CYBER JURISDICTION

A. WHAT IS CYBER JURISIDCTION

1. Jurisdictional Complexity:
 Cyber law faces challenges in determining jurisdiction, especially in cases involving
multiple countries. The legal status of a website, app, or content can vary widely
between jurisdictions, complicating enforcement efforts.
 Residence status of involved parties further complicates matters, as cybercrimes can
involve both residents and non-residents of a country. Determining where a case
should be filed becomes a significant issue.
2. Global Rise of Cyber Activity:
 The advent of computers, mobile phones, and the internet saw a surge in global
connectivity. This rise continued with the integration of social media, online
payments, education, gaming, and other digital services into daily life.
 However, this increased utility also led to a corresponding rise in cybercrime due to
gaps in laws, awareness, and user privacy protection.
3. Nature of Cybercrime:
 Cybercrime encompasses various illicit activities conducted online, including
hacking, stalking, terrorism, scams, and more. The lack of physical boundaries on the
internet facilitates these activities, making cyber jurisdiction complex.
 An example scenario could involve online fraud, where a perpetrator in one country
defrauds victims located in different countries, leading to questions about where legal
complaints should be filed.
4. Regulation of Cyberspace:
 Cyberspace, the virtual computer world facilitating online communication, falls under
the governance of cyber law. It involves a vast network of interconnected computer
systems using TCP/IP protocols for data exchange.
 The borderless nature of the internet, coupled with the transnational nature of
cybercrimes, creates conflicts between international and municipal laws, challenging
the regulation of cyberspace.
5. Conflicting Legal Frameworks:
 Cyber law grapples with conflicting legal frameworks between international law and
municipal laws of individual countries. Bridging these gaps poses significant
 challenges, often leading to inconclusive outcomes in cases involving cyber
jurisdiction.
 Resolving these conflicts requires harmonizing legal approaches across borders while
also addressing the unique challenges posed by the borderless nature of cyberspace.

B. ISSUES OF JURISDICTION IN CYBERSPACE

1. Cross-Border Jurisdictional Challenges:
 Cybercrime cases often involve parties from different countries, presenting challenges
in determining which jurisdiction has authority over the matter.
 The borderless nature of the internet complicates jurisdictional issues, as users can
access content and engage in transactions from anywhere in the world.
2. Legal Ambiguity in Cyberspace:
 Unlike traditional crimes with clear geographical boundaries, cybercrimes blur the
lines of jurisdiction due to the virtual nature of their commission.
 Determining the appropriate jurisdiction becomes crucial when online activities cross
international borders, raising questions about the applicability of national or
international laws.
3. Tripartite Involvement in Transactions:
 Transactions in cyberspace typically involve three parties: the user, the server host,
and the recipient of the transaction, each potentially located in different countries.
 Allocating jurisdiction becomes complex when these parties operate under different
legal frameworks, requiring careful consideration of applicable laws.
4. Physical vs. Virtual Presence:
 In cases where cybercrimes have tangible effects in physical jurisdictions (e.g.,
financial losses, data theft), courts may prioritize the jurisdiction where the crime's
impact is felt.
 Despite the virtual nature of cybercrimes, courts often consider the physical location
of victims, perpetrators, or servers when determining jurisdiction.
5. Competency of Courts and Applicable Laws:
 Courts must navigate the competency to hear cross-border cases and apply relevant
domestic or international laws.
 The extent to which a court can assert jurisdiction over cybercrimes with transnational
implications remains a subject of legal debate and international cooperation efforts.
 C. TYPES OF CYBERSPACE JURISDICTION

