Types of cyber crime

The advancement of technology has made man dependent on Internet for all his needs.
Internet has given man easy access to everything while sitting at one place. Social
networking, online shopping, storing data, gaming, online studying, online jobs, every
possible thing that man can think of can be done through the medium of internet. Internet is
used in almost every sphere. With the development of the internet and its related benefits also
developed the concept of cyber crimes. Cyber crimes are committed in different forms. A few
years back, there was lack of awareness about the crimes that could be committed through
internet. In the matters of cyber crimes, India is also not far behind the other countries where
the rate of incidence of cyber crimes is also increasing day by day.

What is Cyber-Crime?
cyber crime can be defined as a crime or an unlawful act where the computer is used either as
a tool, a target or both. In other terms, cyber crimes in India can be defined as an
unauthorized access to some computer system without the permission of rightful owner or
place of criminal activity and include everything from online cracking to denial of service
attacks.
Some examples of cyber crime include phishing, spoofing, DoS (Denial of Service) attack,
credit card fraud, online transaction fraud, cyber defamation, child pornography, etc.

Cyber criminals always choose an easy way to make big money. They target rich people or
rich organizations like banks, casinos and financial firms where the transaction of a huge
amount of money is made on an everyday basis and hack sensitive information.
Catching such criminals is difficult. Hence, that increases the number of cyber-crimes.
Computers are vulnerable, so laws are required to protect and safeguard them against cyber
criminals.

DIFFERENT KINDS OF CYBER CRIMES

The different kinds of cyber crimes are:

1. Unauthorized Access and Hacking:

Unauthorized access means any kind of access without the permission of either of the rightful
or person in charge of the computer, computer system or computer network. Hacking means
an illegal intrusion into a computer system and/or network. Every act committed towards
breaking into a computer and/or network is hacking. Hackers write or use ready-made
computer programs to attack the target computer. They possess the desire to destruct and they
get the kick out of such destruction. Some hackers hack for personal monetary gains, such as
to stealing the credit card information, transferring money from various bank accounts to
their own account followed by withdrawal of money. Government websites are the most
targeted sites for the hackers.

2. Web Hijacking:
Web hijacking means taking forceful control of another person’s website. In this case the
owner of the website loses control over his website and its content.

3. Pornography:
Pornography means showing sexual acts in order to cause sexual excitement. The definition
of pornography also includes pornographic websites, pornographic magazines produced using
computer and the internet pornography delivered over mobile phones.

1
4. Child Pornography:
The Internet is being highly used as a medium to sexually abuse children. The children are
viable victim to the cyber crime. Computers and internet having become a necessity of every
household, the children have got an easy access to the internet. There is an easy access to the
pornographic contents on the internet. Pedophiles lure the children by distributing
pornographic material and then they try to meet them for sex or to take their nude
photographs including their engagement in sexual positions. Sometimes Pedophiles contact
children in the chat rooms posing as teenagers or a child of similar age and then they start
becoming friendlier with them and win their confidence. Then slowly pedophiles start sexual
chat to help children shed their inhibitions about sex and then call them out for personal
interaction. Then starts actual exploitation of the children by offering them some money or
falsely promising them good opportunities in life. The pedophiles then sexually exploit the
children either by using them as sexual objects or by taking their pornographic pictures in
order to sell those over the internet.

How do they operate?

1. Pedophiles use false identity to trap the children/teenagers
2. Pedophiles contact children/teens in various chat rooms which are used by
children/teen to interact with other children/teen.
3. Befriend the child/teen.
4. Extract personal information from the child/teen by winning his confidence.
5. Gets the e-mail address of the child/teen and starts making contacts on the victim’s e-
mail address.
6. Starts sending pornographic images/text to the victim including child pornographic
images in order to help child/teen shed his inhibitions so that a feeling is created in
the mind of the victim that what is being fed to him is normal and that everybody does
it.
7. Extract personal information from child/teen
8. At the end of it, the pedophiles set up a meeting with the child/teen out of the house
and then drag him into the net to further sexually assault him or to use him as a sex
object.

5. Cyber Stalking:
In general terms, stalking can be termed as the repeated acts of harassment targeting the
victim such as following the victim, making harassing phone calls, killing the victims pet,
vandalizing victims property, leaving written messages or objects. Stalking may be followed
by serious violent acts such as physical harm to the victim. Cyber Stalking means repeated
acts of harassment or threatening behavior of the cyber criminal towards the victim by using
internet services. Both kind of Stalkers i.e., Online & Offline – have desire to control the
victims life.

How do Cyber Stalkers operate?

1. They collect all personal information about the victim such as name, family
background, Telephone Numbers of residence and work place, daily routine of the
victim, address of residence and place of work, date of birth etc. If the stalker is one
of the acquaintances of the victim he can easily get this information. If stalker is a
stranger to victim, he collects the information from the internet resources such as
various profiles, the victim may have filled in while opening the chat or e-mail
account or while signing an account with some website.

2
 2. The stalker may post this information on any website related to sex-services or dating
services, posing as if the victim is posting this information and invite the people to
call the victim on her telephone numbers to have sexual services. Stalker even uses
very filthy and obscene language to invite the interested persons.
3. People of all kind from nook and corner of the World, who come across this
information, start calling the victim at her residence and/or work place, asking for
sexual services or relationships.
4. Some stalkers subscribe the e-mail account of the victim to innumerable pornographic
and sex sites, because of which victim starts receiving such kind of unsolicited e-
mails.
5. Some stalkers keep on sending repeated e-mails asking for various kinds of favors or
threaten the victim.
6. In online stalking the stalker can make third party to harass the victim.
7. Follow their victim from board to board. They “hangout” on the same BB’s as their
victim, many times posting notes to the victim, making sure the victim is aware that
he/she is being followed. Many times they will “flame” their victim (becoming
argumentative, insulting) to get their attention.
8. Stalkers will almost always make contact with their victims through email. The letters
may be loving, threatening, or sexually explicit. He will many times use multiple
names when contacting the victim.
9. Contact victim via telephone. If the stalker is able to access the victim’s telephone, he
will many times make calls to the victim to threaten, harass, or intimidate them.
10. Track the victim to his/her home.

6. Denial of service Attack:

This is an attack in which the criminal floods the bandwidth of the victim’s network or fills
his e-mail box with spam mail depriving him of the services he is entitled to access or
provide. This kind of attack is designed to bring the network to crash by flooding it with
useless traffic. Another variation to a typical denial of service attack is known as a
Distributed Denial of Service (DDoS) attack wherein the perpetrators are many and are
geographically widespread. Many DoS attacks, such as the Ping of Death and Teardrop
attacks, exploit limitations in the TCp/IP protocols. For all known DoS attacks, there are
software fixes that system administrators can install to limit the damage caused by the
attacks. But, like Virus, new DoS attacks are constantly being dreamed up by Hacker.

7. Virus attacks:
Viruses are the programs that have the capability to infect other programs and make copies of
itself and spread into other program. Programs that multiply like viruses but spread from
computer to computer are called as worms. These are malicious software that attach
themselves to other software. Virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit
and Bacterium are the malicious. Viruses usually affect the data on a computer, either by
altering or deleting it. On the other hand worms merely make functional copies of themselves
and do this repeatedly till they eat up all the available.
Trojan Horse is a program that acts like something useful but do the things that are quiet
damping. Trojans come in two parts, a Client part and a Server part. When the victim
(unknowingly) runs the server on its machine, the attacker will then use the Client to connect
to the Server and start using the Trojan. TCP/IP protocol is the usual protocol type used for
communications, but some functions of the Trojans use the UDP protocol as well.

8. Software Piracy:

3
Software piracy refers to the illegal copying of genuine programs or the counterfeiting and
distribution of products intended to pass for the original. These kind of crimes also include
copyright infringement, trademarks violations, theft of computer source code, patent
violations etc.
Domain names are also trademarks and protected by ICANN’s domain dispute resolution
policy and also under trademark laws. Cyber squatters register domain name identical to
popular service provider’s name so as to attract their users and get benefit from them .

9. Salami attacks :
These attacks are used for the commission of financial crimes. The key here is to make the
alteration so insignificant that in a single case it would go completely unnoticed. E.g. a bank
employee inserts a program, into the bank’s servers, that deducts a small amount of money
(say Rs. 5 a month) from the account of every customer. No account holder will probably
notice this unauthorized debit, but the bank employee will make a sizable amount of money
every month.

10. Phishing:
Phishing is the act of sending an e-mail to a user falsely claiming to be an established
legitimate enterprise in an attempt to scam the user into surrendering private information that
will be used for identity theft. The e-mail directs the user to visit a web site where they are
asked to update personal information, such as passwords and credit card, social security, and
bank account numbers that the legitimate organization already has. The Web site, however, is
bogus and set up only to steal the user’s information. By spamming large groups of people,
the phisher counted on the e-mail being read by a percentage of people who actually had
listed credit card numbers with legitimately.

11. Sale of illegal articles:

This category of cyber crimes includes sale of narcotics, weapons and wildlife etc., by
posting information on websites, auction websites, and bulletin boards or simply by using
email communication.

12. Online gambling :

There are millions of websites; all hosted on servers abroad, that offer online gambling. In
fact, it is believed that many of these websites are actually fronts for money laundering.
Cases of hawala transactions and money laundering over the Internet have been reported.

13. Email spoofing :

Email spoofing refers to email that appears to originate from one source but actually has been
sent from another source. Email spoofing can also cause monetary damage.

