RISE IN CASES OF CYBERCRIME IN INDIA- REASONS, IMPACT AND LEGAL MEASURES

INTRODUCTION

Criminal activities conducted through digital technologies fall under the category of cybercrime. Despite the global consensus on the existence of cybercrime, there is no universally accepted definition of the term. Various terminologies such as cloud crime, computer misuse, and internet crime are often used interchangeably with cybercrime. With the rapid growth in internet usage and digitization across multiple sectors, India has seen a sharp rise in cybercriminal activities. These developments pose significant threats to individuals, businesses, and government institutions. Although digitization is advancing rapidly, there is a noticeable lack of awareness regarding cybersecurity in India. This deficiency leaves individuals and organizations highly susceptible to cyber threats.

Incidences and rise in cybercrime in India

India has emerged as a prime target for cybercriminal activities, including data breaches, identity theft, hacking, malware dissemination, financial fraud, online gambling, defamation, forgery, and various other malicious acts. A concerning development is the emergence of a new form of cybercrime known as digital arrest, wherein fraudsters impersonate law enforcement officials to deceive victims through video calls with malicious intent. Financial gain remains one of the primary motives behind these crimes, with criminals often engaging in virtual theft and online identity fraud.

The most prevalent form of cybercrime varies globally. In India, financial fraud is the most dominant, constituting 75% of all cybercrimes reported between 2020 and 2023. The overall rise in cybercrime is alarming, with cases increasing by 57% in recent years. The states of Karnataka, Telangana, and Uttar Pradesh collectively accounted for nearly half of all cybercrime cases reported in 2021.

In 2022, a total of 65,983 cybercrime cases were registered, up from 52,974 in 2021. This reflects a 24.4% increase in cybercrime incidents, according to the latest National Crime Records Bureau (NCRB) data released on December 3, 2023. Wealthier states such as Karnataka, Telangana, and Maharashtra contributed to over half of these cases. The offenses reported fall under the Bharatiya Nyaya Sanhita (BNS), 2023, and the Information Technology Act, 2000, and include crimes such as fraud, ransomware, and impersonation. Notably, 64.8% of all cybercrime cases in 2022 were linked to fraud.

The rise in data breach frequency and associated costs has led to a growing number of victims over the past two decades. The average cost of a data breach has surged to $2054 per hour. In 2022, investment fraud emerged as the costliest form of cybercrime, with average losses of $70,811 per victim. Businesses faced an average loss of $4.35 million per data breach in the same year.

The COVID-19 pandemic significantly impacted cybersecurity, as many businesses and organizations transitioned to remote working models. Cybercriminals capitalized on this shift, resulting in a 300% increase in malware attacks in 2019. This surge escalated the number of hourly victims globally, including in India. In early 2019, the hourly victim count was 53, which rose to 90 in 2020—an increase of 69%.

Some of the most notable cyberattacks in India include the malware assault on the servers of Pune-based Cosmos Bank, where hackers siphoned off nearly $13 million by targeting ATM servers and online transfers, withdrawing the stolen amount overseas. Another major breach was the Aadhaar data leak, which exposed the personal information of thousands of Indian citizens, raising serious concerns about privacy violations under the Indian Constitution. In 2016, the Union Bank of India suffered a phishing attack that resulted in a loss of $17 million, marking one of the country’s largest financial cyber frauds. According to analytics, India was among the top nations targeted by ransomware attacks in 2019, with demands reaching up to $5 million.

Cybercrime- Status of controlling measures (LEGAL MEASURES)

To effectively combat the growing rate of cybercrime, there is a pressing need for robust cybersecurity measures, heightened public awareness, and well-regulated legal frameworks.

Punishments for cyber offenses are outlined in both the Bharatiya Nyaya Sanhita (BNS), 2023, and the Information Technology Act, 2000.

The Information Technology Act, 2000, was the first legislation passed by the Indian government to address cyber law. It recognizes and protects electronic transactions in fields such as e-commerce, e-banking, and e-governance while also prescribing penalties for cybercrimes. The Act’s primary objectives include granting legal recognition to electronic communication methods and validating digital signatures and e-contracts. Sections 43, 65, 66, and 67 of the Act define punishable offenses such as hacking, tampering with source documents, sending offensive messages, identity theft, cheating by impersonation, and publishing obscene material.

The Act also mandates the formation of a Cyber Regulations Advisory Committee, which provides guidance to the government regarding the formulation of rules or other matters related to the Act. It also sought to amend existing laws such as the Indian Penal Code, 1860; the Indian Evidence Act, 1872; the Bankers’ Books Evidence Act, 1891; and the Reserve Bank of India Act, 1934, to align them with digital provisions. While most common cybercrimes are covered by these Acts, the evolution of technology necessitates addressing new forms of cybercrime. For instance, the recent circulation of deepfake videos involving prominent actors has ignited public concern over the misuse of technology to create misleading content. In cases where the IT Act is insufficient, certain sections of the BNS, 2023, can be invoked.

The Bharatiya Nyaya Sanhita, 2023, effective from July 1, 2024, includes provisions specifically designed to tackle cybercrimes in the digital age. Key sections include:

• Section 75, which addresses electronic sexual harassment and sexually explicit remarks made without a woman’s consent.

• Section 111, which targets organized cybercrimes committed by groups or syndicates.

• Sections 318 and 336, which deal with cyber fraud, including password theft, creation of fake websites, and other forms of cyber deception. The severity of penalties depends on the gravity of the offense.

These provisions demonstrate India’s effort to align its legal framework with technological advancements. However, penalties for cyber offenses in India remain comparatively lenient when viewed against international standards.

