Wednesday, December 6, 2017

ANALYSIS OF NCRB2016 FROM CYBER LAWYERS PERSPECTIVE



National Crime Records Bureau under Ministry of Home Affairs India has published data for year 2016 recently. This report provides comprehensive statistics on crimes including the Crime trends, in the whole Country, covering all States/UTs of India. Over the years, the ‘Crime in India’ has become the principal reference document for accurate and reliable information on crimes and criminals, for researchers, criminologists and officials of criminal justice delivery system in the country. This data is widely used in India and abroad for academic purposes, and also by MHA/State Governments in framing Public policies.
This analysis of the NCRB is carried out in order to benefit researchers as well as law enforcement agencies, I T Firms, Software/Hardware manufacturers, lawyers, judges, media and all those who are concerned with the law and order situation in India. The simple explanation of the NCRB statistics and what should be read between the lines from perspective of Adv. Mahendra Limaye; a renowned Cyber Legal Consultant in India will certainly help all the researchers to understand present and future impact and significance of cyber crimes and how to formulate strategies to respond. By reading this analysis I am sure all will be benefitted and will try to overcome the present shortcomings in cyberspace thereby making the cyberspace a better place to live in coming days.
A total of 48, 31,515 cognizable crimes comprising 29, 75,711 Indian Penal Code (IPC) crimes and 18, 55,804 Special & Local Laws (SLL) crimes were reported in 2016, showing an increase of 2.6% over 2015 (47, 10,676 cases).During 2016, IPC crimes have increased by 0.9% and SLL crimes have increased by 5.4% over 2015.

As per reports present government has been able to contain the crime and no significant increase in crimes has been observed. So Law and Order is not the major cause of concern. We directly move to chapter 9A which deals with cyber crimes and our focus area.

Chapter 9A/9B of this report provides statistics for Cyber Crimes which is more significant for the researcher.

Total cyber crimes in 2014, 2015 and 2016 were respectively as 9,622 11,592 12,317 and percentage growth in 2014 – 2015 is 20.5% and in 2015 – 2016 it is 6.3%.

This is very encouraging figure because after digitalisation it was expected that there would be unprecedented growth in Cyber Crimes but all the analysts were proved wrong by these statistics of marginal growth of 6.3% only. At the same time there are few doubts about these numbers since the number of digital transactions has increased many folds and it is really difficult to believe that all the digital users have become very safe and smart and not falling prey to any of the traps laid by cyber criminals. There is also base for this doubt as Government has initiated various projects to set up cyber forensic labs as well as cyber crime police stations in almost all district places in the states. Hence there is every reason to doubt methodologies used in compiling statistics about cyber crimes.

In total percentage of cyber crimes across India Maharashtra contributes second i.e. 19.3% behind UP which contributes 21.4% followed by 8.9% in Karnataka and 7.6% by Rajasthan. These 4 states alone contribute 57.2% i.e. more than half in amongst 29 states and 7 U/T’S.

It shows that more focus of cyber criminals is on the dense populated states because strike rate is better in those states. If 2 out of 4 states i.e. Maharashtra and Karnataka are considered as consisting Tech Savvy and digital literate population and still contributing most in cyber crimes, this should be cause of concern. If these techs savvy population fall prey to traps laid by cyber criminals then situation will be more alarming when these criminals will focus and shift there attack on less tech-savvy and less digital population across India. This may be one of the inferences that digital literate population may be more careless when it comes to Cyber Security measures and hence more prone to cyber crimes.

Average cyber crimes rate population-wise was 1%; highest being 2.1% in Assam closely followed by 2% in Maharashtra, 1.8% in Karnataka and 1.6% in Telangana and Least being 0.1% in most of the union territories. UP with highest population have 1.2% crime rates with regards to population. Maharashtra witnessed 1879, 2195 and 2380 cyber crimes in last three years whereas in UP the figures are 1737, 2208 and 2639 and in Karnataka 1020, 1447, 1101. Rest states have three digit cyber crime figures.

Stat shows marginal growth in Maharashtra and UP and negative growth in Karnataka and again fear of policing in minds of cyber criminals and proactive security habits of the citizen needs to appreciated. But if we just expand this logic further to entire Indian population as of date which is roughly 125million then whether 12317 cyber crimes can be justified? So it can be inferred that something is wrong in the figures published by NCRB.

