DHARMASHASTRA NATIONAL LAW UNIVERSITY,

JABALPUR, MP

Academic Session (2020-2021)

Project Topic

Cyber Law – Policy Issues and Emerging Trends

SUBMITTED TO: SUBMITTED BY:

Mr. GAUTAM GUPTA NITIN SONI

(ASSISTANT PROFESSOR OF LAW) BAL/061/18

B.A.LLB(HONS.)

1
ACKNOWLEDGEMENT

The success and outcome of this project required a lot of guidance and assistance from many
people and I am extremely privileged to have got this all along the completion of my project.
All that I have done is only due to such supervision and assistance and I would not forget to
thank them. I am greatly indebted to DHARMASHASTRA NATIONAL LAW
UNIVERSITY for providing me necessary requirements to successfully carry out this project
work. I would like to thank our honourable Vice-Chancellor Prof. Balraj Chauhan and our Head
of Department Dr. Shilpa Jain and for giving me this golden opportunity. I respect and thank
Mr. Gautam Gupta (Assistant Professor of Law) for providing me an opportunity to do this
project and giving me support and guidance which made me complete the project duly. I am
extremely thankful to him for providing such a nice support and guidance. I extend my gratitude
thanking my parents and my friends for giving me the support and strength to complete this
wonderful project.

WITH REGARDS
NITIN SONI
BAL/061/18

2
Table of Contents
ACKNOWLEDGEMENT ....................................................................................................... 2
RESEARCH METHODOLOGY ........................................................................................... 4
Research Problem ................................................................................................................ 4
Objectives .......................................................................................................................... 4
INTRODUCTION.................................................................................................................... 6
DEFINING CYBER LAW .................................................................................................. 7
EMERGING TRENDS IN CYBER LAW ............................................................................. 8
Trends in Mobile laws .......................................................................................................... 8
Social Media Challenges .................................................................................................. 9
POLICY ISSUES ................................................................................................................... 14
CYBER LAW IN INDIA ....................................................................................................... 17
The Information Technology Act, 2000 ........................................................................... 17
CONCLUSION ...................................................................................................................... 20

3
RESEARCH METHODOLOGY

Research Problem
Territorial jurisdiction is fails to provide a satisfactory clarity through its mention in sections
46, 48, 57 and 61 with respect to adjudication process and the procedure in connection with it.
Moreover section 80 gives the power to a police officer to enter a search a public place for
cyber crime since cyber crime is a virtual event such legislation creates a plethora of ambiguity.
In cases of a cyber-attack from one state to another, the legislature holds silence again and thus
there arises a ton of ambiguity of jurisdiction. Moreover the IPC fails to acknowledge even the
basic terms such as Cyber Crime throughout its entirety. Another issue if simply is that the
laws just are not at the same pace at which the cyber crime is growing. For instance cloud
computing attacks, Denial of Service attacks are unaddressed. This is troublesome specially
with arrival of services like e-locker services via banks, online police records and confidential
documents, online records of personal documents, and personal data, etc. this data can be and
has been inappropriately accessed in the past. There are several emerging trends in Cyber Law
which are based on the analysis of emerging cyber law jurisprudence. With the growing pace
of technology, it may not possible to overrule any new trend in the technology which might
have direct or indirect impact on Cyber Law. There may be various interesting and important
challenging threats emerging in the jurisprudence of cyber law. Therefore, this research will
focus on the policy issues in India and emerging trends in Cyber law.

Objectives
The researcher has undertaken this topic to analyse cyber law policy issues and emerging
trends. The main objectives of the present study are under as follows:-
 To know the emerging trends in cyber law.
 To understand India’s Cyber law.
 To understand the policy issues related to cyber law and cyber space.
 To find out the solution related to emerging trends and policy enforcement.

Research Questions
Q1. What are the emerging trends in Cyber Law?
Q2. What are the problems in enforcement of cyber-crime law and policy?
Q3. Does the Indian law is sufficient to tackle the emerging trends related to cyberspace and
Cyber Crime?

