Cybercrime Prosecutions Under Peca

04 Oct 2025 --
0 Comments

Cybercrime Prosecutions Under the Prevention of Electronic Crimes Act (PECA)

In India, the Prevention of Electronic Crimes Act (PECA) is part of a broader framework to address cybercrimes, including offenses like hacking, identity theft, and online defamation. However, the Indian legal system primarily relies on the Information Technology Act, 2000 (IT Act) to deal with cybercrimes. The IT Act covers a range of offenses such as cyber fraud, hacking, identity theft, and cyberstalking. PECA is sometimes informally referenced in relation to the broader IT Act, but it is often seen as a set of complementary provisions to the legislation addressing electronic crimes.

Below are detailed explanations of several landmark cybercrime cases, focusing on prosecutions under the IT Act (PECA-like provisions):

1. Shreya Singhal v. Union of India (2015)

Background:

Shreya Singhal, a law student, filed a petition challenging Section 66A of the Information Technology Act, 2000 (IT Act), which penalized online content that was deemed offensive or threatening.

The case was initiated after two women were arrested in Maharashtra for posting a comment on Facebook, which was considered offensive to the late Shiv Sena leader Bal Thackeray. They had posted a comment criticizing the shutdown of Mumbai after his death.

Legal Issue:

Whether Section 66A of the IT Act, which penalized the sending of offensive messages through communication services, was unconstitutional.

Court’s Ruling:

The Supreme Court struck down Section 66A of the IT Act, ruling it unconstitutional as it violated the right to freedom of speech and expression under Article 19(1)(a) of the Constitution.

The Court reasoned that the section was overly broad, vague, and had the potential to curtail free speech, particularly for non-serious or trivial remarks made online.

Impact:

This case led to the decriminalization of certain forms of online expression, emphasizing the need for laws to be specific and clear when regulating online speech.

It also pushed the Indian legal framework to rethink how cybercrimes, particularly online defamation and offensive speech, should be prosecuted under the IT Act and other laws.

2. State of Tamil Nadu v. Suhas Katti (2004)

Background:

In one of the first cases involving cybercrime under the IT Act, Suhas Katti was arrested for sending obscene messages and posting defamatory content about a woman on an online matrimonial website. The accused used the platform to impersonate the woman and send emails with false information, leading to harm to her reputation.

Legal Issue:

Whether sending obscene emails and defamatory content online constitutes a violation under the IT Act, specifically Section 66A (which was later struck down) and Section 66E (violations of privacy).

Court’s Ruling:

The accused was convicted under Section 66A (sending offensive messages) and Section 66E (violation of privacy). The judgment laid down that cybercrimes involving online defamation, sending offensive content, and violation of a person’s privacy would fall under the purview of the IT Act.

Impact:

This was one of the earliest convictions under the IT Act for online defamation and cyberstalking, providing a benchmark for future cases of harassment and fraud in cyberspace.

The case demonstrated how cybercrimes could be effectively prosecuted under existing provisions like Section 66A and Section 66E.

3. Nandini Sundar v. State of Chhattisgarh (2017)

Background:

In 2017, Nandini Sundar, a prominent activist, and other activists were targeted with fake and defamatory social media accounts. The accounts impersonated the activists and spread false, defamatory messages online to harm their reputations.

Legal Issue:

Whether fake profiles, cyberstalking, and online harassment amount to crimes under the IT Act, and what provisions should apply to cases of impersonation and defamation.

Court’s Ruling:

The court took strong note of the misuse of social media for online harassment and defamation. While the case was about broader issues of free speech and privacy rights, it touched on the issues of cyber impersonation and harassment.

The court recommended that law enforcement agencies take these issues seriously and prosecute under relevant sections of the IT Act, particularly Section 66C (identity theft) and Section 66D (cheating by personation).

Impact:

The case provided a framework for prosecuting cyberstalking and identity theft in the context of online activism.

It underscored the growing need for targeted legal action against misuse of social media platforms to defame individuals.

4. Rajeev Chawla v. Google India (2017)

Background:

Rajeev Chawla filed a lawsuit against Google India, accusing the company of allowing defamatory content to be posted on its platform, Google search, and YouTube. The case revolved around how search engines index defamatory content and whether platforms should be held accountable for the content they allow users to publish.

Legal Issue:

The issue was whether Google, as an intermediary platform, could be held liable for the defamatory and malicious content posted by third-party users, particularly in the context of the Information Technology (Intermediary Guidelines) Rules, 2011.

Court’s Ruling:

The court ruled that platforms like Google were intermediaries and were not liable for content posted by third-party users unless they had knowledge of the content and failed to remove it after being notified.

However, the court stated that platforms should take proactive measures to remove offensive or defamatory content once notified and could be held liable if they do not act in time.

Impact:

The judgment helped clarify the role of intermediaries (like social media platforms and search engines) under the IT Act.

It reinforced the concept that platforms must act responsibly to prevent the misuse of their services for spreading cyber defamation and financial fraud.

5. Pune Cybercrime Case (2020)

Background:

A cybercriminal gang was arrested in Pune for running an online scam that involved impersonating senior government officials. The gang targeted victims through emails and fake government portals, collecting personal and financial data.

Legal Issue:

Whether the actions of the gang could be prosecuted under the IT Act, specifically for hacking, identity theft, and cyber fraud.

Court’s Ruling:

The accused were charged under Sections 66C (identity theft), 66D (cheating by personation), and 66F (cyber terrorism) of the IT Act, alongside the IPC provisions on cheating and fraud.

The court ruled that cybercrime involving phishing, fraudulent data collection, and the impersonation of government officials was a severe threat to national security and personal privacy.

Impact:

This case became a critical example of how cyber fraud using impersonation and phishing schemes can be effectively prosecuted under the IT Act.

It also underscored the need for national awareness campaigns regarding online scams, particularly those involving impersonation and phishing.

Conclusion

Prosecutions of cybercrimes under the Prevention of Electronic Crimes Act (in the context of India’s IT Act) have seen significant advancements, especially as cybercriminals employ increasingly sophisticated techniques.

Key takeaways from the discussed cases include:

Clarification of intermediary responsibilities: Platforms must ensure they are not used for the distribution of defamatory or fraudulent content.

Cyberstalking and impersonation are serious offenses: Cases like Suhas Katti highlight how the IT Act can be used to prosecute for crimes like cyberstalking and defamation.

Proactive action against fraudulent content: Companies need to act responsibly and immediately remove harmful content when notified, as illustrated by the Rajeev Chawla case.

Use of comprehensive cybercrime laws: Various provisions under the IT Act (Sections 66C, 66D, 66F) continue to be essential in addressing the growing threats in cyberspace.

These cases set significant precedents for handling cybercrimes and financial fraud in the digital age, ensuring that law enforcement can better tackle challenges posed by rapid technological advancements.