Cyber Crimes in India – an Introduction

Cyber Crime and Cyber laws in India. Indian Cyber crimes

Introduction to Cyber Crimes in India

Crime, in whatever forms it is, directly or indirectly, always affects the society. In today’s world, there is immense increase in the use of Internet in every field of the society and due to this increase in usage of Internet, a number of new crimes have evolved. Such crimes where use of computers coupled with the use of Internet is involved are broadly termed as Cyber Crimes.

But under Indian law “Cybercrime” as such has not been defined under any legislation. One legislation that deals with the offences related to such crimes in India is Information Technology Act, 2000, which was also further amended in the form of IT Amendment Act, 2008. But these two important legislations also do not include any definition for “cybercrime”. If looked into practicality, it is not at all easy to define this term. In order to define such an offense, when the nature of such offense is seen, it is a combination of crime and computer. So, it can be said that, when in commission of any offense computer is used, that can be termed as “cyber crime”. Now, the question arises as to what the term “cyber law” will be compromised of. By looking at the working definition of cybercrime, one can reach a conclusion that cyber law is a term which is related to all the legal issues involving computer and Internet. It is even more difficult to come up with a definition for the term cyber law as it is an intersection of various fields. It involves privacy issues, jurisdiction issues, intellectual property rights issues and a number of other legal questions. In India, what can basically be termed as cyber law are the IT act 2000 and its amended version in the form of the IT (Amendment) act, 2008.


The Information Technology Act, 2000 basically deals with the legal recognition of electronic documents and that of digital signatures. This Act incorporates a separate Chapter XI entitled “Offences” to deal with various cyber crimes and contraventions. This act also deals with Justice dispensation systems for various cyber crimes. The act was widely criticised on various fronts and due this criticism detailed amendments were brought in the form of IT Amendment Act, 2008. Major of such amendments were the focus on data privacy and information security. Even though legal recognition of digital signatures was already included under the original Act of 2000, but the Amendment Act, 2008 made the digital signature technology-neutral. Along with, the defining of reasonable security practices to be followed by the Corporate, the role of intermediaries was also redefined. Very importantly, the term “cyber cafe” was defined under this Act. Offences like child pornography and cyber terrorism were also included is the forms of cyber crimes. Cyber terrorism has been made a heinous cyber crime under this Act and has been defined in the widest possible terms and made punishable with imprisonment which may extend to imprisonment for life and fine.

An important change that has been brought forth by the Amendment Act is that the new amendment has replaced Section 43 with Section 66. Under Section 66 the Word “hacking” has been removed, but that does not mean that “hacking” as an offence has been removed; instead hacking still remains an offence by the name of “data theft” in this section. This section has further been widened in the form of Sections 66A to 66F. 66A deals with the sending of offensive messages through communication service, and causing annoyance to any electronic communication, and also includes the offence of misleading the recipient of the origin of such messages. Such offences can be punished with imprisonment for 3 years or fine. 66B deals with dishonestly receiving stolen computers or other communication device and such a crime can be punished with three years of imprisonment or fine of Rs.1 Lakh or both. 66C deals with stealing electronic signature or identity such as using another persons’ password or electronic signature, such an offence can be punished with three years of imprisonment or fine of Rs. 1 lakh or both. Similar is the punishment under section 66D for cheating by personation through computer resource or a communication device. 66E covers the offences relating to privacy violation such as publicly publishing the information about any person’s location without prior permission or consent. 66F is great importance as it deals with cyber terrorism. This Section covers a wide range of offences which can be termed as terrorism; Such as, any act denying access to any authorised person to access the computer in order to hamper the unity, integrity, security or sovereignty of the nation. Further, this section also includes the acts of access to a commuter resource without authorisation. It also covers such acts which can lead to any injury to any person or result in damage or destruction of any property, while trying to contaminate the computer through any virus like Trojan etc. All the offences that are covered under this Section can be punished with life imprisonment. Very importantly, the offences which are covered under section 66 are cognizable and non-bailable. The major transformation from section 43 of the original act to Section 66 of the Amendment Act is that, that all the offences that were covered under Section 43 gave rise to civil liability which had its remedy in either compensation or damages. But under Section 66 of the Amendment Act if such act is done with criminal intention that is mens rea, then it will attract criminal liability having remedy in imprisonment or fine or both. Moreover, under Sections 71, 72, 73 of the Information Technology Act 2000 some acts or omissions have been made criminally liable with strict liability e.g. Penalty for breach of confidentiality and privacy, penalty for misrepresentation etc. Section 67 of the original Act dealt with publishing or transmitting obscene material in electronic form but the scope of this section was widened by the amendment which included child pornography under section 67-B and also the act of retention of records by the intermediaries. And such offences under section 67-A will be punished with conviction of a term up to 3 years and fine of Rs.5 lakh and in case it is the second conviction then conviction will be for five years and fine of Rs.10 Lack or both. But for offence under section 67-B the provision is for stricter conviction which is for 5 years and fine of Rs. 10 Lakh or both in case of first conviction, and the same will be increased to 7 years and fine of Rs. 10 lakh in case of second conviction.

