Chapter-1 Introduction

1.1 Overview Cyber refers to imaginary space, which is created when the electronic devices communicate, like network of computers. Cybercrime refers to anything done in the cyber space with a criminal intent. These could be either the criminal activities in the conventional sense or could be activities, newly evolved with the growth of the new medium. Cybercrime includes acts such as hacking, uploading obscene content on the Internet, sending obscene emails and hacking into a person's e-banking account to withdraw money. Computer crime, or cybercrime, refers to any crime that involves a computer and a network, where the computers played an instrumental part in the commission of a crime. Cyber Crime has nowhere been defined in any statute /Act passed or enacted by the Indian Parliament. The concept of cybercrime is not radically different from the concept of conventional crime. Both include conduct whether act or omission, which cause breach of rules of law and counterbalanced by the sanction of the state particularly those surrounds hacking, copyright infringement through wares, child pornography and child grooming. The term cybercrime is a misnomer. This term has nowhere been defined in any statute /Act passed or enacted by the Indian Parliament. The concept of cybercrime is not radically different from the concept of conventional crime. Both include conduct whether act or omission, which cause breach of rules of law and counterbalanced by the sanction of the state. 1.2 Reasons of Cybercrime Computer is just a machine which cannot on its own has the capacity to perpetrate fraud, it is human being that initiate the act, and in particular by an insider. The most relevant question now is why do computer users commit computer crime? The factors that enhance the potential that a company will be the target of theft, fraud, embezzlement, and corruption includes computer crimes are categorized into two: 1.2.1) Motivational Factors: These related to the corporate reward system and company policies. The following factors encourage computer crime: (a) Inadequate rewards; including pay fringe benefits, stock and stock options bonuses, job security, meaningful work, and promotional opportunity. (b) Failure to control hostility, bias or unfairness generated by promotion or destructive competitiveness among departments, offices, or personnel. (c) Inadequate security and control measures put in place; or otherwise conscientious employee may be tempted to commit computer crime. (d) Failure to offer counseling when performance or behavior fails below acceptable levels.
1

(e) An uncertain future where a company faces merger, acquisition or failure. 1.2.2) Personal-based factors: These related to the character of a particular perpetrator. The following are common problems that become personnel motivations for computer crime: (a) Greed: An employee with tendency of greedy, manifestations or personal financial problem may decide to defraud his company merchandise. (b) Crises: Unresolved problems relating to personal status or an employee in a state of acute or crippling financial crises may decide, against better judgment to defraud his company. (c) Inadequate standard of personnel recruitment and selection. (d) Inadequate orientation and training on security matters and on sanction for violating security rules. (e) Blackmail: An employee may be pressurized to commit computer crime by a third party just to blackmail in order to cause several embarrassments or cause irreparable damage.

Chapter-2

Modes and Manner of Committing Cybercrime

2.1) Unauthorized access to computer systems or networks / Hacking- This kind of offence is normally referred as hacking in the generic sense. However the framers of the information technology act 2000 have nowhere used this term so to avoid any confusion we would not interchangeably use the word hacking for unauthorized access as the latter has wide connotation. 2.2) Theft of information contained in electronic form- This includes information stored in computer hard disks, removable storage media etc. Theft may be either by appropriating the data physically or by tampering them through the virtual medium. 2.3) Email bombing- This kind of activity refers to sending large numbers of mail to the victim, which may be an individual or a company or even mail servers there by ultimately resulting into crashing. 2.4) Data diddling- This kind of an attack involves altering raw data just before a computer processes it and then changing it back after the processing is completed. The electricity board faced similar problem of data diddling while the department was being computerized. 2.5) Salami attacks- This kind of crime is normally prevalent in the financial institutions or for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed. E.g. the Ziegler case wherein a logic bomb was introduced in the banks system, which deducted 10 cents from every account and deposited it in a particular account. 2.6) Denial of Service attack- The computer of the victim is flooded with more requests than it can handle which cause it to crash. Distributed Denial of Service (DDoS) attack is also a type of denial of service attack, in which the offenders are wide in number and widespread. E.g. Amazon, Yahoo.4 2.7) Virus / worm attacks- Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer's memory. E.g. love bug virus, which affected at least 5 % of the computers of the globe. The losses were accounted to be $ 10 million. The world's most famous worm was the Internet worm let loose on the Internet by Robert Morris sometime in 1988. Almost brought development of Internet to a complete halt. 2.8) Logic bombs- These are event dependent programs. This implies that these programs are created to do something only when a certain event (known as a trigger event) occurs. E.g.
3

