Cyber Crime
Cyber crime refers to any criminal offence committed using a computer, computer network, or the internet, and is primarily governed by the Information Technology Act, 2000, and the Indian Penal Code / Bharatiya Nyaya Sanhita.
What is Cyber Crime?
**Cyber crime** (also written as cybercrime) encompasses any criminal activity that involves a computer, computer system, computer network, or digital device — either as the tool for committing the offence, the target of the offence, or both. Cyber crimes range from hacking and data theft to online fraud, identity theft, cyberstalking, and distribution of obscene material through digital means.
In everyday terms, cyber crime is any crime that happens online or through digital devices — when someone hacks your email, steals money from your bank account through phishing, posts obscene photos of you online, or uses a computer to commit fraud.
Legal Framework
Information Technology Act, 2000 (IT Act)
The **Information Technology Act, 2000** (as amended in 2008) is India's primary legislation dealing with cyber crimes and electronic governance. The Act was enacted to provide legal recognition to electronic transactions and to address offences committed using computers and the internet.
**Key Offences Under the IT Act:**
**Section 43: Unauthorized Access and Damage to Computer Systems**
Any person who without permission accesses a computer, downloads data, introduces viruses, disrupts or denies access to a computer, or causes damage, is liable to pay **compensation up to Rs 5 crore** to the affected person. This is a civil remedy.
**Section 66: Computer-Related Offences (Hacking)**
If any act referred to in Section 43 is done **dishonestly or fraudulently**, it becomes a criminal offence punishable with **imprisonment up to 3 years** and/or fine up to **Rs 5 lakh**.
**Section 66B: Dishonestly Receiving Stolen Computer Resource or Communication Device**
Punishable with **imprisonment up to 3 years** and/or fine up to Rs 1 lakh.
**Section 66C: Identity Theft**
Using the electronic signature, password, or any other unique identification feature of another person fraudulently or dishonestly is punishable with **imprisonment up to 3 years** and fine up to **Rs 1 lakh**.
**Section 66D: Cheating by Personation Using Computer Resource**
Cheating by impersonating someone using a computer resource or communication device is punishable with **imprisonment up to 3 years** and fine up to **Rs 1 lakh**.
**Section 66E: Violation of Privacy**
Capturing, publishing, or transmitting the image of a private area of a person without consent is punishable with **imprisonment up to 3 years** and/or fine up to **Rs 2 lakh**.
**Section 66F: Cyber Terrorism**
Acts that threaten the unity, integrity, security, or sovereignty of India through denial of access to critical information infrastructure, unauthorized access to restricted data, or introducing computer contaminants are punishable with **imprisonment which may extend to life**.
**Section 67: Publishing Obscene Material in Electronic Form**
Punishable on first conviction with **imprisonment up to 3 years** and fine up to **Rs 5 lakh**; on subsequent conviction, imprisonment up to **5 years** and fine up to **Rs 10 lakh**.
**Section 67A: Publishing Sexually Explicit Material**
Enhanced punishment — imprisonment up to **5 years** and fine up to **Rs 10 lakh** on first conviction; up to **7 years** and Rs 10 lakh on subsequent conviction.
**Section 67B: Publishing Child Sexual Abuse Material (CSAM)**
Punishable with **imprisonment up to 5 years** and fine up to **Rs 10 lakh** on first conviction; up to **7 years** and Rs 10 lakh on subsequent conviction.
**Section 72: Breach of Confidentiality and Privacy**
Any person who has been given access to electronic records, books, or information under the IT Act and discloses them without consent is punishable with **imprisonment up to 2 years** and/or fine up to **Rs 1 lakh**.
IPC / Bharatiya Nyaya Sanhita Provisions
Many cyber crimes also attract provisions of the IPC/BNS:
- **Section 420 IPC (Section 318 BNS):** Cheating and dishonestly inducing delivery of property — commonly invoked in online fraud cases.
- **Section 463-474 IPC (Sections 336-340 BNS):** Forgery — applicable to fabrication of electronic documents.
- **Section 354D IPC (Section 78 BNS):** Stalking, including cyberstalking — following a person through electronic means.
- **Section 499-500 IPC (Sections 356-357 BNS):** Defamation — applicable to online defamation.
- **Section 503-506 IPC (Sections 351-353 BNS):** Criminal intimidation — applicable to threats made through digital means.
Digital Personal Data Protection Act, 2023
This recent legislation addresses the protection of personal data in the digital ecosystem. It imposes obligations on **data fiduciaries** (entities collecting personal data) and provides rights to **data principals** (individuals whose data is collected). Violation of its provisions can result in penalties up to **Rs 250 crore**.
Types of Cyber Crime
Financial Cyber Crimes
- **Phishing:** Fraudulent emails or websites designed to steal login credentials and financial information.
- **UPI/Net Banking Fraud:** Unauthorized transactions using stolen banking credentials or social engineering.
- **Credit/Debit Card Fraud:** Skimming, cloning, or unauthorized use of card details.
- **Cryptocurrency Fraud:** Ponzi schemes and fraudulent investment platforms using digital currencies.
Crimes Against Persons
- **Cyberstalking:** Repeatedly following, monitoring, or contacting a person through electronic means.
- **Cyberbullying:** Harassment, intimidation, or humiliation through digital platforms.
