Need for Police Reforms in India Police Reforms vis-a-vis Cyber Crimes
As more and more of our work digitised chances of leaking of data seems
improbable and the problem of law enforcement officials, individual and
companies need to bear the cost of crime and loss. Digital technology and the
internet are providing criminals with new opportunities to commit crime.
It is now essential that police officers have the capability to deal confidently
with the cyber element of crimes as it is fast becoming a dominant method in the
perpetration of crime. But more than that, it is becoming a part of everything
that the police have to deal with because the internet and digital technology
are part of most peoples’ lives now.
After the advent of computer revolution started in India, most of our activity
Connected with the internet and we are directly and indirectly transact with the
borderless Cyberworld .This paper describes the various challenges of law
enforcement agencies faces in handling cyber crime, cyber crime legislative
standards across jurisdictions, introduction of specialist force to combat cyber
crime and finally, suggestions and conclusions are highlighted to modernise
police force capacity to tackle the crime in the digital era.
Cyber crime challenges
After the number of user increased the challenges for our police force to adopt
different strategies to fight crime in virtual world is need of the hour for
prevention and nab the criminals involved in the cyber crime.
Financial institutions do not always report crimes committed against their
customers because they are concerned about customers losing their confidence in
the security of the institutions' computer systems. This makes it difficult for
police forces to effectively identify and understand threats, risks and harm
posed by cybercrime as they do not have all of the necessary information they
The complaint need to go specific cyber security cell police station not to all
the police station for lodging the complaint, lack of awareness and distance
factors results many cases being unreported.
Rapid deployment team
This is the newest of the national threats to require a national response by the
police service. A large-scale cyber incident could be caused by either the
aggregation of individual cybercrimes or the commission of a single attack.
We need to classify the threat based on the level of impact.
·Large scale incident, Terrorism, Financial institution, Threat to public law
disorder, attack on government online services
·Medium scale incident – Corporate level – data theft
·Small Scale Incident – fraud, child bullying, identify fraud offences
The threat of a large-scale cyber incident is the newest of the national threats
to require a national co-ordinated response by the police and the national law
enforcement and intelligence agencies.1
In case of large-scale cyber incident National Level Computer Emergency Response
Team (CERT-In) co-ordinate with National Critical Information Infrastructure
rapid deployment team should be created in every state that connect locally,
regionally, nationally to deploy at short notice to reduce the risk of
disruption and improve the security posture. Rapid deployment team consists of
computer specialists in cybercrime. In the form of ‘high-tech crime’
investigators who recover evidence from computers, covert internet investigators
Proper co-ordination and support between the departments is necessary for
uniformed operations, internal communication should be strengthen by
establishing standards and mechanisms for secure information flow (while in
process, handling, storage & transit), crisis management plan, proactive
security posture assessment and forensically enabled information infrastructure.
Law enforcement powers to obtain digital evidence
When dealing with cyber crime for LEAs to be able to quickly secure digital
evidence, often in multiple jurisdictions, to ensure that it is retained and the
forensic quality of the evidence is preserved 3.In getting information for
forensic analysis from overseas ISPs and telecommunication services is often too
slow to identify an offender. Data is generally not received in time to be
submitted to court.
Inconsistent legislation or a lack of cyber crime offences can also mean that
individuals based overseas escape extradition and prosecution for cyber offences
because there is no similar offence in the country of origin.
If international cooperation is done on a police to police basis tedious process
will be changed which make it easy to obtain evidence to identify offenders fast
enough to enable a prosecution 4.
For example, inconsistent telecommunications intercept data retention laws can
mean that evidence that would be complexities of securing electronic evidence
(e-evidence) of any type of crime or economic offence.
The National Cyber Security Policy of 2013 refers to effective law-enforcement
capabilities for investigation and prosecution of cybercrime, but not to the
broader issue of electronic evidence. Securing e-evidence is an increasingly
complex undertaking. The sheer volume of cases involving e-evidence, the number
of devices, users and victims involved, and technical complications such as
encryption present major challenges.
