Siksha Sarovar

Siksha Sarovar (sikshasarovar.com) is a free educational web application that helps students in India learn programming and prepare for academic and competitive exams. The platform offers structured coding courses (C, C++, Python, Java, HTML, CSS, PHP, Power BI, AI, Machine Learning, Data Science), complete university curriculum notes for BCA/MCA students with previous year question papers, Class 10 and Class 12 CBSE/HBSE school notes, and dedicated preparation material for SSC, UPSC, Banking, Railway and other government exams. Browsing the site is completely free and requires no account. Users may optionally sign in with Google solely to save their learning progress, quiz scores and personal preferences across devices.

Privacy Policy | Terms of Service | Contact Siksha Sarovar | About Siksha Sarovar

v4.0.9 · PWA
Siksha Sarovar logo
Siksha Sarovar
Your Learning Universe

Siksha Sarovar is a free e-learning platform for coding courses, BCA university notes and competitive exam preparation. Optional Google sign-in saves your learning progress across devices.

Initializing knowledge base…
Compiling modules 0%

4.2 Workplace Ethics — Cybercrime, Plagiarism, Sexual Misconduct & Fraud

Lesson 17 of 18 in the free Human Values and Ethics notes on Siksha Sarovar, written by Rohit Jangra.

4.2 Workplace Ethics — Cybercrime, Plagiarism, Sexual Misconduct & Fraud

This lesson covers the four most serious workplace ethical violations that modern professionals — especially in the IT industry — must understand and avoid.

---

1. Cybercrime

Cybercrime is criminal activity that involves a computer or network. As IT professionals, computer-applications graduates must understand both how cybercrimes happen and the ethical obligation not to participate.

Types of cybercrime

TypeDescription
HackingUnauthorised access to systems
PhishingDeceiving people into revealing credentials
Identity theftStealing personal data for fraud
CyberstalkingRepeated harassment online
Data theftStealing confidential / personal data
RansomwareEncrypting data and demanding payment
Malware distributionSpreading viruses, trojans
Cyber-bullyingOnline harassment, especially of vulnerable
Online fraudFinancial scams, fake e-commerce, fake jobs
Cryptocurrency scamsFake projects, pump-and-dump
DDoS attacksOverwhelming a service to make it unavailable
Insider threatsEmployees stealing or sabotaging
Online child exploitationMost serious; lifelong consequences
Cyber-terrorismAttacks on critical infrastructure

Indian legal framework

The IT Act 2000 (amended 2008) is India's primary law on cybercrime:

SectionOffencePenalty
§43Unauthorised access, data theftCompensation up to ₹1 crore
§65Tampering with computer source code3 years imprisonment, ₹2 lakh fine
§66Hacking3 years, ₹5 lakh
§66BReceiving stolen computer resource3 years
§66CIdentity theft3 years, ₹1 lakh
§66DCheating by personation3 years, ₹1 lakh
§66EPrivacy violation (e.g., recording private images)3 years, ₹2 lakh
§66FCyber-terrorismLife imprisonment
§67Publishing obscene material5 years, ₹10 lakh
§72Breach of confidentiality2 years, ₹1 lakh

Plus the Indian Penal Code (IPC), Companies Act, and DPDP Act 2023 for personal data.

Professional ethical obligations

As an IT professional, you have specific duties:

ObligationDetail
Don't access without authorisationEven if you can technically, you shouldn't
Don't share credentialsYours or others'
Don't pirate softwareUse licensed versions
Don't write / spread malwareEven "for learning" — consequences are real
Report vulnerabilities responsibly"Responsible disclosure" — to vendor first, not public
Respect privacyCustomer data is sacred; even one breach can sink a company
Don't profit from inside knowledgeE.g., trading on knowledge of unannounced bug
Strong password hygieneYours and the org's
Educate non-tech colleaguesAbout phishing, security

Famous Indian cybercrime cases

  • AIIMS Delhi ransomware attack (2022) — Hospital paralysed for 15+ days
  • Mumbai bank fraud cases — Multiple, totalling ₹100+ crore
  • 2018 Cosmos Bank heist — ₹94 crore stolen via coordinated global ATM withdrawals
  • Aadhaar data leaks — Multiple instances of biometric data exposure
  • Cryptocurrency scams — Multiple billion-rupee schemes shut down

These show: cybercrime is not abstract. Real people lose real money, real organisations are crippled, real careers are destroyed.

---

2. Plagiarism

Plagiarism is using someone else's work, ideas, or words as your own — without proper credit.

Types of plagiarism

TypeExample
Direct copyingWord-for-word from another source
Paraphrasing without creditChanging words but keeping the idea, no citation
Code copyingCopy-pasting code from Stack Overflow / GitHub without attribution
Self-plagiarismReusing your own previously submitted work
Image / Diagram copyingUsing others' visuals without permission
Idea theftTaking someone's concept and presenting as yours
Ghost-writing acceptanceSubmitting someone else's work as yours
Mosaic plagiarismCombining bits from multiple sources without credit
AI-generated text passed off as yoursSubmitting ChatGPT output as your own work

Why plagiarism is serious

ReasonDetail
Academic dishonestyMany universities expel for plagiarism
Career damageA documented plagiarism case follows you
Industry consequencesSoftware companies dismiss employees for code plagiarism
Reputation lossIn academia and research, irrecoverable
Legal actionCopyright infringement is a crime
Erosion of original thinkingIf everyone copies, no original work happens

Indian academic context

Indian universities have increasingly strict plagiarism policies:

  • UGC plagiarism regulations (2018) — defined tolerable similarity levels
  • Most universities use Turnitin / iThenticate to scan submissions
  • Penalties: from grade penalty (mild) to expulsion (severe)

How to avoid plagiarism

PracticeDetail
Cite sourcesFor every fact, idea, quote, image
Use quotation marks for direct textIf under 40 words
Block-quote longer passagesAnd cite
Paraphrase fully — change structure tooNot just synonyms
Use citation managersZotero, Mendeley, EndNote
Check with plagiarism toolsBefore submission
Document your processNote where each piece came from
For AI — be transparentIf you used ChatGPT, say so
Build original analysisEven if facts are borrowed, your interpretation is yours

Code-specific guidance

For programmers:

  • Open-source licences matter — MIT, GPL, Apache impose different obligations
  • Attribution comments — when adapting open-source code
  • Don't paste production code into Stack Overflow / public forums — confidentiality
  • In interviews — clearly say "I'd reference X for this part" — interviewers respect honesty over false claims of solo expertise

---

3. Sexual Misconduct at the Workplace

Sexual misconduct in any form is illegal, deeply harmful, and career-ending for perpetrators.

This is an unavoidable topic — and IT students need to enter the workplace with clarity.

Forms of sexual misconduct

FormDescription
Verbal harassmentComments about appearance, body, sexual jokes
Visual harassmentInappropriate images, gestures, leering
Physical harassmentUnwanted touching, brushing, blocking path
Quid pro quo"Sleep with me and you'll get promoted"
Hostile environmentPattern that makes workplace uncomfortable
Cyber-harassmentInappropriate messages, photos, calls
Sexual assaultMost serious; criminal
StalkingFollowing, repeatedly contacting

Indian legal framework

The Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013 ("POSH Act"):

ProvisionDetail
DefinitionIncludes unwelcome physical, verbal, visual, sexual conduct
CoverageAll workplaces (organised + unorganised) with 10+ employees
Internal Committee (IC)Mandatory; at least 50% women members; external member
Complaint processWritten complaint within 3 months of incident
InquiryTime-bound; both parties heard
Penalties on perpetratorWarning, transfer, suspension, termination, monetary penalty
False complaintsAlso addressed (with caution — most complaints are real)

Plus IPC Sections 354A (sexual harassment), 354 (assault), 509 (insulting modesty).

