Cyber Crime Trends in 2019

Malaika Naidu

In 2017, 2 billion data records were compromised,
followed by more than 4.5 billion records in just the first half of 2018.

With every passing year, and at an accelerated pace since 2010, cybercriminals are using more advanced and scalable tools to breach privacy. And they are clearly getting results!

In the last 2 years, we see some cyber-crimes becoming more prevalent than others. Cyber safety organisations around the world fear that the growth of cyber-crimes in just these 6 months of 2019 will surpass the numbers of 2017 and 2018 put together. Give that a serious thought for a minute.

Cyber-crimes grow and evolve with consumer behaviour trends. So, the trending cyber-crimes complement our usage patterns of the internet and technology. In the last decade, emails and chat rooms used to be the most common methods of communication online. This decade, we see a shift to mobile apps like WhatsApp and Viber and social platforms like Facebook, Instagram and Snapchat. Naturally, we see a shift from the number of email related frauds to social media frauds. Not to say that email frauds don’t happen anymore, it’s just that today we are more vulnerable on social media. And the numbers support this claim.

In 2018 alone, social media fraud increased by 43% from the year prior. Similarly, fraud in mobile channels has grown significantly in the last few years. In the same year, almost 70% of cyber-crimes originated or took form through vulnerabilities in mobile channels. A white paper, ‘Current State of Cybercrime – 2019’ by RSA Security says that the ease of use of such channels, absence of usage fees and other such simplicities will only help this trend grow exponentially.

So, what do we need to look out for in 2019?

Phishing Attacks

Phishing, as the name suggests, is looking or seeking private information under a guise. This usually happens through emails, instant messaging or text messages. The attacker masquerades as a trusted entity in order to hook and procure information such as passwords and PINs. One of the most efficient cyber-crimes, phishing is only growing in its complexity, ensuring its success further.  To add to the problem, phishing kits are easily available on the dark net. Meaning anyone with basic technical knowledge can purchase the kit and execute the attack. Once a phishing attack is successful, there is very little recourse for the victim.

Remote Access Threats

Basically, remote access is to gain unauthorised administrator access to a device, such as a computer or smart TV, from a remote network. This means the device being attacked and the device that is executing the attack are on separate networks. In 2018, the biggest remote access attack was cryptojacking, which targeted cyptocurrency owners. Now with Internet of Things and connected homes, we have only made ourselves even more vulnerable. These attacks can happen on any device connected to a network with open ports. Most common devices to come under this attack are computers, cameras, smart TVs, Network-Attached Storage (NAS) devices, alarm systems and home appliances.

Smartphone Vulnerabilities

We’ve started using mobile phones for everything from communication to banking. We are comfortable accessing and/or storing sensitive information on our mobile phones without proper protection of any sort, unlike how almost all of us have a firewall or antivirus on our computers. Think about all the apps that have access to data on your phones. Have you done your due diligence before downloading a random photo editing app? Aside from apps, another way attackers exploit our phones is through the two-step authentication system. While being one of the most widely used cybersecurity tools, it has actually increased our security risk in case a phone is stolen or lost.

How? Many platforms, including Facebook and Gmail, allow you to login on a fresh device using a code that will be sent to your phone. Similar vulnerabilities arise with OTPs. So, while this system adds a layer of security, it also makes you vulnerable in case your phone is stolen.

Artificial Intelligence (AI): Future of Tech

Every development in technology can be used for good and bad, as the user may see fit. Industries are working on cybersecurity systems perfected with AI, while hackers are using the same technology for themselves to become more effective. It doesn’t help that the qualities of AI inherently serve malicious purposes. AI systems are easy to create and separate the human element. Meaning, the hacker gets the advantage of being disconnected from the crime while still bearing the fruit. As we continue to pour millions into the development of AI, we’re simultaneously making it easier for cybercriminals. Think about the robots that are being developed for the medical industry – how do we prevent that robot from being hacked and turning violent instead of helpful?
Or even chatbots? Airline companies, banking websites, almost all e-commerce websites, and even educational organisations have chatbots on their websites. We’ve become comfortable chatting with a bot and often share privileged information when seeking help from the chatbot. How do you confirm that the chatbot hasn’t been compromised by a hacker? Are you mindful of what information you may be sharing with a hacker or do you share whatever information is asked for hoping to get help with whatever your grievance was?

