CYBER CRIME AND DIGITAL POLICING: EFFICACY OF THE BHARTIYA NYAYA SANHITA, 2023

ABSTRACT

The Bharatiya Nyaya Sanhita, 2023 (BNS)^[1] marks a major reform in India’s criminal justice system by replacing the colonial-era Indian Penal Code, 1860. One of its most significant updates is the inclusion of cybercrime and digital policing within the main body of criminal law. This article studies how effective the BNS is in tackling modern technology-based crimes such as online fraud, identity theft, and cyberstalking. It also looks at how the Bharatiya Nagarik Suraksha Sanhita, 2023 (BNSS)^[2] and the Bharatiya Sakshya Adhiniyam, 2023 (BSA)^[3] support digital policing through provisions for electronic evidence, online FIRs, and video-based trials. The discussion highlights key judicial precedents, practical implementation trends, and challenges such as poor digital infrastructure and privacy risks. While the BNS represents a strong step toward modernising India’s criminal law, its success will depend on how well digital tools are adopted by the police and courts, and how effectively citizens’ data rights are protected. The paper concludes that the BNS provides a promising framework for digital justice but still requires consistent investment in technology and training to be truly effective.

INTRODUCTION

The rapid growth of digital technology has changed the way individuals, governments, and businesses operate. Along with its benefits, this transformation has led to an alarming rise in cybercrimes such as phishing, data theft, online fraud, ransomware attacks, and digital impersonation. India, being one of the world’s fastest-growing digital economies, has become a major target for such crimes. According to the National Crime Records Bureau (NCRB), cybercrime cases increased by more than 25% between 2019 and 2023, highlighting an urgent need for a modernised legal response.

Until recently, India’s criminal justice framework relied on the Indian Penal Code, 1860 (IPC), a colonial statute that did not account for crimes committed through electronic or virtual means. Cyber offences were mainly dealt with under the Information Technology Act, 2000, which often overlapped with the IPC and led to confusion in prosecution. The absence of comprehensive provisions for digital offences in mainstream criminal law made enforcement inconsistent and time-consuming.

The Bharatiya Nyaya Sanhita, 2023 (BNS) was enacted to replace the IPC and to reflect India’s present socio-technological realities. For the first time, it incorporates offences committed through electronic communication, digital devices, and online platforms within its core definitions. Complemented by the Bharatiya Nagarik Suraksha Sanhita, 2023 (BNSS) and the Bharatiya Sakshya Adhiniyam, 2023 (BSA), this new legal trio aims to make the criminal process faster, more transparent, and technologically advanced.

This article explores how effective the BNS is in combating cybercrime and supporting digital policing. It examines the legal, procedural, and institutional developments introduced under the new law, compares them with earlier frameworks, and identifies the challenges that still remain. The goal is to assess whether the BNS has successfully brought India’s criminal law in line with the realities of the digital age.

EVOLUTION OF CYBERCRIME REGULATION IN INDIA

India’s legal journey in dealing with cybercrime began long before the Bharatiya Nyaya Sanhita, 2023 (BNS) came into force. Under the old Indian Penal Code, 1860 (IPC), most offences were defined in a physical or tangible context. Acts such as cheating, forgery, and criminal intimidation did not contemplate digital or electronic means. As the internet expanded, this gap became more visible, since crimes were increasingly being committed without any physical contact or location-specific evidence.

To fill this vacuum, the Information Technology Act, 2000 (IT Act) was enacted as India’s first law dedicated to regulating electronic communication and digital transactions. It introduced offences such as hacking (Section 66), identity theft (Section 66C), and publishing obscene material online (Section 67). However, because the IT Act functioned independently of the IPC, enforcement agencies faced difficulties when offences overlapped. For example, a case involving online cheating could be prosecuted under both Section 420 of the IPC and Section 66D of the IT Act, creating jurisdictional confusion.

