INTRODUCTION

The introduction of the internet has brought the tremendous changes in our lives. People of all
fields are increasingly using the computers to create, transmit and store information in the
electronic form instead of the traditional papers, documents. Information stored in electronic
forms has many advantages, it is cheaper, easier to store, easier to retrieve and for speedier to
connection. Though it has many advantages, it has been misused by many people in order to gain
themselves or for sake or otherwise to harm others. The high and speedier connectivity to the
world from any place has developed many crimes and these increased offences led to the need of
law for protection. Some countries have been rather been vigilant and formed some laws
governing the net. In order to keep in pace with the changing generation, the Indian Parliament
passed the law – Information Technology Act, 20001. The IT Act 2000 has been conceptualized
on the United Nations Commissions on International Trade Law (UNCITRAL) model law2.

The Government of India enacted its Information Technology Act, 2000 with the objectives
stating officially as: “to provide legal recognition for transactions carried out by means of
electronic data interchange and other means of electronic communication, commonly referred to
as “electronic commerce”, which involve the use of alternatives to paper-based methods of
communication and storage of information, to facilitate electronic filing of documents with the
Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act,
1872, the Bankers Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for
matters connected therewith or incidental thereto.”

THE CYBER OFFENCES

1
Act of the Indian Parliament (No 21 of 2000)
2
http://www.uncitral.org/uncitral/en/uncitral_texts/electronic_commerce/1996Model.html
Cyber offence is a generic term that refers to all criminal activities done using the medium of
computers, the Internet, cyber space and the worldwide web. Computer crime, refers to any
crime that involves a computer and a network. The computer may have been used in the
commission of a crime, or it may be the target. Dr. Debarati Halder and Dr. K. Jaishankar (2011)
define Cybercrimes as: “Offences that are committed against individuals or groups of individuals
with a criminal motive to intentionally harm the reputation of the victim or cause physical or
mental harm to the victim directly or indirectly, using modern telecommunication networks such
as Internet and mobile phones”.3 Such crimes may threaten a nation’s security and financial
health. Issues surrounding these types of crimes have become high-profile, particularly those
surrounding cracking, copyright infringement, child pornography, and child grooming. There are
also problems of privacy when confidential information is lost or intercepted, lawfully or
otherwise.

There isn’t really a fixed definition for cyber offence. The Indian Law has not given any
definition to the term ‘cyber offence’. The Indian Penal Code does not use the term ‘cyber
offence’ at any point even after its amendment by the Information Technology (amendment) Act
2008, the Indian Cyber law. In fact, it cannot be defined too. Offence or crime has been dealt
with elaborately listing various acts and the punishments for each, under the Indian Penal Code,
1860 and related legislations. To put it in simple terms ‘any offence or crime in which a
computer is used is cyber crime’. Interestingly even a petty offence like stealing or pick-pocket
can be brought within the broader purview of cyber crime if the basic data or aid to such an
offence is a computer or an information stored in a computer used (or misused) by the fraudster.
Hence, the concept of cyber crime, is just a “combination of crime and computer”.

The mens rea in case of ‘cyber crime’ comprises of two elements. First, there must be ‘intent to
secure access to any program or data held in any computer, computer system or computer
network. Secondly, the person must know at the time that he commits the actus reus that the
access he intends to secure is unauthorized. The intent does not have to be directed at any
particular program or data in any computer, computer system or computer network.

3
Halder, D., & Jaishankar, K. (2011) Cyber crime and the Victimization of Women: Laws, Rights, and
Regulations. Hershey, PA, USA: IGI Global. ISBN 978-1-60960-830-9
CYBER OFFENCES vs. CYBER CONTRAVENTIONS

Cyber Contraventions are ‘civil wrongs’ for which compensation is payable by the defaulting
party. Cyber offences on the other hand constitute cyber frauds and crimes which are criminal
wrongs for which punishment of imprisonment and/or fine is prescribed by the Information
Technology Act 2000. Cyber contraventions are covered under sections 43 to 45 of the Act, this
deals with illegal access to computer system or network whereas, Cyber offences are covered
under sections 65 to 74 of the Act, this deals with serious cybercrimes related to computer
system and network. The difference between ‘cyber contravention’ and ‘cyber offence’ is more
about the degree and extent of criminal activity rather than anything else. For example, a mere
unauthorized access to computer, computer system or computer network may amount to ‘cyber
contravention’ but for a ‘cyber offence’ it is the specific criminal violation that resulted from the
unauthorized access to a computer, computer system or computer network or computer resource
that has to be taken into consideration. The victim has a legal right to initiate both civil and
criminal proceedings against any offender under the Act.

