CYBERCRIME IN INDIA : CHALLENGES AND

SOLUTIONS

THESIS SUBMITTED FOR THE DEGREE OF

Doctor of Philosophy
in
Law

Supervisor Submitted By
Prof. D.K. Srivastava Anamika Singh

FACULTY OF LAW
BANARAS HINDU UNIVERSITY
VARANASI- 221005
INDIA

Enrolment no. 362425 2021

 Chapter-6

Conclusion and Suggestions

6.1 Conclusion

Dealing with the basic problem related to cybercrime, the researcher has found
that it has substantive and procedural challenges. While dealing with the introduction
part of the first chapter, we have found that the new technology of communication takes
place in a virtual medium called cyberspace. Information technology has provided new
sophisticated tools to carry out traditional crimes and some new kinds of crimes have
also emerged. As the dependence of human beings on technology is considerably
necessary, the number of cybercrimes and their consequences are also increasing. Yet,
cybercrime has disastrous consequences to countries all over the world. However, no
meaningful platform has been created to check it by the countries of the world.
Cybercrime is a generic term that covers an entire range of crimes that involve
computers or computer networks either as a target or as an instrumentality or associate.
Any criminal activity that takes place in the so-called cyberspace comes under the
preview of the term cybercrime. As the entire human activities are increasingly being
performed through the internet, there is no human activity, which is untouched by the
impact of cybercrime, whether it may be financial and banking transactions, online
trade, Stock market, Metro Rail, and so on. Cyberspace has no territorial boundaries.
The internet enables information between two persons irrespective of their physical
locations, which is of tremendous potential use as well as it can be misused to perform
destructive activities. Before proceeding to further study the researcher has done a
literature review of various books on cybercrime such as Chandradeep Singh’s, “Cyber
Crimes with special reference to the information technology Act, 2008”,1 Divya
Rastogi’s, “Cyber Law and Cyber Crimes”2, Dr M. Dasgupta’s “Cyber Crime in India:
A Comparative Study”,3 Nandan Kamath’s edited work “Law relating to computer
Internet and E-commerce: A Guide to Cyber Laws and Information Technology Act,

1
Chandradeep Singh Samrao, Cyber Crimes with special reference to the Information Technology Act,
2008, (Random Publications, New Delhi, 2013).
2
Divya Rastogi, Cyber Law and Cyber Crimes, (Whytes & Co. New Delhi, 2017).
3
Dr M. Dasgupta, Cybercrime in India, (Eastern Law House, Kolkata, 2016).

Page | 298
 Conclusion and Suggestions

2000”,4 Robert Moore’s Cybercrime Investigating High Technology Crime,”5 S.K.

Verma and Raman Mittal’s, “Legal Dimensions of Cyber Space”,6 Dr. S.V. Joga Rao’s
“Cyber Crimes & Information Technology Law”,7 Steven Furnell’s, “Cybercrime
Vandalising the Information Society”,8 Dr. Talat Fatima’s, “Cybercrimes”9 Vakul
Sharma’s, “Information Technology: Law and Practice”10 and Vivek Sood’s, “Nabhi’s
Cyber Crimes Electronic Evidence and Investigations Legal Issues”11 I have found that
first India’s cyberlaw is Information Technology Act, 2000, which is based on
UNCITRAL Model, and was framed to give recognition to e-transactions and e-
commerce. On the basis of aforesaid study, we have found the following problems to
study, understand and analyse the concept of cybercrime and also to understand the
substantive and procedural challenges (i.e. jurisdictional, investigative and procedural
challenges) in combating cybercrime and to find out the possible solutions to curb the
menace of cybercrime. After going through the aforesaid literature, we have formulated
the hypothesis, that the IT Act, 2000 is not sufficient for dealing with cybercrime; and
the law enforcement agencies are not well trained and equipped to deal with such
crimes.

The purpose of this study to provide adequate guidance to law enforcement

authorities to deal with the problems of cybercrime more effectively and efficiently.

The second chapter is divided into three parts, the first part covers history. In
this part we have found that along with the development of computer technology,
computers and cybercrimes also developed. The Internet was developed by the
American Research Project Agency, which itself was not immune to the outbreak of
computer crimes. A technique was developed through which the quick exchange of

4
Nandan Kamath, Law relating to computer Internet and E-commerce: A Guide to Cyber Laws and
Information Technology Act, 2000, (Universal Law Publication Co., New Delhi, 5th Edition, 2012).
5
Robert Moore, Cybercrime Investigating High Technology Crime, (LexisNexis, 2005).
6
S.K. Verma and Raman Mittal, Legal Dimensions of Cyberspace, (Indian Law Institute Publication,
2004).
7
Dr. S.V. Joga Rao, Cyber Crimes & Information Technology Law, (Wadhwa and Company, Nagpur,
1st Edition, 2007).
8
Steven Furnell, Cybercrime Vandalising the Information Society, (Addison Wesley, London, 2002).
9
Dr. Talat Fatima, Cybercrimes, (Eastern Book Company, Lucknow, 2016).
10
Vakul Sharma, Information Technology: Law and Practice, (Universal Law Publication Co., New
Delhi (LexisNexis, 5th Edition, 2017).
11
Vivek Sood, Nabhi’s Cyber Crimes Electronic Evidence and Investigations Legal Issues, (Nabi’s
Publication, New Delhi, 2010).

Page | 299
 Conclusion and Suggestions

information was possible, called the Internet. The Internet is a network of hypertext
documents that can be easily accessed with the help of a World Wide Web browser. In
collaboration with the World Wide Web and the Internet, a virtual space was created
called Cyberspace, space through which information is exchanged, created with the
help of computers and networks. The development of computer-related crimes was
found in four stages in which computer abuse was found in the first phase,
criminalization of such acts in the second phase, hacking activities were found in
abundance in the third phase and efforts are being made to control it in the fourth phase.
It was only in the 1960s when computers in their development phase and related
criminal activities started coming to notice. New types of crime computer sabotage etc.
began to occur. In 1970, these techniques became available to the general public. Since
then, crimes related to computer networking began to be seen. In the nineteen-eighties,
it began to get more expansion, with activities like viruses, worms, computer intrusion
and cyber-attacks. In the case of R v. Gold,12 it was found that the act of the accused
was unauthorised, yet there was not enough law to prosecute it, because of this, the first
cyber legislation was formed. Thus, the legislators started taking necessary steps to
prevent cybercrime.

