Scroll Top



With the advent of technology, cyberspace provides a boon to our daily life. In a general sense, we can say that cyberspace is an interface between the internet and technology. It is a wider term that encompasses computer systems, the Internet, telecommunication services, software,  hardware, processors, controllers, and even electronic devices such as ATMs and so on. It is an exponential and dynamic space. It plays a pivotal role in communication and sharing information electronically. This cyberspace has no national boundaries, which means any person can access any information from anywhere in the world.  But it is a double-edged sword, as it invites you to the dark side of its world while giving the sunshine. Cyberspace is vulnerable to cyber attacks, which are also known as cybercrimes. The term Cybercrime is not delineated in any Indian legislation, but in a general sense, we can say that it is an unlawful act done in a sophisticated manner along with technology through the computer or computer systems or computer network. This may attract a legal quagmire. In litigation or a trial, the first step is the jurisdiction of the court or forum state for the regulation of the crime. Now this blog deals with the jurisdictional aspect of cybercrimes from a national perspective and an international perspective.


Specifically, we can say, the term jurisdiction is the convergence of two Latin words ‘juris’ and ‘diction’ which means saying or speaking of the law. Generally, jurisdiction is the power or authority of the court to take cognizance of the case. As Cybercrimes are borderless, they have been committed irrespective of their nationality. The main controversy involved in this is the uncertainty of the jurisdiction because of the disparities among the laws of the various countries around the world for the offences committed internationally. This concept of jurisdiction in cybercrimes can be seen in nations and international perspectives.


India has no separate legislation which governs cybercrimes specifically and their jurisdiction. However, it follows the principle of Lex Foris, while dealing with these offences. Even though the Civil Procedure Code 1908 specifies the jurisdiction in India, it does not seem to be pertinent in the cyber world. So, as of now in India, there are some enactments dealing with the uncertainty of jurisdiction in cybercrimes in India.  Among them, there is a substantive enactment by the parliament called the Information Technology Act of 2000 [hereinafter referred to as IT Act] under which Chapter 11[1] deals with Cyber offences, and Chapter 9[2] deals with the adjudication of the offences committed under the IT Act. Section 75[3] of the IT Act says that this Act will apply to offences committed outside India by any person irrespective of his nationality or any act or contravention in which a computer, or computer system is located in India. But so far as concerned the application of this Act was effective within its boundaries when compared to its application at the international level. This provision may bring the foreign national for committing the cyber offence within or beyond India as it adopted the principle of universal jurisdiction. In Swaminathan v. Somasundaram[4], Madras High Court held that even for non-resident foreigners, India has its jurisdiction over them for which arising the cause of action in India. This may point to the issue that the provision of the jurisdiction of India if the cyber offence is committed by a non-resident,  which is having an impact within the territory of India is not useful unless the offender is not within the jurisdiction of India. In that plot, the mutual legal assistance agreements, and the extradition bilateral agreements are the options to bring the offender within the territory of India. In SIL Import v. Exim Aides Silk[5], the court held that it is the need of the hour to interpret the statutes regarding internet disputes and to sign international treaties so it may allow the national courts to follow jurisdiction and in Impresario Entertainment & Hospitality Pvt Ltd vs S&D Hospitality[6]held that mere interactivity of website with no intention to target the users outside the state where the host website is located does not attract the jurisdiction of the forum court.

 However, India is not a signatory to the proper international instrument which covers the cyber jurisdiction of all the nations around the world yet. Section 4[7] of the IPC also deals with the extraterritorial jurisdiction of India which penalizes the offence committed by any person in India and affects the computer resources in India.

