Information Technology Law including cybercrime

Information Technology Law including Cybercrime is an important part of the subject of Law that deals with legal issues arising from the use of digital technology. It covers areas such as online fraud, identity theft, data protection, and unauthorized access, aiming to ensure safe and lawful use of cyberspace.

Previous year Questions of Information Technology Law including cybercrime

YearQuestionMarks
2023What do you mean by the term ‘private area’ mentioned under the InformationTechnology Act, 2000 ?2M
2016Define the term “Computer” under the Information Technology Act, 2000.5M
2013Define ‘Cyber Crime’.2M
2013What do you mean by “Hacking with a Computer System” ?2M 

Information Technology Act, 2000

Section 1 : Extent
  • It shall extend to the whole of India.
Section 2 :Definitions
  • Computer : Any device (electronic, magnetic, optical or other high-speed data processing device) which performs  functions (logical, arithmetic, and memory) by manipulations of  impulses (electronic, magnetic or optical impulses)  and includes all facilities (input, output, processing, storage, computer software or communication facilities) which are related to the computer in a computer network;
  • Computer network : Refers to the connection of one or more computers or communication devices through the use of satellite, microwave, terrestrial lines, wires, wireless, or other communication media; and terminals or a system of two or more interconnected computers or communication devices, whether or not the connection is continuously maintained.
  • Computer system : Means collection of devices (input and output support devices and excluding calculators which are not programmable) which contain computer programmes, electronic instructions, input data and output data, that performs logic, arithmetic, data storage and retrieval, communication control and other functions;
  • Asymmetric crypto system : Means a system of a secure key pair consisting of a private key for creating a digital signature and a public key to verify the digital signature;
  • Cyber cafe : Means any facility from which access to the internet is offered by any person in the ordinary course of business to the members of the public.
  • Cyber security : Means protecting information, equipment, devices, computer, computer resource, communication device and information stored therein from unauthorised access, use, disclosure, disruption, modification or destruction;
  • Data : Refers to information, knowledge, facts, concepts, or instructions that are arranged in a specific format to be processed by a computer system or network. It can be in various forms, such as computer printouts, magnetic or optical storage media, punched cards, punched tapes, or stored within the computer’s memory.
  • Information : Includes [data, message, text,] images, sound, voice, codes, computer programmes, software and data bases or micro film or computer generated micro fiche;
  • Digital signature – An electronic method used by a subscriber to authenticate an electronic record. It employs asymmetric cryptography and a hash function, which transforms the record into a secure format.
  • Electronic signature – Means authentication of any electronic record by a subscriber by means of the electronic technique like digital signature;
  • Subscriber – Means a person in whose name the [electronic signature] Certificate is issued;
  • Communication device : Means cell phones, personal digital assistance or combination of both or any other device used to communicate, send or transmit any text, video, audio or image;]
  • Intermediary : Means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-marketplaces and cyber cafes;
  • Originator – Means a person who sends, generates, stores or transmits any electronic message or causes any electronic message to be sent, generated, stored or transmitted to any other person but does not include an intermediary;
  • Addressee : Means a person who is intended by the originator to receive the electronic record but does not include any intermediary;
  • Computer Virus (Section 43) : means any computer instruction, information, data or programme that destroys, damages, degrades or adversely affects the performance of a computer resource or attaches itself to another computer resource and operates when a programme, data or instruction is executed or some other event takes place in that computer resource;
  • Children (Section 67B) : Means a person who has not completed the age of 18 years.
  • Private area (Section 66E) :  means the naked or undergarment clad genitals, public area, buttocks or female breast;
Section 17Appointment of Controller
  • By Central Government 
Section 18 :Functions of Controller
  • The Controller has various duties related to overseeing Certifying Authorities (CAs). These duties include:
    • Supervising the CAs’ activities and certifying their public keys.
    • Setting standards, employee qualifications, and business conditions for CAs.
    • Specifying content and format for digital signature certificates, advertisements, and public keys.
    • Defining accounting, audit, and conflict resolution practices for CAs.
    • Establishing electronic systems for digital signatures.
    • Maintaining a database with disclosure records of CAs, accessible to the public.
Section 21 : Licence to issue electronic signature Certificates
  • Any person can apply to the Controller for a licence
  • The licence is valid for a period prescribed by the Central Government.
  • It is non-transferable and non-heritable.
Section 22 : Application for licence.
  • In a form prescribed by the Central Government.
  • It includes –
    • A certification practice statement.
    • A fee of up to ₹25,000.
    • Procedures for applicant identification.
  • Renewal of Licence:
    • Application must be in a prescribed form.
    • Accompanied by a fee of up to ₹5,000.
    • Must be submitted at least 45 days before the licence expires.
Section 23 : Renewal of licence.
  • Accompanied by a fee of up to ₹5,000.
  • Must be submitted at least 45 days before the licence expires.
Section 25 : Suspension of licence
  • Reasons for Suspension
    • Provided incorrect or false information in the application.
    • Did not comply with licence terms and conditions.
    • Failed to maintain specified procedures and standards.
    • Violated any provisions of the Act, rules, regulations, or orders.
  • Process
    • Before revocation, the Certifying Authority must be given a chance to respond.
    • The Controller can suspend the licence temporarily (up to 10 days) if there’s a valid reason for revocation, pending further inquiry.
Section 37 : Suspension of Digital Signature Certificate
  • If Requested by the subscriber or an authorised person on their behalf.
  • If It is deemed necessary in the public interest.
  • Suspension cannot exceed 15 days without giving the subscriber a chance to be heard.
  • The Certifying Authority must inform the subscriber about the suspension.
Section 38 : Revocation of Digital Signature Certificate.
  • If Requested by the subscriber or their authorised representative.
  • The subscriber has died or, in case of a company or firm, it has been dissolved.
  • There is false or concealed information in the certificate.
  • The subscriber is insolvent or the entity has ceased to exist.
  • The Certifying Authority’s security was compromised.
  • Revocation cannot occur without giving the subscriber an opportunity to respond.
Section 43 : Penalty and compensation for damage to computer, computer system
  • If a person, without authorization from the owner or person in charge, does any of the following:
    • Unauthorised Access: Accesses or secures access to a computer, system, network, or resource.
    • Data Theft: Downloads, copies, or extracts any data, database, or information, even from removable storage.
    • Virus Introduction: Introduces any contaminant or virus.
    • Damaging Resources: Causes damage to computers, systems, networks, data, or programs.
    • Disruption: Disrupts the operation of any computer, system, or network.
    • Denial of Access: Blocks access for authorised users.
    • Assistance in Violation: Helps others access systems in violation of laws or regulations.
    • Service Tampering: Charges services to another person’s account by manipulation.
    • Data Destruction/Alteration: Destroys, deletes, or alters data, diminishing its value or utility.
    • Source Code Tampering: Steals, conceals, or alters computer source code to cause damage.
Section 43A (Compensation for Data Protection Failure):
  • If a company possessing or handling sensitive personal data in its computer resources is negligent in maintaining reasonable security practices, causing wrongful loss or gain to someone, the company is liable to pay compensation to the affected person.
Section 44 : Penalty for Failure to Furnish Information or Maintain Records
  • Failure to Furnish Documents, Returns, or Reports: Penalty up to ₹1,50,000 for each instance.
  • Late Submission of Returns or Information: Penalty up to ₹5,000 per day until the information is submitted.
  • Failure to Maintain Records: Penalty up to ₹10,000 per day until records are maintained.
Section 45 : Residuary Penalty
  • If someone violates any rule or regulation under this Act, for which no specific penalty is mentioned, they may face:
    • Compensation: Up to ₹25,000 payable to the affected person, or
    • Penalty: Up to ₹25,000.
Section 58 : Procedure and Powers of the Appellate Tribunal
  • Guided by principle of natural justice 
  • Civil Court Powers
    • Summoning and examining witnesses under oath.
    • Ordering discovery and production of documents or electronic records.
    • Receiving evidence through affidavits.
    • Issuing commissions to examine witnesses or documents.
    • Reviewing its own decisions.
    • Dismissing cases for default or deciding ex parte.
    • Other prescribed matters.
Section 62: Appeal to High Court
  • Right to Appeal: Any person dissatisfied with an Appellate Tribunal’s decision
  • Timeline : within 60 days 
  • Extension of Time : 60 days on a valid reason
Section 66: Computer-Related Offences
  • Punishment: If a person commits any act listed in Section 43 with dishonest or fraudulent intent, they may face:
    • Up to 3 years of imprisonment, or
    • A fine up to 5 lakh rupees, or both
Section 66A: Punishment for Sending Offensive Messages
  • Sending grossly offensive messages, false information intended to annoy, inconvenience, or harm others,  misleading electronic messages 
  • Punishment: Up to 3 years of imprisonment and/or a fine

