EFFICACY OF CYBER LAW IN INDIA

AUTHOR: KHUSHBOO MANMANI, ICFAI UNIVERSITY, DEHRADUN.

Indian cyber laws are designed to combat cybercrimes in the country. However the question remains- are these laws efficient in today's rapidly evolving digital landscape? In this article I will discuss the existing cyber laws in India, the prevalent cyber threats, and evaluate the efficacy of these laws. I will also examine the challenges and problems associated with the current framework and explore potential areas for further amendment to enhance the effectiveness of Indian cyber laws. 

Keywords: Cybersecurity, Law, Data Protection, Privacy Rights, Regulatory Frameworks, Emerging Technologies

The rapid digital transformation in India increases the possibility of cyber threats recently after the Pahalgam terror attack Indian cyber agencies have identified seven advanced persistent threat (APT) groups responsible for launching over 15 lakh cyberattacks from this we can understand the importance of cyber laws and cyber agencies lets firstly discuss what are cyberlaws and the numbers of cyber law governing in India 

Cyber law is also referred to as the law of the internet; it is the legal framework governing digital activities and protecting against online crimes.

Some of the examples of cybercrimes are:

Hacking – basically means unauthorized use, access or destruction of computer systems

Phishing – it means when someone tries to trick somebody and gets their personal information like account number, ATM pin number etc..

Cyberbullying- when someone through online platforms like Instagram, Facebook or any other messaging app tries to threaten the others.

Ransomware – it infects a device through a malicious Email or any kind of message or download so that the victim device gets locked and inaccessibility of the files and documents.

• Cyber laws play a crucial role in maintaining the right to privacy online.

• It helps in protecting the country’s critical infrastructure including banking system, defense networks and government important data from cyberattacks

• Almost all companies extensively depend upon their computer networks and keep their valuable data online

• It also protects intellectual property like preventing cyber piracy and copyright infringement or protects the original idea of invention of the patentee.

• Combats cyber terrorism   etc…

The following act, rules and regulations are covered under cyber laws-

1. Information Technology Act 2000

2. Information Technology (certifying authority rules,2000)

3. Information Technology (security procedure) rules 2004

4. Information Technology (certifying authority) regulations, 2001

1. Digital personal data protection act (DPDPA) 2023

It made strict rules for explicit consent before processing any personal data and must obtain consent  and parental consent required for children and also a Data protection board is created to solve grievances.

2. Bharatiya Nyaya Sanhita

On 1^st July 2024 enforcement of new criminal laws came with a lot of changes and also in the technology field also Sec 294 of BNS addresses the publication transmission of obscene material including electronically other sections like- 77,303,78,317.318 etc..

3. CERT- in Direction 2022

Mandatory incident reporting, stricter VPN, and cloud data logging requirements.

4. Proposals to set up special cyber bench in high courts for faster adjudication mechanism

• section 10A has been inserted to the effect that contracts concluded electronically shall not be deemed to be unenforceable solely on the ground that electronic form or means was used.

• Digital Signatures provide a viable solution for creating legally enforceable electronic records, closing the gap in going fully paperless by completely eliminating the need to print documents for signing. Digital signature means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3.

• Section 43A deals to protect sensitive information possessed by a corporate body or handled by such corporate body in computer resources which such body owns.

• In view of the increasing threat of terrorism in the country, section 69 gives power to the state to issue directions for interception or monitoring of decryption of any information through any computer resource.

• Sections 66A to 66F prescribes punishment for offences such as identity theft , cheating by impersonation using computer resources etc..

• Ritu Kohli case

One Mrs. Ritu Kohli complained to the police against the person who was using her identity to chat over the Internet at the website www.mirc.com, mostly in the Delhi channel for four consecutive days. Mrs. Kohli further complained that the person was chatting on the Net, using her name and giving her address and was talking obscene language. The same person was also deliberately giving her telephone number to other chatters encouraging them to call Ritu Kohli at odd hours. Consequently Mrs Kohli received almost 40 calls in three days mostly at odd hours from as far away as Kuwait, Cochin, Bombay and Ahmedabad. The said calls created havoc in the personal life and mental peace of Ritu Kohli who decided to report the matter. The IP addresses were traced and the police investigated the entire matter and ultimately arrested Manish Kathuria on the said complaint. Manish apparently pleaded guilty and was arrested. A case was registered under section 509, of the Indian Penal Code (IPC).

• State of Tamil Nadu vs Dr. L Prakash 

The fast track court convicted Dr.L Prakash for the production, dissemination, and publication of pornographic content online.

• Nasscom vs Ajay Sood & ors. 

In this case the court define the term phishing as fraudulent practice of misrepresenting a legitimate entity online to extract sensitive personal information 

Some of the problems still need to resolve are:

LACK OF AWARENESS – in India if someone states blackmailing others on the internet people still don’t know how to file cyber crimes so there should be a method from which people actually get to know about technology laws, their rights and remedies.

JURISDICTIONAL ISSUES – cyber law as we look earlier are known as internet law and cyber crime known as online crime so it might happen the offender might not present in the territory of offence and victim so in which court of jurisdiction the case gets filed.

INADEQUATE PROVISIONS FOR EMERGING THREATS – although IT amendments try to combat all types of cyber crime still the present provisions are inadequate for the upcoming new technology and AI.

RISE IN CYBER CRIME – According to the  FBI's internet crime report for 2024, there were 859532 complaints filed, a 33% increase compared to 2023.

India’s cyber laws have made significant strides in addressing the complexities of the digital world while the existing framework, including the Information Technology Act, 2000, and its amendments, provides a solid foundation for regulating cybercrimes and promoting digital governance, there is still room for improvement.

1. 15L Cyber Attacks on Key Locations by Pakistan Hackers, The New Indian Express (May 14, 2025), https://www.newindianexpress.com/nation/2025/May/14/15l-cyber-attacks-on-key-locations-by-pakistan-hackers (last visited June 6, 2025).

2. Neelesh Singh, Cyber Law and Its Importance, SUCCESS MANTRA, https://www.successmantra.in/blog/cyber-law-and-its-importane (last visited June 6, 2025).

3. Cyber Law, AXIOM, https://www.axiomlaw.com/guides/cyber-law (last visited June 6, 2025).

4. Cyber Laws, Indian Institute of Banking & Finance, https://www.iibf.org.in/documents/cyber-laws-chapter-in-legal-aspects-book.pdf (last visited June 6, 2025).

5. Cyber Law in India, Bajaj Finserv, https://www.bajajfinserv.in/cyber-law-in-india (last visited June 6, 2025).

6. State of Tamil Nadu v. Dr. L. Prakash, W.P. No. 7313 of 2002 (Madras HC).

7. Manish Kathuria v. Ritu Kohli, C.C. No. 14616/2014 (India).

8. NASSCOM v. Ajay Sood & Ors., 119 (2005) DLT 596 (Del. HC).