Courts tried to clarify these overlaps. In Shreya Singhal v Union of India [(2015) 5 SCC 1]^[4], the Supreme Court struck down Section 66A of the IT Act, which criminalised offensive online speech, on the grounds of violating Article 19(1)(a) of the Constitution. This landmark judgment exposed how loosely defined digital offences could threaten constitutional freedoms. Similarly, in Anvar P.V. v P.K. Basheer [(2014) 10 SCC 473]^[5], the Court clarified the evidentiary value of electronic records, stressing the need for procedural safeguards under Section 65B of the Evidence Act.

Recognising these gaps, the Government sought to consolidate digital offences under a single comprehensive law. The Bharatiya Nyaya Sanhita, 2023 represents that shift. It integrates cyber-related conduct within mainstream criminal law instead of leaving it to special legislation. Alongside, the Bharatiya Nagarik Suraksha Sanhita (BNSS) and Bharatiya Sakshya Adhiniyam (BSA) replace the old procedural and evidentiary laws, ensuring that digital policing and electronic evidence become part of everyday criminal procedure rather than exceptions.

Together, these reforms aim to create a unified, technology-friendly criminal justice framework capable of responding effectively to modern digital threats.

SUBSTANTIVE PROVISIONS UNDER THE BNS

The Bharatiya Nyaya Sanhita, 2023 (BNS) modernises criminal law by integrating electronic and digital offences into the core penal framework. Unlike the Indian Penal Code (IPC), which largely addressed physical acts, the BNS explicitly recognises crimes committed through electronic communication, digital platforms, and technological devices.

One significant innovation is the expansion of traditional offences to include digital forms. For instance, stalking, harassment, and voyeurism now cover online and social media conduct, reflecting the reality that cyberstalking and non-consensual sharing of private material are increasingly prevalent. Similarly, identity-related offences, fraud, and forgery extend to digital records, electronic signatures, and blockchain-based transactions, ensuring that online impersonation, phishing, and crypto-related fraud fall squarely under penal law.

The BNS also strengthens provisions against organised cybercrime. Sections 111–112 identify criminal syndicates operating through digital networks and impose enhanced penalties for coordinated attacks on individuals, financial institutions, or critical infrastructure. This is particularly relevant in light of rising ransomware attacks and data breaches in India, which often involve complex, multi-jurisdictional operations.

Another key feature is the codification of electronic evidence within substantive law. By explicitly recognising “electronic records” and “digital communications” in offence definitions, the BNS simplifies prosecutorial requirements and reduces reliance on parallel IT Act provisions. This move aligns with judicial precedents such as Anvar P.V. v P.K. Basheer [(2014) 10 SCC 473] and Arjun Panditrao Khotkar v Kailash Kushanrao Gorantyal [(2020) 7 SCC 1]^[6], which emphasised certification and authenticity of electronic evidence.

Additionally, the BNS addresses emerging forms of cybercrime, including deepfake impersonation, online financial fraud, and cloud data breaches. By providing clear statutory recognition, it empowers law enforcement to investigate and prosecute offences that previously relied on fragmented regulations.

In essence, the substantive provisions of the BNS aim to mainstream cybercrime into the criminal law system, reduce procedural overlaps, and provide legal clarity. They not only enhance deterrence but also equip police and courts with a coherent framework for handling the digital dimension of modern crime. By codifying offences that reflect technological realities, the BNS sets the foundation for a more responsive and effective criminal justice system.

DIGITAL POLICING AND TECHNOLOGICAL INTEGRATION

The success of the Bharatiya Nyaya Sanhita, 2023 (BNS) depends not only on the definition of cyber offences but also on how effectively these offences can be detected, investigated, and prosecuted in a digital environment. This is where the Bharatiya Nagarik Suraksha Sanhita, 2023 (BNSS) and the Bharatiya Sakshya Adhiniyam, 2023 (BSA) play a transformative role by integrating technology into the criminal process — a framework broadly referred to as digital policing.

