Cyber space and Human Rights: With Special Reference to Cyber Crimes

Nishtha Sinha
Author:

ABSTRACT

Cyberspace can be defined in simple words, as the world which has been created with the help of the internet. The paper briefly introduces the aspect of cyberspace as well as human rights. The author has restricted the scope of this research to the Indian cyberspace. The paper firstly talks about the right of access of internet, i.e., cyberspace as a fundamental right and human right in India. Since the major focus of this paper is on cyber-crimes and human rights so paper discusses in detail about the crimes which are committed in cyberspace, India and also as to how these cyber-crimes have affected the human rights of the people residing in India. The paper discusses the Indian laws which are made as well as amended for the purpose of protecting the human rights of its citizens. Social media plays an important role in protecting human rights by raising voice against discrimination and at the same time it causes a threat to human rights by invading privacy, which has also been discussed in detail in the paper. The paper also identifies the most venerable groups that are women and children whose human rights are likely to be affected when any cyber-crime take place. The paper also discusses the measurers that are taken by the government and the other agencies like CERT-In for controlling cyber-crimes and minimising their effect on the human rights of the individuals. Recent major cyber-attacks that took place that violated various human rights along with the recent case laws has also been described in this paper. Though various laws have been enacted, but the researcher has identified that they are not sufficient to combat cyber-crimes. Hence, the researcher has suggested about the various measurers that should be taken to combat cyber-crimes.

Keywords: Cyberspace, Cyber-crimes, Human Rights.

INTRODUCTION

Introduction to the Concept of Cyber Space

Cyber space is a virtual space which is created with the help of Internet. This space is not tangible and does not have a real existence. The communication of messages in this space can only be done from one system to another system with the help of internet[1]. The cyber space provides for effective communication so that messages reach from one part to another part of the real world through this virtual world. Cyberspace can also be used as a place of business and for expansion of business, playing virtual games, using artistic skills and for social interaction. As per Digital India’s Report, India had around 687.6 million Internet Users in January 2020. From this huge number we can estimate the reach and growth of Cyber Space in India.

The Concept of Human Rights

Human Rights are the basic rights which each and every human being in the world has. These rights are provided and guaranteed to all human beings irrespective of caste, creed, gender and colour. Human Rights are inherent rights and these rights cannot be taken in any circumstances. The first legal document that talked about human rights was Universal Declaration of Human Rights (UDHR) and this document was also adopted by the UN General Assembly in the year 1948. UDHR is still considered as the parent document or the constitution of Human Rights, and it referred for all the treaties and conventions which are related to the concept of Human Rights. Some of the rights included in Human rights are Right to privacy, Freedom of Expression and Religion, right to be free and equal, freedom from torture or inhumane treatment etc[2].

International Conventions related to Cyber Space and Cyber-Crime

Cyberspace is a part of each and every crime that is committed in today’s world, yet there are very few international conventions that deals with cyber-space and cybercrimes. Thus, there is an urgent need for developing international conventions[3]which makes the cyberspace friendlier and safer and also helps in combating the cybercrimes. Some of the conventions which are already existing are:

Budapest Convention ,2001

Budapest Convention is also known as Council of Europe (Cyber Crime Convention). This is the only convention on cybercrime which is considered as legally binding on the states which have signed and ratified this convention. This convention helps the cybercrime agencies to conduct investigation related to a cybercrime in the countries which are signatories of this convention. The convention provides for powers and procedures which are required for the purpose of detection and for investigation of a cybercrime. The convention has also provided for the penalties if anyone is found guilty for conducting the cybercrime. This convention also promotes and helps cooperation between the countries[4]. Several states have ratified this convention but India and Russia have neither signed nor ratified this convention.

Additional Protocol to the Convention on Cyberspace concerning the Criminalisation of Acts of a Racist or Xenophilic Nature Committed through Computer System ,2003

This additional protocol is only available to the countries who have ratified and signed the Budapest Convention of 2001.This protocol makes it mandatory for the countries to make laws related to the racist and Xenophobic crimes which are committed in the cyberspace with the help of the internet. This protocol makes it mandatory for the countries to draft laws in their own which will criminally punish the offenders who use internet for spreading threat which are Racist or Xenophilic in nature[5].