Note: While the POSH Act focuses on women, sexual harassment of men and transgender persons is also recognised under general criminal law.

What every professional must understand

PrincipleDetail
Consent is everythingIf unclear, don't proceed; check in
Power dynamics matterA senior pursuing a junior is rarely truly consensual
No means noFirst time, every time
Workplace is a workplaceRomantic pursuits are largely inappropriate
Silence is not consentJust because someone didn't object loudly
Repeat behaviour after first decline = harassmentOne ask, decline received, drop it
Comments about appearanceEven "compliments" can be inappropriate at work
TouchingDon't, unless professionally necessary (handshake)
Out-of-office settingsThe rules still apply at office parties, dinners

What to do if you witness or experience harassment

ActionDetail
DocumentDate, time, what happened, witnesses
Report to ICInternal Committee per POSH Act
Report to HRParallel channel
Inform a trusted seniorFor backup
External: police complaintIf criminal
External: Local CommitteeDistrict-level if employer's IC fails
CounsellingMany companies and external organisations
Support networkFamily, friends, women's organisations

The cost of staying silent is often greater than the cost of speaking up. Companies that handle complaints well retain their best talent; those that don't lose people in slow drips.

What every employee should know

  • POSH training is mandatory for many employees — take it seriously
  • Internal Committee details are usually posted; know who they are
  • External resources — NCW (National Commission for Women), Sakhi One-Stop Centres
  • Anonymous reporting options exist at many companies

---

4. Fraudulent Use of Institutional Resources

Fraudulent use of institutional resources = misuse of company / institutional resources for personal gain or in violation of policy.

Common forms

FormExample
Time theftDoing personal work on company hours; faking attendance
Expense fraudInflated travel claims, personal expenses billed to company
Asset misusePersonal use of company vehicle, laptop, software
Data misuseUsing customer data for personal purposes
Side businesses on company timeRunning another business during work hours
Intellectual property theftTaking company IP to next job / competitors
BriberyAccepting / offering bribes
KickbacksVendor bribes for inflated orders
Fake invoicingCreating phony bills for personal gain
Cookie-jar accountingManipulating financial records
Ghost employeesFake employees collecting salary
Procurement fraudInflated tenders, fake vendors
Sale of confidential informationInsider trading, leaked tenders

Why this matters

ReasonDetail
It's stealingFrom the organisation and all stakeholders
Career-endingTermination + criminal prosecution + reputation damage
Industry blacklistingBackground checks turn up the history
Legal actionCompanies pursue civil and criminal cases
Tax implicationsUndisclosed personal use → tax issues
Erosion of trustAffects all employees, not just perpetrator

Specific examples — the temptation traps

SituationTempting WrongRight
Long-distance call to family on office phone"Just one call"Use personal phone
Print 500 pages of personal book on office printer"They won't notice"Print at home / paid service
Bill restaurant dinner with friend as client meeting"Easy expense report"Pay yourself
Take office laptop on personal vacation"It's there anyway"Use personal device
Free pizza ordered for team meeting, taken home"Leftovers will be wasted"Within reason, but don't make a habit
Download free books via company internet"Educational"Should be policy-compliant
Use office WiFi for personal heavy streaming"Bandwidth is unlimited"Reasonable personal use OK

Pattern recognition — these are small. Each individually trivial. But:

  1. They erode integrity
  2. They normalise larger violations later
  3. They create habits

The discipline: don't even start small. Pay your own way, use your own time, respect company resources as you would a friend's.

---

Common Pattern Across All Four

CybercrimePlagiarismSexual MisconductFraud
Treating others' digital assets as yoursTreating others' work as yoursTreating others' bodies / dignity as accessibleTreating others' resources as yours

The root pattern is the same: violating others' boundaries / rights for personal gain.

The antidote is also the same: right understanding — that you are part of a system of mutual fulfilment, where exploiting others ultimately costs you.