4
Literature Review
Advancement of technology leads to the rise of criminal activities and IT Act 2000 provides
the ways to deal with the cyber crimes. This model contains positive aspect from the
prospective of e-commerce but it doesn’t solve all the problems and issue overnight.1

IT Act considered to the ambiguous law as the area of jurisdiction in the context of the internet
is unclear. Computer forensics is gaining significance in the field of investigation of cyber
crime evidence as in the real world the evidence are tangible but in the virtual world of
cyberspace it is difficult to expunge the information from the computer system and for handling
this computer forensics efficient and knowledgeable computer expert because any carelessness
leads to the loss of evidence.2

Though IT (amendment) Act 2008 tackles more even after its amendment IPC doesn’t use the
term ‘cyber crime’ at any point. After the year 2008 it can be seen that there is increase in the
cyber crime as criminals discover loopholes within that law and they perform the illegal
activities. Cyber crime can be against the person, property and government.3

There are few court precedents to look for guidance and old laws didn’t quit fit the crime being
committed. There is need to push cyber laws. Our system should provide for stern punishment
so that criminal acts as a deterrent for other.4

Scope and limitation

This research paper is about cybercrime in India, So the scope is limited to the laws of India.

Mode of citation
This research project follows Blue Book 20th edition citation style.

1
Maneesh Taneja and Dr. D.B Tiwari,”Cyber Law”, International Referred Research Journal, vol.11, pp. 63-65.
2
Yougal Joshi and Ananda Singh, “A Study of Cyber Crime and Security Scenario”,International Journal of
Engineering and Management Research, vol.3, pp.13-18.
3
Ravikumar S. Patel and Dr.Dhaval Kathiriya, “Evolution of Cybercrimes in India” International Journal of
Emerging Trends & Technology in Computer Science, vol.2.
4
Talwant Singh, “Cyber Law and IT” pp. 1-4

5
INTRODUCTION

Cyber law as a discipline has gained massive momentum in the last two decades.5 Ever since
the state of Utah became the first state in the United States of America to come up with the
cyber law, things started moving forward such as different countries started coming up with
their distinctive national laws on cyber space.6 There have been great changes and various
stages of Cyber Law as Jurisprudence were developed. But in 2020 the world in terms of
technology has taken a huge turn. New technologies are developing and are challenging cyber
law as a jurisprudence.7

In today’s world, everything is lunging towards the cyber world, via digitization and
networking to fast-track their way to the abundance of benefits of the online world. Fields such
as marketing, commerce, communication have not only been revolutionized but have
completely evolved new, previously non-existent branches such as online marketing,
ecommerce, and online communications. But as is the rule of evolution, following the evolution
of prey, the predator evolves soon after. And thus, the cyber world birthed an entirely new
category of criminal methodology commonly referred to as cyber crime. To handle the atrocity
of cyber crime the development of law and order at the same pace is crucial. Although the
prevalent laws namely, IT ACT 2000, National Cyber Security Policy, etc cover some aspects
of cyber crime; it is far from being said that cyber laws in India are up to the required standards.
For instance, issues such as cyber vandalism, cyber violence, and cyber rape are completely
unaddressed. Even the term “Cyber Crimes” has not been recognized under any statutory text.
In general, cyber law is a legislation that focuses on the proper use of technology, such as
hardware and software, the internet, and networks. It also reflects on how people use
technology in their daily lives. Cyber law protects users by allowing for the detection and
prosecution of online criminal activity. It covers the activities of individuals, associations, the
media, government, and private organisations. The law looks at crimes committed in the real
world that are made possible by cyberspace. There is a growing need for regulating cyber laws
that can address jurisdictional and privacy concerns, as well as intellectual property rights and
other legal issues.

5
https://www.financialexpress.com/industry/technology/cyberlaw-cyber-security-ai-and-blockchain-trends-
in2019/1492454/
6
https://ciso.economictimes.indiatimes.com/news/importance-of-cyber-law-opinion/72450598.
7
osou.ac.in/eresources/introduction-to-indian-cyber-law.pdf.

6
DEFINING CYBER LAW
The internet is nothing but a network of computers across the world. Internet was primarily
filled with, a lot of anarchy and, people thought that there was no need for a legal framework
for this particular network. But very quickly it began to be dawned that there is a need for kind
of a legal framework to govern the circulation of information over the internet and due to this
cyber law as a discipline was born.

The word ‘Cyber Law’ has two components cyber and law. It means the law of cyber. But the
word cyber law has been inspired by the use of the word ‘Cyber Space’. The word cyber space
was used for the first time in the year 1984 by William Gibson (the famous author in science
fiction) in his novel ‘Neuromancer’. Neuromancer was used to describe a virtual network of
computers.

