MAHESHWARI & CO.
Advocates and Legal Consultants
Sunday, February 20, 2011 at Kochi
Joint Seminar organised by the UIA,
UIA India Chapter and the Inter-Pacific Bar Association (IPBA)
A Paper on Cyberspace Usages:
Challenges and Dispute Resolution
By :
Vipul Maheshwari
Managing Partner,
MAHESHWARI & CO.
1
MAHESHWARI & CO.
Advocates and Legal Consultants

Introduction

Cyberspace- Issues at the forefront

Challenges in Cyberspace

Disputes resolution in Cyberspace

Conclusion/Suggestion
2
MAHESHWARI & CO.
Advocates and Legal Consultants

Cyberspace
•
Coined in 1980s by Science friction writer William Gibson.
•
Cyberspace like physical space comprises of four sub
concepts i.e. place, distance, size and route.
•
In general Cyberspace represents the new medium of
communication, electronic communication, which is fast
outmoding, or even replacing more traditional methods of
communication. This includes computers, networks, the
internet, software, data storage devices (such as hard disks
USB disks etc), websites, emails and even electronic devices
such as cell phones, ATM machines etc.
•
Unique features- borderless space, dynamic, anonymity,
speed, cost effective, marked with rapid technological
advances.
3
MAHESHWARI & CO.
Advocates and Legal Consultants

Cyber Laws in Cyberspace
•
The Information Technology, Inventions and Discoveries widen the
scientific horizons but pose new challenges for the legal world. Therefore,
solutions for the disputes arising out of these challenges, whether statutory
or otherwise, are referred as the “Cyber Laws.”
•
European Union, USA, United Nations Commission On International Trade
Law (UNCITRAL) have already framed important laws to regulate
cyberspace. In India, Information Technology Act (ITA) is also based on
UNCITRAL model, all cyber laws are contained in Information Technology
Act, 2000.
MAHESHWARI & CO.
Advocates and Legal Consultants

With the advent of the internet, transmission of information
and transacting of business across borders, various issues related
to cyberspace have cropped up on legal front.
Following are some major issues:i. Jurisdiction
ii. Cyber Crime
iii. Intellectual Property
iv. Cyber Forensic
v. E-commerce
vi. Electronic Evidence
vii. Privacy
viii.Contract

MAHESHWARI & CO.
Advocates and Legal Consultants

Inherent Challenges
•
US and the West drafted their own legislations by either
adapting their existing laws in the context of cyberspace
or creating new laws in respect thereof.
•
Determining jurisdiction and formation of e-contracts are two key issues on which
traditional legal principles have been largely applied by Courts worldwide. For e.g.
Longarm Statutes enacted in US and Minimum Contacts test.
•
General consensus that in the e-world, electronic signatures and electronic documents
are equally legally valid as the hand-written signatures or hard copy paper documents.
•
India enacted its first law on IT through the IT Act, 2000 based on the principles
elucidated in the UNCITRAL Model law of e-commerce. It extends to whole of
India and also applies to any offence or contravention there under committed outside
India by any person.
MAHESHWARI & CO.
Advocates and Legal Consultants

Legal Challenges
Conflicting Jurisdictional Problems
• Jurisdiction is the authority of a court to hear a case and resolve a
dispute. The issue of Jurisdiction is highly conflicting and debatable in
cyber law as to the maintainability of any suit which has been filed.


•
•
•
Jurisdiction in International Legal Disputes
In the cyberspace, there is no geographical boundaries. It establishes
immediate long-distance communications with anyone who can have access to any
website.
No judicial body exists to deal with legal commercial problems arising between
citizens of different countries.
There is no uniform, international jurisdictional law of universal application, and such
questions are generally a matter of conflict of law, particularly private international
law.
MAHESHWARI & CO.
Advocates and Legal Consultants
•
Where the contents of a web site are legal in one country and illegal in another
: In the absence of a uniform jurisdictional code, legal practitioners are generally left
with a conflict of law issue.

Position in Europe- The Brussels convention is the controlling document for
jurisdictional issue within the European Union (“E.U.”). Also the fundamentals of
jurisdiction within EU countries are based on statute or regulation, instead of
constitutional due process applied in case laws, as in the U.S.

