Cyber Crime And Ethics: Examining The Boundaries Of Ethical Hacking In Indian Jurisprudence

Tamanna, LL.M, University Institute of Legal Studies, Chandigarh University

ABSTRACT

The current research paper examines the role of ethical hacking as a developing concept in the cybersecurity situation and the legal framework that surrounds it in India. It also looks at how practices in digital penetration testing and coordinated vulnerability disclosure are able to meet the provisions of the Information Technology Act, 2000, Digital Personal Data Protection Act, 2023 and procedural protections the Bharatiya Nagarik Suraksha Sanhita and the Bharatiya Sakshya Adhiniyam.

The study is methodologically doctrinal by outlining the line between legal conduct of security research and criminal acts of cyber-crime through consent and proportionality, data protection and the responsible disclosure. It is pointed out in the analysis that the operational mandate of CERT-In was found in Section 70B of the IT Act and the standards of evidence of digital records were found in Section 63 of BSA.

The paper uses the concept of safe harbour in protecting the bona-fide researchers so that concomitant improvement is made towards the sphere of cybersecurity, and personal rights are safeguarded.

Keywords: Ethical hacking, Information Technology Act 2000, Digital Personal Data Protection Act 2023, Bharatiya Nagarik Suraksha Sanhita, Bharatiya Sakshya Adhiniyam, CERT-In, cybersecurity law, coordinated vulnerability disclosure, data protection, safe harbour, penetration testing, bug bounty, digital evidence.