Facebook X-twitter Linkedin Instagram Youtube
Global Advisory firm, international consulting firm in India, business operations in India, india business strategy
Read Time: 8 min

Legal Chronicle

March 2025

Rise of Cyber Crime and Legal Mechanisms in India-

India | Japan | Italy | Spain | France | German | Vietnam | UAE

Index

Rise of Cyber Crime and Legal Mechanisms for Protecting Digital Security in India

1

Introduction

2

Recent Surge and Types of Cyber Crime Incidents in India

3

Impact of Cyber Crime on Individuals and Society

4

Legal Mechanisms for Protecting Digital Security in India

5

Guidelines Introduced by Sectoral Regulators for Cybersecurity

6

Legal Precedents Related to Cybercrimes in India

7

Conclusion

8

Disclaimer

9

About Us

10

Our Team

Dear Reader,

The Legal Department at UJA is delighted to impart certain legal knowledge as construed under the Legal Chronicle to keep the readers aware of the recent updates and developments that revolve around various aspects of the law. Our ultimate goal is to enable our readers to develop a sense of familiarity with the complexities of Indian as well as international law.

In this edition of Legal Chronicle, we will explore the growing prevalence of cybercrimes in India and examine the role of legal mechanisms in safeguarding and ensuring digital security across the country.

We hope that this edition creates a sense of enthusiasm for our readers and successfully delivers the plethora of legal knowledge as intended. In case you have any feedback or need us to include any information to make this issue more informative, please feel free to write to us at legal@uja.in

Introduction

Cybercrime mainly refers to the criminal activities that are carried out with the use of computers and the internet. The activities include hacking, malware attacks, data theft, and the involvement of financial fraud as well. At present, all businesses in India, governments and individuals ideally rely over digital platforms to conduct their business practices.  The digital platforms are prone to various cyber threats.

India boasts the largest number of consumers accessing digital services, driven by the rapid growth of e-commerce, fintech, education, and healthcare sectors. Given its expansive digital footprint, it is essential for India to establish a robust framework to address the challenges and capitalize on the opportunities within the digital landscape.

Recent Surge and Types of Cyber Crime Incidents in India

In the year 2024, within the first four months almost 740,000 cases related with cybercrime were reported before the “Indian Cyber Crime Coordination Centre (I4C)”. There has been a massive surge in cases related to cyber-crimes in India between the years 2019 and 2020. Hence, 85 percent of all the reports that were filed in the year 2024 have been related to financial fraud committed through digital platforms.

Types of Cyber Crime:

  • Child Pornography/ Child sexually abusive material (CSAM)
  • Cyber Bullying
  • Cyber Stalking
  • Cyber Grooming
  • Online Job Fraud
  • Online Sextortion
  • Vishing
  • Phishing
  • Data Breach
  • Online Drug Trafficking
  • Cyber-Squatting

Impact of Cyber Crime on Individuals and Society

  • Effects on Businesses:
    E-commerce businesses, which manage vast customer databases in digital formats, face significant threats from cybercrime. To protect sensitive data, businesses must implement robust security measures, including encryption of financial information. Failure to do so can leave them vulnerable to hackers who exploit security gaps to gain unauthorized access to customer data.
  • Effects on Infrastructure:
    Cybercriminals, including cyberterrorists, often target critical national infrastructures, such as air traffic control systems, healthcare networks, and utility grids. As a country advances technologically, the potential risks associated with cyberattacks grow exponentially. A breach in these sectors can disrupt vital services, endanger public safety, and result in severe economic damage.
  • Effects on Individuals:
    Cybercrime also affects individuals directly, especially through crimes like online blackmail and identity theft. Cybercriminals may threaten to expose sensitive, private, or even fabricated information unless their demands are met. Such experiences can lead to severe emotional distress and long-term psychological effects, as well as a loss of privacy.
    These are some of the significant effects associated with cybercrimes, which have a far-reaching impact across India. The scope of these crimes extends nationwide, affecting individuals, businesses, and government entities alike.
  • In India, cybersecurity, cybercrime, and data protection are primarily governed by the Information Technology Act, 2000. This legislation is supplemented by various rules and regulations that define and enforce the country’s cybersecurity measures. Additionally, the National Cyber Security Policy 2023 outlines strategic initiatives to bolster cybersecurity across sectors, the recently introduced Digital Personal Data Protection Act, 2023 (DPDP Act) provides a comprehensive framework for safeguarding personal data. These legislative and policy frameworks collectively aim to strengthen India’s cybersecurity posture and ensure robust protection of digital privacy.
  • The Framework of cybersecurity in India :
    Ministry of Home Affairs.
    Ministry of Electronics and Information Technology.
    Indian Cyber Crime Co-ordination Centre.
    Indian Computer Emergency Response Team (CERT-In).
    National Critical Information Infrastructure Protection Centre (NCIIPC).
    India’s criminal justice system also has introduced new criminal laws which also deal with cyber offenses.
  • Bhartiya Nyaya Sanhita, 2023 (BNS):
    Certain sections under the BNS have been expanded to address crimes such as extortion, forgery, and hate speech, specifically when these offenses are committed through digital means or via social media platforms. Electronic texts, emails, and social media posts can now be considered valid sources for prosecuting individuals involved in such crimes. Sections like 196 and 197 address hate speech, while Section 353 targets misinformation that disrupts public order.

