Jurisdictional Issues

Jurisdiction refers to the authority of courts or law enforcement agencies to investigate and prosecute crimes within a specific geographic boundary.

Cyber crimes often transcend geographical boundaries, which creates serious jurisdictional dilemmas. For instance, a hacker sitting in Country A may attack a server located in Country B and cause financial loss to a victim in Country C.

Challenges:

• Determining which country’s law applies
• Lack of uniform international laws on cyber crimes
• Limited cooperation among countries

Example: In India, Section 75 of the IT Act, 2000 allows for extra-territorial jurisdiction when the offence involves a computer, network or system located in India. However, actual enforcement in foreign territories is difficult.

Anonymity and Encryption

Anonymity on the internet allows cyber criminals to hide their identities using tools like:

• Proxy servers
• VPNs (Virtual Private Networks)
• The TOR (The Onion Router) network

They leave little or no trace of origin, making tracking almost impossible.

Encryption is another major hurdle. While it ensures data privacy, criminals use end-to-end encryption to hide illicit communication and transactions.

Law enforcement struggles with accessing encrypted data due to legal and technological limitations.

Example: Messaging apps like WhatsApp, Signal, etc., employ strong encryption protocols, making it nearly impossible to trace messages, even for investigators.

Forensic Challenges

Preservation of digital evidence

Digital evidence is fragile. It can be easily modified, destroyed, or hidden. The following issues complicate cyber forensics:

• Volatility: Data can disappear with a power loss or system restart
• Encryption & password protection: Prevent access to key files
• Multiple jurisdictions: Servers may be located in other countries

Best practices require:

• Creating forensic images
• Maintaining chain of custody
• Using standard forensic tools (e.g., EnCase, FTK)

Legal significance: Indian Evidence Act, 1872 (Section 65B) mandates proper procedure and certification for digital evidence admissibility.

Lack of Skilled Manpower

India, like many countries, faces a significant shortage of trained cyber crime investigators, digital forensic experts, and ethical hackers.

Reasons include:

• Lack of specialized training in traditional police forces
• Rapid technological evolution outpacing skill development
• Inadequate infrastructure in police departments

Consequences: Delayed investigations, poor evidence handling, and low conviction rates.

Way forward:

• Cybercrime investigation cells in every state and district
• Continuous upskilling programs
• Public-private collaboration for tech support

Admissibility and Proof of Cyber Evidence

Admissibility of cyber evidence is governed in India under Section 65B of the Indian Evidence Act, 1872. However, technical complexities make proving digital crimes extremely difficult in courts.

Challenges faced:

• Non-compliance with Section 65B: Digital records must be accompanied by a valid certificate under Section 65B(4) to be admissible. Many investigating agencies fail to produce this correctly.
• Data tampering and modification: If chain of custody is broken or devices are not properly sealed and mirrored, evidence may be deemed unreliable.
• Absence of technical understanding: Prosecutors and judges often lack the expertise to interpret cyber evidence accurately.

Example: In Anvar P.V. v. P.K. Basheer, the Supreme Court ruled that without a Section 65B certificate, electronic evidence is not admissible.

Thus, procedural rigor and expert testimony are crucial for successful prosecution in cyber offences.

Need for Specialised Courts and Judges

Cybercrime cases require judges and prosecutors who are trained in information technology, digital forensics, encryption laws, and data privacy frameworks. Traditional courts are often unequipped to deal with these complex, technical cases.

Issues due to lack of specialisation:

• Delays in trial due to lack of technical understanding
• Misinterpretation of cyber evidence
• Overburdened regular courts treating cyber offences like conventional crimes

Solution:

• Creation of Dedicated Cyber Courts at district and state levels
• Appointment of judges with cyber law training
• Frequent judicial workshops on IT laws and emerging cyber threats

Current Status: Some states like Maharashtra have created exclusive cyber crime police stations, but corresponding courts are still lacking or inadequately staffed.

Rapid Technological Advancements

Technology evolves faster than the legislative and judicial systems can adapt. Cyber criminals constantly update their techniques—AI-generated fraud, deepfakes, zero-day exploits, and cryptocurrency laundering are just a few examples.

Key difficulties:

• Outdated laws unable to cover modern cyber threats
• Judges and prosecutors unfamiliar with new tools like the dark web or blockchain-based evidence
• Difficulty in applying old definitions (e.g., “document,” “signature”) to digital forms

Suggested Reforms:

• Frequent legislative updates to the IT Act and Indian Evidence Act
• Use of expert panels to guide courts on technical matters
• Real-time collaboration with CERT-In, cyber labs, and technology providers

Conclusion: For effective cybercrime prosecution, legal frameworks, judiciary, and technology must work in tandem and evolve together.