even some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date (like the Chernobyl virus).
2.9) Trojan attacks- This term has its origin in the word Trojan horse. In software field this

means an unauthorized programmer, which passively gains control over anothers system by representing itself as an authorized programmer. The most common form of installing a Trojan is through e-mail. E.g. a Trojan was installed in the computer of a lady film director in the U.S. while chatting. The cybercriminal through the web cam installed in the computer obtained her nude photographs. He further harassed this lady. 2.10) Internet time thefts- Normally in these kinds of thefts the Internet surfing hours of the victim are used up by another person. This is done by gaining access to the login ID and the password. E.g. Colonel Bajwas case- the Internet hours were used up by any other person. This was perhaps one of the first reported cases related to cybercrime in India. However this case made the police infamous as to their lack of understanding of the nature of cybercrime. 2.11) Web jacking- This term is derived from the term hi jacking. In these kinds of offences the hacker gains access and control over the web site of another. He may even mutilate or change the information on the site. This may be done for fulfilling political objectives or for money. E.g. recently the site of MIT (Ministry of Information Technology) was hacked by the Pakistani hackers and some obscene matter was placed therein. Further the site of Bombay crime branch was also web jacked. Another case of web jacking is that of the gold fish case. In this case the site was hacked and the information pertaining to gold fish was changed. Further a ransom of US $ 1 million was demanded a ransom. Thus web jacking is a process whereby control over the site of another is made backed by some consideration for it.

Chapter-3 Cyber Law

3.1 What is Cyber Law? Cyber Law is the law governing cyber space. Cyber space is a very wide term and includes computers, networks, software, data storage devices (such as hard disks, USB disks etc), the Internet, websites, emails and even electronic devices such as cell phones, ATM machines etc. Law encompasses the rules of conduct: 1) that have been approved by the government, and 2) which are in force over a certain territory, and 3) which must be obeyed by all persons on that territory. Violation of these rules could lead to government action such as imprisonment or fine or an order to pay compensation. Cyber law encompasses laws relating to: 1) Cyber Crimes 2) Electronic and Digital Signatures 3) Intellectual Property 4) Data Protection and Privacy Cybercrimes are unlawful acts where the computer is used either as a tool or a target or both. The enormous growth in electronic commerce (e-commerce) and online share trading has led to a phenomenal spurt in incidents of cybercrime. These crimes are discussed in detail further in this chapter. A comprehensive discussion on the Indian law relating to cybercrimes and digital evidence is provided in the ASCL publication titled Cyber Crimes & Digital Evidence Indian Perspective. Electronic signatures are used to authenticate electronic records. Digital signatures are one type of electronic signature. Digital signatures satisfy three major legal requirements signer authentication, message authentication and message integrity. The technology and efficiency of digital signatures makes them more trustworthy than hand written signatures. These issues are discussed in detail in the ASCL publication titled Ecommerce Legal Issues. Intellectual property is refers to creations of the human mind e.g. a story, a song, a painting, a design etc. The facets of intellectual property that relate to cyber space are covered by cyber law. Fundamentals of Cyber Law These include: copyright law in relation to computer software, computer source code, websites, cell phone content etc., software and source code licenses trademark law with relation to domain names, meta tags, mirroring, framing, linking etc
5