Right to Access to Cyber Space

Right to access of internet as a Fundamental Right

Internet connects us with each and every part of the world so one cannot imagine a single day without internet. The government in certain circumstances like for promoting peace and National Security can restrict the access of internet to its citizens. But the state and the government does not have the power to restrict the accesses of internet to its citizens. The Supreme Court in its recent judgement of Anuradha Bhasin v. Union of India[6] has held that right of access of internet is a fundamental right under Article 19 (1)(a) of the Constitution of India. In this case, the internet facility was curbed in the State of Jammu and Kashmir. When the matter came to the Supreme Court, the right to access of internet was held as a fundamental right and the Supreme Court also directed the administration of the State of Jammu and Kashmir to review the orders of curbing the internet and restore the internet facility in the state.

Right to access of Internet as a Human Right

In the case of Faheema Shirin RK v. State of Kerala and others[7], the Kerala High Court held that Right of Access of Internet is a fundamental right which is guaranteed to all the citizens of the Country. In the year 2017, Kerala became the first state of India which has declared that access to Internet is a basic human right. As a result, the government of Kerala has provided free internet connections to the persons belonging to poor families and at marginalised rate to the others. Though this the government would provide easy access to both governmental and non-governmental services in Kerala[8].

Cyber Crimes and Human Right

Various kinds of Cybercrimes

There has been rapid growth in Cyberspace and with this rapid growth there has also been rapid increase in cybercrime throughout the world. The offenders have formulated hundreds of ways of taking away hard-earned money of the people. The common cybercrimes are:

· Phishing -. Phishing is a cybercrime in which the offenders contact the victims through any communication channel which includes telephones, email and text message. The hacker will provide a page which has exactly the same look and feature as a legitimate and authentic page. When the victim will enter the data on that impersonated page, the hacker will obtain the sensitive information related to the username and passwords of banks and credit cards which would result in large losses to the victims of such attacks. In the case of Yahoo v. Akash Arora[9], the defendant made created a similar page as Yahoo and used the same to cheat and influence people. Phishing attack having high intensity is called as whaling attack.

· Identity Theft Scams -In this cyberattack the offender will steal the identity of the victim and will use this identity to make purchase in the name of the victim. The concept of Identity theft scams existed even before the advent of Internet, but with the help of Internet it has been easy for the offenders to obtain information and identity of the victim within no time. In order to prevent such identity theft scams, regular update of various accounts of should be done. In the case of Gagan Harsh Sharma v. State of Maharashtra[10] the accused persons were guilty of identity theft of their employer and thus were convicted under IT Act and IPC.

· Online Harassment -Online Harassment is simple words can be stated as a harassment which is committed with the help of internet. Online Harassment consists of continuous threats of mental or physical harm on a particular person. Online Harassment is a punishable crime in India and India has formulated various laws to combat this crime. Social Media like Facebook, Twitter are the places where the victims are more prone to the offence of Online Harassment. The online platforms also provide reporting facility to the victims of the Online Harassment to prevent such heinous crimes[11].

· Cyber-Stalking- Cyber staking is an offence of following someone or keeping track of the activities of someone with the help of internet. Social Media is a simple tool which is used by the offenders for committing the offence of Cyber-stalking[12]. Sometimes it is also seen that the offenders attack the system of the victim by a malware which helps them in regular tracking of the activities of the victims.

· Hacking -Hacking is a cyber-crime in which the offender by some illegal means tries to exploit and destroy the information that is present in a computer system. Hacking is mostly done with the help of a malware which is send to the computer system of the victim through internet. The actual user of the control system after the attack by the hackers, would not be in a position to obtain information which was previously stored in that system until and unless the malware is removed from the system.

How these Cyber-crimes affect human rights

· Phishing -Phishing attacks being the most common cyberattacks have greater impact on the human rights of the individuals. When the victims enter their personal details and sensitive information in the fake website or mail then there right to privacy as a human right is violated. When such sensitive information is leaked, the victim loses his/her human rights to own things. Such information leakage will also lead to inhumane and slavery treatment by the person who has obtained illegal possession of such information[13].

· Identity Theft Scams –In identity theft scams also the human rights violated are similar as to that of phishing. The victim loses his/her personal information which signifies that right of privacy of the victim is lost. The victim would feel slavery and human treatment in the hands of those individuals which has the access of such information as there would be a regular threat from such person who has the illegal possession of such information[14].