Additionally, Section 294 broadens the definition of obscene material to include content shared electronically. These updates attempt to strengthen the legal framework, ensuring that cybercriminals are swiftly identified and convicted.

  • Bharatiya Sakshya Adhiniyam, 2023 (BSA)
    The BSA has made significant contributions to addressing issues of cybercrime in India, particularly through various reforms. One key provision in this regard is Section 57 of the legislation, which recognizes electronic records, digital documents, social media posts, and emails as primary evidence in court proceedings. Previously, these types of evidence were considered secondary, but legal reforms have elevated their importance in legal proceedings. In the past, under court proceedings, physical evidence would be relied upon which led to delays in investigation. Hence, the introduction of the section has granted electronic records the primary evidence status.

Section 63 of the BSA has introduced various safeguards and guidelines that determine the admissibility of electronic evidence, requiring it to meet specific criteria before being submitted to the court.

Guidelines Introduced by Sectoral Regulators for Cybersecurity

  • The Insurance Regulatory and Development Authority of India (IRDAI):
    Has established specific cybersecurity guidelines for insurers and insurance intermediaries. These guidelines are designed to ensure that all entities within the insurance sector adopt robust cybersecurity measures to protect sensitive data and maintain the integrity of their operations.
  • The Reserve Bank of India (RBI):
    Has established a comprehensive set of cybersecurity standards and guidelines aimed at enhancing the security framework for financial institutions. These guidelines apply to a wide range of entities, including banks, non-banking financial companies (NBFCs), payment aggregators, and payment system operators.
  • The Securities and Exchange Board of India (SEBI):
     Has issued several circulars addressing cybersecurity concerns for participants in the stock market. These directives are designed to strengthen the security infrastructure of market intermediaries and ensure that they adopt necessary measures to mitigate cyber risks.
“A Landmark Case that Safeguarded Free Speech in the Digital Age of India”

  • Case: Shreya Singhal v. Union of India, [2015] 5 S.C.R. 963

  • Petitioner: Shreya Singhal

  • Respondent: Union of India

  • Brief Facts:
    The case concerns the constitutionality of Section 66A of the Information Technology Act, 2000, which made it a criminal offense to send “offensive” messages through communication services, with a broad and vague definition of what constituted “offensive.” The petitioner challenged this provision, arguing that it violated fundamental rights guaranteed under Article 19(1)(a) and Article 21 of the Constitution.
  • Observation:
    The Hon’ble Court had observed that Section 66A of the IT Act was very broad and vague, and this had a huge effect on the right of free speech. The terms “offensive” and “menacing” did not have a clear definition as such, which could lead to further misuse. It was noted by the Hon’ble court that the provision was inconsistent with the Constitution’s guarantee of freedom of speech and expression, as it failed to pass the test of reasonable restrictions. The Court also highlighted that the vagueness of Section 66A could result in arbitrary and inconsistent enforcement, which goes against the principles of legality and fair notice.
  • Judgement:
    The Supreme Court declared Section 66A of the Information Technology Act, 2000, unconstitutional and struck it down. The Court ruled that the provision violated Article 19(1)(a) and failed to meet the “reasonable restrictions” criteria under Article 19(2). This judgment reinforced the significance of safeguarding free speech and expression, emphasizing that any restrictions must be clear and not subject to arbitrary interpretation.
“A Supreme Court ruling striking down the RBI's ban on banking services for virtual currencies”
  • Case: Internet And Mobile Association of India vs Reserve Bank of India, AIR 2021 SUPREME COURT 2720, AIRONLINE 2020 SC 298
  • Petitioner: Internet And Mobile Association of India
  • Respondent: Reserve Bank of India
  • Brief Facts:
    The RBI issued a press release expressing concerns related to trade in virtual currencies, highlighting the risks of hacking, money laundering, and other illegal activities associated with cryptocurrencies. The RBI’s stance led to a directive for banks across India and other RBI-regulated entities to refrain from engaging in any transactions involving virtual currencies. In response, the Internet and Mobile Association of India filed a petition before the Supreme Court, challenging the circular issued by the RBI.
  • Issues:
    If the RBI has the jurisdiction to issue such circulars.
    Whether trading in cryptocurrency and engaging in related activities constitutes a legal business.
    Whether virtual currency qualifies as money.
    Whether a ban on cryptocurrency trading was the only solution to mitigate the risks associated with it.
  • Judgement:
    The Supreme Court ruled that although the RBI had the authority to monitor and regulate virtual currency, its decision to impose a complete ban exceeded its powers and negatively impacted legitimate trade practices. The Court further stated that the RBI did not aim to cause harm to regulated entities but rather sought to address potential issues within the functioning of virtual currencies in facilitating trade.

