INFORMATION TECHNOLOGY LAW

PART – A
1
01) Cyber Space

Cyberspace refers to the virtual computer world, specifically an electronic medium used for
facilitating online communication. It typically involves a large computer network composed of
worldwide computer sub-networks that employ the TCP/IP protocol for communication and data
exchange activities. In this digital realm, users can share information, interact, exchange ideas,
play games, participate discussions, conduct business, and create media, among other activities.

The term cyberspace was initially introduced by William Gibson in his 1984 book, Neuromancer.
Although Gibson later criticized the term as “evocative and essentially meaningless,” it continues
to be widely used to describe any facility or feature linked to the internet. People apply the term to
various virtual interfaces that create digital realities.

Here are some key points about cyberspace:

1) Virtual Environment: cyberspace provides an interactive and virtual environment for a

broad range of participants. Any system with a significant user base or a well-designed
interface can be considered part of cyberspace.

2) Diverse Activities: Users engage in activities such as sharing information, socializing,

gaming business transactions, and creating digital content within cyberspace.

3) Online Gaming Platforms: Massive online gaming communities create their own
cyberspace worlds that exist solely in the digital realm. These spaces are distinct from
physical reality.

4) Growing Influence: As more people access the internet through desktop computers and
smartphones, cyberspace continues to expand practically and theoretically.

5) Social Interaction: Cyberspace has become a medium primarily for social interaction,
transcending its technical implementation.

2
02) Internet Jurisdiction

Internet jurisdiction is the legal authority of a court or government to regulate and adjudicate
internet-related matters, as established by the Information Technology Act, 2000 in India,
determining which courts can hear and decide cyberspace-related cases.

Prepared by: T Jagan Mohan Kumar Page 1 | 42

Section 1(2) of the Information Technology Act, 2000 grants Indian courts jurisdiction to hear
cases involving cybercrimes or disputes related to India, regardless of nationality, and applies to
all offenses or contraventions committed outside India.
The Information Technology Act, 2000 applies to cybercrimes within India's territorial boundaries,
with local courts having jurisdiction. Indian courts may also have jurisdiction over matters involving
accessible websites or online platforms, even if the website owner or operator is outside the
country.

Jurisdiction in internet-related cases can be complex, especially when parties are located in
different jurisdictions or cyber activity occurs in multiple locations. International laws and principles
of comity may be used to determine the appropriate jurisdiction for the case.

The Information Technology Act, 2000 in India establishes a legal framework for jurisdictional
issues in internet-related matters, granting courts the authority to adjudicate cybercrimes, data
breaches, and other cyber offenses.

5
03) Cyber Stalking

Cyber Stalking is a form of online harassment using electronic communications like emails, social
media, or messaging apps to repeatedly harass, threaten, or intimidate an individual, which can
have severe psychological and emotional effects on the victim, and is criminalized in India under
the Information Technology Act, 2000.

Section 66E of the Information Technology Act, 2000 addresses privacy violations, including
capturing, publishing, or transmitting private images without consent. This provision can be
applied to cyber stalking cases where the stalker uses electronic means to invade the victim's
privacy.

Section 354D of the Indian Penal Code criminalizes stalking, including cyber stalking, which
involves repeatedly following or contacting someone online despite clear signs of disinterest or
harassment.

Cyber stalking involves sending threatening messages, spreading false information, monitoring
online activity, or creating fake profiles to harass or defame victims, causing fear, anxiety, and
loss of privacy and security.

Individuals should be aware of their rights and legal remedies in cyber stalking cases. Reporting
incidents to authorities and seeking legal assistance can protect victims and prevent further harm.
Raising awareness about cyber stalking and educating individuals about online safety practices
can also prevent future incidents.

3
04) Digital Signature Certificate

Prepared by: T Jagan Mohan Kumar Page 2 | 42

A digital signature certificate is an electronic form of a signature that provides authenticity
integrinty, and non-repudiation to electronic documents and transactions. It serves a digital
equivalent of a handwritten signature and ensures that the sender of a message or document
cannot deny having sent it.

DSCs are issued by Certifying Authority (CAs) in India after verifying the identity of the certificate
holder. These certificates are used for various purposes, including e-mails, authenticating online
transactions, and filing electronic forms with government agencies.

Legal Provisions in India:

Section 2(1)(p) of the Information Technology Act, 2000 affirms the “digital signature” means
authentication of any electronic record by a subscriber by means of an electronic method or
procedure in accordance with the provisions of Section 3.

Section 3 of the Information Technology Act, 2000 defines as digital signature as a unique
electronic representation of a person’s identity.

Section 5 of the Information Technology Act, 2000 specifies that a digital signature is legally
valid and enforceable.

Types of Digital Signature Certificates:

a) Class 1 DSC: This is used for securing e-mail communication and verifying the identity of
the sender.

b) Class 2 DSC: This is used for company registrations, income-tax filings, and other
government related processes.

c) Class 3 DSC: Provides the highest level of security and is used for e-tendering, e-
procurement, and other critical applications.

d) DGFT DSC: Specifically for businesses engaged in foreign trade to interact with the
Director General of Foreign Trade (DGFT).

Digital signatures are essential for ensuring the security and reliability of electronic
communications and transactions, promoting trust and confidence in online interactions in the
digital economy.

3
05) Electronic Signature Certificate

Electronic Signature Certificate (ESC) is a digital certificate that authenticates the identity of the
person signing an electronic document, email, or online transaction, ensuring its integrity and
security.
Prepared by: T Jagan Mohan Kumar Page 3 | 42
The use of Electronic Signature Certificates in India is regulated by section 35-39 of the
Information Technology Act, 2000, and is issued by Certifying Authorities registered with the
Controller of Certifying Authorities under the IT Act.

The Electronic Signature Certificate is a document that provides a unique digital signature,
containing the signer's name, email address, and other relevant information, thereby verifying the
signer's identity and ensuring its validity.

Electronic Signature Certificates come in various classes, each offering different levels of security
and authentication. Class 1 certificates are used for individual verification, while Class 2 and
Class 3 certificates are used for more secure transactions, such as online banking, e-filing of
taxes, and digital signatures on legal documents.

The Electronic Signature Certificate ensures non-repudiation, preventing signers from denying
their signature, thereby enhancing authenticity and integrity of online transactions, fostering trust,
security, and reliability in electronic communications.

Electronic Signature Certificates enhance business efficiency, reduce paperwork, and improve
security in digital transactions. It's crucial for individuals and organizations to understand their
importance and comply with legal requirements under the Information Technology Act.

2
06) Cyber Regulation Appellate Tribunal

The Cyber Regulation Appellate Tribunal (CRAT) is a quasi-judicial body established under
section 48(1) of the Information Technology Act, 2000 in India, responsible for hearing appeals
against IT Act orders and resolving cyber regulatory disputes.

The CRAT is a forum for individuals and organizations to challenge decisions made by
Adjudicating Officers under the IT Act, particularly in cases of cybercrimes, data protection,
electronic transactions, and other cyber regulatory matters, allowing for appeals against their
orders.

The Tribunal, led by a Chairperson, is composed of members appointed by the Central

Government. The qualification of the Chairpersons either being a (a) former High Court
Judge or (b) having served in the Indian Legal Services at Grade-1 for at least 3 years.

The term of office lasts for 5 years from the date of assuming office or until reaching the age of 65
years, whichever is earlier.

The Cyber Regulation Appellate Tribunal has the authority to summon witnesses, gather
evidence, and conduct proceedings in accordance with principles of natural justice, making its
decisions final and binding, and can be challenged before the High Court on points of law.

Prepared by: T Jagan Mohan Kumar Page 4 | 42

 3
07) E-Commerce

E-Commerce, short for Electronic Commerce, refers to the exchange of goods and services as
well as the transmission of funds and data over the internet. It relies on technology and digital
platforms, including websites, mobile apps, and social media, to facilitate buying and selling.

Here are some key points about E-Commerce:

1) Types of E-Commerce Transactions:

a) Online Retailing: This involves the purchase of products (such as shopping for
apparel, electronics, and groceries) through e-commerce platforms.

b) Electronic Market: These platforms connect buyers and sellers for transactions.

c) Online Auctions: E-Commerce platforms that allow bidding and selling of items.

d) E-Commerce is also supported by the broader concept of electronic business which

encompasses all processes required to run a company online.

2) Advantages of E-Commerce:

a) Wider Market Research: E-Commerce helps businesses, especially small ones, gain
access to a broader audience by providing efficient distribution channels.

b) Cost Effective: It reduces costs associated with physical stores and allows
businesses operate online.

c) Convenience: Customers can shop from anywhere, anytime, using their devices.

d) Disruptive Technology: E-Commerce has transformed traditional retail and continues

to evolve rapidly.

3) Setting-up an E-Commerce Business:

a) Research the products or services you wish to sell.

b) Understand the market, audience, and competition.

c) Choose a business name and legal structure.

d) Set-up and e-commerce website with a payment gateway (e.g. credit card or PayPal).

In essence, e-commerce is like a digital version of mail-order catalog shopping, enabling

seamless transactions between buyers and sellers using technology.

