top of page



A general definition of cyber law states that it is a legal framework that governs all legal issues relating to the internet, computer systems, cyberspace, and information technology[1].

As the world grows more digitized and cloud-based, the computer and technology industries continue to thrive and adapt. Hackers and other cybercriminals routinely conduct information leaks, data breaches, and outright attacks as technology has become more pervasive in business and consumer affairs. The old saying "the best defense is a good offense" holds true in fields using computers. The need to protect users, networks, and the cloud is greater than ever as fraudsters become more cunning. Any illegal behavior that makes use of a computer as a tool, a target, or both is referred to as cybercrime. The world of the internet created by computers is known as cyberspace, and the rules that govern it or are now in force in this area are known as cyber laws or also known as IT laws. Since these regulations have global reach, they apply to all users of this cyberspace.

Cyber security is governed by a wide variety of laws, many of which are geographically territorial in nature. The penalties for the same range from fines to jail depending on the offense committed. The first cyber law to ever be passed was the Computer Fraud and Abuse Act of 1986. It forbids the misuse of digital data as well as unlawful access to computers.

Cybercrimes have increased along with internet usage. Today's media is filled with reports of various cybercrimes, including child pornography, crypto jacking, identity theft, and cyber terrorism. In cybercrimes, a computer is a tool, a target, or both that is used to carry out illegal activity. Electronic commerce (e-commerce) and online stock trading have dramatically increased in our quickly evolving digital age, increasing the number of cybercrimes.

The most prevalent type of crime in contemporary India is cybercrime, which has a catastrophic effect. Criminals not only seriously harm society and the government, but they also greatly conceal their identity. Technically skilled criminals engage in a number of illegal activities online. Although the term "cybercrime" is not defined in any act or statute approved by the Indian legislature, it has occasionally been interpreted by Indian courts. In India, cyber law is made up of a mix of intellectual property laws, contract laws, data protection laws, and privacy laws, with intellectual property being the most important aspect of information technology laws.

As computers and the internet take over the world and every part of our lives, cyber laws are becoming increasingly important. Cyber laws will regulate the digital exchange of information, e-commerce, software, information technology, and monetary activities. Cyber law encompasses all of these legal structures and regulating mechanisms, and these laws are critical to the success of electronic commerce.


The Model Law on Electronic Commerce on International Trade Law, which was accepted by the General Assembly of the United Nations in a resolution dated January 30, 1997, is what led to the creation of the Information Technology Act.

This resolution recommended, among other things, that all states give the aforementioned Model Law favorable consideration when revising or enacting new laws in order to maintain consistency among the laws of the various cyber-nations that apply to electronic alternatives to paper-based methods of communication and information storage. The bill was written by the Department of Electronics (DoE) in July 1998. However, it wasn't until the new IT Ministry was established on December 16, 1999 (after a lapse of over 1.5 years) that it could be introduced in the House. It underwent significant change as a result of suggestions made by the Commerce Ministry about e-commerce and issues relating to World Trade Organization (WTO) responsibilities.

Then, this joint proposal was reviewed by the Ministry of Law and Company Affairs. Following demands from the Members, the bill was submitted to the 42-member Parliamentary Standing Committee after it was introduced in the House. The bill will now include many recommendations from the Standing Committee. The Ministry of Information Technology only accepted proposals, though, so those were the only ones that were included. One of the ideas that generated a lot of discussion was the requirement that a cyber café proprietor keep a registration of the names and addresses of all customers as well as a list of the websites they visited.

The Information Technology Bill was endorsed by the Union Cabinet on May 13 and passed by both chambers of the Indian Parliament on May 17. The Information Technology Act of 2000 was created after the President gave his approval to the bill on June 9th, 2000. The Act became operative on October 17, 2000.

With time, as technology advanced and new ways of committing crimes online and through computers emerged, it became necessary to revise the IT Act, 2000 to include new categories of cyber offenses and close other gaps that prevented the law's effective implementation. As a result, the Information Technology (Amendment) Act, 2008 was passed and went into force on October 27, 2009. The IT Act of 2000 has undergone significant revisions as a result of the IT (Amendment) Act of 2008.


Any criminal activity involving a computer, networked device, or other connected equipment is considered a cybercrime.

Some cybercrimes are performed with the intention of generating income for the offenders, while others are committed with the express objective of damaging or incapacitating the computer or other equipment. It's also possible for uninvited parties to utilize computers or networks to spread malware, illegal data, images, or any other kind of content.

Cybercrime enables a wide range of financially motivated criminal actions, such as ransomware attacks, email and internet fraud, identity theft, and frauds involving bank accounts, credit cards, or other payment cards. The goal of cybercriminals may be to steal and sell both personal and business data. Cybercrime includes "virtual only" offenses including the dissemination of unauthorized images, documents, or private information.

Professional programming teams are also included in this group; they provide digitally stated efforts and products to everyone, from governments to unidentifiable individuals, including denial of service attacks and accountability for traded off systems. We will spend more time online, which will lead to an increase in the frequency of bad online activity. Law enforcement will undoubtedly go further online as a result of this trend.

The Information Technology Act, 2000 and the Indian Penal Code, 1860 both apply to cybercrimes in India. The Information Technology Act of 2000 is the law that addresses matters relating to online crime and internet trade. The Act was modified in 2008 to include a definition and punishment for cybercrime, nevertheless. Additionally, changes were made to the Reserve Bank of India Act and the Indian Penal Code 1860.

We do not have a specific definition of cybercrime however the Oxford Dictionary defines cybercrime as follows: “Criminal activities committed via computers or the Internet[2].”


Cyber grooming:

The practice known as ‘cyber grooming’ is developing a rapport with an adolescent in order to coerce, tease, or even force them into engaging in sexual activity.

Cyber bullying:

A cyber bully is someone who uses electronic tools like computers, mobile phones, laptops, etc. to harass or bully others. Cyber bullying is the term for bullying that takes place online.. It could involve the usage of social media, messaging services, gaming platforms, and mobile devices. This frequently entails repeating actions meant to frighten, infuriate, or degrade the targets.

Cyber stalking:

Cyber stalking is the practice of harassing or stalking someone over the internet or through other technological means. Through texts, emails, social media posts, and other channels, cyber stalking is frequently persistent, methodical, and intentional.

Child sexual exploitation or child pornography (CSAM):

Child sexual abuse materials (CSAMs) are, in the broadest sense, any type of media that includes sexual imagery of any kind that may show the victimized or exploited child. A provision in the Information Technology Act specifies that it is unlawful to publish or transmit any content electronically that shows youngsters engaging in sexually explicit behavior[3].

Identity theft and impersonation:

When someone fraudulently uses an electronic signature, a password, or any other unique identifier on another person's behalf, they are engaging in impersonation or risking identity theft.


Vishing involves utilizing victims' phones to steal private information. To trick victims into disclosing personal information and granting access to personal accounts, cybercriminals employ sophisticated social engineering techniques. Vishing connives to convince victims that they are being courteous by returning the call, much like phishing and smishing do. Many times, callers will pose as representatives of the government, the tax authority, the police, or the victim's bank.

Online sextortion:

Online sextortion: These criminals use threats to coerce victims into providing them with a sexual image, a sexual favor, or money.


Phishing fraud occurs when an email purports to be from a reliable source but actually contains a harmful attachment that is intended to steal the user's personal information, such as their ID, IPIN, Card number, expiration date, CVV, etc., before selling the data on the dark web.

Trojans, worms, and viruses:

A programme known as a computer virus is made to penetrate your computer, damage or alter your files or data, and then replicate itself. Worms are malicious software applications that duplicate themselves on the local drive, network shares, and other sites. A virus is not the same as a Trojan horse. It's a malicious programme posing as a trustworthy programme. Trojan horses can be just as deadly as viruses despite not replicating themselves. Trojans give malicious people and applications a backdoor into your computer, allowing them to steal sensitive and private data.

Debit card fraud or credit card fraud:

These crimes involve making unlawful transactions using or withdrawals from another person's card in order to access their funds. Credit/debit card fraud is the use of a customer's account to make unauthorized purchases or cash withdrawals. When a criminal has access to the cardholder's debit/credit number or personal identification number, fraudulent conduct takes place (PIN). Hackers or dishonest employees may get your information.


India's cyber laws have aided in the growth of electronic commerce and government by ensuring maximum connection and reducing security concerns. Additionally, this has increased the scope and efficiency of digital media and made it accessible in a larger range of applications.

Information Technology Act, 2000

The Information Technology Act, which came into effect in 2000, regulates cyber laws in India. The main goal of this Act is to safeguard e-Commerce's legal protection by making it simple to register real-time records with the government. The sophistication of cybercriminals and people's propensity to abuse technology led to a number of adjustments. The Information Technology Act highlights the severe penalties and sanctions enacted by the Indian Parliament to protect the e-government, e-banking, and e-commerce industries. The scope of Information Technology Act has been expanded to include all modern communication devices. Some of the important provisions of the act are as follows:-

Section 43: This section of the IT Act is applicable to those who commit cybercrimes, such as harming the victim's computer without the victim's consent. If a computer is damaged in such a case without the owner's permission, the owner is completely entitled to a refund for the whole damage[4].