14. Cyber Defamation:

When a person publishes defamatory matter about someone on a website or sends e-mails
containing defamatory information to all of that person’s friends, it is termed as cyber
defamation.

15. Forgery:
Computers, printers and scanners are used to forge counterfeit currency notes, postage and
revenue stamps, mark sheets etc. These are made using computers, and high quality scanners
and printers.

4
16. Theft of information contained in electronic form :
This includes theft of information stored in computer hard disks, removable storage media
etc.

17. Email bombing :

Email bombing refers to sending a large number of emails to the victim resulting in the
victim’s email account (in case of an individual) or mail servers (in case of a company or an
email service provider) crashing.

18. Data diddling :

This kind of an attack involves altering raw data just before it is processed by a computer and
then changing it back after the processing is completed.

19. Internet time theft :

Internet time refers to usage by an unauthorized person of the Internet hours paid for by
another person.

20. Theft of computer system :

This type of offence involves the theft of a computer, some part(s) of a computer or a
peripheral attached to the computer.

21. Physically damaging a computer system :

This crime is committed by physically damaging a computer or its peripherals.

22. Breach of Privacy and Confidentiality :

Privacy refers to the right of an individual/s to determine when, how and to what extent his or
her personal data will be shared with others. Breach of privacy means unauthorized use or
distribution or disclosure of personal information.
Confidentiality means non disclosure of information to unauthorized or unwanted persons. In
addition to Personal information some other type of information which useful for business
and leakage of such information to other persons may cause damage to business or person,
such information should be protected.
Generally for protecting secrecy of such information, parties while sharing information forms
an agreement about he procedure of handling of information and to not to disclose such
information to third parties or use it in such a way that it will be disclosed to third parties.
Many times party or their employees leak such valuable information for monitory gains and
causes breach of contract of confidentiality. Special techniques such as Social Engineering
are commonly used to obtain confidential information.

23. Data diddling:

Data diddling involves changing data prior or during input into a computer. The information
is changed from the way it should be entered by a person typing in the data, a virus that
changes data, the programmer of the database or application, or anyone else involved in the
process of having information stored in a computer file. It also include automatic changing
the financial information for some time before processing and then restoring original
information.

24. E-commerce/ Investment Frauds:

An offering that uses false or fraudulent claims to solicit investments or loans, or that
provides for the purchase, use, or trade of forged or counterfeit securities. Merchandise or

5
services that were purchased or contracted by individuals online are never delivered. The
fraud attributable to the misrepresentation of a product advertised for sale through an Internet
auction site or the non-delivery of products purchased through an Internet auction site.
Investors are enticed to invest in this fraudulent scheme by the promises of abnormally high
profits.

25. Cyber Terrorism:

Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic
control, telecommunication networks are the most likely targets. Others like police, medical,
fire and rescue systems etc.
Cyber terrorism is an attractive option for modern terrorists for several reasons.
1. It is cheaper than traditional terrorist methods.
2. Cyber terrorism is more anonymous than traditional terrorist methods.
3. The variety and number of targets are enormous.
4. Cyber terrorism can be conducted remotely, a feature that is especially appealing to
terrorists.
5. Cyber terrorism has the potential to affect directly a larger number of people.
Types of cybercrimes
The following are the various types of cybercrimes:

 Theft via cyberspace: Cyber theft is a sort of cybercrime that includes an

individual infiltrating another person’s or company’s system in order to steal
wealth, private information, financial information, or proprietary information.
Identity theft and embezzlement are examples of fraudulent crimes that might be
classified as cyber theft crimes.
 Cyberbullying: Bullying an individual online is referred to as cyberbullying.
Cyberbullying includes any threat to a person’s safety, coercion of a person to say
or do anything, and expressions of hatred or subjectivity against someone. While
children are more likely to be victims of cyberbullying, adults are not exempt.
According to a survey, 40% of polled teens said they had encountered online
harassment, while 24% of adults aged 26–35 said they had experienced
cyberbullying.
 Malware: Malware is a term that refers to any software program that is meant to
infiltrate or harm a device. Viruses are a type of software that falls under the
malware category. Viruses may cause a range of problems once they enter a
device. They may delete files, record your keystrokes, erase your disk drive, or
otherwise corrupt your data.
 Phishing: Phishing happens when fraudsters act as an organisation in order to
dupe victims into disclosing important information. Scare techniques, such as
notifying the victim that their bank account or personal device is under assault, are
frequently used by cybercriminals to effectively fulfil their phishing aims.

 Extortion via the internet: Cyber extortion is a type of blackmail that takes place
through the internet. In these occurrences, cybercriminals target or try to harm the
person and demand pay or a reaction in order to halt their threats.

6
 Ransomware: Ransomware is a sort of cyber extortion that uses malware to
achieve its purpose. This software threatens to disclose the victim’s data or to
block the user from retrieving his/her data unless the cybercriminal gets a
predetermined sum of money.
 Cryptojacking: When hackers utilise other people’s processing resources to mine
cryptocurrency without their permission, this is referred to as cryptojacking.
Cryptojacking varies from cyber crimes that utilise malware to enter the device of
a victim to steal data whereas the cryptojackers are not interested in stealing a
victim’s data. Cryptojackers, on the other hand, employ the computing power of
their victim’s gadget. Despite appearing to be less harmful than other cybercrimes,
cryptojacking should not be taken lightly because falling prey to it can drastically
delay one’s device and render it vulnerable to further cyber assaults.
 Cyber spying: Cyber spying occurs when hackers target a public or private entity’s
network in order to gain access to classified data, private information, or
intellectual property. Cybercriminals may utilise the sensitive information they
discover for a variety of purposes, including blackmail, extortion, public
humiliation, and monetary gain.
 Spyware: Spyware is a software that cybercriminals employ to monitor and record
their victims’ actions and personal information. Often, a victim unintentionally
downloads spyware onto their device, giving a cybercriminal unwitting access to
their data. Cybercriminals can access a victim’s credit card data, passwords, web
cam, and microphone depending on the type of spyware employed.
 Adware: Adware is software that you may unintentionally download and install
when installing another program. Every time someone views or clicks on an
advertisement window, the developers of adware programs profit financially from
their actions on people’s computers. Although some adware software is lawful and
innocuous, others are invasive due to the type and number of ads they display.
Many nations consider some adware applications to be unlawful because they
contain spyware, malware, and other dangerous software.
 Botnets: Botnets are malware-infected computer networks. Malicious hackers
infiltrate and gain control of these machines in order to do things online without
the user’s consent, allowing them to commit fraudulent crimes while remaining
undetected. They may send spam emails and conduct targeted hacks into a
company’s assets, financial records, data analyses, and other vital information.
 Dating hoodwinks: Some hackers utilise dating websites, chat rooms, and online
dating apps to pose as possible mates and attract people in order to have access to
their data.
 Hacking: Any illegal access to a computer system is generally referred to as
hacking. When a hacker gains unauthorised access to a company’s or an
individual’s computers and networks, they can obtain access to important
corporate information as well as personal and private data. Despite this, not all
hackers are crooks. Some “white hat” hackers are employed by software
businesses to identify faults and gaps in their surveillance systems. These hackers
get into a company’s network in order to uncover existing holes in their clients’
systems and provide fixes to such issues.

7
Cybercriminals or “black hat” hackers may desire to go clean and abandon their criminal
activities occasionally. In these circumstances, one of the finest possibilities is to work as a
security analyst for the organisations they used to torture. These individuals have greater
expertise and experience with network intrusion than the majority of computer security
specialists.

Types of Cybercrime

DDoS and botnet:This is one of the top arenas covered by cyber law, in general. Large
websites are usually a target for hackers looking to steal data or extort money from site
owners. Hackers do so by generating traffic beyond the site’s capacity, which, eventually,
crashes the site. When the site is not functioning, the hackers steal the data or contact the site
owner and demand money to restore the site.
This type of attack is known as a DDoS attack and is done via the botnet system.

Identity theft Identity theft, as per cyber law, is the stealing of someone’s identity and
passing it off as your own in an online forum. This is a serious concern in cyber law because
hackers steal your private and confidential information and use the same for malicious gains.

Cyberstalking: Cyberstalking, as per cyber law, is the usage of an entity’s social media or
online information to threaten, stalk, or extort money from them. The data collected by the
attacker is, generally, sensitive and can cause issues such as security breaches, defamation,
and more.

Social engineering The concept of social engineering in cyber law is stealing by gaining
confidence. Through social engineering, criminals usually target people who have
considerably less knowledge and understanding of the functioning of banks, social media,
and digital operations, in general.

By posing as a trustworthy person or customer care representative, criminals gain access to

people’s banks or social media accounts and proceed to sell the data gained through the same.
Sometimes, the accounts can be hacked for extortion as well.

PUPs It is usually popular advice by cyber law experts to avoid installing unknown software
for the simple reason that malware can be installed into your computer and files can be
stolen. Furthermore, spyware can be installed on your computer for malicious purposes as
well.This mode of gaining access or stealing data via adware, spyware, etc., is known
as potentially unwanted programs (PUPs.) This is why it is common to advise cyber law and
computer experts to make use of authorized service centers only.

8
Phishing Phishing is a crime where the hackers gain access to a person’s device via a link;
the link, in a simple glance, would look authentic. The link can include gift cards, games, etc.
Sometimes, links come via mail claiming that your data is stolen, and by clicking the link you
can restore it.The above-mentioned are a few of the many crimes that are identified by cyber
law experts around the globe.

Following is the treatment of cyber law in Indian jurisdiction.