The second part covers the nature and definition of cybercrime, while studying
this, we have found that cybercrime is a crime whose genus is a traditional crime, but
it uses a computer as a tool or target. For this, many names like computer crime, digital
crime, electronic crime, etc. are used. As the basic principle of crime is that crimes are
committed where there is a possibility of crime and that the possibility of committing
cybercrime is plentiful in the field of information technology. The development of
information technology has led to the creation of a borderless area, which the criminals
use to fulfil their objectives. In cybercrime, the criminal uses his specialised knowledge
in technology to commit the crime. It has been seen that more technology is used, the
more opportunities criminals get for committing a crime. The fundamental principle of
crime is that the offence is an act done in violation of criminal law. While studying this,
we found that there is no definite definition of cybercrime that is universally acceptable.
The victim of a crime can be any person, institution, or country. In the current situation,

12
[1988] 1 AC 1063 (HL).

Page | 300
 Conclusion and Suggestions

cybercrimes can be the biggest threat to the national security of any country. Along
with this, it has also been seen that cybercrimes can be done without being present
online such as software piracy. Since, in these crimes, some traditional crimes are
committed by computer and there are some new types of crimes, therefore, there is only
a procedural difference in dealing with it.

The evidence in it, is intangible so can easily be changed. In addition, criminals

do not get caught many times using anonymity to cover it. Thus, these crimes are
complex due to the transnational nature and technical process. Along with this, the
theory of cybercrime states that because this crime is in multiple jurisdictions and there
is no mutual support in those areas, proper action cannot be taken against criminals. In
some cases, a lack of awareness about a crime is also responsible for increasing number
of cybercrime cases. Cybercrime is a crime in which crime is carried out with the help
of computers and networks. The definition is given by the US Department of Justice in
1989 on this subject still applies, according to which the first is the illegal use of
hardware, software and devices in the category of cybercrime; the second in which the
computer is used as a tool or subject; and the third involves the crime in which the
computer is used as an instrument. Subsequently, in 2001, the European Convention
presented a detailed definition of cybercrime, with the first part related to the
confidentiality, integrity and availability of computer data; in the second part Computer
Related Offenses; in the third part Content Related Offences and the fourth part
mentions Copyright and related offences.

Elements of crime are also found in cybercrime that are actus reus and mens
rea, but due to actus reus dynamic and wide-ranging, it is difficult to prove. The Act
covers many computer-related offences such as tampering with computer source
documents, computer-related crimes, obscene material related offences, etc.
Cybercrime has four stages of crimes, which are planning, execution, concealment and
conversion. Cybercrime is different from traditional crime in investigative matters as it
is a problem due to the lack of adequate cyber forensic development. Cybercrimes
include the exchange of illegal goods, economic crime and privacy violations.

There is no standard classification available in this context and it can be divided

in different ways. For example, crimes against a person include crimes committed

Page | 301
 Conclusion and Suggestions

against a person and an object. The crimes committed concerning the person include
hacking, stalking, propagation of obscene material, defamation, etc. Whereas, a crime
against the object includes virus flow, net vandalism, net trespass, unauthorised control
over the system, hacking, cracking, etc. Crimes against the institution include crimes
against the government and the organisation. Hacking, cracking, unauthorized access,
cyber terrorism and distribution of pirated software are the main crimes against
government and organization. Similarly, a crime against society includes pornography
and human trafficking. Further, classification based on computer application includes
computer as a tool, computer as a target, computer incidental to crime and computer as
an associate to crime. The computer is used as an associate where other means are also
used along with the computer. The classification of cybercrime on the basis of content-
based classification is racial hate and child pornography. Also, if classified based on
the offenders, it can be classified into the insider and outsider cyber criminals. Experts
have proposed two dimensional and three-dimensional classifications in this regard. In
two dimensional classifications, the computer is used either as a tool or as a target, to
commit crimes. Even if the computer is used as a tool, it can be further classified into a
technology-enabled or technology-enhanced category. Apart from this, in the 3-
dimensional classification of these crimes, computers are placed under the category of
a target, tool and incidental use of a computer. It was observed that where a computer
application is like a tool, there is not much technical knowledge required, but where the
computer is used as a target, technical knowledge is required. In this context, excellent
work has been done by Alkabi et al, in which type 1 and type 2 classification of
cybercrimes has been done. Type 1 crime involves the use of computers as targets such
as unauthorized access, malicious code, etc., and Type 2 crime using computers as tools
such as child pornography, etc. Another classification of this was also given by Talat
Fatima, which included computer crimes as pure cybercrime, such as hacking
unauthorized access, etc., and traditional crimes involving the use of computers such as
the destruction of electronic evidence, etc. In this chapter, we have studied various
cyber crimes and tried to understand their nature. We found in this chapter that there is
no definite definition of cybercrimes nor is there any definite and harmonized
classification available in this context, based on which a global legislation can be

Page | 302
 Conclusion and Suggestions

formed to deal with it. Therefore, there is an urgent need for a definite definition and
definite classification of cybercrimes as it is a crime of transnational nature.

In third part of second chapter, I have studied some major cybercrimes, which
are very much prevalent, since no part of human life, is left untouched by the impact of
information technology, cybercrime also having adverse effects on society. Therefore,
an attempt has been made to understand their nature by taking some major crimes; these
are cyber hacking, cyber fraud, cyber terrorism and cyber obscenity.

While studying cyber hacking, we found that cyber hacking has been the
prominent crime of the information age. There have been many securities-related cases
in India relating to cyber hacking, in which hackers have hacked sensitive websites such
as DRDO and BARC. Hacking means unauthorised access to any data or program.
Hackers perform hacking by detecting vulnerabilities in computer systems or services,
or by using sophisticated automated equipment. Hackers can be of four types: malicious
hackers, crackers, phreakers, and hackers. The European Convention provides for the
substantive law in this context, which includes illegal access, illegal interception, data
interference and system intervention. Part 3 of the Convention makes provisions
regarding international cooperation and mutual legal assistance treaty.

The Global Internet Liberty Campaign (GILC) provides the interception of

international communication and traffic data and the full range of Internet access to the
police to prevent such abuse.

The United Kingdom has passed the Computer Abuse Act, 1984 in this context,
which was the result of legal hurdles encountered in the R v. Gold case. According to
the Confederation of British Industry (CBI), the UK survey have found that the growth
and development are being adversely affected due to increasing activities like hacking,
due to which it has been said to increase its scope of the Act.