· Online Harassment-Online harassment causes continuous threat and mental pressure on the victim. The victim loses his/her mental peace and thus leading to loss of right to think and form opinion on any matter, which is the basic human right of each and every individual. The victim is likely to feel a sense of slavery when the harasser continuously harasses the victim and him/her to do certain things which are against the choice of the victim.

· Cyber-Stalking- In Cyber staking, when the stalker keeps a continuous check on the activities of the victim then it would directly lead to loss of right of privacy of the victim. The victim would restrict his/her movement and involvement which would eventually lead in loss of the human right of freedom of movement and residence. The victim losses the right to express his/her opinion freely as there is constant fear of being stalked. The victim will eventually lose his/her basic human right of being free and equal.

· Hacking –When the hacker illegally exploits and destroy the information stored in a computer system, then there is a direct attack on the basic human right of privacy on the victim. The victim loses his right of though and expression as the hacker has the full access of the computer system and sensitive information of the victim. The victim will be deprived of his/her right to work and education till the time the hacking malware is present in the computer system of the victim.

Social Media and Human Rights

Social Media is a collection of applications and websites that enables the users to share information and ideas. Social Media provides an opportunity to the people all around the world to meet and interact with the people of their choice. Social Media influences human rights of people living around the world both positively as well as negatively, and thus it plays the role of a guardian and violator of human right.

Social Media as a guardian of Human Rights

Social Media can play a major role in the protection as well as promotion of the human rights. Firstly, it makes the people using social media aware about the human rights which they possess and also gives them a basic education of their rights. Various awareness campaigns are launched in social media and various posts are also regularly updated on the social media promoting the human rights. Social Media provides a platform where people can freely express their ideas, feelings and opinions and exercise their human right of free speech and expression. This right of free speech and expression was promoted by the Court in the case of Shreya Singhal v. Union of India[15].

Social Media also gives the users a platform where individuals can freely talk about their personal experiences of human right violation. It also provides a quick and easy reporting facility to those individuals whose human rights have been violated. Social Media can be used as a depository, which can be used to find the details and location of the culprits. Social media highlights the punishments which are given to the violators of human rights which will act as a deterrence to the violation of human rights.

Social Media as a violator of Human Rights

The people using social media are prone to the risk of human rights violations. The unique user ID which is provided by the social media is easily accessible to the other users of the social media. Such easy accessibility, often leads to invasion of human right of privacy of the individuals, which is not only a human right but also a fundamental right as was held in the case of Justice K.S. Puttaswamy v. Union of India[16]. Children who use social media are the easy target of the human rights violators. Various terrorist groups also use social media for the purpose of hacking and extracting information of the users of social media[17].

Any inappropriate message or content targeting a specific person or group of people can be easily circulated in the Social Media. Social media can be used as platform for committing the offence like cyberstalking and online harassment as the information shared is readily and easily accessible available to the users of social media.

Prevention of Cyber-crimes and minimising its effect on the Human Rights

Measurers taken by the Government for the purpose of Prevention of Cyber-Crimes

The Central Government has taken various steps for controlling as well as eradicating the cybercrimes. Some of the steps taken are:

1)Spreading awareness-Several Awareness programmes informing the citizens their rights in the cyberworld are conducted by the Central Government. The Central Government takes the helps of various educational institutions and universities for the purpose of conducting such awareness programmes on Cyberlaws and Cybercrimes all over India[18].

2)Training of the officials -The Central Government also undertakes regular training of the police officers and the judicial officers to impart them the necessary skills that are needed for combating the cybercrimes.

3) Setting up of the Cyber Crime Centres -Various Centres dealing with cyber crimes have been set up in various parts of the countries. These centres help in investigation and reporting of the cybercrimes[19].

Laws made for the purpose of prevention of cyber crime

India has formulated some specialised as well as general laws for the purpose of dealing with the cybercrimes. The Information Technology Act,2000 is the specialised law of India which deals which the cyber crimes in the cyberworld. Apart from this, The Indian Penal Code, Code of Criminal Procedure, Companies Act and the Evidence Act also punishes the culprits which are involved in cybercrime.