 semiconductor law which relates to the protection of semiconductor integrated circuits design and layouts, patent law in relation to computer hardware and software. These issues are discussed in detail in the ASCL publication titled IPR & Cyberspace - the Indian Perspective. Data protection and privacy laws aim to achieve a fair balance between the privacy rights of the individual and the interests of data controllers such as banks, hospitals, email service providers etc. These laws seek to address the challenges to privacy caused by collecting, storing and transmitting data using new technologies. 3.2 Need for Cyber Law There are various reasons why it is extremely difficult for conventional law to cope with cyberspace. Some of these are discussed below. 1. Cyberspace is an intangible dimension that is impossible to govern and regulate using conventional law. 2. Cyberspace has complete disrespect for jurisdictional boundaries. A person in India could break into a banks electronic vault hosted on a computer in USA and transfer millions of Rupees to another bank in Switzerland, all within minutes. All he would need is a laptop computer and a cell phone. 3. Cyberspace handles gigantic traffic volumes every second. Billions of emails are crisscrossing the globe even as we read this, millions of websites are being accessed every minute and billions of dollars are electronically transferred around the world by banks every day. 4. Cyberspace is absolutely open to participation by all. A ten- year-old in Bhutan can have a live chat session with an eight- year-old in Bali without any regard for the distance or the anonymity between them. 5. Cyberspace offers enormous potential for anonymity to its members. Readily available encryption software and steganography tools that seamlessly hide information within image and sound files ensure the confidentiality of information exchanged between cyber-citizens. 6. Cyberspace offers never-seen-before economic efficiency. Billions of dollars worth of software can be traded over the Internet without the need for any government licenses, shipping and handling charges and without paying any customs duty. 7. Electronic information has become the main object of cybercrime. It is characterized by extreme mobility, which exceeds by far the mobility of persons, goods or other services. International computer networks can transfer huge amounts of data around the globe in a matter of seconds. 8. A software source code worth crores of rupees or a movie can be pirated across the globe within hours of their release.

9. Theft of corporeal information (e.g. books, papers, CD ROMs, floppy disks) is easily covered by traditional penal provisions. However, the problem begins when electronic records are copied quickly, inconspicuously and often via telecommunication facilities. Here the original information, so to say, remains in the possession of the owner and yet information gets stolen. 3.3 Jurisprudence of Indian Cyber Law The primary source of cyber law in India is the Information Technology Act, 2000 (IT Act) which came into force on 17 October 2000. The primary purpose of the Act is to provide legal recognition to electronic commerce and to facilitate filing of electronic records with the Government. The IT Act also penalizes various cybercrimes and provides strict punishments (imprisonment terms upto 10 years and compensation up to Rs 1 crore). An Executive Order dated 12 September 2002 contained instructions relating provisions of the Act with regard to protected systems and application for the issue of a Digital Signature Certificate. Minor errors in the Act were rectified by the Information Technology (Removal of Difficulties) Order, 2002 which was passed on 19 September 2002. The IT Act was amended by the Negotiable Instruments (Amendments and Miscellaneous Provisions) Act, 2002. This introduced the concept of electronic cheques and truncated cheques. Information Technology (Use of Electronic Records and Digital Signatures) Rules, 2004 has provided the necessary legal framework for filing of documents with the Government as well as issue of licenses by the Government. It also provides for payment and receipt of fees in relation to the Government bodies. On the same day, the Information Technology (Certifying Authorities) Rules, 2000 also came into force. These rules prescribe the eligibility, appointment and working of Certifying Authorities (CA). These rules also lay down the technical standards, procedures and security methods to be used by a CA. Information Technology (Certifying Authority) Regulations, 2001 came into force on 9 July 2001. They provide further technical standards and procedures to be used by a CA. Two important guidelines relating to CAs were issued. The first are the Guidelines for submission of application for license to operate as a Certifying Authority under the IT Act. These guidelines were issued on 9th July 2001. Next were the Guidelines for submission of certificates and certification revocation lists to the Controller of Certifying Authorities for publishing in National Repository of Digital Certificates. These were issued on 16th December 2002. The Cyber Regulations Appellate Tribunal (Procedure) Rules, 2000 also came into force on 17th October 2000. These rules prescribe the appointment and working of the Cyber Regulations Appellate Tribunal (CRAT) whose primary role is to hear appeals against orders of the Adjudicating Officers.