The United States of America has passed the Spyware Control and Privacy
Protection Act, 2000 for prohibiting deceiving activities, DoS attacks, etc. There have
been many cases related to the hacking of sensitive Government information in the
USA, UK, and India. Although, no decided case is available in India in this regard, but
there have been incidents where attempts have been made to hack much secret

Page | 303
 Conclusion and Suggestions

information of the Government of India. The essential element of hacking is intentional

damage with knowledge and the result is to alter, detect, damage and to affect
injuriously. In India, cybercrime cases are dealt under the Information Technology Act,
2000, (IT Act, 2000) along with IPC, 1860 and other related legislations. According to
the Central Emergency Response Team, India, 33147, 30607 and 15779 cases of
hacking have been reported in India in 2016, 2017 and 2018 respectively. In the year
2019 alone, CERT- In reported 3.94 lakhs cyber security incidents, which was 2.08 lakh
in 2018. However, no leading judgment is available as yet. Many cases have been
registered in this context. Most of them are under consideration or action has not been
taken due to lack of evidence.

It is therefore, respectfully submitted that as hackers do hacking by acquiring

knowledge of technology and using the free tools available on the Internet because it is
a dynamic process, so we need a more vigilant and dynamic mitigation process in this
context. Every new user who uses information technology needs the necessary training
in this context. The Government and law enforcement agencies are paying attention to
this context, but still, such crimes are increasing. Because there are ignorance and lack
of necessary information in a large section of the population due to which an increase
in such incidents is being observed. Judiciary also requires proper training for
cybercrime cases and separate fast-track courts for these offences. For this, technical
shortfalls can be solved with the help of the Ethical Hacking Team.

Cyber fraud involves hiding or misinforming information with the help of the
Internet. There are many types of online sales of stolen goods, non-delivery of goods,
payment related, advertising fraud, fee fraud, misrepresentation, phishing, spoofing,
lottery fraud, email related. The UK Audit Commission report has identified six types
of cyber fraud, including input, output, programs and data fraud. The first case in this
context came from R. v. Gold13, after which a related legislative framework was created
to prevent these types of crimes. In the USA, the Computer Fraud and Abuse Act, 1984
was passed and federal statute title 18 US Code section 1030 also deals with fraudulent
activities that are against confidentiality, integrity and availability of data. The purpose

13
[1988] 1 AC 1063 (HL).

Page | 304
 Conclusion and Suggestions

of which is to prevent unauthorized access and prevent the exceeding of the limit of
authorised access.

In India, it is treated under IPC, 1860 and IT Act, 2000. However, in this
reference, no leading judgment of the court is available. While such activities are the
highest among cybercrimes. There can be many types of modus operandi. Therefore, it
is submitted that since these crimes are related to banking and financial institutions,
therefore, continuous monitoring and surveillance of these installations and vigilance
of the victim can be effective in preventing these crimes. It is necessary to take
necessary vigilance with the government as well as the people to prevent this. The
business enterprise needs to provide training to its employees related to the prevention
and control of cybercrimes, as well as special programs for every section of society in
this subject.

Cyber obscenity is also liable to be condemned and regulated. Obscenity and

pornography tend to corrupt minds, which can be regulated on grounds of decency and
morality. In Miller's case, the test was set according to which, based on current society
standards, conduct that appeals to prurient interest and is done offensively, is against
the community standard and does not contain any literary, artistic or scientific value
will be considered obscene. Section 67 of the IT Act 2000 deals with cyber
obscenity. The European Convention has also criminalized child pornography and
made provisions in this regard.

The obscenity in the R v Curl14 case has been considered a UK common law
offence. In R. v. Hicklin15 held that such a material that affects the minds by such
immoral and contaminating material is obscene. Therefore, those involved in its
publication are also partners of crime. In the UK, the Public Order Act, 1992 is passed
to control cyber obscenity. Along with this, the Protection of Children Act, 1994 and
Criminal Justice Act, 1988 has also been revised. The First Amendment protects speech
and expression in the USA and reasonable restrictions can be imposed based on law,
social order, security and social progress. On this basis, obscenity can be curbed. As in

14
[1727] 2 S 788 KB.
15
1868 LR 3 QB 360,371.

Page | 305
 Conclusion and Suggestions

the case of Roth v US16, the court said that freedom of speech does not include
obscenity. The court held in Miller's case that material which is of prurient interest in
the current social level or depict offensively or sexually, and which has no artistic,
literary, scientific, or educational value will be obscene. The USA has passed the Child
Pornography Act, 1996 as well as the Child Online Protection Act, 1996 to deal with
child pornography.

In India, it is covered under IPC, 1860 and Section 67 of IT Act, 2000 and
depending on the victim POCSO Act may apply. The leading case related to cyber
obscenity was the Air Force School case in which accused minors were dealt under the
Juvenile Justice Act, 2011. The DPS MMS case is another leading case in which
obscene material was put on sale. The accused was a minor in this case too and dealt
with under Juvenile Justice Act. To deal with such a situation the central government
amended the Protection of Children from Sexual Offences Act, 2012 (POSCO Act),
and brought child pornography by minors under the jurisdiction of POSCO Act. This is
a commendable attempt by the central government to put child pornography under
POCSO Act and adopting zero-tolerance policy towards offence against children. It is
submitted that internet service providers (ISPs) can be given more responsibilities to
prevent these crime.

Cyber terrorism is a premeditated and politically motivated crime aimed at

committing violence. The whole world is affected by cyber terrorism, but still, there is
no definite definition of it. Berry Collins introduced the definition of cyber terrorism
by combining terrorism and cyberspace. According to Danning, there is a convergence
of terrorism on cyberspace, in which illegal attacks using computers are carried out.
Cyber terrorism is used in activities like cyber warfare, in which encryption, decryption
and related technologies are used. Hence, its investigation is quite complex. The
contributing factors in cyber terrorism are motivation, training, use of information
technology as a weapon. The first incident of cyber terrorism was seen when West
German hackers hacked the USA department of defence website. The Convention does
not specifically mention cyber-terrorism but it can come under content related crimes.
To curb incidents of cyber hacking, the USA passed the Patriot Act, 2001. The

16
[1957]354 US 476.

Page | 306
 Conclusion and Suggestions

Computer Fraud and Abuse Act was also amended to include misuse of computer by
terrorists and terrorised use of computers.

In the third chapter, I have studied global efforts to combat cybercrime.