Today, cyber is everywhere it’s ubiquitous8 and therefore cyber law assumes massive
significance. In the early 90’s, when people did not have much access to phones or computers
the use of cyber law as a paradigm. It was only limited to be denoting the use of computers or
laptops per se. But with the adamant of mobile phones, it’s a different bole-game altogether.
Every activity which you do on the internet or the world wide web comes within the broad
ambit of cyber law.

From the time you send an email, receive an email, transmit some content, publish content on
social media or a blog or just go ahead and release your pictures on Instagram, Facebook, or
any other social media, any activity that you do on the network has got legal-ratifications. You
can no longer say that you’re anonymous, or you can do something without someone else
knowing about your activity. The perception of being anonymous is completely wrong, people
can easily be identified on the internet. Vast knowledge available on click of buttons is the
main reason cyber law as a discipline has assumed so much importance in our day to day life.9

Different experts have given their distinctive definitions of cyber law. Cyber law is a generic
term that refers to all the legal and regulatory aspects of the internet and the World Wide Web.
Today, cyber law has become a big umbrella under which different sub-disciplines have started
to emerge. Cyber law as a discipline is very crucial and impacts all of us. We need to be aware

8
Ubiquitous means seeming to be everywhere or in several places at the same time. https://www.merriam-
webster.com/dictionary/ubiquitous.
9
https://www.computerhope.com/jargon/c/cyber-law.htm

7
of the legal nuances of cyber law independent of, whatever our vocation. Primarily because we
are the basic users of the internet.

EMERGING TRENDS IN CYBER LAW

Globally, Various trends and challenges are likely to arise with the development and evolution
of cyber law jurisprudence. Following are few of the Trends and challenges in cyberspace
which has emerged in last few years and needs a serious attention of the governments across
the world.

Trends in Mobile laws

The increased usage of mobile devices, cell phones, smart phones, personal digital assistants
and all other kinds of communication devices in different parts of the world are becoming an
integral part of day –to-day existence in life. This has widened the scope of Mobile Ecosystem
and is likely to give rise to various complex legal issues and challenges across the world.

In countries like India and China, wherein the usage of mobile devices is exceedingly high, the
area of mobile law is emerging and different complicated legal, regulatory and policy
challenges concerning the usage of mobile devices and communication devices are coming to
the forefront, and it is expected that these countries would contribute towards the growth and
development of Mobile law.10

Also, the increased usage of mobile devices is likely to give rise to more mobile related crimes.
It is need of an hour for the governments to adopt direct legislations pertaining to mobile law
as the existing laws, regulations and rules in different countries which have an impact on legal
issues pertaining to mobile laws are applicable in an indirect manner.

It is expected that with increased usage of mobile devices across the world, mobile law would
emerge as an distinct area of jurisprudence. There is a need for appropriate enabling
frameworks for the governments across the world that will help, protect and preserve the rule
of law in mobile ecosystem.11

The growth of mobile law jurisprudence has led to the legal issues connected with it. Mobile
crime is likely to increase leaps and bounds in the coming years. Increased usage of mobile

10
Rohitk.Gupta, “An Overview of Cyber laws vs. Cybercrimes: In Indian Perspective”, 2013.
11
“Cyber attacks rise from outside and inside corporations”, Press Release from Computer Security Institute.

8
apps, which majorly consists of an individual’s private and personal information, are likely to
bring up various legal issues which will need appropriate consideration in order to ensure
mobile protection and privacy. With more and more mobile apps emerging the personal
information of the user needs to be protected.

Social Media Challenges

One of the biggest problem cyber law is encountering is related to development of
jurisprudence relating to social networking. Increased adoption and usage of social media are
likely to bring various legal, policy and regulatory issues. Social media crimes are increasingly
gaining attention of relevant stake holders. Misuse of information, other criminal and unwanted
activities on social networking platforms and social media are raising significant legal issues
and challenges. There is a need for the countries across the world to ensure that rule of law
prevails on social media. Social media legal issues continue to be significant. In order to avoid
social media crimes and protect the privacy related to social media, it is a challenge for cyber
law makers across the world to not only provide appropriate legislative and regulatory
mechanisms but also provide for effective remedies for redressal to the victims of various
unauthorized, unwanted criminal activities done in cyber space and social media.