Shreya Singhal Case (2015)

  • The Supreme Court struck down the section  66A of the Information Technology Act, 2000 in the Shreya Singhal v Union of India case, ruling that it violated the freedom of speech guaranteed under Article 19(1)(a) of the Constitution of India. 
  • The court also found that the section’s definition of offenses was “open-ended and undefined”. 
  • The Supreme Court has directed that no one should be prosecuted under Section 66A, and that all cases booked under this section should be withdrawn.
Section 66B: Punishment for Receiving Stolen Computer Resources
  • Up to 3 years of imprisonment and/or a fine of up to ₹1 lakh.
Section 66C : Punishment for Identity Theft
  • Up to 3 years of imprisonment and/or a fine of up to ₹1 lakh.
Section 66D : Punishment for Cheating by Personation
  • Up to 3 years of imprisonment and/or a fine of up to ₹1 lakh.
Section 66E : Punishment for Violation of Privacy
  • Up to 3 years of imprisonment and/or a fine of up to ₹2 lakh.
Section 66F : Punishment for Cyber Terrorism
  • Offenses:
    • Threatening India’s unity, integrity, security, or sovereignty through:
    • Accessing restricted information that may harm state interests.
  • Punishment: Life imprisonment for committing or conspiring to commit cyber terrorism.
Section 67B : Punishment for Publishing or Transmitting Child Sexual Exploitative Material
  • First Conviction: Up to 5 years of imprisonment and a fine of up to ₹10 lakh.
  • Subsequent Convictions: Up to 7 years of imprisonment and a fine of up to ₹10 lakh.
Section 69A: Power to Issue Directions for Blocking Public Access to Information
  • Grounds for Blocking:
    • Sovereignty and integrity of India
    • Defence and security of the state
    • Friendly relations with foreign states
    • Public order
    • Preventing incitement to a cognizable offence related to the above.
Section 70A : National Nodal Agency for Critical Information Infrastructure Protection
  • By The Central Government 
  • This agency will handle measures related to critical information infrastructure (CII) protection
Section 70B : Indian Computer Emergency Response Team (CERT-In) for Cyber Incident Response
  • Establishment of CERT-In: The Central Government appoints CERT-In as the national agency for cyber incident response, with a Director-General and necessary staff.
  • Functions of CERT-In:
    • Information Management: Collection, analysis, and dissemination of data on cyber incidents.
    • Alerts and Forecasts: Issuing warnings and forecasts on cyber threats.
    • Emergency Actions: Implementing emergency measures to address cyber incidents.
    • Coordination: Coordinating national responses to cyber incidents.
    • Guidelines and Advisories: Issuing guidelines, advisories, and best practices on cybersecurity.
    • Other Functions: Any additional cybersecurity roles as prescribed.
Section 79 : Exemption from Liability of Intermediaries
  • Intermediaries (like social media platforms, ISPs) are generally not liable for third-party information, data, or links they host, but this exemption comes with specific conditions.
  • Conditions for Exemption
    • If role is limited to providing access to a communication system for information made available by third parties.
    • No Control over Content: The intermediary does not:
      • Initiate the transmission,
      • Select the receiver, or
      • Alter the information.
    • The intermediary must exercise due diligence and follow prescribed guidelines from the Central Government.
Section 88 : Constitution of Advisory Committee
  • Establishment: By the Central Government
  • Committee Composition:
    • Chairperson: Appointed by the Central Government.
    • Members: Includes both official and non-official members chosen by the government, representing relevant interests or possessing expertise in cyber regulations.