To conclude it can be said that, it has been provided in the preamble of the Information Technology Act 2000 that this act was passed in order to give legal recognition for transactions done through electronic means, and to improve further, this act has also made amendments to the Indian Penal Code 1860, Indian Evidence Act 1872, The Bankers Books of Evidence Act 1891, and the Reserve Bank of India Act 1934 in order to further the same objective. This act has defined various offences and also has laid down certain penalties as well. This act in a way has characterised the cyber crimes, which were earlier unknown to general public in India. This Act has made Cyber offences to be investigated only by a Police Officer not below the rank of the Inspector((now), Deputy Superintendent of Police((earlier).  Even though this piece of legislation has proved to be a big leap in the field of cyber crimes, there still is a need for further changes which can improve its efficacy such as there is lack of effective mechanism for the appropriate retention of electronic evidence. So, an effective methodology in that regard can be chalked out.


  1. Computer users will spend 1.5 billion hours and $22 billion identifying, repairing and recovering from the impact of malware, while global enterprises will spend $114 billion to deal with the impact of a malware- induced cyberattacks, says a Microsoft study.

    As per a recent report in Economics Times “”The cybercrime reality is that counterfeiters are tampering with the software code and lacing it with malware. Some of this malware records a person’s every keystroke — allowing cybercriminals to steal a victim’s personal and financial information — or remotely switches on an infected computer’s microphone and video camera, giving cybercriminals eyes and ears in boardrooms and living rooms. “

  2. I think there is now need to make subhead under cyber crime. generally in media it is referred to hacking of defacing a website. broadly crime related to computer can be termed as cyber crime – hacking / defacing of website, cyber stalking / bullying, cyber abuse and one more term should be added – Fin.e.crime (financial e crimes) whether they are committed through Internet Banking / ATM / Hoax Calls (for lottery or job or any such false promise). Further for fighting Fin-e-crimes, a national command be framed since these crimes are spread through vast geographical area. Victim belongs to one state, beneficiaries of such fraudulent transfers to other states and computers/IP addresses to others state. Simultaneous action at all places is key to solving such cases. The central command be empowered to further the complaint to all related cyber crime cell of local police to investigate the part under their jurisdiction whether it is victim (its computer for getting details of email received and responded) beneficiaries, criminals etc.

  3. Section 66 doesn’t carry any practical logic.
    For example 66C, how one looses materilistic loss if someone creates victim’s fake profile?
    Making Law doesn’t make all the sense. Law should be logical and practical.
    Indian police and judiciary shouldnt waste time on no-harm(financial and bodily) offenses.

This site uses Akismet to reduce spam. Learn how your comment data is processed.