Nickeled & Dimed

Penny for your thoughts?

We are accepting articles on our new email:

Cybersecurity in the Indian Legal Scenario

Status of Cyber Laws in India and its Importance

Crime is defined to be a social and economic event. Cybercrime is not clearly defined under the Information Technology Act 2000, the amendment of the I.T. Act of 2008, or in the legislation in India. Under Indian jurisdiction, due to its lack of proper definition, cybercrime is said to be a combination of two words i.e. crime and computer. In proper terminology, any crime or offence committed using a computer or electronic device is categorised as cybercrime. The I.T. Act defines terms like a computer, computer network, data, information and all other necessary components that form part of cybercrime. In a cybercrime, a computer or its data itself is the target or the object of the offence in committing some other offence The internet world is defined as cyberspace and the laws which prevail in this are known as Cyber laws. Cyber laws are described as  a branch of laws that deal with the legal issues and conflicts in the internet world, and internet users are bind to follow this code of jurisdiction. Cyber laws in India can be considered as a part of the overall legal system that deals with the Internet, E-commerce, digital contracts, electronic evidence, cyberspace, and their respective legal issues. Cyber laws cover a broad range of topics including freedom of expression, data protection, data security, digital transactions, electronic communication, access to and usage of the Internet, and online privacy.

The IT Act 2000 was implemented to amend some of the outdated laws, and it has helped in keeping the jurisdiction over cybercrimes. Cyber laws are important for people to perform online transactions without fear of misuse. The Act offers the much-needed legal framework so that information is not denied legal effect, validity or enforceability, solely on the ground that it is in the form of electronic records.

Need for an Exclusive Cybersecurity Framework

There have been several cyberattacks in India, especially during the COVID-19 lockdown. The cyber attacks have soared to about 86% during March and April. This led to the work on overhauling the 2013 cybersecurity policy. National Cyber Security Policy is a policy framework introduced in 2013 by the Department of Electronics and Information Technology. The main aim is to protect the public and private infrastructure from cyber attacks. It was important for the policy to be organized and strategized properly. Prime Minister Narendra Modi, in his speech on Independence Day 2020, announced that the Government is cognizant of the cyberattacks on India and its potential threats. Hence, he announced that there needs to be an immediate implementation of new cybersecurity policy.

The National Cyber Security Strategy (2020) aims at securing business data, which is a critical information infrastructure that can impact the security of the nation and the economy. New challenges include data protection/privacy, law enforcement in evolving cyberspace, access to data stored overseas, misuse of social media platforms, international cooperation on cybercrime and cyber terrorism, and so on.  The National Cyber Security Strategy 2020 is needed because the existing structure needs to be revamped and revitalized.

Public and Private Synergy

Public-private partnership is important for formulating these policies and regulations and creating a cybersecurity education program for the private sector and common masses. Cybersecurity should be made compulsory for all the critical t sectors of the Indian economy such as defence and national security. The financial institutions require an important legal framework and formalised precautionary measures in case of any relapse. Pawan Duggal, a cyber law expert said that cyber policy should have a holistic approach. There is scant clarity on the operating procedures in the public and private sectors. For a national approach to deal with cyber challenges, a regional team of officers, from across the country, needs to be formed to deal with cybersecurity. The specialised cyber cells of every state would formulate better strategies comprising officers who have domain knowledge. These are some of the steps discussed by the Central Unit in brainstorming sessions for a new strategy.

Social Media Cybercrimes

Social media these days has become a key tool in displaying and spearind information to the public which is vital. Based on various sources, it was found that Pakistan and China have been spreading misinformation on social media. This was clearly visible during the ongoing tussle between India and China at the Line of Actual Control in Ladakh. A study proclaimed that social media platforms were used for spreading propaganda that caused public disorder. There is a need to surveil motivated use of social media by vested interests for disturbing law and order. The government has decided to take steps such as the introduction of artificial intelligence to remove objectionable content from social media platforms.

There was a state-sponsored hacking group supported by Pakistan which perpetrated a series of ransomware and phishing attacks aimed at stealing highly sensitive defence, security and diplomatic information under the guise of coronavirus health advisories. Scores of Indian government officials in India and its embassies around the world found themselves squarely in the crosshairs of the attacks masquerading as legitimate epidemic-related communication.

Covid-19 and Cybercrime

The spike of cybercrimes and attacks have increased during the pandemic. There has been a sharp attack on financial transaction information of citizens. Lt. Gen. Rajesh Pant, India’s National Cyber Security Coordinator (NCSC), told the Economic Times that cybercriminals had launched thousands of “fraud portals” related to the coronavirus. These sites have lured thousands of Indians, eager to contribute to the fight against coronavirus, into making donations. Many of these phoney sites are quite sophisticated and virtually indistinguishable from their genuine counterparts. The PM cares fund initiative by the office of the Prime Minister for fighting  Coronavirus had multiple fraudulent websites.  A study reveals that there have been several malware and phishing schemes operating under the pretext of COVID prevention efforts. The so-called “coronavirus malware” is aimed at stealing bank account details, password and other sensitive information from users. India’s historic lockdown has led to cybercrime beyond just opportunistic attacks against private individuals.

Need for Legal reforms

The Information and Technology Act, 2000 provides a framework for the security of electronic governance by giving identification to electronic records and digital signatures. It also defines penalties for cybercriminals. It has statutorily established a Cyber Appellate Tribunal to resolve the disputes related to Cyber Crimes and Online Frauds.

Additionally, some of the statutory provisions of Indian Penal Code, 1860 in the crime of Fraud, Criminal Intimidation, Cheating, Breach of Trust, Abetment of Suicide via Blackmailing, etc. may be charged on an accused considering the circumstances and discretionary powers of the Court. However, it must be noted that a person cannot be punished twice for the same offence as it will violate his Fundamental Right ensured under Article 20 (2) of the Indian Constitution i.e. Double Jeopardy.


There are some other serious considerations and legislative changes in the new policy that will provide immunity to cyber decoys in the law enforcement agencies. These changes are necessary in order to keep people safe and secure their data on online platforms. The mechanism to identify cybercriminals is of utmost importance now. A collection of data bank of cybercrimes and criminals is also something that is being planned. Use of technology in intelligence generation and detection, data mining, and analytics is required to preempt crimes. Police personnel should become members of various social media groups for gaining access to valuable information. Dedicated teams are required to filter out matters of concern from social media and analyze them.

 Sanchali Bhowmik, 2nd year Law Student (L.L.B. Hons.) at Jindal Global Law School

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: