Published on: 01st November 2025
Authored by: Shivangi Nandi
Amity Law School, Noida (AUUP)
Abstract-
The Bharatiya Nyaya Sanhita 2023 has been one of the most effective substantive laws for various crimes providing definitions and penalties to various criminal acts. Over the years, cybercrime has emerged as a new form of crime due to the advent of technology. This has required new laws to be introduced to deal with such crimes. But due to being a fairly new concept there exists problems with existing legislations to tackle with such crimes.
This paper helps us understand the concept of cybercrime and whether the provisions provided in BNS 2023 has been efficient in controlling such cybercrimes and the challenges and loopholes present in this legislation, and what significant changes will be required.
Introduction-
With the advancement of Information Technology, Internet’s usage has expanded significantly. It is being used in almost every field in our daily lives, with immense dependence and help from it. However, with such mass scale importance and utilization also comes its down falls. The term “cybercrime” isn’t new to us. This has been in the tabloids for quite sometime now, making headlines on the treats from cyber crime and measures to mitigate such dangers.
What is cybercrime? It is the practice of using the cyber hub, the computer and the internet to conduct illegal activities. Such illegal activities could be that of fraud, hacking, data leaking, malware infusion etc. In a way cyber crime exposes the vulnerabilities of people and the system out into the world through networking forums. Sensitive information, financial data, personal data are used as a way to threaten the people. Such crime makes one question the system where millions of people spend hours into. Where we indirectly give in so much of our private information into social media sites, creating accounts, mail id’s, storing data in official government websites, are we actually safe from the hands of such heinous crimes?
In the recent years, due to the increase in such crimes in the online forum, there has been a new field of policy mitigation and legal advancement, how to deal with cybercrime? In India concepts such as right to privacy, right to life have been attached with the idea of individuals being protected from such cybercrimes. The Indian Cyber Crime Coordination Centre has been a body to coordinate law enforcement to ensure prevention and protection from cyber-crimes. The Bharatiya Nyaya Sanhita that was enacted in 2023 has made laws on illegal activities that happen on the internet, computer or digital devices and provide punishments for the same. It has been effective in its methods but yet faces significant challenges.
Concept of Cyber Attack-
Cybercrimes are referring to criminal activities done using various electronic devices such as computers to carry out illegal activities on the web domain such as hacking, phishing, malware, stalking, fraud etc. These offences usually end up in huge financial extortion and money loss, along with disclosure of our personal information which we confidently insert into online platforms. This causes a risk to life and violation of privacy. Other than this, cybercrime also includes the psychological concept of cyber bullying, which involves constant harassment or threats through digital platform. Stalking also is a result of cybercrime.
The US Department of Justice (DOJ) has divided cybercrime into 3 categories:
1) Crime where a computer device is targeted
2) Crime where computer is used as a weapon
3) Crime where the computer is used as an accessory to the crime
These cybercrime activities are usually conducted by groups who are highly skilled technically in coding, and usually consists of large organised global groups. They often function in what is called the “dark web”, where detecting them becomes difficult due to high complexities. These cyber criminals often use tactics of installing malware into the victim’s device which gives them access to all data in that device which they can delete, leak and change. In recent years, these cyber criminals have become more aggressive in their approach by holding data hostage and engaging in activities of extortion threatening to release them in the dark web.
One of the most common cybercrimes to occur in phishing. Phishing involves the practice of sending fraudulent mails and messages to individuals in the disguise of being a reputed company, where they extort personal information such as bank details, passwords and then use it in their favour. In 2023, India recorded over 79 million phishing attacks, where individuals have lost their money to scammers. Many huge companies have been fallen victim to such crimes, from websites being hacked of companies like burger king, BSNL, Bharat pay, and data breach of multiple other companies like Railyatri, Zivame, Hathway, Boat India, NDMA etc. Considering such reputed company’s having trained developers to protect their web data gets hacked, millions of people and consumers fall victims to such attacks in huge scale.
