Wednesday, 18th June 2010 - Hotel Bristol, M.G.
Road, Gurgaon
Session I- Introduction to Cyberlaw & IT Act,2000
By Karnika Seth
Managing Partner, SETH ASSOCIATES




Seth Associates is a leading full service Indian law firm that is internationally networked to provide spectrum of legal services to its domestic and international clients
Network of 2000 associate offices of Association of
European lawyers (AEA alliance) as foreign associates
We maintain one of the strongest Cyberlaws practice in India today. With more than a decade's experience in Cyberlaws Practice, Seth Associates recently established the World's first integrated
'Cyberlaws Consulting Centre ' at Seth Associates





CCC renders cyber legal consultancy, cyber law analytics and forensic services to its clients world wide.
Work experience of handling cybercrime matters with Delhi Police
Delivered training workshops to Delhi police on dealing with cybercrime investigation cases
Recently authored a book titled ‘ Cyberlaws in the
Information Technology age ’ published by Lexis
Nexis Butterworths that elucidates the key developments in the field of Cyberlaws across many important jurisdictions —India, United States and European nations





 This session will introduce the subject of cyberlaws and describe key features of the cyberspace and challenges in the online world.
Characteristics of cyberspace
Key Challenges in cyberspace
Reasons for rising index of cybercrimes
Introduction to the IT Act,2000




William Gibson in 1980s wrote a science fiction named
Neuromancer wherein computer hackers waged war against secure data.
The setting had no physical existence and was named
‘Cyberspace’ by Gibson.
Unique features - dynamic, borderless space, anonymity, speed, cost effective, marked with rapid technological advances







Proponents of Cyberlaws believe that one’s activities on the Internet need regulation by framing laws and rules that govern our activities in the cyberspace. This branch of law is termed as “Cyberlaws”
European Union, USA,
UNCITAL framed important laws to govern cyberspace
UNCITRAL Model law of ecommerce 1996
EU data protection Directive
DMCA Act 1998 in USA
WIPO domain name dispute
Resolution policy


Critics who advocate ‘no regulation’ or ‘self regulation’ in the Virtual space believe that government should have minimum interference in regulating the cyberspace and its use of surveillance or censorship measures.
John Perry Barlow’s
“Declaration of the
Independence of the cyberspace” and David G.
Post, The “Unsettled
Paradox”: The Internet, the
State, and the Consent of the
Governed , 5 IND. J. GLOBAL
LEGAL STUD. 521, 539
(1998)





Some early adopters in the US and the West drafted their own legislations by either adapting their existing laws in the context of cyberspace or creating new laws in respect thereof.
Determining jurisdiction and formation the e-contracts are two key issues on which traditional legal principles have been largely applied by Courts worldwide . For e.g . Longarm Statutes enacted in US and Minimum Contacts test.
General consensus that in the e-world, electronic signatures and electronic documents are equally legally valid as the hand-written signatures or hard copy paper documents. Model law on Electronic Commerce in 1996 promotes application of principle of ‘ functional equivalence ’
India enacted its first law of IT through the IT Act, 2000 based on the principles elucidated in the UNCITRAL Model law of e-commerce. Extends to whole of India and also applies to any offence or contravention thereunder committed outside India by any person {section 1 (2)} read with Section 75






Nature of the internetanonymity element coupled with no territorial borders and absence of uniform law poses a challenge to legislators and enforcement authorities
A global consensus with respect to legal enforcement and internet censorship against certain offences such as-Child pornography,
Cyberwarfare , threat to national security and cyberterrorism
Different countries differ in treatment of certain other serious issues such as
Gambling, hatespeech , political propaganda, defamatory matter, pornography on internet
These inturn may be protected by the
Right to freedom of speech and expression






Zippo sliding scale test (1) ( based on interactivity of a website),
Effects test (2) based on where effects of an illegal act are felt),
Targeting approach principles (3)( based on whether accused solicited business in a particular jurisdiction).
(1) Zippo Manufacturer v Zippo Dot com 952 F. Supp. 1119 (D.C.W.D.
Pa. 1997)
(2) Calder v. Jones465 U.S. 783 (1984).
(3) People v. World Interactive Gaming 714 N.Y.S. 2d 844 (N.Y.Sup.
1999), 1999 N.Y. Misc. LEXIS 425 (S.C. N.Y.1999)

What is a cyber threat?

