INFORMATION TECHNOLOGY LAW

"CYBER LAW"
ASSIGNMENT

ON

TOPIC-"NEED OF REGULATIONS FOR CYBER CAFE"

SUBMITTED TO, SUBMITTED BY,

SIR ADITYA ROY SANDEEP KUMAR

(FACULTY OF LAW) 14/ILB/029

 (CYBER LAW) ( VTH YEAR LAW)

INTRODUCTION
Cyber law or Internet law is a term that encapsulates the legal issues related to use of
the Internet. It is less a distinct field of law than intellectual property or contract law, as
it is a domain covering many areas of law and regulation. Some leading topics include
internet access and usage, privacy, freedom of expression, and jurisdiction”.

Cyberlaw is vital because it touches almost all aspects of transactions and behavior on
and concerning the Internet, the World Wide Web and Cyberspace. Primarily it may
seem that Cyberlaws is a very technical field and that it does not have any attitude to
most activities in Cyberspace. But the actual fact is that nothing could be further than
the truth. Whether we realise it or not, every work and every reaction in Cyberspace has
some legal and Cyber legal perspectives.

India introduced the law recently and every law needs some time to mature and grow. It
was understood that over a period of occasion it will produce and further amendments
will be bring to make it well-matched with the International standards. It is significant to
realize that we need “qualitative law” and not “quantitative laws”.

Such crimes may threaten a nation’s security and financial health. Issues surrounding
this type of crime has become high-profile, mainly those surrounding cracking, copyright
infringement. There are problems of privacy when private information is lost or
intercepted, lawfully or otherwise.

Cyber crimes can involve criminal activities that are traditional in nature, such as fraud,
forgery, theft, mischief and defamation all of which are subject to the Indian Penal Code.
The abuse of computers has also given birth to a range of new age crimes that are
addressed by the Information Technology Act, 2000.

WHAT IS CYBER CAFE?

"Cyber Cafe" means cyber cafe as defined in clause (na) of sub-section (1) of section 2of
the Act;

IN SIMPLE WORD,
Cyber cafe is a place Often a roadside business place where customers can surf the
internet on payment of a time based fee.

WHY WE NEED OF REGULATION FOR CYBER CAFE?

To protect the people,business and other important aspects of life on internet world
wide to provide some basic protection from some potential harms or risks over internet
caused by hackers or any other unauthorised person or company.

In our country there is rules and regulation enshrined in Information technology act,
2011 (guidelines for cyber cafe).

this act states as follows:-

1) Agency for registeration of cyber cafe- All cyber cafes shall be registered with a
unique registration number with an agency called as registration agency as notified by
the Appropriate Government in this regard. The broad terms of registration shall
include:

(i) name of establishment;

(ii) address with contact details including email address;

(iii) whether individual or partnership or sole properitership or society or company;

(iv) date of incorporation;

(v) name of owner/partner/properiter/director;

(vi) whether registered or not (if yes, copy of registration with Registrar of Firms or
Registrar of Companies or Societies); and

(vii) type of service to be provided from cyber cafe.

Registration of cyber cafe may be followed up with a physical visit by an officer from the
registration agency.

(2) The details of registration of cyber cafe shall be published on the website of the
registration agency.

(3) The Appropriate Government shall make an endeavour to set up on-line registration
facility to enable cyber cafe to register on-line.

(4) The detailed process of registration to be mandatorily followed by each Registration

Agency notified by the Appropriate Government shall be separately notified under these
rules by the central Government.

2) Identification of User- The Cyber Cafe shall not allow any user to use its computer
resource without the identity of the user being established. The intending user may
establish his identify by producing a document which shall identify the users to the
satisfaction of the Cyber Cafe. Such document may include any of the following :-

(i) Identity card issued by any School or College; or

(ii) Photo Credit Card or debit card issued by a Bank or Post Office; or

(iii) Passport; or

(iv) Voter Identity Card; or

(v) Permanent Account Number (PAN) card issued by Income-Tax Authority; or

(vi) Photo Identity Card issued by the employer or any Government Agency; or

(vi) Driving License issued by the Appropriate Government; or

(vii) Unique Identification (UID) Number issued by the Unique Identification Authority of
India (UIDAI).

