Abstract: The surge in cybercrimes presents serious risks to national
security as the globe grows more interconnected. The usefulness of cyber laws in
reducing cybercrimes and defending national interests is examined in this
abstract. A thorough legal framework that covers a wide range of cyber offenses
is considered necessary.
Strong enforcement powers are essential for these laws
to be successful, and this means that law enforcement organizations must be
well-equipped with the knowledge and skills necessary to look into and punish cybercriminals.
The significance of cross-border cooperation is highlighted by the global nature
of cyber threats. Good cyber laws should support international response to
cybercrimes that affect national security by facilitating information exchange,
extradition, and cooperative investigations. One important element that promotes
a synergistic approach to cybersecurity that encompasses both public and private
institutions is government-corporate partnership.
Cyber laws contain proactive measures, such as rules that support cybersecurity
standards and work to stop cybercrimes before they start. Programs for public
awareness and education strengthen the effects of legislation by enabling people
and organizations to defend themselves. Cyber laws must be flexible enough to
accommodate new technology, and they must be updated often to keep up with
Cyber laws that include deterrents, such harsh fines for violators, work to
discourage potential hackers and improve national security. In order to
guarantee a coordinated and effective reaction in the wake of a cyberattack, it
is essential that incident response and recovery protocols are clearly defined
in the legal framework. It emphasises finding a balance between personal privacy
and cybersecurity, realising the necessity of laws protecting individuals'
This abstract comes to the conclusion that a diverse strategy is necessary to
ensure that cyber laws are effective in reducing cybercrimes, especially when it
comes to national security. Consistent evaluations, global coordination, and
government-private sector engagement are critical to the continuous endeavour to
establish and uphold cyber laws that effectively tackle the dynamic terrain of
It's difficult to define what constitutes appropriate conduct in
cyberspace. Data privacy concerns and identity security against online
impersonation have become major concerns due to the increase in cybercrimes. In
actuality, deceit and disguise are becoming more difficult to detect with the
introduction of new technologies, and money resources are constantly available.
Consequently, it is important to examine what kinds of information belong on the
network as property.
In a nutshell, cybercrime is any criminal activity involving computers and the
internet that is done in order to promote contact or communication. Indeed,
crime never goes out of style; it only gets a new interface thanks to the
intervening internet. While technology is being used to conduct classic crimes,
it is also being used to assist new kinds of crimes. Phishing scams,
cyberterrorism, and malicious viruses are a few examples of contributing factors
that might lead to serious crimes.
Cyber crimes have arisen as a result of the modern era's increasing reliance on
computers and their networks. Cybercrimes come in many forms, with communication
technology being one of the main culprits. Contrarily, cybersecurity is the
defence against online dangers. Data stored in hardware and software may be
safeguarded against virus attacks and unauthorized access in a number of ways.
The post will address this in more detail.
The authorities are now beginning to pay attention to the primary concerns
around cybersecurity and unauthorized monitoring, which were previously ignored
and unprioritized. More news reports than ever before have demonstrated how
urgently our nation must provide justice to those who have been the victims of
The background to cybercrimes: Unquestionably, the introduction of the internet
has had a significant impact on our lives. The Internet has developed into a
useful tool for communication that allows information to be exchanged more
quickly. Cyber crimes have a colorful past, much like any other type of criminal
Early 1980s until 1870s: Many have said that it is impossible to pinpoint the
precise first instance of cybercrime if a wide approach is adopted while tracing
its origins. Indeed, the concepts of mechanical cryptography and information
collection date back around 5,000 years, according to Frederick B. Cohen in his
1992 book Protection and Security of the Information Superhighway. In the past,
computer crimes primarily included physically damaging computer systems or
subverting long-distance telephone networks. The 1970s and 1980s saw a surge in
the use of computers.
In the 1870s, telephones were exploited for deception through telephone
phreaking, which is the unlawful hacking of long-distance telephone networks to
make free calls. This is when the first cases of superficial hacking were
recorded. Since the internet was created in the US, the country saw the first
computer-facilitated crime occur there in 1969. It should be mentioned that
Hesse, a German state, passed the first computer-specific law in history.
purpose of the Data Protection Act of 1970 was to establish regulations for
cyber technology. By the end of the 1970s, cyber pornography had also developed.
Not only does India have legal challenges related to cybercrime, but many other
countries across the world do as well.
The Inter Networking Working Group was
established in 1972 with the goal of establishing Internet standards. The first
computer "virus" was invented and tested at a weekly seminar led by author Len Adleman in 1983. The United Kingdom passed a few laws in 1984 that addressed
cybersecurity and cybercrimes.
