An analysis of loopholes under Cyber Law


As the arrival of twenty-first century, the entire work has been digitalized, including banking, internet shopping, and online purchases, among other things. But, in this digitalized society, one crime is steadily gaining traction: cybercrime. Cybercrime is a crime in which hackers use computers as their primary weapon. They take users’ confidential info and use it for nefarious purposes.[1] Hacking, phishing, and spamming are some of the words we’ve been used to describe cybercrime. The Indian Cybercrime Act (ITA-2000), which deals with cybercrime and e-commerce, but it has numerous loopholes. The prevalence of cybercrime in India has not decreased since the implementation of cyber law.


The real age began in the early 2000s, when social media was still relatively young and had a significant effect on our lives. People started placing their names, profile pictures, and other confidential info online in this period, and hackers began using their personal information and profile photos to access bank accounts, set up credit cards, and commit other financial fraud.[2] The global cybercriminal market is currently worth nearly half a trillion dollars a year. To run such a scheme, these criminals have formed their own gang and are using well-established tactics to harass anything and anyone with a web presence.


The Information Technology Act of 2000 is an Act of India (No 21 of 2000) that was notified on October 17, 2000. It is the main legislation in India addressing cybercrime and electronic commerce. President K.R. Narayana signed the bill on June 9, 2000, during the budget session of 2000. A group of officials led by then-Minister of Information Technology Pramod Mahajan finalised the bill. Electronic data exchange and other forms of electronic correspondence are generally referred to as “electronic commerce,” and the Act establishes legal status for such transactions.

Some of the important sections

  • 65: Tampering with Computer Source Documents.
  • 66: Hacking Computer Systems and Data Alteration.
  • 67: Publishing Obscene Information.
  • 70: Unauthorized Access of Protected Systems.
  • 72: Breach of Confidentiality and Privacy.
  • 73: Publishing False Digital Signature Certificates.[3]


Young humans who commit’s cybercrime has to face police visit, they give them warning and as per the punishment the accused has to pay monetary fine to the victim. If the accused have commit a serious cybercrime so he/she will get arrested and might get imprisonment for serious offences. After the investigation the accused’s laptops will get confiscated by the police and they would not get to access the internet.


There is no concept of a data breach under the IT Act. The IT Act’s rules only apply to the gathering and dissemination of information by a “body corporate. “The IT Act does not have the overarching stipulation that surveillance should only take place in cases of public emergency or public safety. Furthermore, section 69 of the IT Act requires that any individual or intermediary who fails to assist the designated entity with the interception, surveillance, or disclosure of information is subject to criminal penalties. Decryption or disclosure of information contained in a digital resource is punishable by up to seven years in jail and a fine. [4]The word “consent” is not specified in the IT Act. Computer world India addressed Puneet Bhasin, digital law master, who alerts against sitting around idly ‘discussing’ the ideal law despite continuous dangers to information security the bill is a splendid piece of enactment, under which the information restriction rule stresses the significance of regarding information as a public property, clarifies Bhasin.[5] During Puneet Bhasin’s speech she throws light on the topics such as the breach of data which took place at WhatsApp and Facebook office and how can they be so careless and who will take responsibility of those breach of information which occurred. The value of data has been described precisely by her and data localization can help reduce the breaches of data that occur on daily basis due to which the users lose their valuable data and the data becomes vulnerable by leaking. And further more she expresses that until a data leak occurs on a huge basis it does not come into the eyes of the government and they won’t feel needs to make amends in the existing bill. The government should be more serious regarding the data leaks and should examine every small-to-small case that come into existence then only the Act can be made better with the future amendments to come.


  1. Avnish Bajaj vs State ( case) [6]

In December 2004, the CEO of was arrested after a CD containing inappropriate content was sold on the website. The CD was also available in Delhi’s markets. The Mumbai and Delhi police forces were sent to the scene. Later, the CEO was released on parole. This raised the question of how we can differentiate between Internet Service Providers and Content Providers. The accused bears the burden of proving that he was the Service Provider rather than the Content Provider. It also poses a number of questions about how law enforcement can treat cybercrime incidents.