Leading International Cases-
•
Zippo Manufacturer v Zippo Dot com 952 F. Supp. 1119 (D.C.W.D. Pa. 1997)-The Court observed
that The developing law of jurisdiction must address itself weather a particular event in
cyberspace is controlled by the laws of the state or country where the website is located, by the
laws of the state or country where the internet service provider is located, by the laws of the
state or country where the user is located or perhaps by all of these laws.
•
Calder v. Jones 465 U.S. 783 (1984)- United States Supreme Court held that a court within
a state could assert personal jurisdiction over the author and editor of a national magazine which
published an allegedly libelous article about a resident of that state, and where the magazine had
wide circulation in that state.
MAHESHWARI & CO.
Advocates and Legal Consultants

Position in India- In India, all cyber laws are governed by the IT Act. However, IT
Act does not deal with some major legal issues including the issue of jurisdiction.
•
It is well-established law in India that where more than one court has jurisdiction in a
certain matter, an agreement between the parties to confer jurisdiction only on one to
the exclusion of the other(s) is valid.
•
In case there is no agreement, the respective court considers the balance of
convenience and interests of justice while deciding for the forum.
MAHESHWARI & CO.
Advocates and Legal Consultants

Cyber Crime
•
Cyber crime is a crime committed over the Internet.
•
It could be against the government, property and
against any person in various forms.
•
The law enforcement agencies are facing difficulties in
dealing with cyber crime.
•
In India, Information Technology Act, 2000 is the
legislation that deals with issue related to cyber crime.
MAHESHWARI & CO.
Advocates and Legal Consultants
Types of Cyber Crime
Cyber Crime
Brief Description
Relevant Section
in IT Act
Punishments
Cyber Stalking
Stealthily following a person,
tracking his internet chats.
43, 65, 66
3 years, or with
fine up to 2 lakh
Cyber Pornography
including child pornography
Publishing Obscene in Electronic
Form involving children
67, 67 (2)
10 years and with
fine may extends
to 10 lakh
Intellectual Property Crimes
Source Code Tampering, piracy,
copyright infringement etc.
65
3 years, or with
fine up to 2 lakh
Cyber Terrorism
Protection against cyber terrorism
69
Imprisonment
for a term, may
extend to 7 years
Cyber Hacking
Destruction, deletion, alteration, etc
in a computer resources
66
3 years, or with
fine up to 2 lakh
Phishing
Bank Financial Frauds in Electronic
Banking
43, 65, 66
3 years, or with
fine up to 2 lakh
Privacy
Unauthorised access to computer
43, 66, 67, 69, 72
te
MAHESHWARI & CO.
Advocates and Legal Consultants

Increasing Cyber threats in India
•
Today Cyber crime is a bigger threat to India in comparison
to physical crime. In a survey conducted by National crime
records Bureau, Ministry of Home Affairs shows that cyber
crime is increasing everyday in various forms.
•
Cyber Crimes increased by 22.7% in 2007 as compared to previous year.
•
Cyber Forgery 64.0% (217 out of total 339) and Cyber Fraud 21.5% (73 out of 339) were the
main cases under IPC category for Cyber Crimes.
•
63.05% of the offenders under IT Act were in the age group 18-30 years (97 out of 154) and
55.2% of the offenders under IPC Sections were in the age group 30-45 years (237 out of 429).
•
According to analysts at the Indian Institute of Science, Tax evasion, cheating on the Internet,
identity theft, child pornography and other cyber crimes cause a loss of $50 billion annually.
MAHESHWARI & CO.
Advocates and Legal Consultants
•
Presently, Network vulnerabilities have been increasing at a rate of over 40% year-on-year.
•
According to CERT, Ministry of Information Technology survey Cyber Crime accelerated about
50 times since 2004.
•
As per U.K. study, reported cases of spam, hacking and fraud in India multiplied 50-fold since
2004 to 2007.
•
Symantec Global Internet Security Threat Report, 2010 says that India moved up from 11th to 5th
position on chart quantifying malicious cyber activity in 2009
MAHESHWARI & CO.
Advocates and Legal Consultants
Person Arrested
Cases Registered
140
120
125
99
100
120
88
80
100
76
74
81
69
80
59
60
86
63
60
48
40
41
40
20
10 10 11
1 0
0
2005
2006
2007
Tempering
Hacking
Obscence
publication
/transmissi
on
10
10
11
74
59
76
88
69
99
4
5
9
0
Failure
Breach of
Confidenti
ality
1
0
4
5
0
9
20
10 8
13
2
0
2005
2006
2007
3
0 0 1
0
Failure
Breach of
Confidenti
ality
Tempering
Hacking
Obscence
publication
/transmissi
on
10
41
125
0
13
8
2
63
48
81
86
0
1
0
3
MAHESHWARI & CO.
Advocates and Legal Consultants