Importance of Cyber Law

Cyber law is of paramount importance in our digital age as it safeguards digital assets,
prevents cybercrimes, regulates online activities, protects e-commerce and consumer rights,
fosters international cooperation, upholds intellectual property rights, ensures data privacy,
and provides legal remedies. It plays a vital role in establishing legal order and security in the
digital realm, protecting both individuals and organizations in an interconnected world.

Cyber Law in India: A Brief Understanding

India witnesses many cybercrimes annually, with over 44,000 reported cases. Among the
states in India, Karnataka emerges as the leader in terms of cybercrime rates. According to a
2022 report by Statista, the average cost of data breaches was USD 2 million in India. This
financial impact reflects the consequences of data breach incidents. For more detailed
statistical information, please refer here.

Cyber law in India is governed by two key legislations: the Indian Penal Code and the
Information Technology Act of 2000. These legal frameworks provide the necessary
guidelines and provisions to address cybercrime and protect digital assets and individuals’
rights in cyberspace.

A variety of cybercrimes are addressed by Indian cyber laws, covering two main aspects:
hacking systems and employing them to commit crimes of different magnitudes.
Additionally, Indian cyber law encompasses a comprehensive range of domains, such as
intellectual property rights and privacy rights, among others.

Cyber law in India encompasses a broad range of subjects, although it is important to note
that the list provided is not exhaustive. Similar concepts may also be addressed in other
jurisdictions globally. The following outlines the various types of cybercrimes and the
corresponding cyber law protections.

FraudCyber law in India identifies the theft of identities, credit cards, and other finance-
based crimes as fraud; these cybercrime offenses may lead to fines, imprisonment, or both.

Copyright Cyber law in India protects copyrighted works present in online forums. The
accused are punished based on the Copyright Act and other applicable acts, rules, and
regulations.

9
Defamation The Indian constitution ensures the right to speech, but it comes with
limitations; when the limitations are crossed, it constitutes defamation. A person who defames
another person or an organization will be punished under cyber law.

But, What constitutes defamation activity online? In brief, according to cyber law, spreading
false information or information without evidence online constitutes defamation activity.

Indeed, with the growth of social media usage, stronger cyber law protection is required
against defamation.

Harassment and stalking Cyber law in India protects online users from harassment and
stalking. When someone speaks in a targeted way against you online, it would constitute
harassment. The factors of harassment are circumstantial.When online information is used to
harass someone, it is known as stalking. Harassment and stalking are serious offenses in India
that have repercussions in both civil law and criminal law.

Trade secrets In general, trade secrets are confidential information about companies.
Attempting to leak confidential information to the public or using the same for monetary gain
is a serious offense, as per Indian cyber law. The penalty for leaking or using trade secrets is
determined by the gravity of the injury experienced by the infringing party. But, why exactly
is cyber law in action against cybercrimes? What are its objectives? The following section
will answer the same.

Types of Cyber Law

There are several types of cyber laws, each addressing specific aspects of digital activities
and cybersecurity. Here are some common categories of cyber laws:

1. Privacy Laws:
o Privacy laws govern the collection, use, and protection of individuals’ personal
information online.
o Examples include the General Data Protection Regulation (GDPR) in Europe
and the California Consumer Privacy Act (CCPA) in the United States.
2. Cybercrime Laws:
o Cybercrime laws focus on criminal activities conducted online, including
hacking, identity theft, online fraud, and cyberbullying.
o These laws define offenses, penalties, and procedures for investigation and
prosecution.
3. Data Breach Notification Laws:
o Data breach notification laws mandate that organizations inform affected
individuals and authorities when a data breach occurs.
o These laws aim to ensure transparency and help individuals take necessary
actions to protect themselves.
4. Intellectual Property Laws:
o Intellectual property laws protect digital content, patents, trademarks, and
copyrights in the digital realm.
o They address issues like copyright infringement and online piracy.

10
 5. Cybersecurity Laws:
o Cybersecurity laws require organizations to implement measures to protect
their digital infrastructure and sensitive data.
o These laws often set standards and requirements for data security practices.
6. E-Commerce and Online Contracts:
o Laws related to e-commerce and online contracts establish legal frameworks
for online transactions, electronic signatures, and consumer rights.
o They provide a basis for resolving disputes in the digital marketplace.
7. Social Media and Online Content Regulations:
o Regulations governing social media and online content address issues such as
hate speech, defamation, and harmful content.
o They set guidelines for the removal or restriction of such content.
8. Computer Crime Laws:
o Computer crime laws specifically target offenses involving computer systems
and networks.
o They encompass unauthorized access, malware distribution, and cyberattacks
on critical infrastructure.
9. Cryptocurrency and Blockchain Regulations:
o As digital currencies and blockchain technology gain prominence, regulations
address issues like cryptocurrency trading, initial coin offerings (ICOs), and
blockchain-based contracts.
10. International Cybersecurity Agreements:
o Some laws and agreements focus on international cooperation in combating
cybercrimes and promoting cybersecurity best practices.
o Examples include the Budapest Convention on Cybercrime and bilateral
cybersecurity agreements between nations.

These are just a few examples of the types of cyber laws that exist to govern and regulate
various aspects of digital activities, protect individuals’ rights, and ensure cybersecurity in the
digital age. The specific laws and regulations can vary significantly from one jurisdiction to
another.

Objectives of Cyber Law

Lawmakers have executed cyber law legal protections with the following objectives: The
following features of cyber law make the internet a much safer place to explore:

 To be a safety net against online data predators.

 To ensure justice for cybercrime victims
 To prevent debit card or credit card fraud. Many people have switched to digital
payment methods. Cyberlaw tries to make sure that victims do not have to go through
the additional agony of long procedures.
 To block transactions when there is any unusual activity such as the input of an
incorrect password.
 To ensure the safety of protected data. By knowing what cyber law is, one can easily
adopt preventative measures.
 To ensure national security.

11
The various advantages of cyber law include the following:

 Better protection of e-commerce sites ensures better revenue for the companies; this,
in turn, ensures a better economy for the country.
 Grievances for online transactions will be heard by the court as a part of the remedial
measures of cyber law.
 Recognition of e-documents and grievances on the same will be heard by the court.
 Fixing security issues by the companies leads to better data protection standards.
 Ensuring proper usage of data by the companies.

The above-mentioned are a few of the popular aspects of cyber law in India. This is not legal
advice. If you require cyber law remedies, contact a lawyer immediately.

How to protect yourself on the Internet

 Try to maintain a few social media accounts as possible. Every information you put
online is a potential way to hack your account. If you are serious about maintaining
your presence on several social media platforms, always ensure that your passwords
are strong. Regular changing of passwords is a great way of protecting your data from
hackers. You can use password manager apps to create strong passwords. Two-factor
authentication would add an additional layer of security for sure.

 Always question the app’s access permission. When you download any app/ visit any
website, you will be requested a particular number of permissions. If basic
permissions are requested, it is fine. However, if permissions are requested to access
sensitive information such as your gallery and such, immediately deny such requests.
More so, quit the website immediately/ delete the app immediately.

 Free wi-fi is always intriguing. But oftentimes it is a honeytrap laid by hackers to lure
you into using it. When you access the internet via free wifi, hackers can easily get
into your device, spread viruses, steal information, and more of a similar sort.

 Finally, always be suspicious of any “too good to be true” kind of messages/ calls. If
you get any such calls/ messages, always report to the respective officials
immediately.

What is cyber crime

Any criminal activity that involves a computer, networked device, or any other related device
can be considered a cyber crime. There are some instances when cyber crimes are carried out
with the intention of generating profit for the cybercriminals, whereas other times a cyber
crime is carried out directly to damage or disable the computer or device. It is also possible
that others use computers or networks to spread malware, illegal information, images, or any
other kind of material.

As a result of cyber crime, many types of profit-driven criminal activities can be perpetrated,
such as ransomware attacks, email and internet fraud, identity theft, and frauds involving

12
financial accounts, credit cards or any other payment card. The theft and resale of personal
and corporate data could be the goal of cybercriminals.

In India, cyber crimes are covered by the Information Technology Act, 2000 and the Indian
Penal Code, 1860. It is the Information Technology Act, 2000, which deals with issues
related to cyber crimes and electronic commerce. However, in the year 2008, the Act was
amended and outlined the definition and punishment of cyber crime. Several amendments to
the Indian Penal Code 1860 and the Reserve Bank of India Act were also made.

Types of cyber crimes

The following are considered to be types of cyber-crimes:

Child pornography or child sexually abusive material (CSAM):

In its simplest sense, child sexual abuse materials (CSAMs) include any material containing
sexual images in any form, wherein both the child being exploited or abused may be seen.
There is a provision in Section 67(B) of the Information Technology Act which states that the
publication or transmission of material depicting children in sexually explicit acts in an
electronic form is punishable.

Cyberbullying:A cyberbully is someone who harasses or bullies others using electronic

devices like computers, mobile phones, laptops, etc. Cyberbullying refers to bullying
conducted through the use of digital technology. The use of social media, messaging
platforms, gaming platforms, and mobile devices may be involved. Oftentimes, this involves
repeated behaviour that is intended to scare, anger, or shame those being targeted.

13
CyberstalkingCyberstalking is the act of harassing or stalking another person online using
the internet and other technologies. Cyberstalking is done through texts, emails, social media
posts, and other forms and is often persistent, methodical, and deliberate.

Cyber grooming:The phenomenon of cyber grooming involves a person building a

relationship with a teenager and having a strategy of luring, teasing, or even putting pressure
on them to perform a sexual act.

