As a person who dives deep into hard tech, never did I imagine that I would concern myself with a celebrity scandal. But here I am curiously following up and getting annoyed by all the technological inaccuracies being reported in the media about the infamous Kangana Raut-Hrithik Roshan saga.
For the uninitiated,Bollywood actress Kangana Raut accused actor Hrithik Roshan of circulating personal information shared over private emails. He is countering the allegation, saying that the email is an impostor account. One can read all about it in various tabloids, but in this article, we will focus on the tech part.
The alleged crime, is defined in IT Act 2008 (), which clearly states that the transmission of personal images is punishable by imprisonment.
66E. Punishment for violation of privacy. (Inserted Vide ITA 2008)
Whoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent, under circumstances violating the privacy of that person, shall be punished with imprisonment which may extend to three years or with fine not exceeding two lakh rupees, or with both
Now how does one establish that a particular account belongs to an individual? It is a hard thing to do, specially if the criminal is tech-savvy and has taken lots of precautions to make sure he isn’t tracked. Keeping aside the non-technological methods that law enforcement officials use, many tools are at law enforcement agencies’ disposal.
A step-by-step process in a typical scenario like this would include,
In some cases,one can find the IP address straightaway. But due to email server proxies being used these days, it traces back to provider’s location (for example, Mountain View for Gmail). However, once law enforcement officials make a request for it, email providers such as Google are obligated to provide the real IP of the end point and then the person can be traced. In some cases, you may need to get this from ISP or Internet providers as well.
In some cases it is possible that the person may have used spoofing software or desktop proxies that will fake the IP address and will make it impossible for law enforcement officials and providers to identify the correct IP. In such cases,Step 2 is the way to go.
This needs to be done in collaboration with law officials. Usually, spying software is nothing but some script that reads more identifiable information from the endpoint (laptop, desktop etc) and transmits it back to the sender. This information then can be used to identify the real person/IP behind the proxies. Many such scripts are available easily online.
There are some more advanced techniques based on the content,such as for pictures, but that is for another article. In general it is a combination of the steps above which will determine the accuracy of the outcome.
(Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of YourStory.)