Winfield defined Tort as "Tortious liability"[1] arises from a breach of duty primarily fixed by law; This duty is towards persons generally, and its breach is redressible by an action for unliquidated damages". It was Winfield's view that tortious duties exist by virtue of the law itself and are not dependent upon the agreement or consent of the person subjected to them. The tort[2] is a civil wrong that is independent of any contractual obligations, resulting in harm or injury to another party.

The term "tort" originates from the French word "tort," meaning a wrong or injustice. It encompasses a wide range of wrongful acts, such as negligence, defamation, trespass, and intentional harm, for which the law provides remedies in the form of compensation for damages. The fundamental principle of tort law is that individuals owe a duty of care towards others, and breaching this duty may give rise to liability.

While there have been various attempts to define tort law precisely, it remains a complex and evolving area of legal doctrine. In general terms, a tort can be understood as a civil injury for which the appropriate remedy is an action for unliquidated damages. This means that the compensation awarded is not predetermined but based on the assessment of the harm suffered by the injured party.

The Law of Tort is considered as an evolving Jurisprudence, and since the advent of the internet, this field of legal studies has seen much turmoil. The rapid advancement of technology in the digital age has brought about transformative changes, which are celebrated widely for their benefits yet are accompanied by a host of concerns and frustrations that underscore the complexities of navigating cyberspace[3]. Among these concerns are the proliferation of unsolicited and offensive email messages, online fraud and theft, the pervasiveness of online pornography, and the safety of vulnerable populations, such as children, in the face of online predators.

Additionally, the looming spectre of the Year 2000 Problem, or "Y2K," serves as a reminder of the potential for technological disruptions to wreak havoc on individuals and businesses alike. These challenges raise fundamental questions about tortious liability in cyberspace as individuals and organisations grapple with the legal implications of harm caused by cyber-related activities.

Understanding Tortious Liability in Cyberspace Tortious Liability in Cyberspace can be best understood as a tort committed by a tort feasor using a computer, a smartphone, or similar devices. There are multiple methods through which this type of tort can be committed, like spamming, phishing, salami attacks, logic bombs, Trojan attacks, internet time thefts, web jacking, theft of computer systems, etc. Therefore, This field of law becomes relevant to understand and deliberate to figure out a possible solution to this form of "Cyber-Torts".

In this regard, Shreya Singhal v. Union of India[4] stands as a landmark case in Indian jurisprudence, particularly in the realm of cyber torts and online freedom of speech. The case centred on the constitutional validity of Section 66A of the Information Technology Act of 2000, which criminalised certain forms of online expression. Shreya Singhal, a law student, challenged the provision, arguing that it violated the fundamental right to freedom of speech and expression guaranteed under Article 19(1)(a) of the Indian Constitution.

The Supreme Court of India, recognising the significance of the digital age and the importance of protecting individual liberties online, struck down Section 66A, deeming it vague, overbroad, and prone to misuse. This decision not only safeguarded the rights of internet users but also established important precedents regarding intermediary liability and the limitations of state regulation in cyberspace. Thus, Shreya Singhal v. Union of India remains a pivotal case illustrating the intersection of cyber law, fundamental rights, and the evolving landscape of digital rights in India.

Although This case does not directly address the Law of Tort in the traditional manner, the facts of the case, the reasoning of the court, and the Ratio Decidendi give an impression of how the evolution of the tort law is taking place. The case underscores the broader implications of cyber torts, such as defamation or privacy violations that could arise from overly broad or vague laws regulating online conduct.

Legal Frameworks and Regulations

Why do we need Cybercrime regulation? Because Over the past two decades[5], rapid advancements in technology have led to a surge in cybercrime, impacting individuals, businesses, and governments worldwide. Cybercrimes such as scams, fraud, extortion, and cyberattacks have become increasingly prevalent, resulting in substantial financial losses and disruptions to digital infrastructure. Perpetrators range from small-scale scammers to sophisticated criminal groups, often operating across borders and exploiting the global nature of cyberspace.