Prepared by: T Jagan Mohan Kumar Page 5 | 42

 3
08) E-Banking

E-banking, also known as electronic banking or online banking, offers banking services and
products via electronic channels like the internet, mobile apps, ATMs, and electronic payment
systems, enabling customers to perform transactions remotely without visiting a physical bank
branch.
E-banking services offers convenience, accessibility, and flexibility, enabling them to manage their
finances anytime, anywhere. Common services include checking account balances, transferring
funds, paying bills, applying for loans or credit cards, managing investments, and accessing
account statements.

The Reserve Bank of India (RBI) regulates e-banking services in India to ensure security and
efficiency. It issues guidelines on customer authentication, data security, fraud detection, and risk
management practices to protect customer interests and maintain banking sector integrity.

E-banking transactions are protected by encryption, authentication methods, firewalls, and other
security measures to protect customer data and prevent unauthorized access. Customers are
often required to set secure passwords, PINs, and use two-factor authentication.

E-banking is a crucial aspect of modern banking, offering a secure, efficient, and effective way for
customers to manage their finances in the digital age. By responsibly using e-banking services
and staying informed about security measures, users can maximize online banking.

09) E-Governance

E-governance, or electronic governance, is the use of information and communication

technologies (ICTs) by governments to enhance efficiency, transparency, and citizen engagement
in public services delivery, by transforming traditional government operations and interactions with
citizens, businesses, and other stakeholders.

India's e-governance initiatives aim to enhance transparency, accountability, and efficiency in

government services. The National e-Governance Plan (NeGP) and Digital India initiative further
emphasize the use of digital technologies to transform governance processes and improve
service delivery across various government departments.

India's e-governance initiatives include various applications and services, such as online portals
for citizen services, digital platforms for payments and procurement, digital identity systems like
Aadhaar, electronic tax filing, e-procurement systems, and online portals for public participation.

E-governance offers numerous benefits, including enhanced service delivery efficiency, reduced
paperwork, cost savings, improved transparency, enhanced access to government services,
better decision-making through data-driven insights, and increased citizen engagement in
governance processes.

Prepared by: T Jagan Mohan Kumar Page 6 | 42

E-governance implementation requires robust infrastructure, data security, capacity building,
digital literacy, and effective coordination among government departments, addressing cyber
security, data privacy, digital divide, and interoperability challenges.

E-governance modernizes government operations, enhances service delivery, and promotes

citizen-centric governance by utilizing digital technologies for efficient decision-making and socio-
economic development.

4
10) Software Piracy

Software piracy refers to the unauthorized use of legally protected software. It encompasses
activities such as “stealing, copying, distributing, modifying, and selling software” without proper
authorization.

Definition: Software Piracy occurs when someone violates copyright laws by using software in
ways not permitted by the license. It denies creators (such as programmers, writers, and graphic
artists) proper credit and compensation for their work.

Here are some key points about software piracy:

1) TYPES OF SOFTWARE PIRACY:

a) Soft lifting: This type of software misuse involves multiple users illegally using a
single legal copy of the software, such as purchasing genuine software without proper
licenses.

b) Hard-disk loading: PC resell shops often sell pirated versions of software, where
the shop owner installs a legal copy on multiple computers, potentially unaware of the
customer's identity.

c) Counterfeiting: In this type, duplicates of genuine software programs are created to

appear authentic. These counterfeit copies are then sold at lower process.

d) Client-Server overuse: Businesses sometimes install more copies of software than

they are licensed for, especially in local area networks. This practice is unauthorized.

e) Online Piracy: Acquiring illegal software from online auction sites, blogs, or through
peer-to-peer file sharing systems is considered online piracy.

2) CONSEQUENCES OF SOFTWARE PIRACY:

a) Security Risks: Pirated software may contain malware, compromising users’

security.
Prepared by: T Jagan Mohan Kumar Page 7 | 42
 b) Malfunctions: Illegally obtained software may fail to function correctly.

c) Legal Penalties: Strict laws exist to combat software piracy, imposing monetary
fines and other consequences for copyright violations.

3) PREVENTING SOFTWARE PIRACY:

a) End-User License Agreement (EULA): EULA define rules for legal software use
and often prohibit sharing software with others.

b) Awareness: Educate users about the risks of using pirated software.

c) Legitimate Licensing: Always obtain software through authorized channels to

support creators and ensure security.

Software piracy undermines intellectual property rights, leads to economic losses, decreased
innovation, and unfair competition. Government, industry associations, and law enforcement
agencies collaborate to combat piracy by raising awareness, enforcing copyright laws, and
prosecuting offenders.
3
11) Shrink Wrap Contracts

Computer software companies frequently use "shrink-wrap" license agreements for mass market
distribution of software. These unsigned agreements require user acceptance by opening the
software packaging, using the software, or using a specified mechanism.

The controversy around shrink wrap agreements is the fact that the terms of the agreement
cannot be read until the consumer pays, accepts the package, and removes the shrink wrap,
indicating acceptance of the terms.

The status of shrink wrap agreements remains unclear, with courts divided on whether a
consumer consents to the terms, as they pay for the product and open the package, but do not
have actual knowledge of the terms until they are read.

End User License Agreements (EULA) are software licenses that specify the limits of use granted
by the software owner. They are in effect immediately at the time of purchase, regardless of
installation.

However, recent court decisions have challenged the use of EULAs in shrink wrapped software,
forcing some companies and retailers to accept returns or provide EULAs on their websites for
consumers to read before purchasing.
Prepared by: T Jagan Mohan Kumar Page 8 | 42
 12) Distribution Agreements

Distribution contracts in cyber laws are legal agreements governing the distribution of digital
products, software, or services through electronic means, establishing terms and conditions for
manufacturers, suppliers, or licensors to market, sell, or distribute their offerings.

When drafting distribution contracts under cyber laws, several key considerations come
into play:

1) Intellectual Property Rights: Distribution contracts should clearly outline the

intellectual property rights of digital products, including the license granted to the
distributor, restrictions on use or distribution, and provisions for protecting the licensor's
intellectual property.

2) Data Protection and Privacy: Distribution contracts should include provisions for data
protection, privacy, and security, ensuring compliance with data protection laws like the
Information Technology Act, 2000 and the Personal Data Protection Bill.

3) Compliance with Cyber Laws: Distribution contracts must comply with cyber laws,
including IT Act, 2000, electronic contracts, digital signatures, data security, and
cybercrime-related provisions to avoid legal disputes and penalties.

4) Liability and Indemnity: Distribution contracts should outline liability for breach of
contract, intellectual property infringement, data breaches, or legal violations, with
indemnity clauses providing protection against legal claims arising from distribution
activities.

5) Termination and Dispute Resolution: The distribution agreement should clearly

outline termination provisions and dispute resolution mechanisms to ensure a smooth
distribution process and mitigate conflicts.

Compliance with cyber laws and regulations ensures clear and legally sound distribution
arrangements for digital products or services, protecting rights, ensuring compliance, and
fostering successful business relationships in the digital domain.

13) Internet

The internet, a global network of interconnected computers and devices, facilitates information
exchange, communication, and services worldwide. It offers access to various resources like
websites, emails, social media, online databases, and cloud services. The internet has
revolutionized communication, work, learning, and business in modern society.

Key aspects of the internet include:

Prepared by: T Jagan Mohan Kumar Page 9 | 42
 1) Connectivity: The internet facilitates global communication and data transfer through
various networks, protocols, and technologies, connecting millions of devices worldwide.

2) Information Sharing: The internet is a vast collection of information, enabling users to

access a wide variety of content, resources, and services for exploration, sharing, and
collaboration.

3) Communication: Internet communication, including email, instant messaging, video calls,

and social media, facilitates cross-border connections, interaction, and idea exchange.

4) E-Commerce: The internet has transformed business operations through online shopping,
digital payments, marketing, and e-commerce platforms, fostering global trade and
economic growth.

5) Entertainment and Media: Streaming services, online gaming, social networking sites,
and digital content platforms provide a diverse and rich source of entertainment and media
consumption worldwide.

6) Education and Information Accessibility: The internet has significantly changed access
to education, making resources like online courses, research articles, e-books, and
educational platforms accessible to learners of all ages and backgrounds.

The internet offers numerous benefits but also poses risks like cyber threats, privacy concerns,
misinformation, and social issues. Regulations on internet usage, data protection, cyber security,
and online conduct are crucial for a secure, inclusive digital environment. Understanding the
internet's dynamics is essential for effective social, economic, and cultural impacts.

4
14) Digital Copyright

Digital copyright is the legal protection of intellectual property rights for digital content, including
text, images, audio, video, software, and online publications. It regulates the reproduction,
distribution, public performance, adaptation, and display of creators' works in the digital realm.

Key aspects of digital copyright includes:

1) Original Work: Copyright protection safeguards original works of authorship, including

digital content, literary works, software code, multimedia presentations, and digital art,
which are fixed in a tangible medium of expression.

2) Exclusive Rights: Copyright grants creators exclusive rights to reproduce, distribute,

display, perform, and create derivative works based on their original creations, allowing
them to control digital work usage, sharing, and monetization.