Cloud Computing and Challenges

Another important challenge in cyber space is the evolution and development of legal responses
to the complicated legal challenges poised and raised by cloud computing and virtualization.
Cloud computing being a popular phenomenon among corporate is likely to bring forth issues
like data protection and data confidentiality. The relevant stakeholders including lawmakers
and governments across the globe need to provide appropriate legal, policy and regulatory
framework pertaining to legal aspects concerning cloud computing.12

Spam

In the initial years, spam seemed to be targeted at computers but has now also targeted mobile
phones. Email spam is the most common form of spamming, Mobile phone spam and instant

12
Ernst, Young (2003). Fraud: Unmanaged risk. 8th global survey. Global investigations dispute advisory
services, South Africa. Available at: https://www.whistleblowing.com.au/information/documents/EY8thGlo
balSurvey2003.pdf

9
messaging spam also exist. In majority of the countries there is no such anti spam law, which
has led to the further growth of spam. There is an increased need for the countries to come up
with regulatory and legal framework for spam as many countries have already become hotspots
for generating spam.13

Cyber Crime

The increasing online population has proved a happy hunting ground for cyber criminals, with
losses due to cyber crime being in billions of dollars worldwide. While other countries are
reporting enormous losses to cyber crime, as well as threats to enterprises and critical
information infrastructure (CII), there are hardly any such reports coming out of India other
than those relating to cyber espionage. Though the report of the National Crime Records
Bureau (NCRB) for 2010 reported an increase of 50% in cyber crime over the previous year,
the numbers were quite small in absolute terms. The total number of cases registered across
various categories was 698; but these low numbers could be because cyber laws have proved
ineffective in the face of the complex issues thrown up by Internet. As a case in point, though
the cyber crimes unit of the Bengaluru Police receives over 200 complaints every year, statistics
show that only 10% have been solved; a majority of these are yet to be even tried in the courts;
and the cases that did reach the courts are yet to reach a verdict since the perpetrators usually
reside in third countries.14 Even though the Information Technology Act (IT Act) 2000 confers
extraterritorial jurisdiction on Indian courts and empowers them to take cognisance of offences
committed outside India even by foreign nationals provided “that such offence involves a
computer, computer system or computer network located in India”, this has so far existed only
on paper. Similarly, there are relatively few reports of Indian companies suffering cyber
security breaches of the sort reported elsewhere. Companies attribute this to the primacy placed
on information assurance in the outsourcing business. Industry bodies such as the National
Association of Software and Services Companies (NASSCOM) also attribute this to the fact
that they have been at the forefront of spreading information security awareness amongst their
constituents, with initiatives such as the establishment of the Data Security Council of India
(DSCI) and the National Skills Registry. The Indian government has also aided these initiatives
in a variety of ways, including deputing a senior police officer to NASSCOM to work on cyber

13
Prabhat Dalei and Tannya Brahme, “Cyber Crime and Cyber law in India: An Analysis” ‘International journal
of humanities and Applied science’ Vol.2 (4), 2014.
14
Information Security Awareness, “Cyber Laws of India”, Available at: infosecawareness.in/cyber-laws.