(2) The Cyber Cafe shall keep a record of the user identification document by either
storing a photocopy or a scanned copy of the document duly authenticated by the user
and authorised representative of cyber cafe. Such record shall be securely maintained
for a period of at least one year.

(3) In addition to the identity established by an user under sub-rule (1), he may be
photographed by the Cyber Cafe using a web camera installed on one of the computers
in the Cyber Cafe for establishing the identity of the user. Such web camera
photographs, duly authenticated by the user and authorised representative of cyber
cafe, shall be part of the log register which may be maintained in physical or electronic
form.

(4) A minor without photo Identity card shall be accompanied by an adult with any of
the documents as required under sub-rule (1).

(5) A person accompanying a user shall be allowed to enter cyber cafe after he has
established his identity by producing a document listed in sub-rule(1) and record of
same shall be kept in accordance with sub-rule (2).

(6) The Cyber cafe shall immediately report to the concerned police, if they have
reasonable doubt or suspicion regarding any user.

3) Log Register.-After the identity of the user and any person accompanied with him ha
been established as per sub-rule (1) of rule 4, the Cyber Cafe shall record and maintain
the required information of each user as well as accompanying person, if any, in the log
register for a minimum period of one year.

(2) The Cyber Cafe may maintain an online version of the log register. Such online version
of log register shall be authenticated by using digital or electronic signature. The log
register shall contain at least the following details of the user, namely : —

(ii) Name

(iii) Address

(iv) Gender

(v) Contact Number

(vi) Type and detail of identification document

(vii) Date

(vii) Computer terminal identification

(viii) Log in Time

(ix) Log out Time

(3) Cyber Cafe shall prepare a monthly report of the log register showing date- wise
details on the usage of the computer resource and submit a hard and soft copy of the
same to the person or agency as directed by the registration agency by the 5th day of
next month.

(4) The cyber cafe owner shall be responsible for storing and maintaining backups of
following log records for each access or login by any user of its computer resource for a t
l e a s t one year:—

(i) History of websites accessed using computer resource al cyber cafe;

(ii) Logs of proxy server installed at cyber cafe.

Cyber Cafe may refer to "Guidelines for auditing and logging - CISG-2008-01" prepared
and updated from time to time by Indian Computer Emergency Response Team (CERT-ln)
for any assistance related to logs. This document is available at www.cert-in.org.in
(5) Cyber cafe shall ensure that log register is not altered and maintained in a secure
manner for a period of at least one year.

4) Management of Physical Layout and computer resource.- Partitions of Cubicles built

or installed if any, inside the Cyber Cafe, shall not exceed four and half feet in height
from the floor level.

(2) The screen of all computers installed other than in Partitions or Cubicles shall face
'outward', i.e. they shall face the common open space of the Cyber Cafe.

(3) Any Cyber Cafe having cubicles or partitions shall not allow minors to use any
computer resource in cubicles or partitions except when they are accompanied by their
guardians or parents.

(4) All time clocks of the computer systems and servers installed in the Cyber Cafe
shallbe synchronised with the Indian Standard Time.

(5) All the computers in the cyber cafe may be equipped with the commercially available
safety or filtering software so as to avoid as far as possible, access to the websites
relating to pornography including child pornography or obscene information.

(6) Cyber Cafe shall take sufficient precautions to ensure that their computer resource
are not utilised for any illegal activity.

(7) Cyber Cafe shall display a board, clearly visible to the users, prohibiting them from
viewing pornographic sites as well as copying or downloading information which is
prohibited under the law.

(8) Cyber Cafe shall incorporate reasonable preventive measures to disallow the user
from tampering with the computer system settings.

(9) Cyber cafe shall maintain the user identity information and the log register in a
secure manner.

(10) Cyber cafe shall also maintain a record of its stafr for a period of one year

(11) Cyber cafe shall not misuse or alter the information in the log register.