CATEGORIES OF OFFENCES UNDER INFORMATION TECHNOLOGY ACT

Chapter 11 of the Information Act deals with the “Cyber Offences” ranging from Section 65 to
78. In the year 2008 the act was amended and various important sections were inserted as to meet
the exact requirement of the legislation. The increase rate of technology in computers has led to
enactment of Information Technology Act 2000. The converting of the paper work into
electronic records, the storage of the electronic data, has tremendously changed the scenario of
the country. Cyber offences are the unlawful acts which are carried in a very sophisticated
manner in which either the computer is the tool or target or both. The offences included in the IT
Act 2000 are as follows:

 Sec 65: Tampering with the computer source documents.

  Sec 66: Computer related offences like Hacking with computer system, theft, violation
of privacy, cyber terrorism, etc.
 Sec 67: Publishing of information which is obscene in electronic form including child
pornography.
 Sec 68: Power of Controller to give directions.
 Sec 69: Directions of Controller to a subscriber to extend facilities to decrypt
information.
 Sec 70: Protected system.
 Sec 71: Penalty for misrepresentation.
 Sec 72: Penalty for breach of confidentiality and privacy.
 Sec 73: Penalty for publishing Digital Signature Certificate false in certain
particulars.
 Sec 74: Publication for fraudulent purpose.
 Sec 75: Act to apply for offence or contravention committed outside India.
 Sec 76: Confiscation.
 Sec 77: Penalties or confiscation not to interfere with other punishments.
 Sec 78: Power to investigate offences.

SECTION 65- TAMPERING WITH COMPUTER SOURCE DOCUMENTS4

The objective of the section is to protect the “intellectual property” invested in the computer. It is
an attempt to protect the computer source documents (codes) beyond what is available under
the Copyright Law. This section extends towards the Copyright Act and helps the companies to

4
Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to
conceal, destroy, or alter any computer source code used for a computer, computer programme, computer system or
computer network, when the computer source code is required to be kept or maintained by law for the time being in
force, shall be punishable with imprisonment up to three years, or with fine which may extend up to two lakh rupees,
or with both.
protect their source code of their programmes. Section 65 is tried by any magistrate. This is
cognizable and non- bailable offence.

In Syed Asifuddin vs. State of Andhra Pradesh5, wherein Tata Indicom employees were arrested
for manipulation of the electronic 32-bit number (ESN) programmed into cell phones that were
exclusively franchised to Reliance Infocomm. The handsets, which were given to Reliance
Infocomm subscribers was technologically locked so that it would only work with the Reliance
Infocomm services. However, it came to the light during investigation that the supplied handsets
could be unlocked for the Tata Indicom service as well. The Court held that Tampering with source
code invokes Section 65 of the Information Technology Act.

SECTION 66- COMPUTER RELATED OFFENCES6

Computer related offences as articulated in this section include every sort of computer related
offences. Under this section, if any person, dishonestly or fraudulently, does any act referred to in
Sec 43, he shall be punishable. In other words, to be charged under section 66, any person must
cause a computer resource to perform a function with dishonest or fraudulent intent to secure
access, knowing that the access he intends to secure is unauthorized.

In order to make out an offence under this section, it is necessary to show that there was
destruction, damage, disruption, denial, deletion, concealment, tampering, manipulation, stealing
or alteration of information residing in a computer resource, which was being owned, managed,
operated or used by any person (natural or legal). The computer related offences may be committed
in respect of both tangible (physical) and intangible (non-physical) assests.