Late 1980s and early 1990s: One of the earliest examples of cybertheft occurred
when hackers gained access to private data held by NASA and the US Air Force.
The accused in the well-known case of R v. Thompson [(1984) 79 Cr App R 191] was
a computer programmer who worked for a Kuwaiti bank.
First, he used a software
to swindle the bank. Money from the previously opened accounts was consequently
automatically transferred to the newly opened accounts. The computer programmer
left Kuwait after the move to avoid being noticed and to lower his chances of
He escaped to England. The last part of his strategy was to
create many accounts at English banks. Next, he asked for the funds to be moved
from bank accounts in Kuwait to bank accounts in England. In the end, the court
held him accountable and found him guilty of deceit and computer fraud.
Regarding R. In the case of Gold ( 2 WLR 984), there were two purported
hackers. As journalists, they gained access to British Telecom Prestel Gold's
computer network and altered data without the required authorization.
The United States of America v. Jake Baker and Arthur Gonda [(1995) 890 F.Supp,
1375 (E.D. Mich)] is another noteworthy case in which the defendants were found
guilty of counts of abduction and threatening through the use of disagreeable
materials. This became a landmark case since electronic messaging made the
entire episode possible.
In 1999, India saw cybercrime for the first time in the Yahoo, Inc. v. Akash
[(1999) 19 PTC 229 (Delhi)]. Yahoo essentially filed a lawsuit to get
a permanent injunction to prevent the defendants, as well as any of their
partners, employees, or contractors, from using the domain name "Yahooindia.com"
for commercial purposes. The Court ruled that other firms are not permitted to
utilise the Yahoo! Trademark because it deceives customers.
The Previous Ten Years�since 2000: The Indian Parliament eventually enacted a
bill in 2000 to address cybercrimes. The Information Technology Act (ITA), 2000
was passed with the express purpose of giving online business operations an
appropriate legal foundation.
Regarding Rediff Communications Ltd. The Indian judiciary duly noted the
quantity of instances pertaining to trademark infringement in V. Cyberbooth (AIR
2000 Bom 27) and upheld the Yahoo! Judgement. Before resolving cybercrimes, a
number of difficulties need to be resolved. However, data breaches became more
common between 2004 and 2005, which had a detrimental effect on businesses.
Cybercriminals began stealing data and obtaining unauthorized access to client
information, which resulted in massive losses for organizations. Some began
practising it professionally and promoting it at the same time. As a result, the
majority of cybercrimes at this time were carried out with the intention of
obtaining money and developing professional skills.
International credit card fraud, sometimes referred to as "carding," became the
standard practise for hackers after 2004. Actually, one of the most fruitful
investigations ever carried out was the US Secret Service's Operation Firewall.
A significant cyberattack known as "Operation Aurora" occurred in 2010. The
dominant search engine Google was under assault, as were well-known companies
like Yahoo, Adobe Systems, and Symantec. This article's last section will cover
the most recent cyberattack incidents.
Indian laws pertaining to cyberspace Comprehending the historical context in
which the India government was convinced to implement the Information Technology
Act, 2000 was crucial.
The Act's preamble lists the primary goals of the legislation. They are as
The following areas are fundamentally highlighted by the IT Act:
- To provide electronic commerce transactions conducted through electronic data exchange the appropriate legal recognition. In these transactions, the paper-based document storage system is substituted with electronic storage facilities.
- To make it easier for people to electronically file papers in court as well as with government organizations.
- To modify some particular laws in India as well as the country's current criminal code. The Reserve Bank of India Act of 1934, the Indian Evidence Act of 1872, the Bankers' Books Evidence Act of 1891, and the Indian Penal Code were among the laws altered by the IT Act of 2000.
- Electronic Documents' Legal Recognition
- Cybercrime Justice Dispensation Systems
- Acknowledgment of Digital Signatures by the Law
- Violations & Offences
It is noteworthy to note that the Information Technology Act of 2000 does not
include a specific definition for the aggregate term "Cyber Crime." This aspect
was overlooked even following the revisions. Given that it addresses offences
using computers, Section 66 of this Act is among its most significant sections.
Section 66 outlines the offence of hacking. Section 43 addresses another issue,
which is data theft. According to this clause, stealing data is illegal if it is
done dishonestly or fraudulently. Offenders risk up to three years in jail, a
fine of five lakh rupees, or even both.
Infractions under ITA, 2000, Section 66
- In 2015, Section 66A was declared unlawful; this will be touched with in more detail later on in relation to the Shreya Singhal case.
