Internet is like a vast ocean with various waves and undercurrents operating at different levels. These waves and undercurrents are manifested in the various criminal activities that are often undertaken by cyber criminals for the purposes of perpetuating their illegal criminal designs. The fact that Internet made geography history, has further helped cyber criminals to enlarge the ambit of their potential cyber criminal activities to global audience. While technology has facilitated networks being accessible across the world from different computers, it has also facilitated hitherto unknown mechanisms of duping and defrauding the lay innocent Internet users. The anonymity on the Internet has acted as a catalyst for people to exploit the weaknesses of technology for the purposes of cheating and defrauding the innocent users. As a result, one finds that Internet fraud as a phenomenon has increased dramatically over the last decade and half. Internet fraud as a phenomenon has taken various manifestations.
According to Wikipedia, Internet fraud refers to the use of Internet services to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to others connected with the scheme.
Internet fraud can occur in chat rooms, e-mail, message boards or on websites. Legal Dictionary defines Internet Fraud as a crime in which the perpetrator develops a scheme using one or more elements of the Internet to deprive a person of property or any interest, estate, or right by a false representation of a matter of fact, whether by providing misleading information or by concealment of information. Internet fraud is any type of intentional deception that uses the Internet. This includes fraud that occurs in chat rooms, message boards, web-sites and through e-mail. It occurs in the form of deceitful solicitations and fraudulent transactions.
Internet frauds can broadly be classified in various categories. Some of these categories are as follows:
One of the most classical categories of Internet frauds relates to the Nigerian 419 scam. Investopedia defines the Nigerian 419 scam as a scam where the senderrequests help in facilitating the transfer of a substantial sum of money, generally in the form of an e-mail. In return, the sender offers a commission, usually in the range of several million dollars. The scammers then request that money be sent to pay for some of the costs associated with the transfer. If money is sent to the scammers, they will either disappear immediately or try to get more money with claims of continued problems with the transfer. This is also known as “advance fee fraud” and the “419 fraud.”
As a nation, India has seen various manifestations of Internet frauds. Indians earlier were targeted by Nigerian 419 scam. Thereafter, we also saw innovative Indian minds adopting the model of Nigerian 419 scam for the purposes of customizing the same in the specific customized requirements of Indian society. Consequently, various Indianized versions of Nigerian 419 scam emerged. So significant have been the Indianized versions that the Reserve Bank of India has come out with an advisory cautioning the public against responding in any manner to offers like lottery winnings and remittance of cheap funds in foreign currency from abroad by so-called foreign entities or individuals. Stating that “many residents have already become victims and have lost huge sums of money by falling for such fictitious offers”, the RBI has advised the public to immediately register a complaint with the local police/cyber crime authorities when they receive such offers. It also cautioned public against making any remittance towards participation in such schemes/offers from unknown entities since such remittances are illegal and any resident in India collecting and effecting/remitting such payments directly/indirectly outside India. is liable to be proceeded against for contravention of the Foreign Exchange Management Act, 1999.
“India has seen various manifestations of Internet frauds. Indians earlier were targeted by Nigerian 419 scam. Thereafter, we also saw innovative Indian minds adopting the model of Nigerian 419 scam for the purposes of customizing the same in the specific customized requirements of Indian society. Consequently, various Indianized versions of Nigerian 419 scam emerged.”
While internet fraud as a phenomenon has grown tremendously, the law has been slow in addressing the same. Prior to coming to implementation of the Indian Cyberlaw, the Indian Penal Code was resorted to by the law enforcement agencies. The Indian Penal Code deals with various kinds of frauds as offences including the criminal breach of trust, misrepresentation and cheating as well as fraud. Given the advent of the electronic form, India enacted its Cyberlaw-the Information Technology Act, 2000. Primarily being the e-commerce enabling legislation, the Information Technology Act did not deal with Internet fraud. Section 66 of the said Act talked about hacking in the widest possible terms in the following manner:
I have had the opportunity to speak on Cyber Laws at numerous forums and interact with a cross section of stake-holders including people from the IT industry, law enforcement agencies (police etc.), public prosecutors, lawyers and other professionals. In my view, the general awareness about Cyber Laws in India today, is low, for various reasons. Even though information technology has entered innumerable activities in the society, the legal implications are yet to be assimilated by the stake-holders. TheInformation Technology Act, 2000 is yet to be applied in letter and spirit, to electronic activities. Since the compliance of the IT Act is not being insisted upon by various stakeholders, there is lack of implementation of the law which leads to low awareness. Also, the mechanisms for training the various stake-holders on Cyber Laws are grossly insufficient. Unless the training mechanism is made vibrant and extended far and wide, the awareness on Cyber Laws will remain low.
Since cyber legal issues are not being frequently raised in our courts, the evolution of Cyber Laws is rather slow in India. Our legal system can respond to cyber legal issues only if the same are raised more often. With the compliance of Cyber Laws not being insisted upon by the various stake-holders, the law is not evolving as it ought to. However, the government has definitely taken certain significant steps towards evolution of Cyber Laws in India. For instance, the IT Act was amended in the year 2009 to include numerous new legal provisions. While the government appears to be pro-active on certain cyber legal issues such as the ‘Blackberry’ dispute, the approach is one-sided. It’s time the various stake-holders raise important cyber legal issues with respect to “privacy versus security”, criminal liability of intermediaries, to name a few.
Since computers and the Internet have invaded most human activities, it is imperatively necessary to have a comprehensive cyber law regime in the country. The IT Act was passed in a great haste, without requisite reflection and debate. Our policy makers were in a great hurry to be amongst the first few countries with a Cyber Law in place. Due to this haste, numerous shortcomings have crept into the IT Act. Another grave problem is of overlegislation and criminalizing even simple violations. To cite one specific instance, planting a virus in another’s computer is a criminal offence, after the amendment of the IT Act in 2009. It is impossible to determine the source of a computer virus. Moreover, computer virus is as common as common cold! Even with the best anti-virus software, it is impossible to ensure that an electronic record being transmitted is free from computer virus as new viruses keep coming into existence from time to time. Planting a virus in another’s computer should have remained a simple violation, inviting some financial penalty and compensation to the victim, rather than making it a criminal offence. It would be a tragic comedy to see every computer user in the country, being implicated for sending computer virus, in a criminal case!
The way the original Section 66 of the Information Technology Act was provided, all instances where there were diminishing of value or utility of electronic information residing in a computer resource were covered and various kinds of Internet frauds were capable of being covered thereunder. It is pertinent to point out that there are no direct provisions under the Information Technology Act relating to cyber frauds or Internet frauds. Consequently, as time passed by, the practical experience showed that the police was not comfortable in invoking the provisions of the Information Technology Act for dealing with the Internet fraud related cases, but were more comfortable in invoking the provisions of the Indian Penal Code in this regard.
The Information Technology (Amendment) Act, 2008 amended the Information Technology Act, 2000 and further went ahead toincorporate various new kinds of cyber crimes. It is pertinent to point out that though number of cyber crimes were added under the Information Technology Act, 2000, yet the offences of Internet fraud was distinctly not added. Of particular relevance were the following offences under the amended Information Technology Act, 2000:
In my view, the amendment to the IT Act indicates an endeavour by the government to create an active policy which is technology neutral. The Information Technology Act, 2000 was introduced on June 09, 2000 and came into force on October 17, 2000. Virtually, it was amended vide notification dated October 27, 2009. Mitigation which led to the introduction of the Information Technology Act formed the basis of the model law of electronic commerce known as the United Nation Commission of International Trade Law. The preamble of Act 21 of 2000 categorically provides legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code 1860, the Indian Evidence Act 1872, the Bankers’ Books Evidence Act 1891 and the Reserve Bank of India Act 1934 and for matters connected therewith or incidental thereto. Today, the IT Act proactively deals with new challenges being posed by the Internet in relation to the cyber-crime regime.
In my view, there are certain crimes which now form part of the cyber-crime regime and are stringently dealt with by the Information Technology Act. Talking in terms of Internet fraud, it is one such example. It is done through the use of stolen credit card information by copying information from retailers, either online or offline. In the recent past, we have seen many business enterprises advertising fraudulent schemes using Internet as a tool to advertise ostensible business opportunities, allowing individuals to earn thousands in a month in “work-at-home” ventures. The individuals fall prey to such dubious advertisements and pay anywhere between Rs. 1500 to Rs. 3000 or more, but such fraudster enterprises fail to deliver the information that would be needed to make the “work-at-home” opportunity a potentially viable business. There are certain reported cyber-crimes popularly known as “financial crimes” which include cheating, credit card frauds, money laundering and are punishable under the Indian Penal Code and the Information Technology Act. Although, these types of investment fraud are seen as online mirror but the individuals need to make a concerted effort to all such offers with cynicism. The Information Technology Act under the legal provisions impose stern punishment to counter such abuse of the Internet and E-Commerce facilities, thus, creating a doubtful mindset in our socio-economic society.
