Cybercrime and Digital Policing: Efficacy of the Bhartiya Nyaya Sanhita, 2023

Abstract

Cybercrime is on the rise in India. In the last few decades, we have witnessed how cybercriminals have evolved in terms of their ways and methods to engage in illegal activities in cyberspace. However, the laws dealing with such criminal activities have proven to be inconsistent time and again. This research article aims to understand the flaws in the previous criminal code, that is, the Indian Penal Code and how these inconsistencies have been addressed in the new Bharatiya Nyaya Sanhita. The final approach of this article is to make recommendations regarding improvements in the BNS in the context of cybercrime to accommodate the more recent forms of such crimes and to improve the overall cyber scene in India. 

Introduction

India as a global economy with a strong digital presence transcends the physical boundaries of geography. However, the immense advancements in technology have, unfortunately, attracted cybercriminals to commit illegal activities in cyberspace, regardless of the place they are operating. According to a report released by I4C, there has been a significant rise in cases of cybercrime from 9,622 cases in 2014 to over 77,000 as of August 2024. According to another report by the Economics Times, “Indian entities have been projected to incur mass losses of Rs 20,000 cr due to cybercrimes in 2025. The report further states that losses of Rs. 9,000 cr may result from brand name abuse alone. Apart from this, the banking and financial sectors are the most affected, facing losses of Rs. 8,200 cr., followed by retail and e-commerce at Rs. 5,800 cr.”

Digital policing of cybercrime

One thing that can be interpreted from the day-to-day advancements in cybercrime cases is that cybercrime is becoming unstoppable. Day by day, we are witnessing unprecedented cybercrime cases. The digital policing of cybercrime in India encompasses a multifaceted approach, combining the formation of dedicated cybercrime coordination centers, reporting portals, legal frameworks, and public awareness initiatives to address the growing threats of cyber offences. The IT Act, 2000, provides the legal foundation. The Indian Cybercrime Coordination Centre (I4C) was established back in 2020 to deal with cybercrime in a coordinated and comprehensive manner. The National Cyber Crime Reporting Portal and the Citizen Financial Cyber Fraud Reporting Management System facilitates  cybercrime activities. 

Inconsistencies with IPC 

To tackle cybercrime cases, sections in the Indian penal code were incorporated. However, they proved to be less cyber-oriented and focussed more on physical crimes. The IT Act, 2000, introduced more dedicated sections to deal with cases of such types. The Indian Penal Code, 1860, was replaced by the Bharatiya Nyaya Sanhita in 2023. The argument was that IPC was outdated and dealt with cybercrimes of that time. With the rise of the internet and advances in technology over the past few decades, cybercriminals have engaged in various other forms of modern-day cybercrimes. Since the IPC had various inconsistencies in dealing with new-age cybercrimes,the BNS was designed to be more comprehensive by including provisions that address these new forms of crime in cyberspace. 

Attempts made in the BNS to combat Cybercrime

1. Cybercrime has not been explicitly defined as a separate offence in BNS. However, it has been addressed within the wider context of organised crime under S.111. 
2. Organised Crime has been introduced under S.111. This section has included ‘continuing unlawful activities,’ which also encompasses cybercrimes.
3. S.152 has replaced the term ‘sedition’ with a broader interpretation under ‘offences against the state,’ explicitly covering electronic communications, false statements, or secessionist speech online.
4. S.196 and S.197 cover offences against public tranquility. Under S.196, speech that promotes enmity between various groups on grounds of religion, race, place of birth, etc. are punishable. S.197 covers imputations, assertions prejudicial to national integration. Electronic communication has been explicitly covered, widening the scope of these sections.
5. The Bharatiya Sakshya Adhiniyam (BSA), along with the BNS, has recognised electronic records as primary evidence. S.61 and S.63 of the BSA deal with the admissibility of electronic records as primary evidence in legal proceedings. 
6. Cyber offences under the IPC were charged under sections related to cheating and forgery. The punishment for cheating by personation was up to 3 years. According to the BNS, the punishment for cheating by personation has been raised up to 5 years under S.319(2).

Landmark Judgements

These judgements have served as guidelines for better provisions and clarity regarding cybercrime that have been incorporated in the BNS.

In the Shreya Singhal v. UOI case, S.66A of the IT Act, 2000, was struck down for the section being vague as to what could be treated as ‘offensive’ and what not. The section violated free speech under article 19(1)(a) of the constitution. Hence, this judgement called out for the need for clear laws on cybercrime and to prevent the misuse of power by the authority to suppress dissent and criticism under the guise of maintaining public order.

The K.S. Puttaswamy v. UOI case recognised the right to privacy as a fundamental right under Article 21 of the constitution. The relevance of this case arises in the present context because many cases related to cybercrime involve personal data theft. Thereby infringing the right to privacy of the victim. The BNS must balance punishing the cybercriminals with protecting the victim’s privacy while dealing with digital evidence.

In Avnish Bajaj v. State, also known as the Bazee.com case, the accused was the CEO of the company who was arrested and given bail under S.67 of the IT Act on account of an obscene video uploaded on the e-commerce portal. However, he proved his due diligence but in 2005, IT Act did not contain any provision related to ‘Intermediary.’ The court clarified that intermediaries, like websites, are not always liable for user content if they follow due diligence. This judgement is important for our purpose since it is about how challenging it is to hold the right person accountable in cybercrime, especially when organized crime is involved and multiple actors operate anonymously online.

