UNIVERSITY OF ALLAHABAD,

PRAYAGRAJ (U.P.)

FACULTY OF LAW

SESSION-2021-22
SUBJECT-PROJECT-II

TOPIC-
“CYBER CRIME AGAINST WOMEN IN INDIA”

SUBMITTED BY:- SUBMITTED TO:-

HIMANCHAL SHARMA MRS. VIJAYLAKSHMI SINGH
[Link]. (HONS.) X SEM.
ENROLL. NO. - U1741118
ROLL NO.-55
SECTION-B

1
 ACKNOWLEDGEMENT

I would like to express my special thanks of gratitude to my teacher Mrs. Vijaylakshmi Singh
Mam who gave me the golden opportunity to do this wonderful project of subject “PROJECT-2” on
topic “Cyber Crime Against Women in India” who also helped me in completing my project. I
came to know about so many new things. I am really thankful to them.
Secondly, I would also like to thank God with whom blessings my project completed with full
proof success.
Lastly, I would also like to thank my parents and friends who helped me a lot in finalizing
this project within the limited time frame.

2
 ABBREVIATIONS

All ER : All England Report

AIR : All India Reporter

Bom. : Bombay

CCNA : Cisco Certified Network Associate

CCVC : Centre for Cyber Victim Counselling

CJ : Chief Justice

[Link] : Criminal Law Journal

CVV : Card Verification Value

DDoS : Distributed Denial of Service

DLT : Digital Linear Tape

DoS : Denial of Service

Ed. : Edition

EU : European Union

Hon'ble : Honourable

Ibid : Idem (In the same Place)

ILR : Indian Law Report

ICPEN : The International Consumer Protection and Enforcement Network

ISPs : Internet Service Provider

ITA 2008 : Information Technology Amendment Act. 2008

J. : Justice

MCSE : Microsoft Certified Systems Engineer

NATO : North Atlantic Treaty Organisation

OECD : Organisation for Economic Co-Operation & Development

SC : Supreme Court

3
SCC : Supreme Court Cases

Sec : Section

SMS : Short Message Service

SSL : Secure Sockets Layer

Supra : Work previously cited

p. : Page

pp. : Pages

U.K : United Kingdom

U.S.A : United States of America

UOI : Union of India

URL : Uniform Resource locator

V : Versus

VoIP : Voice-over Internet Protocol

VPN : Virtual Private Network

VSNL : Videsh Sanchar Nigam Limited

WHOA : Working to Halt Online Abuse

§ : Section

❑❑❑

4
 TABLE OF CONTENTS
[Link]. PARTICULARS PG. NO.
List of Cases 06
Objective of the study 07
Research Methodology 07
I. Abstract 08-09
II. Introduction 10-12
III. Definition & Classification of Cyber Crime 13-15
1. Definition of Cyber Crime 13
2. Emerging of Cyber Crime 15
3. Traditional Cyber Crime 15
IV. Cyber crime against women: Indian Scenario 16-21
1. Cyber Pornography 16
2. Cyber Stalking 19
3. Cyber Bullying 20
V. Cyber Security & Procedural Aspect in India 22-30
1. Cyber Security 22
a. Information Technology Act,2000 22
b. Legal landscape for Cyber Security 24
c. Information Technology Rules,2009 25
d. Information Technology Rules,2011 25
e. National Cyber Security Policy 27
2. Procedural Aspect 28
a. Investigation in cyber crime 28
b. Compoundable offences among cyber crimes 28
c. Power of police officers in investigating cyber offence 29
d. Bail in cyber crime 30
VI. Judicial Responses 31-33
1. Cases related to cyber crime against women 26
VII. Upsurge in cyber crime against women during covid period 34-36
1. Bois locker room case 35
2. Bulli Bai case 35
VIII. Conclusion & Suggestions 37-39
IX. Bibliography 40

5
 LIST OF CASES
Ajeet Singh Vs. State of Jharkhand 2008 (3) JCR 220
Dr. Prakash Vs. State of Tamil Nadu W.P. No. 7313 of 2002
K.A. Abbas v. Union of India (1970) 2 SCC 780
Karan Girotra v. State 2012 VAD (Delhi) 483
Manish Kathuria Vs Ritu Kohli, [Link]. 14616/2014
R. v. Hicklin (1868), L.R. 3 Q.B. 360
State of Tamil Nadu Vs. Suhas Khatti 4680 of 2004 (Criminal Complaint)

❑❑❑

6
 OBJECTIVES OF THE STUDY

• To understand the meaning of cyber-crime against women.

• To find out causation behind the victimization of women.
• To analyze law dealing with in checking cyber-crime against women in India, and to find
out the loopholes in the law if there is any.
To find the gap between legal actions & technological advancement.
• To situate the growing threat of cyber-crime against women and girls within the broader
context and challenge of cyber-crime, Internet growth and governance and human rights.
• To find out the steps which should be taken by the government for checking cyber crime
against women in India.

RESEARCH METHODOLOGY

The research methodology adopted for this work is doctrinal. Researcher has analysed case law
decided by the Supreme Court, high courts and cyber appellate tribunal. Law library resources have
also been taken into account for the study. Articles, books, journals, Reports, materials from
websites, libraries, databases etc have also been consulted and thus, played a vital role in the
completion of the research.

❑❑❑

7
 CH.I
ABSTRACT

The information and communication technology is one of the greatest gifts of modern day. The accessibility
to emails and e-commerce facilities has made the life easy. Such e-communication got legalized with the
European conventions on Information Technology, which was followed by some developed and less
developed nations. E-communication gained popularity among men and women in a short span of time.
Specifically talking about women we see that women of post millennium era are more benefited as digital
media created a huge platform for women to expand their world to build new relationships, renew old
friendships, and practice and profess own ideologies about various issues.

The digital era witnessed women who belonged to more orthodox patriarchal societies were now enabled to
practice self-dependence norms through electronic shopping, blogs and open forums for healthcare and baby
care, higher education, modes to transform leisurely passions into profitable professions. Ironically, this
digital freedom also made women unknowingly / knowingly open Pandora’s Box and explore the evil side of
the Internet. Indeed, the “box” was opened long back, but it successfully hid its whiff of inside-danger for a
long time. Media reports on morphed pornographic images of female movie stars, cyber stalking female
celebrities, blackmailing female celebrities through email or mobile phones provide us some good examples
of cyber crime against women.

Cyber crime against women is largely ignored and therefore, not truly addressed. International conventions,
as well as domestic laws of many countries, may have developed legislatures to protect society as a whole
from the clutches of the “dark side” of cyber technology but issues regarding cyber crime against women has
remained unchouched. Academics, researchers, as well as lawmakers have kept themselves occupied with
discussing and analyzing problems of cyber crime targeting the economic front and children. But full
attention has not given to several cyber crimes like cyber bullying, cyberstalking, cybermorphing, from
women victim’s perspective even though women often outnumber men in becoming victim of such cyber
crimes. There is a need to highlight this important issue by bringing attention, as far as the role women play
in cyber victimization, to scholars and laypersons.

The present study is one small effort in that direction. It focuses on cyber crime against women in India. It
also deals with pornography, stalking, morphing against women in the cyber space, judicial trends on cyber
crime against women in India and lacuna of necessary laws to mitigate it. Women victims are near invisible
in the eyes of universal cyber crime conventions and domestic internet and cyber communication related
laws. The effect of this lawlessness is so huge that government-reporting agencies also sometimes deny any

8
help to the woman in need.
I crave the indulge of the readers of any error or imperfection which might have occurred, despite the best
possible endeavours, crept in this work. Any suggestion for improvement shall be gratefully welcomed.