Online job fraud:An online job fraud scheme involves misleading people who require a job
by promising them a better job with higher wages while giving them false hope. On March
21, 2022, the Reserve Bank of India (RBI) alerted people not to fall prey to job scams. By
this, the RBI has explained the way in which online job fraud is perpetrated, as well as
precautions the common man should take when applying for any job opportunity, whether in
India or abroad.

Online sextortion:The act of online sextortion occurs when the cybercriminal threatens any
individual to publish sensitive and private material on an electronic medium. These criminals
threaten in order to get a sexual image, sexual favour, or money from such individuals.

Phishing:Fraud involving phishing is when an email appears to be from a legitimate source

but contains a malicious attachment that is designed to steal personal information from the
user such as their ID, IPIN, Card number, expiration date, CVV, etc. and then selling the
information on the dark web.

Vishing:In vishing, victims’ confidential information is stolen by using their phones.

Cybercriminals use sophisticated social engineering tactics to get victims to divulge private
information and access personal accounts. In the same way as phishing and smishing, vishing
convincingly fools victims into thinking that they are being polite by responding to the call.
Callers can often pretend that they are from the government, tax department, police
department, or victim’s bank..

Smishing:As the name suggests, smishing is a fraud that uses text messages via mobile
phones to trick its victims into calling a fake phone number, visiting a fraudulent website or
downloading malicious software that resides on the victim’s computer.

Credit card fraud or debit card fraud:In credit card (or debit card) fraud, unauthorized
purchases or withdrawals from another’s card are made to gain access to their funds. When
unauthorized purchases or withdrawals of cash are made from a customer’s account, they are
considered credit/debit card fraud. Fraudulent activity occurs when a criminal gains access to
the cardholder’s debit/credit number, or personal identification number (PIN). Your
information can be obtained by unscrupulous employees or hackers.

Impersonation and identity theft:A person is impersonated or exposed to identity theft

when they make fraudulent use of an electronic signature, a password, or any other unique
identifier on another person’s behalf.

14
Cybercrime – Definition, Types, and Reporting

What is cybercrime? What are the types of cyber crimes? How to file a cybercrime
complaint? How to use cybercrime.gov.in? Read to know more.

Computers, mobile phones, and the internet have changed modern life. They provide us with
many benefits.

However, information technology also makes us vulnerable to a wide range of threats. These
threats may result in financial loss or damage to our reputation.

A minor lapse in managing our digital lives can open the door to cybercriminals. So it is
extremely important to know how to prevent us from cybercrimes.

What is cybercrime?
A Cybercrime is a crime involving computers and networks.

The computer may have been used in the execution of a crime or it may be the target.

Definition of Cyber Crime

Cybercrime may be defined as “Any unlawful act where computer or communication device
or computer network is used to commit or facilitate the commission of a crime”.

Two Main Types of Cybercrimes

Most cybercrime falls under two main categories:

 Criminal activity that targets computers.

 Criminal activity that uses computers.

Cybercrime that targets computers often involves malware like viruses.

Cybercrime that uses computers to commit other crimes may involve using computers to
spread malware, illegal information or illegal images.

List of Cybercrimes: Examples

Cybercrimes include monetary crimes as well as non-monetary offences. The crimes result in
damage to persons, computers, or governments.

15
1. Child Pornography OR Child sexually abusive material (CSAM)
Child sexually abusive material (CSAM) refers to a material containing sexual images in any
form, of a child who is abused or sexually exploited. Section 67 (B) of the IT Act states that
“it is punishable for publishing or transmitting of material depicting children in the sexually
explicit act, etc. in electronic form.

2. Cyber Bullying
A form of harassment or bullying inflicted through the use of electronic or communication
devices such as computers, mobile phones, laptops, etc.

3. Cyber Stalking
Cyberstalking is the use of electronic communication by a person to follow a person, or
attempts to contact a person to foster personal interaction repeatedly despite a clear indication
of disinterest by such person; or monitors the internet, email or any other form of electronic
communication commits the offence of stalking.

4. Cyber Grooming
Cyber Grooming is when a person builds an online relationship with a young person and
tricks or pressures him/ her into doing a sexual act.

5. Online Job Fraud

Online Job Fraud is an attempt to defraud people who are in need of employment by giving
them false hope/ promise of better employment with higher wages.

6. Online Sextortion
Online Sextortion occurs when someone threatens to distribute private and sensitive material
using an electronic medium if he/ she doesn’t provide images of a sexual nature, sexual
favours, or money.

7. Phishing
Phishing is a type of fraud that involves stealing personal information such as Customer ID,
IPIN, Credit/Debit Card number, Card expiry date, CVV number, etc. through emails that
appear to be from a legitimate source.

8. Vishing
Vishing is an attempt where fraudsters try to seek personal information like Customer ID, Net
Banking password, ATM PIN, OTP, Card expiry date, CVV etc. through a phone call.

16
9. Smishing
Smishing is a type of fraud that uses mobile phone text messages to lure victims into calling
back on a fraudulent phone number, visiting fraudulent websites or downloading malicious
content via phone or web.

10. Sexting
Sexting is an act of sending sexually explicit digital images, videos, text messages, or emails,
usually by cell phone.

11. SIM Swap Scam

SIM Swap Scam occurs when fraudsters manage to get a new SIM card issued against a
registered mobile number fraudulently through the mobile service provider. With the help of
this new SIM card, they get One Time Password (OTP) and alerts, required for making
financial transactions through the victim’s bank account. Getting a new SIM card against a
registered mobile number fraudulently is known as SIM Swap.

12. Credit Card Fraud or Debit Card Fraud

Credit card (or debit card) fraud involves the unauthorized use of another’s credit or debit
card information for the purpose of purchases or withdrawing funds from it.

13. Impersonation and identity theft

Impersonation and identity theft is an act of fraudulently or dishonestly making use of the
electronic signature, password or any other unique identification feature of any other person.

14. Spamming
Spamming occurs when someone receives an unsolicited commercial message sent via email,
SMS, MMS and any other similar electronic messaging media. They may try to persuade the
recipient to buy a product or service, or visit a website where he can make purchases, or they
may attempt to trick him/ her into divulging bank account or credit card details.

15. Ransomware
Ransomware is a type of computer malware that encrypts the files, storage media on
communication devices like desktops, Laptops, Mobile phones etc., holding data/information
as a hostage. The victim is asked to pay the demanded ransom to get his device decrypts

16. Viruses, Worms, and Trojans

A computer virus is a program written to enter your computer and damage/alter your
files/data and replicate itself.

Worms are malicious programs that make copies of themselves again and again on the local
drive, network shares, etc.

17
A Trojan horse is not a virus. It is a destructive program that looks like a genuine application.
Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive.
Trojans open a backdoor entry to your computer which gives malicious users/programs
access to your system, allowing confidential and personal information to be theft.

17. Data Breach

A data breach is an incident in which information is accessed without authorization.

18. Denial of Services (DoS) attack

A denial of Services (DoS) attack is an attack intended for denying access to computer
resources without the permission of the owner or any other person who is in charge of a
computer, computer system or computer network.

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service

unavailable by overwhelming it with traffic from multiple sources.

19. Website Defacement

Website Defacement is an attack intended to change the visual appearance of a website and/
or make it dysfunctional. The attacker may post indecent, hostile and obscene images,
messages, videos, etc.

20. Cyber-Squatting
Cyber-Squatting is an act of registering, trafficking in or using a domain name with an intent
to profit from the goodwill of a trademark belonging to someone else.

21. Pharming
Pharming is a cyber-attack aiming to redirect a website’s traffic to another, bogus website.

22. Cryptojacking
Cryptojacking is the unauthorized use of computing resources to mine cryptocurrencies.

23. Online Drug Trafficking

Online Drug Trafficking is a crime of selling, transporting, or illegally importing unlawful
controlled substances, such as heroin, cocaine, marijuana, or other illegal drugs using
electronic means.

24. Espionage
Espionage is the act or practice of obtaining data and information without the permission and
knowledge of the owner.

18
How to file a Cybercrime complaint online in India? A cybercrime complaint can be filed
using the National Crime Reporting Portal of India.
.National Cyber Crime Reporting Portal of India

This portal is an initiative of the Government of India to facilitate victims/ complainants to

report cybercrime complaints online.

This portal caters for all types of cybercrime complaints including complaints pertaining to

 online Child Pornography (CP),

 Child Sexual Abuse Material (CSAM),
 sexually explicit content such as Rape/Gang Rape (CP/RGR) content and
 other cybercrimes such as mobile crimes, online and social media crimes,
online financial frauds, ransomware, hacking, cryptocurrency crimes and online
cyber trafficking.

The portal also provides an option of reporting an anonymous complaint about reporting
online Child Pornography (CP) or sexually explicit content such as Rape/Gang Rape (RGR)
content.

Cybercrime Helpline Number

The Cyber Crime Helpline Number is 155260.

Indian Computer Emergency Response Team (CERT-IN or ICERT)

The Indian Computer Emergency Response Team (CERT-IN or ICERT) is an office
within the Ministry of Electronics and Information Technology of the Government of
India.CERT-In is the national nodal agency for responding to computer security incidents as
and when they occur. CERT-In is operational since January 2004.CERT-In has been
designated to serve as the national agency to perform the following functions in the area of
cyber security:

Collection, analysis and dissemination of information on cyber incidents.

 Forecast and alerts of cyber security incidents.

