Categories
Blog Cyber Laws

Landmark Cyber Law cases in India

By:-Muskan Sharma

Introduction

Cyber Law, as the name suggests, deals with statutory provisions that regulate Cyberspace. With the advent of digitalization and AI (Artificial Intelligence), there is a significant rise in Cyber Crimes being registered. Around 44, 546 cases were registered under the Cyber Crime head in 2019 as compared to 27, 248 cases in 2018. Therefore, a spike of 63.5% was observed in Cyber Crimes[1].

The legislative framework concerning Cyber Law in India comprises the Information Technology Act, 2000 (hereinafter referred to as the “IT Act”) and the Rules made thereunder. The IT Act is the parent legislation that provides for various forms of Cyber Crimes, punishments to be inflicted thereby, compliances for intermediaries, and so on.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course! 

However, the IT Act is not exhaustive of the Cyber Law regime that exists in India. There are some judgments that have evolved the Cyber Law regime in India to a great extent. To fully understand the scope of the Cyber Law regime, it is pertinent to refer to the following landmark Cyber Law cases in India:

  1. Shreya Singhal v. UOI[2]

In the instant case, the validity of Section 66A of the IT Act was challenged before the Supreme Court.

Facts: Two women were arrested under Section 66A of the IT Act after they posted allegedly offensive and objectionable comments on Facebook concerning the complete shutdown of Mumbai after the demise of a political leader. Section 66A of the IT Act provides punishment if any person using a computer resource or communication, such information which is offensive, false, or causes annoyance, inconvenience, danger, insult, hatred, injury, or ill will.

The women, in response to the arrest, filed a petition challenging the constitutionality of Section 66A of the IT Act on the ground that it is violative of the freedom of speech and expression.

Decision: The Supreme Court based its decision on three concepts namely: discussion, advocacy, and incitement. It observed that mere discussion or even advocacy of a cause, no matter how unpopular, is at the heart of the freedom of speech and expression. It was found that Section 66A was capable of restricting all forms of communication and it contained no distinction between mere advocacy or discussion on a particular cause which is offensive to some and incitement by such words leading to a causal connection to public disorder, security, health, and so on.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course! 

In response to the question of whether Section 66A attempts to protect individuals from defamation, the Court said that Section 66A condemns offensive statements that may be annoying to an individual but not affecting his reputation.

However, the Court also noted that Section 66A of the IT Act is not violative of Article 14 of the Indian Constitution because there existed an intelligible difference between information communicated through the internet and through other forms of speech. Also, the Apex Court did not even address the challenge of procedural unreasonableness because it is unconstitutional on substantive grounds.

  1. Shamsher Singh Verma v. State of Haryana[3]

In this case, the accused preferred an appeal before the Supreme Court after the High Court rejected the application of the accused to exhibit the Compact Disc filed in defence and to get it proved from the Forensic Science Laboratory.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course! 

The Supreme Court held that a Compact Disc is also a document. It further observed that it is not necessary to obtain admission or denial concerning a document under Section 294 (1) of CrPC personally from the accused, the complainant, or the witness.

  1. Syed Asifuddin and Ors. v. State of Andhra Pradesh and Anr.[4]

Facts: The subscriber purchased a Reliance handset and Reliance mobile services together under the Dhirubhai Ambani Pioneer Scheme. The subscriber was attracted by better tariff plans of other service providers and hence, wanted to shift to other service providers. The petitioners (staff members of TATA Indicom) hacked the Electronic Serial Number (hereinafter referred to as “ESN”). The Mobile Identification Number (MIN) of Reliance handsets were irreversibly integrated with ESN, the reprogramming of ESN made the device would be validated by Petitioner’s service provider and not by Reliance Infocomm.

Questions before the Court: i) Whether a telephone handset is a “Computer” under Section 2(1)(i) of the IT Act?

  1. ii) Whether manipulation of ESN programmed into a mobile handset amounts to an alteration of source code under Section 65 of the IT Act?

Decision: (i) Section 2(1)(i) of the IT Act provides that a “computer” means any electronic, magnetic, optical, or other high-speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic, or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or related to the computer in a computer system or computer network. Hence, a telephone handset is covered under the ambit of “computer” as defined under Section 2(1)(i) of the IT Act.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course! 

(ii)  Alteration of ESN makes exclusively used handsets usable by other service providers like TATA Indicomm. Therefore, alteration of ESN is an offence under Section 65 of the IT Act because every service provider has to maintain its own SID code and give its customers a specific number to each instrument used to avail the services provided. Therefore, the offence registered against the petitioners cannot be quashed with regard to Section 65 of the IT Act.

  1. Shankar v. State Rep[5]

Facts: The petitioner approached the Court under Section 482, CrPC to quash the charge sheet filed against him. The petitioner secured unauthorized access to the protected system of the Legal Advisor of Directorate of Vigilance and Anti-Corruption (DVAC) and was charged under Sections 66, 70, and 72 of the IT Act.

Decision: The Court observed that the charge sheet filed against the petitioner cannot be quashed with respect to the law concerning non-granting of sanction of prosecution under Section 72 of the IT Act.

  1. Christian Louboutin SAS v. Nakul Bajaj & Ors.[6]

Facts: The Complainant, a Luxury shoes manufacturer filed a suit seeking an injunction against an e-commerce portal www.darveys.com for indulging in a Trademark violation with the seller of spurious goods.

The question before the Court was whether the defendant’s use of the plaintiff’s mark, logos, and image are protected under Section 79 of the IT Act.

Decision: The Court observed that the defendant is more than an intermediary on the ground that the website has full control over the products being sold via its platform. It first identifies and then promotes third parties to sell their products. The Court further said that active participation by an e-commerce platform would exempt it from the rights provided to intermediaries under Section 79 of the IT Act.

  1. Avnish Bajaj v. State (NCT) of Delhi[7]

Facts: Avnish Bajaj, the CEO of Bazee.com was arrested under Section 67 of the IT Act for the broadcasting of cyber pornography. Someone else had sold copies of a CD containing pornographic material through the bazee.com website.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course! 

Decision: The Court noted that Mr. Bajaj was nowhere involved in the broadcasting of pornographic material. Also, the pornographic material could not be viewed on the Bazee.com website. But Bazee.com receives a commission from the sales and earns revenue for advertisements carried on via its web pages.

The Court further observed that the evidence collected indicates that the offence of cyber pornography cannot be attributed to Bazee.com but to some other person. The Court granted bail to Mr. Bajaj subject to the furnishing of 2 sureties Rs. 1 lakh each. However, the burden lies on the accused that he was merely the service provider and does not provide content.

  1. State of Tamil Nadu v. Suhas Katti[8]

The instant case is a landmark case in the Cyber Law regime for its efficient handling made the conviction possible within 7 months from the date of filing the FIR.

Facts: The accused was a family friend of the victim and wanted to marry her but she married another man which resulted in a Divorce. After her divorce, the accused persuaded her again and on her reluctance to marrying him, he took the course of harassment through the Internet. The accused opened a false e-mail account in the name of the victim and posted defamatory, obscene, and annoying information about the victim.

A charge-sheet was filed against the accused person under Section 67 of the IT Act and Section 469 and 509 of the Indian Penal Code, 1860.

Decision: The Additional Chief Metropolitan Magistrate, Egmore convicted the accused person under Section 469 and 509 of the Indian Penal Code, 1860 and Section 67 of the IT Act. The accused was subjected to the Rigorous Imprisonment of 2 years along with a fine of Rs. 500 under Section 469 of the IPC, Simple Imprisonment of 1 year along with a fine of Rs. 500 under Section 509 of the IPC, and Rigorous Imprisonment of 2 years along with a fine of Rs. 4,000 under Section 67 of the IT Act.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course! 

  1. CBI v. Arif Azim (Sony Sambandh case)

A website called www.sony-sambandh.com enabled NRIs to send Sony products to their Indian friends and relatives after online payment for the same.

In May 2002, someone logged into the website under the name of Barbara Campa and ordered a Sony Colour TV set along with a cordless telephone for one Arif Azim in Noida. She paid through her credit card and the said order was delivered to Arif Azim. However, the credit card agency informed the company that it was an unauthorized payment as the real owner denied any such purchase.

A complaint was therefore lodged with CBI and further, a case under Sections 418, 419, and 420 of the Indian Penal Code, 1860 was registered. The investigations concluded that Arif Azim while working at a call center in Noida, got access to the credit card details of Barbara Campa which he misused.

The Court convicted Arif Azim but being a young boy and a first-time convict, the Court’s approach was lenient towards him. The Court released the convicted person on probation for 1 year. This was one among the landmark cases of Cyber Law because it displayed that the Indian Penal Code, 1860 can be an effective legislation to rely on when the IT Act is not exhaustive.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course! 

  1. Pune Citibank Mphasis Call Center Fraud

Facts: In 2005, US $ 3,50,000 were dishonestly transferred from the Citibank accounts of four US customers through the internet to few bogus accounts. The employees gained the confidence of the customer and obtained their PINs under the impression that they would be a helping hand to those customers to deal with difficult situations. They were not decoding encrypted software or breathing through firewalls, instead, they identified loopholes in the MphasiS system.

Decision: The Court observed that the accused in this case are the ex-employees of the MphasiS call center. The employees there are checked whenever they enter or exit. Therefore, it is clear that the employees must have memorized the numbers. The service that was used to transfer the funds was SWIFT i.e. society for worldwide interbank financial telecommunication. The crime was committed using unauthorized access to the electronic accounts of the customers. Therefore this case falls within the domain of ‘cyber crimes”. The IT Act is broad enough to accommodate these aspects of crimes and any offense under the IPC with the use of electronic documents can be put at the same level as the crimes with written documents.

The court held that section 43(a) of the IT Act, 2000 is applicable because of the presence of the nature of unauthorized access that is involved to commit transactions. The accused were also charged under section 66 of the IT Act, 2000 and section 420 i.e. cheating, 465,467 and 471 of The Indian Penal Code, 1860.

  1. SMC Pneumatics (India) Pvt. Ltd. vs. Jogesh Kwatra[9]

Facts: In this case, Defendant Jogesh Kwatra was an employee of the plaintiff’s company. He started sending derogatory, defamatory, vulgar, abusive, and filthy emails to his employers and to different subsidiaries of the said company all over the world to defame the company and its Managing Director Mr. R K Malhotra. In the investigations, it was found that the email originated from a Cyber Cafe in New Delhi. The Cybercafé attendant identified the defendant during the enquiry. On 11 May 2011, Defendant was terminated of the services by the plaintiff.

Decision: The plaintiffs are not entitled to relief of perpetual injunction as prayed because the court did not qualify as certified evidence under section 65B of the Indian Evidence Act. Due to the absence of direct evidence that it was the defendant who was sending these emails, the court was not in a position to accept even the strongest evidence. The court also restrained the defendant from publishing, transmitting any information in the Cyberspace which is derogatory or abusive of the plaintiffs.

Conclusion

The Cyber Law regime is governed by the IT Act and the Rules made thereunder. Also, one may take recourse to the provisions of the Indian Penal Code, 1860 when the IT Act is unable to provide for any specific type of offence or if it does not contain exhaustive provisions with respect to an offence.

However, the Cyber Law regime is still not competent enough to deal with all sorts of Cyber Crimes that exist at this moment. With the country moving towards the ‘Digital India’ movement, the Cyber Crimes are evolving constantly and new kinds of Cyber Crimes enter the Cyber Law regime each day. The Cyber Law regime in India is weaker than what exists in other nations.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course! 

Hence, the Cyber Law regime in India needs extensive reforms to deal with the huge spike of Cyber Crimes each year.

[1] “Crime in India – 2019” Snapshots (States/UTs), NCRB, available at: https://ncrb.gov.in/sites/default/files/CII%202019%20SNAPSHOTS%20STATES.pdf (Last visited on 25th Feb; 2021)

[2] (2013) 12 SCC 73

[3] 2015 SCC OnLine SC 1242

[4] 2005 CriLJ 4314

[5] Crl. O.P. No. 6628 of 2010

[6] (2018) 253 DLT 728

[7] (2008) 150 DLT 769

[8] CC No. 4680 of 2004

[9] CM APPL. No. 33474 of 2016