The Cyber Regulations Appellate Tribunal (Salary, Allowances and other terms and conditions of service of Presiding Officer) Rules, 2003 prescribe the salary, allowances and other terms for the Presiding Officer of the CRAT. Information Technology (Other powers of Civil Court vested in Cyber Appellate Tribunal) Rules 2003 provided some additional powers to the CRAT. On 17th March 2003, the Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003 were passed. These rules prescribe the qualifications required for Adjudicating Officers. Their chief responsibility under the IT Act is to adjudicate on cases such as unauthorized access, unauthorized copying of data, spread of viruses, denial of service attacks, disruption of computers, computer manipulation etc. These rules also prescribe the manner and mode of inquiry and adjudication by these officers. The appointment of adjudicating officers to decide the fate of multi-crore cybercrime cases in India was the result of the public interest litigation filed by students of Asian School of Cyber Laws (ASCL). The Government had not appointed the Adjudicating Officers or the Cyber Regulations Appellate Tribunal for almost 2 years after the passage of the IT Act. This prompted ASCL students to file a Public Interest Litigation (PIL) in the Bombay High Court asking for a speedy appointment of Adjudicating officers. The Bombay High Court, in its order dated 9th October 2002, directed the Central Government to announce the appointment of adjudicating officers in the public media to make people aware of the appointments. The division bench of the Mumbai High Court consisting of Honble Justice A.P. Shah and Honble Justice Ranjana Desai also ordered that the Cyber Regulations Appellate Tribunal be constituted within a reasonable time frame. Following this the Central Government passed an order dated 23rd March 2003 appointing the Secretary of Department of Information Technology of each of the States or of Union Territories of India as the adjudicating officers. The Information Technology (Security Procedure) Rules, 2004 came into force on 29th October 2004. They prescribe provisions relating to secure digital signatures and secure electronic records. Also relevant are the Information Technology (Other Standards) Rules, 2003. An important order relating to blocking of websites was passed on 27th February, 2003. Computer Emergency Response Team (CERT-IND) can instruct Department of Telecommunications (DOT) to block a website. The Indian Penal Code (as amended by the IT Act) penalizes several cybercrimes. These include forgery of electronic records, cyber frauds, destroying electronic evidence etc. Digital Evidence is to be collected and proven in court as per the provisions of the Indian Evidence Act (as amended by the IT Act). In case of bank records, the provisions of the Bankers Book Evidence Act (as amended by the IT Act) are relevant. Investigation and adjudication of cybercrimes is done in accordance
8

with the provisions of the Code of Criminal Procedure and the IT Act. The Reserve Bank of India Act was also amended by the IT Act.

Chapter-4 ELECTRONIC GOVERNANCE

Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto. Whereas the General Assembly of the United Nations by resolution A/RES/51/162, dated the 30th January, 1997 has adopted the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law; the said resolution recommends inter alia that all States give favorable consideration to the said Model Law when they enact or revise their laws, in view of the need for uniformity of the law applicable to alternatives to paper-based method of communication and storage of information and whereas it is considered necessary to give effect to the said resolution and to promote efficient delivery of Government services by means of reliable electronic records. BE it enacted by Parliament in the Fifty-first Year of the Republic of India.

4.1 ATTRIBUTION, ACKNOWLEDGEMENT AND DISPATCH OF ELECTRONIC RECORDS

4.1.1 Attribution of electronic records An electronic record shall be attributed to the originatora) If it was sent by the originator himself. b) By a person who had the authority to act on behalf of the originator in respect of that electronic record, or c) By an information system programmed by or on behalf of the originator to operate automatically.