Young individuals, especially teenagers and young adults, are particularly vulnerable to cybercrimes, including child pornography, sexually abusive content, and revenge porn. Although Section 67(B) of the IT Act addresses such crimes, the Ministry of Women and Child Development is working toward introducing new laws specifically targeting cyber offenses against women and minors.

Compared to other countries, India’s cyber laws are relatively less stringent. For example, under the POCSO Act, the punishment for child pornography is imprisonment up to five years, whereas in the United States, the punishment can extend to 15–20 years.

Additionally, with the rise of Artificial Intelligence (AI) tools such as ChatGPT, there is a significant legal gap as no existing laws specifically address AI-related concerns. As of December 2024, India lacks dedicated legislation governing AI, further highlighting the need for updated cyber laws.

Hinderances in control of cybercrimes

Despite the existence of national and international cyber laws, their enforcement faces significant challenges due to a lack of cooperation from victims, stakeholders, and witnesses. Many victims do not report cybercrimes due to concerns about reputational damage. Another major deterrent is the high cost associated with legal proceedings, including attorney fees and litigation expenses. Additionally, the perception that legal processes are time-consuming and draining discourages victims from pursuing justice.

This reluctance to report crimes undermines the benefits of thorough investigations and successful prosecutions, allowing cybercriminals to operate with impunity. To counter this trend, it is essential to raise public awareness and foster a secure digital environment.

PENDENCY OF CYBERCRIME CASES

The Indian judiciary’s limited resources, coupled with the complex and evolving nature of cybercrime investigations, contribute to the backlog of pending cases. Evaluating the efficiency of law enforcement in handling cyber incidents requires analyzing case disposal rates and the accumulation of unresolved cases.

Between 2016 and 2021, only 35% of cybercrime cases were resolved on average, with the remainder pending further investigation. The total number of cases surged during 2020 and 2021 due to the increased use of the internet amid the COVID-19 pandemic, which led to a rise in cyber threats and vulnerabilities.

ABSENCE OF UNIVERSAL LAW

A global law governing cybercrimes is critical, given the transnational nature of these offenses. Cybercriminals can operate from any country and target victims worldwide, making jurisdictional boundaries irrelevant.

Current cyber laws are national or regional in scope and cannot effectively address the global threat of cybercrime. A universally applicable law, transcending jurisdictions, is required to combat this menace. Until such legislation is enacted, the challenges posed by cybercrime enforcement will persist. Enhanced international cooperation, treaties, and bilateral agreements are essential to investigate and apprehend cybercriminals operating across borders.

Conclusion

Ensuring network security is a collective responsibility involving law enforcement agencies, government bodies, businesses, organizations, and individual users. Although supervising the immense volume of information exchanged online is challenging, implementing legal and social safeguards is imperative in the age of digital dependency.

A landmark case highlighting the need for reform is Vijay Madanlal Chaudhary v. Union of India, where the Supreme Court recommended several measures to combat rising cybercrime. These include empowering the CBI to investigate publicized video content, establishing a specialized task force for specific cybercrimes like fraud, and setting up a toll-free helpline for victims. The Court also emphasized the need for a national register of convicted cybercriminals and collaboration between the Ministry of Home Affairs and social media platforms such as Facebook, WhatsApp, Instagram, and YouTube for swift action. Additionally, senior law enforcement personnel should receive specialized training in cybercrime investigation.

As technology advances, the need for corresponding legal reforms becomes more urgent. Legal professionals must stay updated with emerging cyber laws, which continue to evolve daily. Even seasoned experts find it challenging to resolve the intricate legal issues presented by rapid technological change. Given that nearly every aspect of modern life is entwined with technology, it is imperative for the law to evolve accordingly.

Reference(s):

1. Dolly Krishnan and Mohit Verma, cybersecurity and cyber laws around the world and India: major thrust highlighting Jharkhand for concerns, thelawbrigade.com,(December 6^th,2023,9:34 AM), https://thelawbrigade.com/general-research/cybersecurity-and-cyber-laws-around-the-world-and-india-major-thrust-highlighting-jharkhand-for-concerns/?amp
2. Suhani Dhariwal, rise in cases of cybercrime in India: reasons, impacts and safety measures, writinglaw.com, (December 6^th ,2023, 5:00 PM), https://www,writinglaw.com/rise-of-cybercrime-in-india/#google_vignette
3. Tashveer Kaur, a critical analysis of effectiveness of cyber law in India, intolegalworld.com, (December 8^th ,2023, 4:16 PM), https://www.intolegalworld.com/article?title=a-critical-analysis-of-effectiveness-of-cyber-law-in-india
4. Chetan Chauhan, cybercrimes see highest spike among cognisable offences in 2022, hindustantimes.com, (December 9^th ,2023, 8:45 PM), https://www.hindustantimes.com/india-news/cybercrimes-see-highest-spike-among-cognisable-offences-in-2022-says-ncrb-101701714486481.html
5. Yoshita Gwalani, centre for academic legal research, volume 1, journal of applicable law and jurisprudence, pg no.2, pg no. 15&16, 2020
6. Daniel Ventre and Hugo Loiseau, cybercrime during the SARS-CoV-2 pandemic (2019-2022), volume 3,pg no.11, pg no. 19, 2023
7. Volume 593, Mohamed chowki, Ashraf Darwish, Mohammad Ayoub khan, Sapna Tyagi. cybercrime, digital forensics and jurisdiction, pg no. 98-99, springer
8. Sachs, ram. Hacking the election, yale journal of international law, (December 15^th, 2023, 6:00 PM), yjil.yale.edu/hacking-the-election/
9. Vijay Madanlal Choudhary v. Union of India[2022 SCC ONLINE SC 929]