In the case of Kumar vs. Whiteley7 case the accused gained unauthorized access to the Joint
Academic Network (JANET) and deleted, added files and changed the passwords to deny access
to the authorized users. Investigations had revealed that Kumar was logging on to the BSNL

5
2005 Cr LJ 4314
6
If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with
imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with
both.
7
(2005) 2 SCC 235
broadband Internet connection as if he was the authorized genuine user and ‘made alteCruxn in
the computer database pertaining to broadband Internet user accounts’ of the subscribers. The
CBI had registered a cybercrime case against Kumar and carried out investigations on the basis
of a complaint by the Press Information Bureau, Chennai, which detected the unauthorized use of
broadband Internet. The complaint also stated that the subscribers had incurred a loss of Rs
38,248 due to Kumar’s wrongful act. He used to ‘hack’ sites from Bangalore, Chennai and other
cities too, they said. The Additional Chief Metropolitan Magistrate, Egmore, Chennai, sentenced
N G Arun Kumar, the techie from Bangalore to undergo a rigorous imprisonment for one year
with a fine of Rs 5,000 under section 420 IPC (cheating) and Section 66 of IT Act.

SECTION 66A-PUNISHMENT FOR SENDING OFFENSIVE MESSAGES THROUGH

COMMUNICATION SERVICE, ETC8.

In Shreya Singhal v. Union of India9 the two-judge bench of the Supreme Court of India in
2015, struck down Section 66A of the Information Technology Act, 2000, relating to restrictions
on online speech, unconstitutional on grounds of violating the freedom of speech guaranteed
under Article 19(1)(a) of the Constitution of India. The Court further held that the Section was
not saved by virtue of being 'reasonable restrictions' on the freedom of speech under Article
19(2). The case was a watershed moment for online free speech in India. The vague and arbitrary
terms used in the Section led to much misuse of both personal and political nature, with several
criminal cases being instituted against innocuous instances of online speech, including political
commentary and humor.

8
Any person who sends, by means of a computer resource or a communication device,—(a) any information that is
grossly offensive or has menacing character; or (b) any information which he knows to be false, but for the purpose
of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill
will, persistently by making use of such computer resource or a communication device, (c) any electronic mail or
electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the
addressee or recipient about the origin of such messages, shall be punishable with imprisonment for a term which
may extend to three years and with fine.
9
AIR 2015 SC 1523,
SECTION 66B- PUNISHMENT FOR DISHONETLY RECEIVING STOLEN
COMPUTER RESOURCE OR COMMUNICATION DEVICE10

The aforesaid section aims at punishing those who dishonestly receives or retains any stolen
computer resource or communication device knowing or having reason to believe the same to be
stolen computer resource or communication device. Under section 24 of the IPC the term
“dishonestly” is defined as causing wrongful gain to one or wrongful loss to another
intentionally. So, where a person has received, downloaded, copied or extracted any data,
computer database or information from such computer stored in any removable storage medium
with an intention to cause either wrongful gain or wrongful loss, it could be said that the person’s
act was committed dishonestly within the meaning of Sec 66B read with Sec 24 of IPC.

Offences u/s 66B are punishable with the imprisonment for a term which may extend to three
years or with fine which may extend to rupees one lakh or with both.

SECTION 66C- PUNISHMENT FOR IDENTITY THEFT11

This section is meant to protect the identity of a user in the online medium. The objective of the
section is to protect the privacy of all or any online users, including their personal information or
data. The perspective of the aforesaid section is not to merely protect the information. The
offence of “identity theft” is completed when there is a dishonest or fraudulent downloading,
copying or extraction of the electronic signature, password or any other unique identification
feature of any other person. In other words, the moment personal information is downloaded,
copied or extracted of any person- dishonestly or fraudulently, mens rea comes into existence.
Whether the offender makes use of such downloaded, copied or extracted personal information

10
Whoever dishonestly received or retains any stolen computer resource or communication device knowing or
having reason to believe the same to be stolen computer resource or communication device, shall be punished with
imprisonment of either description for a term which may extend to three years or with fine which may extend to
rupees one lakh or with both.
11
Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique
identification feature of any other person, shall be punished with imprisonment of either description for a term
which may extend to three years and shall also be liable to fine with may extend to rupees one lakh.
will be the actus reus component of the crime. This section is meant to protect all e-commerce
and e-governance services users.