Prepared by: T Jagan Mohan Kumar Page 10 | 42

 3) Copyright Registration: Copyright protection is automatic upon original work creation,
but creators can register their copyrights for additional legal benefits, providing ownership
evidence and enabling legal enforcement of rights.

4) Digital Piracy: Copyright infringement involves unauthorized copying, distribution, sharing,

or downloading of copyrighted digital works, while digital piracy, including peer-to-peer file
sharing and illegal downloads, and poses a significant challenge to creators and rights holders.

5) Digital Rights Management: Digital Rights Management (DRM) technologies

safeguard digital copyright by controlling access and usage of digital content, preventing
unauthorized copying, sharing, or modification, and safeguarding intellectual property
interests.

In the digital age, enforcing digital copyright laws is crucial in the digital age to protect creators'
rights and economic interests, fostering a fair, sustainable, and creative digital ecosystem.

3
15) Escrow Agreements

An Escrow Agreement is a legally binding contract that defines the terms and conditions between
parties and outlines their respective responsibilities. It typically involves an independent third
party known as the “escrow agent”, who temporarily holds an asset of value until specific
conditions specified in the contract are met.

Key components of an Escrow Agreements:

1) Purpose: Escrow Agreements serve as a safeguard in various transactions, ensuring

that all parties fulfil their obligations before proceeding with a deal.

2) Escrow Agent: The escrow agent acts as a neutral intermediary. They hold the asset
(such as funds, documents, or other valuable items) until the contract’s conditions are
satisfied.

3) Common Uses:

a) Real Estate Transactions: Escrow Agreements are common in real estate deals,
allowing sellers to secure financing for potential homebuyers before the sale proceeds.
If financing isn't secured, the deal can be called off and the escrow agreement
cancelled.

b) Online Sale: Escrow is also prevalent in online sales. When a buyer purchases an
item, the funds are held in escrow until the buyer receives the product and confirms its
satisfactory condition.

4) Contents of an Escrow Agreement:

Prepared by: T Jagan Mohan Kumar Page 11 | 42

 a) The escrow agent's identity is explicitly stated.
b) The definition provides a detailed explanation of the terms used in the agreement.
c) The document provides an overview of the escrow funds and their release
conditions.
d) The document outlines how the ‘escrow agent’ may use the funds.
e) The document clarifies the responsibilities and potential liabilities of the escrow
agent.
f) The document specifies any fees charged by the escrow agent.
g) The document determines the legal jurisdiction and venue in case of disputes.

5) Assets held in Escrow: Escrow agents now have the ability to handle various valuable
assets such as stocks, bonds, mortgages, patents, and cheques, replacing traditional cash
handling.

A well-drafted escrow agreement safeguards the interests of all parties involved, ensuring a
seamless and secure transaction process.

3
16) Online Publishing

Online publishing encompasses the creation and distribution of various types of content online,
including blog posts, articles, video content, and infographics, all published and accessible on the
internet, as regulated by the Information Technology Act, 2000, and the Information Technology
(Intermediaries Guidelines) Rules, 2011.

The following are few contents which can be published online:

1) Blog Posts: Blog posts are an excellent platform for sharing thoughts and ideas, allowing
you to cover any topic and enhance its engagement by incorporating images, videos, and
links.

2) Digital Magazines: Digital magazines, like The Ecclesiastical Review, are entirely online,
following the format of traditional in-print magazines.

3) E-Books: e-Books offer a convenient and efficient way to share lengthy writings,
accessible on various devices, making them ideal for busy individuals seeking to learn
about specific topics.

4) Audio Files: Audio files are a popular form of online publishing, ideal for those who prefer
listening to information rather than reading.

Benefits of Online Publishing:

Prepared by: T Jagan Mohan Kumar Page 12 | 42

 a) Digital publications can easily reach readers worldwide with just a few clicks.

b) Online publishing offers a cost-effective solution as it doesn't require printing or distribution

costs, making it an efficient way to distribute your work.

c) Readers can provide immediate feedback on your work, providing valuable constructive
criticism and opportunities for improvement in future work.

d) E-publishing enhances your work's visibility, attracting more readers and followers through
easy access via wifi, smartphones, laptops, or e-readers.

e) Online publishing offers greater control over the presentation and distribution of your work,
ensuring it reaches the right audience.
Online publishing offers a powerful platform to expand your reach, enhance your writing's credibility,
and boost reader engagement with the right techniques.

3
17) Cyber Security

Cyber security is the protection of internet-connected systems like computers, servers, and mobile
devices from malicious attacks. It consists of cyber and security, focusing on systems, networks,
applications, and information, sometimes referred to as information technology security. In India, it is
governed by the Information Technology Act, 2000 and its related Rules, such as Information
Technology (Reasonable Security Practices and Procedures), 2011.

Key aspects of cyber security include:

a) Implementing security measures such as firewalls, encryption, and access controls is crucial
for preventing unauthorized access to systems and data.

b) The process of detection involves the use of various tools and technologies to promptly identify
and address cyber security incidents or breaches.

c) The response involves creating incident response plans to mitigate the effects of cyber threats
and breaches.

d) The process of recovery involves establishing procedures for system recovery and data
restoration in the event of cyber incidents.

Key benefits of cyber security include:

a) The protection of data involves safeguarding sensitive information from theft, corruption, or
unauthorized access.

b) The goal is to minimize disruptions to operations caused by cyber incidents for business
continuity.

Prepared by: T Jagan Mohan Kumar Page 13 | 42

 c) The goal is to foster customer trust by ensuring the security and confidentiality of their personal
information.

d) Legal compliance involves adhering to regulations concerning data protection and cyber
security.

The Information Technology Act, 2000 in India provides legal recourse for cybercrimes and data
breaches, allowing Indian courts to hear and decide cases and impose penalties on offenders.

Cyber security is crucial in the digital age to safeguard organizations, individuals, and critical
infrastructure from various cyber threats by implementing robust measures and adhering to relevant
laws.

4
18) Domain Name

A domain name is a website's equivalent to a physical address, consisting of a name and an

extension like ".com", ".org", or ".in". Users type in the domain name instead of the numerical IP
address to access a specific website, making it the text they enter into their browser.

Important of domain name:

a) Human Readable: Domain names make it easy for people to remember and access
websites. Imagine having to remember a series of numbers (IP addresses) for every site
to visit.

b) Brand Identity: It helps in building brand identity and recognition among internet users.

c) Professionalism: Having own domain name e.g. www.mybusiness.com looks more

professional than using a generic sub-domain (e.g. mybusiness.hostingprovider.com).

d) Search Engine Optimization (SEO): A relevant domain name can positively impact the
search engine ranking of a website, making it easier for users to find.

e) Credibility: A custom domain name conveys credibility and trustworthiness, which is

essential for attracting visitors to a website.

f) E-Mail Address: Domain names are often used to create customized email addresses,
which further enhances the professional image of an entity. (e.g. [email protected])

The Uniform Domain Name Dispute Resolution Policy (UDRP) is an international process
established by Internet Corporation for Assigned Names and Numbers (ICANN) to resolve domain
name disputes or cyber-squatting issues, recognized by domain registrars worldwide.

Prepared by: T Jagan Mohan Kumar Page 14 | 42

A domain name is crucial for an entity's online presence and branding strategy. It should be
relevant, memorable, registered properly, and protected from potential infringements.

3
19) Source Code

Source code is the human-readable version of computer programs written in programming

languages, used as the foundation for software applications, containing instructions that
computers can understand and execute, essential for development, customization, debugging,
and maintenance.

1) Organization of Source Code:

a) Source code is typically structured into modules or functions for enhanced readability,
reusability, and maintainability.

b) Developers use comments within source code to clarify the purpose of code segments,
facilitating easier understanding and collaboration among others.

c) Version control systems like Git aid in managing source code changes, tracking revisions,
and facilitating collaboration among developers.

2) Purpose of Source Code:

a) Software developers utilize source code to create, modify, and enhance software
applications based on specific requirements.

b) Customization is the process of modifying software to suit specific user requirements or

industry standards.

c) Developers analyse and troubleshoot source code to identify and fix software errors or
bugs.

3) License of Source Code:

a) Open source licenses allow users to freely view, modify, and distribute source code under
the terms of an open-source license.

b) Proprietary source code is owned by the creator or company and its use, modification, and
distribution are restricted under a proprietary license.

4) Quality of Source Code:

a) The well-formatted source code, with clear naming conventions and comments,
significantly improves readability and understanding.
Prepared by: T Jagan Mohan Kumar Page 15 | 42
 b) The optimized source code is highly efficient in terms of execution speed, memory usage,
and resource utilization.

c) Reliable source code is accurate, error-free, and consistent in delivering the expected
functionality.

d) Maintainability refers to the ease with which source code can be easily maintained,
updated, and extended, enabling continuous software development and enhancements.

Ensuring the Quality, organization, and proper licensing of source code are crucial for software
development projects to meet performance standards, legal requirements, and industry best
practices.
20) Non-Disclosure Agreements 3

A Non-Disclosure Agreement (NDA) is a legal contract that outlines confidential information or

trade secrets that parties wish to share but restrict to third parties or the public, crucial for
protecting sensitive information and intellectual property.