The Information Technology Act contains special provisions for the purpose of dealing with cyber-crimes. The act punishes such persons who damages the computer system of the other person without the permission of the owner[20].When a person tries to hack or steal passwords and digital signature of another person then the act punishes the offender with the offence of causing identity theft[21].The act also punishes child pornography as a cybercrime[22]. The act also punishes possession and distribution of obscene materials which was held in the case of Sharat Babu Digumarti v. Government of NCT of Delhi[23]

Sufficiency of the Laws made and the measurers taken

As we can see that various measures have been taken and laws have been enacted to deal with the cyber-crimes, but the most important thing to examine is the sufficiency of these laws. It is seen that the laws which have been enacted to combat cyber crimes are effective only theoretically and the practical implementation of these laws is still lacking. The Information Technology Act ,2000 is the only specialised law dealing with the aspect, but the IT act[24]cannot be considered sufficient considering its narrow scope. Various cybercrimes such as Breach of Privacy, loss of money in an online transaction and spam mails are beyond the scope of the act. The punishments provided in the act are meagre when compared with the gravity of the crime which are being committed.

The covid-19 Pandemic has increased the reliance of the common people on the cyberworld and with this there would be a gradual increase in the cybercrimes all over the world. There is an urgent need for developing laws regulating the cyber world as the laws and the measures taken are not sufficient for dealing with the present situation. There should be regular training and awareness programmes for the common people so that they are aware about the setting strong passwords for their computer system. They should also be made aware about advanced technologies like Encryption and Firewall which can be used for protecting their computer system and their phones. There is also a need to amend the existing laws of the India so that they are capable of dealing with the crimes which have been emerged with the development in the technology.

Case Studies and Cases

With the growth in the number of Internet users in India, there has been rampant growth in the number of cyberattacks and cybercrimes in India. Some of the recent case studies and cases related to cybercrimes which took place in India are:

· State of Tamil Nadu v. Suhas Katti[25]- In this case, obscene and defamatory messages were sent on the Yahoo message group related to a divorced woman. Several mails were also forwarded to the victim from the fake mail Id which was created by the accused person. The accused was traced by the police based on the information given by the victim. Based on the 14 witnesses produced by the prosecution the accused was convicted under Section 67 of the Information Technology Act.

· NASSCOM v Ajay Sood & Others[26]-In this case fraudulent mails were sent by the defendants to various people using the name of the plaintiff. The mails were in the nature of phishing mails. The Court., in this landmark judgement elaborated the concept of phishing and held that phishing on the internet as an illegal act.

· UDHAI Software Hacked (Aadhar Software Hacked)-This cyber-attack is considered as one of the largest data breach cyber-attack which took place in India. In this attack the data of 1.1 Billion Aadhaar users were leaked. This data was leaked through the various website and portals which were run by Central Government of India. The personal data which was leaked included sensitive information such as Mobile Numbers, Bank Account Numbers, PAN Numbers and even the IFSC Code of the users were leaked.

· Canera Bank ATM Hacked -In this cyberattack, a major financial institution of the country i.e., the Canera Bank was hacked. This attack took place in the middle of the year 2018 when around 300 ATM cards of the Canera Bank was hacked. The details of the users which were contained in the Canera Bank ATM was leaked and an amount of Rs. 20 lakhs were stollen from the various bank account of the users. This attack was also considered as one of the biggest cyber-attack as a huge amount of money was lost.

· Delhi State Health Mission Website hacked-In the mid-June 2020, where the corona virus pandemic was at its peak, the Delhi State Health Mission Website was hacked. The hackers were successful in accessing the personal data of the Covid 19 patients which were contained in this website.