Source code theft (Sec 65) 78 and Cyber Terrorism (Sec 66f) 12 were the least imposed sections for booking under cyber crimes by police. Total 6818 cases were registered under various sections of 66(3321), 66b (196), 66c (1545), 66d (1597), 66e (159). Under pornography provisions of section 67,67A, 67B the total crimes registered were 947 and 10 crimes were registered under section 67C i.e. Intermediaries violations. Under 72A, breach of confidentiality and privacy 35 crimes were registered.

Broad break-up of Cyber crimes under IT Act, IPC and SLL is very startling. Though acknowledged as cyber crimes police registered 8522 cases under I T Act and 3479 cases under IPC by not imposing provisions of I T Act, which in fact is special act and gives police enormous powers in all respect. This trend also shows lack of procedural understanding about the special act passed by Indian Parliament known as Information Technology Act. This act supersedes other laws and has very strong provisions in favour of police and has given much needed strength to police force for search and seizure. The effective use of this act will certainly deter the criminals and will also improve much needed detection and conviction rate. The other reason of non-application of I T Act could be it mandates investigation by officer not below the rank of Police Inspector and department may be facing shortage of PI’s or not willing to engage PI’s in investigation of cyber crimes due to other factors. But it’s not good sign to book criminals under IPC when the powerful  I T Act is at the discretion of police.

Out of total 2380 crimes registered in Maharashtra, police imposed I T Act in 359 cases and IPC as main section in crime in 2006 cases whereas in 15 cases other laws were invoked. In contrast, Uttar Pradesh where highest cyber crimes were registered, out of 2639 crimes I T Act was imposed in 2562 cases whereas IPC in only 75 cases and other laws in only 2 cases. In Karnataka out of 1101 crimes I T Act was imposed in 1091 cases. Apart from Maharashtra, Gujarat (247/362) and Odisha (292/317) are other states where police imposed IPC as major section in registering cyber crimes.

In Maharashtra situation is alarming and police though acknowledging the crime as cyber crime have failed to impose provisions of I T Act .This may be due to lack of knowledge of I T Act or may be the legal assistance available to police may not  be comfortable in imposing I T Act provisions due to their digital illiteracy. It is always duty of police to apply the appropriate sections when complainant reports the complaint and this application of IPC in 2006 cases out of total 2380 cases shows the mindset and training the officers have received .There seems to be urgent need to enhance knowledge of police. The state of UP which is supposed to be not so progressive has imposed I T Act in 2562 cases out of total 2639 and other I T Savvy state Karnataka imposing almost 100% I T Act provisions, should be an eye opener to Maharashtra police.

Moving to investigative skills 11870 cases were pending in 2015 and adding 12317 cases in 2016 total pending investigation cases as per statistics as on date are 24187. Out of these cases police states that they have insufficient evidence in 4424 cases in which investigation can not be taken up further and 276 cases were falsely filed in police stations whereas in 513 cases, mistake of facts is reported and hence those would also be closed. Rate at which charge sheets are filed is 41% and pendency rate is 60%.