5) Inspection of Cyber Cafe.- An officer autnorised by the registration agency, is

authorised to check or inspect cyber cafe and the computer resource of network
established therein, at any time for the compliance of these rules. The cyber cafe owner
shall provide every related document, registers and any necessary information to the
inspecting officer on demand.
Conclusions
Ø The majority of Owners are graduates and few of them have completed post
graduation degree but computer literacy is less. It is seen that very less number of
Owners have computer background. Many problems are faced by Owners while running
the Cyber Cafe. Cyber Cafe has Broad Band connection and it is observed by the
researcher that most of the non-registered Cyber Cafe has Wi-Fi in there Cafe. Owners
are also aware about various types of Cyber-crime and security techniques
implementation at technical level. At physical level the Owners are not much serious
about cyber security implementation. Owners are aware about Broadband connection
security techniques but not for Broadband Wi-Fi. The Owners follow the Rules and
Regulation for infrastructure and technical details such as log maintenance, use of
antivirus software etc. The owner agreed that audit of Cyber Cafe is not done by
government officials as per rules and regulations aFor better and effective cyber security
Computer professional certification or short term computer courses is done by less
number of Owners and those who have not done computer course make use of practical
experience to operate cafe.

Awareness of the Cyber security Management depends totally on the Cyber Cafe
Owners Education, Computer Background and Internet Literacy Parameter. Cyber Cafe
Owners faces many problems while running the Cyber Cafe. High maintenance cost is
needed to maintain the cafe. Owners feel that Cyber Cafe reputation is hampered
affecting Cyber Cafe business due to the Cyber-crimes taking place through Cyber Cafe.
Owners find lack of assistance and lack of information from government side in case if a
cyber-crime attack takes place. Owners feel that there are lacks of established resources
to know about cyber security updates.

Most of the Owners agree that they do not have sufficient knowledge of cyber security
maintenance. Most of the Owners have Broad Band Internet connection and few of
them have started with Wi-Fi Internet Services. Most of the Owners are aware about
different types of Cyber-crime such as Pornography, Hacking, and Intellectual Property
Crime etc. which help them to prevent Cyber-crime and take necessary action when
required. Cyber Security is mostly maintained at Gateway level and is done by Owners
themselves.

Owners use various techniques to implement cyber security such as installing Antivirus
& Antispyware software, installing UTM device, Installing Firewall, Restricting access to
Control panels, Browser settings and Physical drives etcnd there are problems in it. Most
of the Owners are highly educated and have completed their graduation. Blocking
installation and setup files, Techniques such as Remote client monitoring, Content
Filtering are also done by Owners to maintain cyber security.

Less number of owners make use of Wi-Fi security technique such as Turn off Wireless
Router Manually, change Username and Password of access point, disable auto connect
mode, shutdown access point, place wireless router inside building, disable DHCP
service, use of WPA/WEP/TKIP/WEP2 protocol, store MAC address, filter MAC address
and block anonymous IP address.

Owners are not aware and not serious about physical cyber security and very few of
them maintain physical cyber security such as locking of PC cases, putting alarm sensors,
locking windows and separate server room. Most of the Owners take step to prevent
Cyber-crime as per the guidelines provided by government by displaying posters
indicating Cyber Cafe rules and government rules such as not accessing restricted or
pornographic website.

Majority of the owners are aware about government laid rules and regulations for Cyber
Cafe and follow them in their Cyber Cafe. Owners maintain log registers for visitors along
with log details of web camera, computer access record, history of websites accessed
proxy server logs, mail server logs, network devices logs, firewall logs for maintaining
cyber security and controlling Cyber-crime. As per the government rules Owners strictly
check visitors’ identification proofs such as Driving license, Voter card, and Student ID
card, Photo Credit Card or Debit Card etc. As per the Rule of government most of the
Owners have open cubicles and the partition is not more than 4.5 feet along with this all
machines face outward.

BIBLOGRAPHY

·0 http://www.wipo.int

·1 CyberLaw: The Law of the Internet by johnson Rosenoer

·2 Information Technology Law by Ian J. Lloyd