SECTION 66D- PUNISHMENT FOR CHEATING BY PERSONATION BY USING

COMPUTER RESOURCE12

The key ingredient of this section is “cheating by personation by means of any communication
device [Section 2(1) (ha)] or computer resource [section 2(1)(k)]”. Cheating by personation by
using computer resources require: (1) whoever, (2) by deception of any person, (3) (a)
fraudulently or dishonestly inducing that person by personation -to accept, agree, transact or
deliver any data, information to any person; or to consent that any person shall retain any data,
information, etc.; (b) intentionally inducing that person to do or omit to do anything which he
would not do or omit, if he were not so deceived by such personation, (4) using any
communication device or computer resource.

It is important that instances of being fraudulent or dishonestly are being exhibited in the first
instance itself. For example, creation of clone websites to capture personal information of a user
amounts to cheating; likewise, intentionally creating a fake profile on matrimonial, social
networking sites with an intention to cheat will come under this section. In Sandeep Vaghese vs
State of Kerala13, a complaint filed by the representative of a Company, which was engaged in
the business of trading and distribution of petrochemicals in India and overseas, a crime was
registered against nine persons, alleging offenses under Sections 65, 66, 66A, C and D of the
Information Technology Act along with Sections 419 and 420 of the Indian Penal Code. The
company has a web-site in the name and and style www.jaypolychem.com' but, another web
site www.jayplychem.org’ was set up in the internet by first accused Samdeep Varghese @ Sam
in conspiracy with other accused. Defamatory and malicious matters about the company and its
directors were made available in that website. The accused and others sent e-mails from fake e-

12
Whoever, by means for any communication device or computer resource cheats by personating, shall be punished
with imprisonment of either description for a term which may extend to three years and shall also be liable to fine
which may extend to one lakh rupees.
13
Bail Application Nos.2003 & 2638 of 2010 (Kerela HC)
mail accounts of many of the customers, suppliers, Bank etc. to malign the name and image of
the Company and its Directors. The defamation campaign run by all the said persons named
above has caused immense damage to the name and reputation of the Company.
The Company suffered losses of several crores of Rupees from producers, suppliers and
customers and were unable to do business.

SECTION 66E- PUNISHMENT FOR VIOLATION OF PRIVACY14

The above section has made violation of ‘bodily privacy’ as an offence. Under this section, the
offender shall be punished with imprisonment which may extend to three years or with fine not
exceeding two lakhs rupees, or with both. It is imperative that section 66E should be applied with
sections 354A [sexual harassment and punishment for sexual harassment], 354B [assault or use
of criminal force to women with intent to disrobe], 354C [voyeurism] and 354D [stalking] as
introduced by the Criminal (Amendment) Act, 2013. The nature of offences may include
installation of spycams/hidden cameras/communication device inside washrooms, bedrooms,
changing rooms, hotel rooms, etc. for the purpose of violating bodily privacy of any
user/occupant of such nature.

SECTION 66F-PUNISHMENT FOR CYBER TERRORISM

Cyber terrorism as an offence exists in three forms. Essential ingredients of these forms of cyber
terrorism are:

FORM I:

1. An intention to threaten the unity, integrity, security or sovereignty of India or to strike

terror, and
2. Causing or likely to cause death (i) death or injuries to persons, or (ii) damage or
destruction of property, or (iii) damage or disruption of supplies or services essential to the
life of the community, or (iv) disruption of or affecting the critical information
infrastructure, as specified in sec 70, by any of the following acts:

14
Whoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person
without his or her consent, under circumstances violating the privacy of that person, shall be punished with
imprisonment which may extend to three years or with fine not exceeding two lakh rupees, or with both.
 (a) Denying or causing the denial of access to any person authorized to access company
resource; or
(b) Attempting to penetrate or accessing a computer resource without authorization or
exceeding authorized access; or
(c) Introducing or causing to introduce any computer contaminant.
OR
FORM II:
3. Knowingly or intentionally penetrating or accessing a computer resource without
authorization or exceeding authorized access, and
4. Obtaining access to restricted information, data or computer database, which is restricted
for reasons of the security of the State or foreign relations.
OR
FORM III:
5. Knowingly or intentionally penetrating or accessing a computer resource without
authorization or exceeding authorized access, and
6. Obtaining access to restricted information, data or computer database,
7. With reasons to believe that such restricted information, data or computer database may
cause or likely to cause injury to: (i) the interest of sovereignty and integrity of India, the
security of the State, the security of the State, friendly relations with foreign states, public
order, decency or morality, or (ii) in relation to contempt of court, (iii) defamation, or (iv)
incitement to an offence, or (v) the advantage of any foreign nation, group of individuals
or otherwise.
As evident from the above explanations, the definition of cyber terrorism is to be seen from bot
State’s as well as its subjects (citizens) perspective. The scope of cyber terrorism has been made
very exhaustive.

SECTION 67- PUNISHMENT FOR PUBLISHING OR TRANSMITTING OBSCENE

MATERIAL IN ELECTRONIC FORM15

15
Whoever publishes or transmits or causes to be published or transmitted in the electronic form, any material
which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons
The ingredients of offence under the aforesaid section are:
(a) Publication or transmission in the electronic form,
(b) Any material lascivious or appeals to the prurient interest,
(c) Tendency to deprave and corrupt persons,
(d) Likely-audience,
(e) To read, see or hear the matter contained or embodied in electronic form.
The aforesaid section does not make knowledge of obscenity an ingredient of the offence. Thus
to escape criminal charges, one has to prove his lack of knowledge of publication or transmission
of obscene information in electronic form. Moreover, though publication or transmission of
obscene information may be illegal but mere possession, browsing or surfing through obscene
content is not an illegal activity.

In Avnish Bajaj (CEO of bazzee.com – now a part of the eBay group of companies) case there were
three accused first is the Delhi school boy , second was the IIT Kharagpur Ravi Raj and the third
was service provider Avnish Bajaj. The law on the subject is very clear. The sections slapped on
the three accused were Section 292 (sale, distribution, public exhibition, etc., of an obscene object)
and Section 294 (obscene acts, songs, etc., in a public place) of the Indian Penal Code (IPC), and
Section 67 (publishing information which is obscene in electronic form) of the Information
Technology Act 2000. In addition, the schoolboy faces a charge under Section 201 of the IPC
(destruction of evidence), for there is apprehension that he had destroyed the mobile phone that he
used in the episode. These offences invite a stiff penalty, namely, imprisonment ranging from two
to five years, in the case of a first time conviction, and/or fines. In this case the Service provider
Avnish Bajaj was later acquitted and the Delhi school boy was granted bail by Juvenile Justice
Board and was taken into police charge and detained into Observation Home for two days.

who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in
it, shall be punished on first conviction with imprisonment of either description for a term which may extend to three
years and with fine which may extend to five lakh rupees and in the event of second or subsequent conviction with
imprisonment of either description for a term which may extend to five years and also with fine which may extend
to ten lakh rupees.
SECTION 67A- PUNISHMENT FOR PUBLISHING OR TRANSMITTING OF
MATERIAL CONTAINING SEXUALLY EXPICIT ACT, ETC. IN ELECTRONIC
FORM

The ingredients of offence under the aforesaid section are:

(a) Publication or transmission in the electronic form,
(b) Any material containing sexually explicit act or conduct.
It is significant to note that publication or transmission in the electronic form includes
dissemination, storage and transmission of information or data in electronic form. The issues
related to publication or transmission of obscene information in electronic form has to be also
looked from the perspective of ‘extra-territorial’ jurisdiction and Internet Technologies, keeping
in view that ‘obscenity’ is no longer a local and static phenomenon. It is now global and dynamic
in nature and thus needs strict interpretation of statute.
EXTRA TERRITORIAL JURISDICTION

