Scroll Top



The advent of information technology bought along with it several vulnerabilities like cybercrime and cyber-terrorism. Cybercrime is a crime committed in digital or virtual space through a device like a computer or a network of such connections. These include crimes like hacking, phishing, spoofing, defamation, child pornography and cracking. With the rapid growth of technology, it is not possible to eliminate cybercrime. However, a robust and effective investigation process is the key to keep a check on these crimes by tracking the perpetrators. This paper aims at understanding and analysing the problems encountered in the process of investigation of cybercrimes and nabbing of the accused.


The police have the authority to investigate a cybercrime by the virtue of section 78 of the Information Technology Act, 2000. The police proceed once the crime has been reported to them. Any cybercrime investigation includes the process of collecting, analyzing and investigating the trials and evidence that are involved in the matter.[1]The process commences by acquiring the devices and data about the crime such as computers, mobile phones, CDs, drives and other such devices. If any data is lost, the next step is to retrieve the data relevant to the crime. The forensic team steps in next for analysing the data and extracting evidence. Finally, the evidence and other data are presented in the court of law for the trial and further proceedings. The police have the power to arrest the accused as per section 80 of the IT Act, 2000. However, this process is not as streamlined as it sounds.

Cybercrime investigations have to incorporate three basic elements to make the investigation and its findings admissible in Courts.[2]First, for an investigation to be admissible, it must be conducted by competent professionals who are skilled at cyber in the niche and can deliver credible results. Second, all the digital evidence that has been found must not be altered or tampered with. If the necessity arises for the professionals to extract more information from this evidence, extreme caution is required to be exercised. Third, to avoid any suspicions that might arise on the credibility of the information derived from the investigation, a proper audit trail and documents must be maintained.[3]


Digital forensic science is a branch of forensic science that is aimed at the investigation and recovery of evidence found in digital devices.[4]Digital forensics is the scientific acquisition, analysis, and preservation of data contained in electronic media whose information can be used as evidence in a court of law.[5] It is a part of a digital investigation where the evidence is searched for and then analysed. This analysis may happen for reasons like locating a trail, extracting hidden or encrypted information etc. The field of digital forensics has extended its scope to include network forensics which includes investigating network security breaches, data theft and hacking attempts.[6] Such investigation is used to trace the root cause for a crime or in cases where the intrusion with the system is not visible.


The investigation of cybercrimes is different from that of traditional or physical crimes. The distinction in this process arises because, first, the nature of evidence in cybercrimes is significantly different to those in traditional crimes. In traditional crimes, evidence can be extracted through different sources like witnesses, suspects, etc. Also, this evidence requires special tools and workforce to be examined; Second, the crime scene is not specific or limited in a cybercrime; Finally, the perpetrator cannot be physically tracked and may not be related to the victim in any manner. The process is different and is prone to encounter several technical and legal barriers.


Most of the cybercrimes go unreported. There are several reasons for this. First, people are concerned about their reputation in cases like pornography. In a country like India, even if people suffer a financial online fraud, they fear admitting the same; Second, if the losses are minimal, victims do not bother to undergo technical procedures of legal remedies; Third, such investigations are time and resource consuming and people have misconceptions that the perpetrators are never caught in such cases; Fourth, such investigations require access to personal data and devices which raises privacy concerns. The victim first faces the loss from the crime, and then faces the fear of loss of further information during the investigation process; Lastly, victims are of the impression that it was their own mistake that led to the breach and is unaware of the remedies available to them.`

The problem that arises due to unreported cases is that it is difficult to establish a network or pattern of these crimes. Even if a single case goes unreported, the chain breaks and it gets difficult to track the source of the crimes. Furthermore, it is not possible to arrive at actual statistics of cybercrimes and observe the changes in the crime rates.


It is difficult to identify perpetrators as it is convenient to disguise identity and tamper networks. It is also difficult to locate the place from where the crime originated and the source of these activities. The perpetrators may be completely unrelated to the victim which makes it more challenging to identify suspects.