Cybercrime

What is Cybercrime

Cybercrime, also known as computer crime, refers to illegal activities carried out using computers, electronic devices, or the internet. These crimes include fraud, identity theft, intellectual property theft, and more serious offenses such as child trafficking and cyber terrorism. With the increasing reliance on computers and the internet for business, governance, and entertainment, cybercrime has become a significant concern globally.

Motive

  • Financial Gain: Most cyber crimes, such as hacking, phishing, and ransomware attacks, aim to steal money or valuable financial data.
  • Personal Revenge or Vendetta: Some attacks are conducted to damage an individual’s reputation or cause personal harm due to personal grudges.
  • Political or Social Agenda: Hacktivism, where cyber attacks promote a particular political or social cause, is common, targeting government entities or spreading propaganda.
  • Business Espionage: Gaining access to corporate data servers to steal trade secrets or critical business information.
  • Intellectual Property Theft: Industrial espionage is conducted to steal proprietary information or trade secrets for competitive advantage.
  • Challenge or Thrill: Some individuals, especially younger cybercriminals, engage in hacking for the thrill, recognition, or to showcase their technical skills.
  • Military and Scientific Intelligence: Targeting research centers and military data for intelligence gathering.
  • Cyber Warfare: State-sponsored cyber attacks aim to damage or disrupt other countries’ infrastructures, such as energy, military, and financial sectors.

Types of Cybercrime in India

Impersonation and Identity Theft

is an act of fraudulently or dishonestly making use of the electronic signature, password or any other unique identification feature of any other person.

  • Relevant Law: Section 66C of the IT act prescribes punishment for identity theft with imprisonment up to 3 years and/or a fine of up to ₹1 lakh.
  • Case Study:
    • Case: Amit Kumar Sharma vs State of NCT of Delhi (2012)
    • Cybercrime: Amit Kumar was accused of stealing the identity of various individuals and obtaining credit cards in their names, which he used for fraudulent purchases.
    • Outcome: The court imposed imprisonment under Section 66C of the IT Act.
Defamation

Posting harmful statements about an individual or organisation online that damage their reputation. This offence is covered under defamation laws and cyber laws.

  • Relevant Law: Defamation under IPC (Section 499) can result in imprisonment up to 2 years, a fine, or both.
  • Case Study:
    • Case: Subramanian Swamy vs Union of India (2016)
    • Cybercrime: This case addressed defamation on digital platforms, where social media content was used to harm reputations.
    • Outcome: The Supreme Court upheld criminal defamation as constitutionally valid, reinforcing the responsibility of individuals in cyberspace.
Cyber Stalking

Cyber stalking is the use of electronic communication by a person to follow a person, or attempts to contact a person to foster personal interaction repeatedly despite a clear indication of disinterest by such person.

  • Relevant Law: Section 78 of the BNS punishes stalking, while Section 66A of the IT Act (now struck down) was used to penalize offensive messages online.
  • Case Study:
    • Case: Ritu Kohli Stalking Case (2001)
    • Cybercrime: Ritu Kohli’s identity was misused by an individual who stalked her through online chat rooms.
    • Outcome: This was the first cyberstalking case registered in India. The police acted under Section 509 (Now 79 BNS) of the IPC at the time (as Section 354D(BNS 78) was added later).
Freedom of Speech

Although individuals have the right to free speech on digital platforms, crossing the line into obscenity, harassment, or slander can be prosecuted under cyber laws.