10
security issues, keeping the needs of the outsourcing industry in mind. That said, cyberspace is
increasingly being used for various criminal activities and different types of cyber crimes,
causing huge financial losses to both businesses and individuals. Organised crime mafia has
been drawn to cyberspace, and this is being reflected in cyber crimes gradually shifting from
random attacks to direct (targeted) attacks. A cyber underground economy is flourishing, based
on an ecosystem facilitated by exploitation of zero-day vulnerabilities, attack tool kits and
botnets. The vast amounts of money lubricating this ecosystem is leading to increased
sophistication of malicious codes such as worms and Trojans. The creation of sophisticated
information-stealing malware is facilitated by toolkits such as ZueS, which are sold on Internet
for a few thousands of dollars. At the other extreme, components of critical infrastructure such
as Programmable Logic Control (PLC) and Supervisory Control and Data Acquisition
(SCADA) systems were targeted by the Stuxnet malware that attacked supposedly secure
Iranian nuclear facilities. Stuxnet exploited five distinct zero-day vulnerabilities in desktop
systems, apart from vulnerabilities in PLC systems, and exposed the grave threat to critical
infrastructure such as nuclear plants and other critical infrastructure. Cyber criminals are using
innovative social engineering techniques through spam, phishing and social networking sites
to steal sensitive user information to conduct various crimes, ranging from abuse to financial
frauds to cyber espionage. While large enterprises are ploughing more resources into digital
security, it is the small enterprises and individuals that are falling prey to cyber crime, as
evinced by the increasing number of complaints on consumer complaint forums. The low levels
of computer security are also apparent in recurring statistics that show that India is the third-
largest generator of spam worldwide, accounting for 35% of spam zombies and 11% of
phishing hosts in the Asia-Pacific Japan region. Over 6,000,000 computers were part of both
NWs. India ranked first in the Asia Pacific region and contributed 21% to the regional total. A
continuing trend for Internet users in India was that of the threat landscape being heavily
infested with worms and viruses. The percentage of worms and viruses in India was
significantly higher than the Asia-Pacific regional average. According to CERT-In, India sees
an average of 788 bot-infected computers per day. With regard to web-based attacks, India has
seen a significant increase and has ranked seventh, with 3% of the world attacks, and second
in the Asia-Pacific region.15

15
M.M.Chaturvedi, M.P.Gupta and Jaijit Bhattacharya “Cyber Security Infrastructure in India : A Study”pp.1-15

11
Cyber terrorism

Cyberspace has been used as a conduit for planning terrorist attacks, for recruitment of
sympathisers, or as a new arena for attacks in pursuit of the terrorists’ political and social
objectives. Terrorists have been known to have used cyberspace for communication, command
and control, propaganda, recruitment, training, and funding purposes. From that perspective,
the challenge of non-state actors to national security is extremely grave. The shadowy world
of the terrorist takes on even murkier dimensions in cyberspace where anonymity and lack of
attribution are a given. The government has taken a number of measures to counter theuse of
cyberspace for terrorist-related activities, especially in the aftermath of the terrorist attack in
Mumbai in November 2008. Parliament passed amendments to the IT Act, with added
emphasis on cyber terrorism and cyber crime, with a number of amendments to existing
sections and the addition of new sections, taking into account these threats. Further actions
include the passing of rules such as the Information Technology (Guidelines for Cyber Cafe)
Rules, 2011 under the umbrella of the IT Act. In doing so, the government has had to walk a
fine balance between the fundamental rights to privacy under the Indian Constitution and
national security requirements. While cyber hactivism cannot quite be placed in the same class,
many of its characteristics place it squarely in the realm of cyber terrorism both in terms of
methods and end goals.16

Cyber Espionage

Instances of cyber espionage are becoming quite common, with regular reports of thousands of
megabytes of data and intellectual property worth millions being exhilarated from the websites
and NWs of both government and private enterprises. While government websites and NWs in
India have been breached, the private sector claims that it has not been similarly affected. It
may also be that theft of intellectual property from private enterprises is not an issue here
because R&D expenditure in India is only 0.7% of GDP, with government expenditure
accounting for 70% of that figure. Companies are also reluctant to disclose any attacks and
exhilaration of data, both because they could be held liable by their clients and also because
they may suffer a resultant loss of confidence of the public. As far as infiltration of government
NWs and computers is concerned, cyber espionage has all but made the Official Secrets Act,
1923 redundant, with even the computers in the Prime Minister’s Office being accessed,

16
Nations prepare for cyber war, By David Goldman, CNN Money Tech, January 7, 2013.
http://money.cnn.com/2013/01/07/technology/security/cyber-war/index.html

12
according to reports. The multiplicity of malevolent actors, ranging from state-sponsored to
hactivists, makes attribution difficult; governments currently can only establish measures and
protocols to ensure confidentiality, integrity and availability (CIA) of data. Law enforcement
and intelligence agencies have asked their governments for legal and operational backing in
their efforts to secure sensitive networks, and to go on the offensive against cyber spies and
cyber criminals who are often acting in tandem with each other, and probably with state
backing. Offence is not necessarily the best form of defence in the case of cyber security, as
seen in the continued instances of servers of the various government departments being hacked
and documents exhilarated.17