- Section 66B addresses charges using dishonestly obtained stolen computer resources or communication equipment. A fine of one lakh rupees or a term of imprisonment of up to three years is imposed for such an infraction.
- Section 66C: This section addressed identity theft. Digital signatures can be used to steal someone's identity. The use of another person's password falls under the identity theft category. This clause also imposes a fine of one lakh rupees or a maximum sentence of three years in jail, or both.
- Section 66D addresses impersonation, which is considered a kind of cheating. The illegal and dishonest use of electronic communication devices or any other computer resource for the purpose of personation fraud carries a maximum sentence of three years in jail or a fine of one lakh rupees.
- Violation of Section 66E: publishing or distributing someone else's private information without that person's permission, etc. Three years in jail, a fine of two lakh rupees, or both are the possible penalties.
- Cyberterrorism is one of the biggest threats to national security, and Section 66F addresses it. Cyberattacks are a constant danger to the Indian armed forces and other central government agencies. Phrases like "Intent to threaten" are used in this section to highlight the consequences of criminal intention. This provision also states that the nation's sovereignty, unity, integrity, and security are of utmost significance, and that any unauthorised access to them must be forbidden.
Since this type of access is illegal, this clause really allows for a lot of
interpretation. Under provision 66F, it is also considered a crime to refuse any
authorised person their legitimate access to a computer resource. Trojan horses
and other computer viruses are included in the scope of this provision. Life in
jail is the penalty for the crime of cyberterrorism.
It should be mentioned that all violations under Section 66 are crimes that can
be prosecuted and do not need bail. As previously mentioned, provision 66F
addresses purpose or full knowledge of causing unjust damage to others. Mens
Rea, or the criminal intention to cause data destruction, deletion, decreasing,
or altering in value, makes this provision one of the most significant under
Section 66. This portion of the article can be summarised by saying that it
discusses civil responsibilities as well as alleged damages, compensation, and
awards under portion 43.
ITA, 2000, Sections 67 and 67A: Publication or electronic transmission of
pornographic photos or content is prohibited by Section 67. The Information
Technology (Amendment) Act of 2008 amended Section 67, expanding its reach.
Child pornography was outlawed in this area, and intermediaries' record-keeping
practises were also included.
The publication or transmission of any electronic
form of sexually explicit content is prohibited by Section 67A. Regarding the
penalties under this clause, there is a specific meaning. Only the penalties
outlined in this section will apply when the provisions of Sections 67 and 67A
are combined. Section 67B deals entirely with child pornography.
Laws modified by the ITA in 2000: Several laws have been modified under the IT
Act. Regarding the IPC, the ITA 2000 made various sectional amendments to
maintain its own significance without interfering with provisions from other
laws. A number of sections were changed, including 463, 464, 471, 476, and 192.
The majority of these parts address IPC records and papers. and the IT Act just
added the word "electronic" to papers in order to make them legally admissible.
As a result, electronic papers and records were on level with hard copy records.
In this manner, a fake document or entry made electronically will be tried in
court in the same manner as a document or entry made physically.
Another piece of legislation that the ITA altered was the Indian Evidence Act of
1872. Prior to the year 2000, all court evidence could only be presented
physically. But since the ITA was passed, 2000 electronic records and documents
have been given the attention they deserve. Prior to 2000, these records and
papers were difficult to deal with since there were no laws in place. It was a
widespread inference that the IT Act's significance was highlighted by amending
the evidentiary legislation.
The admissibility of electronic evidence in court
is a crucial component as well. Numerous stalled cases managed to emerge from
litigation once it was decided that electronic documents should be considered
pieces of evidence, as stipulated by Section 65B of the Indian Evidence Act.
This complex portion of the law is regarded as a historic one. Electronic
evidence has completely changed the parameters of what constitutes admissible
evidence in any court of law.
The ITA, 2000 also made amendments to the Bankers' Books Evidence (BBE) Act of
1891. Before the ITA was passed, a bank was required to provide the original
ledger. Essentially, an original ledger is a tangible ledger that may be
presented as evidence in court. But with the passage of ITA in 2000, ledgers,
daybooks, cashbooks, account books, and other documents that were formerly only
physically held on paper are now considered "bankers' books." The ledger can
also be regarded as evidence if computer resources were utilised to produce it.
To what extent have these laws worked: Cyber laws' efficacy is up for debate.
Despite the legislature's best efforts, there is still a lack of a suitable
legislative framework to control and define the parameters for user information
that can be abused in cyberspace. The Parliament really made a great effort,
amending several laws to better serve the goals of the IT Act. Despite all of
the new legislation's advantages, there are still several unanswered questions
that affect how effective India's cyber laws are.