---

Workplace Ethics Code — Personal Commitment

After studying this lesson, consider drafting a personal commitment:

"I commit to: - Honesty in my code, my work, my relationships - Respect for every person at every level - Confidentiality of information entrusted to me - Original work in all academic and professional submissions - Treating all colleagues — regardless of gender, level, background — with dignity - Reporting wrongdoing I witness, even at personal cost - Right use of organisational resources - Cultivating these values daily, not just when convenient"

Sign and date it. Revisit it when tested.

---

Key Terms — Lesson 4.2

This is the most exam-heavy lesson of Unit IV. Most PYQs ask for definitions of cybercrime, IT Act sections, plagiarism types, POSH Act provisions, and fraud forms; deploy these terms with precise legal citations.

CybercrimeCriminal activity that involves a computer or network — either as the target (hacking, ransomware) or as the tool (online fraud, identity theft, cyberstalking). India's primary law is the Information Technology (IT) Act, 2000, supplemented by the IPC and the DPDP Act 2023; cybercrime is rising rapidly with digitalisation.

Information Technology Act, 2000 — India's primary cybercrime law, enacted 9 June 2000 and amended 2008. Key sections: §43 (compensation for unauthorised access up to ₹1 crore), §65 (tampering with source code, 3 years), §66 (hacking, 3 years), §66C (identity theft, 3 years), §66D (cheating by personation), §66E (privacy violation), §66F (cyber-terrorism, life imprisonment), §67 (obscene material), §72 (breach of confidentiality).

Hacking (§66 IT Act)Unauthorised access to a computer system or network — whether for theft, sabotage, espionage, or "just curiosity". Hacking is punishable by up to 3 years imprisonment and ₹5 lakh fine under §66; even ethical hacking ("white hat") must be done with explicit written authorisation to avoid prosecution.

PhishingDeceiving people into revealing credentials — usually through fake emails, fake login pages, or fake calls impersonating banks, payment apps, or employers. Phishing is prosecuted under §66D (cheating by personation) of the IT Act; it is the most common cybercrime vector and the cause of most banking frauds in India.

Identity Theft (§66C IT Act)Fraudulent use of someone's password, digital signature, or unique identifier — Aadhaar, PAN, bank credentials, OTPs — to impersonate them online. Punishable by up to 3 years and ₹1 lakh fine; in the Aadhaar era it can enable massive downstream fraud through linked services.

RansomwareMalicious software that encrypts a victim's data and demands payment for the decryption key. The AIIMS Delhi attack (November 2022) paralysed India's premier hospital for 15+ days; the Cosmos Bank heist (2018) drained ₹94 crore through coordinated global ATM withdrawals. Ransomware payments are themselves often illegal (sanctions, anti-money-laundering laws).

MalwareMalicious software designed to damage, disrupt, or gain unauthorised access — viruses, worms, trojans, spyware, rootkits, keyloggers. Writing or distributing malware (even "for learning") is punishable; many young careers have been ended by university-era malware experiments that turned out to have real-world consequences.

DDoS AttackDistributed Denial of Service — overwhelming a service with traffic from many compromised machines to make it unavailable to legitimate users. DDoS attacks against payment platforms, government portals, and critical infrastructure are punishable under §66F (cyber-terrorism) when they target essential services.

Cyber-terrorism (§66F IT Act)Attacks on critical information infrastructure — power grids, banking, defence, healthcare — with intent to threaten the unity, integrity, security, or sovereignty of India. The only IT Act offence carrying life imprisonment; one of the very few non-compoundable sections.

Responsible Disclosure — The ethical practice of reporting a discovered vulnerability privately to the vendor before any public disclosure — giving them time to fix it. Responsible disclosure is the boundary between security researcher and criminal; most bug-bounty programs (Google, Microsoft, Indian government's NCIIPC) operationalise it.

PlagiarismUsing someone else's work, ideas, or words as your own — without proper credit. Plagiarism violates asteya (non-stealing) at the intellectual level; modern academic and professional sanctions range from grade penalty to expulsion to termination. Indian universities use Turnitin and iThenticate to scan submissions.