From the information security perspective, a ‘ threat ‘ is defined as the potential to cause an unwanted incident in which an asset, system or organisation may be harmed.

‘Cyber threat ‘ is a threat that percolates or infiltrates through the use of computers , internet or interconnected communication devices and could comprise of information stealth, cyber warfare, virus attacks, cyber terrorism, hacking attempts , phising,sabotage, singly or in combination
.







Computers store huge amounts of data in small spaces
Ease of access
Complexity of technology
Human error
One of the key elements that keeps most members of any society honest is fear of being caught — the deterrence factor. Cyberspace changes two of those rules. First, it offers the criminal an opportunity of attacking his victims from the remoteness of a different continent and secondly, the results of the crime are not immediately apparent.
Need new laws and upgraded technology to combat cyber crimes



Computer Crime , E-Crime ,
Hi-Tech Crime or Electronic
Crime is where a computer is the target of a crime or is the means adopted to commit a crime.
Most of these crimes are not new. Criminals simply devise different ways to undertake standard criminal activities such as fraud , theft , blackmail , forgery , and embezzlement using the new medium, often involving the Internet

Cyber crimes
Web jacking
Hacking
Information
Theft
E-mail bombing
Salami attacks
Denial of
Service attacks
Trojan attacks












Credit card frauds
Cyber pornography
Sale of illegal articles-narcotics, weapons, wildlife
Crime against Government
Online gambling
Intellectual Property crimes- software piracy, copyright infringement, trademarks violations, theft of computer source code
Crime against property
Email spoofing
Forgery
Defamation
Cyber stalking (section 509 IPC)
Phising
Cyber terrorism
Crime against persons

Trade secrets
Trademark & domain names
Copyright
Patent
Categories of
IP rights
Utility model/Designs
Geographical
Indications
Plant Breeder’s rights

Intellectual Property
Patents
Trademarks
Industrial Design
Geographical
Indications
IPR
Broadcasting
Music
Dramatics Works
Literature
Sound Recording
Works of Art
Computer Programs

The Trade Marks Act, 1999
Trade Marks
The Patents Act, 19 70
Patents
Copyright
Designs
Geographical Indications
Plant Varieties
Semi conductor IC layout
The Copyright Act, 1957
The Designs Act, 2000
The Geographical Indications
Of Goods Act, 1999
The Protection of plant varieties and
Farmers’ Right Act, 2001
Semi conductor IC layout design
Act,2000









Patents (20 years)
Trademarks (10 years + renewals)
Copyrights in published literary, dramatic, musical, and artistic works (Lifetime of author +60 years).
Copyright in photographs ,cinematographic film, sound recordings –(60 years from year in which it was published)
Broadcast reproduction right(25 years from the beginning of the calendar year next following the year in which the broadcast is made.)
Performers right(25 years from the beginning of the calendar year next following the year in which the performance is made)
Industrial designs (10 years+ renewal permitted once for 5 years )
Trade-secrets and know how collectively “proprietary technology” (contract period-protected by contract provisions, doctrine of breach of trust)



Nature of internetBorderless space, ease of flow of information, promptness, anonymity, easy to share, distribute and copy information at very less cost.
These multiple perspectives to IPR include:




" Information Wants to be Free ." These people believe there should be no copyrights or other protections of intellectual property; everything made publicly available should be public domain.
" Right of Attribution ." These people believe that the only rights owed to authors and creators is the right of attribution; otherwise, all information is free.
" Limited Use Rights ." These people believe that copyright has validity but minor infringing behavior, whether "fair use" or not, should be legal.
" Strong IP Regimes ." These people adhere strictly to intellectual property protections.
(Note that there is also the moral rights perspective, which exists on a different scale but is most closely aligned with the Strong IP
Regimes category.)




The question of new, sui generis form of protection was seriously considered in the 1970s, but copyright protection became the norm. the TRIPS Agreement requires that
‘
Computer program, whether in source or in object code, shall be protected as literary works under the Berne Convention
’
.
Case on point-Ibcos computers v Barclays
FinanceLtd (1994)FSR 275,Apple computer inc vsFranklin
ComputerCorpn714F2d1240(3 rd Cir 1983).
India party to Berne convention, Paris convention and
UCC1952.
India-Copyright Act-Section 2(o)-computer programme is literary work.section 2(ffc) defines computer programme.,section 2(ffb) defines computer-copyright
– tangible
– storage in any medium




Kelly v Arriba Soft Corp 280 F3d 934(9 th
Cir2002)
Plaintiff leslie kelly had copyrighted many images of American west. Some were located on her website. Defendant produced thumbnail pictures in its search engine’s search results and by clicking on them, larger version could be viewed within Arriba’s page.
Circuit court held, use of thumbnails is fair use but display of larger image within its webpages is violation of author’s exclusive right to publicly display his works.

Passing off
“No body has any right to represent his goods as the goods of somebody else”
Lord Halsbury
Passing off action allows trader A to prevent trader B from passing their goods off as if they were A’s.
Passing off is available where there is a prospect of confusion of identity through the unauthorized use of similar marks or get up, and such use damages, or is likely to damage the goodwill and reputation of a business.
Passing off can apply to virtually any name, mark, logo or get-up which distinguishes a company, business, product or service from the other.
Passing off attracts doctrine of strict liability: the intention of the person passing itself off as another trader is irrelevant.

Lord diplock in Erven Warnink v J Townend 1979
(2)AllER 927-To Succeed in an action for passing off, a claimant should establish that:
The claimant has a goodwill
Passing off is made in the course of trade.
The defendant made a misrepresentation that is likely to deceive the public.
The misrepresentation damages or is likely to damage the goodwill of the claimant.

Domain name similar to that of known companies are used by persons in order to promote their products or services.
A company creates a website to promote his business of soft drinks and deliberately gives it the domain name www.cocacola.com
, now this domain name is bound to confuse and mislead the customers as that of the well known Coca-Cola and encourage them to buy the product which infact is of another company. This can be termed as passing off.

Yahoo! Inc. vs Akash Arora(1999)
FACTS: The defendant installed a website Yahooindia.com
nearly identical to plaintiff’s renowned yahoo.com and provided services similar to those of the plaintiff.
DECISION: The Delhi High Court granted an injunction restraining defendant from using yahoo either as a part of his domain name or as a trade mark .It held that trade mark law applies with equal force on the internet as it does in the physical world.

Yahoo! Inc. vs Akash Arora(1999)
FACTS: The defendant installed a website Yahooindia.com
nearly identical to plaintiff’s renowned yahoo.com and provided services similar to those of the plaintiff.
DECISION: The Delhi High Court granted an injunction restraining defendant from using yahoo either as a part of his domain name or as a trade mark .It held that trade mark law applies with equal force on the internet as it does in the physical world.

In the case of Marks & Spencer Plc and others v. One in a
Million Ltd. and others , the deputy judge of the English
Court held that:
" Any person who deliberately registers a domain name on account of its similarity to the name, brand name or trade mark of an unconnected commercial organization must expect to find himself on the receiving end of an injunction to restrain the threat of passing off, and the injunction will be in terms which will make the name commercially useless to the dealer.“
In the case of Rediff Communication Limited v.
Cyberbooth and Ramesh Nahata of Mumbai (1999 ), the
Bombay High Court supported an action of passing off when the Defendants used the term ‘RADIFF’ (similar to the name ‘REDIFF’ of the Plaintiff) to carry on business on the Internet.




A registered Trademark has the backing of infringement and passing off remedies under the TMA act.
The Act does not provide for infringement action in respect of unregistered Trademarks.
Only Passing off remedy is available in case of unregistered Trademarks.
(Section 27 of TMA Act, 1999).