Technology is both a friend and a foe. The expansive penetration of internet accessibility has only added to our conveniences and our problems. Be vigilant and do your due diligence when interacting through technology, straight away from the moment you go live on the internet.

What are some of the steps you take to protect yourself online?

VPN when using a public Wi-Fi?
Anti-virus on your phone?
Covering your webcam when not in use?
Turning off appliances/electronics when not in use?

Take a minute and think over your safety and security online – it is critical and completely in your hands!!!

Introduction to ASCL Courses

Malaika Naidu
Asian School of Cyber Laws Blog Background
Introduction to ASCL courses

Asian School of Cyber Laws is an organisation that strives to make education easily accessible and efficiently delivered. Our journey began in 1999, even before the Information Technology Act (2000) came into effect. Bringing together the fields of Information Technology and Law, our courses are carefully crafted to serve members of the legal fraternity as well as individuals from other fields such as business, banking, law enforcement, CA, CS, engineering, marketing and more. Over the last 20 years, we’ve shared our knowledge with over 75,000 students.

In a world where almost all our interactions are digital, and online safety is non-negotiable, people still tend to share ATM pins with others, write down passwords, and leave themselves logged in on computers that are not theirs. Some even continue to use QWERTY as a password!

ASCL has been ceaselessly working towards remedying this and strives to make cyber education as simple to comprehend as 2+2=4.

All our courses are for a duration of 6-months with digital course material and online examinations. Here’s a brief overview:

Diploma in Cyber Law (DCL)
An introduction to the field of cyber law, DCL covers the basics that everyone must know about the laws that govern cyber space. The course will help you navigate real situations like leaked photos, credit card fraud, hacked emails or social media accounts, and other such real cyber issues. The syllabus covers the fundamentals of cyber law with actual case examples.

Cyber Crime Prosecution and Defence (CCPD)
CCPD will help you navigate the judicial and investigative framework under the Information Technology Act, 2000. This tailor-made course for lawyers and law enforcement officers, covers relevant entities, terms and concepts with cyber-crime case laws and global cyber-crime law all from the perspective of presenting cases in prosecution or defence. An expert level course that requires participants to have at least completed their graduation, it’s also available to law students who have completed 3 years of the integrated 5-year LLb program.

Digital Evidence Specialist (DES)
Digital evidence is becoming increasingly relevant in conventional and unconventional crimes such as murder, adultery, data theft, matrimony scams, cyber stalking, online banking fraud and many more. This is only natural given we use the internet for everything from communication to buying groceries! This course covers the various types of digital evidence and standard operating procedures using case files. It emphasises on the collection and the subsequent production of such evidence in a court of law. Participants need to complete their under-grad to apply for DES. It’s also available to law students who have completed 3 years of the integrated 5 year LLb program.

Internet Investigation Specialist (IIS)
With the rapid growth in cyber-crimes, internet investigators are a growing breed. This course starts from the basics of the internet and the World Wide Web, followed by tools, tips and tricks to conduct digital investigation. From emails to screenshots, browser history to social media activity, including cloud safety and bitcoins – IIS will help you achieve Sherlock’s level of attention to detail and crime solving ability!

There you have it. To start your journey in the cyber world with ASCL, click here! The best part is – we’re constantly looking at feedback to develop fresh courses that could fill gaps in the current system. Soon, we will be offering state of the art courses in Intellectual Property Law too. Stay tuned for more updates!

Cyber Education- the Road Less Known

Cyber Education - the road less known

I’m not a techie, nor a lawyer and yet here I am in a field that takes on both these mammoths. I’ve been here a long time; India’s had her cyber law in place since the year 2000. So, it’s deeply disappointing to see the confusion in students and professionals alike about the various aspects of a cyber education.