Flaws in the BNS 

The Bharatiya Nyaya Sanhita is a substantial overhaul of the Indian Penal Code. Attempts have been made to improve the cybercrime scene in India. However, much work remains to be done in this regard. Despite these attempts, several ambiguities and limitations persist, leading to legal, procedural, and interpretational challenges. The ambiguities arise from vague definitions of cybercrime, inconsistent interpretations, and a lack of clarity regarding punishments, potentially creating challenges for effective implementation and hindering justice delivery. Due to ambiguity and inconsistent interpretation, judges have to stretch laws from other legislation to deal with cybercrime.

Some of the areas that are clearly flawed and call for rectification in the cybercrime laws under the Bharatiya Nyaya Sanhita are as follows:

1. Notably, there is still no dedicated chapter or comprehensive definition of cybercrime within the legislation. 
2. Offences like cyberstalking, online impersonation, deepfake, identity theft, and cyberbullying remain unspecified.
3. Digital property or assets, such as cryptocurrency, have still not been recognised as ‘property’ that needs to be protected.
4. Online frauds remain out of scope since no such variations have been made under sections dealing with cheating and personation.
5. No specific sections incorporated to address the rising cases of online harassment and stalking through digital platforms. 
6. Terms such as ‘subversive activities’ under S.152 have not been explained hence, contributing to the vagueness of the provision.

Challenges in Tackling Cybercrime Effectively

1. Rapid Digitalisation: The increased connectivity and heavy reliance on technology, which in turn has also attracted cybercriminals and resulted in extensive illegal activities in cyberspace.
2. Inadequate Infrastructure: The cybersecurity infrastructure in India is still developing. Many small businesses may not have robust cybersecurity technology to prevent cyber- related threats, making them easy targets.
3. Lack of Jurisdiction: The activities of cybercriminals transcend the physical boundaries, masked by anonymity. It becomes significantly difficult to apprehend and prosecute them if they are located in jurisdictions with weak cybersecurity laws. 
4. Lack of Awareness: Low digital literacy increases cyber victimisation. 
5. Weak Legal Framework: While we have laws and regulations on cybercrime, however, they are still insufficient and face enforcement issues.
6. Implementation challenges: Ambiguity in cybercrime laws, including those in BNS, creates challenges for effective implementation.

Recommendations

1. Updating the law from time to time: It is essential to regularly update the law to address the rise of contemporary cybercrime and include specific provisions for new offenses, such as deepfake fraud, to meet present-day challenges.
2. Training legal professionals: Proper training and workshops regarding cybercrime can equip our legal professionals to work on these cases better and keep them updated with the new forms of cybercrime.
3. Improving Infrastructure: Better technology like cyber forensic labs needs to be incorporated in courts and police stations to facilitate investigation and solve cyber cases efficiently.
4. Jurisdiction: One of the biggest hurdles in tackling cybercrime is the lack of jurisdiction. It is essential to have effective international cooperation in order to apprehend cybercriminals and prevent such activities.
5. Public Awareness: Increasing public awareness, for example, of bank-related scams, particularly in less accessible areas, can help people stay safe online.
6. Implementation Challenges: Dedicated chapters, clear definitions, and specified offences need to be incorporated for effective implementation. 

Conclusion

The cybercrime laws in India are like a patchwork, drawn from various provisions across multiple legislations rather than a unified, comprehensive statute. This fragmented approach has led to ambiguity, inconsistent judicial outcomes, and enforcement challenges. Courts often have to stretch general provisions like cheating, criminal intimidation, or obscenity to cover digital acts. While attempts have been made in the BNS to improve the status of cybercrime laws and the position of cyber victims in India, there is still a long way to go. Technology is evolving at a greater speed. AI-enabled unethical activities such as deepfake scams are increasing. It is important to keep updating the laws to accommodate present-day challenges. Moreover, overcoming implementation hurdles requires a clear call to action.

References 

Doon Law Mentor, ‘Cybercrime Under Bharatiya Nyaya Sanhita: Challenges’ (Doon Law Mentor, 3 March 2025) https://doonlawmentor.com/cybercrime-under-bharatiya-nyaya-sanhita-challenges/ accessed 21 June 2025.

The Bharatiya Nyaya Sanhita (BNS), 2023 (Universal LexisNexis, 2024 edn)

RestTheCase, ‘Comparing the BNS with the IPC: A Detailed Analysis’ (RestTheCase, 6 February 2025) https://restthecase.com/knowledge-bank/comparing-the-bns-with-the-ipc accessed 21 June 2025.

NextIAS, ‘Cybercrime in India: Types, India’s Vulnerability & Solutions’ (NextIAS, 20 October 2024) https://www.nextias.com/blog/cybercrime-in-india/ accessed 20 June 2025.

MCO Legals, ‘Cyber Law: Series 2: Issue 3 – Cybercrimes under the Bharatiya Nyaya Sanhita, 2023’ (MCO Legals, 24 September 2024) https://www.mcolegals.in/kb-details?cyber-law:-series-2:-issue-3—cybercrimes-under-the-bhartiya-nyaya-sanhita,-2023&kid=469 accessed 20 June 2025.