- **Morphing:** Altering images (particularly of women) and distributing them.
- **Sextortion:** Threatening to publish intimate images unless money is paid.
Crimes Against Data and Systems
- **Hacking:** Unauthorized access to computer systems.
- **Malware/Ransomware:** Deploying software that damages systems or encrypts data for ransom.
- **Data Theft:** Stealing personal, corporate, or government data.
- **Denial of Service (DoS) Attacks:** Overwhelming systems to render them inaccessible.
When Does This Term Matter?
For Individuals
Online banking fraud, social media impersonation, phishing attacks, and cyberstalking are increasingly common. Every individual who uses the internet is a potential target. Understanding the legal framework helps in reporting crimes promptly and seeking appropriate remedies.
For Businesses
Data breaches, ransomware attacks, corporate espionage, and theft of trade secrets through cyber means are major concerns for businesses. Companies must implement cybersecurity measures and understand their legal obligations under the IT Act and the Digital Personal Data Protection Act.
For Reporting
Cyber crimes should be reported through:
- **National Cyber Crime Reporting Portal:** cybercrime.gov.in
- **Helpline:** 1930 (national cyber crime helpline)
- **Local police station:** FIR can be registered at any police station under Section 154 CrPC.
- **Cyber Crime Police Stations:** Most states have dedicated cyber crime police stations.
The Supreme Court and various High Courts have directed that cyber crime complaints must be accepted and investigated regardless of the jurisdiction where the crime was committed.
Practical Significance
- **Jurisdictional flexibility:** Under **Section 75 of the IT Act**, the Act applies to offences committed outside India if the act involves a computer or network located in India. Section 179 CrPC also allows the victim to file a complaint where the consequence of the cyber crime was felt.
- **Intermediary liability:** Under **Section 79 of the IT Act**, intermediaries (platforms like social media companies) are exempt from liability if they comply with due diligence requirements and government directions. However, upon receiving actual knowledge or government order, they must remove or disable unlawful content.
- **Electronic evidence:** Under **Section 65B of the Evidence Act (Section 63 BSA)**, electronic records are admissible as evidence if accompanied by a certificate certifying their authenticity. Proper preservation and handling of digital evidence is crucial.
- **Growing threat:** India ranks among the top countries globally for cyber crime incidents. The RBI has issued extensive guidelines on cybersecurity for banks and financial institutions.
Frequently Asked Questions
How do I report a cyber crime in India?
You can report cyber crime through the **National Cyber Crime Reporting Portal** at **cybercrime.gov.in** or by calling the national helpline **1930**. For financial frauds, reporting within the **first hour** (the "golden hour") significantly increases the chances of recovering the money, as banks can freeze the fraudulent transaction. You can also file an FIR at your nearest police station or at a dedicated cyber crime police station. Preserve all evidence — screenshots, transaction details, emails, and messages.
Can police trace cyber criminals?
Yes. Law enforcement agencies have specialized **Cyber Crime Investigation Units** equipped with digital forensic tools. They can trace IP addresses, analyse digital footprints, recover deleted data, and coordinate with internet service providers and platforms. Under Section 69 of the IT Act, the government can direct any agency to intercept, monitor, or decrypt digital information. However, sophisticated criminals may use VPNs, encrypted communication, and other anonymization tools that make tracing more challenging.
What should I do if money is stolen from my bank account through cyber fraud?
**Act immediately.** First, call your bank's customer care to **block your account and cards**. Second, report the fraud on **1930** or cybercrime.gov.in — quick reporting within the golden hour increases recovery chances. Third, file an **FIR** at the nearest police station. Under **RBI guidelines on limiting customer liability** (2017), if unauthorized electronic transactions are reported within **3 working days**, the customer's liability is **zero** (if the fraud is due to a third party or system breach, not customer negligence).
Is sharing someone's private photos online a cyber crime?
Yes. Under **Section 66E of the IT Act**, capturing, publishing, or transmitting the image of a private area of a person without consent is a punishable offence. Under **Section 67/67A**, publishing obscene or sexually explicit material electronically is a criminal offence. Under the IPC, it may also constitute outraging the modesty of a woman (Section 354C — voyeurism). Victims can file a complaint at cybercrime.gov.in, and platforms are legally required to remove such content upon receiving a valid complaint or government direction.
Disclaimer: This glossary entry is for informational purposes only and does not constitute legal advice.
Related Legal Terms
FIR (First Information Report)
A First Information Report (FIR) is a written document prepared by the police when they receive information about the commission of a cognizable offence, marking the first step in the criminal investigation process.
Cognizable Offence
A cognizable offence is an offence in which a police officer can arrest the accused without a warrant and begin investigation without prior permission from a magistrate.
Right to Privacy
The right to privacy is a fundamental right under Article 21 of the Indian Constitution, recognised by the Supreme Court in the landmark K.S. Puttaswamy judgment as an intrinsic part of the right to life and personal liberty.
Compensation
Compensation is the monetary award or payment ordered by a court or authority to make good a loss, injury, or damage suffered by a person due to the wrongful act or breach of another.
Confession
A confession is a statement made by an accused person acknowledging their guilt in the commission of a criminal offence, and its admissibility in court is governed by strict legal safeguards.