Torts and Cyber World
Written by: Pulkit Taneja
November 24, 2014, is a very familiar date in the United States. The headquarters of Sony Pictures Entertainment was interrupted with a red skull flashed on every employee’s screen. The hackers grouped themselves as the Guardians of Peace, who sabotaged almost one hundred terabytes of consumer data, including confidential trade secrets of the company. This attack was the response to the potential release of The Interview, which is a comedy based on a plot to assassinate the Supreme Leader of North Korea.
The US government immediately linked the government of North Korea with this attack. President Barak Obama expressed his internet to strongarm the US Laws against Crimes in cyberspace and drafted a proposal for the US Congress. This proposal was to update existing civil and criminal laws like Racketeer Influenced and Corrupt Organisations Act to fight cyber crimes better. With increased digitization, cyberspace is prone to various attacks. This incident took Sony Entertainment off guard and forced many private companies worldwide to increase their cyberspace security.
Cyber Wrongs are any acts that are committed using a computer device to access the internet and damage an individual or society. Cyber wrongs can be classified into two categories civil and criminal. Cybercrimes are heinous acts that have extreme repercussions on an individual or society as a whole, for example, hacking into unauthorized data, installing a virus, and cyber-terrorism. A cyber tort, however, includes cyberstalking or breach of privacy. This article is limited to cyber torts in India and the statutory provisions.
A tort is a civil wrong committed when there is a breach of a duty imposed by law and such breach results in legal or actual damage. Therefore, a cyber tort is a subset of torts were using a computer or any such device, one can access the internet to engage in a wrongful act. Cyber torts have a comprehensive classification. One such classification is the distribution and spreading of obscene materials. For example, in 2002 a swiss couple was arrested by the Mumbai police for kidnapping children from slum areas to involve them in child pornography. Trafficking is another such classification of cyber tort.
Internet and cyberspace connect people to the rest of the world, potentially increasing the customer base for any supplier to sell their goods. Drug trafficking is one such trade that is predominant around the world. Cyberspace is easy to access to trade drugs and other illicit items. Many people are also victims of cyber fraud and internet scams. Credit card details, passwords, pins, and account numbers are all stored with companies and websites from which people regularly buy items. Hackers getting unauthorized access to all that data could turn out to be extremely problematic. Other classifications of cyber tort include cyber defamation.
Defamation and cyber defamation are separated on paper by a subtle difference in computer usage. A man will be booked for cyber defamation if he hacks into someone’s social media profile to publish and ridicule that person. Unauthorized access to confidential data by hacking is also covered under cyber torts.
Regulations in India:
The Information Technology Act, 2000 serves to administer the liabilities arising from India’s cyber wrongs. Section 43 of the act regulates unauthorized access, downloading, transfer of data which could cause damages or disruptions while accessing the data. Section 67 prohibits uploading any obscene materials. The Indian laws also regulate the publishing of any defamatory statement which could damage a person’s reputation.
The increased usage of Social Media Websites has affected how people express their opinions. It is incredibly comfortable for many people to post defamatory statements on social media websites to ridicule someone by damaging their reputation. These social media websites, network providers, and other service providers are also open to legal liabilities apart from the person who writes and posts such statements.
The Information Technology Act in Section 2 defines an intermediary as: “any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online market places, and cyber cafes”
Section 79 of the Information Technology (Amendment) Act, 2008 provides legal protection to all the intermediaries if the role of the intermediaries is limited to:
- providing access to a communication system over which information made available by third parties is transmitted or temporarily stored; or
- the intermediary does not
- initiate the transmission,
- select the receiver of the transmission, and
- select or modify the information contained in the transmission.
Committing a Cyber Tort is considered to be extremely dynamic in nature. Cyberspace can be accessed virtually by anyone sitting anywhere in this world. Finding evidence and bringing the perpetrators to justice is perhaps extremely difficult during investigations. Information storage is now limited to a small space instead of rooms filled with documents. This small space is either a cloud service, i.e. storing the data on the internet, or storing the data offline, both of which prone to cyber-attacks.
Although many companies employ people specifically to protect their cyberspace, it is also essential to understand the complexities and constant technology updates. Negligence is also one primary reason behind being prone to cyber wrong, an employee committing one human error could easily expose the company to hackers. Finding evidence and linking during investigations of alleged cyber wrongs becomes a tedious job for law enforcement agencies.
A hack by someone outside the territorial jurisdiction of the administration makes it extremely easy to get away with. Erasing the digital footprint and any trace of hackers’ existence into the victim’s system is easy for hackers. It is very important for the international community and all the countries to draft a uniform cyber law. Considering a cyber wrong is not limited to borders, a consistent regulation between the countries could bridge legislation and penalization.
 S.2(1)(ua)(w), Information Technology Act, 2000.
 S.79(2), Information Technology (amendment) Act, 2008.