Cyber laws have failed to create a culture of deterrence

Written By: Pavan Duggal
Delhi, India Updated: Nov 29, 2018, 11:01 AM(IST)

The defence establishment claims that the attack hit websites using the .GOV.IL domain, which is used for all government websites save for defence-related ones. (Representative Image). Photograph:( Reuters )

Story highlights

Some of the well-known instances include people losing money because of fraudulent calls, fraudulent emails or due to disclosing the details of bank account accidentally.

At a time when cybercrime is becoming a cottage industry in India, it comes as no surprise that online fraud should become the preferred mode. Most times, online fraud is done in a variety of innovative ways. The classic case of the village of Jamtara, Jharkhand, being engaged in online fraud and cybercrime activities is a distinct example in this regard.

Some of the well-known instances include people losing money because of fraudulent calls, fraudulent emails or due to disclosing the details of bank account accidentally. The reasons why online fraud has massively increased in the country are many. The propensity of the new generation to earn a quick buck, mistaken fear that they cannot be tracked, and lack of deterrence in the provisions of law are important causes. We have also seen various call centres and BPOs been raided in connection with making fraudulent calls to foreign citizens, claiming to solve a security problem in the software of a major company. 

When I look at the legal ramifications of online fraud, the reason for its proliferation becomes evident. The Indian law has been thoroughly inadequate to deal with online fraud. When one looks at the provisions of the special law pertaining to online environment, the Indian Information Technology Act, 2000, one quickly realises that it does not have adequate provisions for effectively stopping and preventing online fraud.

First and foremost, online fraud dedicatedly has not been brought within the ambit of the specific provisions of the Information & Technology Act, 2000, though I believe that some portion of online fraud could be brought within the ambit of computer-related offences under Section 66 of the Information & Technology Act, 2000. But, then there is a bigger problem that Section 66 read with Section 43 of the Information & Technology Act, 2000, is a bailable offence.

Online fraudsters, even if booked under the Information & Technology Act, 2000, are entitled to bail as a matter of right. Consequently, we find that very few cases get registered and even if they are registered and the persons are arrested, they are immediately released on bail. The orientation of online fraudsters to delete relevant incriminating electronic evidence and to create an obstruction in the prosecution of online frauds is relatively high. 

Given the fact that online fraud is happening so frequently and at such an alarming pace, the police are not well equipped to deal with these issues. First, it is a big challenge to get a case registered. Assuming that the case is registered, one still finds that getting the police to act is also a big challenge. Hence, the inadequacy of the law and its provisions and lack of deterrence effectively ensure that getting cybercrime convictions is a tall order. 

Further, the Information Technology Act, 2000, does provide another remedy of seeking damages by way of compensation against online fraudsters by virtue of the remedy under Section 43 of the Information Technology Act, 2000. However, given the sophisticated tools that online fraudsters use and given the fact that it becomes difficult for individuals to trace online fraudsters, the remedy is not so effective.

Most times, service providers are not willing to cooperate. After the Shreya Singhal judgment, intermediaries have become mute spectators, thereby complicating the entire scenario of effective regulation of online frauds. 

A Reserve Bank of India notification has provided some effective remedy to victims of online fraud. As per the RBI Notification of July, 2017, if a person becomes a victim of online fraud by misuse of his credit card details or banking records and he complains to the bank in question within 72 hours, then there is a 0 per cent liability on the consumers, and the bank is required to absorb the losses. 

However, the present ad-hoc approach to dealing with online frauds has to stop. The government needs to come up with a stringent legal framework to provide deterrence. The provisions of the Information Technology Act, 2000, too need to be amended. 

Law enforcement agencies need to be more sensitised about adopting a user-friendly approach while registering online complaints. Banks need to put in place far more effective and efficient cybersecurity mechanisms and procedures to minimize the chances of online frauds. More importantly, users must be educated about cybercrime to raise awareness levels. 

Currently, it appears that online fraudsters are having a winning edge. Governments and all other stakeholders have to work together to create an effective bulwark, involving multidimensional strategies, against cybercrime. Sample cases need to be selected for expeditious trial. Special cyber courts need to be set up for adjudicating issues concerning online frauds. The journey appears to be a long one. The war against online fraud has just begun.

(This article was originally published on DNA. Read the original article)

(Disclaimer: The opinions expressed above are the personal views of the author and do not reflect the views of ZMCL)

Read in App