Computers Today..

Home

October, 2001                                                                               THE NET 


Computers Today, October, 2001

Master File
Edit Disk
Country Buzz
Front End
Chief Guest
Telecom
The Net
Managing IT
Networking
Marvels
Essentials
Tech Trends
Read Right
Columns
Circuit

Search

Previous Issue

Computers Today, September, 2001

CHANNELS

Politics
Business
The Arts
People
About Us
What's New


A Web Of Deceit

Transactions over the Net rely on confidence. But what happens when your personal and financial details get stolen? What are legal remedies to cyber fraud?

By Rodney D. Ryder

In every culture and in every period of time, both private arrangements as well as governmental interventions have attempted to reduce conflicts arising out of business transactions. The economic world of cyberspace is no different. Trade depends on confidence; confidence on the part of buyers that goods/services will conform to legitimate expectations, and confidence on the part of sellers that payment will be prompt and complete. Such confidence, in the interests of all parties concerned, is fostered by industry self-regulation that reflects an honest attempt to identify and resolve potential conflicts before they arise. As e-commerce is increasingly becoming an important segment of the global economy, new forms of regulations are being actively explored. They include voluntary codes of conduct, provision of private arbitration for resolution of disputes, escrow accounts and agreements between buyers, sellers and credit card companies.

Dubious designs
Three common ways to defraud people:
» Online investment newsletters: While legitimate online newsletters can help investors gather valuable information, most are nothing but a means to cheat people.
» Online bulletin boards: Newsgroups, Usenet or Web-based bulletin boards typically feature 'threads' made up of numerous messages on various (generally dubious) investment opportunities.
» E-mail spam: Fraudsters use it to lure investors into bogus investment scheme/s or to spread false information about a company.

Fraud in cyberspace

Criminals have used cyberspace to target credit card as well as personal and financial information for perpetrating fraud. Sale of such information to counterfeiters of credit cards has proved to be extremely profitable. No longer do fraudsters need to break banks or steal credit cards. Counterfeiters using specialised computer hardware and software programs can encode falsified information on magnetic strips of credit cards. Also, sale of these information to create false travel documents has become a lucrative business.

Fraudulent activity has also extended to the Net in the form of fake franchise offerings. In April 1997, the Federal Trade Commission and the North American Securities Administrators Association, both involved in investigating fraud on the Internet, sent notices to over 200 Web sites, asking them to substantiate their earnings' claims.

Classifying fraud on the Internet

Internet fraud is a white-collar crime whose growth has been as rapid and diverse as the growth of the Internet itself. The term 'Internet fraud' may be broadly defined as any fraud committed through or with the aid of computer programming or Internet-related communication, such as through Web sites, e-mails and chat rooms. According to an American consumer organisation, Internet Fraud Watch, the number of consumer complaints it receives about Internet frauds has risen dramatically in the recent years.

The types of Internet frauds extend well beyond securities-based transactions to situations such as investment and business opportunities, online auctions, sale of Internet-related products and services, and credit. In fact, the diversity of areas in which the Internet is being used to defraud people and organisation is astounding. (For a list of scams on the Internet visit www.advocacy-net.com/scammks.htm.)

The Net allows firms to communicate with a large audience without spending much time, effort or money. Anyone can reach tens of thousands of people by creating a Web site, posting a message on an online bulletin board, by entering into a discussion in a live 'chat' room, or sending mass e-mails (spams). It is increasingly becoming impossible for people accessing information on the Net to tell the difference between fact and fiction.

Most of the scams and frauds utilising resources and opportunities presented by the Internet relate to investments. They may be classified broadly into following categories:

Online investment newsletters: Hundreds of online investment newsletters have appeared on the Net in recent past. Many offer investors seemingly unbiased information/advice about firms or 'stock picks of the month' free of charge. While legitimate online newsletters can help investors gather valuable information, some online newsletters are nothing but a means to cheat people.

Online bulletin boards: Newsgroups, Usenet or Web-based bulletin boards have become popular forums for investors to share information. They typically feature 'threads' made up of numerous messages on various investment opportunities.

E-mail spam: Junk e-mail is cheap and easy to create. Fraudsters increasingly use it to lure investors into bogus investment scheme/s or to spread false information about a company. Through spam, they target potential investors using a bulk e-mail program.

