Is Cyber Laws Sufficient In India To Protect From Cyber Crimes?
By- Vaishnavi Joshi
Any Criminal activity which takes place in the virtual cyberspace, which involves the use of any computer or any electronic instrument is considered as cyber crime. There are many types of cyber crime like Cyber bullying, Cyber stalking, and Phishing etc. due to which it became an absolute need of an hour to develop and implement certain cyber laws in the Indian domain. India's extensive software infrastructure also makes it highly vulnerable to cyber security incidents. In 2021, these incidents included unauthorized access and disclosure of personal data from around 4.5 million customers of a leading Indian airline, as well as the exposure of roughly 180 million users' personal information from a well-known food chain's database.
According to a recent report by Check Point Research (CPR), India tops the list of countries most affected by cyber attacks, with organizations in India experiencing an average of 213 ransomware attacks per week. According to the findings of The State of Ransomware 2021 survey conducted by cyber security firm Sophos, approximately 68% of Indian organizations affected by data breaches in the 2020-21 period opted to pay ransoms to regain access to their data.
The first legislation in this field in India was Information Technology Act, 2000 (IT Act) and was followed by Information Technology Rules (IT Rules) However we realize that the IT Act is not the only enactment covering cyber crime. The Indian Penal Code could also be used to prosecute against cyber crimes or to the supplement provisions of the IT and many more but there always persisted the problem of coping with the fast and ever changing industry or cyber law and cyber crime. The existing legal framework in India falls short in effectively addressing cyber crime. The primary legislation regulating cyber crime in India is the Information
Technology (IT) Act, which was established in 2000. However, this law has various deficiencies, such as the absence of provisions to tackle issues like cyber bullying, cyber stalking, identity theft and revenge porn. Furthermore, the penalties outlined in the IT Act for cyber crime are not sufficiently stringent to serve as an effective deterrent. Unlike other laws which can take its due course, IT Acts are bound to be keep up with the tremendous changes in the industries. So ultimately it is not a question of new acts or laws but of existing laws and acts trying to keep up with the fast pace of cyber industry. Another such problem is that there are no procedural rules when it comes to the investigation procedure as there is a huge difference that exists in the electronic evidence and traditional evidence. Another major issue that persists is the lack of any umbrella legislation in this field and one such much awaited change in the space of cyber law jurisprudence is the National Cyber Security Strategy, cyber crimes like phishing, identity theft which in the recent years are on peak and are not appropriately covered under the current cyber law regime will be covered under the National Cyber Security Strategy the only downside till date of this strategy is that this strategy doesn’t have any penal force behind it and is not mandatory in nature but is only directory.
The government here is required to have a constant check on the changes in the field of cyber security and must adapt to the changes and there feels a constant need to implement a stricter legislation in comparison to the present one. The need for an umbrella legislation also feels eminent and must be done in a speedy manner. So to answer the question that are the current cyber laws sufficient to protect form cyber crime? The answer to this is a simple no, but India is working on creating multiple frameworks for a global standard cyber law, as part of ongoing deliberations with G20 countries, Minister of State for Electronics and Information Technology (MeitY) Rajeev Chandrasekhar said in his inaugural address at the Global DPI Summit in Pune. So in the coming years India will definitely have an effective and sufficient cyber law regime.