10

4.1.2 Acknowledgement of receipt

1) Where the originator has not agreed with the addressee that the acknowledgment of receipt of electronic record be given in a particular form or by a particular method, an acknowledgment may be given bya) any communication by the addressee, automated or otherwise, or b) any conduct of the addressee, sufficient to indicate to the originator that the electronic record has been received. 2) Where the originator has stipulated that the electronic record shall be binding only on receipt of an acknowledgment of such electronic record by him, then unless acknowledgment has been so received, the electronic record shall be deemed to have been never sent by the originator. 3) Where the originator has not stipulated that the electronic record shall be binding only on receipt of such acknowledgment, and the acknowledgment has not been received by the originator within the time specified or agreed or, if no time has been specified or agreed to within a reasonable time, then the originator may give notice to the addressee stating that no acknowledgment has been received by him and specifying a reasonable time by which the acknowledgment must be received by him. If no acknowledgment is received within the aforesaid time limit he may after giving notice to the addressee, treat the electronic record as though it has never been sent.

11

4.1.3 Time and place of dispatch and receipt of electronic record

1) Save as otherwise agreed to between the originator and the addressee, the dispatch of an electronic record occurs when it enters a computer resource outside the control of the originator. (2) Save as otherwise agreed between the originator and the addressee, the time of receipt of an electronic record shall be determined as follows, namely:a) if the addressee has designated a computer resource for the purpose of receiving electronic records, receipt occurs at the time when the electronic record enters the designated computer resource, or if the electronic record is sent to a computer resource of the addressee that is not the designated computer resource, receipt occurs at the time when the electronic records retrieved by the addressee.

b) if the addressee has not designated a computer resource along with specified timings, if any, receipt occurs when the electronic record enters the computer resource of the addressee. 3) Save as otherwise agreed to between the originator and the addressee, an electronic record is deemed to be dispatched at the place where the originator has his place of business, and is deemed to be received at the place where the addressee has his lace of business. 4) The provisions of sub-section 2 shall apply notwithstanding that the place where the computer resource is located may be different from the place where the electronic record is deemed to have been received under sub-section 3. 5) For the purposes of this section-

a) If the originator or the addressee has more than one place of business, the principal place of business, shall be the place of business. b) If the originator or the addressee does not have a place of business, his usual place of residence shall be deemed to be the place of business.

c) "Usual place of residence", in relation to a body corporate, means the place where it is registered.

12

4.2 SECURE ELECTRONIC RECORDS AND SECURE DIGITAL SIGNATURES

4.2.1 Secure electronic record Where any security procedure has been applied to an electronic record at a specific point of time, then such record shall be deemed to be a secure electronic record from such point of time to the time of verification. 4.2.2 Secure digital signature If, by application of a security procedure agreed to by the parties concerned, it can be verified that a digital signature, at the time it was affixed, wasa) Unique to the subscriber affixing it. b) Capable of identifying such subscriber. c) Created in a manner or using a means under the exclusive control of the subscriber and is linked to the electronic record to which it relates in such a manner that if the electronic record was altered the digital signature would be invalidated, then such digital signature shall be deemed to be a secure digital signature. 4.2.3 Security procedure The Central Government shall for the purposes of this Act prescribe the security procedure having regard to commercial circumstances prevailing at the time when the procedure was used, includinga) The nature of the transaction. b) The level of sophistication of the parties with reference to their technological capacity c) The volume of similar transactions engaged in by other parties d) The availability of alternatives offered to but rejected by any party e) The cost of alternative procedures, and f) The procedures in general use for similar types of transactions or communications.

13

Chapter-5 SECURITY MEASURES FOR PREVENTING CYBERCRIME

5.1) Computer Access Control- Considering the facts that are various categories of computer related crime, different strategy should be used in controlling them. The following controls may be used to restrict unauthorized people access to sensitive system.
i) Password: The use of password will only allow the authorized users access to the system.