 Emergency measures for handling cyber security incidents.
 Coordination of cyber incident response activities.
 Issue guidelines, advisories, vulnerability notes and whitepapers relating to
information security practices, procedures, prevention, response and reporting
of cyber incidents.
 Such other functions relating to cyber security may be prescribed.

CERT-IN has overlapping responsibilities with other agencies such as National Critical
Information Infrastructure Protection Centre (NCIIPC).

19
Cyber Laws in India
Information Technology Act 2000 (IT Act 2000) is the main law connected with cyber
security in India.Indian Penal Code, 1860 is also used to book criminals connected with
cybercrimes.

 Cybercrime is defined as a crime where a computer is the object of the crime or is

used as a tool to commit an offense. Cybercrimes fall under State subjects as per the
Seventh Schedule of the Constitution of India. It involves illegal or unauthorized
activities that exploit technology to commit various forms of crimes. Cybercrime
covers a wide range of offenses and can affect individuals, organizations, and even
governments.
 Types: Distributed Denial-of-Service (DDoS) Attacks: These are used to make an
online service unavailable and take the network down by overwhelming the site with
traffic from a variety of sources
 . Botnets: Botnets are networks from compromised computers that are controlled
externally by remote hackers. The remote hackers then send spam or attack other
computers through these botnets.
 Identity Theft: This cybercrime occurs when a criminal gains access to a user’s
personal information or confidential information and then tries to tarnish reputation or
seek a ransom.
 Cyberstalking: This kind of cybercrime involves online harassment where the user is
subjected to a plethora of online messages and emails. Typically, cyberstalks use
social media, websites, and search engines to intimidate a user and instill fear.
 Phishing: It is a type of social engineering attack often used to steal user data,
including login credentials and credit card numbers. It occurs when an attacker,
masquerading as a trusted entity, dupes a victim into opening an email, instant
message, or text message.
 What are the Challenges Related to Cyber Security in India?
 Profit-Friendly Infrastructure Mindset: Post liberalisation, the Information
Technology (IT), electricity and telecom sector have witnessed large investments by
the private sector. Operators are not investing in protective infrastructure, rather they
are focused on the profitable infrastructure only, because they think investment on
cyber-attack preparedness may not generate good profits. All operators are focused on
profits, and do not want to invest in infrastructure that will not generate profits (i.e.
protective infrastructure).
 Absence of Separate Procedural Code: There is no separate procedural code for the
investigation of cyber or computer-related offences.
 Trans-National Nature of Cyber Attacks: Most cybercrimes are trans-national in
nature. The collection of evidence from foreign territories is not only a difficult but
also a tardy process.

 Expanding Digital Ecosystem: In the last couple of years, India has traversed on the
path of digitalizing its various economic factors and has carved a niche for itself
successfully. The latest technologies like 5G and Internet of Things (IoT) will increase
the coverage of the internet-connected ecosystem. With the advent of digitalisation,
paramount consumer and citizen data will be stored in digital format and transactions
are likely to be carried out online which makes India a breeding ground for potential
hackers and cyber-criminals.

20
 Limited Expertise and Authority: Offenses related to crypto-currency remain under-
reported as the capacity to solve such crimes remains limited. Although most State
cyber labs are capable of analysing hard disks and mobile phones, they are yet to be
recognized as 'Examiners of Electronic Evidence' (by the central government). Until
then, they cannot provide expert opinions on electronic data.
 What Measures Can be Taken to Tackle Cyber Crimes in India?
 Cybersecurity Awareness Campaign: The governments at various levels need to
conduct massive cybersecurity awareness campaigns, regarding Cyber frauds, use
strong, unique passwords, being careful using public wi-fi, etc
 . Cyber Insurance: Develop cyber insurance policies that are tailored to the specific
needs of different businesses and industries. Customized policies will help ensure that
organizations have coverage for the most relevant cyber risks they face. Cyber
insurance provides financial coverage against losses resulting from cyber incidents
and by mitigating the financial impact of these incidents, organizations can recover
more quickly and continue their operations
 . Data Protection Law: Data is referred to as the new currency, thus is a requirement
for a stringent data protection regime in India. In this context, the European Union's
General Data Protection Regulation and India’s Personal Data Protection Bill, 2019
are steps in the right direction.
 Collaborative Trigger Mechanism: For a country like India where the citizenry is
more vulnerable to cybercrime, there is an urgent need for a collaborative trigger
mechanism. This mechanism would bind all parties and enable law enforcers to act
quickly and safeguard citizens and businesses from a fast-growing menace. In this
context, the Indian Cyber Crime Coordination Centre will assist in centralizing
cybersecurity investigations, prioritize the development of response tools and bring
together private companies to contain the menace.

 What are the Government Initiatives to Cope with Cyber Crimes in India?
 Indian Cyber Crime Coordination Centre (I4C): This center coordinates efforts to
tackle all types of cyber-crimes across the country. National Cyber Forensic
Laboratory: It provides early-stage cyber forensic assistance to Investigating Officers
of all State/UT Police through both online and offline modes.
 CyTrain Portal: A Massive Open Online Courses (MOOC) platform for capacity
building of police officers, judicial officers, and prosecutors through online courses on
critical aspects of cybercrime investigation, forensics, and prosecution. National
Cyber Crime Reporting Portal: A platform where the public can report incidents of
cyber-crimes, with a special focus on crimes against women and children.
 Citizen Financial Cyber Fraud Reporting and Management System: It is a system for
immediate reporting of financial frauds and assistance in lodging online cyber
complaints through a toll-free helpline
 . Cybercrime Prevention against Women and Children (CCPWC) Scheme: Financial
assistance provided to States/UTs for developing capabilities of Law Enforcement
Agencies in investigating cyber-crimes.
 Joint Cyber Coordination Teams: Constituted to enhance coordination among Law
Enforcement Agencies of States/UTs, particularly in areas with multi-jurisdictional
issues related to cyber-crimes.
 Central Assistance for Modernization of Police: Providing financial support to
States/UTs for acquiring modern weaponry, advanced communication/forensic
equipment, and cyber policing equipment.
 Conclusion

21
  It is of critical importance to ensure global cooperation through information sharing
and strengthening joint efforts in cybersecurity research and development as most
cyberattacks originate from beyond the borders. It is important for the corporates or
the respective government departments to find the gaps in their organisations and
address those gaps and create a layered security system, wherein security threat
intelligence sharing is happening between different layers.

What is Cybercrime Investigation?

Investigation of a Cybercrime is process consisting of investigating, analysing, and
recovering forensic data for digital evidence of a crime. It involves the use of specialized
tools and techniques to investigate various types of cyber crimes, such as hacking, phishing,
malware, data breaches, and identity theft.

Examples of evidence in a cyber crime investigation include a computer, cell phone,

automobile navigation system, video game console, or other networked device found at the
scene of a crime. This evidence helps cyber crime investigators determine the perpetrators of
a cyber crime and their intent.

The investigation process is conducted by cyber crime investigators, who are responsible for
conducting thorough and accurate investigations, preserving evidence, and collaborating with
law enforcement agencies to bring cybercriminals to justice. Cybercrime investigation is
essential for businesses and individuals to protect against the growing threat of cybercrime,
and to ensure that justice is served for victims of cybercrime.

Cybercrime investigation is a complex and constantly evolving field, as new threats and
technologies emerge. As a result, investigators must stay up-to-date with the latest techniques
and tools in order to effectively investigate and mitigate cyber crimes.

For conducting cyber-crime investigation, certain special skills and scientific tools are
required without which the investigation is not possible. Investigating a crime scene is not an
easy job. It requires years of study to learn how to deal with hard cases, and most
importantly, get those cases resolved.

Cyber Crime Investigation Techniques

While techniques may vary depending on the type of cybercrime being investigated, as well
as who is running the investigation, Activities that a computer crime investigator performs
include recovering file systems of hacked computers, acquiring data that can be used as
evidence to prosecute crimes, writing reports for use in legal proceedings, and testifying in
court hearings.

Cyber crime investigation techniques include:

 Performing background checks:

Establishing the when, where, and who of a crime sets the stage for an investigation.
This technique uses public and private records and databases to find out the
backgrounds of individuals potentially involved in a crime.

 Gathering information:
One of the most important things any cybersecurity researcher must do is grab as

22
 much information as possible about the incident.

Was it an automated attack, or a human-based targeted crime? Was there any open
opportunity for this attack to happen? What is the scope and impact? Can this attack
be performed by anyone, or by certain people with specific skills? Who are the
potential suspects? What digital crimes were committed? Where can the evidence be
found? Do we have access to such evidence sources?

This technique is one of the most critical in cyber crime investigations. Here,
investigators ask questions such as: What evidence can be found? What level of
access to sources do we have to gather the evidence? The answers to these and other
questions provide the foundation for a successful investigation.

 Running digital forensics:

Cyber crime investigators use their digital and technology skills to conduct forensics,
which involves the use of technology and scientific methods to collect, preserve, and
analyze evidence throughout an investigation. Forensic data can be used to support
evidence or confirm a suspect's involvement in a crime.

Once researchers have collected enough data about the cybercrime, it's time to
examine the digital systems that were affected, or those supposed to be involved in
the origin of the attack. This process involves analyzing network connection raw data,
hard drives, file systems, caching devices, RAM memory and more. Once the forensic
work starts, the involved researcher will follow up on all the involved trails looking
for fingerprints in system files, network and service logs, emails, web-browsing
history, etc.