Contractual difficulties
•
Recently, India has emerged as a major player in the computer software
and resources sector. Data shows that India will have the largest number
of internet-users in Asia in near future.
•
IT Act deals with some contractual aspects in E-commerce . However, several practical problems
arise when we form a contract.
•
In general contract, we see that the acceptor can revoke acceptance of the offer before it comes
to the knowledge of the offeror, but what would be the case where an acceptance is sent via an
electronic record, it may not be possible for the acceptor to revoke it before it comes to the
knowledge of the offeror. However, there may be one possibility where revocation may still take
place i.e. when the acceptance is sent by an electronic record and the same is sent to a computer
resource which is not the designated computer resource of the offeror, but it is not clear what
would prevail when both the acceptance-revocation are retrieved by the offeror at the same time.
•
Indian courts following the traditions of common law have developed the doctrine of “last-shot
rule”. This cardinal rule states that an acceptance should be unqualified and absolute and any
acceptance even with little variation is no acceptance at all.
MAHESHWARI & CO.
Advocates and Legal Consultants

Protection of Intellectual Property
•
Intellectual Property is a property that arises from the
human intellect. It is a product of human creation.
•
In broad field of IPR, there are various acts which govern
intellectual property assets. In cyberspace, the problem began when unrelated
party started using intellectual property of others or of famous brand with
the intention to use it otherwise. Section 65 of ITA provides for protection
of IPR from misuse.
•
In the present scenario, trademark disputes pose a serious challenge, as that is
one area where the major developments have taken place. One of the first
issues to arise in relation to IPR due to cyberspace was with respect to
domain names.
MAHESHWARI & CO.
Advocates and Legal Consultants

Electronic Evidence
•
Each time a crime is committed whether in physical form or in
cyber space, the success of prosecution largely depends on the
quality of evidence presented at the trial, but this pose a serious
challenge before the investigation agencies to collect and
preserve the evidence.
•
The Indian Evidence Act, 1872 (section 3) and Information Technology Act, 2000
(section 4) grants legal recognition to electronic records and evidence submitted in
form of electronic records.
•
Leading case law- State vs. Mohd. Afzal and others (2003 (71) drj 178)-The Delhi High
Court concluded that the person who is challenges the accuracy of computer evidence on the
ground of misuse of system, then the challenger has to establish the challenge. Mere theoretical
and generic doubts cannot be cast on the evidence.
•
International cooperation is required in providing electronic evidence in order to meet
out the problem of international terrorism.
MAHESHWARI & CO.
Advocates and Legal Consultants

Technological Challenges
•
Globalization and ICT (Information and Communication
Technology) revolution in India has changed the form of
information drastically. It made information more accessible
portable and handy.

•
The Right of Privacy vis-à-vis Data Protection
The right of privacy is part of Article 21 of the Indian constitution, but it is not
absolute. Disclosure of private information is justified under certain circumstances.
•
In Kharak Singh V. State of U.P. (AIR 1963 SC 1295)- Apex court read the right to privacy to
be within the ambit of Article 21 and construed it as a fundamental right.
•
The exclusion of privacy protection to only those who are aware of their rights, or the
formal recognition of privacy in a legal system is not a challenge faced only by India.
Globally, protection of privacy has been a challenge in many countries, and even now
it has an uncertain status in many parts of the world.
MAHESHWARI & CO.
Advocates and Legal Consultants
The right of privacy may be infringed by:
•
•
•

•
•
•
•
•
Utilizing private data already collected for a purpose other than for which it was
collected.
Sending of unsolicited e-mails of spamming.
Unauthorized reading of e-mails of others.
The relevant sections of the Information Technology Act (ITA) relating to
privacy:Section 43 provides protection against unauthorised access to the computer system
including unauthorised downloading, extraction and copying of data.
Section 66 provides protection against hacking.
Section 67 gives protection against unauthorised access to data.
Section 69 protects against cyber terrorism.
Section 72 protects an individual’s privacy and confidentiality.
MAHESHWARI & CO.
Advocates and Legal Consultants