The password should be enough so that it will be difficult to guess. ii) Compartmentalization: This restricts users to specific files and program they have a job related need access. Regular updating is required to conform access to the needs of people moving from responsibility to responsibility within the organization. iii) Use of Biometrics: These include the use of fingerprints, hand geometry, and voice recognition and so on to restrict access to unauthorized users. iv) Automatic Logoff: This measure prevents unauthorized access to the system when authorized users failed to logoff. v) Random Personal Information checks: This is used in identifying unauthorized login attempts. The system randomly transmits a question that only the authorized individual could answer and denied access unless the right answer is received. 5.2) Network Access Controli) Encryption: This can be described as the use of codes to transform original data into a code which can only be deciphered by the software which handles the file. The transform data appears to be nonsense or jargon until the encryption key is applied to the data. Encryption key is a number which enables encrypted data to be decoded. In some cases hardware key must be attached to the computer before it can read encrypted files. ii) Firewall: A firewall allows you to protect your computer from hackers, who often target the IP address ranges used broadband providers. The use of firewalls and similar safeguards prevent unauthorized access through the Internet. Firewalls, however, are only effective when they are properly sited within the company network and, when they are managed properly configured or otherwise not providing the security that users and management expect. iii) Spy-ware: A spy-ware is a tool used by the cyber caf operators to monitor peoples activities while browsing on the Internet. Spy-ware is a tool used for monitoring and gathering information about people and information gather are often used for malicious purpose (Agboola, 2005:1). This will go along way to know if the Internet user is visiting prohibited sites.

14

5.3 PERSPECTIVE ON LEGAL ISSUE

Offenders vary by both criminal act and the jurisdiction. As with any other crimes, the element of a computer-related offense must be established for successful prosecution, not a particular easy task in light of the nature of computer technology. For example, the criminal intent, of a specific computer crime may be difficult to prove. How can an investigator distinguish between a hacker who intentional steals or destroys electronic files and someone who accidentally destroyed files while perusing them? Similarly, the physical act of a computer-related crime may be demonstrated best by an electronic impulse that, unfortunately, is difficult to define and track, considering that a computer crime can occur in 3 milliseconds. As a result, computer-related crime become easier to perpetrate and more difficult to identify, investigate, and prove.

5.4 RECOMMENDATIONS
Some of the suggestions to improve computer security include: a) The use of more effective policies for security over proprietary information. b) Implementing better internal accounting controls. c) Improving interaction between the human resources department, the systems department and corporate security functions. d) Continuous supervision of those with sensitive access to system. e) The use of better software security. f) Implementing better and regular computer audit software. g) The use of adequate, physical security in the workplace.

15

Chapter-6 INTELLECTUAL PROPERTY ACT

The Intellectual Property Protection Act of 2006 is a legislation that, when proposed to congress, was supported by the Justice Department. Its main goal is to bolster, and increase the government's ability to fight against IP violations as well as to help reduce terror-related and criminal enterprises that are proposed as being supposedly funded by piracy. However, the government has not been able to show a verifiable connection between IP crimes and injustices and the accused terror groups. The legislation was introduced to Congress and supported by Republican Lamar Smith, who serves as the chairman of the House Subcommittee on Courts, the Internet, and Intellectual Property. All aspects of his subcommittee have jurisdiction over copyright law and information technology. When the legislation was first signed into law, there was controversy over its original purpose. Thinking that the conservative government was simply supporting friends in CEO positions in major companies, many small businesses thought that the Bush Administration enabled the law to specifically aid the attempts of big business that were trying to rid any unauthorized use of their copyrighted products. However, the act proved to be useful for practically all copyrighted media and material. Overall, the purpose of the instated legislation is to protect any form of intellectual property and original innovation in order to sustain a sense of copyright for original works and creation. The legislation should not be confused with HR 2391, or the Intellectual Property Protection Act of 2004, which was an earlier collection of intellectual property related legislation. Although the 2006 legislation does involve a very similar representation of the 2004 legislation, it is more of an expansion and addition rather than a refurbished copy. Other information on this legislation provided and operated by government officials can be found on the Public Knowledge Organization Site, which is a "Washington, D.C.-based public interest group working to defend citizens' rights in the emerging digital culture." Intellectual property (IP) refers to original creations and innovations of the mind. Examples of IP are as follows: Copyrights Trademarks Patents