Key features of Non-Disclosure Agreements:

1) Purpose: NDAs are utilized to protect confidential information such as trade secrets,
business strategies, client lists, and financial data exchanged between parties.

2) Parties Involved: An NDA typically involves the disclosing party (owner of confidential
information) and the receiving party (party receiving the information).

3) Confidentiality: The NDA outlines the definition of confidential information, its usage,
the agreement's duration, and the parties' obligations to maintain confidentiality.

4) Exceptions: NDAs may contain exceptions for disclosing confidential information, such
as with consent, legal requirement, or public domain information.

5) Enforceability: NDAs are legally binding contracts, and a breach can result in legal
remedies such as injunctions, damages, and other relief.

6) Jurisdiction: An NDA's jurisdiction is typically determined by the agreement, indicating

which courts will have the authority to hear disputes related to the NDA.

In India, NDAs are governed by contract law, with clauses addressing confidentiality, non-
disclosure, non-use of confidential information, and dispute resolution mechanisms. Drafting
NDAs carefully considers confidential information nature, parties, permissible uses, and legal
implications.

Prepared by: T Jagan Mohan Kumar Page 16 | 42

Non-Disclosure Agreements are crucial for safeguarding sensitive data and fostering trust in
business relationships, ensuring its security and authorized use only.

5
21) Internet Relay Chat Crime (IRC)

Internet Relay Chat (IRC) is a real-time messaging system that enables users to communicate
privately or in channels. However, it can also be misused for criminal activities like cyberbullying,
harassment, phishing, malware distribution, and sharing illegal content, highlighting the potential
dangers of IRC.

Examples of IRC Crimes:

1) Cyberbullying refers to the act of causing harm, threats, or intimidation to individuals

online.
2) Phishing is a fraudulent practice wherein individuals deceive users into sharing sensitive
information, such as passwords or financial details.

3) Malware distribution refers to the sharing of malicious software that can compromise
systems or steal data.

4) Illegal content sharing refers to the sharing of copyrighted material, child exploitation
content, or other prohibited content.

Precautions to avoid IRC Crimes:

1) Join reputable and secure IRC channels to reduce the risk of encountering illegal activities.

2) It is advised to refrain from sharing sensitive information such as passwords, financial

details, or personal data in IRC chats.

3) To prevent malware infections, it is advised to be cautious when clicking on suspicious

links shared in IRC channels.

4) Report any criminal or harmful activities witnessed in IRC to channel operators or

administrators.

Key points regarding IRC Crimes:

1) IRC crimes in India are punishable under cyber laws, including the Information Technology
Act, 2000, with offenders facing criminal charges, fines, and imprisonment.

2) Jurisdiction in IRC crimes refers to the location of the perpetrator or victim, or the area
where the crime has had an impact.

Prepared by: T Jagan Mohan Kumar Page 17 | 42

 3) Preserve evidence of IRC crimes, such as chat logs or screenshots, to support legal action
against perpetrators.

4) Report serious IRC crimes to law enforcement agencies for investigation and prosecution.

Users should be cautious and practice online safety measures while using IRC chats to prevent
potential criminal activities. Understanding legal implications and taking appropriate precautions can
contribute to a safer online environment.

5
22) Cyber Obscenity

Cyber obscenity is the sharing of sexually explicit or obscene content on digital platforms,
including websites, social media, and messaging apps, aimed at causing harm or offense. In
India, it's regulated by the Information Technology Act, 2000 and the Indian Penal Code, 1860.
Key points on Cyber Obscenity:

1) Legal Framework: The IT Act and IPC prohibit the online distribution of obscene or
pornographic material, specifically Section 67, which pertains to the publishing or
transmission of such content.

2) Definition: Under Indian law, content that is lascivious, appeals to prurient interests, or
depraves and corrupts individuals is considered obscene.

3) Punishment: Cyber obscenity offenders can face legal consequences such as

imprisonment and fines under the IT Act and the IPC.

4) Jurisdiction: Cyber obscenity offenses have jurisdiction based on the location of the
offense, where the content is published or disseminated, or where the victim resides.

5) Reporting: Cyber obscenity victims can report such content to law enforcement,
internet service providers, or cyber cells for action.

6) Preventive Measures: Users can take preventive measures such as setting privacy
controls on social media, avoiding sharing personal information, and being cautious while
accessing or sharing content online.

Cyber obscenity is a growing concern that requires awareness among individuals, internet users,
and content creators to ensure legal compliance and contribute to a safer online environment.
Understanding the legal framework, promoting responsible online behaviour, and reporting cyber
obscenity incidents are crucial.

23) Electronic Records

Prepared by: T Jagan Mohan Kumar Page 18 | 42

Electronic records in India are digital data such as emails, text messages, documents, databases,
images, and videos. They are governed by the Information Technology Act, 2000 and its
associated rules and regulations.

Key points about Electronic Records.

a) Legal Recognition: Section 4 of the I.T. Act, 2000 recognizes electronic records as being
on par with physical records and provides legal validity to contracts, agreements, documents,
and transactions conducted in electronic form.

b) Digital Signature: Electronic records can be authenticated using digital signatures, which
are encrypted digital codes that verify the identity of the sender and ensure the integrity of the
electronic communication.

c) Storage and Retention: Section 7 of the I.T. Act, 2000 mandates electronic record
retention, ensuring compliance with specific retention requirements for documents, records, or
information.

d) Admissibility as Evidence: Electronic records can serve as evidence in legal proceedings,

subject to compliance with procedural requirements related to electronic evidence under the
Indian Evidence Act, 1872.

e) Cyber Security Measures: Protecting electronic records from unauthorized access,

tampering, or deletion is crucial. Implementing cyber security measures such as encryption,
access controls, and regular backups is essential to safeguard electronic records.

f) Jurisdiction: The jurisdiction of electronic records can differ based on factors like the
parties' location, transaction location, and data storage or access location.

g) Electronic Record Management: Organizations often implement electronic record

management systems to efficiently organize, store, retrieve, and archive electronic records in
compliance with legal and regulatory requirements.

Understanding the legal framework, security implications, and management practices of electronic
records is crucial for individuals and organizations to effectively utilize digital information while
adhering to laws and regulations, ensuring data integrity and legal validity.

24) Electronic Messages

Electronic messages, including emails, text messages, and instant messages, are crucial in
modern communication. In India, they are regulated by the Information Technology Act, 2000 and
related regulations.

Prepared by: T Jagan Mohan Kumar Page 19 | 42

Key Points regarding Electronic Messages:

a) Legal Recognition: The IT Act acknowledges electronic messages as valid forms of

communication and grants them legal validity, akin to traditional written communication.

b) Authentication:  Digital signatures are used to authenticate electronic messages,

verifying the sender's identity and ensuring the message's integrity during transmission.

c) Cyber Security: Encryption, secure channels, and authentication mechanisms are

crucial in protecting the confidentiality and integrity of electronic messages from
unauthorized access, interception, or tampering.

d) Determination of Origin: The IT Act establishes rules for determining the origin of
electronic messages, including the sender's location and dispatch point, to determine
jurisdiction in legal disputes.
e) Admissibility as Evidence: Electronic messages can be used as legal evidence in legal
proceedings, provided they meet the requirements outlined in the Indian Evidence Act,
1872.

f) Liability for Misuse: The IT Act holds individuals accountable for electronic message
misuse, cyber-crimes, harassment, threats, defamation, and transmission of offensive or
obscene content.

g) Retention and Disclosure: Organizations and service providers are mandated to

maintain electronic messages for specific periods and may be required to disclose them to
law enforcement under lawful interception provisions.

Understanding the legal framework, security measures, and compliance requirements for
electronic messages is crucial for individuals, organizations, and service providers to ensure
legality, integrity, privacy, and confidentiality in digital communication.

25) Role of Certifying Authorities

Certifying Authorities in India are mandated by the Information Technology Act, 2000, and the IT
(Certifying Authorities) Rules, 2000, to ensure the security and integrity of electronic transactions.

The following are the Role of Certifying Authorities:

1) Certifying Authorities issue digital certificates to individuals, organizations, or entities after

verifying their identity, containing information about the certificate holder and their public
key for secure digital signatures.

2) CAs are mandated to verify the identity of certificate applicants before issuing digital
certificates, ensuring their authenticity and reliability.
Prepared by: T Jagan Mohan Kumar Page 20 | 42
 3) Certifying Authorities are crucial in verifying digital signatures by maintaining public key
repositories and certificate revocation lists, which aids in authenticating electronic
transactions and messages.

4) CAs are required to implement security measures to safeguard digital certificates' integrity
and confidentiality, preventing unauthorized access, tampering, or misuse during the
certificate issuance process.

5) Certifying Authorities can revoke or suspend digital certificates due to misuse,

compromise, expiration, or other circumstances that invalidate the certificate's
trustworthiness.

6) CAs are mandated to adhere to IT Act regulations and undergo regular audits to maintain
security standards, certification practices, and legal requirements.