 Tracking the authors of a cyber crime:

With information about a crime in hand, cyber crime investigators work with internet
service providers and telecommunications and network companies to see which
websites and protocols were used in the crime. This technique is also useful for
monitoring future activities through digital surveillance. Investigators must seek
permission to conduct these types of activities through court orders.

Cybercrime Investigation Tools

Cybercrime investigation requires the use of specialized tools and software to collect,
preserve, and analyse digital evidence. These tools can be used to identify suspects, track
their activities, and gather evidence to build a case against them.

Here are some of the most common cybercrime investigation tools used by investigators:

1. Digital Forensics Software:It is used to recover deleted files, analyze metadata, and
examine network traffic logs. Popular digital forensics software includes tools like
EnCase, FTK, and Autopsy. Digital forensics helps investigators piece together
evidence and determine the timeline of events in a crime. It is mainly made up of
network forensics and memory/disk analysis. By analyzing information found on
disks and through networks, investigators can learn about other potential conspirators
in the crime. This could help them track down these individuals and stop them before

23
 another crime is committed.

2. Network Analysis Tools They are used to monitor network traffic, identify
suspicious activity, and track the flow of data. Network analysis tools include tools
like Wireshark, tcpdump, and Netscout.

3. Malware Analysis Tools They are used to analyze and reverse engineer malware to
understand its behavior and identify its source. Malware analysis tools include IDA
Pro, OllyDbg, and Binary Ninja.

4. Password Recovery Tools They are used to recover passwords from encrypted files,
databases, or other sources of digital evidence. Password recovery tools include tools
like Cain and Abel, John the Ripper, and Hashcat.

5. Social Media Analysis Tools They are used to track suspects' activities and gather
evidence from social media platforms. Social media analysis tools include tools like
Hootsuite, Followerwonk, and Mention.

Above are the few examples of the many cybercrime investigation tools available to
investigators. It's important for investigators to have a deep understanding of these tools, as
well as knowledge of the latest trends and techniques in cybercrime investigation.

By using these tools effectively, investigators can help to identify and prosecute cyber
criminals and protect individuals and organizations from the growing threat of cybercrime.

Cyber Crime Investigation Training:

Cybercrime investigation is a complex and rapidly-evolving field that requires specialized
training and expertise. There are a variety of training programs available to individuals
interested in pursuing a career in cybercrime investigation.

 Law enforcement agencies often offer specialized training programs for cybercrime
investigation. These programs can provide investigators with the knowledge and skills
they need to identify and investigate cyber crimes, as well as the legal and regulatory
requirements for handling digital evidence.

 Industry certifications are also available in cyber crime investigation, such as the
Certified Cyber Crime Investigator (CCCI) or the Certified Computer Examiner
(CCE). These certifications can demonstrate an investigator's expertise and help them
stand out in a competitive job market.

 Many colleges and universities offer degree programs in cyber security, digital
forensics, or other related fields. These programs can provide students with a strong
foundation in cyber crime investigation, as well as the technical and analytical skills
needed to succeed in this field.

 Private companies and organizations also offer training programs in cybercrime

investigation. These programs can provide specialized training in areas such as digital
forensics, network analysis, or malware analysis.

24
It's essential for individuals interested in pursuing a career in cyber crime investigation to
seek out training programs that align with their career goals and interests. By investing in
specialized training and education, individuals can develop the skills and knowledge needed
to succeed in this exciting and important field.

Cybercrime investigators must be experts in computer science, understanding not only

software, file systems and operating systems, but also how networks and hardware work.
They must be knowledgeable enough to determine how the interactions between these
components occur, to get a full picture of what happened, why it happened, when it
happened, who performed the cybercrime itself, and how victims can protect themselves in
the future against these types of cyber threats.

Crime Scene Investigation: Search and Seizure

The sequences of steps for digital crime scene investigations are:

 Identifying and securing the crime scene- Obtain IP Address, Locating the IP address
of the suspect, and Gaining access to the IP address, through the Internet service
provider by way of either a warrant, subpoena, or court order;

On identifying the internet Service Provider (ISP) (i.e. the IP Network provider), contact the
provider's management, (In some countries, this is done through the Police); to request to be
able to gain access to the call detail records (CDRs), through the allotted IP address used by
the suspect(s) - The Internet Service Provider (ISP) may cooperate fully, or you may need to
obtain a subpoena, warrant, or court order, for this purpose.

(NOTE that ISPs have records of everything a subscriber does on the Internet!

 Procedure for gathering evidences from Switched-off Systems

 Procedure for gathering evidence from live systems
 Forensic duplication
 Conducting interviews
 Labeling and documenting of the evidence
 Packaging and transportation of the evidence
 Panchanama (Seizure Memo) and Seizure Proceedings T - The legal provisions
empowering the IOs to conduct search and seizure are provided under Section 165 Cr
PC and Section 80 of the ITAA 2008
 Make sure one of the technical people from the responder side along with two
independent witnesses is part of the search and seizure proceedings, to identify the
equipment correctly and to guide the IO and witnesses
 Please refer to the notes made during the pre-investigation assessment for cross
verifying and correctly documenting the technical information regarding equipment,
networks, and other communication equipment at the scene of crime
 Time Zone/System Time play a very critical role in the entire investigation. Please
make sure this information is noted carefully in the panchanama, from the systems
that are in Switched on condition
 Please don't switch ON any device
 Make sure a serial number is allotted for each device, and the same should be duly
noted not only in the panchanama but also in the Chain of Custody and Digital
Evidence Collection forms

25
  Make sure each device is photographed before starting the investigation process at
their original place along with respective reference like cubicle number or name room
surroundings, etc
 Make sure to photograph the Hard Disk Drive or any other internal part along with the
system, once removed from the system
 If possible, please paste the serial number along with PF number/Crime
number/section of law
 Capture the information about the system and data you are searching and seizing in
the panchanama
 Brief the witnesses regarding the tools used to perform search and seizure of the
digital evidence
 Make sure that the panchas have some knowledge and ability to identify various
digital devices
 Document the Chain of Custody and Digital Evidence Collection forms explained
below, apart from your regular panchanama as a Best practice, for digital evidences
 Please make sure all the details mentioned in the forms are completely filled

This chart shows the process of cyber crime investigation in India.

Chain of custody
Chain of custody refers to the documentation that shows the people who have been entrusted
with the evidence. These would be people who have seized the equipment, people who are in
charge of transferring the evidence from the crime scene to the forensic labs, people in charge
of analyzing the evidence, and so on.

Once the evidence is collected and every time the evidence is transferred, it should be
documented and no one else other than the person entrusted with the exhibit shall have access
to the evidence.

Conclusion:
We are living in a digital age and cyberspace is not limited to one's boundaries, rather it
covers an entire world. As a result cybercrime is increasing day by day in all the countries
including India. The biggest challenge relates to cybercrime being its dynamic nature because
of the ongoing evolution of digital technology. As a result new cybercrime methods and
techniques come into practice.

Therefore cybercrime should be given as much importance as other crime happening in our
society be it theft, rape, murder etc

Interesting facts:

 In 2018, a study by Center for Strategic and International Studies (CSIS), in

partnership with McAfee, a leading cybersecurity firm concludes that close to $600
billion, nearly one percent of global GDP, is lost to cybercrime each year.

 In 1995, Sussman and Heuston were the first to coin the phrase cyber-crime.

 The first person to be found guilty of cybercrime was Lan Murphy, also known as
Captain Zap,and that happened in the year 1981.He had hacked the American

26
 telephone company to manipulate its internal clock, so that users could still make free
calls at peak times.

JURISDICTION IN CYBER SPACE

 The exponential growth of cyberspace in India has ushered in an era of unprecedented

connectivity, innovation, and economic potential. However, this digital transformation
has created a complex web of legal challenges that demand meticulous attention. At
the forefront of these challenges is cyberspace jurisdiction—an intricate and evolving
landscape encompassing governments' legal authority in the virtual realm. As
cyberspace permeates every aspect of modern life, from e-commerce to social
interactions and national security, the imperative for effective regulation becomes
increasingly evident. This article embarks on a comprehensive exploration of the
"Issues and Concerns of Cyberspace Jurisdiction in India." It seeks to dissect the
Legal Framework, Relevant Acts and Regulations, Landmark Cases and Judgments,
and the myriad Challenges in cyberspace jurisdiction. Furthermore, the article
ventures into International Perspectives on Cyberspace Jurisdiction, delving into
India's participation in International Cybersecurity Agreements and offering
Recommendations for Future Treaties. By examining Government Notifications and
Initiatives, this article aims to provide valuable insights into a critical and ever-
evolving facet of India's legal landscape.

