UNIT 3 LAW AND EMERGING TECHNOLOGY

JURISDICTION ISSUES IN CYBER CRIMES

https://www.scconline.com/blog/post/2024/03/24/jurisdiction-in-cybercrimes-and-civil-
disputes/#:~:text=When%20any%20cybercrime%20arises%2C%20the,which%20such%20police%2
0station%20comes.

2.Jurisdictional Issues in Adjudication of Cyber Crimes.pdf (nja.gov.in)

CONVENTION ON CYBER CRIMES

The Council of Europe’s (CoE) Cybercrime Convention is also known as the Budapest
Convention. It was open for signature in 2001 and came into force in 2004.
 The convention is the sole legally binding international multilateral treaty on
cybercrime. It coordinates cybercrime investigations between nation-states
and criminalizes certain cybercrime conduct.
It serves as a guideline for any country developing comprehensive national
legislation against Cybercrime and as a framework for international cooperation
between state parties to this treaty.
Objective of the Convention

The Convention is the first international treaty on crimes committed via the Internet and other
computer networks, dealing particularly with infringements of copyright, computer-related
fraud, child pornography, hate crimes, and violations of network security.[9] It also contains a
series of powers and procedures such as the search of computer networks and lawful
interception.

Its main objective, set out in the preamble, is to pursue a common criminal policy aimed at
the protection of society against cybercrime, especially by adopting appropriate legislation
and fostering.

The Convention aims principally at:

 Harmonizing the domestic criminal substantive law elements of offenses and connected
provisions in the area of cyber-crime
 Providing for domestic criminal procedural law powers necessary for the investigation
and prosecution of such offenses as well as other offenses committed by means of a
computer system or evidence in relation to which is in electronic form
 Setting up a fast and effective regime of international cooperation
The following offenses are defined by the Convention: illegal access, illegal interception,
data interference, system interference, misuse of devices, computer-related forgery,
computer-related fraud, offenses related to child pornography, and offenses related
to copyright and neighboring rights.
It also sets out such procedural law issues as expedited preservation of stored data, expedited
preservation and partial disclosure of traffic data, production order, search and seizure of
computer data, real-time collection of traffic data, and interception of content data. In
addition, the Convention contains a provision on a specific type of trans-border access to
stored computer data which does not require mutual assistance (with consent or where
publicly available) and provides for the setting up of a 24/7 network for ensuring speedy
assistance among the Signatory Parties. Further, as conditions and safeguards, the Convention
requires the provision for adequate protection of human rights and liberties, including rights
arising pursuant to obligations under European Convention on Human Rights, International
Covenant on Civil and Political Rights, and other applicable international human rights
instruments, and shall incorporate the principle of proportionality.

The Convention is the product of four years of work by European and international experts. It
has been supplemented by an Additional Protocol making any publication of racist and
xenophobic propaganda via computer networks a criminal offense, similar to Criminal Libel
laws. Currently, cyber terrorism is also studied in the framework of the Convention.

Significance
Almost all stakeholders agree that the current form of cross-border data sharing for law
enforcement through the Mutual Legal Assistance Treaty (MLAT) is insufficient for
the digital age. However, there is an ongoing debate whether to revamp MLAT or form
an entirely new system for cybercrimes in the form of this Convention.
This Convention has eagerly called for Indian participation since its formation in 2001,
but India has decided not to be a party to it.
Parties to Budapest Convention
Any State may accede to the Convention under the procedure set out in Article 37.
Once a (draft) law is available that indicates that a State already has implemented or is likely
to implement the provisions of the Budapest Convention in domestic law, the Minister of
Foreign Affairs (or another authorised representative) would send a letter to the Secretary
General of the Council of Europe stating the interest of his or her State to accede to the
Budapest Convention. Once there is agreement among the current Parties to the Convention,
the State would be invited to accede.
Present- 76 Countries( parties to the convention)
17 signed
Additional Protocol to the Convention on Cybercrime, concerning the criminalisation of acts
of a racist and xenophobic nature committed through computer systems

