All posts by : Aditri Nischal

About the author:

Aditri Nischal is a diligent and enthusiastic student from Bangalore, currently enrolled in the 11^th grade at Stonehill International School. Growing up in a supportive and intellectually stimulating environment, she has developed a keen interest in justice and human rights advocacy. Aditri aspires to pursue an undergraduate degree in political science with a vision to contribute meaningfully to the legal field.

Abstract

The focus of this research study will be on India’s critical problems in curbing cybercrime within its existing legal frameworks and law enforcement capabilities. While some existing laws such as the IT Act (2000) and the Indian Penal Code are brought into question for their insufficiency in combating modern cyber threats, many other laws are questioned for their inadequacy in dealing with cyber threats. Due to the unavailability of experts, poor resource allocation and grey areas in determining jurisdiction, police operations currently have limited capability in cybercrime investigations. Dealing with digital proof is also a factor as a result of unsteady and multifaceted arrangement of digital formats. This paper calls for the legislation of a new Cybersecurity Act, an increase of the skill levels of law enforcement officials and international cooperation through the use of new technologies such as blockchain and AI.

Introduction

The digital era allowed nations to reach an unrivaled level of connectivity and technological evolution, giving people the power to transform every area of our lives. However, individuals, businesses, and nations have also become targets of new kinds of crimes. A new kind of transnational threat, cybercrime has quickly developed an ability to inflict damage on individuals’ privacy, firms’ financial security, and even countries’ security. India, which is a prominent participant in the digital economy with an expanding internet penetration, has become the prime victim of cybercrime (Ganesh Makam, 2023). National Crime Records Bureau showed that over 52,974 cybercrime cases were reported, a 14.8% increase from the previous year (Scholarworks and Tientcheu, 2021).

Organizations and businesses are exposed to credible damages associated with cyberattacks such as breakdown-related issues, damage to reputation and financial costs. The Computer Emergency Response Team of India (CERT-In) summed up that there were 14.63 lakhs of cybersecurity incidents that occurred in the year 2021 alone (Cremer et al., 2022). Law enforcement demands advanced training, technology, and international collaboration. Cybercrime investigations and prosecutions need effective electronic evidence handling due to its volatility, complexity and comparability. 

This study examines India’s cybercrime space and suggests solutions to strengthen law enforcement’s electronic evidence management and regulations (Kiritbhai et al., 2023). It will examine cybercrime legislation, law enforcement capabilities, and electronic evidence management. The study provides practical recommendations and emphasizes the necessity for a coordinated response to this important policy challenge through legal reforms and amendments, advanced training for police forces, technology, and international collaboration.

Legal Framework for Combating Cybercrime in India

Existing cybercrime laws in India are mostly subsumed within the IT Act, 2000 (IT Act) and the Indian Penal Code (IPC). By enacting the IT Act, we get a framework for crimes committed in cyberspace and the security of online transactions and data. However, one noticeable trait of the IT Act is its wide range. It covers many internal sections of cybercrime related to unauthorized access to cyber networks, theft of electronic data, and computer crimes such as hacking, phishing, and identity theft.

While the IT ACT has advantages it is not meant to be a choke point for cybercriminals who are determined to master dangerous cybercrimes such as cyber terrorism and ransomware attacks. Further, this sets the procedural features which entail e-evidence, cross-border investigations and so forth, on hold for improved notice. The Indian Penal Code (IPC) although not having an exclusive application for cybercrime, presents provisions that can be used to punish certain crimes committed through digital means such as fraud, cheating and harassment. 

Though the IPC is applied in cybercrime scenarios with limited success, it was introduced earlier than the current times of electronic crimes which is why it is not compatible with the unique challenges of technology attacks today. One of the weaknesses of the present legal architecture is the absence of synchronization between the IT Act and the IPC, which has the possibility of incurring contradiction or confusion in its operation (Peters, 2022). Moreover, the law lacks provisions relating to interoperation and coordination on the international platform which is necessary to curb the borderless nature of cyber-crimes. Although existing laws have substantially contributed to combating cybercrime, an up-to-date, comprehensive legal framework is required for actively confronting cyberthreats today (Peters, 2022). 