Indian law

The term 'fraud' has not been defined in the Indian Penal Code (IPC). Nevertheless, Section 25 of the IPC does attempt to define the word 'fraudulently' by saying that there can be no fraud unless there is an intention to defraud. In general, fraud is committed in three different ways:

  • To deprive a person of his/her right/s, either by obtaining something by deception or by taking something wrongfully without the knowledge or consent of the owner;
  • To withhold wrongfully from another what is due to him/her, or to wrongfully prevent a person from obtaining what he/she may claim first, and;
  • To defeat or frustrate wrongfully another person's right to property.
  • Whenever the words 'fraud', 'intent to defraud' and 'fraudulently' occur in the definition of a crime under the IPC, two elements are essential to the commission of that crime:
  • Deceit or an intention to deceive, and;
  • Either actual injury or possible injury or an intent to expose some person to actual or possible injury.

The main intent of a fraudulent person is, in almost every case, his/her own advantage. A conclusive test to the fraudulent character of a deception for criminal purpose is whether the author of the deceit derived any advantage from it which he would not have had if the truth had been known.

This definition of fraud encompasses scams on the Net. Sections relating to cheating (415 to 420), such as cheating by impersonation (Section 416) and cheating with knowledge that wrongful loss may ensue to a person whose interest the offender is bound to protect (Section 418) may be applied according to the facts of a case.

Getting physical
The relevance of physical location jurisdiction in cyberspace
The Brussels Convention permits domiciliaries of contracting states to be sued in courts of another contracting state where the contractual obligation is to be performed. As long as such an act occurred within the state's boundaries, its assertion of personal and prescriptive jurisdiction is proper. But the place of such occurrences remains relevant with regard to activities in "real" space .

Of course, not all assertions of jurisdiction are based on this kind of conduct-based inquiry. For example, states continue to assert jurisdiction over their citizens with respect to claims that arise outside of the state and to regulate conduct that occurs elsewhere, which is intended to and does cause substantial effects on the state. Nonetheless, a concern with where relevant acts took place is central to many decisions.

Technology, however, reduces and sometimes eliminates the need for physical contact in the creation of legally significant relationships between parties or between an actor and the state acting as regulator. The legal system must then decide what relationship is necessary between the forum and either the conduct occurring outside the forum or the parties.

It is the alliance between a party and a forum; not necessarily a physical connection between the forum and the conduct of that party that is critical. If the remote party (that is, the party never physically in the forum) knows that the proximate party is in (or is a habitual resident of) the forum when the remote party interacts with the proximate party, the remote party has created a tie between itself and the forum state.

It is the remote-party/forum relationship at the time of interaction, not at the time process is served, that matters.

Jurisdiction over cyber fraud

Some provisions of the IT Act are likely to lead to litigation. For example, Section 74 states that the Act will apply to an offence or contravention committed outside India by any person irrespective of his/her nationality, if the act or conduct constituting the offence or contravention involves a computer, computer system or computer network in India. A computer is only a medium for communication. The use of a computer is not materially different from the use of a telephone or an automobile in the commission of a crime unless the computer has been programmed for automatic action by its owner. It won't be easy to acquire jurisdiction over a person who is not an Indian citizen and the scene of the crime is outside India even though a computer or a computer system in India has been utilised in some way or the other in connection with the crime.

Nevertheless, the Act entails that an overseas-based hacker who damages software/hardware in India can be brought to book.

Possible solutions

How should we analyse "markets" for fraud and consumer protection purposes in case of companies that do business only through the Web?

Cyberspace could be treated as a distinct marketplace for purposes of assessing concentration and market power. Concentration in geographic markets would only be relevant in rare cases in which such market power could be inappropriately leveraged to obtain power in online markets, for example, by conditioning access to the Net by local citizens on their buying services from the same firm (such as a phone firm) online. Claims regarding a right to access particular online services as distinct from claims to access particular physical pipelines would remain tenuous as long as it is possible to create a new online service instantly in any corner of an expanding online space.

Consumer protection doctrines could also be developed online-to take into account the fact that anyone reading an online ad is only a mouse click away from receiving guidance from consumer protection agencies. Nevertheless, that does not mean that fraud might not be made "illegal" in at least large areas of cyberspace. Those who establish and use online systems have an interest in preserving the safety of their electronic territory and preventing crime. They are more likely to enforce their own rules. A "law of the Net" based on consensus needs to obtain deference from local sovereigns. Also, new Net-based law-making institutions have an incentive to avoid fostering activities threatening interests of territorial governments.

Rodney D. Ryder, Advocate, Supreme Court of India, is a consultant on trade and technology laws. E-mail: rd.ryder@vsnl.net

 

India Today Group Online

Top

Issue Contents    Write to us    Subscriptions    Syndication

INDIA TODAY | BUSINESS TODAY | INDIA TODAY PLUS
 TEENS TODAY | THE NEWSPAPER TODAY | MUSIC TODAY | ART TODAY
 SYNDICATIONS TODAY | CARE TODAY

© Living Media India Ltd

 Back Forward