UGC Plagiarism Regulations, 2018 — The University Grants Commission's regulations defining tolerable similarity levels in Indian higher education: up to 10% similarity is exempt; 10-40% triggers revision; 40-60% requires resubmission after 6 months; over 60% triggers expulsion or worse. Apply to dissertations, theses, and published research.

Self-PlagiarismReusing your own previously submitted work in a new submission without disclosure — recycling a college assignment for a different course, or reusing a paper for a new conference. Self-plagiarism is academic dishonesty even though no one else's work is taken; transparency is the cure.

Code PlagiarismCopying code from Stack Overflow, GitHub, or colleagues without attribution or licence compliance. Open-source licences (MIT, GPL, Apache, BSD) impose specific obligations; ignoring them creates legal liability for the employer. Production-code copying without permission has cost careers and triggered lawsuits.

Sexual HarassmentUnwelcome sexual conduct — physical, verbal, visual, or digital — that creates a hostile workplace or is used as a basis for employment decisions. Sexual harassment in the Indian workplace is governed by the POSH Act, 2013 and IPC Sections 354A, 354, 354B, 354C, 354D, 509.

Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013 (POSH Act) — India's dedicated workplace-harassment law, enacted following the Vishakha v. State of Rajasthan (1997) Supreme Court guidelines. Mandatory Internal Committee (IC) for workplaces with 10+ employees (at least 50% women members plus external NGO member); written complaint within 3 months; time-bound inquiry; penalties from warning to termination.

Internal Committee (IC) — The mandatory in-house body established under the POSH Act to receive and inquire into sexual-harassment complaints. The IC must have a presiding female officer, at least 50% women members, and one external member from an NGO familiar with women's-rights issues. Knowing your IC is part of basic workplace literacy.

Quid Pro Quo Harassment — A form of sexual harassment where employment benefits are tied to sexual favours — promotion, project allocation, performance ratings, threats of dismissal. Quid pro quo cases are typically the easiest to establish under POSH because the linkage is explicit; they are also the most egregious abuses of power.

Hostile Work Environment — A pattern of unwelcome conduct — comments, jokes, images, gestures — that makes the workplace intimidating, offensive, or oppressive. Hostile environment cases require pattern evidence rather than a single incident; courts have held that the cumulative effect can be as actionable as quid pro quo.

Vishakha Guidelines (1997) — The Supreme Court guidelines issued in Vishakha v. State of Rajasthan — India's first formal recognition of workplace sexual harassment as a violation of fundamental rights (Articles 14, 15, 19, 21). The Vishakha Guidelines operated for 16 years until the POSH Act 2013 codified and expanded them.

Fraudulent Use of Institutional ResourcesMisuse of company or institutional resources for personal gain or in violation of policy — time theft, expense fraud, asset misuse, IP theft, bribery, kickbacks, fake invoicing. These violate asteya (non-stealing) and the trusteeship principle; they end careers when caught and corrupt culture when tolerated.

Time TheftDoing personal work on company time — running side businesses, attending to personal calls excessively, fake attendance, leaving early while claiming full hours. Time theft is the most common workplace fraud; over a career it can amount to years of salary received without work delivered.

Bribery and KickbacksOffering, accepting, or facilitating payments to influence professional decisions — vendor selection, contract awards, regulatory approvals. India's Prevention of Corruption Act, 1988 (amended 2018) and Companies Act, 2013 prosecute bribery; international compliance (US FCPA, UK Bribery Act) also affects Indian IT exporters.

Intellectual Property TheftTaking company IP — code, designs, customer lists, trade secrets — to a competitor or new venture. India's Copyright Act, 1957, Patents Act, 1970, and Trade Secrets under contract law cover this; standard employment contracts include non-disclosure and non-compete clauses, and IP-theft cases regularly produce criminal and civil action.