Trademark infringement
Section 29 of the Trademark Act states that when a registered trade mark is used by a person who is not entitled to use such a trade mark under the law, it constitutes infringement. A registered trade mark is infringed ,if:-
1. The mark is identical and is used in respect of similar goods or services or
2. The mark is similar to the registered trade mark and there is an identity or similarity of the goods or services covered by the trade mark
3. And Such use is likely to cause confusion on the part of the public or is likely to be taken to have association with the registered trade mark.
For example, if you are not the Nike® company or authorized by it, it is an infringement to sell sports clothes called "Nikestuff “
Legal remedies under Indian Trademarks Act-
Injunction ,damages, delivery up of infringing goods, destroying infringing goods and material, etc.
For cases see heading cybersquatting
Satyam infoway vs Sifynet solutions 2004 (6)SCC 145..

Dilution
 Dilution is a trademark law concept forbidding the use of a famous trademark in a way that would lessen its uniqueness. In most cases, trademark dilution involves an unauthorized use of another's trademark on products that do not compete with, and have little connection with, those of the trademark owner. For example, a famous trademark used by one company to refer to hair care products, might be diluted if another company began using a similar mark to refer to breakfast cereals or spark plugs .
 A trademark is diluted when the use of similar or identical trademarks in other non-competing markets means that the trademark in and of itself will lose its capacity to signify a single source. In other words, unlike ordinary trademark law, dilution protection extends to trademark uses that do not confuse consumers regarding who has made a product. Instead, dilution protection law aims to protect sufficiently strong trademarks from losing their singular association in the public mind with a particular product, perhaps imagined if the trademark were to be encountered independently of any product (i.e., just the word Pepsi spoken, or on a billboard ).

Avery Dennison Corporation
Vs.
Jerry Sumpton, et al.
Facts: Jerry Sumpton and his company Freeview registered thousands of domain names - primarily typical surnames - and used these domain names to offer "vanity" email addresses to people who want an address incorporating their name. Two of the names registered included avery.net
and dennison.net. Avery Dennison brought suit against Sumpton claiming trademark dilution.
Decision: The Ninth Circuit held that Avery Dennison failed to meet the required of elements of dilution. The court concluded that the Avery and Dennison trademarks were not famous. Although the court acknowledged that the trademarks had reached a level of distinctiveness, dilution requires that a mark be both distinctive and famous. According to the court for a mark to meet the "famousness" element of dilution it must be truly prominent and renowned. Additionally, the court held that Avery Dennison failed to meet a second requirement for dilution: commercial use. Commercial use under the dilution statute requires that the defendant use the trademark as a trademark, capitalizing on its trademark status.

Teletech Customer Care Management, Inc. vs
Tele-Tech Company, Inc
Facts : The plaintiff, a large provider of telephone and Internet customer care services, had been continuously using the mark for approximately fifteen years and had waged an extensive promotion and advertising campaign for its services. The defendant, a contractor providing engineering and installation services to the telecommunications industry, registered the domain name teletech.com
.
Decision : The court held that there was no likelihood of confusion, because the parties’ businesses were so dissimilar.
However, the court found dilution, ruling that TELETECH was a famous mark, and ordered the defendant to transfer the domain name to the plaintiff.

The Washington Post Company et al. vs.
Total News, Inc.
Facts: As a one-stop news site, TotalNews.com
linked to many news sites, but kept a frame, or border around them, which the news sites argued made it look like the content was from
TotalNews.com, changed the ad layout on the page, and kept totalnews.com as the address for book marking purposes.
In the complaint the news companies claimed that TotalNews misappropriated their trademarked and copyrighted material, thereby engaging in a host of crimes including unfair competition, federal trademark dilution, and trademark and copyright infringement. The news organizations said that their websites, as they appeared within the Totalnews frames, were substantially altered from the form in which they intended them to appear to users and that it was done solely for Totalnews' profit.
TotalNews argued that the case was in essence about its freedom to link, which it claimed was a fundamental right on the Internet.
Status: The court never decided the TotalNews case because the parties settled. Totalnews agreed to remove the frame.