Yes, I said cyber education and not just an IT education. So, I’m not only talking about the technology in cyberspace. I’m referring to the other side of the spectrum.

9 out of 10 people today have faced some type of cybercrime. And yet, almost 7 out of those 9 will not know what to do about it.

I thought about cybercrime, you know, as a non-techie and a non-lawyer, and decided to break it down to its foundation stones.

Here, let’s create our first bifurcation. Cybercrime may be divided into 2 parts — Pre-crime and Post-crime

Pre-crime

This is where your crime hasn’t happened yet. So, you are basically hoping for the best and preparing for the worst. This can also be divided further into:

1. Cyber security

In layman’s terms, every step that you take to ensure that your computer hardware, computer software, networks, accounts etc. remain safe from any breach, aka cybercrime, is cyber security. Simple, isn’t it? Well, simple is where this article stays. You want a connoisseur’s break up of the cyber security menu, see: The 9 sides of cyber security

2. Cyber Insurance

The obvious next step in pre-crime schedule. What you may not be able to secure ought to be insured.

Post-crime

This is where your cybercrime worst has happened. Now, hopefully, you aren’t affected too badly. But even if you are, there are divisions to this part that can help you.

1. Cyber Law

This is the law that governs cyberspace and as often as not has jurisdiction beyond your country. So, where do you report a cybercrime. Cyber law tells you the where, how and whom to approach. It also tells you the punishments for various cybercrimes. You know, in case you may be committing one?

2. Cyber Investigation

Here’s where the sleuths step in. Professionals here need to have that investigative streak and need to be armed with the latest tools and techniques of cyber investigation. This is where you get answers to how the cybercrime was committed and with any luck, may just get the criminal. And again, if you want the real dirt on what all an investigator needs to know, see — 25 Skills Essential for a Cyber Crime Investigator

So, you’re a student or professional who has a thought that they want a piece of the humongous cybercrime pie. This article may just have helped you understand where you want to be.

Just be prepared to keep learning to stay abreast in this ever-evolving super-exciting space.

What is cyber law and why do we need it?

What is cyber law and why do we need it?

What is Cyber Law?

In order to arrive at an acceptable definition of the term Cyber Law, we must first understand the meaning of the term law. Simply put, law encompasses the rules of conduct:

  1. that have been approved by the government, and
  2. which are in force over a certain territory, and
  3. which must be obeyed by all persons on that territory. Violation of these rules will lead to government action such as imprisonment or fine or an order to pay compensation.

The term cyber or cyberspace has today come to signify everything related to computers, the Internet, websites, data, emails, networks, software, data storage devices (such as hard disks, USB disks etc) and even Airplanes, ATM machines, Baby monitors, Biometric devices, Bitcoin wallets, Cars, CCTV cameras, Drones, Gaming consoles, Health trackers, Medical devices, Power plants, Self-aiming rifles, Ships, Smart-watches, Smartphones & more.

Thus a simplified definition of cyber law is that it is the “law governing cyber space”.

The issues addressed by cyber law include cyber crime, electronic commerce

1. Cyber crime

An interesting definition of cyber crime was provided in the “Computer Crime: Criminal Justice Resource Manual” published in 1989. According to this manual, cyber crime covered the following:

  1. computer crime i.e. any violation of specific laws that relate to computer crime,
  2. computer related crime i.e. violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution,
  3. computer abuse i.e. intentional acts that may or may not be specifically prohibited by criminal statutes. Any intentional act involving knowledge of computer use or technology is computer abuse if one or more perpetrators made or could have made gain and / or one or more victims suffered or could have suffered loss.

2. Electronic commerce

The term electronic commerce or E-commerce is used to refer to electronic data used in commercial transactions. Electronic commerce laws usually address issues of data authentication by electronic and/or digital signatures.

3. Intellectual Property in as much as it applies to cyberspace

This encompasses:

  1. copyright law in relation to computer software, computer source code, websites, cell phone content etc;
  2. software and source code licenses;
  3. trademark law with relation to domain names, meta tags, mirroring, framing, linking etc.;
  4. semiconductor law which relates to the protection of semiconductor integrated circuits design and layouts;
  5. patent law in relation to computer hardware and software.