Data protection laws
•
Though the ITA does enforce a level of data protection, it is far from flawless. The
ITA in many ways falls short of International standards and data protections enacted
in other countries in the world. It lacks the following:The definition and classification of data types.
The nature and protection of the categories of data.
Data controllers and data processors have distinct roles.
Clear restrictions on the manner of data collection.
Clear guidelines on the purposes for which the data can be put and to whom it can be
sent.
Standards and technical measures governing the collection, storage, access to,
protection, retention and destruction of data.
It does not provide strong safeguard and penalties against the aforesaid breaches.
•
•
•
•
•
•
•
MAHESHWARI & CO.
Advocates and Legal Consultants

Political and social challenges
•
Nowadays, we find that Media plays an important role in
democracy to make people aware about information related to
government policy and the grievances which people have. But at
the same time it also encroaches on privacy.
•
Recently, India has adopted new technologies by way of social networking sites like
orkut, facebook, twitter etc., where people of same interest groups come together as a
community. In such communities lots of people share information of the latest
happenings, express their views, criticize on certain issues etc. All these activities can
elevate sensitive issues, which may lead to communicable imbalance in the society.
•
Blogs are increasingly popular in today’s world. Through blogs, people can express
their thoughts and views on public and government sectors, so there is possibility that
sensitive information may be forged and its original intension may be lost.
MAHESHWARI & CO.
Advocates and Legal Consultants

Practical Challenges

•
Regulating Cyber Cafes:
In India, Cyber cafes have emerged as base for cyber crime including
cyber terrorism. Various offences relating to cyber crime suggest that
local cyber cafes have been used for sending threatening mails to any
individual or to any high officials.
Earlier, cyber cafes were required to create detailed records about their customer’s
browsing habits, but the same is not being abided by the Cafes.
Dispute settlement:
The IT Act provides various modes of dispute settlements. However, citizens are not
aware of various kinds of commonly committed cyber offences, procedure for filing a
case, resolving a dispute. There is also a lacuna of trained judges and skilled
investigators.
Contractual Aspect:
This unprecedented growth of internet calls for a legal framework for e-commerce in
India. IT act deals with some contractual aspect in E-commerce. However, several
practical problems still exist when we form a contract.
•

•

•
MAHESHWARI & CO.
Advocates and Legal Consultants

Indian Laws
i.
ii.
Information Technology Act, 2000
Information Technology (Amendment) Act, 2008
Cyber crime investigation cell
Communications convergence Bill, 2001
Cyber security forum-Joint collaboration between
India and U.S.
E-Governance and E-Policy
Punishments

International initiatives
i.
Arbitration and Mediation- Conventions
World Intellectual Property Organisation (WIPO)
Council of Europe Convention on cyber crime
Cyber Tribunals
i.
ii.
iii.
iv.
v.
ii.
iii.
iv.
23
MAHESHWARI & CO.
Advocates and Legal Consultants
Some Important Provisions with regard to Dispute Resolution

Conferred legal validity and recognition to Electronic Documents & Digital
Signatures.

Legal recognition to e-contracts.

Set up Regulatory regime to supervise Certifying Authorities.

Laid down Civil and Criminal liabilities for contravention of provisions of IT Act,
2000.

Created the office of Adjudicating Authority to adjudge contraventions.