The transnational nature of e-evidence, it may be stored in foreign
jurisdictions even in cases that are otherwise fully domestic, combined with the
transversal scope of e-evidence, in that any crime may entail such evidence, has
implications on international cooperation in criminal matters. Most mutual legal
assistance (MLA) requests for e-evidence are not related to cybercrime but to
fraud and financial crimes followed by violent and serious crimes.
Given the volatility of e-evidence, the mutual legal assistance process is
rather inefficient. Response times of 6–24 months to MLA requests appear to be
the norm. Many requests and thus investigations are abandoned. This adversely
affects the obligation of governments to protect society and individuals against
cybercrime and other crime.
Securing e-evidence for criminal justice purposes is particularly challenging in
the context of cloud computing where data is distributed over different
services, providers, locations and often jurisdictions, and where mutual legal
assistance is often not feasible. It risks failure of governments in their
obligation to protect the rights of individuals and society against crimes and
loss of faith in the rule of law.
Cloud computing further complicates the matter. MLA requests are about
cooperation between competent authorities. But if evidence is less held on a
specific device or in closed networks but is distributed over different
services, providers, locations and often jurisdictions, it is difficult to
identify to which authorities to send a request.
Furthermore, law-enforcement powers are tied to the principle of territoriality,
meaning that a criminal justice authority can only enforce its laws, such as
ordering a service provider to produce data, or searching and seizing a computer
system, on its own territory 5.
The Indian Ministry of Home Affairs, which serves as the nodal agency for MLAT
requests and acts as a liaison between Indian LEAs and their foreign
counterparts, has often been found wanting in helping harmonise these requests
with the needs of the requested state. For instance, translation of supporting
documents into the language of the requested state (a mandate of the MHA under
MLATs) is reported to have not been followed in some instances, resulting in the
rejection of requests. In many other instances, the time taken by the MHA for
review adds to an inordinate delay in the filing of these requests. Most of
these problems stem from a lack of trained personnel dedicated to handling MLAT
These problems, however, are not unique to India. MLATs and similar formal data
sharing mechanisms are generally considered ill-suited for investigation of
cybercrimes. This realisation has caused the US and UK, for instance, to
negotiate a direct data sharing agreement that would allow UK LEAs to demand
data directly from intermediaries holding data in the US. Asine qua nonfor
this agreement is a written assessment that UK’s laws have both substantial and
procedural protections for user privacy and that the government has displayed
adequate respect for human rights 6. This agreement, which is likely to come
into effect before the end of 2017, should substantially ease the process for
obtaining electronic data for investigations for LEAs in the US and UK.
Electronic communication data is essential to the successful investigation and
prosecution of serious crimes (including cybercrime) to effectively prosecute
online criminal activity.
A broader issue relating to cyber crime is police powers, such as “remote access
powers”. By allowing a warrant to be obtained for remote access, law enforcement
is more likely to be able to decipher encrypted data by conducting surveillance
at a point between the user and the encryption interface. This would involve
remotely accessing (or “hacking into”) a computer via the internet to obtain
transmissions of product passing over that computer at a point at which it is
While the FBI is only recently starting totest the boundaries of Rule 41’s
amended languageRule 41(6) (a) (b) of the Federal Rules of Criminal Procedure
and Clarifying Lawful Overseas Use of Data) Act (CLOUD) Bill with respect to
criminal botnet investigations, because criminal suspects would often conceal
the location of their computers using anonymous proxy servers and other
obfuscating technology 7. India’s data protection bill should have clause based
on the Bill to use on critical situation.
The bill would allow U.S. law enforcement to access data stored abroad by
increasing the reach of the law that federal law enforcement uses to access
data, without the cooperation of foreign governments. Law enforcement could
order companies to provide data regardless of the location of the data or data
subject. This would mean that U.S. courts would claim global authority.
The bill would enable agreements between the U.S. and other governments whose
law enforcement would be permitted to directly request data from U.S. companies
without adequate protections for user privacy 8.
Cyber security policy-2013, Criminal Procedure Code, Police act 1861 and data
protection Bill is silent, hence this would require legislative amendments in
Police act 1861, Criminal Procedure Code and data protection Bill by introducing
new rule based on the US Rule and Bill will grant the government, Judicial and
law enforcement officials greatly expanded search powers and for prosecution of
The probability of getting arrested or going to jail is low. Not one of the
perpetrators of the biggest headline-grabbing breaches has been prosecuted. Law
enforcement agencies are stepping up their efforts, but many cybercriminals
operate outside of their jurisdictions 9.