Technological advancements have turned the world into a global village. With the help of a click, one can connect to the others sitting in opposite corners of the world. Neither does cyberspace have any boundaries, nor does cybercrime. The perpetrator can operate from the US and affect the victim in India. The nearest one can get to locate a network is by tracking the IP address which helps in tracking the route of communication between devices that are connected to a network. However, the requirement of the computer that initiates a transaction is only to know the IP address of the receiving computer and not the physical location of the same. As pointed out by the Legal scholar Wendy Adams, this fundamental incompatibility between legal governance as a function of geopolitical territory and network governance as a function of IP makes it difficult to impose local limitations on the global dissemination of Information.[7]

Section 75 of the IT Act extends the jurisdiction of the Act to any crimes that are committed outside India by any person irrespective of his nationality. The only requirement is that an Indian computer network or system should be involved.[8] The Delhi High Court, while dealing with the jurisdictional issue of cybercrimes, observed that there is a need for the judiciary to interpret statutes in a manner that is consistent with the advancing technology.[9] However, there is a lack of a harmonious international system and mutual legal assistance between countries to deal with these issues.[10]Different countries have adopted their penal laws to deal with cybercrimes.

In cases where the perpetrator is identified and arrested, there is no uniform law to process or extradite him. If there are no extradition treaties between the countries, it further complicates the process.


There are new updates in technology with every passing day. This change brings along several challenges in dealing with cybercrimes. First, a specific skill set is required to deal with these crimes which narrow the workforce that can be involved in investigating such crimes. This is also mandated to make the results of the investigation admissible in a court of law as discussed previously. This further requires specialised training, additional resources and strengthening of the cyber cells.; Second, it is difficult to identify the authors or perpetrators since networks can be set in some other countries and routes can be deviated. The cyberspace knows no boundaries and provides for unlimited network paths; Third, it is difficult to identify a pattern or specific technology that has been used in executing the crimes. When a cybercrime gets reported, it is looked at it from the perspective of an individual case. Several scams happen through a chain or pattern which needs to be located by the competent authorities. Each case is a point on the map to establish a series or arrangement.


Chapter IX of the Information Technology Act, 2000 deals with the penalty and adjudication. The chapter includes penalties for damage to computer and computer systems, the penalty for failure to furnish information return etc. Chapter XI of the Information Technology Act deals with the offences and their punishments. These offences include tampering with computer source documents, hacking with a computer system, publishing of information that is obscene in electronic form, breach of confidentiality and privacy, misrepresentation, and publications for fraudulent purposes. The penalty for these offences ranges from a fine to imprisonment of around ten years.


Our dependency upon computer resources and the internet is increasing with every passing day. This makes us vulnerable to cybercrimes. Every account that we login into or any website that we browse leaves a trace that leads to our data and privacy. It is unrealistic to hope that cybercrimes can be eliminated. However, if the barriers of investigating and arresting cybercrime perpetrators can be dealt with, it will accelerate the process of investigation and arrest. The first step is promoting awareness relating to such crimes and encouraging the reporting of them. It is also essential to come to an International consensus for laws dealing with these crimes. The workforce in cybercrime departments requires specialization and exclusive resources are required to be allocated to these departments. The strengthening of these departments is also necessary which involves providing them autonomy and parallelly maintaining transparency.

Author(s) Name: Aarushi Singh (Student, Uttaranchal University, Dehradun)


[1] Rohas Nagpal, Cybercrime & Digital Evidence-Indian Perspective, ASCL,(2008)


[3]Swati Mehta, Cyber Forensics and Admissibility of Digital Evidence, (2011) 5 SC J-54

[4]What is Digital Forensics, EC-Council

[5] Dale Liu, Digital Forensics and Analysing Data, CRSF, (2009)

[6]Larry Daniel & Lars Daniel, Digital Forensics, DFLP (2012)

[7]Wendy A. Adams, Intellectual Property Infringements in Global Networks: The Implications of Protection Ahead of the Curve, 10 INT’L J.L. & INFO. TECH. 71 (2002).

[8]Minny Narang & Gunjan Jain, Problems of Investigation and Solution, 3 IJAR, 73, 74, (2013)

[9]SMC Pneumatics Pvt. Ltd. v. Jogesh Kwarta, No. 129 of 2001

[10]Obstacles to Cybercrime Investigations, Module 5: Cybercrime Investigation, E4J University Module Series: Cybercrime, UNODC

Related Posts