The international law of jurisdiction is sometimes referred to as the law of ‘extraterritorial’

jurisdiction. The use of the term ‘extraterritoriality’ derives from the notion that jurisdiction
becomes a concern of international law where a state regulates matters which are not exclusively
of domestic concern. In theory there is no limit on the circumstances in which a national
government might claim to apply its laws and regulations to internet activities which originate in
a different jurisdiction, although practical enforcement of those laws against a foreign enterprise
is a different matter.16 Dispute resolution mechanism, based primarily on territoriality, faces a
number of challenges when applied to disputes arising on the internet. The internet is by
definition international and can be accessed from almost any place. On the internet, digitized
date may travel through various countries & jurisdictions in order to reach its destination. The

16
Chris Reed, ‘Internet Law’ (2nd edn, Cambridge University Press, 2004) 231
physical world location of those parts of the Internet infrastructure via which a communication is
carried may be purely fortuitous. The result in many cases is that the parties to an Internet
transaction are faced with overlapping and often contradictory claims that national law applies to
some part of their activities. The difficulties faced by courts in dealing with this new medium are
acutely exemplified by the November 20, 2000, decision of a French trial court. Climaxing a
series of earlier rulings by the same court, the trial court ordered Yahoo! Inc. to put filtering
systems in its United States website so as to prevent access by French residents to portions of the
Yahoo! Inc. auction site on which persons offer to sell World War II memorabilia containing
Nazi symbols.17 In its initial ruling the same court in the same case had held that the U.S. website
for Yahoo! Inc. was subject to French jurisdiction simply because it could be accessed from
France. The issue of overlapping jurisdiction raises these detailed questions:
 Where an Internet activity has a cross border element, on what principles can we
decide which country`s law applies and which court has jurisdiction?
 On what basis can a national Govt. claim to apply its laws and regulations to
Internet activities which originate in a different jurisdiction?

THE ISSUES OF JURISDICTION

The issues of jurisdiction have to be looked into following perspectives:

Prescriptive Jurisdiction
Prescriptive jurisdiction is related to the power of a state to regulate its people, property,
and transactions or to prescribe their conduct, usually through the passage of laws or
regulations. A State has unlimited prescriptive jurisdiction: this means that the legislature
of a state can create, amend or repeal legislation covering any subject or any person, irrespective
of the person’s nationality or location.
Adjudicative Jurisdiction
Adjudicative jurisdiction refers to the power of a state, acting through its judicial organ,
to hear disputes and to render judgments binding upon the parties thereto. It is the power

17
VEJF and LICRA vs Yahoo! Inc. and Yahoo France (tribunal de Grand Instance de Paris) [2000], The
French judge rules that Yahoo! must put a three part system in place that includes filtering by IP address,
the blocking of 20 keywords and self identification of geographic location. The system follows the
recommendations of an expert panel appointed by the court to investigate such technologies.
of a court to determine the rights and obligations of the parties to a dispute and to
exercise any judicial power in relation to it.
Enforcement Jurisdiction
Enforcement jurisdiction is the power of a government to compel compliance or to
punish noncompliance with its laws, regulations, orders, and judgments. However, a
state cannot enforce its laws over persons residing in another country. It is concerned
with a state’s power to act in the sense of exercising sovereign authority, i.e. ascertaining
the extent to which a state can act in another to give effect to its own laws.

