[This is the third article in the series of articles
discussing the provisions of ECT-2002, the draft Bill pending for passage in
South Africa.]
Indian ITA-200 had addressed the issue of Cyber Crimes under two different
chapters. While Chapter XI addresses wrongs that are punishable by
imprisonment and fine to the state, Chapter IX refers to the wrongs where a
victim can claim damages and compensation. In effect, though not specified,
Chapter XI refers to criminal offences and Chapter IX refers to Civil
offences.
Chapter IX offences under Section 43 are subject to adjudication at
the discretion of the Government or otherwise can be tried by a Civil Court
having the necessary jurisdiction. (There are other offences under the Chapter
that relate to the Certifying authorities regarding various administrative
lapses which we can ignore for the time being.)
This section 43 covers the following types of offences.
a) Unauthorised access to a Computer
b) Unauthorised downloading or copying of information
c) Introducing Virus
d) Causing damage to a Computer or the data within
e) Causing Disruption of a Network
f) Causing Denial of access
g) Charging of service to another person.
It must be noted that in all these cases "Unauthorised" refers to the owner
of the Computer. It does not refer to the owner of the content there in. Hence
this section does not appear to cover the "Copyright" aspect of the content.
On the other hand, the principle offences enumerated in Chapter XI comprise of the following.
Sec 65: This mainly deals with cases that fall under "Suppression of
Evidence"
Sec 66: This deals with "Intentional Destruction of Information in a
Computer" which is defined as "Hacking"
Sec 67: This deals with the publishing and distribution of material which
is obscene in electronic form.
Sec 72: This deals with the private information that comes in the
hands of the Certifying Authorities and other agencies in pursuance of
the provisions of ITA-2000 and not the privacy of information of the public in
the hands of web site owners etc.
Thus the essence of Chapter XI of the Indian
ITA-2000, does not deal with issues of Copyright of web content, nor Privacy
of information on the Internet. It confines to mainly Obscenity and Hacking.
The Act does not deal with "Frauds" or "Spam" or any other Cyber Crime
directly. The only remedy for law enforcement authorities is to bring the
crime under the normal laws such as IPC and use ITA-2000 only to make use of
Cyber evidence.
In contrast, the ECT-2002 has in three simple sections 90
to 92 covers most of the Cyber Crimes that affect us today.
These sections deal with "Unauthorised interception of
data", "Unauthorised modification of data", which cover the offences of
"Hacking" as defined in Indian law without the use of such a definition and
also "Denial of Service". Computer Extortion, Fraud and Forgery are also
specifically covered.
The Act separately covers the need to maintain privacy of
personal information obtained by data controllers during electronic
transactions but makes the liability for breach a subject matter of individual
contract between the parties.
Additionally, what is important to note is that
"Selling or using of devices that assist in breaking of security measures for
protecting data", are made an offence under the ECT-2002.
Section 90 (3) of the proposed act reads as under.
"A
person who unlawfully produces, sells, offers to sell, procures for use,
designs, adapts for
use,
distributes or possesses any device, including a computer program, which is
designed primarily to overcome security measures for the protection of data,
or performs any of these acts with regard to a password, access code or any
other similar kind of data with the intent to unlawfully utilize such item to
contravene this section, is guilty of an offence."
Here is a tinge of what DMCA in USA is all about and for
which DMCA has been called Stinking".
Vendors of software referred to in the section above who
make it available to the people of the Republic of South Africa will now be
liable for trial as per the jurisdictional coverage envisaged in the Act even
if they are not residents of the Republic.
Hopefully, Mr Dmitry Skylov takes note of this provision
and desist from travelling to South Africa!!.
Naavi
March 15, 2002
Related Articles:
E-Governance Through Legislation-Contrasting Styles
ITA-2000 and ECT 2002
Governance of the Domain Space ECT2002 Vs ITA-2000