  1. S. Ambiga vs The Additional Chief Secretary To … on 23 March, 2020[7]

The detenu has documented a bail appeal before the learned Principal Sessions Judge, Ariyalur, in Cr.M.P.No. 1772 of 2019 and the equivalent was excused on 08.08.2019. The Detaining Authority, on a scrutiny and thought of the materials, has inferred the abstract fulfilment that the exercises of the detenu were biased to the upkeep of the public request and all things considered, marked him as Cyber Law Offender and confined him under the arrangements of the Tamil Nadu Act 14 of 1982, by cinching the reproved request of detainment and testing the legitimateness of the equivalent, the present Habeas Corpus Petition is documented. Subsequently the petitioner fulfilled that the materials put before in the ground case Thiru Saravanan, child of Chinnathambi, is perpetrating violations and acting in a way biased to the upkeep of public request and as such he (Thiru Saravanan) is a “Digital Law Offender” as mulled over under area 2(bb) of the Tamil Nadu Act 14/82. By carrying out the above depicted violations, he has made dread, alert and a sensation of weakness in the personalities of individuals of the space and consequently acted in a way biased the up keep of Public Order

  1. Yogesh Kumar Sharma vs The State of Jharkhand on 23 March, 2021[8]

The solicitor is blamed regarding Jamshedpur Cyber Crime P. S. Case No. 01 of 2020 comparing to Cyber Crime Case No. 18 of 2020 enrolled under Sections 419/420/467/468/471/34 of the Indian Penal Code and Section 66 (C), (D) of the I.T. Act and is forthcoming in the Court of took in Additional Sessions Judge-II, Jamshedpur. Then again, learned A.P.P has gone against the petition for bail. Considering the material accessible on record and the pre-conviction time of care and the way that other co-blamed have effectively been conceded bail, the candidate is coordinated to be delivered on bail, on outfitting bail obligation of Rs.10,000/ – (Ten thousand in particular) with two guarantees of the like sum each as per the general inclination of took in Additional Sessions Judge-II, Jamshedpur regarding Jamshedpur Cyber Crime P. S. Case No. 01 of 2020 relating to Cyber Crime Case No. 18 of 2020 subject to the conditions that (I) one of the bailors ought to be his direct relations, (ii) the applicant will report the concerned police headquarters once in a month till the finish of the Trial and (iii) the solicitor will submit self-confirmed duplicate of his Aadhar Card and furthermore give his portable number under the watchful eye of the learned court underneath which he won’t


Presently it’s not very late to take care of this issue that we are appearing in the wrongdoing report in news. On the off chance that we begin showing news identified with cybercrime and begin considering this wrongdoing genuinely and furthermore making mindfulness among individuals about cybercrime, advise them to make their record private and ensured by security application, this would likewise help in decreasing the cases. In the event that we digit make our discipline more grounded and make dread in the brain of programmers then this programmer would reconsider while committing this wrongdoing. We should make one thing necessary that we should give appropriate schooling about information security to kids since this young children roots to stop this cybercrime and this youngsters in future they would not choose wrong way. We need to keep one more point to us that we should deal with the escape clauses of information security and we should fill this provisos and gradually it would recuperate.


[1]  Akash Kori, Critical Analysis of Cyber Laws in India, ipleaders, (June 2, 2018),


[3] Akash Kori, Critical Analysis of Cyber Laws in India, ipleaders, (June 2, 2018),

4Uzair Ahmad Khan, Multidimensional Approach to Data Protection Laws in India, Loopholes and Solutions, ipleaders, (October 2019),

5Mansi Joshi, Why India’s data protection law needs to avoid the perfection loophole, (5 NOVEMBER 2019),


7 S. Ambiga vs The Additional Chief Secretary to government, H.C.P(MD)No.955 (2019).

8 Yogesh Kumar Sharma vs The State of Jharkhand, B. A .No9876 (2020).

Author: Diksha Dutt,
First year-BBA-LLB/ Navrachana university

Leave a Comment