  • Case Study
    • Bengaluru Riot Case (2020)-  Riots after a derogatory Facebook post about Prophet Muhammad was shared by the relative of a local politician.
    • Outcome- The person who posted the content was arrested under Sections 153A and 295A.
Hacking

Unauthorised access to computer systems to steal or manipulate information is classified as hacking. It is the most well-known form of cybercrime.

  • Relevant Law: Section 66 punishes hacking with imprisonment up to 3 years and/or a fine of up to ₹5 lakh.
  • Case Study:
    • Case: Sony Sambandh Case (2002)
    • Cybercrime: Sony India Pvt Ltd’s website was hacked, and customer credit card details were stolen.
    • Outcome: The hacker was traced and arrested. This case highlighted the importance of Section 66 in prosecuting hacking offenses.
Theft of Trade Secrets
  • Under Indian law, theft of intellectual property such as software, business tools, or trade secrets is a punishable cybercrime

Cyberbullying

The act of intimidating, harassing, or mentally harming someone through electronic communication. This is a growing concern, particularly on social media platforms.

  • Types of cyberbullying
    • Exclusion– exclusion of someone in a group or event
    • Harassment-constant pattern of sending hurtful or threatening online messages with the intention of doing harm to someone.
    • Outing/Doxing-openly revealing sensitive or personal information about someone without their consent
  • Trickery- first win trust of the victim. Once the bully obtains the target’s trust, they take advantage of it by disclosing the victim’s secrets and personal information
  • Cyber Grooming – Cyber Grooming is when a person builds an online relationship with a young person and tricks or pressures him/ her into doing sexual act.
  • Sexting – Sexting is an act of sending sexually explicit digital images, videos, text messages, or emails, usually by cell phone.
  • Child sexually abusive material (CSAM) – refers to material containing sexual image in any form, of a child who is abused or sexually exploited. Section 67 (B) of IT Act states that “it is punishable for publishing or transmitting of material depicting children in sexually explicit act, etc. in electronic form.
  • Online Sextortion – Online Sextortion occurs when someone threatens to distribute private and sensitive material using an electronic medium if he/ she doesn’t provide images of a sexual nature, sexual favours, or money.
  • Fraping- It is when a bully posts offensive stuff using the name of your child on social media.  
  • Masquerading- It occurs when a bully creates a false online identity or profile with the intent to bully someone online. 
  • Dissing- the act of a bully spreading cruel information about their target to either ruin their reputation or relationships with other people. 
  • Trolling- It is when a bully will seek out to intentionally upset others by posting inflammatory comments online.
  • Flaming-Flaming or roasting is the act of using abusive language or using profanity to publish insults online.

Cyberterrorism

Acts of terrorism carried out using digital platforms with the intent to harm individuals, organizations, or governments. This includes threats or actions that can endanger national security.

  • Relevant Law: Section 66F defines cyberterrorism and provides for life imprisonment for acts intending to disrupt sovereignty, integrity, or security.
  • Case Study:
    • Case: ISIS Recruitment via Social Media (2014)
    • Cybercrime: ISIS used social media platforms to recruit young people in India. Agencies arrested a group of youths influenced by this propaganda.
    • Outcome: The accused were prosecuted under anti-terror laws, demonstrating how Section 66F can be used for cyberterrorism.
  • Spamming – Occurs when someone receives an unsolicited commercial messages sent via email, SMS, MMS and any other similar electronic messaging media. They may try to persuade recipient to buy a product or service, or visit a website where he can make purchases; or they may attempt to trick him/ her into divulging bank account or credit card details.
  • SIM Swap Scam – SIM Swap Scam occurs when fraudsters manage to get a new SIM card issued against a registered mobile number fraudulently through the mobile service provider. With the help of this new SIM card, they get One Time Password (OTP) and alerts, required for making financial transactions through victim’s bank account. Getting a new SIM card against a registered mobile number fraudulently is known as SIM Swap.
  • Phishing– Fraudulent attempts to obtain personal information (e.g., passwords, credit card details) by pretending to be a trustworthy entity in electronic communications.