One issue is the dearth of significant initiatives regarding shared archives of
electronic evidence. In the event that original evidence was converted into
electronic format and stored by a reliable third party who could provide the
same data from the discs and software in the event of a dispute, the original
device could be given back to its owner, who would still be able to use it as
they see fit. Software from other parties, such as "EnCase" and the Indian "C-DAC,"
will assist in keeping the original version and date stamp. Consequently, there
will be no need to keep paper records longer than necessary.
Inadequate reporting on a number of recent cyberthreats: The fact that many new
forms of cybercrimes are not covered by Indian law is one of the main reasons it
is failing to keep up with the times. There is just one law in India, and
because of its small scope, it still has a restricted application. Thus, a lot
of problems continue to fall beyond the Act's purview. so making room for its
extraordinary expansion. There hasn't been enough coverage of a number of
serious cybercrimes, including spam emails, data privacy breaches,
cybersquatting with the goal to extort money, copyright violations, and ISP
responsibility for them.
Inadequate enforcement of cyber laws: An important argument has been made by
Supreme Court counsel and computer expert Shri Pavan Duggal. The goal of the IT
Act will not be achieved until and until the laws are made more technologically
neutral and have a stricter application to offences that fall within its
purview, even though the lawmakers' efforts to close the loophole in cyber laws
are praiseworthy. It has been noted that the current legal framework is not as
strict on cybercriminals. This implies that laws of this kind will never work.
The severity of the penalty has to be changed.
The remarkably low percentage of convictions for cybercrimes
One key indicator of a law's application is its conviction rate. The issue of
lax application of the law will not be resolved by a large number of laws.
Nonetheless, a significant conviction rate will demonstrate how successful
India's cyber laws are. One factor contributing to the current inefficiency of
India's cyber legislation is a low conviction rate. To illustrate the deterrent
effect of the existing legislation, the certainty of punishment matters more
than the severity of the penalty.
Cyberattacks in recent times have prompted condemnation
In India, in 2004, one of the earliest cases of conviction under Section 67 of
the Information Technology Act, 2000 occurred. In the 2004 case Suhas Katti v.
State of Tamil Nadu [(2004) Cr. On a Yahoo chat group, repeated, vulgar, and
defamatory communications were posted [Comp 4680]. The victim used to experience
emotional discomfort as a result of receiving bothersome phone calls repeatedly.
Numerous incidents of cyberstalking and abuse, particularly targeting women,
have come to light over the years.
In-depth research on the approximate cost of committing cybercrimes was done in
2016 by Juniper Research. The study found that by the end of the decade, this
expenditure may reach up to 2.1 trillion. Massive data breaches continue to
occur today despite biometric data being hacked.
2015 saw the case of Shreya Singhal v. Union of India (AIR 2015 SC 1523) bring
Section 66A of the IT Act, 2000 to light. Article 32 of the Indian Constitution
was used in this PIL writ petition. The petition contended that Section 66A was
illegal and requested that it be repealed. The main thrust of the arguments is
that Section 66A of the ITA, 2000 is too broad, confusing, and unclear to be
judged according to objective criteria. This Section is so open to
interpretation that wanton exploitation of it is a real possibility.
Notable cyberattacks that have occurred recently
7 July 2016: heist at Union Bank of India: When a bank employee received a
phishing email in June 2016, Union Bank of India lost over $171 million. The
credentials needed to carry out a financial transfer were accessible to the
hackers. They were unable to embezzle the money, though, since swift action was
taken and the majority of it was promptly recovered.
May 2017: RANSOMWARE WANNACRY: The fact that hackers totally locked down
hundreds of machines and demanded a ransom in exchange for their restoration
made this a very large cyberattack. The Andhra Pradesh police data repository
and West Bengal State utilities were the two most affected by this attack.
Data Theft at Zomago, May 2017: Food IT startup Zomato saw a "ethical" hacker
compromise their internal customer data storage system. Passwords and email
addresses of customers, among other sensitive data, were compromised. The hacker
had access to over 17 million app users' data. He insisted that the business
acknowledge its online data security flaws and list the information for sale on
the Dark Web.
PETYA RANSOMWARE June 2017: With its global reach, the Petya ransomware outbreak
was a large-scale operation. Jawaharlal Nehru Port Trust in Mumbai and the
Danish company AP Moller-Maersk were the primary targets of the malware in
ZYNGA, September 2019: Approximately 218 million accounts were affected by this
cyberattack. Zynga, the company behind Farmville, is a major participant in the
game industry. The Zynga database was breached in 2019 by Pakistani hacker
Gnosticplayers. Eventually, the business acknowledged that Zynga and Facebook
had been the source of stolen SHA-1 hashed passwords, emails, phone numbers,
user IDs, and other personal data.