The member States of the Council of Europe and the other States Parties to the
Convention on Cybercrime, opened for signature in Budapest on 23 November 2001
Considering that the aim of the Council of Europe is to achieve a greater unity between
its members;
Recalling that all human beings are born free and equal in dignity and rights
 Stressing the need to secure a full and effective implementation of all human rights
without any discrimination or distinction, as enshrined in European and other
international instruments
Convinced that acts of a racist and xenophobic nature constitute a violation of human
rights and a threat to the rule of law and democratic stability
Considering that national and international law need to provide adequate legal responses
to propaganda of a racist and xenophobic nature committed through computer systems
Aware of the fact that propaganda to such acts is often subject to criminalisation in
national legislation
Having regard to the Convention on Cybercrime, which provides for modern and
flexible means of international co-operation and convinced of the need to harmonise
substantive law provisions concerning the fight against racist and xenophobic
propaganda
Aware that computer systems offer an unprecedented means of facilitating freedom of
expression and communication around the globe
Recognising that freedom of expression constitutes one of the essential foundations of a
democratic society, and is one of the basic conditions for its progress and for the
development of every human being
Taking into account the relevant international legal instruments in this field, and in particular
the Convention for the Protection of Human Rights and Fundamental Freedoms and its
Protocol No. 12 concerning the general prohibition of discrimination, the existing Council of
Europe conventions on co-operation in the penal field, in particular the Convention on
Cybercrime, the United Nations International Convention on the Elimination of All Forms of
Racial Discrimination of 21 December 1965, the European Union Joint Action of 15 July
1996 adopted by the Council on the basis of Article K.3 of the Treaty on European Union,
concerning action to combat racism and xenophobia the Additional Protocol was signed.
Rssia-led Resolution

 The Russian proposal entitled “Countering the use of information and

communications technologies for criminal purposes” was recently put forth in
the United Nations General Assembly (UNGA).

o This recent UN proposal follows previous Russian initiatives, including the “Draft
United Nations Convention on Cooperation in Combating Cybercrime” in 2017 to
develop a UN convention on cybercrime.
 The Russian proposal calls for creation of a committee that will convene in August
2020 in New York in order to establish a new treaty through which nation-states can
coordinate and share data to prevent cybercrime.

o This draft Convention goes far beyond what the Budapest Convention allows for
regarding cross-border access to data, including limiting the ability of a signatory
to refuse to provide access to requested data.
 o This is the reason why several human rights groups criticize the UN proposal as a
way to extend a Chinese and Russian form of internet governance, or the so-called
“closed Internet” or “state-controlled internet.”
 If this resolution will be passed by the UNGA, it will become the second international
convention on cybercrime.
 Russia and China question the Budapest Convention on the grounds of national
sovereignty issues, thereby proposing their own treaty at the UN.
India’s Stand

 India maintained its status as a non-member of the Europe-led Budapest Convention.

Although, India voted in favour of a Russian-led UN resolution to set up a separate
convention.
 According to the Intelligence Bureau (IB), data sharing with foreign law enforcement
agencies infringes on national sovereignty of India.
 India has also previously argued that it will not sign onto the Budapest treaty since it
was drafted without its participation.

Latest Development
In 2024, a UN committee approved the first global treaty on cybercrime despite significant
opposition from human rights groups and tech companies.

 The Convention criminalizes a range of core cyber-dependent crimes, and a limited

number of cyber-enabled crimes. It also obligates States to develop digital investigation
and enforcement capabilities, and to apply these new powers to other crimes conducted
using computer networks;
 Cyber investigations can be invasive, and digital rights groups argue that the expanded
scope and lack of sufficient safeguards endanger human rights;
 The Convention uses technologically neutral language; it addresses activities, not methods,
so that it will remain relevant as technology changes; and
 The Convention focuses on combating negative uses of technology, not promoting positive
uses.

MOBILE PHONE CRIMES

Mobile Phone Crimes – The surge in mobile phone usage in India, coupled with affordable
internet and data rates, has significantly contributed to the rapid increase in mobile phone
crimes. These crimes exploit the convenience and accessibility of mobile devices to commit
a wide range of illegal activities, including fraud, identity theft, and unauthorized access to
personal information. With the advent of new technologies, criminals have devised
innovative methods to exploit mobile users, leading to the emergence of several types of
mobile phone crimes.
Types of Mobile Phone Crimes

– Bluebugging: This involves hackers gaining control over a mobile device via Bluetooth,
allowing them access to personal data, such as contacts and messages, and the ability to make
calls and send messages without the owner’s knowledge.