 Outlining Jurisdictional Concerns In Cyber Law The dynamic landscape of

cyberspace jurisdiction presents myriad intricate concerns within cyber law.
Central to these concerns is the challenge of defining and asserting jurisdiction
in an environment that transcends physical boundaries. The internet's
borderless nature complicates matters related to territorial jurisdiction, leaving
legal experts grappling with questions of where a cybercrime or dispute
originates, where it affects, and consequently, which legal framework should
apply. Privacy and data protection concerns loom large, with the need to
balance individual rights against the necessity for state surveillance and law
enforcement. Moreover, the jurisdictional landscape is further complicated by
the rapid evolution of technology, including emerging areas like artificial
intelligence and blockchain, necessitating continuous adaptation of laws and
regulations. As we delve into the intricacies of cyberspace jurisdiction in India,
these jurisdictional concerns serve as focal points for analysis and discussion.
Below is a brief of the case;

 Cyberspace Jurisdictional Approaches:

 Legal authorities have developed several key approaches in navigating the intricate
domain of cyberspace jurisdiction. One prominent model is territorial jurisdiction,
where a nation asserts its legal authority over activities that originate within its
geographical borders or substantially impact its residents. This approach, however,
often falters in the borderless realm of the internet, giving rise to conflicts and
ambiguities. Extraterritorial jurisdiction is another significant approach, allowing a
nation to extend its legal reach beyond its boundaries to address cybercrimes that
affect its citizens or interests abroad. However, extraterritoriality can raise questions

27
 of sovereignty and lead to diplomatic disputes. Additionally, cyber sovereignty
emphasises a nation's right to govern its cyberspace independently, even when dealing
with global internet platforms. As we explore the challenges and concerns of
cyberspace jurisdiction in India, these various approaches will be dissected to
illuminate their applicability and implications in a digitally interconnected world.
 Issues between jurisdictions and how to resolve them:

 Issues between jurisdictions in cyberspace jurisdiction can be complex and

multifaceted. One primary challenge is the lack of clear boundaries in the digital
landscape, making it difficult to determine where a cyber incident originated or where
its effects are most strongly felt. This ambiguity can lead to conflicts when multiple
jurisdictions claim authority over the same case. To resolve these conflicts,
international cooperation and treaties often play a crucial role. Bilateral or multilateral
agreements can establish frameworks for sharing information, evidence, and
responsibilities in cross-border cybercrime investigations. Additionally, the principle
of comity, which encourages nations to respect each other's laws and judicial
decisions, can aid in mitigating jurisdictional disputes. However, achieving consensus
among different jurisdictions remains complex, requiring ongoing diplomatic efforts
and legal harmonisation to ensure effective cyberspace governance.
 Cyberlaw Extraterritorial Jurisdiction:

 Cyberlaw extraterritorial jurisdiction is critical to addressing cross-border cybercrimes

and ensuring justice is served in the digital age. This legal principle allows a nation to
extend its jurisdiction beyond its geographical boundaries, asserting authority over
individuals or entities involved in cybercrimes that impact its citizens or interests,
even if the activities occur in another country. While extraterritorial jurisdiction is a
powerful tool for combating cyber threats that transcend borders, it can also lead to
complexities and diplomatic tensions. Concerns may arise regarding the infringement
of a foreign nation's sovereignty or conflicts in legal approaches. Striking a balance
between the pursuit of cybercriminals and respecting international norms and laws is a
central challenge in the realm of extraterritorial jurisdiction within the evolving
landscape of cyberspace governance.
 Global Cyber Crime Jurisdiction:

 Global cybercrime jurisdiction is a pressing concern in the interconnected world of

cyberspace. As cybercrimes know no borders and often involve actors from multiple
nations, determining which jurisdiction has authority over a particular case can be
immensely challenging. This issue becomes particularly pronounced when
cybercriminals operate from one country but victimise individuals or organisations in
others. Achieving a coordinated global response to cybercrime is crucial, as
fragmented jurisdictional approaches can hinder investigations and prosecutions.
International treaties and agreements play a pivotal role in facilitating cooperation
among nations, allowing for the extradition of cybercriminals, sharing evidence, and
harmonising legal frameworks to address this global challenge effectively. However,
achieving consensus on these matters remains a complex endeavour, and the evolving
nature of cyberspace constantly tests the limits of existing legal norms and
cooperation mechanisms.

28
 Information Technology Act of 2000 jurisdiction:

 The Information Technology Act of 2000 is the foundational legislation in India

governing cyberspace jurisdiction. This landmark act provides the legal framework
for regulating electronic transactions, digital signatures, and the security and integrity
of data within the country. Under this act, Indian authorities have the jurisdiction to
investigate and prosecute cybercrimes occurring within its territorial boundaries,
ensuring that the law applies to offences committed using digital means. However,
challenges arise when dealing with cross-border cybercrimes, as the act's jurisdiction
is limited to India. To address these concerns, the act's extraterritorial application has
been discussed, especially in cases where Indian citizens are affected by cybercrimes
outside the country. The Information Technology Act, as an essential component of
India's cyberspace jurisdiction, continues to evolve to meet the challenges and
concerns of the digital age.

 Cyberspace Jurisdiction in India: Legal Framework

 The legal framework governing cyberspace jurisdiction in India is primarily outlined

in the Information Technology Act of 2000. This legislation provides the foundation
for regulating electronic transactions, data security, and digital signatures within the
country's borders. It grants Indian authorities jurisdiction over cybercrimes occurring
within the nation but faces challenges in addressing cross-border cyber incidents,
prompting discussions on the act's extraterritorial applicability. As cyberspace
jurisdiction continually evolves, the Information Technology Act remains a critical
pillar in India's efforts to navigate the complex legal landscape of the digital realm.
 Relevant Acts and Regulations

 In the realm of cyberspace jurisdiction in India, several relevant acts and regulations
contribute to addressing issues and concerns. The Information Technology Act
2000 provides legal frameworks for electronic transactions, cybersecurity, and data
protection. The Indian Penal Code 1860 defines offences and penalties for
cybercrimes. The Digital Signature Act establishes the legal validity of digital
signatures, while the Indian Evidence Act of 1872 governs the admissibility and
evaluation of electronic evidence. The Telecommunication Act regulates
telecommunication networks and services, including internet service providers.
Additionally, the recently introduced Information Technology (Intermediary
Guidelines and Digital Media Ethics Code) Rules, 2021 outline requirements for
digital intermediaries and digital media platforms. These acts and regulations
collectively offer a comprehensive legal framework to address the challenges and
concerns of cyberspace jurisdiction in India.
 Landmark Cases and Judgments
 The Shreya Singhal Case and Section 66A

 The Shreya Singhal Case is a landmark judgement passed by the Supreme Court of
India in 2015. The case challenged the constitutional validity of Section 66A of the
Information Technology Act, which criminalised sending "offensive" messages using
a computer or any other communication device. The Court struck down Section 66A,
stating that it violated the fundamental right to freedom of speech and expression. The
judgement played a crucial role in defining the legal parameters for regulating online

29
 speech and ensuring that internet users in India can freely express their opinions
without fear of arbitrary or vague restrictions. The verdict is viewed as a significant
victory for freedom of speech and expression in cyberspace jurisdiction in India.
 Internet Shutdowns: A Case Study of Jammu and Kashmir

 The Jammu and Kashmir case study provides significant insight into the issues and
concerns surrounding internet shutdowns in India. In 2019, the region witnessed a
prolonged internet shutdown following the revocation of its special status. The case
raised important questions about the balance between national security and the
fundamental right to access information and freedom of expression in cyberspace
jurisdiction. The shutdown severely impacted the lives of millions of individuals,
hindering their access to essential services, communication, and the flow of
information. The case study highlights the need for clear guidelines and legal
frameworks that balance security concerns and the protection of civil liberties in the
context of internet shutdowns in India. It brings attention to the challenges and
concerns of cyberspace jurisdiction, emphasising the importance of upholding
fundamental rights in the digital realm.
 The WhatsApp Traceability Case

 The WhatsApp Traceability Case in India is a significant legal battle that revolves
around the issue of traceability of messages on the messaging platform. The case
emerged from concerns regarding the spread of fake news, misinformation, and illegal
content through WhatsApp. The Indian government had proposed measures to enforce
traceability, requiring WhatsApp to disclose the originator of messages. However,
WhatsApp argued that implementing such measures would violate user privacy and
end-to-end encryption. The case raises important questions about balancing law
enforcement requirements and individual privacy rights in cyberspace jurisdiction. It
has broader implications on the role of technology platforms and the responsibility of
intermediaries in ensuring a secure and free digital environment. The outcome of the
WhatsApp Traceability Case is eagerly anticipated and will contribute to shaping the
legal landscape of cyberspace jurisdiction in India.
 Jurisdictional Challenges in E-commerce Disputes

 One landmark case highlighting the jurisdictional challenges in e-commerce disputes

is the Amazon.com, Inc. v. Amway India Enterprises Pvt. Ltd. case. This case
revolved around the question of jurisdiction in disputes about online transactions. The
Court held that in e-commerce transactions, jurisdiction could be established where
the cause of action arises, such as where the transaction was initiated or the breach
occurred. This case sheds light on the complexities in determining jurisdiction in the
virtual world, where parties may be located in different locations. It highlights the
need for clear legal frameworks and guidelines to address jurisdictional challenges in
e-commerce disputes, ensuring fair and efficient resolution of such cases in the digital
era.

 Territoriality vs. Borderless Cyberspace

 One of the primary challenges in cyberspace jurisdiction is the conflict between

territoriality and the internet's borderless nature. Traditional legal systems are built
upon territorial jurisdiction, where the law applies within the boundaries of a specific

30
 jurisdiction. However, in cyberspace, it becomes difficult to define clear territorial
boundaries due to the global and interconnected nature of the internet. The borderless
nature of cyberspace raises questions about which jurisdiction should have the
authority to regulate and enforce laws in online activities. This challenge becomes
more evident in cross-border cybercrimes, where perpetrators may operate from one
jurisdiction while targeting victims in another. Addressing these challenges requires
international cooperation, harmonisation of laws, and the development of mechanisms
to enforce cross-border regulations in cyberspace jurisdiction effectively.