7) Certifying Authorities, acting as trusted third parties in the digital ecosystem, ensure secure
electronic transactions, document signing, and communication, thereby enhancing trust
and reliability in digital interactions.

Certifying Authorities ensure digital transactions' security, authenticity, and digital signature
adoption by adhering to regulatory requirements, implementing stringent security measures, and
maintaining trust in digital certificate issuance.

26) Cyber Squatting

Cyber-squatting is a fraudulent practice where individuals or entities register domain names

similar to popular trademarks or brands to profit from the goodwill associated with those names.
This can involve selling the domain at an inflated price, diverting web traffic, or damaging the
legitimate brand's reputation.

Key points about Cyber Squatting:

1) Domain Name Hijacking: Cyber squatters register domain names that resemble
existing trademarks or brands to exploit their popularity, causing confusion among
consumers.

2) Monetary Gain: Cyber squatters may profit by selling domain names, engaging in click
fraud, or displaying misleading content on the associated website.

3) Legal Implications: Cyber-squatting in India is a harmful practice that can infringe on

trademark owners' intellectual property rights, and legal action against cyber squatters can
be sought under the Information Technology Act, 2000.

Prepared by: T Jagan Mohan Kumar Page 21 | 42

 4) UDRP Proceedings: The Uniform Domain-Name Dispute-Resolution Policy (UDRP)
allows trademark owners to file complaints to reclaim domain names registered in bad
faith.

5) Preventive Measures: Trademark owners can prevent cyber squatting by registering

domain names, monitoring registrations, securing trademarks, and enforcing their rights
through legal action against offenders.

6) Ethical Consideration: Cyber squatters exploit deceptive practices to undermine

online domain registration systems and harm the reputation and business interests of
legitimate trademark owners.

Cyber squatting, a deceptive practice, can harm brands, trademarks, and online presences.
Awareness, understanding, and proactive protection through ethical domain registration practices
can mitigate risks.

27) Identity Theft

Identity theft is a cybercrime where unauthorized parties steal or manipulate an individual's

personal or financial information for fraudulent purposes, punishable in India under the
Information Technology Act, 2000, and the Indian Penal Code, 1860.

Following are the key essence of Identity Theft:

1) Types of Identity Theft: Identity theft involves stealing personal information like names,
addresses, social security numbers, financial details, login credentials, or biometric data
for illicit use.

2) Methods of Identity Theft: Cyber Criminals may use phishing emails, malware, data
breaches, hacking, social engineering, or other techniques to access and misuse
individuals' sensitive information.

3) Legal Consequences: Identity theft perpetrators face criminal charges under IT Act
and IPC, including imprisonment, fines, and penalties for data theft, unauthorized access,
and fraudulent activities.

4) Fraudulent Activities: Cyber Criminals engage in identity theft, committing various

fraudulent activities like financial fraud, credit card fraud, online scams, money laundering,
and impersonation, causing significant financial losses and reputational damage.

Prepared by: T Jagan Mohan Kumar Page 22 | 42

 5) Preventive Measures: To protect against identity theft, individuals should safeguard
personal information, use strong passwords, avoid suspicious links or emails, and regularly
monitor financial transactions for unauthorized activities.

6) Data Protection Regulations: Organizations must comply with data protection and
privacy laws like IT Rules, 2011 and the Personal Data Protection Bill, 2019 to secure
personal data and prevent identity theft.

7) Reporting and Remedies: Identity theft victims should report incidents to law
enforcement, cyber cells, or authorities, seek legal recourse to recover losses, restore their
identity, and hold perpetrators accountable.

Identity theft risks can be mitigated by understanding risks, protecting personal information, and
following cyber security best practices. Compliance with laws, reporting incidents, and proactive
measures enhance data security.

28) Credit Card Frauds

Credit Card Fraud is a common form of identity theft where criminals use someone else's
personal credentials to make fraudulent purchases or loans without repayment intentions.

Key points about Credit Card Fraud:

1) Types of Credit Card Fraud:

 Account takeover fraud occurs when unauthorized individuals access an individual's

credit card information and use it for fraudulent transactions.
 New account fraud involves criminals creating new credit card accounts in the victim's
name.
 Criminals often create duplicate cards by stealing stolen information.
 Fraud occurs in online or phone transactions where the physical card is not present.

2) Preventing Credit Card Fraud:

 Regularly review your credit card statements for any unauthorized charges.
 Safeguard your credit details, PIN, and other sensitive data.
 Protect online accounts with strong, unique passwords.
 Only use secure websites for online transactions.
 Notify your bank immediately if you notice any unauthorized transactions.

Prepared by: T Jagan Mohan Kumar Page 23 | 42

  Set-up transaction alerts to receive notifications for any unusual activity.
 Monitor your credit report for any discrepancies.

3) RBI Guidelines:

 The Reserve Bank of India has revised guidelines to limit customer liability in fraudulent
credit card and online transactions.
 Customers have zero liability if there is contributory fraud or negligence on the bank’s
part regardless of whether the transaction is reported by the customer.
 In case of third-party breaches, where neither the bank nor the customer is at fault, the
customer’s liability is capped at ₹25,000/- if reported within 7 working days.

29) Net Extortion

Net Extortion / Cyber Extortion also known as cyber blackmail, is an illegal practice conducted by
individuals who hold crucial personal, professional, or commercial data hostage.

Cyber extortionists pose a threat to victims by stealing sensitive information and demanding a
ransom in cash or another form.

The criminal twist occurs when the hacker threatens to publicly leak the data if the ransom is not
paid within a specific deadline.

1) Types of Cyber Extortion:

 Malicious software encrypts a victim's files or entire system, requiring them to pay a
ransom to regain access.
 Sextortion involves threatening to release harmful or lewd content about a victim
online, such as on social media or adult websites, without compensation.
 Email extortion is the act of sending threatening emails that demand payment or reveal
sensitive information.
 Blackmail involves holding personal or professional data hostage and demanding
payment to prevent its exposure.
 Malware attacks, including the Mirai botnet, are used to compromise systems and
demand payment.
 Denial-of-service refers to the act of overloading a victim's network or website, making
it inaccessible until a ransom is paid.

2) How to deal with Cyber Extortion:

 Educate employees about cyber security best practices.

 Regularly back-up critical data to prevent loss during attacks.
 Consider insurance coverage against cyber risks.

Prepared by: T Jagan Mohan Kumar Page 24 | 42

  Implement robust security measures.
 Teach users to recognize phishing and suspicious emails.
 Regularly assess vulnerabilities.
 Report incidents to relevant authorities.

India has made significant advancements in cyber operations but faces threats like cyber
extortion. Victims can file cyber-crime complaints through the cyber-crime complaint portal with
relevant laws and regulations addresses cyber extortion cases.

30) Data Protection and Privacy

Data protection safeguards crucial data from unauthorized access, ensuring no corruption,
compromise, loss, or security issues, encompassing all forms of personal, organizational, and
organizational data.

Data privacy involves the proper handling of data, ensuring authorized access and keeping
certain information secret from third parties.

Important of Data Protection and Privacy:

Data protection is crucial for organizations to maintain trust and compliance in data-driven
processes, ensuring the privacy, availability, and integrity of sensitive data. Data privacy laws
govern the collection and handling of Personal Health Information and Personally Identifiable
Information, ensuring only authorized parties can access it.

Difference between Data Protection and Data Privacy:

 Data Protection safeguards data from external risks like corruption and loss, while Data
Privacy ensures secrecy and control over data access.

 Data Protection safeguards data from unauthorized access, while Data Privacy
identifies who has authorized access to the data.

 Data Protection is a technical control system for data protection, while Data Privacy is a
legal process establishing accessibility standards and norms.

 Data protection refers to the procedures and mechanisms used to protect data, while
data privacy involves regulations or policies that govern data privacy.

 Security from hacks involves protecting information from hackers, while security from
sales involves holding data from shared and sold transactions.

Prepared by: T Jagan Mohan Kumar Page 25 | 42

  Data protection is primarily managed by organizations, ensuring data protection from
illegal activities, while data privacy controls are primarily implemented at the end user
level, ensuring users understand data sharing and access.

 Data protection teams consist of technical and security experts, while data privacy
teams consist of law-making, policy, and engineering experts.

Understanding data protection and privacy is crucial for protecting against cyber-attacks and data
breaches. Updating data policies and staying updated with best practices can help protect
businesses and customers.

31) WIPO

The World Intellectual Property Organization is a global organization that promotes and protects
intellectual property rights, including cyber laws, by fostering international cooperation,
harmonizing IP standards, and promoting capacity-building initiatives.

In the context of cyber laws in India, WIPO's contributions are evident in various aspects:

1) Treaties and Agreement: WIPO oversees international intellectual property treaties

and agreements, including the WIPO Copyright Treaty and WIPO Performances and
Phonograms Treaty, which impact digital copyright protection.

2) Capacity Building: WIPO provides technical assistance and training programs to

member states, including India, to improve their capacity in developing and implementing
effective IP laws and enforcement mechanisms to tackle cyberspace challenges.

3) Dispute Resolution: WIPO offers mediation and arbitration services for resolving IP-
related disputes, including online copyright infringements, domain name disputes, and
digital IP conflicts, contributing to cyber law resolution.