The stats about total 24187 cases of cyber crimes are pending speak loud and clear about the training and technical investigative skill available with the police force in India. It shows that police are way behind the criminals and very ill-equipped to investigate in cases of Cyber crimes. There could be many factors to this and I try to asses few factors from my perspective.
1)      Jurisdiction – According to me territorial boundaries of state police and formalities involved in getting the permission of inter-state investigations is most significant factor. As police is State subject and cyber criminals are committing crimes in borderless cyberspace across India and from abroad also, it makes police very difficult to break the shackles of traditional policing and restrict their investigation to state territories only. Police should set free from territorial jurisdiction mindset and should start synchronising with their counterparts in other states for speedier and effective investigations. This will also warrant some changes in basic laws related to jurisdiction but those changes could be easily carried out by present Strong Central Government.
2)      Petty Amount ­– It has been observed that for offenses below Rs.25, 000 where criminals are from different states, police normally even don’t initiate the investigation and are also reluctant to register even FIR. This mindset of police is now known to criminals and hence they restrict their greed to maximum sum of Rs.25, 000 and police fall in those traps and thereby criminals daring to commit more crime with petty amount increase. If there is no fear of Police or law to the criminals then it is not at all good sign.
3)      Mindset of police- The police mindset in responding complaint is the one of the measure causes for less reporting of cyber crimes. It has been observed that police try to make all the complaints non-cognisable and therefore don’t carry any investigation except issuing receipt of the complaint. If complainant persistently visits the police station then many times he is scolded about his fault and ignorance and thereby falling prey to crime and unnecessarily increasing workload of police. Many times complainants’ are guided by such officers who are not even capable of understanding the gravity of cyber crime and magnitude of cyber crime. In many cases police advice complainant to directly report to concerned bank or shopping website or social media site or payment gateway etc and these agencies absolutely don’t take any cognisance of such complaints or reports. So it can be summarised that non-responsive attitude and mindset of police is measure cause of concern in less reporting of cyber crimes.
4)      Non co-operation and non-speedier response of intermediaries ranging from search engines, Telco’s, banks ,payment gateways , social media websites and all the internet giants is measure hindrance in police investigation and many times it is observed that LEA’s have practically become handicapped for want of crucial evidence from these intermediaries. Also absence of single non regulatory mechanism for various cyber-space activities like issuance of domain name, different set of municipal laws, different privacy laws applicable in different parts of world etc. Is also major cause and which needs to addressed on priority.     
5)      Investigative Skills- The other major obstacle in pendency rate is that police machinery is lacking much needed expertise required for gathering cyber forensic evidence and applying proper logic in the given set of facts. The traditional mindset revolves around motives alone and in contrast cyber crimes are totally of different nature and requires extra-ordinary and out of the box skills for investigations, which at present is not available with police force and special efforts should be carried out to enhance the same.
6)      Lack of PROACTIVE policing- The failure in proactive policing specially with regards to cyber crimes is not good and should be another focus area.

Maharashtra had 5074 cases and UP had 4257 cases for investigation in 2016 and out of which 800 and 1153 were declared as having insufficient evidence respectively.

This should be other focus area. Since crimes are committed with digitalised medium and certainly there should be digital traces or footprints left on many locations by cyber criminals. It is practically unacceptable to believe that insufficient evidence is available with police and hence they can’t investigate in cyber crimes. As crimes are committed with technological aid, same technology should be capable of tracking the criminals and what I think lacking are the investigative skills in evidence gathering and use of proper skills to connect the dots.

The performance of courts is more depressing. Out of 10164 cases pending for trial only 743 cases were disposed including 40 cases in which compounding was allowed. And out of 743 disposals acquittals/discharges were in 542 cases and conviction in only 201 cases. With very poor conviction rate of 27.1% and 92.3% pendency rate the situation is not at all promising in Digital India.

Large rate of pendency of trials in courts must be other area of concern and needs to be addressed on priority. If only about 8% cases are disposed off during entire year then just imagine the time and measures which judiciary will be required to take to achieve at least 50-60% disposal? Also out of 8% cases disposed the acquittal rate at 75% is alarming .This speaks about lack of establishing sufficient evidence to prove the crime as well as lack of skills of prosecution lawyers as well as IO’s to put up the case in court of law. Less is commented about role of defence lawyers who are always ready to exploit and highlight these evidential lacunas before the court and make the charges framed on their client null and void. If after crossing so many obstacles, cyber crime matter is subjected to trial and therein acquittal is the resultant then this situation warrants urgent attention. The other focus area should be why so less disposal rate? Are we due for major changes of inception of digitalisation like sending summons through e-mail and submission of documents/replies etc. through online filing and recording statements etc. through video conferencing? There could be various suggestions for reducing the large pendency rate in cyber crime cases and these suggestions warrant urgent attention at higher level. Another reason of the pendency in judiciary could be, with due respect to all the Learned Judges, lack of confidence and knowledge to take up the matters of cyber crimes by the bench. I certainly don’t think this could be one of the reasons of pendency but such possibility can’t be ruled out and needs to be rectified.

The above are my personal views and based of little understanding I have about the working experience of cyberspace and cyber litigation for last eight years. I firmly believe that these figures are not reflecting true picture of cyber crime scenario in India and something is terribly wrong in compiling this stats. I believe the rate of cyber crimes should be much higher than published and due to which enormous economical loss as well as lack of confidence in digitalized surrounding is evident. The social media is playing very crucial role in increase of cyber crimes like identity theft and personation etc. as well as financial crimes.

A last word of caution; Even it has been reported that only 10 crimes were registered under section 66F i.e. Cyber Terrorism, this crime should be focused with maximum priority as it has potential to destabilize the nation and cause enormous damage to unity and integrity of the nation.