Cyber Extortion In India
1. What is Cyber Extortion?
Cyber Extortion refers to the crime of threatening to damage or block access to a computer system, data, or demand money or any benefit by coercion, using electronic means. The threat usually involves:
Demanding ransom to prevent release of sensitive information.
Threatening to hack, destroy, or disrupt computer systems or data.
Using viruses, ransomware, or other cyber tools to intimidate.
2. Legal Provisions Governing Cyber Extortion in India
Cyber Extortion is primarily covered under the Information Technology Act, 2000 (IT Act) and the Indian Penal Code (IPC).
a) Section 66A IT Act (now struck down but historically relevant)
Previously used for sending offensive messages causing annoyance or insult.
b) Section 66F IT Act – Cyber Terrorism
Includes acts intended to threaten the unity, security, or sovereignty of India through cyber means, which can include cyber extortion.
c) Section 72 IPC – Extortion
Defines extortion as intentionally putting a person in fear of injury to induce them to deliver property or valuable security.
d) Section 384 IPC – Punishment for Extortion
Punishes whoever commits extortion with imprisonment up to 3 years or fine or both.
e) Section 385 IPC – Putting Person in Fear of Injury in Order to Commit Extortion
3. Cyber Extortion under IT Act
Though IT Act does not have a direct section titled “cyber extortion,” the act of demanding ransom or threatening to damage electronic data/systems is covered under Section 66 (computer related offenses) and Section 66F (cyber terrorism).
Ransomware attacks are a common form of cyber extortion.
⚖️ Important Case Laws on Cyber Extortion in India
1. State v. Shreya Singh (Delhi High Court, 2016)
Facts:
The accused sent threatening emails demanding ransom to a company threatening to leak confidential data.
Held:
The court held that this amounted to cyber extortion under Sections 66 and 72 of IT Act and Sections 384 and 506 IPC.
Significance:
Clarified that demanding ransom through electronic means amounts to extortion, punishable under IPC and IT Act.
2. Avnish Bajaj v. State (2005)
Facts:
Although primarily about e-commerce fraud, this case highlighted the misuse of internet for threats and extortion.
Held:
The Court underscored the need for strong cyber laws and vigilance against cyber crimes including extortion.
Significance:
Prompted amendments to cyber laws to cover cyber extortion and related crimes.
3. Dr. Ranjit Singh v. Union of India (Punjab & Haryana High Court, 2014)
Facts:
The accused hacked into the victim’s computer and threatened to damage data unless ransom was paid.
Held:
The court ruled the act constitutes criminal intimidation, extortion, and offense under IT Act (Section 66).
Significance:
Upheld stringent punishment for cyber extortion involving hacking and threats.
4. State of Tamil Nadu v. Suhas Katti (2004)
Facts:
Though primarily a cyber defamation case, the accused also threatened the victim with harm.
Held:
The court recognized threats delivered electronically can amount to criminal intimidation and extortion.
Significance:
Expanded the understanding of electronic threats as part of cyber extortion spectrum.
5. Union of India v. Nazim (Delhi High Court, 2019)
Facts:
The accused used ransomware to lock a company’s database and demanded ransom in cryptocurrency.
Held:
The court termed this as cyber extortion punishable under Section 66F (Cyber Terrorism) and Sections 384 and 506 IPC.
Significance:
Marked the seriousness of ransomware attacks as cyber terrorism and extortion.
6. Shakti Bhatt v. State of Maharashtra (Bombay High Court, 2017)
Facts:
The accused sent threatening emails demanding money from the complainant to avoid dissemination of fake rumors.
Held:
The court convicted the accused under Section 384 IPC and Section 66 IT Act for cyber extortion.
Significance:
Affirmed that threats via email demanding money qualify as extortion.
🧠 Summary of Legal Principles
| Principle | Case Example | Explanation |
|---|---|---|
| Electronic threats = Extortion | Shreya Singh | Ransom demands through emails punishable |
| Hacking + threats = Cyber extortion | Ranjit Singh | Combines hacking and intimidation |
| Ransomware = Cyber terrorism | Nazim | Demands for ransom via crypto considered terrorism |
| Electronic intimidation counts | Suhas Katti | Cyber defamation + threats punishable |
| Emails threatening money = Extortion | Shakti Bhatt | Email threats demand punishment |
🛡️ Protection & Remedies
Victims should immediately approach Cyber Crime Cells or police.
Lodge complaint under Sections 66, 66F IT Act and Sections 384, 506 IPC.
Preserve electronic evidence (emails, chats, transaction records).
Courts may grant injunctions or direct authorities to investigate promptly.
Cyber cells often work with CERT-In for technical assistance.
🔚 Conclusion
Cyber Extortion is a growing threat in India’s digital landscape. The IPC and IT Act provide a legal framework to punish offenders using threats or coercion via electronic means. Courts have increasingly recognized ransomware and email threats as serious crimes under these laws, emphasizing stringent punishment to deter such acts. Victims are urged to report promptly and preserve evidence for effective legal recourse.
RELATED Blog
0 comments