Some Laws Regarding Internet and Data Security
Every government implements laws, rules and regulations for their citizens. Laws are important and beneficial because the aim is to protect you and your rights. There are rules and regulations associated with every aspect of life. As the world is going to be digitalized, modernized and sophisticated and so are the crimes. As information technology grows rapidly in recent years, the internet based fraud, privacy issues; stolen identities are also rapidly increased. So there is a need of legal enactment, an effective regulatory mechanism in information technology as well. So every government passes laws for crimes and illegal activities regarding information technology.
Cyberspace refers to the virtual world of computer networks
Cybercrimes: an illegitimate act in world of cyberspace in which a computer is a tool or target or can be used as both.
Cyber laws/ internet laws are the part of legal system deals with the cyberspace, internet and internet-related technologies.
Types of Cyber Crimes & Punishments:
The laws and penalties are applicable equally to any person irrespective of the nationality. The cyber laws empower national investigation agencies to overcome cybercrimes.
Counter terrorism: Terrorist activity that threatens individual, society by attacking, or hacking their computers. It is usually a politically motivated attack which may cause large scale disruption of computers by means of malware and viruses.
Some examples of cyber terrorism are
- Denial of service
- Threaten people via emails
It is a code or script that is used to damage computer or causing undesirable effects.
Some examples of malicious codes are
- Trojan horses
- Logic bombs
- Backdoor programs
A person involves in writing, distributing or transmitting malicious code willfully.
Spoofing: spoof means to deceive. I computing spoofing is a fraud. A person hides his own identity, disguises as someone else known to user.
Some examples of spoofing are
- IP spoofing
- Email spoofing
- Web spoofing
Defamation: Any intentional derogatory comments, about someone else’s character that harms person’s character, respect and regard. Nobody has right to defame anybody by his writings, speaking or broadcasting over media.
Credit cards fraud: it involves two types of cybercrimes, identity theft and fraud. There are two types of credit card fraud:
- Application fraud: it is the type of fraud in which a corrupt person obtains personal information about the victim. After gaining so much information he is able open account on the name of victim.
- Account takeover: it is the type of account hijacking. When you are shopping online, electronic databases save your credit card information. The system can be hacked and of course credit card information and other personal information too. And hence the criminals collecting benefit from credit cards issued on the victim’s name.
What’s Data Security?
Data is a piece of information, it can be a document, and it can be transaction details or some other form of personal information. Data is either saved on your computer or your mobile phone. When we need to share this data with a concerned person, we need some principles and protocols for transferring information. How do we know the data is unreadable by unauthorized persons or hackers? To make this data secure we use encrypted data. The sender encrypts data and sends it to the receiver. At the receiving end the data decrypted. In this way your data is protected. Information security, computer security are the other names of data security.
Data Security Laws/ DATA Protection Act:
These laws are regarding misuse or mishandling of personal information like medical records, account numbers, PIN codes etc. There are many situations when you have to submit your personal information, like creating an account on Facebook or shopping from Amazon or any online consultation requires personal information. How these companies are protecting your private data? They should have heightened levels of security. But this is not happening actually. These companies definitely mishandle or misuse your data. According to the Data Protection Act 2018, the organizations or government or businesses are responsible for using personal data. The companies must have to justify the data usage. Some of the data protection principle are:
- Information should be used fairly and used for the specified, relevant purpose only
- Information should be discarded when it is no longer needed
- Stored information should be accurate and up to date as well
- For handling data it is to ensure appropriate security, protection against damage, loss, unlawful access etc.
- Separate safeguards for more sensitive data like race, biometrics, health, religious beliefs etc.
Computer Fraud and Abuse Act;
According to this act it is illegitimate to access a personal property like computer, mobile phones without proper authorization.
- If somebody wants to gain access to any device that doesn’t belong to him, by means of an access code (password) it is unlawful act.
- Hacking, cracking, self-executing codes are used to gain unlawful access. The intention is to harm any personal property (any device like mobile phone or computer or any other electronic device), damage data (video, audio, database, pictures etc.). He will be punished up to 5 years.
- Unlawful access to computers that contains national defense, financial data operated by government or on behalf of government.
- Modification and interfacing of an information system in order to alter its usual behavior. Penalty for this crime could result in imprisonment up to 3 years or fine.
- Trafficking in computer password means first stealing password and then sell it to someone else.
The laws, statute, regulations and the implementation of a legal system are the result of long term struggle. These data protection rules build public awareness against their rights. Any user can ask about the personal data usage and can demand for the removal of data. Now companies are accountable for using personal data, their actions, for what purpose they are gathering information etc. There is distinctive punishment for every offence, which can either be imprisonment or fine.