16

6.1 COPYRIGHT vs. TRADEMARK vs. PATENT 6.1.1What is a Copyright?

Copyright is a form of protection provided to the authors of "original works of authorship" including literary, dramatic, musical, artistic, and certain other intellectual works, both published and unpublished. The 1976 Copyright Act generally gives the owner of copyright the exclusive right to reproduce the copyrighted work, to prepare derivative works, to distribute copies or phone records of the copyrighted work, to perform the copyrighted work publicly, or to display the copyrighted work publicly. The copyright protects the form of expression rather than the subject matter of the writing. For example, a description of a machine could be copyrighted, but this would only prevent others from copying the description; it would not prevent others from writing a description of their own or from making and using the machine. Copyrights are registered by the Copyright Office of the Library of Congress. Need a copyright form? Try these: Copyright Assignment Form Copyright Cease & Desist Letter Copyright Policy for a School

5.1.2What is a Trademark? A trademark is a word, name, symbol or device which is used in trade with goods to indicate the source of the goods and to distinguish them from the goods of others. A servicemark is the same as a trademark except that it identifies and distinguishes the source of a service rather than a product. The terms "trademark" and "mark" are commonly used to refer to both trademarks and service marks. Trademark rights may be used to prevent others from using a confusingly similar mark, but not to prevent others from making the same goods or from selling the same goods or services under a clearly different mark. Trademarks which are used in interstate or foreign commerce may be registered with the Patent and Trademark Office. The registration procedure for trademarks and general information concerning trademarks is described in a separate pamphlet entitled "Basic Facts about Trademarks". Need a trademark form? Try these: Trademark Assignment Forms

17

Trademark Cease & Desist Letter IP License Agreement

5.1.3What is a Patent?

A patent for an invention is the grant of a property right to the inventor, issued by the Patent and Trademark Office. The term of a new patent is 20 years from the date on which the application for the patent was filed in the United States or, in special cases, from the date an earlier related application was filed, subject to the payment of maintenance fees. US patent grants are effective only within the US, US territories, and US possessions. The right conferred by the patent grant is, in the language of the statute and of the grant itself, "the right to exclude others from making, using, offering for sale, or selling" the invention in the United States or "importing" the invention into the United States. What is granted is not the right to make, use, offer for sale, sell or import, but the right to exclude others from making, using, offering for sale, selling or importing the invention. Need a patent form? Try these: Exclusive Patent License Nonexclusive Patent License Assignment of Patent Application

18

Chapter-7 Conclusion
Cybercrime is criminal activity done using computers and the Internet. This includes anything from downloading illegal music files to stealing millions of dollars from online bank accounts. Cybercrime also includes non-monetary offenses, such as creating and distributing viruses on other computers or posting confidential business information on the Internet. Because cybercrime covers such a broad scope of criminal activity, the examples above are only a few of the thousands of crimes that are considered cybercrimes. While computers and the Internet have made our lives easier in many ways, it is unfortunate that people also use these technologies to take advantage of others. Therefore, it is smart to protect yourself by using antivirus and spyware blocking software and being careful where you enter your personal information. Most of the recorded computer crimes cases in most organization involve more than individual and virtually all computer crime cases known so far are committed by employer of the organization. Criminals have also adapted the advancements of computer technology to further their own illegal activities. Investigators must know the materials to search and seize the electronic evidences to recover, and the claim of custody to maintain. Without question, law enforcement must be better prepared to deal with many aspects of computer-related crimes and the techno-criminals who commit them. This article is not meant to suggest that programmers or computer users are fraudulent people or criminal but rather to expose us to the computer-related crime and provides ways to prevent them.

19

References
1) www.cybercellmumbai.com 2) Wikipedia 3) www.cyberlawsindia.net 4) www.google.com

20