This underscores the urgent need for effective regulation and international cooperation to combat cyber threats, enhance cybersecurity measures, and safeguard individuals and organisations from cybercriminal activities. In this regard, development at the global and national levels become very important. The recent negotiation in New York over the framework for Countering Cybercrime gives a relative understanding of the global stand on this issue.

The international treaty[6] on countering cybercrime, being negotiated by UN member states, is crucial as it could establish a binding global legal framework for preventing and prosecuting cybercriminal activities. This framework is vital for international cooperation in addressing cyber threats and safeguarding individuals and organisations from online harm. However, it is essential to ensure that the treaty includes a clearly defined scope and robust safeguards to protect human rights, especially regarding online free speech and digital privacy. Without adequate provisions, there is a risk of repressive governments misusing the treaty to suppress dissent and infringe upon digital rights, including those relevant to cyber torts such as defamation and privacy violations.

In India, the Information Technology Act of 2000 oversees this area of law. Particularly Section 43[7] of the IT Act defines the scope and liability of Cybercrime or Criminal activities carried out using a Computer or on the internet. However, this Act does not deal with the specific requirement of Digital Data Protection. That's why the government introduced the Digital Personal Data Protection Bill 2023, which specifically deals with the Personal data of Individuals.

Also, the new Digital Competition Bill[8] 2024 was introduced recently. It deals with the data protection of consumers by the misuse of the Corporate sector, which can use consumer data to manipulate the market.

The landmark case Caplan v. Atas[9] in Canadian jurisprudence represented a significant step in the recognition of the common law tort pertaining to internet harassment, an area previously unexplored beyond the United States. Justice Corbett's decision in this context introduced a groundbreaking legal remedy, proposing the transfer of ownership of objectionable online content from the defendant to the plaintiffs with the objective of expediting its removal from digital platforms.

This case unfolded over an extended period marked by enduring instances of online abuse, compelling the Court to establish and legitimise the newly recognised cyber tort and formulate an innovative legal remedy tailored to address the persistent and injurious conduct exhibited by the plaintiff.

Effective ways to mitigate Tortious cybercrime

In the realm of cybersecurity, there are different methods through which the risk of cybersecurity

breaches can be mitigated. These methods can help reduce or eliminate the risk of cybercrime and help deter such mischief. Some of these methods are as follows:-

AI-Powered Detection Tools:

There are two prominent types of AI-Powered Detection Tools[10] which can help in identifying and addressing the digital cyber-tort or security breach. First one being Convolutional Neural Networks (CNNs): These are deep learning algorithms commonly used for image recognition tasks. In cybersecurity, CNNs are trained to detect anomalies or alterations in images, videos, or other media files that may indicate deep fake content or manipulation. Secondly, Recurrent Neural Networks (RNNs) are another type of deep learning algorithm well-suited for sequential data analysis. In the context of cybersecurity, RNNs can analyse patterns in data streams, such as network traffic or user behaviour, to identify suspicious activities or potential cyber threats.

Advanced Cybersecurity Practices[11]:

1. Encryption: Encryption involves encoding data to make it unreadable without the correct decryption key. Advanced encryption standards (AES) are widely used to protect sensitive information, such as financial data, passwords, and personal records, from unauthorized access or manipulation by AI algorithms or cybercriminals.
    
2. Multi-Factor Authentication (MFA): MFA adds an extra layer of security beyond just a password. It typically involves requiring users to provide two or more forms of identification, such as a password and a unique code sent to their mobile device, to access systems or data. This makes it more challenging for AI-based programs to attempt unauthorised access to breach security.

Employee Training And Awareness:

Phishing is a common tactic used by cybercriminals to trick individuals into revealing sensitive information or clicking on malicious links. Employee training programs educate staff on how to recognise phishing attempts, including sophisticated ones that may use AI-generated content or social engineering techniques. Interactive and engaging training modules, quizzes, and simulations are often used to enhance awareness and response.