Digital Policing of Cyber Attacks-
Digital policing also known as cyber policing or e-policing utilizes technology and digital tools implemented by law in order to curb, prevent and protect from combating cyber crime and digital offences. Digital policing involves wide range of duties such as online surveillance, digital forensics, cybercrime investigation, data collection and analysis etc. Now, cyber security has become of great importance between nations. With cyber attacks on governments and police, to ordinary people, legislative and federal bodies across the globe have opened many missions to stop such crimes and portals made available for public to register such crimes.
The FBI’s Internet Crime Complaint Centre in 2018 received 351,937 complaints, on an average of 1,000 per day with losses over $2.7 billion. In 2017, 300,00 complaints were recorded with losses up to $1.4 billion. The number of cyber crimes has doubled since 2014. FBI introduced the Cyber Division (CyD) in 2002 which puts efforts into prosecuting internet crimes. Higher priority is given to crimes involving terrorist organisations sponsored by foreign nations that FBI call “national security cyber intrusion”.
To safeguard the digital landscape, the Indian government has taken various measures for the same, they are as follows-
– Computer emergency response team (CERT-in) for incident responses as under Section 70B of Information and Technology Act 2000 that legally mandates this operation. This helps to timely report cyber issues to ensure safety.
– Indian Cyber Crime Coordination Centre 14C has been established to improve coordination between law enforcement and cybercrimes. The portal for such helps to file a complaint that redirects to the state law enforcement body.
– Many acts have provisions exclusively addressing cyber crimes and security. The Information and Technology Act 2000, defines and penalizes many cybercrimes such as hacking, phishing etc. and provides platform for electronic and e-governance. Initially, IPC 1860 (now BNSS 2023) addressed cybercrimes such as cyber fraud cases and criminal intimidation cases, but lacked comprehensive coverage on emerging cyber crimes of fraud, phishing, hacking, which is why IT Act 2000 was implemented.
BNS 2023 and Cyber Attacks-
With advent of cybercrimes the Information Technology Act 2000 came up that specifically focuses on technology and computer and cyber-attacks. Along with those the BNS also deals with few issues of cyber matter alongside IT Act.
The Bharatiya Nyaya Sanhita 2023, previously The Indian Penal Code 1860, initially focused on defining crimes and providing punishments for the same. Back then, concept of cybercrimes wasn’t present, but with advent of computer technology and internet cybercrimes in the criminal field started to increase. This led to the need for legislations that recognises such crimes and penalizes them accordingly which is when provisions were included in the IPC 1860 for such cybercrimes which is still present in the BNS 2023.
Provisions in BNS on cybercrimes
– Section 76 of BNS punishes any person who films, takes images of a woman involved in a private act which no one else should be seeing and also uses such images to shame the woman by posting it online or making it available for others to see shall be punishable with imprisonment from 1 to 3 years along with a fine and further penalty for subsequent commission.
– Section 77 of BNS punishes cyber stalking of a woman through internet, social media, email or call her despite showing her disinterest or discomfort will fall under a punishable offence and penalised with 3 years imprisonment and fine, and further penalty for further offence.
– Section 292 of BNS prohibits the sale and publishing of obscene content. Any book, pamphlet, representation, image published in online platform that falls under obscenity is prohibited. Advertising and publishing are an offence. Such is punishable with imprisonment up to 5 years and fine.
– Section 303 and 316 states on theft tangible and intangible material. BNS under this section penalizes identity theft and data theft.
– Section 318 of BNS talks about cheating and dishonestly inducing transfer of property. This is punishable with 7 years imprisonment and fine. Creating fake and fraudulent websites, cyber frauds, password theft is punishable with 5 years imprisonment and fine.
– Section 336 of BNS is on forgery, that is electronically falsifying documents or records causing damage to other person, penalised with 2 years imprisonment or fine or both. These forged documents when used for cheating leads to 7 years in prison.