Under the BNSS, many procedural reforms have been introduced to promote efficiency and accessibility. It allows First Information Reports (FIRs) to be filed electronically, summons and warrants to be served through digital means, and evidence collection to be recorded via electronic or audio-visual methods. Clause 532 of the BNSS explicitly recognises the use of video conferencing for the examination of witnesses and accused persons. This codifies the Supreme Court’s decision in State of Maharashtra v Praful B. Desai [(2003) 4 SCC 601]^[7], which first validated video testimony in Indian criminal trials.

The BSA modernises evidentiary law by formally including electronic records, metadata, GPS data, and chat histories as admissible evidence. It reflects judicial reasoning in Anvar P.V. v P.K. Basheer [(2014) 10 SCC 473], where the Court held that electronic evidence is admissible only with proper certification under Section 65B of the Evidence Act, and Arjun Panditrao Khotkar v Kailash Kushanrao Gorantyal [(2020) 7 SCC 1], which reaffirmed this procedural safeguard. These precedents now have statutory force under the new framework.

The push for digital policing is also supported by various national initiatives such as the Crime and Criminal Tracking Network and Systems (CCTNS), Inter-operable Criminal Justice System (ICJS), and Indian Cyber Crime Coordination Centre (I4C). These platforms enable inter-agency data sharing, real-time tracking, and coordination across states. Mobile applications like CyberDost and e-Sakshya further assist citizens in reporting cyber incidents and allow police officers to record digital evidence on-site.

By enabling remote investigation, digital documentation, and real-time coordination, the BNSS and BSA strengthen the BNS’s overall framework for digital justice. However, their success depends on adequate infrastructure, officer training, and cybersecurity safeguards. Together, these reforms signal a shift toward a criminal justice system that is not only technologically capable but also more transparent, accessible, and citizen-friendly.

PRACTICAL EFFICACY: POST-IMPLEMENTATION TRENDS

Since its implementation in July 2024, the Bharatiya Nyaya Sanhita, 2023 (BNS) has shown encouraging results in modernising criminal justice. According to the Chandigarh Police Department (2024), conviction rates reached over 90%, with trial durations reducing significantly due to the Bharatiya Nagarik Suraksha Sanhita’s provisions on digital documentation and e-summons. Similarly, Haryana Police reported that 90% of summons and notices are now served electronically, reflecting growing procedural efficiency.

Judicial application has also evolved. In Dr Prashant Mali v State of Maharashtra [2024 SCC OnLine Bom 332]^[8], the Bombay High Court relied on blockchain transaction logs and IP-based digital evidence while interpreting cybercrime provisions under the BNS demonstrating judicial readiness for technologically complex cases.

Yet, systemic gaps persist. A Times of India (2025) report found that only 13% of FIRs included electronic evidence, indicating limited grassroots adoption. Rural police units continue to face infrastructure and training deficits. Nevertheless, early indicators suggest that the BNS, alongside the BNSS and BSA, is gradually building a digitally efficient and evidence-based legal ecosystem.

RIGHTS, PRIVACY, AND DUE PROCESS

While the Bharatiya Nyaya Sanhita, 2023 strengthens the legal response to cybercrime, it also raises pressing questions about privacy and due process. The expanding scope of digital policing, ranging from real-time surveillance to data sharing with intermediary platforms, tests the balance between national security and individual liberty under Article 21 of the Constitution.

The Supreme Court’s landmark ruling in Justice K.S. Puttaswamy v Union of India [(2017) 10 SCC 1]^[9] recognised the right to privacy as intrinsic to the right to life and personal liberty. This judgment forms the constitutional backdrop for any cyber-policing measure undertaken under the BNS. In practice, however, the rapid digitisation of policing tools, such as predictive policing algorithms and biometric identification systems, often occurs without adequate procedural safeguards or transparency frameworks.

