Law regarding cyber-bullying in India

Reading time: 8-10 minutes.

Internet has now become a part of our lives and it brings ease in our day to day jobs and also helps us to connect with people around the globe. Accessing data using internet has become so easy, with the click of a button the huge strata of information about the society is made available to us. With the advancement of technology, the unforeseen events of cyber offences also came into existence. One such being Cyber bullying, which is an intentional aggressive act by an individual or a group of people done repeatedly over the electronic form of contact. It is not defined in any law, nor there is any specific statutory law that deals with the same. Cyber bullying is a form of harassment where a person hides behind a screen and mentally tortures the other person. It can occur over any social networking site, over SMS, Email, Instant Message Service or any other platform over the electronic world.  This type of bullying can be done in various ways, some of them being:

  • Hacking personal accounts again and again;
  • Flaming, which is the use vulgar or insensitive language to attack someone
  • Sending hurtful or inappropriate messages to harass someone;
  • Sharing someone’s private messages or picture or threatening/blackmailing to do so;
  •  Impersonating someone and damaging their reputation;
  • Threatening someone to commit an act of violence or threats of pornography;
  • Stalking someone and sending targeted messages; etc.

The use of technology beyond the unauthorised acts and permissible limits leads to the creation of such acts. There are many cyber offences which still cannot be predicted due to the advancement of technology and artificial intelligence over time.

Negative effects

With the increase in technology and internet connectivity anyone can hide behind a screen and harass the other person. Exposure to such bullying can have varying effects on person, be it a child or an adult. Internet harassment can psychologically agitate their victims, creating a hostile environment for the same. Some negative effects which a person has to deal with while dealing with cyber-bullying are that it diminishes the self-esteem of the victim, there is a tendency of withdrawal shown, the victim feels exposed and harmed, it creates a feeling of humiliation and can cause depression, It can also lead to the use of drugs or alcoholism and there can be a change in personality as well as disinterest in thing/activities liked earlier, it can also cause some serious and permanent changes in the life of the victims and his loved ones like self-harm or even suicide. Another issue among these negative emotions is that the victim is more likely to become anti-social instead of standing up against his/her bully.    

Legal provisions

There is no specific statute that deals with Cyber-bullying as a crime, but some sections of The Information Technology Act, 2000; The Indian Penal Code, 1860 and The Protection of Children from Sexual Offences Act, 2012 deals with the similar issues and can come under the wide scope of cyber-bullying.

  • Under the IT Act, Section 66 talks about computer related offences under which the person is held liable for a maximum term of three years or for fine up to Rs five lakh or both. Under this provision, section 66 C talks about punishment of Identity
  • Theft or as it is also known as impersonation, section 66 D deals with the punishment of cheating by personation by using the computer or online resources,  66 E deals with the punishment of violation of a person’s privacy, section 67 talks about Publishing or transmitting obscene material through electronic form along with section 67 A which talks about the same but also consists of sexually explicit act and lastly, section 67 B talks about the publishing of such materials depicting children in electronic form which can be excused if it is for public good and learning or is kept or used for bona fide heritage or religious purposes.
  • The Supreme Court in the case of Shreya Singhal v. Union of India, struck down section 66 A of the IT Act, 2000 which dealt with the punishment for sending offensive messages through a computer resource or communication device and held that it does not come under the ambit of reasonable restrictions of Article 19 (1) (a) of the Indian Constitution. The said section was vague and ambiguous and sections 66 B and 67 C of the IT act along with various provisions of IPC were good enough to deal with such crimes. 
  • Further, provisions of IPC that deals with cyber-crimes are- Section 292 A, which talks about printing of indecent matter or matter for blackmail, the matter should be injurious to the morality or should be calculated to injure a person and the offender will be imprisoned for a maximum period of two years and will also be liable to fine. Section 354 A talks about sexual harassment of unwelcome physical contact or of the nature of making sexually coloured re
  • ark or demand/request for sexual favours of pornography.
  • Section 354 D talks about stalking or attempting to or actually contacting a woman and the offender will be liable for three years for first attempt and five years max for any subsequent attempt. Section 499 talks about defamation i.e. when a person by spoken words or signs makes or publishes something with an intent to harm the reputation of the other person, the same can be done over electronic means as well. Further, section 507 talks about criminal intimidation through any anonymous communication/means and the offender will be liable for a period of two years max.
  • Section 509 of IPC deals with the offenders who intend to insult the modesty of a women by words or gesture by intruding the privacy of the women and such offenders will be punished for a term of one year or fine or both.

In the case of Sharat Babu Digumarti v. Government of NCT of Delhi, there was a conflict between provisions of the IPC and the IT Act. In this case, an obscene video had been listed for sale on a site and the same was intentionally hidden under the category of e-books, some of the copies were sold before the listing was deactivated. The SC in this case ruled that if an offence involves an electronic record, the IT Act alone would apply since such was the legislative intent. And if there is any conflict between the IT Act and the IPC then, the special law would prevail over the general law and the latter law would prevail over the prior legislation. Further, section 81 of the IT Act states that the provisions of the IT Act shall have effect notwithstanding anything inconsistent therewith contained in any other law for the time being in force.

The provisions under POCSO act also protects the children below 18 years of age from any sexual harassment, pornography or sexual assault which would include any form of cyber-bullying punishable under the act.

In this sense, the Ministry of Human Resources have directed schools and colleges to form Anti-Ragging associations. UGC in this regard has also issued the ‘UGC Regulations on Curbing the Menace of Ragging in Higher Educational Institutions 2009’, so that there could be a check and balance on cyber-bullying in schools and universities. NCERT has also set out various guidelines defining the roles of teachers, parents as well as students in these circumstances and are required to report these bullies immediately. 

Critical analysis

Due to the advancing technologies, there is a dire need to have a proper legislation for cyber laws in India. The cyber space evolves on a daily basis unlike the physical space and therefore the crimes over the electronic medium cannot be foreseen completely.

Cyber-crimes can take an ugly shape in the future thus it needs to be addressed soon. In the making of such legislation, the opinion of psychiatrists should also be taken into consideration since such offences affects the psyche of the person more than it affects their bodies. Also, both the offender and the victim might need counselling after such incidents as the purpose is to educate the society and to make them realize their mistakes and in several cases the abusers also have a history of being bullied themselves. Therefore, the existing laws should also be revised for benefitting children and portals should be set up where these crimes could be reported. 

Also, other than being completely dependent on technology for the prevention of cyber-crimes the administration of schools, colleges, and offices should take up certain measures to prevent the same. There should be anti-ragging cells everywhere and there could be advertisements regarding cyber bulling as well. Cyber ethics should be taught to the students so that they learn to respect other’s privacy as well. Trolls on internet are also getting popular these days and they can be humiliating as well as insulting. The anonymity on the internet gives the offender power and control of harassing someone without a fear of their actions. Troll Police campaigns should be encouraged and there should be restrictions on what one can post over the social media.


The concept of justice will be defeated if the victims of cyber-crimes are made to suffer anymore, with the advancement in technology it is important to set some ground rules for its use. These technologies do help us in becoming a developed country but at the cost of hundreds of innocents being traumatised by cyber space. Even the Freedom of Speech guaranteed by our constitution has certain reasonable restrictions to it, similarly there should be certain boundaries which a person should not be able to cross even on online platforms.

Expressing oneself on any matter should be a matter of individuality and it should be respected even if not agreed to. However, using this freedom to mentally harass or threaten someone should not be accepted and thus the need for a well drafted legislation is well awaited.  

Author: Kavya Arora from UPES, Dehradun.

Editor: Priyanshu Grover from Symbiosis Law School, NOIDA, Uttar Pradesh.

Cyber security infrastructure in India

Reading time: 8-10 minutes.

Recently on 12th April 2020, the Ministry of Home Affairs advised that the video conferencing application i.e. Zoom is not a safe platform. Due to the pandemic, the country is undergoing a lockdown since 24th March 2020 and all the movements have been stopped except for the delivery of essential commodities. So due to this everyone is working from home through the help of internet. Some are working with the help of conference call, on the other hand, some are working on a video conference platform such as Zoom. Also, the courts are tackling the disputes with the help of video conferencing platform Zoom. In the advisory, the Home Ministry has asked people to take certain precautionary measures such as:

  • One should create a new User ID and password for each individual meeting.
  • The host should create a waiting room so that people can join the meeting only when the host prescribes permission to join.
  • Screen sharing feature should be only accessed by the host.
  • The host should disable the feature of “allowing the removed participants to rejoin”.

Significance of this development

India has a detailed and well-defined legal system in place. Many laws have been enacted and implemented like the Indian Penal Code 1860, the Indian Evidence Act 1872, the Code of Civil Procedure 1908, the Companies Act, and so on. However, the arrival of the internet has given rise to new and complex legal issues. It may be appropriate to say that the existing laws in India were enacted while keeping in mind the relevant political, social, economic, and cultural scenario of that relevant time. Nobody then could really visualize about the Internet. Despite the brilliant knowledge of our master draftsmen, the requirements of cyberspace could hardly ever be identified. As such, the coming of the Internet led to the emergence of numerous tricky legal issues and glitches which required the enactment of cyber laws.

In the present profoundly digitalized world, nearly everybody is influenced by digital law. For instance:


  • Practically all organizations widely rely on their PC systems and keep their important information in electronic structure.
  • Government structures including personal expense forms, organization law structures and so on are presently filled in electronic structure.
  • Customers are progressively utilizing credit/check cards for shopping.
  • The vast majority are utilizing email, telephones and SMS messages for correspondence.
  • Digital signatures and e-contracts are quick replacing regular strategy for executing business.

Cyber Security Laws in India

Provisions under Information Technology Act, 2000

Section 66 of IT Act, 2000 deals with the offences relating to computers and section 66A states the punishment for sending any kind of messages which are offensive in nature, and which, the wrongdoer knows to be false but he did it to cause annoyance, injury, or insult to the victim shall be sentenced for a term which may extend to three years with fine.

Section 66B of IT Act, 2000 says that a person shall be held liable for three years or with a fine which may extend up to one lakh rupees if the offender dishonestly receives or keeps a device which he knows to be stolen.

Section 66C of IT Act, 2000  defines the punishment for identity theft, such as electronic signature, shall be punished with the term of up to three years and shall also with the fine of one lakh rupees.

Section 67A of IT Act, 2000 says that any material which contains sexually explicit acts, when

transmitted or regulated on the internet by a person, will attract the liability under this section and the person would be punished for a term of up to five years with a fine of up to ten lakh rupees. And the punishment shall be exceeded to seven years and a fine of ten lakh rupees in case of a subsequent conviction.

Section 72 of IT Act, 2000 deals with the breach of confidentiality and privacy, it states that any person who has access to any document, information or other material, discloses that material shall be punished with a term of two years and also with a fine of the sum of one lakh rupees.

Provisions under Indian Penal Code, 1860

Section 354D of Indian Penal Code, 1860 defines stalking as any man who monitors the use of the internet by a woman shall be punished for a term of up to three years and with fine. The duration will be extended for five years with a fine on the subsequent conviction.

Section 416 of Indian Penal Code, 1860 defines cheating by personation as if a person pretends to be some other person other than who he actually is. The punishment of cheating is given under Section 417 which states that a person can be booked for a term of up to one year with fine or both. 

Institutions for protection against Cyber-crime

Cybercrime Prevention against Women and Children (CCPWC)

This scheme was launched by the Ministry of Home Affairs and deals with providing an effective mechanism that will help the victims of cybercrime to fight against it. This scheme allows the person to file an online complaint of such wrong content such as child pornography, child sexual abuse, and any other wrong content. Ministry has announced that a sum of Rs. 2,30,00,000 has been granted to NCT of Delhi for the setup of Cyber Forensic Lab Cum Training Center.

National Crime Records Bureau will identify objectionable content on receiving complainants and take action for its immediate removal. For this, NCRB has already been notified as Central Government nodal agency as to issue notices under Section 79(3)b of Information Technology Act, 2000.

