Computer Crime Research Center

etc/eye2.jpg

Private defence in cyberspace

Date: January 10, 2006
Source: Computer Crime Research Center
By: Praveen Dalal

... of the citizen at all times. Thus, as a measure of public policy and practical convenience, the concept of self-help has been given a moral, equitable and legal sanction. Even under the Code there is an inherent and patent conflict between Section 99 and Section 103. Section 103 is subject to section 99, whereas section 99 itself is subject to Section 99. It is talking about taking recourse of public authorities when the act “does not” reasonably cause the apprehension of death or of grievous hurt. It means that if there is an immediate threat of death or grievous hurt, then recourse to public authorities need not be taken. This is logical and satisfies the tests of common sense, because a person cannot approach the public authorities after his death, which may result due to immediate peril to the life. Similarly, no useful purpose will be served by approaching the public authorities if grievous hurt has already been afflicted. In fact if there is an apprehension of death or grievous hurt, the right to private defence can be exercised even against a public servant who is though acting in good faith under the colour of his office is not strictly justifiable by law. It must be appreciated that no malware can cause any physical injury or apprehension of the same, which may necessitate recourse to public authorities within the meaning of section 99. Thus, it can safely be concluded that recourse to self-help can be taken under section 103 of the Code without approaching public authorities since it does not involve the real and active physical presence of the human agency. This is also in conformity with the basic theme and object of the concept of self-help and the practical requirements of law and its regulation of society.

The application of Section 99 is not, however, completely excluded while exercising the right of private defense under Section 103. It must be noted that section 99 also recognises the principle of proportionality among other things. This means that the proposed harm given by the technological property holder must commensurate with the nature and gravity of the threat. Thus, the harm, if at all it is considered to be so, caused must be reasonable, proportionate and not unduly harsh. The moment it exceeds the limits, which may be deemed to be appropriate by a reasonable person, it will offend the benign objects of section 99, and may become illegal. Thus, to this extent, and in this sense only, Section 103 is subject to section 99. This interpretation satisfies the conflicting interests of private defence of information technology and the proportionate action required to be taken by the person exercising the private defence. This is not the end of this matter. Sections 99 and 103 must be interpreted in the light of Section 105 to make them meaningful. Section 105 of the Code provides that the right of private defence of property commences as soon as a reasonable apprehension of danger to property commences. There is a possibility that a particular malware may not give rise to such apprehension at all because of its programming and operational specifications. In such a case, the owner of the information technology comes to its knowledge when the damage has already been done. In such a situation no useful purpose will be served by approaching the public authorities, as they cannot undo what has already been done. To avoid such an eventuality, it is advisable to adopt precautionary technological measures, since precaution is always better than the cumbersome and expensive cure. As a concluding argument it may be pointed out that, by virtue of Section 40 of the Code, the right of private defence is allowed against offences committed under the “special laws” as well. In India the Information Technology Act, 2000 (ITA) is a special law applicable to matters pertaining to information technology. Thus, the provisions pf private defence will also take their colour from it. In case there is a conflict between the provisions of the Code and the ITA, the latter will prevail. Fortunately, there is no conflict between the provisions of the Code and ITA, hence the interpretation given to the sections, as mentioned above, together with a purposive interpretation of the provisions of the ITA would be sufficient to take care of the principles governing private defence of technological property, including the Intellectual property Rights stored in it.


IV. Conclusion

The problems associated with the use of malware are not peculiar to any particular country as the menace is global in nature. The countries all over the world are facing this problem and are trying their level best to eliminate this problem. The problem, however, cannot be effectively curbed unless popular public support and a vigilant judiciary back it. The legislature cannot enact a law against the general public opinion of the nation at large. Thus, first a public support has to be obtained not only at the national level but at the international level as well. The people all over the world are not against the enactment of statutes curbing the use of malware, but they are conscious about their legitimate rights. Thus, the law to be enacted by the legislature must take care of public interest on a priority basis. This can be achieved if a suitable technology is supported by an apt legislation, which can exclusively take care of the menace created by the computers sending the malware. Thus, the self-help measures recognised by the legislature should not be disproportionate and excessive than the threat received by the malware. Further, while using such self-help measures the property and rights of the general public should not be affected. It would also not be unreasonable to demand that such self-help measures should not themselves commit any illegal act or omission. Thus, a self-help measure should not be such as may destroy or steal the data or secret information stored in the computer of the person sending the malware. It must be noted that two wrongs cannot make a thing right. Thus, a demarcating line between self-help and taking law in one’s own hand must be drawn. In the ultimate analysis we must not forget that self-help measures are “watchdogs and not blood-hounds”, and their purpose should be restricted to legitimate and proportionate defensive actions only. In India, fortunately, we have a sound legal base for dealing with malware and the public at large has no problem in supporting the self-help measures to combat cyber terrorism and malware. If still there remains any doubt or objection, then it will be sufficient to mention that only a computer can react fast enough to take care of the menace of malware and the traditional methods of law enforcement are helpless in this regard. The problems of lack of harmonisation, doubt regarding jurisdiction, lack of a uniform extradition law between various countries of the world, etc can be solved only by using a legitimate, proportionate and reasonable mechanism of self-help, which is not only instant but also free from technicalities and formalities .

List of reference

1. The Times of India (Delhi Times); “Net gain for e-crime”, D/ 20-09-04, P-5.
2. The use of worms, viruses, etc is collectively referred to as malware.
3. Praveen Dalal, “Preventing violations by aggressive defense” (Under publication).
4. The expression “includes,” means that an inclusive, and not exhaustive, option is given by the legislature to meet the future challenges. If the expression “means” is used, then it signifies that the subject matter is exhaustive in nature.
5. The concept of cyber space signifies that the act or omission occurred due to the use of information technology (internet), which generally is intangible in nature, but may have adverse tangible consequences.
6. Praveen Dalal; “Cyber terrorism and its solutions: An Indian perspective”, www.naavi.org, dated: 25-10-04.
7. Praveen Dalal, “Preventing violations by aggressive defense” (Under publication).

Praveen Dalal. All rights reserved with the author.
* Arbitrator, Consultant and Advocate, Supreme Court of India.
Contact at: pd37@rediffmail.com/ perry4law@yahoo.com
Tele: 09899169611.



Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo