This article is written by Rashmi Devendra Brahmadandi, a student of LL. B. III at N. B. Thakur Law College, Nashik, Maharashtra, India
In today’s digital world, dependence on using internet services and mobile devices has flourished in India over a short period. People rely on using different digital devices and internet services for banking, education, and even on using different government services. Although dependence on digital devices has been convenient for users in India, this also contributes to different kinds of cybercrimes. Therefore, different kinds of cybercrimes like online frauds, stealing identities, breaching security systems using digital devices like computers and mobile phones, use of private information to commit crimes, etc., have been on the increase in India.
These cybercrimes not only affect a person in terms of monetary losses, but different cybercrimes may also increase risks to a person’s privacy to a greater level in India. Protecting digital device users has thus become a major issue in present day Indian law. Although different statutes like the Information Technology Act, 2000, protect digital device users in India to a greater level, several issues still prevail in protecting digital device users in India legally.
Legal Framework Governing Cybercrime and Data Protection in India
Information Technology Act of 2000 is an important law pertaining to cybercrime with respect to the protection of digital information in India. It provides authenticity to digital information by punishing any unauthorized access to computer systems. Section 43 deals with practices of obtaining damages for any unauthorized usage or access to computer information that amounts to a cybercrime under Section 66 when dishonestly performed.
To avoid online abuse of identity, different sections of Section 66 cover different cases of online abuse of identity, including the abuse of passwords as well as digital identity abuse under Section 66C of the IT Act, 2000. Online cases of cheating as well as fraud through impersonation, including cases of phishing as well as online transactions, come under Section 66D of the Act.
The Act has also acknowledged the importance of confidentiality and data security. A breach in the issue of privacy against an individual who publicly or openly discloses or divulges information related to data exhibits elements of a crime in virtue of section 72. Companies that did not protect sensitive information regarding data subjects due to negligence have been held guilty in virtue of section 43A.
As far as the Bharatiya Nyaya Sanhita, 2023 is concerned, it is a major step towards effectively dealing with the emerging menace of cybercrime. Even though the BNS has not specifically redrafted a definition of what constitutes a crime of cybercrime, it has certainly reaffirmed that all criminal activities perpetrated through electronic means shall fall within the purview of existing criminal law. By giving equal importance to crimes perpetrated within the virtual world of computer law, the BNS has reaffirmed the importance of the right to privacy. As such, the BNS is a reflection of the modern-day trend in the development of criminal law in India, which has recognized that traditional crimes have not only evolved but developed many arms over a period of time.
Growth of Cybercrime in India
India is a country that has experienced a huge increase in the overall use of the internet through the increasing number of smart devices and the introduction of the digital economy. However, there has also been an alarming increase overall in cybercrimes. People are being targeted through fraudulent offers and hacking of personal information. This situation directly impacts the personal safety of the users of the internet. This is because a majority of the population is unaware that their personal information is being hacked and misused.
Nature of Privacy and Digital Data
The concept of information in the digital age refers to the security of a person’s personal information being shared in the virtual world. The data in the virtual world comprises the Aadhaar number, information related to the bank account, phone number, email, and passwords for accessing the information. After the leakage of the data, if the data is used illicitly, then a grave concern for data security has arisen in the context of India, where the concept of digital knowledge is in the developing stage.
Challenges in Protecting Digital Data
One of the biggest hurdles is the enforcement of cyber laws, which is lax, as generally, cyber criminals either operate as unknown entities, at remote locations, which makes it tough to identify, as there is a severe shortage of cyber police, as well as experts, which causes a delay in investigation, as people are reluctant to come forward due to reasons of fear, etc.
Another issue is that there is little accountability for companies that handle personal information. For instance, data breach occurrences by applications and websites often go unreported and unpunished, leading to continuous infringement of users’ personal details.
Case Laws
Justice K.S. Puttaswamy v. Union of India (2017) 10 SCC 1
This is a landmark case where the SC held that “The right to privacy is a fundamental right” under Article 21 of the Indian Constitution. The ruling, which provided the Constitutional basis for informational privacy, emphasizes the need for a regulatory framework on personal information to pass the test of legitimacy, necessity, and proportionality, all of which are directly pertinent to the cybercrime debate on data protection, unauthorized access, utilization, and disclosure thereof.
Shreya Singhal v. Union of India (2015) 5 SCC 1
In this case, the Supreme Court of India struck down Section 66A of the IT Act 2000 for being unconstitutional as it put forth ambiguous restrictions on online expressions of freedom of speech. Moreover, it has been observed that provisions related to intermediary liability under Section 79 of the act were “read down,” a practice of ensuring that online regulations are aligned with constitutional provisions while ensuring restrictions on cyber law violations pertaining to freedom of speech and data processing.
Kunal Kamra v. Union of India (2024) LawText (BOM) (9) 263
In this case, the Bombay High Court has struck down certain provisions of the 2023 amendments of the IT rules that outline the formation of a government led “fact checking unit,” which was set out under amendments to the IT rules. However, the court has stated that if such sweeping powers of regulation are allowed under the IT rules, it has a chilling effect because it places an undue burden on intermediaries.
Conclusion
The rapid rise in cybercrime has imposed serious challenges related to the protection of personal privacy and digital data in India. Whereas the existing laws form a basic framework, they can hardly keep pace with rapidly changing technology and newer dimensions of cyber threats. Much stronger enforcement is needed, along with updating the law periodically, ensuring better coordination among various authorities involved, and raising public awareness. There is an imperative need for striking a balance between protecting the individual’s rights on one hand, while assuring effective investigation on the other.
Frequently Asked Questions
What is cybercrime in simple words?
Cybercrime means any crime committed by using computers, mobile phones, or the internet. It comprises online fraud, hacking, identity theft, false messages, and abuse of personal information.
Why is there an increase in cybercrime in India?
There is more cybercrime because more people are accessing, making transactions, and using social media. Most persons accessing these facilities are not fully educated about cybersecurity, thus vulnerable.
What impact does cybercrime have on personal data?
Cybercrime might result in the misuse of personal information, including Aadhaar, Enterprise panels, bank information, photos, and passwords. This might result in a loss for the individual and harm to their reputation.
What are the most important legal challenges in protecting digital data?
Major challenges are a lack of awareness, fast-changing technology, the difficulty in tracing the cybercriminal, and problems brought about by delays in investigations.
What measures can one take to safeguard from cybercrime?
Making passwords strong, not sharing personal information on the net, using caution with unknown links and messages, and updating devices regularly. Also, reporting cybercrime to authorities at the earliest also helps.
References
[1] The Information Technology Act, 2000 –https://www.indiacode.nic.in/handle/123456789/1999
[2] The Bharatiya Nyaya Sanhita, 2023 – https://www.indiacode.nic.in/handle/123456789/20062
[3]https://uja.in/blog/legal-chronicle/rise-of-cyber-crime-and-legal-mechanisms-in-india/
[4]https://www.multiarticlesjournal.com/uploads/articles/IJCRM20254143.pdf
[5] Justice K.S. Puttaswamy v. Union of India (2017) 10 SCC 1 – https://indiankanoon.org/doc/91938676/
https://privacylibrary.ccgnlud.org/case/justice-ks-puttaswamy-ors-vs-union-of-india-ors
[6] Shreya Singhal v. Union of India (2015) 5 SCC 1 – https://indiankanoon.org/doc/110813550/
[7] Kunal Kamra v. Union of India (2024) LawText (BOM) (9) 263 – https://www.casemine.com/judgement/in/65baa08cd57f9b298fdc9ed1
