Advantages of Cyber Laws

Sr. No.

Advantages of Cyber Law

Memory Hints(For self)


IT Act gave validity to e-mail and now e-mail would be legal form of communication in India and can be duly produced and approved in a court of law.

e-mail- valid and legal


Companies shall now be able to carry out electronic commerce using the legal infrastructure provided by the Act.

Legal infrastructure for e-commerce


Digital signatures have been given legal validity and sanction in the Act.

Digital signature-valid


The Act throws open the doors for the entry of corporate companies in the business of being Certifying Authorities for issuing Digital Signatures Certificates.

Certificate authority


The Act now allows Government to issue notification on the web thus heralding e-governance.

Web notification, e-governance


The Act enables the companies to file any form, application or any other document with any office, authority, body or agency owned or controlled by the appropriate Government in electronic form by means of such electronic form as may be prescribed by the appropriate Government.





Under the IT Act, 2000, it shall now be possible for corporate to have a statutory remedy in case if anyone breaks into their computer systems or network and causes damages or copies data. The remedy provided by the Act is in the form of monetary damages, not exceeding 1 crore.


Statutory remedy to damages, not exceeding 1 cr.

IIIII    Computer Related Offences

    Common Cyber-crime scenarios;

Sr. No.

Computer related offences


SECTIONS of IT Act 2000


Harassment via fake public profile on social networking site


A fake profile of a person is created on a social networking site with the correct address, residential information or contact details but he/she is labeled as 'prostitute’ or a person of 'loose character. This leads to harassment of the victim.


Section 67


Email Account Hacking


If victim’s email account is hacked and obscene emails are sent to people in victims address book.

SECTIONS 43,66,66A,66C,67,67A & 67B


Credit Card Fraud


Unsuspecting victims would use infected computers to make online transactions.

SECTIONS 43,66,66C, 66D


Web Defacement


The homepage of a website is replaced with a pornographic or defamatory page. Government sites generally face the wrath of hackers on symbolic days.




Introducing Viruses, Worms, Backdoors, Rootkits, Trojans, Bugs


All of the above are some sort of malicious programs which are used to destroy or gain access to some electronic information.

Section 43 & 66


Cyber Terrorism


Many terrorists use virtual (Drive, FTP sites) and physical storage media (USB’s, hard drives) for  hiding information and records of their illicit business.


Sections 43, 66, 66A


Online sale of illegal Articles


Where sale of narcotics, drugs weapons and wildlife is facilitated by the Internet.


Generally Conventional Laws are applicable


Cyber Pornography


Among the largest businesses on Internet, pornography may not be illegal in many countries, but child pornography is.

Sections 67,67A & 67B


Phishing and Email Scams


Phishing involves fraudulently acquiring sensitive information through masquerading a site as a trusted entity (e.g. Passwords, credit card information).

Section 66, 66C & 66D


Theft of Confidential Information

Many business organizations store their confidential information in computer systems. This information is targeted by rivals, criminals and disgruntled employees.

Sections 43, 66 & 66B


Source Code Theft



A Source code generally is the most coveted and important ‘crown jewel’ asset of a company.

Sections 43, 65, 66 & 66B

I.        Privacy of online data

      The main principles on data protection and privacy enumerated under the IT  Act, 2000 are;

a)            Defining data, computer database, information, electronic form, originator, addressee etc.

b)            Creating civil liability if any person accesses or secures access to computer, computer system or computer network

c)             Creating criminal liability if any person accesses or secures access to computer, computer system or computer network

d)            Declaring any computer, computer system or computer network as a protected system

e)            Imposing penalty for breach of confidentiality and privacy


f)             Setting up of hierarchy of regulatory authorities, namely adjudicating officers, the Cyber Regulations Appellate Tribunal etc.

II.      Sensitive Personal Data Information (SPDI)



To define data protection framework for the processing of digital data by body corporate Reasonable security practices and procedures and sensitive data or information rule was formed in 2011 under section 43A of IT Act 2000.

Scope of rule

r The rules apply to Body corporate and digital data.


r The rules wouldn’t apply to government bodies or individuals collecting and using big data.



Definition of BODY CORPORATE(As per IT Act):

“Any company and includes a firm, sole proprietorship or other association of individuals engaged in commercial or professional activities.”


Definition of Personal and sensitive personal data

Rule 2(i) defines personal information as:

 “Information that relates to a natural person which either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.


Rule3 defines sensitive personal information as:  


Ø  Passwords

Ø  Financial information

Ø  Physical/physiological/mental health condition

Ø  Sexual orientation

Ø  Medical records and history; and

Ø  Biometric information

The present definition of personal data hinges on the factor of identification (data that is capable of identifying a person). Yet this definition does not encompass information that is associated to an already identified individual - such as habits, location, or activity.





The definition of personal data also addresses only the identification of 'such person’ and does not address data that is related to a particular person but that also reveals identifying information about another person - either directly - or when combined with other data points.

Consent to collect

Rule 5(1): Requires that Body Corporate should, prior to collection, obtain consent in writing through letter or fax or email from the provider of sensitive personal data regarding the use of that data.


Consent to disclosure


Rule 6: Rule 6 provides that prior permission from provider of sensitive personal data is essential for body corporate for it’s disclosure to any third party.


Information can’t be disclosed to any third party unless there is some contractual arrangement for doing so exists between body corporate and provider of such information or it can be disclosed where it is essential to comply a legal requirement.

Request for DEMO Talk to Our Expert