Back India


    Status regarding Budapest Convention

Status regarding Budapest Convention

Status : NA Declarations and reservations : N/A See legal profile

Cybercrime policies/strategies

The Government of India has not yet adopted specific national cybercrime policies or strategies. However, on 2nd July 2013, it launched the National Cyber Security Policy, 2013. The vision and mission of National Cyber Security Policy, 2013 are to build a secure and resilient cyberspace for citizens, businesses and Government and also to protect information and information infrastructure in cyberspace and also build capabilities to prevent and respond to cyber terror threats, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, process, technology and cooperation.

 

The Indian Government is in the process of formulating the National Cyber Security Strategy 2020 (NCSS 2020) to cover a five-year timeframe (2020-2025).

Specialised institutions

The Government of India has set up the specialized cybercrime institutions being Indian Computer Emergency Response Team (CERT-In) (http://www.cert-in.org.in/) & The National Critical Information Infrastructure Protection Centre (NCIIPC) (https://meity.gov.in/writereaddata/files/GSR_19%28E%29_0.pdf)

India has also set up various specialized cybercrime police stations throughout India including in Bangalore, Hyderabad, Mumbai, Delhi, Chennai, Lucknow, Trivandrum, Assam, Thane, Pune, Gujarat, Jharkhand, Haryana, Himachal Pradesh, Jammu, Kerala, Meghalaya, Orissa, Bihar, Punjab, Uttar Pradesh, West Bengal, Uttarakhand (Dehradun) etc. (https://www.infosecawareness.in/cyber-crime-cells). The Central Bureau of Investigation has got a cybercrime cell. However, there is no specialized cybercrime office and also no structure regarding Judges trying cybercrimes in India per se.

The Indian Cyber Crime Coordination Centre (I4C) - https://mha.gov.in/division_of_mha/cyber-and-information-security-cis-division/Details-about-Indian-Cybercrime-Coordination-Centre-I4C-Scheme  and National Cyber Crime Reporting Portal - https://www.cybercrime.gov.in/ were inaugurated in January 2020 (https://pib.gov.in/PressReleasePage.aspx?PRID=1599067).

Jurisprudence/case law

India has only limited number of convictions for cybercrime. However, some important case law is available. A decision pertaining to electronic evidence is Anvar PK v/s P K Basheer. In the said matter, the Supreme Court of India has categorically held thus:

Any documentary evidence by way of an electronic record under the Evidence Act, in view of Sections 59 and 65A, can be proved only in accordance with the procedure prescribed under Section 65B. Section 65B deals with the admissibility of the electronic record. The purpose of these provisions is to sanctify secondary evidence in electronic form, generated by a computer. It may be noted that the Section starts with a non obstante clause. Thus, notwithstanding anything contained in the Evidence Act, any information contained in an electronic record which is printed on a paper, stored, recorded or copied in optical or magnetic media produced by a computer shall be deemed to be a document only if the conditions mentioned under sub-Section (2) are satisfied, without further proof or production of the original. The very admissibility of such a document, i.e., electronic record which is called as computer output, depends on the satisfaction of the four conditions under Section 65B (2).”

In State of Delhi v. Mohd. Afzal & Others 2003 (3) JCC 1669 which is known as the Parliament House Attack case, the Delhi High Court held that electronic records are admissible as evidence. The appeal was filed in the Supreme Court of India entitled State v Navjot Sandhu(2005) 11 SCC 600, wherein the Hon’ble Supreme Court held that in the said case, the certificate containing the details in Section 65B (4) is not filed, but that does not mean that secondary evidence cannot be given. The law permits such evidence to be given in the circumstances mentioned in the relevant provisions, namely, Ss. 63 and 65 of the Indian Evidence Act 1872.

Further, the Supreme Court of India in K.K.Velusamy vs. N.Palanisamy (2011) 11 S.C.C.275, considered the issue regarding the telephonic conversation recording and came to a conclusion that a disc containing recording of telephonic conversation could be valid evidence according to Section 3 of the Evidence Act and Section 2 (t) of the IT Act. The Hon'ble Supreme Court has further observed that electronically recorded conversation is admissible in evidence, if the conversation is relevant to the matter in issue and the voice is identified and the accuracy of the recorded conversation is proved by eliminating the possibility of erasure addition or manipulation

Sidhartha Vashisht @ Manu Sharma Vs. State (Nct Of Delhi) on 19 April, 2010, Criminal Appeal No. 179 OF 2007, the Supreme Court of India held as follows:

  • “153) Summary of our Conclusion:
  • 3) Phone calls made immediately after an incident to the police constitutes an FIR only when they are not vague and cryptic. Calls purely for the reason of getting the police to the scene of crime do not necessarily constitute the FIR. In the present case, the phone calls were vague and therefore could not be registered as the FIR. The FIR was properly lodged as per the statement of Shyan Munshi PW-2.
  • 11) Every effort should be made by the print and electronic media to ensure that the distinction between trial by media and informative media should always be maintained. Trial by media should be avoided particularly, at a stage when the suspect is entitled to the constitutional protections. Invasion of his rights is bound to be held as impermissible.

Sources and links

The National Cyber Security Policy, 2013- https://meity.gov.in/writereaddata/files/downloads/National_cyber_security_policy-2013%281%29.pdf

Information Technology Act, 2000 (No. 21 of 2000)- http://meity.gov.in/content/information-technology-act

Information Technology (Intermediary Guidelines) Rules, 2011- http://meity.gov.in/sites/upload_files/dit/files/GSR313E_10511(1).pdf

Information Technology (Reasonable Security Practices And Procedures And Sensitive Personal Data Or Information) Rules, 2011- http://meity.gov.in/sites/upload_files/dit/files/GSR314E_10511(1).pdf

Indian penal code, 1860- https://indiacode.nic.in/bitstream/123456789/2263/1/A1860-45.pdf

Code of Criminal Procedure, 1973- (Cr.PC)-http://www.advocatekhoj.com/library/bareacts/codeofcriminalprocedure/index.php?Title=Code%20of%20Criminal%20Procedure%20Act,%201973 

Indian Computer Emergency Response Team (CERT-In)- http://www.cert-in.org.in/

The national critical information infrastructure protection centre (NCIPC)- https://meity.gov.in/writereaddata/files/GSR_19%28E%29_0.pdf

G8 24/7 point of contact- http://www.oas.org/juridico/english/cyb_pry_G8_network.pdf

Mutual Legal Assistance Treaties (MLAT)- http://legalaffairs.gov.in/documents/mlat

Budapest Convention and the Information Technology Act - https://cis-india.org/internet-governance/blog/budapest-convention-and-the-information-technology-act

Tools on Cybercrime & Electronic Evidence Empowering You!

These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe. 

Contribute

  Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?

  Share this information with us helping to keep this platform up to date.

Useful links