Cyber Warfare

There is no agreed definition of cyber warfare but it has been noticed that states may be
attacking the information systems of other countries for espionage and for disrupting their
critical infrastructure. Mainly, it refers to politically motivated hacking to conduct sabotage
and espionage. It is a form of information warfare sometimes seen as analogous to conventional
warfare although this analogy is controversial for both its accuracy and its political motivation.
The attacks on the websites of Estonia in 2007 and of Georgia in 2008 have been widely
reported. Although there is no clinching evidence of the involvement of a state in these attacks,
it is widely held that in these attacks, non-state actors (e.g. hackers) may have been used by
state actors. Since these cyber attacks, the issue of cyber warfare has assumed urgency in the
global media. The US has moved swiftly and set up a cyber command within the Strategic
Forces Command and revised its military doctrine. In the latest official military doctrine, the
US has declared cyberspace to be the fifth dimension of warfare after land, air, oceans and
space, and reserved the right to take all actions in response, including military strikes, to
respond to cyber attacks against it. It is almost certain that other countries will also respond by
adopting similar military doctrines. The issue whether cyber attacks can be termed as acts of
warfare and whether international law on warfare applies to cyber warfare is being hotly
debated. Multilateral discussions are veering around to debating whether there should be rules
of behaviour for state actors in cyberspace. The issue becomes extremely complicated because
attacks in cyberspace cannot be attributed to an identifiable person and the attacks traverse
several computer systems located in multiple countries. The concept of cyber deterrence is also

17
International Telecommunication Union (2009). Understanding Cybercrime: A Guide for Developing
Countries, ITU Telecommunication Development Sector. https://www.itu.int/ITUD/cyb/cybersecurity/docs/itu-
understanding-cybercrime-guide.pdf

13
being debated but it is not clear whether cyber deterrence can hold in cyberspace, given the
easy involvement of non-state actors and lack of attribution. There is, however, ongoing debate
between those who believe that cyber warfare is over-hyped and those who believe that the
world is heading towards a cyber Armageddon. Both sides have valid arguments, but even as
that debate continues, cyber warfare as a construct has become inevitable because the number
of countries that are setting up cyber commands is steadily growing. These commands have
been accompanied by efforts at developing applicable military doctrines. There is, therefore, a
pressing need to think about norms for cyber warfare, whether the laws of armed conflict
(LOAC) can be adapted to cyber warfare, and how principles like proportionality and neutrality
play out in the cyber domain. Current rules of collective security such as Article 41 of the UN
Charter and Chapter 7 are found wanting in the context of cyber warfare, particularly when it
comes to the rapidity of cyber attacks, and the inordinate time it takes for decision making and
action under these rules.18

POLICY ISSUES

There is a challenge to enforcement of cybercrime laws is jurisdiction. Taking into cognizance

the time tested principles of state independence, sovereignty and territorial integrity, each
nation-state of the world, have the authority to make laws binding on things and all persons
within its geographical entity, called a country.

For the above stated reason of nation-states making laws on the same matter from different
jurisdictions, conflict of laws is unavoidable.

The issue of jurisdiction is so radical that if forms the basis of any adjudication, stated
otherwise, it goes into the roots of any matter before the courts. If a court lacks jurisdiction, it
also lacks necessary competence to try the case. A defect in competence is fatal, for the
proceedings are null and void ab initio, however well conducted and well decided the case may
be.

Given how fundamental the issue of jurisdiction is at law, and bearing in mind its radical nature,
it has been asserted to the effect that, there is no technical word in the whole of conflict of laws
that is more variously used and abused than jurisdiction. It is a word with too many meanings

18
Institute for Security Technology Studies. www.ists.dartmouth.edu/docs/cyberwarfare.pdf

14
and all that can be done about it is to ascertain the sense in which it is being used at any given
time.19

A distinction ought to be made between the use of the term jurisdiction in extra-territorial and
intra-territorial situations. While intra-territorial competence of a court concerns the authority
of a court to hear and determine an issue upon which its decision is sought, the significance of
extra-territorial competence of a court comes into focus when its judgment is sought to be
enforced outside the forum.