In its judgment, the Supreme Court emphasized that an outright ban on virtual currencies would be an excessive measure for their regulation. It also declared the ban to be unconstitutional, stating that it violated the right to carry on trade and commerce as guaranteed under Article 19(1)(g) of the Indian Constitution.

In conclusion, the Hon’ble Court acknowledged that the RBI held broad powers, both in statutory regulation and in playing a special role in the country’s economy. It clarified that while the RBI could exercise these powers in a preventive manner, there are limits to how and to what extent they can be applied. Therefore, the Hon’ble Court lifted the RBI-imposed ban on trading in virtual currencies.

Conclusion

In conclusion, as cybercrimes continues to evolve with the increasing reliance on digital platforms by businesses, governments, and individuals, the need for robust cybersecurity measures has never been more critical. With India’s rapidly growing digital economy, particularly in sectors like e-commerce, fintech, education, and healthcare, India stands as one of the largest consumers of digital services. This underscores the pressing importance of the legal mechanisms present in India to protect against the rising threats of cybercrime, ensuring the security and trust essential for the continued growth of India’s digital landscape.

Disclaimer

This document is intended to provide general information and is not intended to be substituted for any legal or professional advice. This document is meant exclusively for informational purposes and not for advertising or solicitation. UJA has made significant efforts to ensure that the information contained in this document is accurate and reliable. However, the information herein is provided “as is” without warranty of any kind. UJA hereby disclaims all responsibility and liability, whether stated or implied, for the accuracy, validity, adequacy, reliability, or completeness of any information provided under this document. In no event shall UJA be held liable for any losses or damages whatsoever incurred as a result of using this document.

About UJA

The UJA’s team specializes in offering a wide range of legal solutions, ensuring comprehensive support for both businesses and individuals.
Our Comprehensive Services Include:

  • Legal Advisory
  • Contract Negotiation & Management
  • Financial & Legal Due Diligence
  • Immigration-related Services
  • Drafting & reviewing of legal documents, policies & Notices
  • Labour Law
  • Dispute Resolution & Arbitration
  • Business & Operational Restructuring for M&A
  • Trademark Filing & IP-related advisory
  • Legal Metrology & Related Services

UJA supports businesses in navigating complex regulations, global markets, and GI laws. Operating across France, Germany, Japan, Spain, and more, we specialize in market entry, expansion, and offering tailored solutions for growth. With over 28 years of experience and a team of 170+ experts, we’ve helped over 1,000 clients, from SMEs to MNCs, achieve their goals. Our expertise in accounting, audit, advisory services, and GI laws ensures that your business moves forward with confidence.

References

Link : Reference One

Link: Reference Two

Link: Reference Three

Link: Reference Four

Link: Reference Five

Our Team

Meet Our Experts
Our Team
Download PDF

Follow us

Facebook X-twitter Linkedin Instagram Youtube
UJA the best business consulting firm
Copyright © 2025 UJA. All rights reserved. Disclaimer: The site is not intended to be a source of advertising or solicitation. By visiting this site, you acknowledge that you are doing so voluntarily and of your own free will. You should not consider the information on the site to be an invitation for an Auditor / Advisor – Client relationship and transmission, receipt or use of the site does not constitute or create an Auditor / Advisor – Client relationship. All site contents are the copyright of UJA.

Download PDF

Download PDF

Hello, how may we help you?