An Analysis of Cybercrime & Relevant Laws in India

Author- Tanvi Chopra


The term cybercrime is not defined in any statute but in general terms, it means any criminal activity which involves a computer and a network. The involved computer can cause the criminal activity or it can be targeted as a result of any criminal activity. This is a very risky concept and also involves privacy issues around it as many people, especially businesses or organisations tend to save confidential information on their systems which can cause them huge losses if the information is leaked out or hacked from an outside source.

This is an expanding genus of crime that needs to be strictly controlled, especially in the current times where most of the things are going digital and a computer has become essential for all organisations/ enterprises. Internet access is being used in all spheres of life; therefore, a large number of people are being victimized by crimes while using the internet. To help in controlling and making remedies available for the victims of cybercrime, the Information Technology Act, 2000 has been enacted. The punishments for some of the cybercrimes are also dealt with by the Indian Penal Code, 1960.

Cybercrimes in India

There are various types of cybercrimes that are recognized in our country under the Indian Penal Code and the Information Technology Act.  Chapter XI of the IT Act, 2000 discusses the offences relating to information technology and cyberspace. There exist some offences which are parallel and have the same ingredients both in the IT Act and the IPC.
These Types of crimes are dealt with below:

  • Hacking and Data Theft— The offence of hacking is dealt by sections 43 and 66 of the Information Technology Act, 2000. This section is a very wide section in terms of the number of activities it classifies as offences for the purposes of computer crimes. It includes securing access to a computer system, downloading data or making copies of data in a computer system, stealing, concealing data from a computer system, destroying or altering the data contained in a computer system without permission is a punishable offence as per the provisions of the said act. the punishment for the same is given in section 66, which may extend to three years of imprisonment or a fine of maximum rupees 5 lakh, or both.

Data theft can fall under section 378 of the Indian Penal Code which itself deals with the offence of theft of movable property out of the possession of a person without their consent. As per the definition of movable property under section 22 of IPC, it includes corporeal properties also within its meaning. Corporeal property is something that has the right of ownership of material objects. So, if the data which is intangible is stolen, then it does not fall under section 378 but if the data stored in a floppy disk, CD, or DVD is stolen, then it can fall under the ambit of theft as per IPC provisions as it then becomes a movable property.

The apex court in the case of Avtar Singh v. State of Punjab held that electricity is not a movable property and cannot be included under theft as per IPC. Section 39 of the Electricity Act extended and added a provision that now includes electricity as a movable property under S. 378. An imperative opinion is given that following the same approach, a provision should also be introduced by the IT Act to incorporate data theft specifically under S378.

Section 424 of IPC which deals with dishonest or fraudulent removal or concealment of the property also includes data theft. Concealing or removing data from any person’s system or device clearly falls within the meaning of this section and is punishable with imprisonment which may extend up to two years or a fine, or both.

Similarly, section 425 of the Indian peal Code which deals with intentionally causing damage or loss to the property of any person, is said to omit the offence of mischief, also includes the offence of data theft. Deleting files or duplicating files can cause severe damage to any person, making the accused liable under this provision.

In the case of Gagan Harsh Sharma v. State of Maharashtra, certain people were accused of data theft and software and were charged under sections 408, 420 of IPC and sections 43,65, and 66 of the IT Act.

  • Identity Theft and Cheating by personationSection 66C of the IT Act provides for the punishment of identity theft, which extends up to three years of punishment, and liability to pay a fine which may extend up to one lakh rupees. Identity theft includes copying someone’s digital signature, dishonestly using someone’s password, or using any of the person’s unique features stored in the computer system. Somebody doing any such action might not understand the severe consequences that are followed as a simple task of forging someone’s signature can lead to huge losses and damages to the person who has been the victim in this situation. Section 66D of the same act provides punishment for the offence of cheating by personation. Cheating by personation in general terms means cheating somebody by acting like some other identity instead of your identity. The punishment for this offence is the same as that of identity theft. 

Under the Indian Penal Code, section 419 deals with cheating by personation, and the provision completely overlaps with that of the It Act. the only difference between both the provisions is that in IPC there is no maximum limit to the fine that the accused is liable to pay unlike the one lakh rupees upper limit prescribed in the IT Act. The light should also be shown on section 420 of the IPC which generally deals with the offence of cheating and in many real-life cases, a criminal complaint is filed under this section by the victims for identity theft.

The Indian Penal Code also has certain provisions and punishments prescribed for the forgery of documents. These provisions are sections 463, 465, and 468. Identity theft as an offence is also related and regarded to these afore-mentioned sections. In the Sony Sambandh Case, the complaint was filed under sections 418, 419, and 420 of IPC because a person gained access to a credit card number and misused it.

ObscenitySection 67, 67A, and 67B of the Information Technology Act vividly deals with the punishment of publishing or transmitting

i) Obscene material in electronic form,

ii) Material containing sexually explicit act in electronic form and

iii) Material depicting children engaged in sexually explicit content.

The punishment for Section 67 is imprisonment extending up to 3 years and a fine of rupees five lakh in the first conviction and in the case of a subsequent conviction, the punishment is increased to a maximum of five years of imprisonment along with a fine of rupees ten lakh. The punishments for sections 67A and 67B are comparatively stricter than that of Sec. 67.

The punishment prescribed for offences under sections 67A and 67B of the IT Act is on the first conviction, imprisonment of either description for a term which may extend to five years, to be accompanied by a fine which may extend to Rs. 10,00,000 and in the event of second or subsequent conviction, imprisonment of either description for a term which may extend to seven years and also with fine which may extend to Rs. 10,00,000.

IPC provisions under sections 292 and 294 also provide for a similar offence. Under section 292, anybody who is involved in selling, purchasing, importing, advertising, etc of obscene material shall be punished for a term which may extend up to 5 years and a fine of a maximum of 5000 rupees. Section 294 punishes a person who performs an obscene act in public to cause annoyance to other and the punishment for the same is up to three years of imprisonment, or fine, or both.

In the landmark judgment of State of Tamil Nadu v. Suhas Katti, a man was charged under section 67 of the IT Act because he was posting obscene and defamatory messages about a woman. This was the first case where an accused was charged under sec 67 in India.

There are some other cybercrimes that are penalised in the IT act but are not mentioned in the IPC. Some of these are:

  • Violation of Privacy— The IT Act also punishes people for violation of privacy as there is a lot of confidential content stored on organisations or private computers that people do not tend t share with others. If someone violates such privacy, then that person is punishable under section 66E of the IT act. The section prescribes the punishment as imprisonment which may extend to three years, or fine extending up to rupees two lakh, or both.
  • Cyber Terrorism — Cyber terrorism includes intentionally threatening the unity and integrity of India by either denying access to some information, attempting to penetrate into an authorised computer system or introducing any sort of contaminant or virus in the respective computer system. It also including obtaining access to any such information which after coming out might be a threat to the security of the country. any person who is involved in any such act shall be punished as per the provisions of section 66F of the IT act and shall be imprisoned to an extent of life imprisonment. This is the harshest form of punishment prescribed in the Information Technology Act, 2000.


To conclude this analysis, it is right to say that cybercrime is a sphere of crime that needs to be given a lot of attention. It creates a perilous situation for all the people using a computer system to have all their essential data stored in their device. As much as it is safe that all the data is stored in one place and can be accessed at any point in time, it is equally challenging and risky because if anytime any of the above-mentioned offences take place with your system, you can suffer huge losses, not just financially but also emotionally.

In the author’s opinion, one of the greatest challenges which people have to deal with cyber cases is regarding the jurisdiction. The accused can be living in one country hacking the system in another country, making it very difficult to decide the jurisdiction under which the case can be tried. So, this aspect of cyberspace should be well taken care of as almost everything is now converted to digital means.

Author Tanvi Chopra is a second-year law student from Bennett University, Greater Noida. She believes that such socio-legal issues should be handled with utmost care and caution as they are very delicate matters.

Leave a Reply