---

Study deep

  1. Workplace ethics is increasingly enforced. Cybercrime, plagiarism, sexual harassment, fraud — once "career risks", now have specific laws, internal committees, mandatory training, severe penalties. Awareness alone is not enough; alignment is required.
  1. The IT industry has specific risk profiles. Cybercrime risk is highest in IT. Plagiarism risk is highest in code-heavy roles. Sexual misconduct exists everywhere but workplace dynamics in IT (mixed-gender teams, late hours, travel) demand particular care.
  1. One incident can end a career. Especially in cybercrime, sexual misconduct, and fraud. Background checks are increasingly thorough. Reputations spread fast in the era of social media.
  1. The right culture matters. Working at a company with strong ethics is more important than salary alone. Toxic cultures pressure even good people into compromises. Choose where you work carefully.
  1. Personal integrity is portable. Skills are valuable but lose value over decades. Integrity compounds — and at the senior career stage, it is often what separates the trusted leader from the technically-skilled rejected one.
Common exam question (very high frequency): "Discuss workplace ethics: cybercrime, plagiarism, sexual misconduct, fraud." — One section per topic; definition, examples, Indian legal framework (IT Act, POSH Act, UGC plagiarism rules), professional obligations; common pattern (violating boundaries for personal gain).
Common exam question: "What is cybercrime? Discuss its types and legal framework in India." — Define; 10 types (hacking, phishing, identity theft, ransomware, etc.); IT Act 2000 sections (§43, §65, §66, §66B, §66C, §66F, §67); IT professional's ethical obligations.
Common exam question: "What is plagiarism? How to avoid it?" — Define; 8 types (direct, paraphrasing, code, self, image, idea, ghost, AI-generated); how to avoid (cite, quote, paraphrase fully, citation managers, plagiarism tools); code-specific guidance.
Common exam question: "Discuss the POSH Act 2013 and its provisions." — Title; coverage (10+ employees); Internal Committee; complaint and inquiry process; penalties; need for awareness in modern workplaces.
Common exam question: "What is fraudulent use of institutional resources?" — Define; 8-10 forms (time theft, expense fraud, asset misuse, IP theft, bribery, kickbacks, fake invoicing); examples; pattern of small violations becoming habits.

Worked Example — A code-plagiarism temptation

Situation: Under a deadline, a developer finds a working solution on Stack Overflow / GitHub and is tempted to copy-paste it straight into production code, without attribution or checking the licence.

Analyse it: This is code plagiarism — using someone else's work as your own without proper credit — a form of asteya (non-stealing). The lesson warns that open-source licences (MIT, GPL, Apache) impose different obligations, and that copying without attribution or licence compliance creates legal liability for the employer and has cost careers and triggered lawsuits.

The right response:

  • Check the licence and comply with its terms; add an attribution comment when adapting open-source code.
  • Do not paste confidential production code into public forums.
  • Build your own original analysis and adaptation rather than passing the copied work off as solely yours.

Outcome: The work is delivered honestly, the employer faces no licence liability, and the developer's integrity — and career — is protected.

Self-check

  1. Name the four most serious workplace ethical violations covered in this lesson. (cybercrime, plagiarism, sexual misconduct, fraudulent use of institutional resources)
  2. Which Indian law is the primary framework for cybercrime, and which section carries life imprisonment? (the IT Act, 2000; §66F — cyber-terrorism)
  3. Define plagiarism, and name the intellectual value (Sanskrit) it violates. (using someone else's work, ideas, or words as your own without proper credit; it violates asteya — non-stealing)
  4. Under the POSH Act 2013, within how many months must a written complaint be filed, and what is the minimum women's representation on the Internal Committee? (within 3 months of the incident; at least 50% women members)
  5. Name four forms of fraudulent use of institutional resources. (any of: time theft, expense fraud, asset misuse, data misuse, IP theft, bribery, kickbacks, fake invoicing, ghost employees, procurement fraud)
  6. What single root pattern, and what antidote, do all four violations share? (root pattern: violating others' boundaries / rights for personal gain; antidote: right understanding — that you are part of a system of mutual fulfilment)