4. Data protection & privacy

Data protection and privacy laws address legal issues arising in the collecting, storing and transmitting sensitive personal data by data controllers such as banks, hospitals, email service providers etc.

The Need for Cyber Law

The first question that a student of cyber law will ask is whether there is a need for a separate field of law to cover cyberspace. Isn’t conventional law adequate to cover cyberspace?

Let us consider cases where so-called conventional crimes are carried out using computers or the Internet as a tool. Consider cases of spread of pornographic material, criminal threats delivered via email, websites that defame someone or spread racial hatred etc. In all these cases, the computer is merely incidental to the crime. Distributing pamphlets promoting racial enmity is in essence similar to putting up a website promoting such ill feelings.

Of course, it can be argued that when technology is used to commit such crimes, the effect and spread of the crime increases enormously. Printing and distributing pamphlets even in one locality is a time consuming and expensive task while putting up a globally accessible website is very easy.

In such cases, it can be argued that conventional law can handle cyber cases. The Government can simply impose a stricter liability (by way of imprisonment and fines) if the crime is committed using certain specified technologies. A simplified example would be stating that spreading pornography by electronic means should be punished more severely than spreading pornography by conventional means[1].

As long as we are dealing with such issues, conventional law would be adequate. The challenges emerge when we deal with more complex issues such as ‘theft’ of data. Under conventional law, theft relates to “movable property being taken out of the possession of someone”.

The General Clauses Act defines movable property as “property of every description, except immovable property”. The same law defines immovable property as “land, benefits to arise out of land, and things attached to the earth, or permanently fastened to anything attached to the earth”. Using these definitions, we can say that the computer is movable property.

Let us examine how such a law would apply to a scenario where data is ‘stolen’. Consider my personal computer on which I have stored some information. Let us presume that some unauthorized person picks up my computer and takes it away without my permission. Has he committed theft? The elements to consider are whether some movable property has been taken out of the possession of someone. The computer is movable property and I am the legal owner entitled to possess it. The thief has dishonestly taken this movable property out of my possession. It is theft.

Now consider that some unauthorized person simply copies the data from my computer onto his pen drive. Would this be theft? Presuming that the intangible data is movable property, the concept of theft would still not apply as the possession of the data has not been taken from me. I still have the ‘original’ data on the computer under my control. The ‘thief’ simply has a ‘copy’ of that data. In the digital world, the copy and the original are indistinguishable in almost every case.

Consider another illustration on the issue of ‘possession’ of data. I use the email account rohasnagpal@gmail.com for personal communication. Naturally, a lot of emails, images, documents etc are sent and received by me using this account. The first question is, who ‘possesses’ this email account? Is it me because I have the username and password needed to ‘login’ and view the emails? Or it is Google Inc because the emails are stored on their computers?

Another question would arise if some unauthorized person obtains my password. Can it be said that now that person is also in possession of my emails because he has the password to ‘login’ and view the emails?

Another legal challenge emerges because of the ‘mobility’ of data. Let us consider an example of international trade in the conventional world. Sameer purchases steel from a factory in China uses the steel to manufacture nails in a factory in India and then sells the nails to a trader in the USA. The various Governments can easily regulate and impose taxes at various stages of this business process.

Now consider that Sameer has shifted to an ‘online’ business. He sits in his house in Pune (India) and uses his computer to create pirated versions of expensive software. He then sells this pirated software through a website (hosted on a server located in Russia). People from all over the world can visit Sameer’s website and purchase the pirated software. Sameer collects the money using a PayPal account that is linked to his bank account in a tax haven country like the Cayman Islands.

It would be extremely difficult for any Government to trace Sameer’s activities.

It is for these and other complexities that conventional law is unfit to handle issues relating to cyberspace. This brings in the need for a separate branch of law to tackle cyberspace.

#1 Reason to Leave your Driver's License at Home

Leave your driver's license home

No, it's not so that you don't have to give up the original license the next time the traffic policeman on the corner asks you for it.