At this juncture, it is necessary to earmark that jurisdiction has many facets; however, the
concern of jurisdiction with respect to enforcement of cybercrime laws basically revolves
around two issues, namely, geographical jurisdiction and jurisdiction in personam.
Geographical jurisdiction addresses the fundamental issue as to if a court have the power
beyond the territory where it is situate, while jurisdiction in personam deals with whether a
court is empowered to hear and determine a case of a cybercriminal not within its jurisdiction.20

Given the peculiar nature of cybercrime, it is in a class of its own, it is unique and distinct in
character unlike traditional terrestrial crimes, which are committed in a particular locus and
whereof, the effect(s) are felt by the victim(s); stated in another way, cybercrimes transcends
states and jurisdictions; they are cross border or transitional crimes. Thus, a cybercriminal may
sit in the comfort of his home, office, café or wherever he chooses, with a desktop, laptop,
tablet or phone connected to the Internet and carry out his illegal activities that would be felt
thousands of kilometers away, from where the act(s) took place.

Territorial jurisdiction is fails to provide a satisfactory clarity through its mention in sections
46, 48, 57 and 61 with respect to adjudication process and the procedure in connection with it.
Moreover section 80 gives the power to a police officer to enter a search a public place for
cyber crime since cyber crime is a virtual event such legislation creates a plethora of ambiguity.
In cases of a cyber-attack from one state to another, the legislature holds silence again and thus
there arises a ton of ambiguity of jurisdiction. Moreover the IPC fails to acknowledge even the
basic terms such as Cyber Crime throughout its entirety.21

19
Leflar: Jurisdiction and Conflict of Laws P. 223
20
Bassiouni MC (1999). The Sources and Content of International Criminal Law: A Theoretical Framework, 1
International Criminal Law 3-126.
21
Angshuman Jana and Kunal Kumar Mondal, “A survey of India Cyber Crime and Law and its prevention
approach” ‘International journal of Advance Computer Technology’.

15
As opposed to a physical act of crime that has physical evidences that are comparatively easier
to find and make sense of, such as a murder weapon, fingerprints, etc. a virtual crime has digital
evidence that is harder to locate, extract and understand. Thus a team of experts is required to
access such event. This required body of experts has also not been provided for in the IT act.
According to a report by National Crime Records Bureau 4231 cases of cyber crimes were
registered under IT Act and IPC during 2009-11 and a total of 1184 persons were apprehended
for the same. This clarifies the need of a body of cyber forensics experts.

Alongside cyber forensic experts there is also a need for updating of technical hardware and
software to efficiently tackle the issue of cyber crime. Precisely because of this reason the when
the world wide cyber-attack known as the “wannacry” attack hit India, the national security
was threatened.

The scenario depicted above, showcasing the pervasiveness of cybercrime has been aptly
expressed as “the ubiquity of information in modern communication systems makes it
irrelevant as to where perpetrators and victims of crimes are situated in terms of geography.
There is no need for the perpetrator or the victim of a crime to move or to meet in person.
Unlawful actions such as computer manipulations in one country can have direct, immediate
effects in the computer systems of another country....”.22

To sum up jurisdictional challenge to enforcement of cybercrime laws, it means if the hurdle

of anonymity is scaled and a cybercriminal is clearly identified but he is situate in another
country aside from where the victim is domiciled, the court of the forum cannot effectively try
such a criminal as the court lacks jurisdiction geographically and also in rem; a discerning mind
would immediately jump at extradition of the criminal as a solution, but this process, that is,
extradition is fraught with its own challenges aside from double criminality requirement,
especially where there is not in existence extradition treaty or mutual legal assistance treaty
between the requesting state and the state having custody of the criminal.23

The loose set of laws has let the telecom industries handle user security in a futile manor as
there exists no rigid guidelines in this regard. This has been considered to be the primary reason
for the increasing no of cyber crime attacks including mobile devices. And furthermore, the

22
Unisys Corporation, “Unisys Descriptive Technology & Trends Points of White Paper Series- Cyber Security”
USA, 2011
23
Ibid.

16
policies that were passed, unlike other statutes, just provide guidelines with respect to the
standard operating procedure and do not hold enforceability.

Another issue if simply is that the laws just are not at the same pace at which the cyber crime
is growing. For instance, cloud computing attacks, Denial of Service attacks are unaddressed.
This is troublesome specially with arrival of services like e-locker services via banks, online
police records and confidential documents, online records of personal documents, and personal
data, etc. this data can be and has been inappropriately accessed in the past.