 Data Protection and Privacy Concerns

 Cyberspace jurisdiction poses several challenges regarding data protection and

privacy concerns.
 Aadhar data security and privacy concerns

 Aadhaar is a national identification system introduced by the Indian government to

provide a unique identification number for all residents. Despite its potential benefits,
the Aadhaar database has raised concerns about data security and privacy. Critics
have raised concerns about collecting, storing, and using biometric data on a massive
scale, citing the potential for misuse, hacking, and identity theft. The government has
implemented various security measures to address these concerns, such as multi-
factor authentication and encryption. However, it remains to be seen whether these
measures are effective in safeguarding Aadhaar data and ensuring user privacy.
 The Personal Data Protection

 Challenges in cyberspace jurisdiction for personal data protection encompass various

aspects that require attention in India. Firstly, jurisdictional issues arise due to the
global nature of the internet, where personal data is often stored and processed across
international boundaries. Determining which jurisdiction's laws apply to data
protection becomes complicated. Secondly, balancing privacy rights with the
legitimate interests of law enforcement and national security poses challenges.
Striking the right balance between data protection and the need for access to personal
data for investigative purposes is crucial.
 Additionally, the adequacy of legal frameworks and enforcement mechanisms is
essential to ensure adequate personal data protection. Harmonising data protection
laws with international standards and ensuring organisations' compliance with data
protection regulations remain significant challenges. Addressing these concerns is
imperative for establishing robust cyberspace jurisdiction for personal data protection
in India.
 Cross-border data flow issues

 Cross-border data flow issues have emerged as a significant challenge for cyberspace
jurisdiction in India. The increasing digitisation of global commerce has made it
essential for companies to transfer data across borders. However, cross-border data
flows raise concerns about data localisation, privacy, and sovereignty. Various Indian
regulations, such as the RBI's data localisation requirements and the proposed
Personal Data Protection Bill's cross-border data transfer provisions, impose
restrictions and challenges on cross-border data flow. These restrictions may increase
business compliance costs and raise questions about India's compatibility with global

31
 data flows. To ensure India's continued participation in the global digital economy,
there is a need for a balanced and nuanced approach to cross-border data flow issues
in cyberspace jurisdiction.

 International Perspectives on Cyberspace Jurisdiction

 International perspectives on cyberspace jurisdiction play a crucial role in

understanding the complex legal landscape of governing online activities. The
challenges and concerns surrounding cyberspace jurisdiction are not limited to one
country and often span international borders. Different jurisdictions have varying
approaches, regulations, and legal frameworks for addressing cybercrimes, data
privacy, intellectual property rights, and online speech. International organisations
and agreements, such as the United Nations, the Council of Europe's Convention on
Cybercrime, and the European Union's General Data Protection Regulation, provide
global guidelines and standards to harmonise cyberspace jurisdiction. However,
conflicts may arise when countries have divergent views on jurisdictional reach, data
sovereignty, and cross-border law enforcement. Coordinated efforts, collaboration
among nations, and the development of international norms are necessary to
effectively address the issues and concerns of cyberspace jurisdiction in India and
around the world.
 Regulation of AI in Other Countries

 Regulation of AI varies across countries, each implementing different frameworks to

address the issues and concerns associated with the technology.
 In the United States, the approach to AI regulation is generally more risk-based,
focusing on sector-specific regulations and guidelines.
 The European Union has taken a more comprehensive approach with the General
Data Protection Regulation (GDPR), which applies to AI systems that process
personal data. Countries like Canada and Australia have also developed guidelines
and frameworks to address ethical considerations and potential risks associated with
AI.
 The government has introduced regulations to govern AI and promote responsible use
in China.
 While no specific AI regulation framework exists in India, the government has
released a draft AI strategy document for public consultation. The regulation of AI
globally is an evolving field, with countries aiming to balance promoting innovation
and addressing concerns related to ethics, privacy, and accountability.
 Lessons from International Jurisdictional Practices

 Examining jurisdictional practices in the EU's General Data Protection Regulation

(GDPR), the extraterritorial reach of the California Consumer Privacy Act (CCPA),
and their implications for India's cyberspace jurisdiction offers valuable lessons. The
GDPR, implemented in the European Union, sets high standards for data protection
and grants authorities jurisdiction over entities offering goods or services to EU
residents, irrespective of their location. This underscores the importance of defining
jurisdictional boundaries to regulate cross-border data flow effectively. Similarly, the
extraterritorial reach of the CCPA illustrates the need to consider the impacts of local
regulations on global businesses. By analysing these practices, India can gain insights
into formulating a practical cyberspace jurisdiction framework that balances data

32
 privacy protection while fostering innovation and promoting digital commerce. There
is, thus, a renewed emphasis on the need to develop comprehensive legislation and
cross-border cooperation to address the challenges arising in the global digital
landscape.

 International Treaties and Agreements

 International treaties and agreements play a crucial role in addressing the issues and
concerns of cyberspace jurisdiction in India. These treaties and agreements provide a
framework for cooperation, collaboration, and standardisation among countries to
effectively tackle cybercrimes, protect digital rights, and establish guidelines for
cross-border data flows. For example, the Budapest Convention on Cybercrime is a
notable international treaty that aims to harmonise legislation and foster international
cooperation in combating cybercrimes. Additionally, agreements like the General
Data Protection Regulation (GDPR) of the European Union have influenced data
protection laws globally. These international instruments contribute to developing
consistent and interoperable laws, strengthening cyberspace jurisdiction, and ensuring
a harmonious global approach towards addressing the challenges and concerns arising
in the digital world.
 Indias Participation in International Cybersecurity Agreements

 India's Participation in International Cybersecurity Agreements: India actively

participates in various international cybersecurity agreements to address global
challenges and concerns in cyberspace jurisdiction. It has signed agreements with
countries and multinational organisations to promote cooperation in combating cyber
threats and ensuring digital infrastructure security. These agreements facilitate
information sharing, capacity building, and collaborative efforts to enhance
cybersecurity measures. India's participation in international cybersecurity agreements
demonstrates its commitment to addressing the global shared concerns and issues that
arise in the digital realm.

33
 Budapest Convention on CybercrimeThe Budapest Convention on Cybercrime is a
significant international treaty addressing cybercrime and facilitating cooperation
among member states. India signed this convention in 2010, which has since been
essential in shaping the country's legal framework for dealing with cybercrimes. The
convention focuses on harmonising national legislation, procedural rules, and
cybercrime investigation and prosecution policies. By being a party to the convention,
India is committed to aligning its laws with global cybersecurity standards and
promoting international cooperation in dealing with cyber threats.
 The UN Group of Governmental Experts on Developments in the Field of Information
and Telecommunications India actively participates in the United Nations Group of
Governmental Experts on Development. This group promotes discussions and
collaborations among member states to address emerging issues and concerns in
cyberspace. It provides a platform for governments to exchange knowledge, share
best practices, and develop norms and rules for responsible state behaviour in
cyberspace. India's involvement in this group reflects its commitment to shaping
international cybersecurity discussions and contributing to developing global norms
and regulations in the field of information and telecommunications.
 Recommendations for Future Treaties In order to strengthen India's position in
international cyberspace governance and address the concerns of cyberspace
jurisdiction, several recommendations can be put forth. Firstly, India should actively
participate in developing international treaties and agreements related to cyberspace,
such as the United Nations Group of Governmental Experts on Developments in the
Field of Information and Telecommunications in the Context of International Security.
This would give India a voice in shaping global policies and norms concerning
cyberspace. Secondly, India should promote global cybersecurity cooperation by
establishing partnerships and sharing best practices with other countries. This would
help exchange information, joint investigations, and capacity building to combat
cross-border cyber threats. Additionally, India should prioritise the development of its
own comprehensive cybersecurity legal framework that aligns with international
standards and best practices. This would provide a solid foundation for addressing the
concerns of cyberspace jurisdiction and enhancing India's credibility in the global
cyber governance landscape
Government Notifications and InitiativesGovernment notifications and initiatives play
a crucial role in shaping and addressing the issues and concerns of cyberspace
jurisdiction in India. The Indian government has introduced various notifications and
initiatives to regulate and govern activities in the digital domain. One such initiative is
the Digital India campaign, launched in 2015, which aims to transform India into a
digitally empowered society. This initiative focuses on digital infrastructure,
connectivity, digital literacy, and governance. Additionally, the government has
introduced the National Cyber Security Policy, 2013, to strengthen the country's
cybersecurity framework. Several notifications have also been issued under the
Information Technology Act to address cybersecurity, data protection, and
intermediary liability issues. These notifications and initiatives reflect the
government's commitment to addressing the challenges and concerns of cyberspace
jurisdiction in India while promoting a secure and inclusive digital environment.

34
 ConclusionIn conclusion, the issues and concerns surrounding cyberspace
jurisdiction in India shed light on the evolving nature of the digital realm and
its impact on legal frameworks. The interplay between technology, law, and
individual rights presents challenges that require careful consideration and
adaptation. Key legislative acts such as the Indian Penal Code, Information
Technology Act, Code of Criminal Procedure, and Indian Evidence Act play a
crucial role in addressing cybercrimes, ensuring due process, and establishing
the admissibility of electronic evidence. Landmark cases, such as the Shreya
Singhal case and the WhatsApp traceability case, have shaped the landscape by
safeguarding freedom of speech and expression and emphasising the need to
balance security concerns and fundamental rights. However, emerging areas
such as digital personal data protection, internet shutdowns, and challenges
related to jurisdiction in cyberspace require ongoing discussions and legal
reform. Policymakers, legal practitioners, and society must navigate these
issues with a forward-thinking approach, striking a balance between
innovation, protection of individual rights, and the effective governance of
cyberspace jurisdiction in India.

35