Filling up the gaps and shortcomings of existing laws, multi-national cooperation, and strengthening the procedures of electronic evidence & extraterritorial investigations are indispensable measures for the development of a legal structure to counter cybercrime in India. India should alter and restructure its legislative framework to handle increasing cyber threats and challenges. By adopting certain amendments and reforms, India can build a sturdy and complete legal regime that handles the emerging cybercrime scenario, bolsters cooperation between nations and hardens the cybersecurity stance of the country.

Policy Recommendations

Law enforcement bodies necessarily face tremendous difficulties in cybercrime investigations and prosecution because digital technology is complex and fast-paced.  Expertise is one of the main difficulties that law enforcement agents currently face in India. The investigation of cybercrime demands a high level of expertise and skills in digital forensics, network analysis, and cybersecurity which is missing in policing in India. Insufficient resources such as the lack of sufficient budget, obsolete tools, and personnel shortages are roadblocks that challenge agencies’ efforts (Katharina Kiener Manu, 2019). 

There is a sharp increase in the volume and complexity of digital evidence, which is coupled with the need for specialized hardware and software.  Another difficulty that can be identified is the issue of jurisdiction since cybercrime is often cross-border. Deciding on the right areas of jurisdiction along with the coordination of more than one agency or country is a very complex and time-consuming process that could lead to delays in investigations and prosecutions (Boadu, 2022).

Moreover, acquiring and storing electronic proof is a crucial part of cybercrime probation. However, its uniqueness poses some specific problems. The problematic aspect of digital data is its unstable nature, the chance of copying or destruction, and the necessity to possess specific instruments and approaches. It is difficult to guarantee proof of authenticity and admissibility. The use of electronic evidence in court sometimes also can be problematic. Judges and juries may be uninformed in terms of understanding complex digital evidence. They often need experts and illustrations of the relevance of the evidence. Solving these problems is vital for law enforcement to detect the cybercrime phenomenon (Sarkar, 2023; Shukla, 2023).

Creating a law enforcement cybercrime unit with highly trained digital forensics, network analysis, and cybersecurity professionals is a tactic that can help law enforcement fight cybercrime (Ochieng, 2023). These units should have the latest forensic software, decryption tools and data analysis platforms to investigate and prosecute cybercrime cases.  Encouraging law enforcement, commercial companies, and university research institutes to share information is another effective measure. Working with cyber security corporations, technological companies, and research groups would provide law enforcement with cutting-edge information, resources, and threat intelligence to better cybercrime prevention and police. 

Furthermore, providing and maintaining adequate capacity learning programs and constant training facilities to improve the level of skill and effective ability of law enforcement officials is crucial (Bondarenko et al., 2020). Recurrent exercises, workshops, and certifications would lead to the coverage of subjects such as new cyber threats, proper handling of digital evidence, and the use of modern investigation techniques and solutions. Collaborating with technical schools and business authorities will support the principle of creating and donating these training systems, foster international cooperation and free exchange of information among law enforcement departments within countries as well as internationally.

Cybercrime tends to pass country borders. Thus the development of joint efforts and involvement of resources, intelligence sharing, and effective coordination is required to overcome interconnected cybercriminal organizations (Wang et al. 2020). Through the adoption of these mechanisms, law enforcement bodies can become even more capable of addressing the increasing cybercrimes and, of course, people, businesses, and national security interests which are in the digital age.

The handling of electronic evidence has its challenges which mark the major complex features of digital data. Volatility in digital data (which can be accidentally removed, altered, or corrupted) represents one of the main obstacles to introducing it as evidence in a court of law (Chikuruwo and Gamundani, 2023). This erratic nature of big data warrants specific tools and methods for the acquisition, conservation, and analysis to help maintain the chain of custody and avoid loss or accidental modification. The problem of a huge variety of digital devices and electronic file formats is also highly important. 

Moreover, law enforcement agencies must acquire tools to handle, process, and analyze different forms of digital evidence like emails, SMS messages, social media data, and multimedia files that are coming from different sources including personal smartphones, computers, and surveillance systems. This calls for technology, knowledge, and procedures that can properly be used towards such ends. The issue of tampering or destroying evidence occurs, as cybercriminals will seek to alter or eliminate electronic evidence to hide their tracks (Chikuruwo and Gamundani, 2023). 

The application of significant security practices, such as encryption, access controls, and maintenance of audit trails is imperative to preserve the integrity of electronic evidence and ensure a secure chain of custody. Consequently, solving these problems implies the adoption of a complex strategy (Anand, 2016). For instance, training personnel in advanced forensic techniques, applying the latest security protocols, building partnerships between police, technology companies, and courts become vital to the law enforcement process.

A country that has used similar tools to achieve the same objectives is known to be the United States, with their cybercrime units, information sharing partnerships, training programs, electronic evidence management, use of advanced technologies and the implementation of secure forensic labs (Bondarenko et al., 2020). Through the establishment of various units within law enforcement agencies to combat cybercrime, such as the cyber division in the Federal Bureau of Investigation (FBI) focused on investigating and preventing cyber threats, the units consisting of highly trained professionals in digital forensics, network analysis and cyber security are equipped with data analysis platforms and forensic software. Even the coalition partnerships between the United States and other law enforcement agencies, commercial companies and academic institutions have been facilitated in such a manner that collaboration and information sharing on cybercrime prevention and investigation has taken place (Manu, 2019).

The US also provides extensive training programs with all-encompassing resources that aid in the enhancement of skills of law enforcement officials to handle cybercrime cases and digital evidence. The FBI’s Cyber Training Academy offers courses on digital forensics, cyber threat intelligence, and incident response (Cremer, 2022). Additionally, collaborations with universities and technical schools help to ensure that law enforcement personnel receive up-to-date training on emerging cyber threats and investigative techniques. In terms of electronic evidence management, the U.S. has implemented robust protocols and standards to ensure the integrity and admissibility of digital evidence in court. Guidelines such as those provided by the National Institute of Standards and Technology (NIST) and the Scientific Working Group on Digital Evidence (SWGDE) help to establish best practices for acquiring, preserving, and analyzing digital evidence (Sarkar and Shukla, 2023). The U.S. also maintains dedicated digital forensics laboratories with strict access controls and standardized procedures. By adopting these strategies and leveraging technological advancements, the United States has made significant strides in enhancing its law enforcement capabilities and electronic evidence management, serving as a model for other countries facing similar challenges in combating cybercrime.

Conclusion

This research paper has pointed out the issue of the legal system and law enforcement of India in terms of combating cybercrime and the collection of digital evidence. It contains these recommendations: adoption of a cyber security law, modification of traditional laws to take into consideration emerging trends, fostering international cooperation, and setting up specialized cybercrime units in the law enforcement sector (Makam, 2023). A coordinated effort that comprises legislation reforms, institution-building programs, and an embracement of the best practices is vital for addressing this policy challenge.  Through these preventive measures, India can gain confidence among its people, strengthen their security, and make the digital space a more friendly environment for innovations and economic development. The application of upcoming technologies like blockchain and AI would be useful, as the development of more refined forensic methods and tools, and harmonization of cybercrime laws and regulations from country to country. Thus, by taking proactive measures to strengthen its cybersecurity profile, India safeguards its digital infrastructure and prevents its citizens as well as businesses from cybercrime to position itself as a leader in the global combat against cybercrime.