CYBER LAW IN INDIA

The Information Technology Act, 200024

India with its complex regulatory framework needs to define transparent rules for ecommerce
to keep pace with global growth. A number of issues like Taxation, Tariffs, data protection,
authentication, privacy and copy rights need to be reviewed. Countries looking for alternative
sources of revenues are planning to levy tariffs on global e-commerce. The purpose of the Act
is to foster an environment in which laws are simple and transparent and in which the
advantages of new technologies can be tapped.25 The Act proposes facilitation of:

1. Electronic commerce transactions

2. Electronic filing
3. Maintenance of Electronic records, and
4. Electronic Government transactions

The Act provides for a legal framework so that information is not denied legal effect, validity
or enforceability solely on the ground that it is in electronic form. This is done by validating
and authorizing the use of:

1. Electronic data interchange (EDI)

2. Electronic records, and
3. Electronic signatures

24
Information Technology Act, 2000.
25
Prabhat Dalei and Tannya Brahme, “Cyber Crime and Cyber law in India: An Analysis” ‘International journal
of humanities and Applied science’ Vol.2 (4), 2014.

17
The Act adopts a functional equivalent approach where by paper based requirements such as
record, document, signature etc. are replaceable with issues subsidiary to this secure electronic
environment such as privacy, contraventions relating to electronic transactions and information
technology regime. The Act lays down new substantive law but also makes amendments to the
Indian Penal code, the Indian Evidence Act, 1872 the Banker’s Books Evidence Act, 1891 and
the Reserve Bank of India Act, 1934. The IT Act, 2000 deals with the following issues:

1. Secure electronic transactions to enable parties to enter into electronic contracts.

Attribution of electronic messages-once the message leaves the information system of
the originator of the message it’s is attributed to him.
2. Electronic signatures and electronic records given legal status. To maintain security of
information, the Act establishes a Digital signature Infrastructure making specific use
of crypto system technology with new authorities such as the controller of certifying
authorities such as the controller of certifying authorities being set up.
3. Contraventions regarding electronic records viz. backing the fit of electronic records,
manipulation of records, spreading viruses etc. have been defined involved in the
inquiry and determination of the result of the proceeding is an adjudication wide range
powers.
4. Information technology offences viz. tampering with computer source documents,
obscenity. A limited number of offences have been created by the Act. These will be
tried as any other criminal offences are under the Criminal Procedure Code but with
unique provisions for investigation, search etc. provided in the Act.
5. Right of government bodies to decrypt information has been specifically given herein.
6. Privacy and confidentiality of information submitted to statutory authorities
dissemination to third parties of such information collected in pursuance of records as
against the government.
7. Setting up of new authorities/regulatory infrastructure-cyber Regulatory authorities
such as the controller of certifying Authorities and the cyber regulations Appellate
Tribunal (CRAT) have been established. The act seeks to set up a Cyber Regulations
Advisory Committee (CRAC).
8. Liability of Internet Service provides for content on the Internet is limited is so far as
the provider excises all due diligence. This is relevant in connection with copyright
violations/pornography etc. residing on various web pages or moving through the
system of the ISP.

18
There is a need for new out-look towards technology laws and forward looking regulations
adapt towards new developing environment. All laws should be transparent and predictable in
order to foster environment in which all the benefits of e-commerce may be reaped. The Act
relies on the UNICTRAL Model Law Electronic Commerce 1996. The Information
Technology Act, 2000 is an amalgam of various Laws with information technologies.26

26
Supra note 25.

19
CONCLUSION

The cyber law is an emerging area of criminal law as the technology evolves the likes of cyber
crime and cyber terrorism is increasing rapidly the major problem with the cyber law is that it
can be committed easily and there is lack of evidence to punish the culprit so the cyber law
becomes more dangerous as it can covers vast population within the milli-seconds and its not
easy to catch the culprit. Also there is problem related to the territorial Jurisdiction. Neither the
Indian Penal Code nor the IT Act, are clear about the territorial jurisdiction.

For addressing the emerging issue of cyber crime the Indian legal system needs to gain a
significant pace and make amendments in the legislation as well as the executionary bodies.
Although India has otherwise a highly defined legal system this particular area requires more
attention. The current laws even with the support of liberal interpretation can’t cover the ambit
of the current cyber issues. The entire legislative infrastructure requires an update to harmonise
the laws with the cyber issues of this era. Finally, it can be said that not addressing this is not
an option as it has an effect from a common person’s life to National Security of India.

20