PRINCIPLES OF EXTRA TERRITORIAL JURISDICTION

In order for a national court to adjudicate criminal and regulatory sanctions
internationally, there must be some connection, or nexus, between the regulating nation
(the forum) and the crime or criminal. The principle equally applies whether the regulated
conduct takes place in the physical world or in cyberspace. Various principles have been
invoked by courts to justify their exercise of jurisdiction. These principles are not mutually
exclusive. Courts routinely rely on more than one in assuming jurisdiction.161
These issues usually arise in cases where another state is claiming jurisdiction or where
the defendant himself denies the national court`s jurisdiction. In many cases, the subject
matter of the case involves non-nationals or events wholly or partly performed abroad and
often concerns criminal law. The principle grounds for the assertion of jurisdiction are
where there is either a territorial or nationality link between the case and the court, as
where the events take place in the state or are committed by a national of that state. An
extension of these is the ‘protective’ and ‘passive personality’ principles, both of which
are now being invoked more frequently. The ‘effects doctrine’ is a contentious ground for
invoking national jurisdiction as it often has an extraterritorial reach and affects non-nationals.
These principles are as follows-
(1) Territorial Nexus Principle
(2) Nationality principle
(3) Passive personality principle
(4) Protective principle
(5) Universality principle
TERRITORIAL NEXUS PRINCIPLE

Territorial jurisdiction is the sovereign jurisdiction that a state has over the land within its
boundary limits, over its inland and territorial waters, over all persons and things and to a
reasonable extent over the airspace above and subsoil below in such land. The territoriality nexus
allows courts to assume jurisdiction over crimes and regulatory offenses committed or
consummated "in part" within the regulating nation`s territory. That is, jurisdiction can exist
whenever "any essential element of the crime is accomplished" within the regulating nation`s
territory. In S. S. Lotus Case (France vs. Turkey)18, few principles have been laid down by the
Permanent Court of International Justice. According to first principle a state cannot exercise its
power in any form in the territory of another State; unless an International treaty or customary
law permits it to do so. It says- “Now the first and foremost restriction imposed by international
law upon a State is that – failing the existence of a permissive rule to the contrary – it may not
exercise its power in any form in the territory of another State. In this sense jurisdiction is
certainly territorial; it cannot be exercised by State outside its territory except by virtue of a
permissive rule derived from international custom or from a convention.”

The Nationality Principle

Nationality principle permits a state to exercise jurisdiction over its own nationals irrespective of
the place where the concerned act was committed. In this context, a state may even assume extra-
territoriality jurisdiction. Like the territorial principle of jurisdiction, this principle also has two
limbs. If jurisdiction is asserted over a national accused of being a perpetrator of extraterritorial
conduct, this is described as ‘active nationality’. If the national is a victim of extraterritorial
conduct, then jurisdiction over that national is termed ‘passive nationality’. Nationality principle
came into existence as a result of decline in the importance of territory & lessened significance to
borders for the purposes of jurisdiction. This factor is particularly pertinent within the European
Union, where borders have come to assume a lesser importance. There are several strong positive

18
France vs. Turkey [1927] P.C.I.J. (ser. A) No. 10 (Sept. 7). An example of the first Lotus principle is
found in the UK-Netherlands Agreement of 1991. Through this international agreement, the UK obtained
the consent of Netherlands before prosecuting two Libyans accused in the Lockerbie bombing – by a
Scottish Court – located in Netherlands.
arguments in favour of a move to nationality based jurisdiction. The incorporation of the
European Convention on Human Rights into United Kingdom domestic law by the Human
Rights Act 1988 provides the basis of one of them. The incorporation has brought all criminal
trials to be tested against the Convention in United Kingdom Courts. The right to liberty, fair
trial, and security and right to be free from retrospective criminal legislation are all now part of
UK municipal law. Exercising jurisdiction on the basis of nationality would be a method
whereby these rights could be applied to those who are accused of crimes abroad and may not
otherwise be afforded this protection. Nationality was likely used as a jurisdictional nexus in the
trial of Jay Cohen in United States v. Galaxy Sports19 Cohen, the president of World Sports
Exchange (WSE), an online gambling organization headquartered in Antigua, was convicted of
soliciting and accepting bets from Americans via WSE's Internet Web site. Because the company
was Antigua-based, the court was unable to assert jurisdiction over it. It’s President, however,
was a citizen of the USA and could, therefore, be taken to court.

