they will lose their business. There was not as much of breach of security but of sourcing engineering. The call center employees are checked when they go in and out so they can not copy down numbers and therefore they could not have noted these down. They must have remembered these numbers, gone out immediately to a cyber caf and accessed the citibank accounts of the customers. All accounts were opened in pune and the customers complained that the money from their accounts was transferred to pune accounts and thats how the criminals were traced. Police has been able to prove the honesty of the call center and has frozen the accounts where the money was transferred. There is need for a strict background check of the call center executives. However, best of background checks can not eliminate the bad elements from coming in and breaching security. We must still ensure such checks when a person is hired. There is need for a national id and a national data base where a name can be referred to. In this case preliminary investigations do not reveal that the criminals had any crime history. Customer education is very important so customers do not get taken for a ride. Most banks are guilt of not doing this. Out doing this. REVIEW: The Avnish Bajajs and the Karan Bahrees of this world can breathe easy. An expert committee discussing the amendments to the Indian Information Technology (IT) Act '00 is veering towards the view that while the "body corporate" may be held responsible for breaches in security and confidentiality, neither the top honcho nor the low-rung employee can be made liable unless prior knowledge and willing participation is clearly established. The proposed amendments would also pave the way for legal recognition to all kinds of secure e-signatures, in addition to the PKI-based digital signatures that already exist. And for the first time the country would have a law that penalizes all kinds of pornography, voyeuristic, "peeping Tom" misuse of technology and digital morphing with an intention to cause harm to others. The recent MMS scandals, webcam misuse and morphing of images to wrongly implicate actors and actresses serves as the backdrop to the proposal. It would also cover all computer-based frauds and forgeries without narrow definitions such as hacking and spam. "The effort is to make it relevant for the next 10-15 years, no matter what new terms are coined for computer crimes," Coming back to the corporate angle, at present, Section 85 of the Act on "offences by companies," already provide some leeway for beleaguered CEOs. But fresh provisions within the Act would make it more explicit and extend it to all individuals in the body corporate to guard against unwarranted harassment. At the same time, Section 79 of the Act, which pins all liability on the network service provider, is likely to be amended to provide some immunity to intermediaries - be they BPOs, telecom service providers, Internet service providers, cyber cafes and so on. "The content of the transmission over a network cannot be blamed on the intermediary, unless it is proved that the intermediary was aware of what was happening and deliberately did not take action," Thus the likes of Baazee.com's Bajaj (who pleads he never possessed the MMS clip) may have some hope. Just as Karan Bahree and other victims of sting operations who just may have been "framed" to expose theoretical chinks in the system. "We are not giving a clean chit to anyone ... that is not the intention behind the amendments, but neither can we allow anyone to become sitting ducks to malicious allegations," However this does not mean the Act would turn a blind eye to "unauthorized disclosure" of confidential information of clients (in the case of BPOs). Section 72 (which at present covers such offence only when committed by the enforcement officials who access data under the powers vested in the Act) would be extended to cover everyone. IT Act is to be amended to give legal sanction to all forms of "secured" electronic signatures. Now any signature represented digitally - a name typed at the end of an email message, a digitized image of a handwritten signature, biometrics (like fingerprints, eye retinas and irises, voice patterns, facial patterns or hand measurements for the purpose of authentication) or even a secret code or PIN that identifies the sender to the recipient - would be considered legal. Provided, it adheres to a certain level of security, that is to be prescribed by the government. This is in contrast to the present recognition given only to digital signatures. Digital signatures which are an advanced form of electronic signatures would also continue in the new regime.