Panavision International vs.
Toeppen
Facts: Toeppen engaged in dilution by cyber squatting in registering the domain panavision.com offered to sell the domain to the plaintiff for $13,000. Mr. Toeppen put a map of
Pana, Illinois up on his panavision.com website.
Decision: The Ninth Circuit upheld the lower court’s conclusion that Mr. Toeppen was engaged in extortive efforts and was diluting the famous PANAVISION mark. Mr.
Toeppen’s cause was not helped by the fact that he had registered many domains containing known brands, such as deltaairlines.com, neimanmarcus.com, eddiebauer.com and lufthansa.com.





Copyright protection to tables, compilations and computer databases does not extend to any data itself, but only to the way in which it is organized.
This fundamental copyright principle is expressed in Article 10.2 of the
TRIPS Agreement: Compilations of data or other material, whether in machine readable or other form, which by reason of the selection or arrangement of their contents constitute intellectual creations shall be protected as such. Such protection, which shall not extend to the data or material itself, shall be without prejudice to any copyright subsisting in the data or material itself.
’
UK Database Protection Act, EU Directive on Data base protection
India has no separate legislation on database protection. Provisions of copyright Act, IT Act, IPC prevail .
The WIPO Copyright Treaty (WCT), although not binding on WTO members that have not joined the WCT, similarly provides in Article 4:
 "Computer programs are protected as literary works within the meaning of Article 2 of the Berne Convention. Such protection applies to computer programs, whatever may be the mode or form of their expression."





Judicial dispute resolution under Federal Trademark dilution Act-Comp examiner agency vs juris inc
Judicial Dispute Resolution under Anti cybersquatting Consumer Prevention Act,
Dispute resolution under UDRP-ICANN approved domain name dispute resolution service providers.3
elements identical/deceptively similar mark,no legitimate use, bad faith registration
ADNDRC,CPR institute for dispute resolution,
National arbitration forum, WIPO example Tata sons ltd case,Bennett coleman and co case, Asian paints.com case



Enacted on 17 th
May 2000- India is
12th nation in the world to adopt cyber laws
IT Act is based on
Model law on ecommerce adopted by UNCITRAL

To provide legal recognition for transactions:-



Carried out by means of electronic data interchange, and other means of electronic communication, commonly referred to as "electronic commerce“
To facilitate electronic filing of documents with
Government agencies and E-Payments
To amend the Indian Penal Code, Indian Evidence
Act,1872, the Banker’s Books Evidence Act
1891,Reserve Bank of India Act ,1934

 Extends to whole of India and also applies to any offence or contravention there under committed outside India by any person {section 1 (2)} read with
Section 75- Act applies to offence or contravention committed outside India by any person irrespective of his nationality , if such act involves a computer, computer system or network located in India
 Section 2 (1) (a) –” Access ” means gaining entry into ,instructing or communicating with the logical, arithmetic or memory function resources of a computer, computer resource or network

Main Features of IT Act,2000





Conferred legal validity and recognition to electronic documents & digital signatures
Legal recognition to e-contracts
Set up Regulatory regime to supervise
Certifying Authorities
Laid down civil and criminal liabilities for contravention of provisions of IT
Act,2000
Created the office of Adjudicating
Authority to adjudge contraventions









Diversifying nature of cybercrimes –all were not dealt with under IT Act,2000-cyber terrorism, spamming, MMS attacks,etc
Use of wireless technology had no mention in definition of
“computer network” in S2(j)
Digital signatures only for authentication .
Definition of ‘intermediary’ and their liability required clarification.
Grey areas-Power of execution- Adjudicating authority
No appointed statutorily authority for supervising cyber security of protected systems
Power to investigate offences –only DSP and above
Power to intercept & decrypt information limited under Section
69





Section 2 (ha)- communication deviceincludes cell phones, PDA,etc
Section 2 (j) computer network – interconnection through wireless added
Section 2 (na) cybercafe
Section 2(w)- intermediary- includes search engines, web hosting service providers, online auction sites,telecom service providers etc