The next time you're asked to show your driver's license and your vehicle registration papers, you don't need to show the physical copy. Just show the digital copies stored in the DigiLocker mobile app on your phone! The Government of India allows it.

And, if you don't have the DigiLocker app, just head on over to https://digilocker.gov.in/public/register and you can just register with your Aadhar number!

19 ways in which Cyber Law affects your world

Diploma in Cyber Law - Asian School of Cyber Laws & Govt. Law College, Mumbai
Cyber Law and your world

CYBER LAW...Ominous as that sounds, even right now you're probably saying to yourself, "How does that affect me? I'm no criminal!" Right? So, here's a quick rundown of how cyber law affects your world; the ordinary, day-to-day things you do.

  1. Your sensitive personal information stored by the Aadhar computers and even your doctor, bank and insurance company.
  2. The millions of cyber attacks targeting you, your company and your country.
  3. E-mails, SMS and whatsapp messages you send and receive.
  4. Mobile wallets, online banking and other electronic payment systems you use.
  5. Music, movies and software you download from the Internet.
  6. E-commerce apps and sites you use for online shopping.
  7. Smartphones, WiFi, 3D printing and wearable technology you use.
  8. Online tax filing and share trading you do.
  9. Social networks and rating & review platforms you use.
  10. Your right to be forgotten by search engines and social networks.
  11. E-tenders, E-courts, E-governance, Electronic contracts.
  12. Digital Evidence that relates to cases from divorce to ransomware.
  13. Open source technologies and software licensing issues.
  14. The regulatory filing that companies do.
  15. Standards for security and incident response that companies use.
  16. Information Technology Law Compliance that is essential for companies.
  17. Stock images, photos, videos and audio.
  18. Torrent, p2p and file-sharing platforms.
  19. Internet of Things.

So, there you go. Just a few things affected by cyber law.

Interested? If you want to know some more, you can always take a look at our Diploma in Cyber Law program.

The Net Neutrality regulations & what they mean for you

While the proponents of "Net Neutrality" bring out their expensive champagne and caviar, yesterday's Telecom Regulatory Authority of India (TRAI) regulations actually make it very easy and cheap for service providers to kick net neutrality into oblivion.

Before we get into that, let's take a quick background check. A 24-year-old security guard in my building used to load his smart-phone with a super cheap data pack for WhatsApp and Facebook. And he was able to meet all his communication needs virtually free. Long chats with his family, living hundreds of miles away, helped him keep his sanity despite a 12 to 16 hour daily shift.

Then a bunch of people decided that this was somehow a bad thing. They huffed and puffed and tried convincing the world that differential pricing of internet data packs was a bad idea.

We live in a world where there is differential pricing everywhere— from electricity bills (residential units are charged at a lower rate that commercial premises) to LPG gas and highway tolls to income tax (the rich pay tax at a higher rate than the poor, and most farmers don't pay tax at all).

Keeping with that logic, differential pricing of internet packs shouldn't have been an issue. But net neutrality means that service providers cannot charge different prices based on the content you download. So irrespective of which website or apps you use, your charges would be at the same rate.

In December 2015, the TRAI invited comments on whether service providers should be allowed to have "differential pricing for data usage for accessing different websites, applications or platforms".

Based on the responses and discussion, the TRAI passed the Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016 which says that:

"No service provider shall offer or charge discriminatory tariffs for data services on the basis of content".

This means no more schemes like "1 Gb 3G night data packs 12AM to 6AM @ just Rs. 49". On the face of it, this also means the end of Free Basics and Airtel Zero. Now, if you are a budget conscious college student who primarily needs WhatsApp and Facebook (and maybe a little Wikipedia), this sounds like really bad news.

But don't worry - there are a bunch of awesome loopholes in this new law.

Firstly, the fine for violating this law is just Rs 50,000 per day of contravention, subject to a maximum of Rs 50 lakh. Let's take an example of a service provider and a social media site that partner to break this law for a two-year period. They would be liable to pay a total fine of Rs 50 lakh over this two year period - that's Rs. 6,849 a day. Presuming they have 1 crore customers between them (that's less than 1 per cent of India's population), the fine boils down to less than 0.0007 rupees per customer per day! So service providers can consider this a minuscule tax and go right ahead with differential pricing and super cheap data packs.