4) Policy Development: WIPO's research and policy development initiatives shape IP

laws and regulations to address digital technologies, online infringements, and cyber-
security issues.

5) Data Base and Information Services: WIPO provides valuable insights on

international IP standards, treaties, best practices, and developments for policymakers,
stakeholders, and legal professionals in India working on cyber law issues.

WIPO indirectly influences India's cyber laws through international IP treaties, but its contributions
foster a conducive environment for IP rights protection in the digital age, enhancing legal
frameworks and policy responses.

32) Cyber Terrorism

Prepared by: T Jagan Mohan Kumar Page 26 | 42

An act of cyber terrorism involves using the internet and other forms of information and
communication technology to threaten or cause bodily harm to gain political or ideological power
through threat or intimidation.

1) Methods and Targets:

 Damaging Computer Networks: Cyber Terrorists intentionally damage large-scale

computer networks, causing loss of data and potentially affecting critical infrastructure.

 Malicious Software: They use tools such as computer viruses, spyware, malware,
ransomware, and phishing to achieve their objectives.

 Personal Objective: Experience cyber terrorists, skilled in hacking, can cause

massive damage to government systems, leaving a country in fear of further attacks.

 Political or Ideological Motives: Cyber Terrorism is often driven by political or

ideological goals, making it a form of terror.

Example: In April, 2007, Estonia became a battleground for cyber terrorism after disputes
regarding the relocation of a WW-II Soviet Statue. The country faced large-scale cyber-
attacks.

2) Debate and Controversy:

 The definition of cyber terrorism varies. Some narrow definitions focus on attacks
resulting in violence against persons or property.

 Broader definitions include any form of internet usage by terrorists even if it doesn’t
directly cause physical harm.

 Distinguishing between cyber terrorism and cyber-crime can be challenging.

3) Prevention and Response:

 Government agencies like FBI, NSA, and CIA, NIA work to prevent cyber-attacks and
cyber terrorists.

 Efforts are made to secure critical infrastructure and protect against potential damage
caused by cyber terrorists.

33) Internet Service Provider

Prepared by: T Jagan Mohan Kumar Page 27 | 42

An Internet service provider (ISP) is an organization that offers various services related to
accessing, using, managing, or participating in the Internet, including channels like cable, DSL,
fibre optics, dial-up, and wireless. Large telecommunication companies, including mobile and
cable companies, function as ISPs.

Here are some key points about ISPs:

1) Internet Access: ISPs provide services like web browsing, online shopping, business
operations, and social networking for a fee, facilitating connections between individual
users and the broader internet infrastructure.

2) Additional Services: In addition to basic internet access, ISPs may offer other
services, including Email services, Domain Registration, Web Hosting, and Browser
Packages.

3) Types of ISPs: ISPs can take various forms, such as (a) Commercial ISPs, Community
Owned ISPs, Non-Profit ISPs, and Privately Owned ISPs.

4) Evolution of Internet Access:

 Initially, internet access was limited to government agencies and specific university
departments. The technology developed in the late 1980s to provide access to the
general public through the World Wide Web.

 Early consumers gained limited access through a few ISPs such as America Online
which used dial-up connections via phone lines.

 As connectivity options expanded and speeds improved (moving away from slower
dial-up connections), the internet economy flourished.

 The system operates through a network of local ISPs selling access to customers and
paying larger ISPs for their own access, with Tier-1 carriers owning the infrastructure in
their regions.

34) Netizen

A Netizen is a term combining internet and citizen, referring to an individual who actively
participates in online communities and engages in digital activities, such as social networking,
online discussions, content creation, and other digital interaction.

Netizens engage in online discourse by sharing information, opinions, and experiences on

platforms like social media, forums, blogs, and online communities. They participate in
discussions, collaborate on projects, advocate for causes, or consume content and engage with
online services.
Prepared by: T Jagan Mohan Kumar Page 28 | 42
Netizens are individuals who use the internet as part of a virtual community with its own norms,
values, and behaviours. They shape the online world's culture, influence trends, spread
information, and drive conversations on various issues.

Netizens, despite their diverse backgrounds and cultures, share a common connection through
the internet, enabling global connections, idea exchange, and collective knowledge and
experience within the online community.

PART – B

01) Define Cyber Crime. Discuss different kinds of Cyber Crime

Cybercrime is a criminal activity involving digital devices, networks, or the internet, aiming to
cause harm, steal sensitive information, commit fraud, or disrupt online operations, impacting
individuals, organizations, governments, and societies.

Kinds of cybercrime:

1) Phishing: Phishing is a fraudulent practice wherein a person pretends to be a

trustworthy entity in emails, messages, or websites to obtain sensitive information.

2) Malware: Malware, including viruses, ransomware, spyware, and trojans, is a type of

malicious software that infects computer systems, steals data, disrupts operations, or
allows unauthorized access.

3) Identity Theft: Identity theft involves the misuse of personal information to impersonate
individuals, engage in fraud, open fraudulent accounts, or commit financial crimes in the
victim's name.

4) Hacking: Hacking involves unauthorized access to computer systems, networks, or

devices for data manipulation, theft, disruption, or damage, while ethical hacking, or
penetration testing, is conducted with permission.

5) Cyberbullying: Cyberbullying is the harassment, intimidation, or threats directed at

individuals via digital platforms, social media, or messaging apps, causing emotional
distress, social harm, or reputational damage.
Prepared by: T Jagan Mohan Kumar Page 29 | 42
 6) Online Scams: Online scams involve fraudulent schemes like advance-fee fraud,
lottery scams, romance scams, investment fraud, and phishing emails, deceiving
individuals into providing money or sensitive information.

7) Child Exploitation: Child exploitation involves online sexual abuse, grooming,

trafficking, or exploitation of children, posing significant risks to their safety and well-being
through social media or other online platforms.

8) Cyber Espionage: Cyber espionage involves stealing intellectual property, sensitive

information, or state secrets through cyber methods for sabotage, gaining a competitive
advantage in business or geopolitics.

9) Ransomware: Ransomware is a type of malware that encrypts files on a victim's

computer, demanding a ransom payment for the decryption key, causing significant
damage to individuals, businesses, and critical infrastructure.

Cybercrime is a growing threat in the digital age, necessitating proactive measures, awareness,
education, and collaboration among stakeholders to prevent, detect, and respond effectively.

02) Explain the concept of Information Technology and Cyber

Space

Information Technology (IT) and cyberspace are interconnected concepts that form the digital
world's foundation, significantly impacting modern society, communication, business, and
innovation.

1) Information Technology (I.T.):

 Hardware refers to devices like computers, servers, smartphones, and networking

equipment used for data processing and storage.

 Software refers to applications, programs, and operating systems that enable users to
perform tasks, process information, and interact with digital systems.

 Networks are systems that enable communication, data transfer, and connectivity
between devices through the use of infrastructure, protocols, and systems.

 Data management refers to the systematic use of practices, tools, and technologies for
effectively organizing, storing, securing, and analyzing data.

 Cyber-security refers to the use of measures, practices, and technologies to safeguard

systems, networks, and data from cyber threats, attacks, and unauthorized access.

Prepared by: T Jagan Mohan Kumar Page 30 | 42

 2) Cyberspace: Cyberspace is a virtual environment involving interconnected computers,
servers, devices, and digital systems, enabling communication, data exchange, and online
interactions through the internet, websites, and social media platforms.

 Cyberspace facilitates real-time communication, collaboration, and information sharing

through various online tools, messaging platforms, and social networks.

 E-Commerce refers to the online shopping, banking, and transactions conducted in

cyberspace, allowing businesses and consumers to buy, sell, and trade goods and
services electronically.

 Cyberspace is a vast repository of information, knowledge, and resources that are

accessible to individuals, organizations, and communities worldwide.

 Cyberspace fosters global connectivity by bridging geographical boundaries, fostering

inclusivity, diversity, and innovation among people, cultures, and ideas.

 Cyberspace presents significant legal, ethical, and policy challenges in areas such as
privacy, data protection, intellectual property, cyber-security, and governance in the
digital domain.

The integration of Information Technology and cyberspace significantly alters the digital
landscape, necessitating a deep understanding of these concepts for effective technology use,
data protection, and innovation.

03) Discuss the Jurisdictional issues involved in Cyberspace

Cyberspace's borderless nature challenges jurisdictional issues due to global transactions, data
flows, and digital activities, posing complexities in addressing legal disputes, cyber-security
incidents, and cybercrimes.

The following are the key jurisdictional issues in Cyberspace:

 Territoriality: The geographical location of servers, data centres, or online activity

participants may not align with national territorial boundaries, causing uncertainties in
legal jurisdiction determination.

 Cyber Crimes: Cybercriminals operate globally, making it challenging to track and

prosecute offenders across borders. International cooperation, mutual legal assistance,
and extradition treaties are necessary for effective combat.

Prepared by: T Jagan Mohan Kumar Page 31 | 42

  Data Protection and Privacy: Data transfer across countries may be influenced by
conflicting privacy, data protection, and security laws, raising concerns about data
sovereignty, cross-border data flows, and regulatory compliance.