There are three types of cyber jurisdiction recognized in international law, namely-
 Personal Jurisdiction – It is a type of jurisdiction where the court can pass
judgments on particular parties and persons. In the case of Pennoyer v. Neff[3], The
Supreme Court of the US observed that the Due process enshrined in the constitution
of the US constrains the personal jurisdiction upon its implication on the non-resident,
hence there is no direct jurisdiction on the non-residents. However, this restraint was
curbed by the minimum contact theory which allowed the jurisdiction over the non-
residents as well.
 Subject-matter jurisdiction – It is a type of jurisdiction where the court can hear and
decide specific cases that include a particular subject matter. If the specific subject
matter is of one court but the plaintiff had sued in any other court then the plea will be
rejected and the plaintiff will have to file the case in the court which is related to that
matter. For instance, a complaint regarding a consumer good should be filed in the
district consumer forum rather than district court as district consumer forums
specifically look at consumer-related cases. In the same manner, all environmental-
related cases are tried in NGT rather than a district court.
 Pecuniary Jurisdiction – This type of jurisdiction mainly deals with monetary
matters. The value of the suit should not exceed the pecuniary jurisdiction. There are
various limits set for a court that can try a case of a certain value beyond which it is
tried in different courts. For example, the district consumer forum looks at the matter
not exceeding 20 lakh rupees, the State consumer dispute redressal commission has
pecuniary jurisdiction of more than 20 lakh rupees but not exceeding 1 crore, the
National consumer dispute redressal commission has pecuniary jurisdiction involving
cases of more than 1 crore rupees in India. It is dependent upon the claim made in
proceedings and is structured in hierarchical order.

D. PREREQUISITES OF JURISDICTION IN CYBERSPACE

There are three prerequisites of valid jurisdictions that are needed to be followed. A person is
compelled to follow the rules and regulations of the state. The state has the power to punish a
person violating such laws.
 Prescriptive Jurisdiction – This type of jurisdiction enables a country to impose
laws, particularly for a person’s activity, status, circumstances, or choice. This
 jurisdiction is unlimited. Hence, a country can enact any law, or legislation on any
matter, even where the person’s nationality is different, or the act happened at a
different place. However, International law prevents any state from legislating any
such law contrary to other countries interests.
 Jurisdiction to Adjudicate – Under this jurisdiction, the state has the power to decide
the matter on a person concerned in civil or criminal cases despite the fact that the
state was a party or not; a mere relationship between both is sufficient. It is not
necessary that a state having the prescribed jurisdiction must also have jurisdiction to
adjudicate.
 Jurisdiction to Enforce – This jurisdiction depends on the existence of prescriptive
jurisdiction; hence if prescriptive jurisdiction is absent, then it cannot be enforced to
punish a person violating its laws and regulations; however, this jurisdiction is not
exercised in an absolute sense and a state cannot enforce its jurisdiction on a person or
the crime situated or happened in a different country.

E. THEORIES OF CYBERSPACE JURISDICTION

 Subjective territoriality– It lays down that if the act is committed in the territories of
the forum state, then its laws will be applicable to the parties. The act of the non-
resident person in the forum state is the key element under it. For example- A country
can make a law criminalizing an act in its territory, and then the subject aspect of the
territoriality will recognize it.
 Objective territoriality – It is invoked when an act is committed outside the forum
state’s territorial boundary, yet its impact is on the forum state. It is also known as
‘Effect Jurisdiction.’ It was established in the case of United States v Thomas[4] in
which the defendant published phonographic material and to see and download it, he
provided the subscribers with a password after getting a form filled out which
included their personal details, and the plaintiff claimed it to be violative of its
domestic laws, the court held that “the effect of the defendant’s criminal conduct
reached the Western District of Tennessee, and that district was suitable for accurate
fact-finding,” and the court has the cyberspace jurisdiction.
In the landmark case of Playboy Enterprise, Inc. v Chuckleberry Publishing, Inc. [5], the
defendant operated a website in Italy on which obscene photographs were displayed, and
some of its users were citizens of the USA. The court found it to be against US laws and
banned the website from falling under US jurisdiction; however, the court does not have
cyberspace jurisdiction to put a complete ban on the use by other users of different states.
 Nationality – It is applied to the offender who is the national of the state; for
example, if a person of a state commits an offence in a foreign country that is
punishable by domestic laws, then the state has the power to punish its citizen.
 Universality – The acts which are universally acclaimed as crimes such as hijack, and
child pornography. A cyber-criminal can be convicted in any country for committing
such a heinous crime. It presumes that the country has cyber jurisdiction to prosecute
the offender of a cybercrime.

