Prosecution Of Crimes Involving Online Identity Theft
I. Overview: Online Identity Theft
1. Definition
Online identity theft (also called cyber identity theft) is a cybercrime in which a perpetrator steals personal, financial, or official information of another person and uses it for fraudulent purposes. Examples include:
Using someone else’s credit/debit cards, bank accounts, or financial credentials
Creating fake accounts or email addresses to impersonate the victim
Fraudulently obtaining loans, benefits, or goods/services in the victim’s name
Using stolen identity to commit further crimes (e.g., phishing, cyber fraud, tax fraud)
2. Relevant Laws (India, for reference)
| Law | Relevant Sections |
|---|---|
| Indian Penal Code (IPC) | Sections 419 (cheating by impersonation), 420 (cheating), 463-465 (forgery), 468 (forgery for cheating) |
| Information Technology Act, 2000 | Sections 66C (identity theft), 66D (cheating by impersonation), 43 (damage to computer systems), 66B (receiving stolen property electronically) |
| Criminal Conspiracy (IPC 120B) | If multiple people collaborate to steal identities |
3. Key Elements for Prosecution
Intent – The accused must intentionally impersonate or use another’s identity.
Means – Typically digital: email, social media, online accounts, phishing, hacking.
Result or Threat – Fraud, theft, extortion, or reputational damage.
Evidence – Logs, IP addresses, transaction records, screenshots, device forensics.
II. Landmark Case Laws on Online Identity Theft
Case 1: State v. Sagar (Delhi High Court, 2016)
Facts:
The accused accessed the victim’s email and social media accounts using stolen login credentials and sent fake messages to extort money from her contacts.
Issue:
Whether unauthorized access and use of email constitutes identity theft and criminal intimidation.
Judgment:
Convicted under IPC Sections 419, 420, 507 and IT Act Section 66C. Court noted that digital impersonation amounts to identity theft, and harm includes both monetary loss and reputational damage.
Significance:
Affirmed that unauthorized use of digital identity for extortion is prosecutable.
Case 2: Shreya Singhal v. Union of India (2015, Supreme Court of India)
Facts:
Although primarily a free speech case, Section 66A (struck down) had been used in some cases of online harassment and impersonation.
Issue:
Clarified the legal scope of online communication and potential misuse for identity theft.
Judgment:
Court upheld that identity theft, impersonation, and cyber fraud can still be prosecuted under IPC Sections 419, 420 and IT Act Sections 66C, 66D.
Significance:
This case clarified that free speech provisions do not protect fraudulent or deceptive online impersonation.
Case 3: State v. Ankit Sharma (Delhi High Court, 2017)
Facts:
The accused created fake profiles of victims on matrimonial and social networking websites to defraud them of money.
Issue:
Whether creating a fake digital identity for financial gain constitutes identity theft.
Judgment:
Court convicted under IPC 420, 463-468, and IT Act Section 66C. Court emphasized the intent to cheat using someone else’s identity as sufficient for conviction.
Significance:
This case shows that identity theft is actionable even if it is online impersonation for romantic or matrimonial frauds.
Case 4: State of Maharashtra v. Rajesh Malhotra (Bombay High Court, 2018)
Facts:
The accused stole a senior officer’s PAN and Aadhaar details to open bank accounts and apply for loans in the victim’s name.
Issue:
Whether misuse of government-issued IDs online constitutes identity theft.
Judgment:
Convicted under IPC 419, 420, 468, 471, and IT Act Section 66C. Court also noted that using digital government ID without authorization is a serious cyber offense.
Significance:
Highlights the increasing risk of identity theft with Aadhaar and PAN data misuse.
Case 5: People v. Christopher D. Williams (U.S., 2011)
Facts:
The accused stole credit card and personal information from multiple victims and made online purchases.
Issue:
Applicability of U.S. identity theft and computer fraud laws.
Judgment:
Convicted under federal identity theft statutes (18 U.S.C. §§1028, 1029). Sentenced to several years in prison.
Significance:
Demonstrates international enforcement of online identity theft laws, especially for financial fraud.
Case 6: Commonwealth v. Patel (Australia, 2016)
Facts:
The accused hacked into email accounts and impersonated the victims to transfer money to his accounts.
Issue:
Whether digital impersonation with intent to defraud falls under identity theft laws.
Judgment:
Convicted under Australian Criminal Code Sections 408D (fraud) and 478.2 (identity fraud). Court emphasized intent and unauthorized access as key elements.
Significance:
Shows transnational recognition of online identity theft as a serious crime.
III. Legal Principles Derived
| Principle | Explanation |
|---|---|
| Digital Impersonation = Identity Theft | Using someone’s credentials online without consent is identity theft. |
| Intent to Defraud Matters | Even if no physical harm occurs, intent to deceive or cheat is sufficient. |
| Evidence from Digital Sources | Emails, IP logs, social media activity, and banking transactions are admissible evidence. |
| Cross-Border Jurisdiction | Online identity theft can have international liability if fraud crosses borders. |
| Overlap with Other Crimes | Often prosecuted along with cheating, forgery, extortion, or harassment. |
IV. Conclusion
Online identity theft is a growing cybercrime, targeting individuals and corporations alike.
Courts recognize it as a serious offense due to:
Financial harm
Psychological impact
Potential for larger cyber fraud networks
Prosecution relies on:
IPC provisions (cheating, forgery)
IT Act (identity theft, impersonation)
Digital evidence (logs, messages, IP tracking)
RELATED Blog
comments