– Vishing: Scammers impersonate bank officials or representatives from reputable

institutions over the phone to extract sensitive information like banking passwords, credit
card numbers, or OTPs.

– Smishing: Similar to vishing, but conducted through SMS, where the scammer tricks the
victim into divulging personal information by posing as a legitimate entity.

– Phishing: Victims receive emails containing links to fraudulent websites that mimic official
websites to steal personal information.

– Malware: Malicious software is sent to victims through SMS, file transfer, or malicious app
downloads. Once activated, it can steal personal information, leading to identity theft or
financial loss.

– Identity Theft: Utilizing stolen personal information, criminals can impersonate the victim
to commit fraud or theft, including cloning mobile numbers to intercept OTPs from banks.

Latest Mobile Crimes

The evolution of mobile technology has given rise to new forms of crimes, including:

– Cryptojacking: Unauthorized use of a victim’s mobile device to mine cryptocurrency.

– Spyware: Installing spyware on mobile devices to monitor and record all activities,
including calls, messages, and online behavior.

– SIM Swapping: Fraudsters exploit security weaknesses to clone or take control of a victim’s
SIM card, gaining access to financial accounts and personal data.

– Ad Fraud: Using mobile malware to click on ads without the user’s knowledge, generating
revenue for the attacker.

Prevention and Response

– Update Regularly: Keep your mobile OS and apps updated to patch security vulnerabilities.

– Use Strong Passwords: Employ strong, unique passwords for all accounts and enable two-
factor authentication.
– Be Wary of Unsolicited Contacts: Verify the authenticity of any request for personal
information, whether via call, SMS, or email.

– Install Security Software: Use reputable mobile security apps to protect against malware
and other threats.

– Monitor Financial Transactions: Regularly check bank and credit card statements for
unauthorized transactions.

– Legal Recourse: Victims of mobile phone crimes can seek legal recourse under the
Information Technology Act, 2000, and the Indian Penal Code, 1860. Reporting the crime to
cybercrime divisions and seeking the assistance of experienced cybercrime lawyers can aid
in addressing the issue effectively.

As mobile technology continues to advance, users must remain vigilant and informed about
the potential risks and protective measures to safeguard against mobile phone crimes.
Awareness, coupled with proactive security practices, is key to minimizing the threat posed
by these crimes in the digital age.

Cases
State of Tamil Nadu vs Suhas Katti

State of Tamil Nadu vs Suhas Katti was the first case where conviction was upheld for
cybercrime under the Information Technology Act, 2000 in India. The case of State of Tamil
Nadu vs Suhas Katti involved the applicability of Section 67 of the Information Technology
Act, 2000 which provides punishment for the publication of obscene material in an electronic
form. A woman filed a complaint to the Cyber Crime Cell of Chennai about receiving obscene
and defamatory messages through a Yahoo messaging group from the accused Suhas Katti.
The case State of Tamil Nadu vs Suhas Katti gained limelight in addressing the cybercrime and
leading to the first conviction under the Information Technology Act, 2000. The case of State
of Tamil Nadu vs Suhas Katti marked a turning point in the legal history highlighting the
enforcement of cyber laws governing cyberstalking and the admissibility of electronic evidence
in the Courts of India. The accused Suhas Katti was convicted and sentenced to two years of
rigorous imprisonment with a fine of Rs. 4,000 under Section 67 of the Information Technology
Act, 2000, two years of rigorous imprisonment with a fine of Rs. 500 under Section 469 of the
Indian Penal Code and one year of simple imprisonment with a fine of Rs. 500 under Section
509 of the Indian Penal Code.

Ritu Kohli’s Case

Ritu Kohli's case was a landmark in India regarding cyber stalking. Manish Kathuria
impersonated her online on mirc.com, using her identity to send obscene messages and share
her personal information, leading to unwanted calls and harassment.
Initially, the case was registered under Section 509 of the Indian Penal Code (IPC), which
addresses insults to a woman's modesty. However, this section did not adequately cover online
harassment, highlighting gaps in the legal framework.
In response to such cases, Section 66A of the Information Technology Act, 2008 was
introduced, targeting the sending of offensive messages electronically. This section aimed to
penalize individuals for sending grossly offensive or false information.