Various international organizations have made efforts in this context such as the
Council of Europe, Interpol, European Working Party, African Regional Working
Party, G8 and G7 group, United Nations and Computer Emergency Response Team
(CERT), etc. Along with this, various countries have passed legislation to curb
cybercrime in their domestic jurisdiction. The European Convention has made
significant efforts in this regard. There are four chapters in the convention, which
include the definition in the first chapter, measures that should be taken at the national
level is in the second chapter. It includes offences related to confidentiality integrity
and availability and also includes illegal access, interception of data interference and
misuse of the device. The third category that is article 9 deals with content related,
whereas, the fourth category that is Article 10 is the offence related to copyright and
related rights. Conditions and safeguards are provided in Article 15, whereas, Articles
16 and 17 deal with the preservation of traffic data. However, Article 19 provides a
real-time collection of computer data, and extraterritorial jurisdiction regarding
cybercrime is provided in Article 20. The Cybercrime Convention touches almost all
aspects associated with cyber law. If all countries join it then there will be better
cooperation in this field. Interpol has asked the member state to cooperate in the
reciprocal arrangement for transfer of evidence. It is also said that some ISPs do not
provide evidence, so there should be some procedure for evidence extraction. Interpol
has also suggested that there should be global legislation to deal with cybercrime. The
European Working Party has developed an IT Crime Investigation Manual. This
manual is based on investigative experience. Likewise, African Regional Working
Party has coordinated and promoted the use of best practices in the field of Investigation
and prevention of cybercrime. The South Asian Pacific Working Party has also
attempted to deal with the cooperation and coordinated information sharing and
practical experience and knowledge to deal with cybercrime. Under this, Intelligence
Sharing Project, Information Sharing Project, Training Project and Computer Forensic
Project is being run so that a better task force can be created to tackle cybercrime.
Likewise, the Latin American Working Party for the supervision of the working group

Page | 307
 Conclusion and Suggestions

of Latin American Countries coordinates with Interpol and supervises cybercrime

cases. The OECD has given the nine principles of information security system, i.e.,
awareness, democracy, risk assessment, response, responsibility reassessment, security
management, security design and implementation. Similarly, G8 nations also believe
that there should be global legislation and a 24×7 hour network of expert assistance for
investigation should also be established, to assist law enforcement agencies, equipped
with technical resources. Similarly, the Commonwealth Nations draft legislation has
been made, but some members have not taken any action on it. The UN has also passed
several resolutions for the improvement of cybersecurity such as resolution number
55/63, which provides for international cooperation and coordination, there is more
emphasis on investigation and prosecution.

Since electronic evidence is fragile, therefore, the timely investigation is also

very important. Thus, it is very important to collect and exchange evidence promptly,
hence the need for trained expert officers and the timely collection of evidence and
exchange is necessary. The Cyber Security Emergency Response Team was formed in
several countries to deal with cybersecurity-related incidents. It was created in India by
the Information Technology (Amendment) Act, 2008. In UK, there is a separate Act to
deal with cybercrime investigation called the Regulation of Investigatory Power Act,
2000. It deals with investigation, interception and surveillance. The main objective of
the Act is to provide a balance between the right to privacy and investigation. The
concerned person in authority has the responsibility to protect the privacy of intercepted
materials. Such type of rule is not available in India, therefore, stress must be given on
the balance between investigation and privacy protection of individuals in India also.
The USA has made considerable progress in the investigation and sentencing of
cybercrime cases for which the Special Police Force, mainly the FBI, deals with
cybercrime cases. However, some questions are still unresolved, such as problems
related to privacy and jurisdictions, which the courts are trying to settle. Therefore, it is
concluded that transnational crime cannot be combated at the State level. Thus, there is
a critical need for the reciprocal arrangement of subjects related to investigation and
extradition treaty by international cooperation and coordination. The UN can take
necessary steps in this regard as its role is more to bring maximum countries together.

Page | 308
 Conclusion and Suggestions

The fourth chapter deals with procedural challenges in combating cybercrime.

It has been divided into three parts jurisdictional challenges, investigative challenges
and evidentiary challenges in combating cybercrimes.

The first part deals with jurisdictional issues in combating cybercrime. The
power of the court to make the lawful and binding judgment; includes judicial,
legislative and administrative competence. The relationship between sovereign nations
is governed by international law, as cybercrime is generally transnational; many nations
assume extraterritorial jurisdiction. However, in absence of an appropriate treaty, courts
may face practical difficulty in exercising jurisdiction.

Jurisdiction includes jurisdiction to prescribe, that is, sovereign authority to

make its law applicable; second adjudicative power is conferred to the court to decide
matters; whereas, enforcement jurisdiction is the ability to implement the law. This type
of jurisdiction is based on territory.

Extraterritorial jurisdiction comes into operation if the conduct is committed

beyond jurisdictional limits. There are six basic extraterritorial jurisdiction theories: (1)
territorial principle, according to this principle, the jurisdiction of the nation extends to
the dependent territory; (2) the nationality principle enables the State to exercise
extraterritorial jurisdiction on its own national irrespective of its location; (3) the
protective principle protects against attack on its critical infrastructure; (4) the
protective personality principle applies to the offence committed against national of a
State; (5) the effect doctrine enables to exercise extraterritorial jurisdiction with no
territorial or national connection, but has an impact on other nation; and (6) the
universality principle, authorises the State to have jurisdiction which is serious to
qualify as a crime under International law.

Cybercrime jurisdiction is an extension of the principle of extraterritorial

jurisdiction. However, cybercrime is committed against confidentiality, integrity and
availability of computer system or resource; the act may be committed that involves the
use of internet service or computer system or resources which may qualify it as a crime
under extraterritorial jurisdiction. Jurisdictional relation between international law and
State law has two distinct theories: monistic and dualistic theory. The monistic theory

Page | 309
 Conclusion and Suggestions

supports that municipal law is part of international law, whereas, the dualistic theory
claims that international law and municipal laws are two distinct spheres. International
law is a dynamic law, thus, the traditional principles of international law have extended
to formulate a new spectrum of cybercrime jurisdiction. The cybercrime jurisdiction
considers the State’s power over online behaviour, the effect of such online activity, the
validity of local sovereign rules and the impact of physical location to decide which set
of rules will apply. Though the internet has challenged territorially defined law, as
cybercrime impact is widespread, there can be the location of victim, perpetrator and
web server are in different parts of the world. In such a situation, the national legal
response has a limited implication to curb cybercrime. Cases, where more countries are
involved in a matter in dispute, are called abstract criminal jurisdiction and it challenges
the conventional theory of jurisdiction. For instance, if offensive content is posted on a
website, the general rule of jurisdiction provides that crime took place at the location
of the host computer. Whereas, since the publication is the continuing act, and continues
from the moment of uploading and onwards; one argument supports that it happened at
the location of the host computer and another argument supports that it happened in
every place where the material can be viewed. However, there is no clarity regarding
jurisdiction. Generally, all websites come with terms of service, privacy policy and
disclaimer subject to their domestic laws. In case of breach of service regarding terms
of service one may bind himself in a legal dilemma. Therefore, these positions need to
be more elaborate and clear regarding service agreements. The jurisdictional matters
are dealt with under Article 22 of the convention. Cybercrime, as per convention is an
extraditable offence, but extradition is a mutual legal process. India has a mutual legal
assistance treaty with only 34 countries. The extradition is a dual law, but it is a
discretionary power. Thus, it can be refused even if there are requisition and sufficient
cause for it. Therefore, there is a need to have separate laws on extradition of
cybercrime cases.