Indian Computer Emergency Response Team (CERT-IN)

Indian Computer Emergency Response Team (CERT-In) is a government made Information Technology security Organization. The purpose behind CERT-In is to respond to computer security, report on vulnerabilities and advance powerful IT security rehearses all through the nation. CERT-In was made by the Indian Department of Information Technology in 2004 and works under the support of that division. As per the arrangements of the Information Technology Amendment Act 2008, CERT-In is answerable for directing the organization of the act. In the ongoing Information Technology Amendment Act 2008, CERT-In has been assigned to fill in as the national office to play out the accompanying capacities in the region of cyber security:

  • Collection, analysis and dissemination of information on cyber incidents.
  • Forecast and alerts of cyber security incidents.
  • Emergency measures for handling cyber security incidents.

Critical Information Infrastructure Protection Centre (NCIIPC)

National Critical Information Infrastructure Protection Centre (NCIIPC) is a government organization which has been created under Section 70A of IT Act, 2000 by the Government of India. Its headquarters is located in New Delhi, India.  Important function include to coordinate, share, monitor, collect, analyze, a national-level risk to CII for strategy direction, mastery sharing and situational mindfulness for early notice or alarms. The essential duty regarding ensuring CII framework lies with the organization running that CII. It has been designated as National Nodal Agency for Critical Information Infrastructure Protection. A report of the National Critical Information Infrastructure Protection Centre has identified the following as critical sectors:

  1. Power & Energy
  2. Banking, Financial Services & Insurance
  3. Telecom
  4. Transport
  5. Government
  6. Strategic & Public Enterprises

National Cyber Coordination Centre

National Cyber Coordination Centre has been implemented by the Indian Computer Emergency Response Team (CERT-In). NCCC derives its power from Section 69B of IT Act, 2000. It will be India’s first layer for digital risk checking and all correspondence with government and private specialist organizations will be observed by it. Its command is to check web traffic and correspondent metadata coming into the nation to distinguish continuous digital danger and alarm different associations.

NCCC additionally will arrange between intelligence agencies, explicitly during system interruptions and cybercrimes. It will have virtual contact with the control room of all ISPs to check traffic inside the nation, streaming at the purpose of passage and exit, including worldwide portal. Aside from observing the internet, the NCCC will likewise investigate different dangers presented by digital assaults. It will have top specialists from the digital security field and will run like comparable association in different nations, for example, the US, the UK, France, Germany, and so on.

Data Security Council of India (DSCI)

Data Security Council of India is a body established in the year 2008 by the National Association of Software and Service Companies (NASSCOM). NASCOM is a non-profit organization that was set up in 1988. In 2013, NASSCOM started “10,000 new companies” in the nation. Its principal objective is to start 10,000 new companies in the nation by 2023. The NASSCOM under its supervision operates Data Security Council of India. The core aim of the Data Security Council of India is to protect national interest by protecting the data. It additionally outlines the gauges and activities for keeping up with protection and other cybercrimes standards. It likewise arranges meetings and makes basic stages for the enterprises, thinks tanks and different pioneers of the information insurance industry to meet up.


In the end, we can say that a crime-free society does not exist in today’s time so precautionary measures should be taken to tackle the crime. Also, as the technology is enhancing day by day more crimes are reported on electronic frauds. Information Technology Act, 2000 and Indian Penal Code, 1860 contains the provisions for punishing the offenders or the wrongdoers against the cybercrime. One should know the methods of filing the complaint online for the cybercrime committed against them. Rallies, workshops, online seminars should be organized so that the people who are unaware about the methods to tackle the cybercrime should be made aware of. Wide ranges of information whether it is personal, governmental, or corporate, need high security.

A portion of the information, which has a place with the administration guard framework, logical research and advancements, banks, protection innovative work association can be greatly affected by even a small amount of negligence to these data So while concluding we can say that as it is rightly said, “Precaution is better than cure” and thus, precautionary measures should always be taken to keep everything safe and secure.

Author: Abhinav Rana from University School of Law and Legal Studies, GGSIPU.

Editor: Arya Mittal from Hidayatullah National Law University, Raipur.