Furthermore, efforts have to be made to equip them with:
Adequate staff with appropriate skill sets
Infrastructure for cybercrime investigation unit
Infrastructure for cyber forensic units (to aid investigation, which would be in
addition to the forensic labs to give expert opinion for evidentiary purposes)
Appropriate standard operating procedures (SOPs) 10.
The police forces’ capacity and contribution to the response against the
national cyber threat is currently limited to the deployment of a relatively
small number of specialists, who can be used to investigate cybercrime.
Cybercrimes introduce unanticipated risks and effects, creating greater urgency
to equip investigators with new skill sets. One such area is the establishment
of a cloud computing training platform that comprises a networked and nodal
nature, parallel to that of cyber security.
This platform can be pivotal to increase shared knowledge and skills for
investigators and connect LEAs and stakeholders. This cloud-based training
system could encompass functions depicted in the diagram 11.
Traditional modes of training through books, boards, PowerPoint / PDF-based
approach are not very suitable for trainings to combat cybercrime. There is need
for more practical training, something based on simulated environments. However,
given the need of volumes, the proposed methodology should be scalable.
The challenges of cybercrime trainings can be summarised as:
Traditional PowerPoint/ PDF-based approach not very suitable
Number of officers to be trained (volume)
Inaccurate assessments of needs of LEAs
A centralised learning platform provides users from different professions about
common objectives to address cybercrimes. Standardised courses enable frontline
officers, prosecutors and data analysts with varying levels of cyber knowledge
to acquire a consistent overview of investigations such as digital evidence
handling, intelligence development and legal procedures.
·Greater knowledge about how their roles contribute to investigations could
lead to increased productivity and efficiency
·Collaborative processes among investigators could be more streamlined and
integrated at a global scale through this platform.
Curriculum needs to be standardised by keeping in mind different roles of
different LEAs and skill sets required for each role. A tentative list of roles
·First responder officer
·Cybercrime intelligence analyst
·Digital forensics specialist
·Head of unit: Investigation/forensics
·Senior LEA manager
1.1 Cyber Range or Simulated Cybercrime Scenarios
This is the key component of this model. Besides preparation of traditional
modes of training through books, boards, power point/PDF-based approach, there
is a strong need for more training based on simulated environments. This would
mean creation of scenarios, including digital exhibits (logs, etc.) for
extraction by trainees using forensic tools preloaded on the infrastructure,
using appropriate procedures.
1.2 New modus operandi
In cyberspace, criminals keep on adopting new modus operandi every day and
therefore, simulation-based training methodology has to be contemporary. To
develop new scenarios, it is important to keep abreast of new modus operandi and
This part would include:
·Knowledge exchange on current and emerging methods of operations (or modus
operandi) of cybercriminals
·Within this platform, training courses could stress-test the computing skills
of cybercrime experts to analyse and discern signals collected from hacker
forums, internet relay chat rooms and messaging texts
·Attacks like phishing and tampering, advanced persistent threats, backend
systems and reverse-engineering could be simulated.
·Combating cybercrime could take more than technical skills and require
cross-disciplinary knowledge. Researchers must look at the best practices to
stay ahead of hackers by understanding indicators of malware victimisation, the
ecology of trust and motivation among hackers, online hacker communication and
·Gaining practice in such knowledge exchanges could shed light on how hacker
communities interact and share information, creating actionable intelligence for
·Able to develop the best science to help advance cyber security training and
1.3. Continuous redesign for training material
·Feedback gathered from learner usage and experience must be utilised to design
new knowledge capacity and material
·The modules should be developed by subject-matter-experts, ensuring quality
content is constantly updated
·Training courses should be more reflective of real-world cases and incidents
·Maintain engagement with users by tapping into learners’ interests, offering
appropriate challenges and increasing motivation
1.4. LEA Certifications
·This platform could allow performance-based certification to demonstrate that
users know what to look for and what actions to take during a cyber incident
·Assess if knowledge or skills have been practically transferred
·Automated scoring and self-assessments in different areas of cybercrime
·Provide critical insights into the effectiveness of training platform
1.5. Environmental scanning of new technology
This platform will probe how internet-enabled technologies and wearables impact
cybersecurity, policing and how crime could be conceived.