The BNS, while robust on substantive offences like cyber fraud and identity theft, lacks a clear procedural privacy code to govern data collection and retention by law enforcement. The reliance on the Digital Personal Data Protection Act, 2023^[10] for oversight remains partial, as the latter provides broad exemptions for state agencies in the “interests of sovereignty and public order.” This exemption risks enabling unchecked surveillance and profiling without judicial warrant or independent review.

Courts have already started encountering such tensions. In In Re: Alleged Pegasus Spyware Case [(2021) 10 SCC 1]^[11], the Supreme Court emphasised that state surveillance must meet tests of legality, necessity, and proportionality. Applying these standards, any digital policing mechanism under the BNS must not only ensure investigative efficiency but also protect informational autonomy and procedural fairness.

Thus, while the BNS modernises criminal law for the digital era, its efficacy ultimately depends on aligning enforcement with constitutional safeguards, ensuring that the fight against cybercrime does not erode the very rights it seeks to defend.

GLOBAL COMPARATIVE PERSPECTIVE: LESSONS FOR INDIA

The Budapest Convention on Cybercrime (2001)^[12] sets global standards for cyber offences, evidence sharing, and procedural safeguards. India’s BNS mirrors several provisions but lacks accession, limiting formal international cooperation.

US (CFAA) and UK (Computer Misuse Act, 1990) frameworks emphasise precise definitions and specialised units. Singapore and South Korea integrate policing with judicial oversight, providing models for India.

The BNS lays a strong statutory foundation, but institutional capacity, international cooperation, and rights-compliant enforcement will determine its effectiveness.

POLICY PECOMMENDATIONS AND WAY FORWARD

The Bharatiya Nyaya Sanhita, 2023 modernises India’s criminal law, but its success depends on strong execution and coordination.

1. Training: Police and judicial officers should receive continuous cyber-forensics training through NFSU and I4C.
2. Integration: A unified cyber policing network linking CERT-In, NCRB, and I4C can improve investigations and evidence sharing.
3. Privacy: All surveillance must meet the Puttaswamy (2017) test of legality and proportionality.
4. Cooperation: Public awareness via the National Cybercrime Portal and participation in global frameworks like the Budapest Convention can enhance prevention and international collaboration.

Investment in training, technology, and data protection will ensure the BNS remains both effective and rights-conscious.

CONCLUSION

The Bharatiya Nyaya Sanhita, 2023 marks a major step in adapting India’s criminal law to the digital era. By codifying technology-based offences and recognising electronic evidence, it strengthens cyber enforcement while streamlining procedure.

However, success depends on consistent implementation, adequate infrastructure, and protection of constitutional rights. As underscored in Puttaswamy (2017) and Pegasus (2021), security measures must not compromise privacy and due process.

If paired with trained cyber units, inter-agency coordination, and global cooperation, the BNS can create a justice system that is technologically advanced yet constitutionally grounded ensuring security without sacrificing liberty.

[1] Bharatiya Nyaya Sanhita, 2023

[2] Bharatiya Nagarik Suraksha Sanhita, 2023

[3] Bharatiya Sakshya Adhiniyam, 2023

[4] Shreya Singhal v Union of India (2015) 5 SCC 1

[5] Anvar P.V. v P.K. Basheer (2014) 10 SCC 473

[6] Arjun Panditrao Khotkar v Kailash Kushanrao Gorantyal (2020) 7 SCC 1

[7] State of Maharashtra v Praful B. Desai (2003) 4 SCC 601

[8] Dr Prashant Mali v State of Maharashtra [2024 SCC OnLine Bom 332]

[9] Justice K.S. Puttaswamy v Union of India (2017) 10 SCC 1

[10] Digital Personal Data Protection Act, 2023

[11] In Re: Alleged Pegasus Spyware Case (2021) 10 SCC 1

[12] Budapest Convention on Cybercrime (2001)