Jurisdictional Conflict should also be taken care of, as there is no clarity

regarding jurisdiction. These crimes do not necessarily occur at a specific place but at
numerous places simultaneously nor they are typically targeted at particular computers,
persons, or countries. In such a situation, if the perpetrator commits cybercrime from a
country that is a cybercrime safe haven, and if that is a national of that country, a

Page | 310
 Conclusion and Suggestions

negative jurisdictional conflict may occur. Positive conflict is a situation where more
than one country claims jurisdiction. Various theories have been proposed to deal with
cybercrimes, these are: (1) Theory of new sovereignty in which global society is being
created, which is independent of government organisation and it is a sort of self-
government; (2) Theory of jurisdictional relativity suggests that cyberspace should be
treated as a new zone, like Antarctica, Outer space and High Sea and new rules should
be created in this regard that is different from the rules of traditional jurisdiction. If a
citizen commits a crime in cyberspace, any country can take action in this regard as per
law; (3) Theory of website jurisdiction provides that there must be some connection
between website and jurisdiction; (4) The Principle of Minimum Contact suggests that
the courts may exercise jurisdiction over unlawful conduct of perpetrator if the criminal
is protected by the laws of other States, or if he proactively places his network activity
under the jurisdiction of other State courts. The jurisdictional challenges are the main
hurdle in investigating cybercrime. Jurisdiction is a concept that determines whether a
court has the power to adjudicate or not. In a cross-country dispute, the problem often
arises as to which country will have jurisdiction.

The second part of the present chapter deals with the topics related to the
investigation, I found that the confidentiality, integrity and availability of data are of
crucial importance, as any alteration leads to the destruction of evidence. The
cybercrime investigation involves surveillance which covers interception monitoring
and decryption. Surveillance can be done by CCTV and by analysing audit logs; the
decryption process on the conversion of non-illegible form to illegible form; the
interception is a process of acquiring data by a person other than the sender; monitoring
means inspecting information. The procedure and safeguard regarding surveillance,
monitoring and interception are provided under concerned rules by the Central
Government. During the search, examination, collection and preservation of electronic
evidence special care is needed, so that it can be relied on by the court. The image copy
of electronic evidence is generally used in evidence, thus, there is a need to protect data
from tampering. For this purpose, there are techniques available such as Bit stream,
which is the image copy of whole data, despite this; there have been cases of
mishandling of evidence. The collection, appreciation, analysis and preservation poses
unique challenges, which is why it makes the investigation more complex. Along with

Page | 311
 Conclusion and Suggestions

this, the distributed attack is very common which multiplies jurisdictional and technical
complexities intensifies the problem. Cybercrime can be transnational about the
location of the victim, criminal and evidence. The identification and extraction of
evidence require that the integrity of evidence be maintained. Different network
architecture requires different tools for the extraction of evidence. Digital forensic is
the process of appropriation of digital/electronic evidence. Thus, electronic evidence is
identified, extracted and analysed with the help of digital forensics. Cybercrime poses
technical challenges, resource challenges and legal challenges. The technical challenges
include different media formats such as encryption, steganography, etc. these features
add complexity to the problem. Resource challenge includes the volume of data and
time and time taken in analysing such data. Whereas, legal challenges include
jurisdiction and privacy-related matters. The most significant problem in legal
challenge is due to lack of reporting of crime, geographical anonymity, and dark web,
the inadequacy of law and procedure, legal framework difference and lack of technical
expertise. Along with this, with the increasing use of cloud computing, the problem
multiplies as in cloud computing system data is distributed on various nodes, which are
located on different servers located in different countries. The process of access and
identification is difficult because the role of ISPs is not clear.

Therefore, proper rules are required to be framed. The law enforcement

authorities, which do not provide authenticity to electronic evidence obstructs justice.
There is lack of enough experts for extraction and collection of evidence. The evidence,
if contaminated, increases the chances of injustice. Along with this, untrained and
unequipped police cause serious damage to electronic evidence and leads to injustice.
Lack of proper reporting is also a contributing factor. Hence, the help from the private
sector will certainly minimise the complexities in the investigation and prosecution
through proper coordination.

The third and the last part of the chapter, we have studied the evidentiary
challenges in cybercrime. In this chapter, we found that evidence means anything
necessary to prove a particular fact when such evidence is in electronic form / digital
form, it is called electronic evidence. Each of the categories of electronic evidence, such
as software input and output devices, constitutes electronic evidence and it is also

Page | 312
 Conclusion and Suggestions

known as digital evidence. Electronic evidence is the data that is created, manipulated,
stored and communicated by any device or computer or transmitted over a computer
system, such data is relevant in adjudication. It is delicate and can be altered, damaged
and destroyed by mishandling or improper examination, as it can be easily copied and
modified. Thus, careful collection, examination and preservation are needed. Therefore,
the reliability of digital evidence is the main problem in the admissibility of electronic
evidence. The data used in investigations that are stored or transmitted by a digital
device are called electronic evidence. For admissibility of electronic evidence, it must
be relevant, authentic and probative value must outweigh any prejudicial effect.

Evidence can be generated by humans by way of input, or record generated by

way of computers only and records comprising a mix of human input and simulation or
calculations, etc. Therefore, it is of three types: (1) Real evidence generated by the
computer itself through running software; (2) Hearsay evidence are records produced
by computers on basis of inputs supplied by human beings; and (3) Derived evidence
that combines real evidence with information supplied to it. Electronic evidence is
created on a computer mainly consists of hardware, software and also includes several
other components. The electronic evidence is unique; it consists of data stored as binary
code, and software used to interpret the binary code and content. The problem with
electronic data is it can be easily altered. Such alternation is less traceable. Again, it can
be obtained to the extent it is recorded. So, there are problems in forensic computing
that need to be resolved. The electronic record is defined as generated, stored and sent
or received in an electronic form or microfilm. However, data means information,
knowledge, fact, concept, or instruction, whereas, electronic form means any
information transmitted or stored in an optical or magnetic storage medium, or internal
memory or microfilm. Thus, electronic record, data and document in electronic form
means and includes any image, sound or text file in electronic form. Electronic record
has been granted legal status by Section 4 of the IT Act, 2000 if the information made
available or accessible or usable for subsequent reference.

In this chapter, we have found that evidentiary challenges in combating

cybercrimes are because of intangible and insufficient evidence, it has the potential to
cause substantial loss, as it can be committed anonymously, and it can be transnational.
The information contained in volatile memory may be lost if not collected immediately;
it may weaken the case or lead to injustice. The inactivity of Internet Service Providers

Page | 313
 Conclusion and Suggestions

may also cause the loss of critical evidence and if the evidence is incomplete or
inaccurate it may also lead to inadmissible evidence. The law enforcement agencies that
fail to provide the authenticity of electronic evidence may obstruct justice.

Further, the complexity in the technology provides an opportunity for the

perpetrator to penetrate the system using the loopholes and exploit it for their benefit.
The cybercriminal often leaves no physical clue and the electronic evidence can be
easily manipulated by the perpetrator to erase the evidence, leading to distortion of the
evidence. Moreover, the speed and impact intensify the problem. These are the issues
regarding, monitoring, preservation and maintenance of data. The Supreme Court in
Arjun Panditrao case17 has also directed the legislatures to make the rule in this regard.

The intangible nature of cybercrime makes conventional methods of gathering

evidence inadequate as the crime scene in cyberspace is entirely virtual. Moreover,
electronic evidence can be modified very easily. For instance, a perpetrator may set up
a program to erase all evidence from the computer if it is accessed by anyone other than
himself. Therefore, mere access in such cases may erase the evidence. Thus, specific
rules are required for the extraction of evidence and maintaining its authenticity.
Electronic evidence in India is now increasingly becoming very important. Evidence is
invariably being created either by us or by activities as time passed by in digital format.
There is an urgent need to be more aware of the nuances relating to electronic evidence
per se.

The electronic record is admissible according to Section 65 A, the content of

the electronic record can be proved in accordance with the provision of section 65 B.
The electronic record will be deemed admissible if conditions under section 65 B are
satisfied. Section 65 B provides that the computer system was used regularly during
said period to store data; the second condition says it must be shown that the electronic
record was regularly fed into the system in the ordinary course of business; the third
requirement is that the system was operating properly during the said period and even
if not working properly, it did not affect either the record or the accuracy of content;
and the fourth requirement is information contained in the electronic record should be
a reproduction or derived from the information fed into the computer in the ordinary

17
2020 SCC Online SC 571.

Page | 314
 Conclusion and Suggestions

course of said activity. Authorship of electronic records can be proved with the help of
a certificate by a person in authority.

The law regarding the admissibility of electronic evidence is still not clear. This
can be seen in the pattern of judgement regarding the admissibility of electronic
evidence. In the Dharambir case,18 the court directed the investigator to store the
evidence in a temperature-controlled room and an aseptic environment in the
cybercrime section of CBI or any convenient place. Thus, there must be some dedicated
department for the preservation and maintenance of electronic evidence, so that it can
be kept safe and free from contamination. Again, in HK Sethna case19, the court found
the CD wasn’t sealed before its production, therefore, it was not admissible. Hence,
there is a need to have and follow clear guidelines regarding collection, preservation
and production of electronic evidence before the court. In the State v Navjot Sandhu20
the court held secondary evidence can be given in absence of a certificate in accordance
with Sections 63 and 65 of the IE Act, 1872. Through this judgment, the Court permitted
the electronic records, even without the certification under Section 65B, admissible as
secondary evidence as per the provisions of Sections 63 and 65 of the IE Act, 1872.
In Vodafone case,21 also the court relied on Navjot Sandhu case, which was a clear
case of mis-interpretation of the law. Therefore, it is submitted that the judiciary needs
to be more efficient in procedure regarding the admissibility of electronic evidence.
In Anvar v. Bashir case22, the court categorically held that electronic evidence can be
proved only in accordance with section 65 B of the IE Act. The court reversed the stand
taken by court in Shafhi Muhammad case and again relied on Anvar v. Bashir
judgement. In the recent case of Arjun Panditrao Khotkar v. Kailash Kushanrao
Gorantyal23 the court overruled the earlier judgement of Tomaso Bruno24 and Shafhi
Muhammad case25 on the ground of misinterpretation of the law (per incuriam). The
Supreme Court held that a certificate under Section 65 B (4) is a 'condition precedent'

18
148 (2008) DLT 289.
19
2011(2) ALLMR 577.
20
(2005) 11 SCC 600.
21
Judgment No. 303 of 2010 in Summary Suit No. 3264 of 2009. Decided On: 22.11.2011.
22
AIR 2015 SC 180, MANU/SC/0834/2 014.
23
2020 SCC Online SC 571.
24
(2015) 7 SCC 178.
25
(2018) 2 SCC 801.

Page | 315
 Conclusion and Suggestions

to the admissibility of electronic records in the trial. Section 65-B (4) provides for the
certificate, which identifies the electronic record containing the statement and describes
the manner in which it was produced giving the particulars of the device involved in
the production of that record and deals with the conditions mentioned in Section 65-B
(2) and is signed by the person holding a responsible official position concerning the
operation of the relevant device shall be evidence of any matter stated in the certificate.

Thus, adequate procedures should be adopted for the collection and preservation
of evidence like the Regulation of Investigatory Power Act, 2000 in the UK. The main
objective of the Act is to balance between investigation and the protection of the right
to privacy. Similarly, in US there is Planning Tool for Resource Integration,
Synchronisation and Management (PRISM). It is a data tool and surveillance program
designed to collect and process data relating foreign intelligence. Such types of Act and
tools are not available in India, therefore, stress must be given on the balance between
Investigation and privacy protection in India also. Additionally, the liability of the third
person should be fixed who violates such laws. The task force for the cybercrime
investigation should be increased. Proper training programs should be imparted to every
concerned officer. The judiciary needs to be more accountable in the interpretation of
the admissibility of electronic evidence, as we have seen that the two judges’ bench
violates the judgement of three judges bench and goes ahead to misleading judgement,
which was later overruled on the ground of per incuriam.

In chapter five, we have done empirical analysis of cybercrime cases with the
available data of National Criminal Record Bureau and other surveys by various
organization at national and international level. As per NCRB - 2019 data,
approximately 15 percent of cases were found true, but they could not be prosecuted in
absence or loss of evidence. Further, the pendency of cases for investigation is 69
percent whereas the charge sheeting rate is only 39.1 percent. The pendency is 94.1
percent in courts for disposal of cases. The data suggest that there are huge pendency
and loss of evidence due to insufficient mechanism of collection and retrieval of
evidence.

Hence, we would like to submit that the first hypothesis is proved that in the
present scenario, the IT Act, 2000 is not sufficient to deal with the problem of

Page | 316
 Conclusion and Suggestions

cybercrime. The second hypothesis also holds true that the law enforcement agencies
are not well equipped to deal with the menace of cybercrime. Thus, the law should be
responsive to the challenging nature of cybercrime and constant updating and security
are required in this area of law, to cover within its ambit newly emerging crimes and
resolve the emerging techno-legal problem relating to admissibility of electronic
evidence. Cybercrime has the potential to cause harm to the maximum number of
people without much risk and therefore, cybersecurity is a very important emerging
area all over the world.

6.2 Suggestions

To curb the menace of cybercrime, following suggestions and submissions should

be adopted for effective legal regime related with Cybercrime in India at national and
international level based on findings after detailed analysis. These are as follows:

A: Suggestions at National Perspective

There must be global cyber legislation

There is need to have special security measures. The cybercriminals often take
advantage of vulnerability of computer system and network that is being attacked.
Therefore, a special security measure is essential to combat such cybercrime. The
domestic laws relating to information security had focused mainly to protect the
security, safety, and integrity of the country. It does not provide adequate measures for
protection of data. The data can be related to individual or corporate data. As suggested
by G8 countries in France, in May 2000, the cyber laws must be universalized to stretch
out sufficient security to people, or organisation, government and non-government
offices and ultimately the society at large.

The international police organization functions at global level to provide

essential assistance in the investigation and detection of cybercrime. It is a network of
around 200 countries and play an active role in curbing transnational criminality. It
helps in information sharing in case of cybercrime too that incorporates data in an
international database, which are made available to the countries concerned. It has also
suggested that there is a need of global legislation for combating cybercrime.

Page | 317
 Conclusion and Suggestions

Countries have established their own Incident Response and Computer Security
Teams to deal with cybercrime, within territorial limits. Such forum needs to be
developed at international level to share and exchange information.

A regulatory mechanism should be established to aid investigation and

protection from cybercrime
At present, many ransomware attacks and fraud related to Bitcoin (Bitcoin is a
type of money that is completely virtual) came into light, which affected the whole
world. But, in the absence of any regulatory mechanism at global level, it is not properly
dealt with. Till now the world could not reach agreement on this subject. Jurisdiction
related uncertainty makes the subject more difficult. Therefore, it is very important to
have a legislation at the global level, which should be implemented equally in all
countries.

Cybercrime investigation is a major problem in the world. In present scenario

jurisdictional uncertainty makes the problem more complex. Cybercrime committed
anonymously can cause an enormous amount of damage to the victim at distinct places.
Cybercrime can be committed beyond national borders by perpetrator without being
there physically. The trans-jurisdictional nature of information technology in the lack
of effective and adequate international cooperation to curb the crime, enables the
perpetrator to escape arrest and prosecution. Thus, there is need to have a tribunal at
global level, having jurisdiction and power to investigate, try and punish cybercrime
offenders. That is again only possible by means of having global legislation relating to
cybercrimes.

Central Emergency Response Team (CERT) should be more effective to

deal with problem of Cyber Terrorism
The nature of cyber terrorism is highly destructive. In present scenario, this type
of problem cannot be ruled out. The most accurate way to deal with any problem is to
identify the problem first and make every possible effort to deal with it. Cyber terrorism
can cause irreparable damage to national security and can adversely affect the economy
of the country. Since it is an international problem, so efforts should be made at
international level to deal with it. The Section 70B of the IT Act, 2000 provides for the
Indian Computer Emergency Response Team by the Central Government, which would

Page | 318
 Conclusion and Suggestions

act as a public office for agency for incident response. Its key purposes are examination,
collection, and dissemination of data about cyber incidents, evaluation and alert of
cyber security, take emergency measures and coordination of cyber incidents response
activities. There are at present six e-security technology being developed. The working
of CERT should be more cooperative with other security agencies at the national and
international level to deal with cyber-terrorism.

Promoting Mutual Legal Assistance Treaty with all countries

The Act recognizes the extraterritorial jurisdiction of cyber laws, however it
can't be applied effectively in situations where the perpetrator is from a nation with
which India has no mutual extradition treaty. This problem can be dealt with by making
suitable extradition treaty.

B: Suggestion at national perspective

Net security should be tightened up

The development of technology has proved to be a boon for the commercial

sector. This is an area that benefited the most due to the development of computer
technology. Nowadays, most of the business transactions are done online that is through
the internet, it may be at the national and international level. The increasing use of
computer technology in business has given rise to a new type of crime, which they
commit for monetary gains. In this era of globalization and liberalization, information
technology has led to unprecedented growth in business. There is an increasing
dependence on information technology and networks. By illegally intercepting
transactions criminals, commit cyber fraud. Therefore, it is essential to have an
adequate security mechanism to safeguard online banking transactions against possible
cyber frauds, cyber forgeries or misappropriation of money by cybercriminals.

Encryption technology should be used more

The data should be protected from any unauthorized and unlawful access,
manipulation and disclosure using encryption technology. Such encryption would
protect data, thereby preventing crime to some extent by protecting the integrity of data
from any sort of unauthorized access and manipulation. There is a need to develop

Page | 319
 Conclusion and Suggestions

encryption services for protecting the integrity of data from any misuse. Another
technique named steganography is also being used, which protects against network
invasion. In this technique, the information gets obscure to avoid detection. It consists
of messages, which are not readily discernible to the observer; it is a sort of secret
message.

Another option is a firewall tool, which alerts the user against illegal intrusion.
It consists of a software program that is used to monitor the flow of information between
computers and networks. It can also limit the amount of data flowing between one’s
computer and network. There is massive computerization of government, semi-
government and organizations, hence, their respective bodies must appoint expert
officers for protection and maintenance of computer resources and they should be
responsible for the lapse on the system.

Necessary steps should be taken for Intrusion management

In this method detection and investigation of cybercrime is a precautionary and

preventable measure in a computer system, which provides an effective control
mechanism. The functional vulnerability of computer systems should be checked and
controlled, to safeguard the authenticity, accuracy and integrity of data. The
investigation often reveals that the victim’s computer system was attacked, files were
damaged or corrupt and they have often failed to trace the source of the attack. Hence,
loopholes in computer security must be fixed with technology versions to make the
online environment safe and secure. The technique under the intrusion management
systems would always be applied to include protection against new viruses and worms.

