The Bane of Digitalization

Digitalization - partly a blessing, partly a curse. Digitalization in India has certainly helped a person residing in a remote area gain knowledge about subject matters across the world. It has brought people together, not only socially but professionally as well. However, sometimes every boon has its bane and for digitalization, it has been the rapid increase in cyber-crimes across the country. An unsuspecting victim's personal information has become so easily accessible that it leads to cyber perpetrators invading their privacy.

Some common cybercrimes in this day and age are:-

  • Phishing: When an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message thereby accessing their sensitive information.
  • Identity theft: The crime of obtaining personal or financial information of another person to use their identity to commit fraud.
  • Hacking: Exploiting weaknesses in computer systems thereby misusing websites or computer networks.
  • Spreading hate and inciting terrorism
  • Distributing child pornography
  • Child grooming: Befriending and forming an emotional bond with a child by a person with the objective of sexual abuse.
  • Debit/credit card hoax calls mostly targeting senior citizens
  • Fake e-commerce websites
  • Cyber stalking & cyber bullying

Just as every house has an address, every digital device connected to the Internet has an address. This is referred to as an Internet Protocol (IP) address. A Port is the address of the service within the System. So IP address + Port defines address of the particular service on the particular system. Ports are channels through which that computer can transmit and receive information. Specific ports are often but not always associated with certain functions - Port A is used for passing information to and from the World Wide Web, Port B is used for email, and so on. The system administrator can open or shut down ports depending on the needs of the system's user - but often ports that are left open unnecessarily are used by perpetrators to gain access to the system. Due to the anonymous nature of cyberspace it becomes difficult to track down the perpetrator as they usually create a protection layer to their IP address to commit crimes against unsuspecting victims.

The pandemic of COVID-19 and the consequent lockdown, has led to more people being confined at home with many more hours to spend online each day and increasingly relying on the Internet to access services, they normally obtain offline, e.g. ordering groceries. The daily wagers who also use Google Pay and Paytm for convenience, end up as easy targets for cybercrime perpetrators.

National Crime Record Bureau Statistics
India recorded 21,796 cybercrimes in the year 2017, an increase of 77% from the year 2016. Countrywide, 1.7 cybercrimes were committed per one lakh population in 2017. Over half the crimes were committed to gain money by fraudulent means. New heads such as cyber blackmailing, cyber stalking, and dissemination of fake news were introduced in the 2017 NCRB report. During the ongoing pandemic, a total of over 3.17 lakh cybercrimes and 5,771 FIRs were registered online through the centralised portal in the last 18 months - a sizeable number of them in Maharashtra and Karnataka.

Laws relating to cybercrime in India
Innovations open areas for new found ways to commit a crime. Any electronic device can be a weapon and target and the punishment for cybercrimes are covered under the Information Technology Act, 2000 ("IT Act"). The term 'cybercrimes' is not defined in any statue. The term 'cyber' is used as a slang, synonymous with computers or computer networks. Needless to say that the phrase 'cybercrimes' means crimes in relation to computers, computer networks and cyberspace.

Cybercrimes are committed in 3 different ways:-

  1. Against the person: cyber stalking, indecent exposure, dissemination of post, child pornography, fake emails, fake lottery calls, phishing, etc.
  2. Against the property: Hacking into a personal computer or electronic devices, stealing or destroying data and misuse of it, etc.
  3. Against the Government: Cyber terrorism, stealing confidential data from Government websites, hacking the websites maintained by the Government or military forces.
Extra-territorial jurisdiction
Section 75 of the IT Act states that if an offence is committed involving a computer, computer system or computer network located in India, by a person residing outside the territory of India, irrespective of his or her nationality, the provisions under the IT Act will apply.

Compounding Offences
Section 77A of IT Act provides that offences that are punishable with imprisonment for a term not exceeding three years can be compounded.

Cognizable and Bailable offences
Section 77B of the IT Act provides that the offences punishable with imprisonment of three years and above shall be cognizable and the offences punishable with imprisonment of three years shall be bailable.

Most of the offences covered under the IT Act are punishable with imprisonment of three years or less. The offences that are punishable with imprisonment of more than three years which are non-bailable offences are:

  1. Section 66F - Cyber terrorism.
  2. Section 67 - A subsequent conviction for publishing or transmitting obscene material in electronic form.
  3. Section 67A - Publishing or transmitting of material containing sexually explicit act, etc., in electronic form.
  4. Section 67B - Publishing or transmitting of material depicting children in sexually explicit act, etc., in electronic form.
  5. Section 69 - If a Subscriber or Intermediary or any person in-charge of the computer resource, when called upon by any agency to extend all facilities and technical assistance to retrieve information, fails to do so.
  6. Section 69A - If an Intermediary fails to comply with the direction to block for access by the public or cause to be blocked for access by the public any information generated, transmitted, received, stored or hosted in any computer resource.
  7. Section 70 - Any person who secures access or attempts to secure access to a computer resource that has been notified as a protected system by the Government.

Indian Penal Code, 1860 & Information Technology Act, 2000
Most offences under the IT Act have similar ingredients as offences under the Indian Penal Code. Thus, there have been many situations where a number of offences, having the same ingredients, penalised under both the Indian Penal Code and the IT Act, have been invoked. The overlap between the provisions of the Indian Penal Code and the IT Act further led to an unusual situation wherein certain offences were bailable under the Indian Penal Code and not under the IT Act and vice versa and certain offences were compoundable under the Indian Penal Code and not under the IT Act and vice versa.

The Apex Court in, Sharat Babu Digumarti v. Government of NCT of Delhi, dealt with an issue wherein the accused was charged under Sections 292 and 294 of the Indian Penal Code, 1860 and Section 67 of the Information Technology Act, 2000 for selling obscene videos online as e-books through the website "Baazee.com". Subsequently, charges under Section 67 of the IT Act and Section 294 of the Indian Penal Code against the accused were dropped, but the charges under Section 292 of the Indian Penal Code were retained by the Delhi High Court.

The Apex Court observed that after the charges under Section 67 of the IT Act was dropped, a charge under Section 292 of the Indian Penal Code could be sustained, however it quashed the proceedings against the accused and ruled that if an offence under Section 67 of the IT Act was not made out, the case could not proceed under Section 292 of the Indian Penal Code having the same ingredients. The Apex Court further held that since the matter involved an electronic record, the IT Act alone would apply as that was the legislative intent.

It was held that when the actions of an accused fall within the scope of offences punishable under both the IT Act and the Indian Penal Code, having the same ingredients, a charge under the former makes a charge under the latter impermissible. It is the settled principle of interpretation that special laws would prevail over general laws and latter laws would prevail over prior legislation. Further, Section 81 of the IT Act, which states that the provisions of the Act shall have effect notwithstanding anything inconsistent therewith contained in any other law for the time being in force, is a clear indication that the legislature intends to make the IT Act a self-contained code on electronic offences, and reduce its reliance on the provisions of the Indian Penal Code.

Conclusion
Unfortunately, cybercrimes remain unreported because some are not aware of how to proceed and others are not inclined to step into a police station. However, the Government of India has taken an initiative to facilitate victims/complainants to report cybercrime complaints online with a special focus on cybercrimes against women and children. The portal can be accessed at https://cybercrime.gov.in.

The Government has further taken steps to spread awareness about cybercrimes by issuing alerts/advisories, capacity building/training of law enforcement personnel/ prosecutors/ judicial officers, improving cyber forensics facilities etc. to prevent such crimes and to speed up investigation.

By - Lakshmi Raman & Shweta Varma

Top