Conclusion and Recommendations

The has been tremendous growth in the cyber space of India and with this growth crimes that are taking place in the cyber space are also increasing. These crimes have direct effect on the human rights of the people. The cybercrimes such as phishing, Identity Theft, Online Harassment, Cyber-stalking have direct effect on the human rights of the victims. The human rights such as right to privacy, free expression and opinion are violated by the cyber-crimes. The social media plays a dual role, the first one being the protector of human rights and the second one as the violator of human rights. India has also enacted the Information Technology Act to deal with the cyber-crimes. Various other measures have also been taken up by the government to combat cyber-crimes like formation of a specialised agency to deal with cyber-crimes, conducting awareness campaigns. But these measures and laws are not sufficient to deal with increasing cyber-crimes as the predators are using advanced and new technologies to commit cyber-crimes

The researcher recommends enactment of more specialised laws related to cyber-crimes. The users of Internet should be given regular training for protecting their phones and computers from cyberattack. The cyber-crime agencies should increase its focus on the areas which are prone to cyber-attack like Financial Institutions, Big Businesses and IT services. The researcher also recommends speedy disposal of the cases related to cyber-crimes so that the victims whose human rights have been violated gets speedy relief.

[1] Sitara Noor, Cyber (In) Security: A Challenge to Reckon With,34 Strategic Studies 1,14 (2014) https://www.jstor.org/stable/48527537.

[2] Alison Dundes, The Concept of Human Rights,83 Anthropos, 343,350 (1988) www.jstor.org/stable/40463371.

[3] Asoke Mukerji, The Need for an International Convention on Cyberspace, IJSD 198, 204 (2020) https://www.jstor.org/stable/48573761.

[4] Michael O’Sullivan, Budapest,6 Central European University Press, 19,45 (2018) www.jstor.org/stable/10.7829/j.ctvbd8m4j.

[5] Aaron F. Brantly. Countering the Cyber Threat,3 The Cyber Defence Review,47,56 (2018), www.jstor.org/stable/26427375.

[6] Anuradha Bhasin v. Union of India, 2020 1 MLJ 574.

[7] Faheema Shirin RK v. State of Kerala and others, AIR 2020 Ker 35

[8] A.G. Noorani, Cyberspace and Citizen's Rights, 32 Econ. Political Wkly. 1299,1299 (1997) https://www.jstor.org/stable/4405474.

[9] Yahoo v. Akash Arora, 78 (1999) DLT 285

[10] Gagan Harsh Sharma v. State of Maharashtra, 2019 CriLJ 1398

[11] Zahid Jamil, Global Fight Against Cybercrime: Undoing the Paralysis,2 Georgetown Journal of International Affairs, 109,120 (2012) www.jstor.org/stable/43134344 .

[12] R. Dhiraj Duraiswami, Privacy and Data Protection in India, 6 Journal of Law & Cyber Warfare 166,170 (2017) https://www.jstor.org/stable/26441284.

[13] Maria Grazia, Rule of Law and Human Rights in Cyberspace,1 EUISS 28,42 (2014) www.jstor.org/stable/resrep07069.

[14] A. Liaropoulos, A Human-Centric Approach to Cybersecurity: Securing the Human in the Era of Cyberphobia,14 JIW 15, 21 (2015) https://www.jstor.org/stable/26487503.

[15]Shreya Singhal v. Union of India, (2013) 12 SCC 73.

[16] Justice K.S. Puttaswamy v. Union of India, 2017 10 SCC 1.

[17] J. Cees Jhamelink, Human Rights in Cyberspace, University of Ottawa Press 31,44 (1999) https://www.jstor.org/stable/j.ctt1cn6rfb .

[18] NIR KSHETRI, Diffusion and Effects of Cyber-Crime in Developing Economies,31 Third World Quarterly, 1057,1076 (2010) www.jstor.org/stable/27896600. .

[19] Claire Yorke, Cybersecurity and Society: Bigsociety.Com,66 The World Today 19,21 (2010) www.jstor.org/stable/41963033. 

[20] Information Technology Act,2000 § 43, No.21, Acts of Parliament ,2000 (India)

[21] Information Technology Act,2000 § 73, No.21, Acts of Parliament ,2000 (India).

[22] Information Technology Act,2000 § 67 b, No.21, Acts of Parliament ,2000 (India).

[23]Sharat Babu Digumarti v. Government of NCT of Delhi, AIR 2017 SC 150.

[24] Devashish Bharuka, Indian Information Technology Act, 2000: Criminal Prosecution made easy for Cyber Psychos,44 JILI, 354,379 (2000). www.jstor.org/stable/43951825.

[25] State of Tamil Nadu v. Suhas Katti, CC No 4680 of 2004.

[26]National Association of Software and Service Companies v. Ajay Sood & Others, 119 (2005) DLT 596.