Editorial

Addressing the Legal Gaps in Cybercrime Prosecution

“The internet knows no borders, yet our laws remain constrained by geography.

Sentinel Digital Desk

Hriday Sarma 

(hridaysarma@yahoo.co.in)

“The internet knows no borders, yet our laws remain constrained by
 geography. The battle against cybercrime demands a global response, driven by collaboration and innovation.” — Alex Michaels, Gartner Security & Risk Management Summit (March 2025), Sydney.

In today’s interconnected world, cybercrime has emerged as one of the most pressing challenges, transcending borders and exposing the limitations of traditional legal frameworks. The overlap between internet security and cybersecurity has made tackling cyber threats a global necessity rather than a regional concern.

In India, where digital adoption has surged, vulnerabilities have also escalated, leaving individuals and institutions increasingly exposed to online banking fraud, ransomware attacks, and identity theft. However, gaps in legal enforcement, jurisdictional constraints, and outdated regulatory mechanisms continue to hinder the effective prosecution of cybercriminals. How long can we afford to lag behind in addressing this growing menace? What urgent reforms are needed to bridge these gaps before more lives and livelihoods are irrevocably damaged?

While India’s lawmakers and law enforcement agencies have made progress in recognising the importance of cybercrime prosecution, implementation remains inadequate, often leaving victims without timely relief and allowing offenders to exploit procedural loopholes. According to the National Crime Records Bureau (NCRB), cybercrime cases in India rose by 24.4%, with 65,893 cases registered in 2022, up from 52,974 in 2021. The cybercrime rate increased from 3.9 to 4.8, with 64.8% of cases related to fraud.

Although Assam has shown notable improvements in overall crime reduction, as highlighted in the NCRB’s 2024 report, the state’s persistent challenges in combating cybercrime emphasise the need for systematic legal reforms and enhanced technological capabilities. Without stronger enforcement, streamlined investigative procedures, and cross-border cooperation, the fight against cybercrime will continue to be an uphill battle.

A recent case in Assam highlights these concerns. The infamous cryptocurrency fraud involving the BitForex app, where individuals in Karimganj duped investors with promises of high returns, stands out not just for the magnitude of financial loss but also for its procedural failings. Despite the recovery of Rs 50 lakh in cash and incriminating digital evidence, the prosecution’s inability to establish a cohesive forensic trail linking the accused to the fraudulent transactions led to the dismissal of the case. Despite the recovery of Rs 50 lakh in cash and incriminating digital evidence, the prosecution’s inability to establish a cohesive forensic trail linking the accused to the fraudulent transactions resulted in the Gauhati High Court granting bail, a fundamental right that, of course, cannot be denied unless there is sufficient evidence to warrant detention.

The lack of advanced forensic capabilities, procedural inefficiencies in managing digital evidence, and the absence of international cooperation mechanisms seem to have exacerbated the prevailing situation. Such shortcomings are emblematic of the broader challenges India faces in tackling cybercrime, where outdated methodologies collide with technologically advanced criminal operations.

The procedural lacunae in Assam’s cybercrime cases echo a larger issue seen worldwide. Jurisdictional barriers, especially in crimes involving cross-border digital platforms, often stall investigations. In the Karimganj case, the fraudulent activities were tied to servers located abroad, yet the lack of international cooperation agreements left investigators stranded. This is not unique to Assam or India. Globally, cybercrime investigations face hurdles due to the decentralized nature of the internet, which allows perpetrators to exploit legal and jurisdictional grey areas. Countries like the United States and members of the European Union have begun addressing these challenges through proactive international collaboration and specialized cybercrime units. However, India, and Assam in particular, still lag in creating robust frameworks that enable similar cooperation, leaving victims of cyber fraud with little recourse.

Another pressing issue is the technological inadequacy within the state’s law enforcement apparatus. While Assam’s police force has made commendable efforts to adapt to new-age crimes, it lacks the advanced tools and expertise necessary for decrypting financial transaction histories or recovering encrypted data—a crucial aspect of cybercrime prosecution. Furthermore, there is an urgent need for a streamlined protocol for engaging technology firms that host suspect platforms. Without such collaboration, investigations often end up relying on incomplete or compromised digital trails, giving defence lawyers ample room to challenge evidence in court.

The lack of uniform training for judges, prosecutors, and investigating officers further compounds the issue. Cybercrime cases demand a nuanced understanding of digital evidence, encryption technologies, and cross-border legal frameworks—areas where many members of the judiciary and law enforcement are inadequately prepared. This knowledge gap is evident not only in Assam but across India, where traditional approaches to evidence gathering and prosecution are proving insufficient in the face of increasingly complex cybercrimes. The judiciary’s reliance on outdated legal precedents and investigatory techniques underscores the need for modernisation and capacity building to ensure justice in such cases.

The global fight against cybercrime offers valuable lessons for Assam and India at large. Countries like Estonia, often hailed as digital society pioneers, have demonstrated the importance of integrating technology into governance and legal processes. Estonia’s robust digital infrastructure and its proactive approach to cybersecurity have enabled it to address cybercrimes effectively, even when they involve international actors. Similarly, closer to home, Singapore’s investment in cyber forensics and its collaborative efforts with global enforcement agencies highlight the benefits of adopting a forward-thinking approach. Assam can draw inspiration from these examples by prioritising investments in technological infrastructure and fostering international partnerships to strengthen its cybercrime response.

At the heart of Assam’s challenges lies an urgent need for policy reform. Modernising cybercrime laws and updating enforcement mechanisms to reflect the evolving digital landscape is a critical first step. Additionally, the state must prioritize capacity building by training law enforcement officers and legal professionals in handling digital evidence and utilising advanced forensic tools. Establishing specialised cybercrime units with technical expertise and robust coordination across local, national, and international levels can greatly strengthen Assam’s capacity to effectively investigate and prosecute complex cybercrime cases. Moreover, fostering public-private partnerships with technology firms can provide the technical support required for real-time investigations and evidence collection. Public awareness campaigns about cyber threats and preventive measures are equally important to empower citizens and reduce vulnerabilities.

The ongoing high-profile cybercrime cases, such as the Karimganj cryptocurrency fraud, should serve as a wake-up call for Assam. They highlight not only the state’s technological and procedural deficiencies but also the broader systemic challenges India faces in ensuring justice in the digital age. Without concerted efforts to bridge these gaps, cybercriminals will continue to exploit vulnerabilities, eroding public trust in the justice system. By embracing technology, fostering collaboration, and modernising its legal and investigative frameworks, Assam can set an example for the rest of the country in tackling cybercrime effectively and ensuring that justice is not just a promise but a deliverable reality.

(Dr Hriday Sarma is a Guwahati-based advocate.).