Secondly, a "service provider may reduce tariff for accessing or providing emergency services, or at times of grave public emergency". An example: in the midst of the recent Paris attacks, Google offered free international calls, to France, over the Google Hangouts Dialer.

Let's take a hypothetical situation - a service provider feels that the spread of the Zika virus is alarming enough to be considered "grave public emergency". So it launches a service, which gives users a health safety tip every day through a WhatsApp message. To receive this tip, users can sign up for a very cheap (or free) data pack, which provides access only to WhatsApp.

Interestingly, these regulations do not apply to tariffs for data services over"closed electronic communications networks" - which is defined as a communications network where data is neither received nor transmitted over the internet.

And, by the way, currently valid data packs, plans or vouchers must be consumed within the next six months.

The next few months will make it clear whether these regulations kill net neutrality or nurture it.

Rohas Nagpal is the co-founder, Asian School of Cyber Laws. The opinions expressed in this article are the author's own and do not reflect the view of Asian School of Cyber Laws.

Read this at my column for the Mumbai Mirror.

Text of the Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016

26 crazy Facebook crimes

26 crazy Facebook crimes

You can love Facebook or you can hate it. But you can't ignore it. And nothing proves it better than these crazy Facebook crimes.

  1. Dylan Osborn was sentenced to 10 days of imprisonment for sending a Facebook "friend request" to his wife, who had previously obtained a restraining order against him. (USA, 2007)

  2. Fouad Mourtada, a 26-year-old engineer was arrested and later jailed in Morocco for posing as the king's younger brother on Facebook, the state news agency said. The charge against him was of "villainous practices linked to the alleged theft of the identity" of Prince Moulay Rachid. (Morocco, February, 2008)

  3. Two Americans (Vanessa Palm and Alexander Rust) holidaying in the Bahamas, were arrested after posting pictures of themselves eating iguanas. Iguanas are protected under the Convention on International Trade in Endangered Species of Wild Fauna and Flora. (Bahamas, 2009)

  4. Adam Mann murdered his ex-wife, Lisa Beverley because she taunted him on Facebook by calling him "a joke". (USA, 2009)

  5. Jonathan G. Parker, a burglar, broke into someone's house and then logged in to his Facebook account using the victim’s computer. The police were able to trace him because he forgot to log out! (USA, 2009)

  6. A student was fined under Canadian underage drinking laws when he posted photos of himself, holding a beer, on facebook. (Canada, November 2009)

  7. Brian Lewis killed his wife, Hayley Jones after she changed her Facebook profile from "married" to "single". (USA, 2009)

  8. Corey Christian Adams, a 19-year-old, tried to use Facebook to hire a contract killer to murder a girl who had accused him of rape. Amongst other things, he was jailed for criminal solicitation of murder. Some of the posts said "I got 500 on a girls head who wants that bread?", "Hit me up anyway possible", "needed this girl knocked off right now." (USA, 2010)

  9. Paul Bristol murdered his girl-friend Camille Mathurasingh after she posted a photo, on her Facebook page, with another man. (USA, 2010)

  10. Farah NurArafah, an 18-year-old, was given a 75-day suspended jail sentence for calling her friend a “promiscuous, overweight pig” on Facebook. (Indonesia, February 2010)

  11. Ahmad Shuman was arrested for creating a Facebook page criticizing Lebanese President Michel Sleiman. (Beirut, July 2010).

