The word “cyber,” as defined in the Oxford Dictionary, is something relating to the culture of computers and virtual reality. So cyber laws cover a very wide area, covering every aspect of the activity we do on the internet, and they do not limit themselves to just protecting the user’s right to privacy. It governs payments, data privacy and security, hacking for malicious purposes, and online fraud. Cyberlaw is the law governing cyberspace. It is the legal aspect of the Internet. It regulates various activities of citizens in cyberspace. We need cyber laws to stop anyone from exploiting grey areas of the Internet. The anonymous nature of the Internet allows anyone to commit various crimes like identity theft, money laundering, etc.
Every activity of ours on the Internet has a cyberlaw perspective. When we sign up for social media pages like Facebook or Twitter or do some online shopping, every activity has some kind of law that governs and regulates the activity of the service provider and the consumer. While using these services, some may not work, which can cause a loss to the user, so to help the user, we need to take advantage of cyberspace laws.
History of Cyber Law
The origins of lawmaking in cyberspace can be found in Germany where the law relating to data protection was passed in 1970, establishing the basic principles of cyber laws, like the need for legal permission or consent for any processing of personal data. In the United States of America, using computers without authorization and committing fraud was made a federal offense after the passing of the first federal statute, ‘The Computer Fraud and Abuse Act, of 1984.’
In 1986, the Organization for Economic Co-operation and Development (OECD) published a report in which it listed five categories of offenses that constitute cybercrime. The European Union passed the ‘EU Data Protection Directive’ on October 24, 1995. The directive’s main goal is to protect fundamental rights and the right to privacy.
The inception of cyber law in India can be traced to United Nations General Assembly ratifying the Model Law on Electronic Commerce on International Trade Law. This resolution advised that all the signatories should consider making laws to observe uniformity in the laws of various nations. The Department of Electronics drafted a bill in July 1998, but it was introduced in parliament after a separate ministry, the ministry of Information Technology was formed. The bill was passed and is known as the ‘Information Technology Act of 2000’. It came into force on October 17th, 2000. The main aim was to provide legal sanctions for electronic commerce and transactions and prevent cybercrime.
Comparison of Cyber Laws in India and the World
Cyber security has been a prime concern in America and Europe for a much longer period than it has been in India, and as a result, they have much better-defined policies and frameworks for cyber security. India ranks second in terms of the highest number of internet users in the world, after China. In a report published by an online security firm, Symantec Corp., India was ranked among the top five countries to be affected by cybercrime.
The United Kingdom adopted its first act dealing with cyber law in 1990, ‘The Computer Misuse Act of 1990’. In the United Kingdom, a specific cabinet post for cyber security helps Prime Minister and releases the five-year National Cyber Security Strategy and sets out the government’s scheme to counter cyber threats. The Office of Cyber Security was formed in 2009 and became The Office of Cyber Security and Information Assurance (OCSIA) in 2010. Its primary agenda is to develop cyber security policies and coordinate them among various parts of the government.
The United States of America adopted its first statute relating to computer crime in 1984, and it was the Computer Fraud and Abuse Act of 1984. The National Protection and Programs Directorate was formed in 2007 as a part of the United States Department of Homeland Security. It aimed to reduce the threat by advancing cyberinfrastructure. The NPPD was succeeded by the Cybersecurity and Infrastructure Security Agency (CISA). Its primary function is to coordinate and assist government agencies and private organizations in cyber security and improving infrastructure.
From an Indian perspective, the computer revolution began after 1984, when Rajiv Gandhi’s government came into power. He liberalized the production and import of computers and other electronic devices. However, computers were limited to government offices only. The main revolution began when computers were introduced to stock markets like the Bombay Stock Exchange (BSE).
India adopted its first legislation in the year 2000, the Information Technology Act. It came after the General Assembly of the United Nations adopted a resolution on the Model Law on Electronic Commerce. It recommends to its signatories that they consider a law relating to the cyber world. The preamble of the act says, “An act to provide legal recognition carried out using electronic data interchange and other means of electronic communication.” Cyber Crimes were reported under various sections of the Information Technology Act and the Indian Penal Code, of 1860. Karnataka was the first state to establish a cybercrime police station in Bengaluru in 2001. In India, all cases regarding cybercrime are handled by the state police of the respective state. There was a lack of coordination among the police departments of states. The main problem in dealing with cybercrimes is that a person sitting in one state can commit fraud or crime in another state. So, coordination was a necessary evil. To deal with this problem, the government initiated the Indian Cyber Crime Coordination Centre (I4C) in 2018 to deal with cybercrimes in a coordinated and effective manner. The government has also introduced the National Cyber Security Policy 2013. It draws a blueprint for the government to deal with the issue of cyber security exhaustively and collectively as a response to cyber threats.
Although cyber security was taken into consideration a little late by the government as compared to the US and UK where laws regarding cyber crime were already there in the 1990s and the presence of a central authority dealing specifically with these types of crimes by 2010. The position in the cyber-security space is constantly improving. India was ranked 10th in the Global Cybersecurity Index published by the International Telecommunication Union. India scored 97.5 points out of 100.
There is no doubt that India has made significant progress in the cybersecurity space in the last decade. Many new laws were adopted, existing ones were revised, and new policies were implemented, but there are many areas in which we need to work more efficiently. With the arrival of cryptocurrency, new threats have been developing. India has not legalized crypto and is not regulated, while the USA has laws regulating crypto. Another challenge that India faces is cyberattacks by hackers, mainly from China. Reportedly, in 2020, Chinese hackers were behind the Mumbai blackout. India needs to change its old infrastructure to deal with these types of attacks. We need more strong laws and policies in dealing with cyber laws. The existing laws have not effectively curbed these types of crimes. The penalty for committing such crimes in the US is 10–20 years in prison with a heavy fine, while in India it is usually 2-4 years of imprisonment. India also needs to strongly implement its policies. The cyber-world is changing daily, and we need to introduce stricter measures to deal with it.
Author(s) Name: Akshay Tiwari (Vivekananda Institute of Professional Studies, Guru Gobind Singh Indraprastha University)