Vishing

  • Vishing is an attempt where fraudsters try to seek personal information like Customer ID, Net Banking password, ATM PIN, OTP, Card expiry date, CVV etc. through a phone call.

Smishing

Similar to phishing, it is conducted via SMS to extract sensitive information from mobile users.

  • Relevant Law: Section 66D prescribes punishment for cheating using computer resources with imprisonment of up to 3 years and a fine.
    • Case Study: for Phishing, Vishing,Smishing
      • Case: SBI Phishing Scam (2014)
      • Cybercrime: An organised group sent fraudulent emails to SBI customers, leading to the theft of their banking credentials.
      • Outcome: Arrest of accused & public awareness on phishing scams.

Malware

  • Malware is malicious software designed to harm, exploit, or otherwise compromise a computer, network, or device. It includes viruses, worms, spyware, ransomware, and trojans, often used to steal data, disrupt operations, or gain unauthorised access.

Virus, Worms & Trojans

  • Computer Virus is a program written to enter to your computer and damage/alter your files/data and replicate themselves.
  • Worms are malicious programs that make copies of themselves again and again on the local drive, network shares, etc.
  • A Trojan horse is not a virus. It is a destructive program that looks as a genuine application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. Trojans open a backdoor entry to your computer which gives malicious users/programs access to your system, allowing confidential and personal information to be theft.

Ransomware :

Ransomware is a type of malware that encrypts a victim’s files or locks them out of their device, making data inaccessible. Attackers then demand a ransom payment to restore access.

  • Spread through : phishing emails, malicious downloads, or infected websites

Denial Of Services /Distributed DoS :

  • Denial of Services (DoS) attack is an attack intended for denying access to computer resource without permission of the owner or any other person who is in-charge of a computer, computer system or computer network.
  • A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
    • DDoS attacks are typically launched using a network of infected devices, known as a botnet, and can disrupt online services, websites, and business operations.

Website Defacement

Website Defacement is an attack intended to change the visual appearance of a website and/ or make it dysfunctional. The attacker may post indecent, hostile and obscene images, messages, videos, etc.

Cyber-Squatting

Cyber-Squatting is an act of registering, trafficking in, or using a domain name with an intent to profit from the goodwill of a trademark belonging to someone else.

Pharming

Pharming is cyber-attack aiming to redirect a website’s traffic to another, bogus website.

Cryptojacking

is the unauthorized use of computing resources to mine cryptocurrencies.

Online Drug Trafficking

Online Drug Trafficking is a crime of selling, transporting, or illegally importing unlawful controlled substances, such as heroin, cocaine, marijuana, or other illegal drugs using electronic means.

Espionage

Espionage is the act or practice of obtaining data and information without the permission and knowledge of the owner.

Digital Arrest:

Digital Arrest Cases of “digital arrest” refer to a type of online fraud where criminals impersonate law enforcement officers to extort money from their victims.

  • The criminals call potential victims, claiming they have sent or received a parcel containing illegal goods, such as drugs or fake passports.
  • Fraudsters use fake studios resembling police stations and government offices, wearing uniforms to appear genuine.
  • They demand money from the target to “compromise” and close the case, often suggesting this as a way to avoid legal trouble.
  • In some instances, victims are “digitally arrested,” meaning they are forced to stay visible over Skype or other video conferencing platforms to the criminals until their demands are met.
  • Steps:
    • Following increasing reports of “digital arrests” by cybercriminals the central government has collaborated with Microsoft to block more than 1,000 Skype IDs used for online intimidation, blackmail, and extortion.
    • Indian Cyber Crime Coordination Centre (I4C) under Ministry of Home Affairs coordinates anti-cybercrime efforts.

International Framework

  • The Budapest Convention on Cybercrime : It is also known as the Convention on Cybercrime, is the first international treaty to combat cybercrime. It focuses on harmonising laws, improving investigative techniques, and facilitating international cooperation in prosecuting cybercrimes.
    • Objective: Harmonising national cybercrime laws and fostering cooperation across countries.
    • Additional Protocol: Addresses xenophobia and racial discrimination committed through computer systems.