❑❑❑

9
 [Link]
INTRODUCTION
The role of information technology is remarkable in today’s world. It has widened itself over the last
two decades and has become the axis of today’s global and technological development. The world of
internet provides every user all the required information fastest communication and sharing tool making it
the most valuable source of information. It has extended efficiency, cost effectiveness and accelerated
productivity at individual as well as the business or governmental level. It has brought world under one
umbrella. The expanding reach of computers and the internet has made it easier for people to keep in touch
across long distances. The internet plays an important role in our day-to-day life activities from home to
office like in connecting with friends, searching study materials and in attending important video
conferences. In present scenario, cyber-crime is emerging as a very serious threat.
At the same time, however, it has some negative sides too. This is evident in the growing proliferation of
cyber crimes in cyber space such as cyber warfare, cyber terrorism, hacking, data thefts, invasion of privacy,
phishing attacks, intellectual property infringements and identity theft and other computer related crimes.
The anonymity and speed with which these crimes can be committed online renders cyberspace an attractive
medium to cyber criminals.1 Such as it invades the privacy of an individual or in accelerating crimes on
cyberspace.
With the numerous advancement of internet, the crime using internet has also widened its roots in all
directions. The cyber-crimes not only poses serious threats to national security but also to the individual
mainly women. In the context of cyber crime, one must be aware that the cyber criminals are always in a
search to find out the new ways to attack the possible internet victims. In present days, everybody is using
the computers i.e. from white collar employees to terrorists and from teenagers to adults, from men to
women.
Cyber Space is a powerful way for women to realise their rights, from accessing information, to
expressing themselves freely and even anonymously. However, cyber-crime is a global phenomenon and
women are the soft targets of this new form of crime. The vulnerability and safety of women is one of the
biggest concerns of any criminal and penal law, but unfortunately women are still defence less in cyber
space. Cybercrime against women is on at alarming stage and it may pose as a major threat to the security of
a person as a whole. The World Wide Web allows users to circulate content in the form of text, images,
videos and sounds. The widespread circulation of such content is particularly harmful for women. In recent
years, there have been numerous reports of women receiving unsolicited emails which often contains
obscene and obnoxious language.
Cyber-crimes against women are on the raise and women have been drastically victimized in the
cyberspace. Some perpetrators try to defame women by sending obscene e-mails, stalking women by using
chat rooms, websites etc, developing pornographic videos where women are depicted in compromising

1
See United Nations, International review of criminal policy United Nations Manual on the prevention and control of
computer related crimes available at: [Link]

- 10 -
positions mostly created without their consent, spoofing e-mails, morphing of images for pornographic
content etc. The sex-offenders look for their victims on social network websites, and also on job or marriage
websites where people post their personal information for better prospect. The revealing of personal
information has made women more a casualty of cybercrime. It is evident that victimization of women is
leading to cybercrime and vice versa.
India is considered as one of the very few countries to enact IT Act 2000 to combat cyber-crimes. This Act
widely covers the commercial and economic crimes. Even though issues regarding women still remain
untouched in this Act.
Internet is the most chosen mode of the offenders to harass and victimize women. The foremost aim
of such sorts of victimization remains the same as that of pre-internet era, i.e., damaging the reputation of
the woman victim and creating fear factor in the victim’s mind. The behavioural factors that contribute to
such victimization may include broken relationships, ex-partner harassments, professional rivalry, male
dominance and chauvinism, sudden exposure to digital technologies, mischievous intentions to experiment
with online adult entertainment in a digital way and even for monetary gains. Victimization may begin by
numerous methods, such as, either befriending the victim with original name but portraying as a ‘good
Samaritan’, or winning her trust under a camouflaged identity, or shadowing her cyber activities, or
encouraging others to add to the ongoing victimization process of the victim. Cybertechnology has become a
prime tool to carry out such victimizations in an almost successful manner due to digital ways and similarly,
cyber space has provided the biggest platform to harass women in a most cruel way as the victimization can
be viewed by millions of digital audiences.
Emails, public and private chat rooms, search engines, social networking sites and websites along
with various digital technologies are the chosen modes of many offenders who victimize innocent women.
There could be three factors for offenders to commit cyber-crime against women; viz.
1. It successfully generates instant fear and trauma in the minds of the victims;
2. The perpetrator is omnipresent, yet no one can find him out and prevent his atrocious activities;
3. Once the electronic devices through which these communications were accessed by shrewd perpetrator(s)
are destroyed, it becomes really hard for the victim as well as the government reporting agencies like the
police to nab him/them.
Going through the various statistics like cyber stalking statistics of [Link] (WHOA) for the
period from 2000 till 2013. It can be seen that in 2000, among 353 victims who approached WHOA, 87%
were women and 13% were men; among the harassers, there were 68% men and 27% women.1 In 2001,
among 256 victims, 79.3% were women and 16% were men; whereas 58.6% harassers were men and 32.5%
were women. In 2002, among 218 victims, 71% victimizations, which happen to women.

From the above discussion, it could be deducted that women victims need faster restorative
procedures to avoid further escalation of agony and trauma, but they may feel reluctant to approach the

1
See [Link]

- 11 -
police for such restorative procedures. It is observed that the lack of professionalism of the police in dealing
with crimes targeting women and failure of the laws to protect the rights of women are two major
contributing factors for this shifting of reliance. At this juncture, it has become almost an undisputable fact
that the method of analysis of the data privacy laws by the police and the courts from the perspective of
national security issues and individuals financial and health records, and the usage of the free speech
guarantees by internet users have eclipsed the issues of online victimization of women. A child victim could
feel extremely stressful and even suicidal due to paedophilia or bullying. To save the children from vicious
internet traps, the States have extended child protection laws to cover child pornography, online grooming
and online bullying.11 Victims of financial frauds are protected by numerous legislations preventing identity
theft, online monetary scams and anti-phishing guidelines. Women victims on the contrary, do not get
emergency help from the State as crime patterns remain unrecognized and overshadowed by general trends
of cyber-crimes.

❑❑❑

- 12 -
 CH.-III
DEFINITION AND CLASSIFICATION OF CYBER CRIME

1. DEFINITION OF CYBER CRIME:-

At the Tenth United Nations Congress on the Prevention of Crime and Treatment of Offenders, in a
workshop devoted to the issues of crimes related to computer networks, cyber-crime was broken into two
categories and defined thus:
a. Cybercrime in a narrow sense (computer crime): Any illegal behaviour directed by means of
electronic operations that targets the security of computer systems and the data processed by them.
b. Cybercrime in a broader sense (computer-related crime): Any illegal behaviour committed by means
of, or in relation to, a computer system or network, including such crimes as illegal possession [and] offering
or distributing information by means of a computer system or network.
The OECD Recommendations of 1986 included a working definition as a basis for the study:
Computer-related crime is considered as any illegal, unethical or unauthorized behaviour relating to the
automatic processing and the transmission of data.

First Case of Cyber Crime1-

The first recorded cyber-crime took place in the year 1820! That is not surprising considering the
fact that the abacus, which is thought to be the earliest form of a computer, has been around since 3500 B.C.
in India, Japan and China. The era of modern computers, however, began with the analytical engine of
Charles Babbage. In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom.
This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a
fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened.
They committed acts of sabotageto discourage Jacquard from further use of the new technology.

Division of Cyber Crime2-

There can be no one exhaustive definition about Cybercrime. However, anyactivities which basically
offend human sensibilities, can also be included in its ambit. Child Pornography on the Internet constitutes
one serious Cybercrime.
Cybercrimes can be basically divided into 3 major categories being Cybercrimes against persons,
property and Government. Cybercrimes committed against persons include various crimes like transmission
of child-pornography, harassment of any one with the use of a computer such as e-mail, and cyber-stalking.
The trafficking, distribution, posting, and dissemination of obscene material including pornography,
indecent exposure, and child pornography, constitutes one of the most important Cybercrimes known
today. The potential harm of such a crime to humanity can hardly be overstated. This is one Cybercrime

1
[Link]
2
pduggal@[Link]@hotmail

- 13 -
which threatens to undermine the growth of the younger generation as also leave irreparable scars and
injury on the younger generation, if not controlled.
Similarly, Cyber harassment is a distinct Cybercrime. Various kinds of harassment can and does
occur in cyberspace, or through the use of cyberspace. Harassment can be sexual, racial, religious, or
other. Persons perpetuating such harassment are also guilty of cyber-crimes. Cyber harassment as a crime
also brings us to another related area of violation of privacy of netizens. Violation of privacy of online
citizens is a Cybercrime of a grave nature. No one likes any other person invading the precious and
extremely touchy area of his or her own privacy which the medium of internet grants to the netizens.
Another Cybercrime against persons is that of Cyber stalking. The Internet is a wonderful place to
work, play and study. The Net is no more and no less than a mirror of the real world. And that means it also
contains electronic versions of real life problems. Stalking and harassments are problems that many persons
especially women, are familiar with in real life. These problems also occur on the Internet, in what has
become known as "Cyber stalking" or "on-line harassment".
The second category of Cybercrimes is that of Cybercrimes against all forms of property. These
crimes include unauthorized computer trespassing through cyberspace, computer vandalism, and
transmission of harmful programs and unauthorized possession of computerized information.
Hacking and cracking are amongst the gravest Cybercrimes known till date. It is a dreadful feeling to
know that someone has broken into your computer systems without your knowledge and consent and
has tampered with precious confidential data and information. Coupled with this, the actuality is that no
computer system in the world is hacking proof. It is unanimously agreed that any and every system in
the world can be hacked. Using one's own programming abilities as also various programmes with
malicious intent to gain unauthorized access to acomputer on network are very serious crimes. Similarly, the
creation and dissemination of harmful computer programs which do irreparable damage to computer
systems is another kind of Cybercrime. Software piracy is also another distinct kind of Cybercrime
which is perpetuated by many people online who distribute illegal and unauthorised pirated copies of
software.
The third category of Cybercrimes relate to Cybercrimes against Government. Cyber Terrorism is
one distinct kind of crime in this category. The growth of Internet has shown that the medium of
Cyberspace is being used by individuals and groups to threaten the international governments as also to
terrorise the citizens of a country. This crime manifests itself into terrorism when an individual "cracks" into
a government or military maintained website. Since Cybercrime is a newly specialised field, growing in
Cyber laws, a lot of development has to take place in terms of putting into place the relevant legal
mechanism for controlling and preventing Cybercrime.

- 14 -
2. EMERGING CYBER CRIMES-
Crime ware: This is a class of computer programs that automates financial crime. It represents a growing
problem in network security as many malicious code threats seek to pilfer confidential information.
Vishing: VoIP based phishing attacks IP telephony users. It can be an automated call or a direct call from
the criminal asking for a user's credit card details.
SMS-based phishing: In this, the software would be capable of sending an SMS from the user's contact list
asking for his credit card details.
Ransom ware: It involves the use of malicious code to hijack user files, encrypt them and then demand
payment in exchange for a decryption key.
Pharming: Here you are redirected to a bogus Web site, for instance two months back many users in India
experienced this while using a bank's site.

3. TRADITIONAL CYBER CRIMES-

Cyber Fraud-
Fraud is the intentional deception of a person or group for the purpose of stealing property or
money. Internet fraud includes any scheme using Web sites, chat rooms, and email to offer non-existent
goods and services to consumers or to communicate false information to consumers. Customers then pay for
the fraudulent goods over the Internet with their credit cards. Internet fraud involves a wide variety of
schemes limited only by the imagination and creativity of a seller intent on deceiving a buyer. A few general
characteristics one can find in all cyber scams. Most scams are done by e-mail. They entice users to give
them critical information like usernames, passwords, credit card information, or other types of account
information.
Cyber fraud has the potential of hindering the economic and socialdevelopment of any nation.
This is because among other dire consequences, foreign investment is seriously discouraged. Cyber fraud
can also destroy our good and morally sound culture. This is because the youth will no longer work but
resort to thatmeans to earn their living.

❑❑❑

- 15 -
 CH-IV
CYBER CRIME AGAINST WOMEN: INDIAN SCENARIO
In India, cyber-crime against women is relatively a new concept. It can be noted that when India
started her journey in the field of Information Technology, the immediate need that was felt to protect the
electronic commerce and related communications and non-cyber socializing communications. The drafters
of the Indian Information Technology Act, 2000, created it on the influence of the Model Law on
Electronic Commerce, which was adopted by the resolution of the General Assembly of the United Nations
in 1997. The Act turned out to be a half-baked law as the operating area of the law stretched beyond
electronic commerce to cover cyber- attacks of non-commercial nature on individuals as well.
While commercial crimes and economic crimes were moderately managed by this Act, it miserably failed
to prevent the growth of cyber-crime against individuals, including women.
Main types of Cyber Crime against women are:
• Cyber pornography/ obscenity
• Cyber Stalking
• Cyber Bullying

1. Cyber Pornography:
This would include pornographic websites; pornographic magazines produced using computer and
the Internet (to down load and transmit pornographic pictures, photos, writings etc.) Of all the crimes
committed on the internet pornography appears to be the one having serious moral implications. Being a
victim of pornography is the most traumatic experience for a woman. In layman language pornography
refers to predominantly sexually explicit material, lascivious in nature intended primarily for the purpose
of arousal of sex desires or erotic activity over the internet and includes pornographic websites, e-
magazines containing porn stuff which could be downloaded from the internet, transferrable porn pictures,
photos writings etc. Because of the advantage of lack of territorial restrictions, anonymity and fastest
means of communication pornographic materials can be reproduced more quickly and cheaply on new
media like hard disks, floppy discs and CD-ROMs. Apart from still pictures and images, full motion video
clips and complete movies are also available. Another great disadvantage with a media like this is its easy
availability and accessibility to children who can now log on to pornographic web-sites from their own
houses in relative anonymity and the social and legal deterrents associated with physically purchasing an
adult magazine from the stand are no longer present pornography industry is contributing approximately $
20 billion annually to the global economy1. For example In India Videsh Sanchar Nigam Limited (VSNL)
and number of other internet service providers such as Reliance, Vodafone, Airtel , cyber cafes, online
portals etc provides for various kinds of internet schemes without restrictions on the nature of persons
permitted to avail these services. Moreover the social websites like Facebook, Twitter, Whatsapp, Orkut,

1
Talat Fatima, Cyber Crime, Eastern Book Company, Lucknow, 2011.

- 16 -
free music downloading sites etc do not check the kind of material that is being uploaded and downloaded.
They do not have any parameter to differentiate between what we call as an art or pornography. What is
more shocking is children (between 8-16 years) indulgence in viewing porn sites. Approximately twenty
six popular children’s characters such as Pokemon, Action Man, My Little pony reveals thousands of links
to porn sites.
The most embarrassing aspect of pornography industry is the child pornography. The Air Force Bal
Bharti, Delhi Cyber Pornographic Case (2001) and the Bombay Swiss Couple Case (2003) are the leading
examples in this context.1It is to be noted that Traditional law of obscenity is contained under sections 292-
293 of Indian Penal Code, [Link] 2922deals with the sale of obscene books and section 2933provides
punishment to person dealing in cyber pornography that is accessible to person under twenty years of age
with imprisonment up to three years and fine upto two thousand rupees on first conviction and with
imprisonment up to seven years and fine up to five thousand rupees on second or subsequent convictions.
The IT Act, 2000 was deficient in dealing with obscenity and consist of a single section67 dealing with the
crime. IT (Amendment) Act, 2008 amended section 67. The combined effect of sections 66-E, 67, 67-A
and 67-B obscenity has been brought under the legal regime and child pornography has been separated
from mainstream pornography. Section 674 provides that whosoever publishes or transmits obscene
material in electronic form shall on first conviction be punished with imprisonment up to three years and
fine which may extend up to five lakh rupees and on second or subsequent convictions, imprisonment up to
five years and fine up to ten lakh rupees. Section 67- A5 deals with mainstream pornography and provides
punishment for publishing or transmitting of material containing sexually explicit act, etc in electronic
form with imprisonment up to five years and fine up to ten lakh rupees on first conviction and with
imprisonment up to seven years and fine up to ten lakh rupees on second and subsequent convictions.
Section 67-B6 is related to child pornography. This section provides punishment for publishing or
transmitting of material depicting children in sexually explicit act, etc, in electronic form or creates text ,
digital images, collects, seeks , browses, downloads , advertises, promotes, exchanges or distributes
material in electronic form depicting children in sexually explicit act or entices or induces children for
online relationship with one or more children or facilitates abusing children online with imprisonment up to
five years and fine up to ten lakh rupees on first conviction and imprisonment up to seven years and fine
upto ten lakh rupees on second or subsequent conviction. Other acts having an impact on cyber
pornography are indecent representation of Women’s Act, 1986 and Young Persons (Harmful Publication)
Act, 1950.
In many countries like India and Malaysia, British law (the Hicklin test for obscenity) left over from

1
Vishwanath Paranjape, Cyber Crimes and Law, Central Law Agency, Allahabad, 2010.
2
Section 292 of the Indian Penal Code, 1860
3
Section 293 of the Indian Penal Code, 1860.
4
Section 67 of the Information Technology (Amendment) Act, 2008(10 of 2009).
5
Section 32 of the Information Technology (Amendment) Act, 2008(10 of 2009).
6
Section 32 of the Information Technology (Amendment) Act, 2008(10 of 2009).

- 17 -
a colonial legacy is still used to determine what is obscene. The Hicklin test of obscenity1 is whether “the
tendency of the matter charged as obscenity is to deprave and corrupt those whose minds are open to such
immoral influences and into whose hands a publication of this sort may fall.” The test defines ‘obscene’ as
all visual or written material that is “lascivious or appeals to the prurient interest”, and has the capacity to
corrupt those exposed to it. New laws enacted for the Internet adopt the same definitions regarding obscenity
or sexually explicit material, inheriting also the weight of precedents that have determined what is obscene.
This definition of obscenity and the penalisation of it under the Indian Penal Code, 1860 (sections 292 and
293) is further extended by other laws that prevent the distribution of such material (Young Persons Harmful
Publication Act, 1956, Indecent Representation of Women (Prohibition) Act, 1986).

Pornography, Obscenity and Indecent Representation of Women in the Cyber Space

Prior to the present I.T. Act 2008, Indecent Representation of Women (Prohibition) Act, 1986, was
used along with sections 293 and 509 of the IPC and erstwhile section 67 of the I.T Act 2000 to prevent
obscenity and pornography targeting women in the cyber space. However, except the Indecent
Representation of Women (Prohibition) Act, 1986, none of the provisions mentioned above were
particularly focused on creation and distribution of adult porno materials or obscene materials using
innocent women in the cyber space. Publications of unconsented sexual materials in the cyber space were
prohibited in the true sense only after the new I.T. Act came into force. Sections 67 and 67- A of the I.T
Act 2008 deal with obscenity and sexually explicit materials in the internet. Section 67 says:
“whoever publishes or transmits or causes to be published in the electronic form, any material
which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave
and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear
the matter contained or embodied in it, shall be punished on first conviction with imprisonment of
either description for a term which may extend to three years and with fine which may extend to five
lakh rupees and in the event of a second or subsequent conviction with imprisonment of either
description for a term which may extend to five years and also with fine which may extend to ten lakh
rupees.”2
Section 67- A says:
“whoever publishes or transmits or causes to be published or transmitted in the electronic form any
material which contains sexually explicit act or conduct shall be punished on first conviction with
imprisonment of either description for a term which may extend to five years and with fine which may
extend to ten lakh rupees and in the event of second or subsequent conviction with imprisonment of
either description for a term which may extend to seven years and also with fine which may extend to
ten lakh rupees.”3

1
The Hicklin test has been modified with reference to judgments such as Miller v. California 413 U.S. 15 (1973) and in
India K.A. Abbas v. Union of India (1970) 2 SCC 780
2
See sec 67 IT Act 2000.
3
See sec 67A IT Act 2000

- 18 -
2. Cyber Stalking-

According to Oxford Dictionary Stalking means “pursuing stealthily”. In simple terms, it refers to
extension of physical form of stalking where electronic medium such as computer, internet, e-mail or any
other electronic device is used to pursue, harass or contact another person in an unsolicited manner. It
generally involve harassing or threatening behaviour that an individual engages in repeatedly, such as
following a person, appearing at a person’s house or place of business, making harassing phone calls,
leaving written messages or objects or vandalizing a person’s property. These crimes are done with the
sole motive of gaining control over the victim and thus targets women in most of the cases. Domestic
violence victims are one of the most vulnerable groups to traditional stalking. So it’s no surprise they are
vulnerable to cyber stalking as well. It’s a myth that if women “just leave” they will be okay. Cyber
stalking is a way to continue to maintain rigid control and in still fear into a domestic partner, even when
she has already left the relationship.
Despite a decade of research by criminologists on the matter, there exists no universally accepted
definition of cyber-stalking.1As a result, the exact scope and boundary of the behaviour, pattern and tactics
of cyber-stalkers is majorly unknown.2Irrespective of the glaring void in criminal jurisprudence on the
point, for the purposes of this paper, cyber-stalking shall be defined as:
“A group of behaviours in which an individual, group of individuals ororganisation, uses information
and communications technology to harass another individual, group of individuals or organisation.
Such behaviours may include, but are not limited to, the transmission of threats and false
accusations, damage to data or equipment, identity theft, data theft, computer monitoring, the
solicitation of minors for sexual purposes and any form of aggression. Harassment is defined as a
course of action that a reasonable person, in possession of the same information, would think causes
another reasonable person to suffer emotional distress.”3
While this is only one of the several definitions propounded by criminologists, one factor that is
accepted universally is the fact that the behaviour of stalking can range from the sending of a non-
threatening e-mail to a more serious encounter between the stalker and his target and generally involves
behaviour and action that is premeditated, repetitious, aggressive and vengeful.

Cyber-Stalking in India
The general legislation on the point is the Indian Penal Code which makes the use of “words,
sounds or gestures or exhibition of an object” with the intent to insult the modesty of a woman or even the
intrusion of a woman’s privacy an offence punishable with imprisonment for one year or with a fine.4 A
bare reading of this provision will highlight its inadequacies in addressing the problem of cyber-stalking.

1
L. McFarlane and P. Bocij, Seven fallacies about Cyber Stalking , 149(1) Prison Service Journal 37(2003)
2
EE Mustaine and R Tewksbury, A Routine Activity Theory Explanation for Women’s Stalking Victimizations, 5(1)
Violence Against Women 43 (1999).
3
L. McFarlane and P. Bocij, Online Harassment: Towards a Definition of Cyber Stalking, 139 Prison Service Journal 31
(2002).
4
Indian Penal Code, 1860, §509

- 19 -
 First, the provision focuses solely on the intention to insult the modesty of a woman and
therefore fails to acknowledge that cyber-stalking may be a gender-neutral crime and can be perpetrated
against males also, specially male children. Additionally, the requirement that a word must be spoken, a
sound should be heard or a gesture/object must be seen1makes the use of internet non-punishable since no
word is spoken, no sound heard and no gesture/object seen over the internet. Lastly, law-enforcement
officers may find it difficult to gauge the intention to insult the modesty of the woman in internet
communications.2
This deficiency was sought to be rectified by the enactment of the Information Technology Act,
2000.3 The IT Act was enacted with the purpose of recognizing electronic commerce in furtherance of the
United Nations Model Law on Electronic Commerce.4 Therefore, the first problem with the Act lies in the
Preamble itself where the statute adopts a more commercial outlook and does not even attempt to recognize
in the Preamble, the intention of the statute to regulate non-commercial criminal behaviour perpetrated
through an electronic mode.
Nonetheless, the provisions of the IT Act do attempt to penalize acts of cyber- stalking. Prior to the
2008 amendment, the first section that dealt with the issue is Section 67 which makes the publication of
any material that is “lascivious or appeals to the prurient interest or if its effect is such as to tend to
deprave and corrupt persons” punishable with imprisonment up to five years and fine up to one lakh
rupees which may increase to ten years and fine of two lakh rupees if the offender is convicted for the
second time.5 The second provision on cyber-stalking is Section 72, which penalizes the disclosure of
information obtained from “electronic record, book, register, correspondence, information, document or
other material” without the consent of the concerned person with imprisonment up to two years and a fine
up to one lakh rupees.

3. Cyber Bullying-
Cyber bullying can be defined as “the use of information and communication technologies such as
email, cell phone and pager text messages, instant messaging, defamatory personal Web sites, and
defamatory online personal polling Web sites, to support deliberate, repeated, and hostile behaviour by an
individual or group, that is intended to harm others. From this definition, it is apparent that cyber-bullying
is a communication-based phenomenon incorporating negative and hateful messages while utilizing the
nonverbal artifact of a computer to intimidate and harass victims.
The term Cyber Bullying was coined by Bill Belsey, Canadian educator. Cyber bullying is defined
as, using both information technology and communication technology beyond the limits in order to harm a
person’s reputation, state of mind, or to humiliate a person. It is an act by which the person being bullied
suffers an adverse effect. It is a deliberate attempt which can be continuous or one time. The bully can be a
1
Indian Penal Code, 1860, §509
2
Duggal, ibid.
3
Hereinafter “”IT Act”.
4
IT Act, 2000, Preamble
5
IT Act, 2000, §67.

- 20 -
known person or maybe an unknown person or a group. It is done using technologies such as internet, some
chat groups, instant messaging, short message service, web pages, e-mails, etc. The intention is to harm a
person. It is an act of a person who is either physically powerful or socially powerful over the victim. It can
also be in the form of developing a web site and posting obscene photos or defamatory text on it. Some
instances of cyber bullying can be a mere e-mail to someone who has expressed his contention of not
keeping any contact, posting pictures and sexual remarks. It is alarming to note that63% of harassers are
reportedly under the age of 18 years. As per the survey of 1400 school children grades 4-8th, produced by
[Link] in September, 2006, the results were surprising; 42% kids were cyber bullying victims,
in which 1/4th had it more than once; 35% were threatened, 21% had received mean or threatening
emails or messages.

❑❑❑

- 21 -
 CH.V
CYBER SECURITY & PROCEDURAL ASPECT IN INDIA

PART-I
CYBER SECURITY
The evolution of Information Technology gave birth to the cyber space wherein internet provides
equal opportunities to all the people to access any information, data storage, analyze etc. with the use of
high technology.1Due to increase in the use of technology and internet and anonymous nature of the
internet, misuse in the cyberspace grown up which gave birth to cybercrimes at the domestic and
international level as well.2
Information Technology Act, 2000
The Information Technology Act, 2000 (“IT Act”) widely regulates the interception, monitoring,
decryption and collection of information of digital communications in India. More specifically, section
69 of the IT Act empowers the Central Government and the State Governments to issue directions for the
monitoring, interception or decryption of any information transmitted, received or stored through a
computer resource. Section 69 of the IT Act expands the grounds upon which interception can take place
as compared to the Telegraph Act.
As such, the interception of communications under Section 69 is carried out in the interest of:
• The sovereignty or integrity of India;
• Defence of India;
• Security of the State;
• Friendly relations with foreign States;
• Public order;
• Preventing incitement to the commission of any cognizable offense relating tothe above; and
• For the investigation of any offense.

Section 69 Powers to Issue Directions for Interception or Monitoring or Decryption of Any

Information through Any Computer Resource (Substituted Vide ITAA 2008)
(1) Where the central Government or a State Government or any of its officer specially authorized by
the Central Government or the State Government, as the case may be, in this behalf may, if is satisfied
that it is necessary or expedient to do in the interest of the sovereignty or integrity of India, defence of
India, security of the State, friendly relations with foreign States or public order or for preventing
incitement tothe commission of any cognizable offence relating to above or for investigation of any
offence, it may, subject to the provisions of sub-section (2), for reasons to be recorded in writing, by order,

1
[Link]
2
[Link]

- 22 -
direct any agency of the appropriate Government to intercept, monitor or decrypt or cause to be intercepted
or monitored or decrypted any information transmitted received or stored through any computer resource.
(2) The Procedure and safeguards subject to which such interception or monitoring or decryption may
be carried out, shall be such as may be prescribed
(3) The subscriber or intermediary or any person in charge of the computer resource shall, when
called upon by any agency which has been directed under sub section (1), extend all facilities and
technical assistance to -
(a) Provide access to or secure access to the computer resource containing such information;
generating, transmitting, receiving or storing such information; or
(b) Intercept or monitor or decrypt the information, as the case may be; or
(c) Provide information stored in computer resource.
(4) The subscriber or intermediary or any person who fails to assist the agency referred to in sub-
section (3) shall be punished with an imprisonment for a term which may extend to seven years and
shall also be liable to fine.

Section 69-A Power to Issue Directions for Blocking for Public Access of Any Information through
Any Computer Resource
(1) Where the Central Government or any of its officer specially authorized by it in this behalf is
satisfied that it is necessary or expedient so to do in the interest of sovereignty and integrity of India,
defence of India, security of the State, friendly relations with foreign states or public order or for
preventing incitement to the commission of any cognizable offence relating to above, it may subject to
the provisions of sub-sections (2) for reasons to be recorded in writing, by order direct any agency
of the Government or intermediary to block access by the public or cause to be blocked for access by
public any information generated, transmitted, received, stored or hosted in any computer resource The
procedure and safeguards subject to which such blocking for access by thepublic may be carried out
shall be such as may be prescribed.
(2) The intermediary who fails to comply with the direction issued under sub-section
(1) shall be punished with an imprisonment for a term which may extend to sevenyears and also be
liable to fine.

Section 69-B Power to Authorize to Monitor and Collect Traffic Data or Information through Any
Computer Resource for Cyber Security-
(1) The Central Government may, to enhance Cyber Security and for identification, analysis and
prevention of any intrusion or spread of computer contaminant in the country, by notification in the
official Gazette, authorize any agency of the Government to monitor and collect traffic data or
information generated, transmitted, received or stored in any computer resource.
(2) The Intermediary or any person in-charge of the Computer resource shall when called upon by the

- 23 -
 agency which has been authorized under sub-section (1), provide technical assistance and extend all
facilities to such agency to enable online access or to secure and provide online access to the computer
resource generating, transmitting, receiving or storing such traffic data or information.
(3) The procedure and safeguards for monitoring and collecting traffic data or information, shall be
such as may be prescribed.
(4) Any intermediary who intentionally or knowingly contravenes the provisions of sub-section (2)
shall be punished with an imprisonment for a term which may extend to three years and shall also be
liable to fine.
Explanation: For the purposes of this section,
(i) "Computer Contaminant" shall have the meaning assigned to it in section 43
(ii) "traffic data" means any data identifying or purporting to identify any person, computer system or
computer network or location to or from which the communication is or may be transmitted and
includes communications origin, destination, route, time, date, size, duration or type of underlying
service or any other information.

Legal Landscape for Cyber Security-

Section 69B of the IT Act empowers the Central Government to authorise the monitoring and
collection of information and traffic data generated, transmitted, received or stored through any computer
resource for the purpose of cyber security and for identification, analysis and prevention of any intrusion
or spread of computer contaminant in the country. According to this section, any intermediary who
intentionally or knowingly fails to provide technical assistance to the authorised agency which is required
to monitor and collection information and traffic data shall be punished with an imprisonment which may
extend to three years and will also be liable to a fine. The term “cyber security” has been defined in section
2(nb) the IT Act as “protecting information, equipment, devices, computer, computer resource,
communication device and information stored therein from unauthorized access, use, disclosure,
disruption, modification or destruction”. Further clarity on the meaning and import of the term can be
gleaned from the Information Technology (Procedure and Safeguards for Monitoring and Collecting
Traffic Data or Information) Rules, 2009 which are discussed below.
The main difference between Section 69B and Section 69 (the provision for interception) is that
while the latter requires the interception, monitoring and decryption of information generated, transmitted,
received or stored through a computer resource, Section 69B specifically provides a mechanism for all
metadata through a computer resource for the purpose of combating threats to “cyber security”. Directions
under Section 69 can be issued by the Secretary to the Ministry of Home Affairs, whereas directions under
Section 69B can be issued by the Secretary of the Department of Information Technology under the Union
Ministry of Communicationsand Information Technology.

- 24 -
The Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data
or Information) Rules, 2009-
The Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic
Data or Information) Rules, 2009 issued under section 69B of the Information Technology Act stipulate
that directions for the monitoring and collection of traffic data or information can be issued by an order
made by the competent authority for any or all of the following purposes related to cyber security:
• forecasting of imminent cyber incidents;
• monitoring network application with traffic data or information on computerresource;
• identification and determination of viruses or computer contaminant;
• tracking cyber security breaches or cyber security incidents;
• tracking computer resource breaching cyber security or spreading virus or computer
contaminants;
• identifying or tracking any person who has breached, or is suspected of having breached or
likely to breach cyber security;
• undertaking forensic of the concerned computer resource as a part of investigation or internal
audit of information security practices in the computerresources;
• accessing stored information for enforcement of any provisions of the laws relating to cyber
security for the time being in force; any other matter relating to cyber security.1
According to these Rules, any direction issued by the competent authority should contain reasons
for such direction and a copy of such direction should be forwarded to the Review Committee within a
period of seven working days.2 Furthermore, these Rules state that the Review Committee shall meet at
least once in two months and record its finding on whether the issued directions are in accordance with the
provisions of sub-section (3) of section 69B of the IT Act. If the Review Committee is of the opinion that
the directions are not in accordance with the provisions referred to above, it may set aside the directions
and issue an order for the destruction of the copies, including corresponding electronic record of the
monitored or collected traffic data or information.3

Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data
or Information) Rules, 2011-
Rule 3 of these Rules designates the following types of information as ‘sensitive personal information’:
• password;
• financial information such as Bank account / credit card / debit card / otherpayment
instrument details of the users;

1
Rule 3(2), Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data or
Information) Rules, 2009.
2
Rule 3(3), Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data or
Information) Rules, 2009.
3
Rule 7, Information Technology (Procedure and Safeguards for Monitoring and Collecting Traffic Data or Information)
Rules, 2009.

- 25 -
 • physiological and mental health condition;
• sexual orientation;
• medical records and history;
• Biometric information;
This however, does not apply to “any information that is freely available or accessible in public
domain or accessible under the Right to Information Act, 2005”.
Rule 4 of these Rules requires a body corporate (or its agent) who collects, receives, possess,
stores, deals or handle information, to provide a privacy policy for handling of such personal information
ensure that the same is available for view by the providers of such information. The privacy policy is to
be published on the website of the body corporate (or its agent) and should provide for (i) its practices and
policies; (ii) type of personal or sensitive personal data or information collected; (iii) purpose of collection
and usage; (iv) disclosure of information; and (v) reasonable security practices.
Rule 6 of these Rules states that personal information and sensitive personal data should only be
disclosed in connection with the verification of identity, prevention, detection, investigation, prosecution
and punishment of an existing offence. Offences can only be created by a parent statute or another statute.
It may be relevant to note that these Rules add further grounds on which sensitive personal information
may be released such as verification of identity, punishment of offences, etc. which do not exist in section
69 of the IT Act, 2000. However, since these Rules have been issued under the IT Act therefore such an
expansion of the grounds beyond what is allowed in the parent Act (IT Act) should be considered as
illegal.
Rule 7 of these Rules states that sensitive personal data should only be transferred to a body
corporate or a person in India, or located in any other country in the world, that ensures the same level of
data protection that is adhered to by the bodycorporate as per these Rules. Moreover, such transfer of data
should only be allowed if it is necessary for the performance of the lawful contract between the body
corporate or any person on its behalf and the provider of information.
Rule 8 provides that body corporates shall be considered to have complied with their obligation
towards reasonable security practices “if they have implemented such security practices and standards and
have a comprehensive documented information security programme and information security policies that
contain managerial, technical, operational and physical security control measures that are commensurate
with the information assets being protected with the nature of business. In the event of an information
security breach, the body corporate or a person on its behalf shall be required to demonstrate, as and when
called upon to do so by the agency mandated under the law, that they have implemented security control
measures as per their documented information security programme and information security policies.”

- 26 -
National Cyber Security Policy-
National Cyber Security Policy was drafted in 2011 and was passed in the year 2013 for secure
computing environment and adequate trust & confidence in electronictransactions.
The key considerations for securing the cyber space include:
i) The security of cyber space is not an optional issue but an imperative need in view of its
impact on national security, public safety and economic well- being.
ii) The issue of cyber security needs to move beyond traditional technological measures such as
anti-virus and firewalls. It needs to be dynamic in nature and have necessary depth to detect,
stop and prevent attacks.
iii) Cyber security intelligence forms an integral component of security of cyber space in order to
be able to anticipate attacks, adopt suitable counter measures and attribute the attacks for
possible counter action.
iv) Effective correlation of information from multiple sources and real-time monitoring of assets
that need protection and at the same time ensuring that adequate expertise and process are in
place to deal with crisis situations.
v) There is a need to focus on having a suitable security posture and adopt counter measures on
the basis of hierarchy of priority and understanding of the inter dependencies, rather than
attempting to defend against all intrusions and attacks.
vi) Security is all about what people, process and technology and as such there isa clear need for
focusing on people and processes while attempting to use the best available technological
solutions, which otherwise could prove ineffective.
vii) Use of adequately trained and qualified manpower along with suitable incentives for effective
results in a highly specialized field of cyber security.
Security needs to be built-in from the conceptual design stage itself when it comes to developing
and deploying critical information infrastructure, asopposed to having security as an afterthought.

- 27 -
 PART-II
PROCEDURAL ASPECT
Cyber crime in general need a special procedure for investigation and prosecution due to the
intangible data involved in it. When a cyber crime is reported when the victim is an individual, there can be
three types of cases:
1. Cases of interpersonal harassment;
2. Financial crimes where the victim is targeted with phishing, job scam types of attacks or his/her
ATM/debit/credit card is unauthorisedly scanned or accessedand used and
3. Online harassment including cyber assisted offline crimes.

Investigation in cyber crime-

No special procedure to conduct investigation, trial etc is provided in IT Act so the general procedure
laid down in CrPc would apply with respect to investigation, charge sheet, trial, decision, sentencing and
appeal of cyber crimes. According to judicial interpretation, investigation consists generally of the following
steps:
1. Proceeding to the spot;
2. Ascertainment of the facts and circumstances of the cases;
3. Discovery and arrest of the suspected offender;
4. Collection of evidence relating to the commission of the offence which may consist of: (a) the
examination of various persons (including the accused) and the reduction of the statements into
writing, if the officer thinks fit; (b) the search of places or seizure of things considered necessary
for the investigation are to be produced at the trial; and
5. Formation of the opinion as to whether on the material collected there is a case to place the
accused before a Magistrate for trial, and if so taking the necessary steps for the same by the
filing of a charge-sheet Under Section 173 of Code of Criminal Procedure.

Compoundable offences among Cyber Crimes:

Offences punishable with imprisonment of up to three years are compoundable by a competent court.
However, repeat offenders cannot have their subsequent offences compounded. Additionally, offences
which affect the socio- economic conditions of the country or those committed against a child under 18
years of age or against women cannot be compounded1. Compounding means complainant will compromise
with the accused and withdraw his criminal complaint, which is normally not possible with any offence. Sec
324 of CRPC prescribes the procedure to compound the offence. Same procedure shall be followed for
cyber offences as well.

1
Section 77A of the Information Technology Act, 2000

- 28 -
Powers of Police Officers in Investigating Cyber Offence-
• Power to Confiscate: Section 76 lays down the conditions under which documents or things which
contain any information about the cyber crime or were used in committing the crime can be confiscated
by police or investigating officer.
• Power of Arrest: In India, sec. 80 of the IT Act, 2000 (Amended in 2008) states that notwithstanding
anything contained in the CrPc 1973, any police officer not below the rank of an inspector or any other
officer of the central government or a state government authorized by the central government in this
behalf may enter any public place and search and arrest without warrant any person found therein who is
reasonably suspected of having committed or of committing or of being about to commit any offence
under this Act.1
• Search to arrest the accused: Section 47 CrPC.: A Police officer is empowered to search anywhere in
India outside his jurisdiction if necessary. In general they take the help of local police.
• Power to Search persons: Section 156 CrPC.: Power to investigate cognizable offences. On mere
suspicion that a person is involved in committing a crime or is potential to commit a crime police can
arrest under this provision.
• Power to investigate non-cognizable offences: Section 155 CrPC.: In case of cognizable offence
police can immediately go to the scene of offence arrest all suspected accused without a warrant,
collect evidence and record statements ofwitnesses.
• Power to issue summons: Section 91 CrPC.: Summon to produce documents. If a police officer has
information that a person is in possession of some incriminating material such as floppy drives or pen
drives etc. he can send summonsto that person and ask him to produce the document or a thing to the
police officerfor the purposes of investigation. Summons are written orders addressed to a person in
whose possession the required document or a thing is available.
• Power to require attendance of witnesses: Section 160 CrPC : As per this provision the
Investigating Officer can summon persons who are acquainted with the facts of the case or can give
some information about the offence could be summoned to come to the police station and give
statements. These statements shall be recorded by Police officer and need not be signed by the maker
of statement. These statements are called as 161 statements, which can be used during trial.
• Power to issue Search Warrant: Section 93 CrPC : General provision as to search warrants. If a
person doesn‘t respond to summons or refuses to receivesummons the next coercive method available
in criminal procedure is issuing of search warrant. In this process a police officer is entitles to enter
any premises and search it and seize documents, which are useful for the investigation.

1
Explanation added to s.80 states, that (1) For the purpose of this section, the expression ‘Public Place’ includes any
public conveyance, any hotel, any shop or any other place intended for use by, or accessible to the public. (2) Where any
person is arrested under subsection(1) by an officer other than a police officer, such officer shall, without unnecessary
delay, take or send the person arrested before a magistrate having jurisdiction in the case or before the officer-in-charge
of a police station. (3) The provisions of the Code of Criminal Procedure, 1973 shall, subject to the provisions of this
section, apply, so far as may be, in relation to any entry, search or arrest , made under this section.

- 29 -
• Procedure for research: Sec 100 of CrPC: Search: A police officer can enter the premises and has to
prepare a seizure memo which contains a list of things seized in the said house. The search process
shall be conducted in the presence of two respectable inhabitants of the same locality. They have to
sign the seizure memo.

Bail in Cyber Crimes:

There are two classes of offences, bailable and non bailable recognized by Code of Criminal
Procedure. Bailable offences are petty offences whereas non bailable offences are serious offences. When an
accused is arrested for the alleged commission of a cyber crime he can apply for bail. If the offence is
bailable, court grants bail to him under sec 436 of CrPC. If the offence alleged is non-bailable, court grants
bail Sec 437 or 439 of CrPC.

- 30 -
 CH.-VI
JUDICIAL RESPONSES
India has a written constitution and codified laws. Its judiciary is of the highest integrity. The Indian
legislature and judiciary make constant efforts to bring about improvement in courts and dispense justice to
the victims. This chapter discusses the role of the judiciary in relation to cyber crime against women as
well as explores the steps taken by judiciary in order to curb cyber crime against women in India.

Cases Related to Cyber Crime against Women-

1. Dr. Prakash Vs. State of Tamil Nadu1 (famously known as sex doctor’s case)
The petitioner in this case was detained under section 3 (1) of the Tamil Nadu Prevention of
Dangerous Activities of Bootleggers, Drug Offenders, Goond as, Immoral Traffic Offenders and Slum
Grabbers Act. The main grounds of detention were that he was indulging in offences under section 67 of
the Information Technology Act, 2000, sections 4 and6 of the Indecent Representation of Women
(Prohibition) Act, 1986 and under section 27 of the Arms Act, 1969. The petitioner challenged his
detention under Article 32 of the Constitution.
The petition was dismissed, as the Supreme Court did not find much merit in the plea that the delay
of two days in furnishing translated copies of documents had caused any prejudice to the detent. It held that
the contents of the letter received from members of the public pro bono public, were not extraneous or
irrelevant.
This case highlights the importance of the courts exercising the interests of the contemporary society
and particularly the influence of the ―obscene material in electronic form on it while interpreting section
67. For this purpose, even the State Governments may have to apprehend perpetrators of ―cyber obscenity
by invoking local state legislations accordingly.
2. State Of Tamil Nadu Vs. Suhas Katti2
In the case of State of Tamil Nadu vs. Suhas Katti, which is considered as one of the first cases to be
booked under the Information Technology Act, 2000 (IT Act); the accused Katti posted obscene, defamatory
messages about a divorced woman in the Yahoo message group. The accused advertised the victim as one
who solicits for sex. The accused was convicted under sections 469, 509 of Indian Penal Code (IPC) and 67
of IT Act 2000 and was sentenced to undergo 2 years rigorous imprisonment and fine (India News, 2010).
The accused is found guilty of offences under section 469, 509 IPC and 67 of IT Act 2000 and the accused is
convicted and is sentenced for the offence to undergo rigorous imprisonment for 2 years under 469 IPC and
to pay fine of Rs.500/-and for the offence u/s 509 IPC sentenced to undergo 1 year simple imprisonment and
to pay fine of Rs.500/- and for the offence u/s 67 of IT Act 2000 to undergo rigorous imprisonment for 2
years and to pay fine of Rs.4000/- All sentences to run concurrently.” The accused paid fine amount and he
was lodged at Central Prison, Chennai.

1
[Link]. 7313 of 2002
2
4680 of 2004 Criminal Complaint.

- 31 -
 This is considered as the first case convicted under section 67 of Information Technology Act 2000
in India. The impact of the case was far reaching. The internet had only started to emerge hugely within the
Indian context and the laws for it were hardly stringent. However, the IT act and its implementation in this
case helped both the courts and the public: it set a benchmark for the courts, inspired people and gave them
strength to lodge cases in case they were harassed on the internet.
3. Ajeet Singh Vs. the State of Jharkhand1
In this case the court denied the bail petition of the accused on the ground that he had circulated the
pictures in which the victim was captured being raped. Along with sections 355(which prescribes
punishment for assault or criminal force with intent to dishonour person, otherwise than on grave
provocation)/376(prescribes punishment for rape )/387(prescribes punishment for putting person in fear of
death or of grievous hurt in order commit extortion)/420(prescribes punishment for cheating and dishonestly
inducing delivery of property )/499(which defines defamation) /120B (which prescribes punishment for
criminal conspiracy) of the Indian Penal Code, and Section 67 of I.T. Act (which prescribes punishment for
publishing or transmitting obscene material in electronic form), the accused was also booked under Section
6 of the Indecent Representation Of Women (Prohibition) Act.
4. Manish Kathuria Vs Ritu Kohli
The first reported case of cyber-stalking in India and the reason for the 2008 amendment to the IT
Act2, the Manish Kathuria case involved the stalking of a woman named Ritu Kohli. Kathuria followed
Kohli on a chat website, abused her by using obscene language and then disseminated her telephone number
to various people. Later, he began using Kohli’s identity to chat on the website “[Link]”. As a
result she started receiving almost forty obscene telephone calls at odd hours of the night over three
consecutive days. This situation forced her to report the matter to the Delhi Police.3 As soon as the complaint
was made, Delhi Police traced the IP addresses and arrested Kathuria under Section 509 of the Indian Penal
Code. The IT Act was not invoked in the case, since it had not come into force at the time when the
complaint was filed.
While there is no record of any subsequent proceeding, this case made Indian legislators wake up to
the need for a legislation to address cyber-stalking. Even then, it was only in 2008 that Section 66-A was
introduced. As a result, now cases are being reported under this section as opposed to Section 509 of the
Indian Penal Code, as was the case where a Delhi University student was arrested for stalking a woman
from Goa by creating fake profiles on social networking websites, uploading pictures on them and declared
her to be his wife.12 It is hoped that the decision in this would favour the victim.

1
Case no. 208 of 2004 corresponding to g. r. no. 853 of 2004 including the order dated 25.10.2004 passed by the learned
judicial magistrate 1st class, bokaro whereby and where under cognizance has been taken for the offence punishable
under ections 406, 420 & 120(b) of the i.p.c.3. it has been stated by the learned counsel for the petitioner that no offence
with respect to cheating and criminal breach of trust is made out against the petitioner as the dispute relates to a
transaction related to the bank. it has been stated thus that the stock which was alleged to have been sold out by the
petitioner ultimately belonged to the petitioner.....
2
P. Shah, Cyber Stalking & the Impact of its Legislative Provisions in India, [Link]
impact-of-its-legislative-provisions-in-india (last visited Nov. 4, 2016).
3
D. Halder and K. Jaishankar, Cyber Crimes against Women in India: Problems, Perspectives and Solutions, 3(1) TMC
ACAD. J. 48, 55 (2008).

- 32 -
5. Karan Girotra V. State 1
The only reported case till date to reach the judiciary on cyber-stalking is also merely an application
to grant anticipatory bail. This case dealt with a woman, Shivani Saxena, whose marriage could not be
consummated; as a result she filed for divorce by mutual consent. In the midst, she came across Karan
Girotra while chatting on the internet, who told her he loved her and wanted to marry her. On the pretext of
introducing her to his family, Girotra invited Saxena over to his house, drugged her and assaulted her
sexually. He continued to assure her that he would marry her and began sending her obscene pictures from
the night she was assaulted. He also threatened to circulate the pictures if she did not marry him. As a result,
an engagement ceremony was performed between the two after which he continued to assault her and
eventually called off her engagement to her.2As a result, Saxena filed a complaint under Section 66-A of the
IT Act.
Though the Court rejected the plea of anticipatory bail on the ground that nude and obscene pictures
of Saxena were circulated by Girotra, an act which requires serious custodial interrogation, nonetheless it
made some scathing remarks. According to the Court Saxena had failed to disclose her previous marriage to
Girotra merely because she agreed to perform the engagement ceremony, even though such mention was
made when Girotra had first professed his love to Saxena. The Court also took noted that there was a
delay in lodging the FIR by Saxena. What is more shocking is that the Court held that Saxena had
consented to the sexual intercourse and had decided to file the complaint only when Girotra refused to
marry her.
This case highlights the attitude of the Indian judiciary towards cases involving cyber-stalking. It is
appalling that factors as redundant as a delay in filing the FIR have a huge bearing on the outcome of the
case. It is for this reason that more stringent legislations are the need of the hour.

1
2012 VAD (Delhi)
2
Karan Girotra v. State, 2012 VAD (Delhi) 483.

- 33 -
 [Link]
UPSURGE IN CYBER CRIME AGAINST WOMEN DURING COVID PERIOD

With pandemic disrupting businesses and with remote working becoming reality, cyber criminals
have been busy exploiting vulnerabilities. Year 2020 saw one of the largest numbers of data breaches and
the numbers seem to be only rising.
According to Kaspersky’s telemetry, when the world went into lockdown in March 2020, the total
number of bruteforce attacks against remote desktop protocol (RDP) jumped from 93.1 million worldwide in
February 2020 to 277.4 million 2020 in March—a 197 per cent increase. The numbers in India went from
1.3 million in February 2020 to 3.3 million in March 2020. From April 2020 onward, monthly attacks never
dipped below 300 million, and they reached a new high of 409 million attacks worldwide in November
2020. In July 2020, India recorded its highest number of attacks at 4.5 million.
In February 2021—nearly one year from the start of the pandemic—there were 377.5 million brute-force
attacks—a far cry from the 93.1 million witnessed at the beginning of 2020. India alone witnessed 9.04
million attacks in February 2021. The total number of attacks recorded in India during Jan & Feb 2021 was
around 15 million.
A data breach, irrespective of the modus operandi, has grown many folds in India. However, the
disturbing trend in India has been firms’ failure to acknowledge that a breach has happened, which then
makes individual users wonder if their data is safe at all.
Take the instance of the recent data breach at the payment firm Mobikwik. It was reported that the data
breach incident has affected 3.5 million users, exposing know-your-customer documents such as addresses,
phone numbers, Aadhaar card, PAN cards and so on. The company, till now, has maintained that there was
no such data breach. It was only after the regulator Reserve Bank of India (RBI) asked Mobikwik to get the
forensic audit conducted immediately by a CERT-IN empanelled auditor and submit the report, that the
company is working with requisite authorities.
One of the reasons for the high number of data breaches is that because India with its booming
startups and powerhouses is a highly attractive market for Cybercriminals. Also, as Indian companies today
are financially well to do, they have a brand to worry about apart from the massive amount of personal,
financial and user behavioural data that they hold. According to a recent study by Infosys-Interbrand, the
potential risk in brand value of data breach to the world’s 100 most valuable brands could amount to as
much as $223 billion
“The whole point of ransomware attacks has now shifted to name and shame modus operandi. Pre-
Covid, hackers would just encrypt the data and ask for a ransom to hand over the decryption key to the
company. But now while they encrypt the data, but before doing that, they exfiltrate the data so that they can
further pressurise and threaten the company into releasing money otherwise their customer data will be sold
over the dark web. Bitcoin seems to be the new fav mode of payment as it is highly secure and almost
impossible to track,” said Desai of Sequretek.
- 34 -
 According to a study by IBM Security, the average total cost of a data breach in India touched Rs 14
crore in 2020 (an increase of 9.4 per cent from last year) as the average time to contain a data breach
increased from 77 to 83 days. The cost comes to Rs 5,522 for a single lost or stolen record, an increase of 10
per cent from 2019.

BOIS LOCKER ROOM CASE-

Basically, on May 3, 2020, a Twitter User posts some screenshots of an Instagram group wherein the
members were sharing obscene pictures of females, body shaming the females and passing derogatory
statements. Under these chats, almost all of the group members actively participated in the conversation.
These screenshots drew the attention of Delhi Police and the DCW, due to which a police case was
registered by the Delhi Police Cyber Cell by themselves because it was a cognizable offence and under the
Indian Penal Code the police can register the FIR as soon as they get to know about the incident and same
happened in the case of ‘Bois Locker Room’. The chats were exposed only when one of the members of the
group posted obscene pictures of his classmate which the girl got to know from her friends who were part of
that group chat and she exposed the same. After the chats of the group went viral the members of the group
started threatening those who were involved in the exposing of the chat screenshots and even made a
separate account where it was written that “this is bois locker room 2.0, join with fake id so that we won’t
get caught’ The messages in the group were raising eyebrows because it was related to sharing of private
and morphed photos of minor girls.

BULLI BAI CASE-

The Bulli Bai case is related to an online mock auction of Muslim women in India. Photos of prominent
Muslim journalists and activists were uploaded on the Bulli Bai app without their permission where they
were auctioned virtually. Like Sulli Deals, the app did not actually sell anyone, but harassed and humiliated
these women. The app has been removed from the Internet platform GitHub, where it was hosted, following
outrage over the app.

The police investigating the case, have linked the creators of the app to alt-right group "Trads" (stand s for
"traditionalists), who promoted genocide against minorities.

On 4th of July, 2021 several Muslim women pictures were posted on twitter as "deal of the day". After
which several accounts started speaking against the Sulli Deals app which was hosted on GitHub as "open-
source project." After multiple complaints, GitHub took the app down and suspended the "Sulli Deals"
account which hosted the app. Delhi Police investigated the matter and did not make any arrests in the Sulli
Deals case until end of 2021. In January 2022 Delhi police claimed to have arrested the creator of Sulli
Deals from Indore Madhya Pradesh.

- 35 -
 ❑❑❑

- 36 -
 [Link]
CONCLUSION

Crime in any form adversely affects all the members of the society. In developing economies, cyber
crime has increased at rapid strides, due to the rapid diffusion of the Internet and the digitisation of
economic activities. There is huge penetration of technology in almost all walks of society right from
corporate governance and state administration, up to the lowest level of petty shop keepers computerizing
their billing system, we find computers and other electronic devices pervading the human life. The
penetration is so deep that man cannot spend a day without computers or a mobile. Snatching some one’s
mobile will tantamount to dumping one in solitary confinement!
As the world moves into the new century we are faced with an ever unceasing reliance upon
technology and particularly the internet, in our day to day lives. The element of anonymity and lack of
territorial borders in cyber space makes internet an attractive medium for criminals to commit crimes. Not
only the conventional crimes such as thefts, extortion, defamation or forgery are committed through
computers but also new forms of crime have emerged such as hacking, spoofing, email bombing, spreading
Trojans, virus and worms, data diddling, phishing attacks etc.
One of the cyber law experts and Supreme Court lawyer Mr. Pawan Duggal has suggested that there
is urgent need for special tribunals being set up headed by well equipped and properly trained Judges to deal
solely with cybercrime cases.1Another cyber law specialist Shri Prathmesh Popat practicing in Mumbai has
underlined the need for computer friendly lawyers and Judges who are well versed with the functioning of
the computer system and its operational pitfalls to handle cybercrime cases.
There is need to change the sense or attitude of the society towards women, not to consider woman
as a commodity. People have to understand that violence against women is nothing but a manifestation of
gender discrimination and inequality in gender power relations.
From the above discussion it is found that Cyber Law and enforcement is not effective to check the
cyber-crime against women in India, although India has laws to deal with sexual offences targeting women
and girls, but these laws are still half baked laws. There is an IT Act 2000 to deal with all cyber crime but
crimes against women is not properly covered by the Act. There is neither Expert law enforcement agency
nor any Specialised courts to effectively deal with cyber crime against women in India. Hence, it
would be prudent to make an exhaustive code to tackle an unforeseen contingency.

1
Pawan Duggal: Cyber Crime (2003) p.154.

- 37 -
 Suggestions

1. No mention of women investigating officer or “reporting cell” for women exclusively in the I.T Act,
2000 (amended in 2008): It is indeed unfortunate to note that there is no mention of gender centric
victim assistance cell by the present Act. Section 78 of the I.T Act, 2000 (amended in 2008) and
Section 80(1) mentions only about an officer in a gender-neutral term and not specifically mention
whether a male or female officer is eligible to investigate or search or arrest in certain cases. Due to
the fear of social stigmas the female victims prefer not to seek police or judicial assistance. Hence, it
is very essential that there should be a women’s wing in the cyber police cells for reporting
victimization of women exclusively and victims must be encouraged to contact this cell for
procedural help. So preference should be given to women officers in appointment.
2. Again, under no section in IT ACT 2000, Obscenity – personal viewing – Is an offence, in fact like
in IPC 292 again if it is proved that you have published or transmitted or caused to be
published in the electronic form only then under Section67 it can be an offence.
3. The IT Act 2000 does not mention the typical cyber crimes like cyber stalking, morphing and email
spoofing as offences. So proper definition should be given in the Act in order to book a person in
particular section.
4. Only commercial crimes are dealt under IT Act so a new law in complete measures are required.
5. Comprehensive cyber law act should be there in order to deal with cyber crimes as IT Act is not
sufficient.
6. Special penal law is required in order to deal with investigation and evidence issues.
7. Cyber Crime Cells have to be set-up in each States (district) and Union Territories for reporting and
investigation of Cyber Crime cases.
8. Government have to set up cyber forensic training and investigation labs in the every single states
for training of Law Enforcement and Judiciary in these States.
9. Training should be imparted to Police Officers and Judicial officers in the Training Labs established
by the Government.
10. India needs to sign a cyber crime convention-
India is also signatory to the united nation convention against transnational organized crime that
addresses terrorism, drug trafficking and other serious crimes but does not deal with cyber crimes.
A cyber crime convention or treaty is thereforean imperative need.
11. Understanding and deploying technical measures-
Since cyber crimes are committed through use of technology, understanding the loopholes of
technology is very essential to form an effective strategy to combat cyber crimes. Adequate training of law
enforcement personnel is required and greater awareness is required to be disseminated across the general
society to reduce the incidents of cyber crimes.
12. Spreading awareness to combat cyber crimes-

- 38 -
 An important first step to curtail rise in cybercrimes is to educate the people especially women and
aware them about cyber crimes so that they can combat cyber crime.
13. Police personnel must be given training in order to tackle and handle cyber crimes. For this
purpose, workshops and seminars on cyber space education must be organized. Women should also
participate in such type of activities.

- 39 -
 [Link]
BIBLIOGRAPHY
BOOKS:-
▪ J.P. Mishra, An Introduction to Cyber Laws, 1st Edition (Allahabad: Central Law Publication , 2012)
▪ K.P. Malik., Computer and Information Technology Law ,(Allahabad:Allahabad Law Agency, 2010)

ARTICLES:-
▪ D. Halder and K. Jaishankar, Cyber Crimes against Women in India: Problems, Perspectives and
Solutions, 3(1) TMC ACAD. J. 48, 55 (2008).
▪ D. Halder and K. Jaishankar, Cyber Crimes against Women in India: Problems, Perspectives and
Solutions, 3(1) TMC ACAD. J. 48, 55 (2008)
▪ Jonathan James McCreadie Lillie, “Cyberporn, Sexuality, and the Net Apparatus”, Convergence 2004;
10; 43.
▪ Nishant Shah, ‘Subject to Technology: Internet Pornography, Cyber-terrorism and the Indian State’,
Inter-Asia Cultural Studies, 8:3, 2007, pp. 349–366.
▪ S. Basu and R. Jones, Regulating Cyberstalking in Crimes of the Internet 141
▪ (F. Schmalleger and M. Pittaro Eds., 2008).

REPORTS:-
▪ J. Finn, A Survey of Online Harassment at a University Campus, 19(4) J. Interpersonal Violence
468 (2004).
▪ J. Petrocelli, Cyber Stalking, 53(12) Law & Order 56 (2005).
▪ J. Reno, Report on Cyber Stalking: A New Challenge for Law Enforcement and Industry, United
States Department of Justice, Feb. 18 2006.

WEBSITES:-
▪ [Link] latestnews
▪ [Link] 1086/1006
▪ [Link] [Link]/vol13/issue1/[Link]
▪ [Link] technology/[Link]
▪ [Link] [Link]
▪ [Link]/Cyberbullying_Identification_Prevention_Response_Fact_Sheet.pdf

❑❑❑

- 40 -