Further importance and relevance is of the fact that few new sections have been added under Chapter XI of the Information Technology Act, 2000, which have a bearing upon Internet frauds, including the following:
Any person who sends, by means of a computer resource or a communication device,-
Explanation:- For the purposes of this section, terms “Electronic mail” and “Electronic Mail Message” means a message or information created or transmitted or received on a computer, computer system, computer resource or communication device including attachments in text, image, audio, video and any other electronic record, which may be transmitted with the message.
Whoever dishonestly receives or retains any stolen computer resource or communication device knowing or having reason to believe the same tobe stolen computer resource or communication device, shall be punished with imprisonment of either description for a term which may extend to three years or with fine which may extend to rupees one lakh or with both.
Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.
Whoever, by means of any communication device or computer resource cheats by personation, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees.
A perusal of the above provisions clearly shows that while Internet fraud as a phenomenon has not been directly addressed under the amended Information Technology Act, 2000, varied facets of the said criminal activities are sought to be covered. One of the major problems of the amended Information Technology Act, 2000 with respect to various offences defined therein which have an impact on Internet fraud is that the said offences have been made as bailable offences where the accused is entitled to bail as a matter of right. The law, therefore, lacks its deterrent teeth when one is faced with the phenomenon of Internet fraud. We, as a nation have very few convictions in cases pertaining to Internet frauds. The ArifAzim case was the first case in India where the conviction was done for an incident of cyber fraud. However, in that case no sentence was awarded, given the young age of the accused and no history of his previous criminal behavior.
“Internet fraud as a phenomenon is continuing to be an integral part of the Internet ecosystem. Cyber criminals will continue to innovate and come across with newer kinds and manifestations of Internet frauds. It is important that law must be made well equipped to deal with the challenges of Internet frauds.”
Another facet that needs to be considered here is that the Indian Cyberlaw has now provided for yet another new statutory remedy in the case of Internet fraud in the event the identity of the real cyber criminal is known. This remedy is for seeking damages by way of compensation uptoRs. 5 crores per contravention under the amended Information Technology Act, 2000. These are summary proceedings and do not go to regular court of law and are decided by the special Adjudicating Officers. There has been a landmark case, Umashankar vs. ICICI Bank, decided under the Information Technology Act, 2000. In this case, for a matter related to Internet fraud and phishing, the award of over Rs. 12 lakhs was awarded in favour of the claimant and against the respondent. The matter is currently sub-judice before the Cyber Appellate Tribunal. However, this case had shown that damages by way of compensation can be applied and obtained under the Information Technology Act, 2000.
From the aforesaid discussion, it is clear that the law pertaining to regulations of Internet fraud is in a stage ofdevelopment. There is an urgent need for amending the Information Technology Act, 2000 for giving the expeditious and effective remedy to victims of Internet frauds. There is a further need for giving stringent teeth to the provisions of the Information Technology Act, 2000 and make Internet fraud a specific non-bailable offence. Further, there is need to effectively implement the existing provisions of law pertaining to Internet frauds.
In conclusion, it can be stated that Internet fraud as a phenomenon is continuing to be an integral part of the Internet ecosystem. Cyber criminals will continue to innovate and come across with newer kinds and manifestations of Internet frauds. It is important that law must be made well equipped to deal with the challenges of Internet frauds and further effective remedies must be given to the victims of Internet frauds. It goes without saying that the entire phenomenon of Internet fraud is indeed very fascinating and it will be interesting to see the jurisprudence evolving around Internet frauds as time passes by.
www.grandmasters.in | 8 Years & Counting
www.rcls.in | 8 Years & Counting
www.itlegalsummit.com | 8 Years & Counting
www.bfls.in | 8 Years & Counting
www.maels.in | 8 Years & Counting
www.plcs.co.in | 8 Years & Counting
Copyright © 2020 Lex Witness - India's 1st Magazine on Legal & Corporate Affairs Rights of Admission Reserved
