NCRB releases misleading Cyber Crime data for 2015

As an annual ritual, National Crimes Record Bureau (NCRB) has released the Crime data for the year 2015 which includes data regarding Cyber Crimes registered and disposed off in India in 2015.

ncrb_cover

Copy of the Report :  Full Report : Cyber Crime chapter

Many news papers have reported on the data stating that Cyber Crimes have increased by a whopping 225% from 6268 to 14121 by addition of 8045 new cases registered during the year. (This pertains to cases registered under ITA 2000/8)

There have been analysis of which states have registered more cases, which City is int he forefront of Cyber Crimes etc.

According to the report   Uttar Pradesh registered 2208 cases in 2015, while Maharashtra registered 2195 cases in 2015 and Karnataka 1447 cases. On an all India basis, a total of 8045 new Cyber Crime cases have been registered in 2015.

If we also add the cases registered as “Cyber Crimes” but under different sections of IPC, the number of pending cases increased from 8032 last year to 19423 at the end of 2015 with 11592 new cases being registered. This shows an increase of 241% in pending cases.

Out of these cases a total of 276 ITA 2000 cases and 336 cases in total were recorded as “Disposed”  which would include those  dropped or transferred to other types of crimes. The disposal rate works out to 1.95% of the ITA 2000 cases and 1.72% of the total Cyber Crime cases.

We need to appreciate that this is the cases disposed off at the Police level and does not represent the disposal by Courts. It also does not include complaints registered and not converted into registered cases.

It is reported that  charge sheets were filed in courts in 3,206 cases but we may not have more than a few convictions during this period.   The total number of cases pending trial increased from 3917 last year to 7123 during the current year. 48 cases were compounded or withdrawn.

The statistics reveals that in 640 cases, trial were completed with  234 cases convicted and 406 discharged. Of the convictions it is interesting to observe that  143 convictions were under Section 66A which was repealed by Supreme Court in march 2015. 185 cases under Section 66A were acquitted while 2522 cases are still pending.

Deccan Herald has highlighted (See the report) the growing pendency of cases and we need to now look at solutions to address this issue rather than merely counting the arithmetics of crime statistics.

Looking at the motives, 3855 crimes were with the motive of financial gain while another 1097 are listed under fraud/illegal gain. Together 4952 crimes fall under these two categories. Insult to modesty of women, personal revenge and anger etc accounted for 1098 crimes while defamation accounted for 380. Extortion cases were 293 while hacking for fun was around 214.

While the trend in these crimes provide some good indication of what needs to be done to reduce the adverse effect of Cyber Crimes on the society, we need to ensure that these statistics in numbers have to be more reliable and reflect on the actual commission of offences. Otherwise,  the statistics provided by NCRB can be considered as misleading.

A part of this problem should be solved if Banks report the number of Credit Card, ATM card, Mobile wallet and Phishing frauds which will be necessary as per Cyber Security Framework 2016 suggested by RBI. Similarly we need to also record the innumerable Virus incidences, spamming, mobile thefts etc which are offences under Section 66 and 66B of ITA 2000/8 which appear to have escaped the NCRB report.

Obviously if we say the number of Cyber Crimes is not 6000 but 1 lakh, many eyebrows will be raised. But it is important to recognize that the problem of Cyber Crimes is really that large and needs to be addressed with better resource allocation both to the Police and Judiciary.

In fact Police should also take into account the possibility of “Friends of Cyber Police” drawn from the community who can at least help in getting Cyber Crimes reported properly. For this purpose Police should permit private organizations to receive online complaints and forward it to a central data base of the Government from which Police can take it up for investigation without waiting for a complaint directly from the victim. Some acceptable norms for this purpose can be drawn up. These will work like a private CERT in a limited way.

However, we need to point out  a serious flaw in the NCRB report which has been pointed out by us in the past and remains unattended. It also indicate the ignorance of the NCRB in ITA 2000/8.