Cybercrime Laws and Security in India

  • Information Technology Act, 2000: The IT Act, of 2000 is India’s primary law governing cybercrime and electronic commerce. It includes provisions for offences related to unauthorised access, hacking, and cyber terrorism.
    • Relevant Sections (In short) : Section 43, 43A, Sec 66, Sec 66A,66B,66C,66D,66E,66F,69A
  • National Cyber Security Policy, 2013: The policy provides the vision and strategic direction to protect the national cyberspace.

Prevention of Cybercrime

  • The CERT-In (Cyber Emergency Response Team – India): CERT-In has been operational since 2004. It is the national nodal agency for responding to computer security incidents as and when they occur.
  • National Critical Information Infrastructure Protection Centre (NCIIPC) to protect the Critical information infrastructure (CII) of various sectors, such as power, banking, telecom, transport, government, and strategic enterprises.
  • Indian Cyber Crime Coordination Centre (I4C): Central hub for coordinating efforts to fight cybercrime across the country.
  • Cyber Swachhta Kendra (2017): A platform launched to help users clean malware-infected devices.
  • National Cybersecurity Coordination Center (2017): Set up to detect real-time cyber threats and ensure robust responses.
  • Cyber Surakshit Bharat Initiative (2018): Launched to raise awareness about cybersecurity among government officials and improve their technical capacity.
  • The Cyber Warrior Police Force: In 2018, the government announced its plans to introduce CWPF. It is proposed to be raised on lines of the Central Armed Police Force (CAPF).
  • National Cyber Forensic Laboratory: Assists in early-stage cyber forensic investigations for law enforcement agencies.
  • CyTrain Portal : A platform for online courses to train police officers, prosecutors, and judicial officers on cybercrime investigation.
  • National Cyber Crime Reporting Portal : Public platform to report cybercrimes, with a focus on crimes against women and children.
  • Cybercrime Prevention against Women and Children (CCPWC) Scheme: Financial assistance to states/UTs to enhance investigative capabilities for cybercrimes.
  • Defence Cyber Agency (DCyA): The DCyA is a tri-service command of the Indian Armed Forces that is responsible for handling cyber security threats. 

Measures to Prevent Cybercrime

  • Regular updates and installation of the latest antivirus software.
  • Issuing timely alerts and advisories on cyber threats.
  • Capacity building for law enforcement officers, prosecutors, and judges on handling cybercrime cases.
  • Developing stronger cyber forensic capabilities to track and trace cybercriminals.
  • Awareness Campaigns-Promote cybersecurity awareness, focusing on avoiding cyber fraud, using strong passwords, and avoiding public Wi-Fi.
  • Cyber Insurance-Encourage the adoption of cyber insurance policies to cover financial risks and help businesses recover after incidents.
  • Data Protection Laws-India’s Personal Data Protection Bill, 2019 seeks to regulate data protection and is inspired by the EU’s GDPR.
  • Collaborative Mechanisms- The Indian Cyber Crime Coordination Centre (I4C) will centralise efforts, promote collaboration with private firms, and strengthen response capabilities.

Challenges in India

  • Profit-Friendly Infrastructure: Operators often prioritise profitable infrastructure over cybersecurity.
  • Absence of Procedural Codes: No dedicated codes for investigating cyber-related offences.
  • Transnational Nature: International cyberattacks complicate evidence collection.
  • Expanding Digital Ecosystem: The rise of technologies like 5G and IoT increases risks.
  • Limited Expertise: Many state cyber labs lack recognition as certified examiners of electronic evidence.

Information Technology Law including cybercrime /

Information Technology Law including cybercrime/ Information Technology Law including cybercrime Information Technology Law including cybercrime Information Technology Law including cybercrime Information Technology Law including cybercrime Information Technology Law including cybercrime Information Technology Law including cybercrime Information Technology Law including cybercrime Information Technology Law including cybercrime

error: Content is protected !!
Scroll to Top