Collaborations And Partnerships:

Collaborations between tech companies, government bodies, and industry associations play a crucial role in sharing cybersecurity best practices, developing innovative solutions, and addressing emerging threats collectively. Initiatives like the National AI Portal of India (INDIAai) and partnerships between organisations foster research, knowledge exchange, and capacity building and also Collaboration with other countries and international organisations allows for the sharing of threat intelligence, best practices, and resources to combat global cyber threats effectively. Initiatives such as joint research projects, information-sharing agreements, and policy harmonisation efforts promote responsible AI use, ethical guidelines, and cybersecurity resilience on a global scale.

AI-Driven Cybersecurity Solutions:

• Predictive Analytics: AI-based predictive analytics leverage machine learning algorithms to analyse historical data, detect patterns, and predict future security incidents. Techniques like deep Bayesian forecasting and burst detection enhance threat detection capabilities and enable proactive risk mitigation strategies.
   
• Automated Incident Response: Automated incident response playbooks powered by AI can analyse incoming threats, assess risk levels, and initiate predefined response actions automatically. This helps organisations respond rapidly to cyber incidents, contain threats, and minimise damage.
   
• Multilingual Threat Intelligence: With cyber threats originating from diverse geographic regions and languages, AI algorithms are trained to analyse and understand threat intelligence in multiple languages. This ensures comprehensive threat monitoring, detection, and response capabilities across global networks, especially in multinational organisations or regions targeted by cybercriminals.

These methods are crucial for enhancing cybersecurity and countering advanced threats posed by evolving technologies. They enable organizations to swiftly detect and respond to anomalies and potential cyber threats, protecting sensitive information through encryption and multi-factor authentication.

Additionally, employee training programs promote responsible technology use and foster a cybersecurity-aware culture. Collaborations among stakeholders facilitate information sharing and joint efforts in combating cyber threats, while AI-driven solutions bolster resilience by automating threat detection and response. Together, these methods form a robust cybersecurity framework that empowers organisations to proactively defend against sophisticated cyber attacks, safeguard critical assets, and maintain operational continuity.

Recommendations for Addressing Emerging Challenges
Addressing cyber torts and cybercrime requires a comprehensive strategy that encompasses legal, technological, educational, and collaborative efforts. First and foremost, there is a critical need to strengthen legal frameworks at both national and international levels. This involves clearly defining cyber torts, such as online defamation, privacy violations, fraud, and harassment, and establishing appropriate penalties for offenders. Legal frameworks should also address jurisdictional issues, cross-border cooperation, and harmonisation of laws to facilitate effective prosecution and deterrence of cybercriminal activities.

In parallel, promoting public awareness and education about cyber risks and best practices is essential. Educational campaigns targeting individuals, businesses, and government entities can help raise awareness about common cyber threats, such as phishing, malware, and social engineering scams. Empowering individuals with knowledge about cybersecurity hygiene, safe online behaviour, and reporting mechanisms can significantly reduce the success rates of cybercriminals and mitigate potential harm.

Technological advancements play a crucial role in combating cyber torts and cybercrime. Investing in advanced cybersecurity solutions, such as AI-powered detection tools, encryption technologies, multi-factor authentication, and automated incident response systems, can enhance organisations' ability to detect, prevent, and respond to cyber threats effectively. These technologies can help identify anomalous behavior, protect sensitive data, and mitigate the impact of cyberattacks.

Furthermore, fostering collaboration among stakeholders is paramount. Public-private partnerships, information-sharing initiatives, and coordinated responses among law enforcement agencies, cybersecurity experts, industry players, and civil society organisations can strengthen cyber resilience and facilitate rapid incident response. Collaboration also extends to international cooperation, where countries work together to share threat intelligence, harmonise legal frameworks, and combat cyber threats that transcend national borders.

Capacity building is another critical aspect of addressing cyber torts and cybercrime. Providing training programs, certifications, and resources to law enforcement agencies, cybersecurity professionals, judicial authorities, and policymakers can enhance their capabilities in investigating cybercrimes, prosecuting offenders, and developing effective cybersecurity policies and regulations.