There exists an anomaly between Section 188[8] of the CrPC and Section 4(3)[9] of the IPC and Section 75[10] of the Information Technology Act of 2000 as Section 188[11] of the CrPC does not recognize the offences mentioned under Section 4(3)[12] of the IPC and Section 75[13] of the IT Act. The obtuse interpretation of uncertain words ‘targeting’ and ‘involving’ which are used in Section 4(3)[14] of the IPC and Section 75[15] of the IT Act does not constitute an essential element of the cyber offence. This may en route a dark space to escape the offence committed from abroad (not within the jurisdiction of the forum state) which targets the computer resource and involve any computer system or computer network. It poses a question of jurisdiction on the forum state to trail the cyber offences committed outside India/ abroad and to prosecute any offence targeting the computer resource in India which would be very challenging.

This creates the question of jurisdiction of the offences committed abroad on the forum state and it burdens the victim to prove the above same to the forum court. So, India needs a constant and separate law which governs the jurisdiction of cyber offences committed within its territory and outside of its territory to avoid uncertainty in its application and to provide justice to victims by not showing the anomalies in the existing laws.


As far as the international scenario is concerned the only convention on cyber crimes made was Convention on Cybercrimes, 2001 by the European Council, also known as Budapest Convention, which increases the cooperation among the nations to promote the investigation techniques. However, India is not a signatory to this convention but reconsidering its stand since 2018. Article 22[16] of this convention provides the jurisdiction for the cyber offence if it is committed within its territory of the nation or on a ship/ aircraft registered under that law of the nation or by any person if that offence is punishable under criminal law where it was committed or if the offence is committed outside the territorial jurisdiction of any State. Article 32[17] convention allows trans-border access to collect data while investigating cyber offences. Another convention in the international scenario is the Palermo Convention by the resolution of the United Nations General Assembly, which is also known as the United Nations Convention against Transnational Organized Crime in 2002. India is a signatory to this convention and is obliged to adopt laws and frameworks which govern extradition and mutual legal assistance and law enforcement cooperation among other nations around the world. Albeit, it does not explicitly state anything about the cybercrimes. Even though the Budapest convention is legally binding the other nations, India is not a signatory to that. So, it would be recommended to adopt and enact the legislation which specifically and with certainty deals with the cyber jurisdiction nationwide and from an international perspective also.


 Cyber crimes pose a threat to a nation’s security and sovereignty and they may also degrade the friendly relations between the nations and many other things. The question of jurisdiction of the forum state or forum court plays a pivotal role in the regulation of these offences. However, it is difficult to identify the offender but it would be a piece of cake to commit the offence in this virtual world where physical presence is not necessary to commit the offence and he can perpetrate them from any part of the world. As a consequence of this, it becomes difficult to regulate transnational offences and transnational jurisdiction. And from analyzing the above laws and their existing loopholes, we can say that eradicating cyber offences would be difficult while dealing with its jurisdiction. So, it is the need of the hour to adopt and enact the unique law to remove the absurdities regarding the laws governing the jurisdiction and it may also amend the existing uncertainties in the law. It would be recommended to build a powerful legal instrument internationally to harmonize the ways of investigating and penalizing cyber offences and to promote cooperation among the countries.

Author(s) Name: Jagatha Sivani (Andhra University)


[1] Information Technology Act 2000, ch 11

[2] Information Technology Act 2000, ch 09

[3] Information Technology Act 2000, s 75

[4] Swaminathan v Somasundaram (1938) AIR Mad. 731

[5] SIL Import v Exim Aides Silk (1999) 4 SCC 567

[6] Impresario Entertainment & Hospitality Pvt Ltd v S&D Hospitality (2017) CS(COMM) 111/2017

[7] Indian Penal Code 1860, s 4

[8] Criminal Procedure Code 1973, s 188

[9] S.N.Mishra, Indian Penal Code (22nd edn, Central Law Publications 2021)

[10] Information Technology Act 2000, s 75

[11] Criminal Procedure Code 1973, s 188

[12] Indian Penal Code 1860, s 4(3)

[13] Information Technology Act 2000, s 75

[14] Indian Penal Code 1860, s 4(3)

[15] Information Technology Act 2000, s 75

[16] Convention on Cybercrimes 2001, art 22

[17]Convention on Cybercrimes 2001, art 32