References

• Anand S. 2016. Analysis of Indian Legal Framework for Cyber Crimes. Lawdocsin. [accessed  2024 Apr 1]. https://lawdocs.in/blog/analysis-of-indian-legal-framework-for-cyber-crimes.
• Boadu E. 2022. A framework for promoting health and safety through procurement in the construction industry in developing countries: A case of Ghana. Accessed from: https://unsworks.unsw.edu.au/entities/publication/7a00fecd-022d-4141-b102-eef1a10b4aad.
• Bondarenko V, Okhrimenko I, Yevdokimova O, Sydorchuk N, Dzhezhyk O, Boichuk I,  Kalashnik N, Kozlovets M, Slyusar V, Pavlenko V, et al. 2020. Professional skills and competencies of the future police officers. International Journal of Applied Exercise Physiology. 9(5):35–43. [accessed 2024 Apr 2]. http://eprints.zu.edu.ua/32751.
• Chikuruwo SR, Gamundani A. 2023. The Effects of Volatile Features on Digital Evidence  Preservation. SSRN Electronic Journal. 1(1). doi:https://doi.org/10.2139/ssrn.4332846.
• Chin K. 2023 Mar 2. Top Cybersecurity Regulations in India [Updated 2023] | UpGuard.  Accessed from: https://www.upguard.com/blog/cybersecurity-regulations-india.
• Cremer F, Sheehan B, Fortmann M, Kia AN, Mullins M, Murphy F, Materne S. 2022. Cyber risk and cybersecurity: A systematic review of data availability. The Geneva Papers on Risk and Insurance – Issues and Practice. 47(3).  Accessed from: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8853293/.
• Ganesh Makam. 2023. Cybercrime and Electronic Evidence in India: a Comprehensive Analysis. Social Science Research Network. 1(1). doi:https://doi.org/10.2139/ssrn.4475784.
• Katharina Kiener Manu. 2019. Cybercrime Module 6 Key Issues: Handling of Digital Evidence. Accessed from: https://www.unodc.org/e4j/zh/cybercrime/module-6/key issues/handling-of-digital-evidence.html.
• Kosseff J. 2023. Upgrading Cybersecurity Law. Houston Law Review. 61(1):51–90. [accessed  2024 Jan 21]. Accessed from: https://houstonlawreview.org/article/90792-upgrading-cybersecurity-law.
• Kwan Yuen Iu, Vanessa Man-Yi Wong. 2023. The trans-national cybercrime court: towards a new harmonization of cyber law regime in ASEAN. International Cybersecurity Law Review.  1(1). Accessed from doi:https://doi.org/10.1365/s43439-023-00105-x.
• Ochieng BW. 2023. Enhancing Cybercrime Investigation Effectiveness: A Multifaceted Analysis Of Information Technology Tools, Digital Evidence Quality, And Law Enforcer Security Measures. Kcauacke. 2(1). [accessed 2024 Mar 29]. Doi: https://repository.kcau.ac.ke/handle/123456789/1533. 
• Patel BN. 2020 Jul 2. National Security of India and International Law. [accessed  2024 Apr 2]. Accessed from: https://brill.com/display/title/56735.
• Patil H, Ravshish Kaur Kohli, Puri S, Puri P. 2024. Potential applicability of blockchain technology in the maintenance of chain of custody in forensic casework. Egyptian Journal of Forensic Sciences. 14(1). doi: https://doi.org/10.1186/s41935-023-00383-w.
• Peters GC. 2022 Mar 2. S.3600 – 117th Congress (2021-2022): Strengthening American Cybersecurity Act of 2022. Congreso. Accessed from: https://www.congress.gov/bill/117th-congress/senate bill/3600.
• Sarkar G, Shukla SK. 2023. Behavioral analysis of cybercrime: Paving the way for effective policing strategies. Journal of Economic Criminology. 2(1):100034.  doi: https://doi.org/10.1016/j.jeconc.2023.100034.