Finally, engaging with civil society, advocacy groups, and digital rights organisations is essential to advocate for digital rights, privacy protections, and legal reforms that align with evolving technological landscapes. By involving diverse stakeholders and fostering a collective effort, we can create a safer and more secure digital environment for individuals, businesses, and societies to thrive in the digital age.

Conclusion
In conclusion, the intersection of tort law and cyberspace presents a complex and evolving landscape that requires careful consideration and proactive measures. The traditional principles of tort law, as defined by Winfield and encompassing duties of care, breach of duty, and liability for harm, have expanded to encompass digital spaces where new forms of harm and injury emerge. Cyber torts, including but not limited to defamation, privacy violations, fraud, and harassment, have become prevalent in the digital age, posing unique challenges for legal systems worldwide.

To effectively address these challenges, it is imperative to strengthen legal frameworks governing cyber torts at both national and international levels. Clear definitions, appropriate penalties, and jurisdictional clarity are essential components of legal frameworks aimed at deterring cybercriminal activities and providing remedies for victims of cyber torts. Moreover, the harmonization of laws across borders is crucial to facilitate cooperation in prosecuting offenders and ensuring justice for victims regardless of geographical boundaries.

In tandem with legal efforts, promoting public awareness and education about cyber risks and best practices is paramount. Individuals, businesses, and government entities must be equipped with knowledge and resources to navigate cyberspace safely, identify potential threats, and report cyber torts effectively.

This includes understanding concepts such as data privacy, online defamation, digital fraud, and the legal implications of cyber actions. Technological advancements also play a pivotal role in mitigating cyber torts. AI-powered detection tools, encryption technologies, multi-factor authentication, and automated incident response systems are instrumental in detecting and preventing cyber threats, protecting sensitive data, and minimizing the impact of cyberattacks.

Furthermore, collaboration among stakeholders is essential for a comprehensive approach to cyber torts. Public-private partnerships, information-sharing initiatives, and coordinated responses among law enforcement agencies, cybersecurity experts, industry players, and civil society organisations enhance cyber resilience and facilitate rapid incident response.

Capacity building within legal systems, law enforcement agencies, cybersecurity professionals, and judicial authorities is crucial to ensure effective investigation, prosecution, and adjudication of cyber tort cases. Additionally, engaging with civil society, advocacy groups, and digital rights organisations helps advocate for digital rights, privacy protections, and legal reforms aligned with evolving technological landscapes.

In essence, addressing cyber torts requires a holistic strategy that integrates legal, technological, educational, and collaborative efforts. By adopting proactive measures and fostering a collective effort, we can create a more resilient and just digital environment that upholds the principles of tort law while navigating the complexities of cyberspace.

End-Notes:

1. Roger WVH, Winfield and Jolowicz on Tort (18th edn, Thomson Reuters (Legal) Limited 2010)
2. Sapre A, Ratanlal and Dhirajlal: The Law of Torts (27th edn, LexisNexis 2016)
3. "Developments in the Law: The Law of Cyberspace." Harvard Law Review, vol. 112, no. 7, 1999, pp. 1574–704. JSTOR, https://doi.org/10.2307/1342414. Accessed 14 Mar. 2024.
4. Shreya Singhal v. Union of India, (2013) 12 SCC 73
5. Wilkinson I, 'What Is the UN Cybercrime Treaty and Why Does It Matter? | Chatham ...' (Chatham House, 13 July 2023) accessed 15 March 2024
6. Nordic, 'A UN Treaty on Cybercrime En Route' (United Nations Western Europe, 23 June 2022) accessed 16 March 2024
7. The Information Technology Act 2000, s 43
8. Report Of The Committee On Digital Competition Law – 2024 (Ministry of Corporate Affairs Government of India)< CDCL-Report-20240312[1].pdf>
9. Caplan v. Atas, 2021 ONSC 670
10. Chatterji S and others, 'Cybersecurity Laws and Regulations Report 2024 Generative AI & Cyber Risk in India' (International Comparative Legal Guides International Business Reports, 14 November 2023) accessed 17 March 2024
11. Id.