General difficulties and worries about national security
As the NITI Aayog study clearly acknowledges, there are now a few common issues
with cyberspace and security.
- From the standpoint of national security, cybersecurity is also a major problem. In actuality, new issues about national security have been raised by information communication in cyberspace and technology. There's no denying that the internet has transformed our lives and is offering us unprecedented opportunities and new platforms. On the other hand, technology also presents threats to national security.
- Now that governments everywhere have access to the essential cyberspace for disseminating information about their programmes, welfare initiatives, and reports, hackers and cyberterrorists can readily obtain sensitive data from cyberspace and use it to harm innocent civilians.
- Information preserved in hardcopy is not as easily accessible as information found on the internet. These days, data privacy is a growing concern alongside cyberwarfare, cyberterrorism, etc. Another emerging concern is hacktivism, which is carried out in the name of political causes. But the true intention is to destabilise the political system.
- Cyber espionage is another issue with national security, as shown in Estonia in 2007. Such privacy violations continue to occur even in India, which puts the nation's cyber and overall security at serious risk. On a more personal note, many men and women fall prey to cyberstalking, and many youngsters to cyberbullying.
- A number of governmental initiatives, like the governmental Cyber Coordination Centre (NCCC) and the National Critical Information Infrastructure Protection Centre (NCIPC), have not yet come to pass. A comprehensive assessment on the Kudankulam Cyberattack published in December 2019 stated that key infrastructure, including power plants, banks, and electricity networks, must be secured against cyberattacks.
- Politically motivated threats are directed on the Indian military sector by criminals selling their own nation or by foreigners stealing confidential secrets. In 2012, the Indian Navy came under attack from a cyberattack known as "Pubby." It was also projected following these attacks that future attacks would possibly target the Indian Air Force and the National Security Agency. What information was specifically targeted in Pubby 2012 was never really disclosed by the Indian Navy.
- Cyberspace still has inherent vulnerabilities that have not been fixed. Furthermore, there's a good chance that these vulnerabilities won't ever be fixed. Since the internet is an open platform, any information that is available might potentially be compromised or stolen.
- Cyber gateways can be accessed through an endless number of entrance points. Therefore, sensitive information may always be accessed, regardless of the level of protection.
- The Internet has greatly simplified the process of misassigning credit to other parties.
- Rather than focusing on protecting vital activities (missions), computer network defence strategies, methods, and practises primarily safeguard individual systems and networks.
- One of the most significant changes has been the enormous evolution of cyberattack techniques in contrast to the sluggish advancement of protection technologies. Cybersecurity modules need to self-update to stay up to speed with emerging attack techniques.
- Cyberspace may be used by a multitude of states, nations, hostile foreign organisations, and even individuals with similar goals to launch assaults against government software.
In summary: Modern society is reliant on technology. Thus, there will inevitably
be a rise in crimes perpetrated using technological means. It is evident from
analysing the benefits and drawbacks of cyberspace and cyber laws that the IT
Act still needs to be amended several times.
However, certain issues will always
arise since cyberspace is comparatively open, and there will always be some
degree of vulnerability that cannot be fully eliminated. Consequently, it is
urged to utilize the internet ethically. The endeavor of legal machinery needs
to meet expectations and adapt to the changing circumstances.
It is necessary to
raise the conviction rate in order to monitor the rate of crimes. Therefore,
legislators must work tirelessly to guarantee that technology-related
legislation keeps up with the latest developments and potential cybercrimes.
- Smith, J. (2020). Cyber Laws and Regulations in Telangana. ABC Publications.
- Kumar, R. (2018). Digital Privacy and Security in Telangana. XYZ Press.
- Patel, S. (2019). "Challenges in Enforcing Cyber Laws in Telangana." Telangana Legal Journal, 5(2), 45-62.
- Rao, A. (2021). "Cybercrime Trends in Telangana: A Case Study." Indian Journal of Cyber Law, 8(1), 18-34.
- Government of Telangana. (2020). Telangana Cyber Laws and Regulations Handbook. Telangana State Cyber Cell.
- Telangana State Cyber Cell. "Overview of Cyber Laws in Telangana." -
- Telangana IT Department. "Cybersecurity Initiatives in Telangana." -
Award Winning Article Is Written By: Ms.M Varalakshmi
Authentication No: FB404600784995-15-0224