Chapter X of IT Act creates a Cyber Appellate Tribunal to oversee adjudication of
cyber crimes. However, in a case where there exists an arbitration agreement, the
court is under obligation to refer the parties to arbitration in terms of the arbitration
agreement.
MAHESHWARI & CO.
Advocates and Legal Consultants
Salient features of the Information Technology Act, 2000
•
•
•
•
•
•
•
•
•
•
Extends to the whole of India (Section 1).
Authentication of electronic records (Section 3)
Legal Framework for affixing Digital signature by use of asymmetric crypto
system and hash function (Section 3)
Legal recognition of electronic records (Section 4)
Legal recognition of digital signatures (Section 5)
Retention of electronic record (Section 7)
Publication of Official Gazette in electronic form (Section 8)
Security procedure for electronic records and digital signature (Sections 14, 15,
16)
Licensing and Regulation of Certifying authorities for issuing digital signature
certificates (Sections 17-42)
Functions of Controller (Section 18)
25
MAHESHWARI & CO.
Advocates and Legal Consultants
•
Data Protection (Sections 43 & 66).
•
Various types of computer crimes defined and stringent penalties provided under the Act
(Section 43 and Sections 66, 67, 72)
•
•
•
Establishment of Cyber Appellate Tribunal under the Act (Sections 48-56)
•
Appeal from order of Cyber Appellate Tribunal to High Court (Section 62)
•
Interception of information from computer to computer (Section 69)
•
•
•
Act to apply for offences or contraventions committed outside India (Section 75)
•
Power of police officers and other officers to enter into any public place and search and
arrest without warrant (Section 80)
•
•
Offences by the Companies (Section 85)
Constitution of Cyber Regulations Advisory Committee who will advice the Central
Government and Controller (Section 88)
Appeal from order of Adjudicating Officer to Cyber Appellate Tribunal and not to any Civil
Court (Section 57)
Investigation of computer crimes to be investigated by officer at the DSP (Deputy
Superintendent of Police) level.
26
MAHESHWARI & CO.
Advocates and Legal Consultants
New provisions added through Amendments- IT (Amendment) Act, 2008
•
New Section to address technology neutrality from its present “technology specific” form (i.e.
Digital Signature to Electronic Signature)- Section 3A
•
New Section to address promotion of e-Governance & other IT application
a) Delivery of Service
b) Outsourcing – Public Private Partnership- Section 6A
•
New Section to address electronic contract-Section 10A
•
New Section to address data protection and privacy -Section 43
•
Body corporate to implement best security practices-Sections 43A &72A
•
Multimember Appellate Tribunal-Sections 49-52
•
Offensive messages and Spam-Section 66A
•
Pornography-Section 67A
•
Preservation and Retention of Data/Information-Section 67C
•
Blocking of Information for public access-Section 69A
27
MAHESHWARI & CO.
Advocates and Legal Consultants
•
Monitoring of Traffic Data and Information for Cyber Security-Section 69B
•
New section for designating agency for protection of Critical Information
Infrastructure-Section 70A
•
New Section for power to CERT-In to call and analyse information relating to breach
in cyber space and cyber security-Section 70 B
•
Revision of existing Section 79 for prescribing liabilities of service providers in certain
cases and to Empower Central Government to prescribe guidelines to be observed by
the service providers for providing services. It also regulate cyber cafes.-Section 79
•
New Section for Examiner of Digital Evidence-Section 79A
•
New Section for power to prescribe modes of Encryption-Section 84A
•
Punishment for most of offences were reduced from three years to two years
28
MAHESHWARI & CO.
Advocates and Legal Consultants
•
Mumbai Cyber lab is a joint initiative of Mumbai police and NASSCOM. There should be a
definite forum to redress the grievances under the Cyber Space.
•
More Public awareness campaigns
•
Training of police officers to effectively combat cyber crimes
•
More Cyber crime police cells set up across the country
•
Effective E-surveillance
•
Websites aid in creating awareness and encouraging reporting of cyber crime cases.
•
Specialised Training of forensic investigators and experts
•
Active coordination between police and other law enforcement agencies is required.
•
Cyber security forum-Joint collaboration between India and U.S.
•
Regulation of Cyber cafes
•
Proposed communication Bill, 2001 could be a milestone in resolving disputes more effectively
and practically in cyberspace.
29
MAHESHWARI & CO.
Advocates and Legal Consultants

Cyberspace does not recognise geopolitical boundaries. Parties from anywhere in the
world can transact business with someone located anywhere else. A dispute may arise
at any time, specially when different nations apply different laws to similar disputes.
Therefore, International agreements in form of convention and cooperation is
required for various dispute resolutions in International arena.

Arbitration and mediation could be a first resort for dispute resolution, reason being it
has an international treaty i.e. New York Convention on the Recognition and
Enforcement of Foreign Awards which provides for ready enforcement of an award
in the territory of virtually all trading nations of the globe.

World Intellectual Property Organisation (WIPO), Council of Europe convention on
cyber crime, the virtual magistrate and the Cyber Tribunals are steps towards meeting
these needs. For instance recently, India has established a Cyber Security Forum to
collaborate with United States on responding to cyber security threat.
MAHESHWARI & CO.
Advocates and Legal Consultants
a. We need to promote and facilitate the fair use of cyber space
among general masses and also there is an immediate requirement
of skilled investigators and trained judges for fair and effective
dispute resolution.
b.
India needs to address various questions, issues relating to
cyberspace and the most appropriate way to start is the creation of a comprehensive
legislation which should address broad area of cyberspace taking into consideration
sectoral, institutional and individual requirements. The proposed Communication
Convergence Bill, 2001 could be a milestone in answering all these questions.
c. The amendments in several laws by the IT Act are a good beginning but several changes are
still needed for the act to ensure both functional equivalence and technological neutrality.
d. International agreements by way of convention and cooperation is required for various
dispute resolutions in International arena.
31
Thank
You!