 Online Transactions: E-commerce transactions, digital contracts, and online services

often involve multiple jurisdictions, necessitating clarity on laws, consumer protection
regulations, tax requirements, and dispute resolution mechanisms for cross-border
transactions.

 Content Regulation: Content shared on the internet, including social media posts,
websites, and digital media, can raise concerns about censorship, defamation, hate
speech, intellectual property infringement, or offensive material, posing challenges in
enforcing content regulations across jurisdictions.
 Cross Border Dispute: Online disputes, including domain name disputes, intellectual
property infringement, and online contract breaches, often involve parties from different
countries, requiring clarity on jurisdictional competence, law choice, and enforcement
of judgments.

 Cloud Computing: Cloud services and virtual servers hosted by global providers
require clear data privacy, security standards, residency requirements, and legal
obligations for data breaches or access requests across multiple jurisdictions.

 International Cooperation: International cooperation, harmonization of laws, mutual

legal assistance agreements, cyber treaties, and collaboration among governments,
law enforcement agencies, and international organizations are crucial for resolving
jurisdictional issues in cyberspace.

A multi-stakeholder approach is needed to address jurisdictional challenges in cyberspace,

involving governments, policymakers, legal experts, technology companies, and civil society to
develop global norms and mechanisms.

04) How is Copyright protected in digital era? Explain with

special reference to fair use defense
(or)
Examine the Copyright issues involved in Internet Activities.

Copyright protection in the digital era involves measures to safeguard creators, authors, and
copyright holders' rights. Adapted laws address digital infringement, piracy, and unauthorized use.
The following are the fair use defense balances protecting copyright with promoting freedom of
expression and information access.

Prepared by: T Jagan Mohan Kumar Page 32 | 42

 a) Digital Right Management (DRM): DRM technologies safeguard digital content from
unauthorized use, enforce copyright restrictions, control access, and prevent piracy by
protecting digital works.

b) Notice and Takedown Procedures: Online platforms and service providers use
notice and takedown procedures to address copyright infringement claims, allowing
copyright holders to remove or disable infringing content.

c) Legal Action against Infringers: Copyright holders can enforce copyright protection
through lawsuits, injunctions, and damages against infringers in the digital domain.

d) Fair Use Doctrine: Fair use is a legal principle enabling limited use of copyrighted
works without permission for various purposes, including criticism, commentary, news
reporting, research, teaching, and parody, as a defense against copyright infringement.

e) Transformative Works: Fair use protection applies to transformative works that add
new expression, meaning, or purpose to copyrighted material, such as parodies,
remixes, reviews, and educational content.

f) Digital Fair Use Challenges: Courts analyze fair use factors in the digital era,
considering factors like ease of copying, sharing, and repurposing, as well as the
impact of digital media on traditional copyright principles.

g) Balance between Rights and Access: The fair use defense balances copyright
holders' rights with public access to knowledge, creativity, and information, promoting
innovation and the free exchange of ideas while respecting authors' rights.

Fair use defense allows individuals, educators, creators, and researchers to navigate copyright
laws, exercise rights, and contribute to a digitally vibrant cultural and educational ecosystem.

05) What is E-Commerce? Explain Security issues relating to E-

Commerce
(or)
Explain how the Information Technology Act seeks to remedy most
of the problems in the field of E-Commerce

E-commerce involves buying and selling goods, services, or information online through websites,
mobile apps, or marketplaces. It includes various business models and requires security to protect
sensitive data, payment information, and user privacy.

Key Security issues relating to E-Commerce:

Prepared by: T Jagan Mohan Kumar Page 33 | 42

 a) Data Security: E-commerce prioritizes data security to protect customer information,
payment details, and transaction records from unauthorized access, breaches, or cyber-
attacks through encryption, access controls, secure protocols, and data storage practices.

b) Payment Security: Payment security is crucial in e-commerce, ensuring secure online

transactions, credit card information, and banking details through secure gateways,
compliance with the Payment Card Industry Data Security Standard, and fraud detection
mechanisms.

c) Identity Theft: Identity theft in e-commerce is a significant security concern, requiring

robust user authentication, account security measures, and identity verification protocols to
prevent fraud and unauthorized transactions.

d) Phishing and Social Engineering: Phishing attacks in e-commerce involve deceptive

emails, fake websites, and malicious links. Educating users about risks, implementing
email verification, and adopting secure browsing practices help counter these threats.

e) Malware and Cyber Attacks: E-commerce platforms face security threats from
malware, ransomware, distributed denial-of-service attacks, and cyber intrusions. Regular
security updates, antivirus software, intrusion detection systems, firewalls, and intrusion
detection systems are crucial.

f) Third Party Risks: E-commerce platforms face risks from third-party vendors, payment
processors, and cloud services, necessitating due diligence, vendor management, contract
agreements, and security assessments to mitigate these risks.

g) Regulatory Compliance: E-commerce businesses must adhere to data protection

laws, privacy regulations, consumer rights, and financial regulations to maintain trust,
protect user data, and ensure legal compliance.

h) Mobile Security: Mobile e-commerce presents security risks for devices, apps, wallets,
and transactions. Enhancing device security, securing apps, and implementing secure
payment solutions are crucial for mitigating these issues.

Implementing robust security measures in e-commerce businesses can enhance cyber-security

resilience, protect customer data, ensure safe transactions, and build trust with users, requiring
proactive security posture and investment in technologies.

06) Who are Intermediaries? Discuss the liability of

Intermediaries

Prepared by: T Jagan Mohan Kumar Page 34 | 42

Intermediaries, also known as online or internet intermediaries, facilitate online interactions, and
communications by providing platforms, services, or networks for users to create, share, host, or
access content, data, or services.

Below are the some common types of Intermediaries:

a) Internet Service Providers: ISPs offer internet connectivity services to individuals,

businesses, and organizations, enabling users to access the internet, browse websites,
and communicate online.

b) Social Media Platforms: Social media platforms like Facebook, Twitter, Instagram, and
YouTube act as intermediaries, hosting user-generated content, facilitating social
interactions, and sharing content among users.

c) E-Commerce Platforms: E-commerce platforms like Amazon, eBay, Shopify, and

Alibaba act as intermediaries, connecting buyers and sellers, facilitating online
transactions, and hosting product listings.

d) Search Engines: Search engines like Google, Bing, and Yahoo serve as
intermediaries, aggregating, indexing, and ranking web content to facilitate user search for
information, websites, and online resources.

Liabilities of Intermediaries:

a) Safe Harbor Provisions: Intermediaries are protected by safe harbor provisions,

ensuring they act as neutral platforms and not actively create or moderate user content.

b) Notice and Takedown: Intermediaries are required to promptly remove or disable

access to infringing content upon receiving a valid takedown notice.

c) Due Diligence: Intermediaries may be held liable if they fail to address illegal activities
on their platforms, such as facilitating criminal acts, promoting hate speech, disseminating
malware, or enabling unlawful transactions.

d) User Data Protection: Intermediaries are obligated to safeguard user data privacy and
information collected through their platforms, ensuring compliance with data protection
laws, confidentiality policies, and security measures.

e) Transparency and Accountability: Intermediaries face scrutiny for content

moderation, algorithmic biases, data handling practices, and user engagement, with
transparency reports, community guidelines, and accountability measures promoting
responsible behavior and ethical standards.

Prepared by: T Jagan Mohan Kumar Page 35 | 42

Intermediaries' liability is crucial for a secure online ecosystem, ensuring legal standards, ethical
practices, and user protections, promoting positive digital interactions and global internet
accessibility.

07) Write a note on the nature of liability of the Internet Service

Provider

ISPs are vital for internet connectivity, enabling access to online services and applications. Their
liability is a complex legal issue involving intermediary liability, data protection, privacy rights, and
legal obligations.

Here are some key aspects of the liability of Internet Service Providers:

a) Intermediary Liability: ISPs, as legal intermediaries, may benefit from safe harbor
provisions, shielding them from direct liability for content transmitted over their networks,
as they act as neutral conduits.

b) Transmission of Content: ISPs transmit data packets without monitoring content for
illegal content, but may be required to address illegal content on their networks under court
orders or law enforcement requests.

c) Copyright Infringement: ISPs must comply with copyright laws, implement

infringement policies, and respond to takedown notices to avoid liability concerns related to
unauthorized sharing or distribution of copyrighted material.

d) Data Protection and Privacy: ISPs are responsible for managing vast amounts of user
data, ensuring data protection, privacy rights, and compliance with GDPR laws to minimize
liability risks.

e) Network Security: ISPs must ensure network security through measures like
encryption, traffic filtering, and incident response plans to prevent cyber threats, malware
attacks, and data breaches.

f) Quality of Service: ISPs must ensure reliable internet connectivity, high-quality service,
and fair access for consumers and businesses, while maintaining transparency, consumer
protection regulations, and minimizing liability risks.

g) Transparency and Accountability: ISPs should enhance transparency in operations,

service policies, and data handling practices to build trust, promote accountability, foster
ethical standards, and minimize liability exposure.