– Section 356 of BNS punishes defamation, including sending defamatory content through email. Imposes imprisonment and fines.
Efficacy of the BNS 2023 in Cybercrimes-
BNS was previously IPC, and IPC was established in the year 1860. During that era, computer technology and internet weren’t in the main landscape, with its usage being limited with limited access to public. End of 90s saw the massive explosion of internet and computer usage. Major software companies, IT hubs booming, governance involved the usage of computer devices and technological advancements, and with such came the downfall of such growth- cybercrimes. This demanded the need for laws and regulations to penalise such crimes. Provisions were hence made in IPC 1860 on certain crimes such as stalking, fraud etc which got carried forward in the BNS 2023.
Despite the adaptation to BNS 2023, majority of the provisions of cyber crimes where outdated and based on previous concepts. Newer issues such as online trolling, verbal abusing, bullying have not had a scope in the BNS 2023. There still exists a lacune in this area of law. Other than that, BNS covers sections of voyeurism, stalking to fall under women related crimes, but fail to understand that men today also face equal issues and violation from such crimes. The term “privacy” set in these provisions are women centric creating debates of the act being ignorant of current issues and demanding change to ensuring sexual representation.
Recent years have seen new forms of cybercrimes emerging, such as ransomware related cyber-attacks, cryptocurrency theft and crypto jacking, DDoS attacks, and BNS fails to provide extensive laws and regulations for such attacks making it harder to target such attacks and punish them for it.
Here are a few challenges faces by BNS 2023 while addressing cybercrimes-
1) Fast-changing technology- The technological advancements have been steadfast in the recent years, leading to various new forms of cyber crimes to happen. The law has failed to stay in par with such developments and hence failed to address arising issues and crimes in the cyber world. The law needs to understand that with new technological advancement, the entire concept gets more complex in nature and hence it becomes vital to deal with such issues and address them.
2) Substantive law- The BNS is a substantive law, which means that it provides the definition and penalty for such crimes. But before such, there requires infrastructures and skilled coders with whose help one can catch such individuals involved in such cyber-attacks. Without with, such substantive code is of no help.
3) Jurisdictional Issues- The cyber hub is not only limited to one country, but operates worldwide. The web, internet is a platform where people can communicate from one end of the world to another. The BNS addresses cyber offences but such penalty only rests with offences arising within the country. But cyberattacks are hugely known to involve attacks from other nations to our nation’s internet space, hence leading to lesser effectiveness of BNS.
4) The replacement of IPC to BNS has not had a significant change in treatment of cybercrimes and cyber offences other than addition of electronic data and records, and addition of organised crimes. The act focuses primarily on specific cybercrimes of identity theft, hacking, data breaches etc, which is more computer centric. But fails to comprehensively cover emerging threats such as phishing schemes.
Due to such setbacks from IPC and now BNS, the Information Technology Act 2000 was formulated becoming the primary legislation to dealing with technology based and cyber related issues. This act recognizes wide variety of cybercrimes persistent today and aims to help in safe e-commerce and e-governance making it an effective act of digital policing. This act provides penalty for variety of cyber related crimes and also amends itself when major changes are required making it the most effective act to regulate cyberattacks. On March 2023, the government of India also initiated The Digital India Act, 2023 (DIA) which was to replace the IT Act 2000 to ensure comprehensive and being in par with digital advancements and cybercrimes. It focuses on areas of cyber bullying, defamation, pornography and also to be in accordance with Artificial Intelligence development.
Conclusion-
The BNS 2023 role in acting as a digital policing for cybercrimes has had limited success in curbing them. With the act being fairly old and having not much of a significant development in its provisions the other acts are more effective with the role of preventing such crimes.
The BNS needs significant reforms keeping in mind that technology keeps advancing and with that so does newer varieties of cyber-attacks come into picture. The criminal justice system has also seen massive involvement of cybercrimes in its cases and thus BNS needs changes within itself and take help from the IT Act 2000 to have effective results in the criminal field.