A horizontal approach should involve cyber experts and technology innovators of
LEAs from different countries share their cyber investigative products and
Police agencies should perform SWOT analysis of their cyber capabilities and
identify the next steps for improvement, providing insights into the different
needs and stages of cyber capacity development for individual countries
Vertically, the expanse of future internet-enabled crimes could be analysed at
national, regional, and international levels
1.6. Synchronised skill levels
·This platform will allow new relationships with other nodes within the
networks of the cybersecurity architecture
·Effective collaboration and greater harmonisation provide a more accurate and
comprehensive assessment of cyber criminality, ensuring responses are
coordinated, effective and timely
·Law enforcement collaborations with the private sector to explore and design
complex simulations of future communications technologies that are prone to
criminal exploitation, improve cyber security skills at all levels and work with
associated professions to make industry more resilient to cybercrime 12.
In addition to training opportunities, Police force needs to seek the assistance
of appropriately skilled volunteers to help them improve their skills in
tackling cyber threats.
Taking into account the demand for new skills to investigate crimes in
cyberspace, the necessity to review policing concepts, such as the justification
of a breach of public order, the applicability of techniques in policing the
real world to the maintenance of order
in virtual space, implementation of these instruments in a practical environment
remains the highest priority 13.
Public–private partnerships are also key in enabling a more pro-active and agile
approach to combating cybercrime. The shared responsibility and cooperation
police and the private sector promises to be an effective way of enhancing the
effectiveness of addressing cyber-related threats and also in the fight against
International agreement is the need of the hour to address security and the rule
of law in cyber world.
To overcome these challenges India should join Council of Europe’s Cybercrime
Convention Committee which gives more access and Solutions to enable criminal
justice access to evidence in the cloud are a priority of the committee.
The Budapest Convention provides for (i) the criminalisation of conduct, ranging
from illegal access, data and systems interference to computer-related fraud and
child pornography; (ii) procedural law tools to make the investigation of
cybercrime and the securing of e-evidence in relation to any crime more
effective; and (iii) international police and judicial cooperation on cybercrime
The National Cyber Security Policy of 2013 refers to effective law-enforcement
capabilities for investigation and prosecution of cybercrime, but not to the
broader issue of electronic evidence.
Criminal justice authorities need access to data for use as evidence in criminal
proceedings; without data, there will be no evidence, no justice and no rule of
law. Increasingly, evidence in relation to any crime is stored in the electronic
form on computer systems. This includes serious and violent crime, such as
location data in cases of murder or rape, subscriber information related to
ransom e-mails sent during kidnappings, data to identify and locate victims of
child abuse or data on communications between terrorists.
It can be assumed that this is increasingly a reality in India and that a
growing proportion of the more than seven million crimes recorded entail
The more real-world crime involves e-evidence, the greater the need for
law-enforcement officers, prosecutors or judges to have the skills to deal with
e-evidence. Major capacity-building within the criminal justice system is
required and clear rules for access to e-evidence and its admissibility in court
need to be established.
The question of procedural law powers to secure e-evidence and, by extension,
efficient access to evidence in a transnational and cloud context is a
complicated challenge, given the limitations of the MLA process which is
normally designed to protect the rights of individuals as well as the interests
of states in which evidence is located.
With participation in the Council of Europe Convention on Cybercrime would
increase India’s ability to obtain international assistance from other parties
to the convention in investigating potential cyber crime offences, particularly
in relation to accessing telecommunications. This makes international
cooperation critical to efforts to criminalise, detect, disrupt, prevent and
ultimately to pursue effective law enforcement action 15.
Recommendations and conclusion
To suggest remedial measures to ensure effective prevention and control of the
cyber crimes based on the study following suggestions are recommended:
Use of Encryption Technology
Increase number of appointment of cyber forensic consultant.