F. THE TEST EVOLVED OF JURISDICTIONAL ASPECTS IN CYBER LAW

There are several tests that determine cyberspace jurisdiction in the cases of cybercrime.
Minimum Contacts Theory
This test is applicable where both or any of the parties are outside the territorial jurisdiction
of the court. In the landmark judgment in Washington v International Shoe Company[6], this
theory was evolved by the US Supreme Court. “”[7]
After this case, the court laid down three criteria-
 “The non-resident defendant must do some act or consummate some transaction with
the forum or perform some act by which he purposefully avails himself of the
privilege of conducting activities in the forum, thereby invoking the benefits and
protections.
 the claim must be one which arises out of or results from the defendant’s forum-
related activities, and
 exercise of jurisdiction must be reasonable.”[8]
In the case of CompuServe Inc v Patterson[9], The court held that contracts related to
cyberspace are also covered under the domain of minimum contacts theory.

Sliding Scale Theory

Sliding Scale theory is also known as Zippo Test. It is the most accepted test in deciding
personal jurisdiction in cyberspace cases. On the basis of the interactivity of the websites, the
jurisdiction is decided. The more the number of interactivities, the more the courts have
personal jurisdiction over it in the forum state.
For a passive website, the courts have almost no jurisdiction, while in the middle spectrum
site, the court may or may not have jurisdiction; however, in the case of a highly interactive
site, the court has cyberspace jurisdiction.
In the landmark case of Zippo Manufacturer v Zippo.Com[10], the plaintiff Zippo
Manufacturer of lighters in Pennsylvania sued the defendant Zippo.com for an infringing
trademark. The defendant had a lot of interactivity; hence the personal jurisdiction will be
applicable to the defendant.

G. EFFECTS TEST AND INTERNATIONAL TARGETING

Few conditions are required to be satisfied for the Effect test, mainly the action taken
expressly against the forum state with the knowledge and intention that it will injure the state.
If the court thinks fit that the defendant’s action caused injuries to the forum state, then
personal cyberspace jurisdiction is asserted in cyberspace cases where no contact is present.
In the landmark case of Calder v Jones[11], The Supreme Court of the US observed that the
court in the state can exercise personal jurisdiction over non-residents. In this case, the editor
and writer of a national magazine published a defamatory article on the residents. The facts of
the case are that the plaintiff Shirley Jones sued the distributor, the writer, and its editor
Calder of a national magazine, defaming her as an alcoholic. Jones was a resident of
California while the article was written and edited in Florida. Jones sued the defendants in the
court of California because the magazine had a vast circulation in the state. The court held
that the court of California has personal jurisdiction over the defendants.
In Panavision International v Toeppen,[12] Toeppen, the defendant indulged in cybercrime by
using the plaintiff’s trademark commercially and selling it back to him for a hefty amount.
The California court held that by applying the effects test, the court had personal jurisdiction
over the non-resident defendant.

H.[G.] JURISDICTION UNDER INFORMATION TECHNOLOGY ACT, 2000

“Information Technology Act, 2000 in section 1(2) states that the Act extends to the whole of
India and applies also to any offence or contravention thereunder committed outside India by
any person.”[13]
Further, “Section 75 states that subject to the provision of sub-section (2), the provision of
this act shall also apply to any offence or contravention committed outside India by any
person irrespective of his nationality. For the purpose of subsection (1), this act shall apply to
an offence or contravention committed outside India by any person if the act or conduct
constitutes an offence or contravention that involves a computer, computer system, or
computer network located in India.”[14]
This provides prescriptive cyberspace jurisdiction in India, and any act committed violative
of this Act in India by a resident, or a non-resident will be punishable.

I.[H.] CONCLUSION
Despite having laid down various tests to figure out cyberspace jurisdiction, it is still
debatable in the courts of law to ascertain the jurisdiction in cybercrime cases involving more
than one country. The criteria to determine the jurisdiction are different in different countries.
Hence, a test of jurisdiction might qualify in one country but not qualify in another, so where
the disputed parties are of different states, it is very difficult to acclaim the jurisdiction of one
nation over the other. In such a situation more than one test should be incorporated in
deciding the jurisdiction.
In India, Information Technology Act, 2000 does govern cyberspace yet there is no provision
relating to the territorial jurisdiction and hence it is the current requirement from the
legislators to incorporate provisions relating to extra-territorial jurisdiction in the Act.
However, Internet usage will increase every second on this earth, and therefore the laws
should also be made progressive enough to combat cybercrime and issues relating to their
jurisdiction. International law should determine certain parameters in deciding the
jurisdiction, and the cases in which jurisdiction cannot be decided should be tried in the
international court of justice itself.