I refer to table 18.2 on Cyber Crime incidences classified under different sections of ITA 2000/8 and IPC contained in the report which is reproduced below.

cyber_crime_cases_disposed_2015

 

If we observe this report, 88 cases have been reported under “Tampering of Computer Source Documents” which we may presume are cases registered under Section 65 of ITA 2000/8.

6567 cases have been reported under IT-Computer related Offences which includes 4154 cases under 66A, 132 under 66B, 1081 under 66C, 1083 under 66D ad 117 under 66E. Offences under Sections 66A,66B,66C,66D and 66E nicely add upto what has been reported as “IT related Offences” which is presumably referring to Section 66.

It is unfortunate that NCRB does not recognize that Section 66 is an independent section and is not the aggregation of other sections 66A to 66E. By using this classification, NCRB is suggesting to all the Police stations that cases under Sec 66A to 66E are actually to be aggregated as offences under Section 66 and no case need to be registered under Section 66. I am sure that most cases that ought to fall under Sec 66 have been registered under Section 65.

If these charge sheets go to Courts, I wonder how the Courts can proceed since informed lawyers will simply demolish the case just stating that a charge listed under the charge sheet under Section 65 does not hold.

I wish NCRB consults NPA and revises the format of the Crime report system so that this error does not continue in the next year.

When we discuss the states where there are more crimes based on this report, we must remember that if the Police and Public are aware of Cyber Crimes and register complaints, it will naturally appear in this list. If they are ignorant and register cases under other laws or donot register cases at all, then obviously it will not reflect in the report. Hence it is not correct to reflect on the state of Cyber Law and Order in a state solely by referring to this list. In fact the reason why Uttar Pradesh tops the list is because they have efficient police officers in Noida who have registered a number of Cyber crime cases which should actually be appreciated.

The report says that 13 cases of Cyber Terrorism under Section 66F have been registered. Since this section carries “Life Imprisonment” it is the most serious offence under ITA 2000/8 and we need to know which are these cases and whether they represent any wrong interpretations. In fact the real Human Rights Activists (Not the Pseudo Activists who consider only terrorists as their subjects) should look at these 13 cases and ensure that there has been no incidence of misapplication of law for political or other considerations.

I request  NCRB to provide the details of these 13 cases to clarify the position.

What   we may however discuss is that while the number of cases registered is far less than the real incidence of Cyber Crimes (if we include the e-banking frauds), the disposal rates are only less than 2 % at the level of the police while at the Court level it is Zero percent.

The lack of a proper Cyber Judicial system in India to address Cyber Crimes is therefore very evident. Since no cases get disposed, it discourages public from reporting cyber crimes and even the Police are disinterested in pursuing investigation since it is a complete waste of time.

I suppose that the responsibility for this situation should be taken by the Chief Justices of State High Courts and the Supreme Court more than any body else. The Supreme Court does not find it inappropriate to spend time and also pull up the executive for their administrative lapses and irrelevant political cases but remains completely unconcerned when the Cyber Crime victim’s interests are involved.

There are several cases not only in Karnataka High Court but also in Nagpur where the non appointment of the CyAT chair person has been raised. But each time the DeiTy has stated that the matter is pending with Supreme Court for approval of a candidate and  State High Courts have simply closed the case. Last time it was even understood that Justice Mrs Vasuki of Chennai was appointed for the post but it never materialized. Now there is no other option left but to move contempt of court petitions against DeiTy which I understand is happening in Nagpur.

However, even if a High Court directs the DeiTy to appoint a CyAT chair person, it is unlikely to make any change to the current scenario of pending cases and non recognition of many incidents as crimes. We need multiple steps to be introduced in this regard to improve the Cyber Judicial system in India.

I will provide some suggestions in this regard in another post and  wish responsible MPs like Mr Rajeev Chandrashekar move a motion in the Parliament for a new Parliamentary committee to be set up to completely revise the Cyber Judicial system.

..Suggestions in the next post

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.