Educating the public on cyber crimes cases
Liberalisation of Law relating to Search and Seizure
Development of Cyber Forensics lab and Biometric Techniques
Need to establish a Computer Crime Research and Development Centre in every
Need for Universalisation of Cyber Law
To Combat the Menace of Cyber Terrorism increase training allocation fund once
in every 2 years
Establish Special Cyber Crime Investigation Cell for Hi-Tech Crimes every state.
Create awareness of Cyber Crimes at the High School level
Introduce Cyber Laws in the Curriculum in graduation level
To develop strategies to help decrease the backlog of digital evidence, develop
a mechanism to track the timelines of the cyber security team response to report
of cyber crime activity
Re Establishment of Special Cyber Courts to handle Cyber Crime case in every
View FIR functionality available on Police citizen portals as per Supreme Court
Planting of Baits in Cyberspace for Worms and Viruses
Use of Data Analytical tool to Regulate of Social Networking Sites
Need for Imparting Training to Officials to Investigate Cyber Crimes
Encouragement of Cyber Crime Victims to Lodge Complaints
Increased international law enforcement cooperation among nations and the
private sector and investment in more resources for investigation, especially
among developing nations
Modernisation of current processes, such as the Mutual Legal Assistance Treaty
(MLAT), which allows governments to enlist the help of other government in
cybercrime investigations and evidence collection
Better collection of aggregate data by national authorities
Standardisation of threat information and coordination of cyber security
requirements to boost security in critical sectors like finance
To implement national working group on cyber crime to maintain dedicated
mechanism for the review and development of legislative responses to cyber
police lack sufficient tools to identify offenders or deploy technical
capability to remove malicious software. LEAs must have the tools needed to work
with international partners in a concerted effort to tackle the cyber crime
problem and prosecute the members
Legislation to support remote access to attack other machines in preventing
To follow Council of Europe Convention on Cybercrime policy adapting measures to
our national cyber security policy along the line of the treaty
An oft repeated quote in the context of the internet is that of Judge Nancy
Gertner in Digital
Equipment Corp. v. Altavista Technology: “The internet has no territorial
boundaries 16. To paraphrase Gertrude Stein, as far as the internet is
concerned, not only is there perhaps ‘no there, there’, the ‘there’ is
everywhere where there is internet access.17”
This research paper attempts in pointing out urgent need of legislation and
policy formulation in the field of cyber crime investigation. Problem of
potential misuse of internet is increasing day by day, It’s important for law
makers, judicial and government to ensure that law reflect updated to tackle the
menace of cyber crime and it is time to gear up for law enforcement official to
fight computer crime.
1-The Strategic Policing Requirement: An inspection of the arrangements that
police forces have in place to meet the Strategic Policing Requirement, HMIC,
April 2014. Available from:
2-National Cyber Security Policy 2013
3-AusCERT, Submission 30, p.15
4-The Australian Federal Police, Supplementary Submission 25.1, pp.8,9.
5-Alexander SegerIndia and the Budapest Convention: Why not? -
6-Peter J. Kazdik, “Assistant Attorney General, US Department of Justice, in
Letter to Joseph R. Biden, President, United States Senate,” Department of
Justice, July 15, 2016, available at:
7-By Eric PesaleUpdated Criminal Procedure Rule Allows Government to
8-Drew Mitnick New U.S. CLOUD Act is a threat to global privacy. -
9-The Economic Impact of Cybercrime—No Slowing Down “McAfee Labs Threat
Report,” McAfee, December 2017
10- National Capacity Strengthening to Combat Cybercrime.Madan M. Oberoi -
12-National Capacity Strengthening to Combat Cybercrime.Madan M. Oberoi -
13-Tatiana Tropina cyber policing the role of the police in fighting the cyber
crime. European Police Science and Research Bulletin. Special Conference Issue
14-Communication from the Commission to the European Parliament, the Council and
the Committee of the Regions, 2007.
15-Alexander Seger. India and the Budapest Convention: Why not? -
16-The Indian Journal of Law and Technology Vol 6, 2010. Jurisdictional Issues
in Cyberspace. Justice S. Muralidhar. 960 F. Supp. 456 (D. Mass. 1997)
17- The Indian Journal of Law and Technology Vol 6, 2010. Jurisdictional Issues
Justice S. Muralidhar. 17-Id.at 462
Law Article in India
You May Like
Legal Question & Answers