Internet etiquette or Self-regulations should be used more

Self-regulation is somewhat essential in all spheres of life. Self-regulation by

net users is essential to curb the increasing menace of cybercrime. The Internet Service
Providers (ISPs) have a crucial role and they should adopt regulatory norms. The ISP’s
can pass and adopt an ethical norm that should be followed by them while providing
services. Therefore, a code of conduct should be prepared to be followed by computer
user and Internet Service Providers. Thus, the computer users and Internet Service
Providers (ISP) should use the healthy code of conduct.

Page | 320
 Conclusion and Suggestions

The law relating to search and seizure should be revised

The regulatory mechanism to control search and seizure needs to be more upgraded in
terms of new tools and techniques. The investigating agencies should be empowered to
obtain information from ISP’s depending upon the requirement of the case along with
preserving the right to privacy of concerned parties.

The voice recognition and caller ID protection should be used more against
unauthorized access

Technology is a powerful tool, which has given rise to crime and also provides a
remedies against such misuses of technology. The computer system can be equipped
with some security devices, which protect it from unauthorised access, such as voice
recognition tools as password. Voice recognizers identify the pattern of voice for
activation. It is protected from unauthorised access and also alerts the owner in case of
any unauthorised attack.

Development of Cyber Forensic and more widespread use of Biometric

techniques is needed

Cybercrime investigation requires technical assistance, which is based on cyber

forensics. It helps in identification, location, preservation and extraction of information
from computer system. It provides technical tools for investigation. Cyber forensic need
more research and development to provide an effective and efficient tool for cybercrime
investigation.

There are three components of cybercrime related forensics viz, cyber forensic,
computer forensic and software forensic, but these ate interrelated and forms a
cybercrime detection mechanism. Cyber forensic is another name of network forensics,
it is electronic evidence that conveyed across computer systems. The purpose of cyber
forensic is to identify, collect and preserve electronic evidence. Computer forensic
covers collection of evidence from a computer systems, which got seized at the location
of crime, used to remove concealed data from the system and disks. Computer forensic
helps in analyzing legal evidence, and also helps in the investigation and procuring

Page | 321
 Conclusion and Suggestions

evidence. While the software forensic deals with malicious code or program intended
to harm system and network. It helps in identifying the perpetrator.

Biometric technique is also helpful in identifying the perpetrator. It is the

process in which attributes of person, physical characteristic that are unique, got
analyzed by biometric device. For example, it analyses fingerprints, retinal scan. These
characteristics are unique in person and cannot be same in any two individuals. Thus,
helps in determining identity, which can also be used in more places as a security
mechanism.

The Cybercrime Research & Development Center should be established

When people get aware of cybercrime, the number of cybercrime cases will
automatically decelerate. It is important that people become aware, because every user
is a potential victim. Thus, awareness program and education will substantially decrease
the threat of cybercrime. It is evident from cases that the people who are less techno-
friendly often are trapped in financial fraud. Whereas, youngsters often get trapped in
a pornographic foul play and can even become a victim of blackmailing and other
similar crimes. Another category often falls prey of websites, which pretend to allow
free download of copyrighted material. In the pretext of download, it often induces
viruses in the system and no desired files at all. Hence, cybercriminal exploits the
vulnerability of system for fun and money. Therefore, cybercrime research and
development center should be developed to provide assistance for adequate solution of
possible threats and for conducting awareness program.

The Cybercrime Resource Center should be established

There is an urgent need to get Cybercrime Resource Center, having members

from different sectors of society, including personnel from a law enforcement agency,
IT professionals, cyber forensic experts and legal experts and members from banking
sectors, as most of the crimes are motivated by money. This organization would collect
information, analyse and disseminate the data, relating to cybercrime for proper
investigation. The center should also formulate some guidelines to ensure cyber safety.

Page | 322
 Conclusion and Suggestions

There should be Special Cyber Crime Investigation Cell and Cyber Police
for Cybercrime

The Cybercrime Investigation Cell works under the Central Bureau of

Investigation, it was notified in September, 1999 and started working from March 31,
2000. The cell has the jurisdiction all over India. It has the power to investigate the
offenses mentioned in Chapter XI of the IT Act, 2000 and is also empowered to
investigate into other cybercrime cases. It has headquarters in Delhi, Mumbai, Chennai,
Bangalore, Hyderabad and Kolkata.

Cybercrime police stations have been set up by the State Governments. As per
rules, these cells are handled by specially trained police officials assisted by information
technology experts as and when needed for the investigation of cybercrimes. But, in
reality they are not properly trained nor well equipped with information technology
assisted tools and have no adequate cyber forensic experts. The investigators should be
empowered to conduct search and access the data or information in private computer
systems and computer equipment’s etc. with the earlier approval by the magistrate.

Online Courts / E-Judiciary and Video-conferencing should be used for

speedy justice

To develop an efficient mechanism of cybercrime adjudication, the e- judiciary

framework as proposed under the National Policy on Information and Communication
Technology ought to be utilized successfully to ensure effective and speedy disposal of
cases. The national e-Court project has begun in July, 2007 for the e-judiciary and e-
governance network covering India's whole judicial system. This would ensure
transparency, speed and fairness in the adjudication of cases. It would likewise lessen
responsibility of the courts and will guarantee expedient disposal of cases because of
elimination of issues related with paper-based records like collection, maintenance,
retention etc. The retrieval and retention of electronic evidence is much easier.

Need for Cyber Crime Reporter or Cyber Law Journal

The statistics related to crime fails to reflect the true picture of cybercrime. The
reason for this is that ability of computer software makes the detection of cybercrime

Page | 323
 Conclusion and Suggestions

difficult. The victims of cybercrime often refrain from reporting to avoid unnecessary
harassment of time money and energy, and more time consuming judicial process.
Companies often refrain from reporting cybercrime in fear of loss of goodwill, or fear
of adverse publicity or any other detrimental repercussion.

Lack of necessary technical expertise is also contributing factor to non-reporting

of cybercrime cases. Crimes committed by unknown criminal makes the problem more
serious, because of lack of any idea about the criminal. In cybercrime cases are either
dropped due to lack of evidence, or it may be compromised by parties and very few
cases reach to a decision by the court. Therefore, it is very important that the cases
should be reported and scrutinised. Because the number of cybercrime cases is
increasing enormously, therefore, the publication of a Cyber Law Journal' will
definitely help from members of the Bar Bench and investigating agencies.

Page | 324