  12. Ms Phoebe Prince, a school student committed suicide due to excessive cyberbullying that went on for months. She had been receiving abusive text messages and was being harassed on her Facebook wall. (Massachusetts, USA, 2010)

  13. Vikas Mavhudzi was arrested for “subverting a constitutional government” when he posted a facebook message in support of the protests in Egypt. (Zimbabwe, April 2011)

  14. Mark Musarella, a medical technician posted on Facebook, the photograph of the corpse of a strangled victim at a crime scene, while on duty. He was fired from his job, sentenced with 200 hours of community service and banned from ever becoming an emergency medical technician again. (New York, USA 2011)

  15. Ambikesh Mahapatra, a Chemistry professor at Jadavpur University, was arrested for forwarding a cartoon featuring the West Bengal CM MamataBanerjee. (April 2012, India)

  16. Two Air India cabin crew members were arrested and jailed for 12 days for posting “derogatory” remarks against the Prime Minister’s Office, the national flag and the Supreme Court, while commenting on a strike by Air India pilots. (India, May 2012).

  17. Carl Bielby was jailed for 22 months for setting up fake Facebook profiles to "groom" and target pre-teen girls. He sent several indecent messages to these girls. When he was arrested, the police recovered indecent videos, of a young girl, from his mobile phone (UK, October 2012)

  18. Ceri Shipman was jailed for creating and using fake Facebook accounts. These fake accounts were created in the names of two women who had been raped by her boyfriend, Jason Savage. She created these accounts to send false messages to herself. The messages claimed that the victims had made false allegations about the rape. (UK, March 2013)

  19. Jaya Vindyala, a lawyer and president of the Andhra Pradesh unit of People's Union for Civil Liberties, was arrested for her comments against A Krishnamohan, a Congress MLA from Chirala in Prakasam district. Ms Vindyala had accused the MLA of being involved in child trafficking, ganja mafia, sand mafia and land mafia. (Hyderabad, India, May 2013)

  20. Atul Mehta, a property dealer, was arrested for circulating jokes on Sikhs. He was booked for "hurting religious sentiments" and for sending "offensive electronic messages". (Amritsar, India, September, 2013)

  21. A 16-year-old girl allegedly murdered her best friend by stabbing her in the back 65 times after she was outraged over a Facebook dispute. Erandy Elizabeth Gutierrez was furious after she came to know that her friend Anel Baez had uploaded nude pictures of the duo on the social networking site. (April 2014, UK)

  22. Yogesh Kumar was arrested for publishing photos on Facebook, which were religiously offensive, with an account with a different name than his own. He was charged with ‘misrepresentation and sending offensive messages through communication devices’. (Rajasthan, India. June 23rd 2014)

  23. Rajeesh Kumar, a local politician was arrested for posting offensive photos on Facebook, of Prime Minister of India, Mr. Narendra Modi. He was charged with ‘sending offensive messages through communication devices and sending obscene material through communication devices’. (Kollam, India, 6th Aug 2014)

  24. A youth was entenced to 3 years in prison and was levied with a fine of Rs. 20,000 for posting obscene and defamatory pictures of a woman on Facebook. He was punished for ‘publishing obscene material on electronic media’. (Bhopal, India, Apr 29th 2014)

  25. A 22 year old girl was arrested for creating 8 fake profiles on Facebook for posting sexually explicit pictures of other girls. She was held for ‘misrepresntation and publishing obscene material on electronic meia’ (Cyber Cell Goa, India, Sep 26h 2014)

  26. A 27-year old mechanic is facing a 32 year jail term for 'liking' a morphed image, of Thailand's king, on Facebook. The mechanic has confessed to charges of sedition, lese majeste and computer crimes. (Thailand, Dec 12th 2015)

Advisory on regulation of social media sites / apps

The usage of social media sites / apps for personal and business communications is growing by leaps and bounds. This has also led to the misuse of these sites / apps for unlawful activities.

Consequently, in many cases, the law enforcement agencies require digital evidence from these sites / apps.

The Cyber Task Force constituted by the Asian School of Cyber Laws is preparing an "Advisory on regulation of social media sites and apps".

The following steps are being taken for the preparation of this advisory:

Step 1: Taking feedback from the law enforcement community relating to their experience in obtaining evidence from social media sites and apps. (Click here to take the survey)

Step 2: Taking feedback from the relevant officials of the major social media sites and apps.

Step 3: Preparing and submitting an advisory to the relevant Government departments at the Central and State levels.