Prepared by: T Jagan Mohan Kumar Page 36 | 42

ISPs' liability involves balancing internet connectivity, user rights protection, legal obligations, and
network security, ensuring a safe, secure, and inclusive digital environment for all users.

08) What is E-Governance? Explain how the provisions of the I.T.

Act facilitate E-Governance

E-Governance is the use of Information and Communication Technologies (ICT) to enhance

government operations, service delivery, public administration, and citizen engagement by
streamlining services, improving efficiency, transparency, accountability, and responsiveness in
governance.

Here is an explanation of E-Governance and how the provisions of the Information

Technology (IT) Act facilitate E-Governance:

1) E-Governance Objectives:

 Enhance access to government services and information for citizens.

 Improve efficiency and transparency in government operations.
 Foster citizen participation and engagement in decision-making processes.
 Enhance service delivery, responsiveness, and quality of public services.
 Promote digital inclusion, innovation, and data-driven governance practices.

2) Provisions of the I.T.Act for E-Governance:

 The IT Act acknowledges electronic records, digital signatures, and electronic documents
as legally valid communication, transactions, and documentation tools, facilitating
electronic governance interactions.

 The IT Act permits the use of electronic signatures in government transactions, thereby
reducing paperwork and ensuring secure online authentication.

 The IT Act ensures cybersecurity, data protection, and privacy for securing government
systems, data networks, and citizen information in E-Governance operations.

 The IT Act promotes cashless transactions and financial inclusion through provisions on
electronic transactions, digital signatures, and payment gateways for online payments and
e-Procurement.

 The IT Act ensures data protection, privacy, and confidentiality of electronic information,
crucial for safeguarding citizen data, sensitive government information, and public records
in E-Governance processes.

Prepared by: T Jagan Mohan Kumar Page 37 | 42

 3) Benefits of I.T. Act for E-Governance:

 The IT Act ensures legal recognition and enforcement for electronic records, digital
transactions, and online governance processes.

 The IT Act provides secure digital signatures, encryption, and authentication mechanisms
to safeguard the integrity, confidentiality, and security of government data and
communications.

 The IT Act's e-Governance initiatives improve service delivery, streamline processes, and
boost operational efficiency through digital workflows, online interactions, and automated
processes.

 The IT Act's online platforms and digital initiatives foster citizen engagement, information
access, feedback mechanisms, and participatory governance in E-Governance initiatives.

The Information Technology Act supports E-Governance by providing a legal framework for
electronic transactions, data security, digital signatures, and cyber laws, enhancing service
delivery, citizen engagement, and administrative efficiency.

09) Explain the legal recognition of Electronic Records and

Electronic Evidence

Legal recognition of electronic records and evidence is crucial for establishing the validity,
admissibility, and probative value of digital information in modern legal systems, including emails,
documents, and court cases.

Here is an explanation of the legal recognition of electronic records and electronic

evidence:

1) Legal Framework for Electronic Records:

 Section 4 of The Information Technology Act, 2000 grants legal recognition and validity to
electronic records, electronic signatures, and digital documents, promoting digital
transactions, contracts, and communications.

 The Indian Evidence Act, 1872, regulates the admissibility, proof, and presumption of
electronic records in legal proceedings, with Sections 65B requiring compliance with
specific requirements for electronic evidence to be admitted in court.

2) Requirements for Admissibility of Electronic Evidence:

Prepared by: T Jagan Mohan Kumar Page 38 | 42

  Section 65B of the Indian Evidence Act mandates electronic evidence to be authenticated
by an electronic signature certificate from a certified authority, ensuring its admissibility in
court.

 Electronic evidence must be authenticated, preserved in its original form, and maintain
integrity to establish its reliability, accuracy, and trustworthiness as legal evidence.

 Ensuring a chain of custody for electronic evidence is crucial for preserving its evidentiary
value and preventing tampering or manipulation of digital data.

3) Legal Precedents and Interpretation:

 Judicial decisions, case law, and precedents significantly influence the legal recognition of
electronic records and evidence in court proceedings, establishing standards and
guidelines for compliance.

4) Digital Signatures and Certificates:

 Digital signatures, electronic certificates, time-stamping, encryption, and authentication

mechanisms are utilized in legal proceedings to verify the authenticity, integrity, and
validity of electronic records and evidence.

5) Expert Testimony and Forensic Analysis:

 Expert testimony, forensic analysis, and technical evidence are crucial in presenting,
analyzing, and interpreting electronic evidence in court, providing crucial insights into its
authenticity and origin.

Legal recognition of electronic records and evidence is crucial for maintaining legal proceedings
integrity, protecting parties' rights, and promoting trust in digital transactions, enhancing judicial
proceedings and addressing digital information complexities.

10) Explain about Trademarks and Domain Name Registration

Trademarks and domain name registration are interconnected aspects of intellectual property and
online branding, with their significance, differences, and relationship being explained in this
summary.

1) Trademark:

 Definition: A trademark is a unique symbol, symbol, or word used to distinguish one

entity's goods or services from others, aiding in brand recognition, safeguarding brand
value, and preventing consumer confusion.
Prepared by: T Jagan Mohan Kumar Page 39 | 42
  Legal Protection: Intellectual property laws protect trademarks, ensuring exclusive rights
of the owner to use, license, and prevent unauthorized use, infringement, or dilution by
competitors.

 Registration Process: Trademarks can be registered with the relevant intellectual

property office for legal protection and exclusive rights for specific goods or services
categories.

 Enforcement: Trademark owners can enforce their rights by taking legal action against
infringers, filing infringement claims, sending cease-and-desist notices, and seeking
remedies for trademark rights violations.

2) Domain Name Registration:

 Definition: A domain name is a distinctive web address that identifies a website on the
internet, serving as the online identity of a business, organization, or individual.
 Purpose: Domain names offer a memorable and easily readable address for websites,
email communications, and online presence, enhancing brand visibility, accessibility, and
online marketing efforts.

 Registration Process: Domain names can be registered with domain registrars, hosting
providers, or resellers by selecting an available name, choosing a top-level domain (TLD),
and completing the registration process.

 Registration Information: Domain name registration necessitates providing contact

details, registrant information, administrative and technical contacts, and DNS settings for
precise record-keeping and ownership verification.

 Renewal and Maintenance: Domain names are registered for a specific period and
require renewal. Regular monitoring, updating contact information, and preserving domain
integrity are crucial for maintaining ownership.

3) Relationship between Trademarks and Domain Names:

 Protection and Branding: Trademarks and domain names are essential tools for
safeguarding brand identity, establishing an online presence, and enhancing brand
recognition in digital environments.

 Conflict: Trademark owners may face domain name conflicts if others register identical or
similar domain names, potentially leading to cybersquatting, trademark infringement, or
brand misrepresentation in online contexts.

Prepared by: T Jagan Mohan Kumar Page 40 | 42

  Domain Disputes: Trademark owners can resolve domain name disputes through
Uniform Domain Name Dispute Resolution Policy, arbitration, or legal action to enforce
trademark rights and protect brand equity in domain registrations.

11) Explain how the I.T. Act articulates both Cyber

Contraventions and Cyber Offences

The Information Technology Act, 2000 in India outlines cyber contraventions and offences,
addressing violations, breaches, and criminal activities in information technology, digital systems,
and online transactions, distinguishing between regulatory violations and criminal acts.

Here how the IT Act articulates both cyber contraventions and cyber offences:

1) Cyber Contraventions:

 Definition: Cyber contraventions involve regulatory violations, non-compliance, or

breaches of legal provisions in the IT Act and related rules, leading to civil liabilities,
penalties, or administrative actions.

 Regulatory Provisions: The IT Act outlines regulations on electronic transactions, data

protection, privacy violations, cybersecurity measures, digital signatures, and compliance
requirements in information technology and cyberspace.

 Enforcement Mechanism: Cyber contraventions are addressed by regulatory authorities

like the Ministry of Electronics and Information Technology (MeitY) or the Indian Computer
Emergency Response Team (CERT-In).

2) Cyber Offences:

 Definition: Cyber offences are illegal activities and criminal acts committed using
information technology, digital devices, and online platforms, punishable by law, leading to
criminal charges, prosecutions, and penalties.

 Criminal Provisions: The IT Act outlines criminal offenses related to cybercrime, fraud,
data breaches, hacking, malware distribution, online harassment, identity theft, and cyber
terrorism, involving illegal activities utilizing digital technologies.

 Prosecution and Enforcement: Cyber offenses are resolved through criminal

investigations, law enforcement charges, court prosecution, legal proceedings, and
potential penalties or imprisonment upon conviction for cybercriminal activities.

3) Legal Framework:

Prepared by: T Jagan Mohan Kumar Page 41 | 42

  The IT Act offers a comprehensive legal framework for addressing cyber offenses and
contraventions, outlining regulatory requirements, enforcement mechanisms, investigation
procedures, and legal consequences.

The Information Technology Act, 2000 in India regulates digital activities, combat cybercrime,
protects digital assets, upholds cybersecurity standards, and ensures compliance with legal
provisions, promoting a secure, trustworthy, and law-abiding digital ecosystem.

Prepared by: T Jagan Mohan Kumar Page 42 | 42