The Passive Personality Principle

According to the passive personality principle a sovereign can adopt laws which apply to
conduct of foreign nationals who commit crimes against the sovereign’s nationals while the
sovereign’s nationals are outside of the sovereign’s territory. The jurisdictional aspects of
passive personality principle have been elaborated in the case of United States vs. Yuni20 In this
case Yunis, a Lebanese citizen, was lured by a US agent from Cyprus into a fishing boat that was
in international waters. He was then arrested and transported to the US, where he was charged
with hostage taking and piracy in connection with the hijacking in 1985 of an aircraft belonging
to Royal Jordinian Airlines. Though, no part of the offences occurred in the US, the district court
of Columbia considered that it had jurisdiction over the prosecution of accused on the basis of
both the passive personality and the universality principles. The Court held: “This principle
authorizes States to assert jurisdiction over offences committed against their citizens abroad. It
recognizes that each State has a legitimate interest in protecting the safety of its citizens when
they journey outside national boundaries.”

19
260 F.3d 68 (2d Cir., July 31, 2001), Docket No. 00-1574
20
United States vs. Yunis (1988) 681 F Supp 896
The government in this case contended that because American nationals were on board the
Jordanian aircraft, therefore, the court possess jurisdiction over accused under this principle.
Though, this principle may be referred to as a controversial one, as it extends the ‘arm of
national laws further even in the foreign territories’. Nevertheless, the principle has been adopted
as a basis for asserting jurisdiction over hostage takers.

Protective Principle
Protective principle is a rule of international law that allows a sovereign state to assert
jurisdiction over a person whose conduct outside its boundaries threatens the states security or
interferes with the operation of its government functions. In particular, a state may rely on the
protective principle because acts that threaten its security or national interest may not be illegal
in the state where they are being performed. In Joyce v DPP21 an American citizen gained a
British passport by fraudulent means and worked for German radio during World War II. It was
argued on behalf of the accused that the United Kingdom did not have jurisdiction to try a non-
national for a crime committed outside British territory. The Court rejected this argument on the
basis that: “No principle of comity demands that a state should ignore the crime of treason
committed against it outside its territory. On the contrary a proper regard for its own security
requires that all those who commit that crime, whether they commit it within or without the
realm should be amenable to its laws.”

Universality Jurisdiction
A pointed out by Starke, “an offence subject to Universal jurisdiction is one which comes under
the jurisdiction of all states wherever it be committed inasmuch as by general admission the
offence is contrary to the interests of the international community, it is treated as a delicate jure
gentium and all states are entitled to apprehend and punish the offenders. Clearly the purpose of
conceding Universal jurisdiction is to ensure that no such offence goes unpunished.” Generally,
international law concerns with the relations between nations. It does not establish regulations or
criminal sanctions that apply directly to individuals. The exception to this rule is for the small
category of crimes that are covered by the universality nexus; that is, those crimes that are

21
Joyce v DPP (1946) AC 347
considered to be so egregious as to be of universal concern. The principle of universal
jurisdiction is classically defined as 'a legal principle allowing or requiring a state to bring
criminal proceedings in respect of certain crimes irrespective of the location of the crime and the
nationality of the perpetrator or the victim'. This is relatively a new theory on jurisdiction, and
particularly deals with international criminal jurisdiction of states upon individuals for conduct
regarded as “international crime” in custom or conventionally. In its literal and simplest
meaning, the universality principle means that any state would have jurisdiction to prosecute,
arrest, try, convict and sentence any person regardless of nationality, for crimes they have
committed anywhere in the world and against the nationals of any state, as long as the act
committed is considered criminal pursuant to the penal laws of the prosecuting state, or in
international law. So far, this principle has been applied only in the context of serious and
heinous international crimes such as genocide, war crimes, torture and other widely recognized
gross violations of human rights. The nexus between social media offences and universal
jurisdiction appears rough despite the universal nature of internet and universal applicability of
social media contents. Typology of crime in social media is regulated through different sets of
national laws which in the present scenario cannot be asked to be crime of universal nature.
However, there are certain offences committed through social media, which may be considered
as crime of universal nature, thereby making it triable in any legal system. For example hate
materials which is widely circulated and published in social media pages can be included within
the ambit of crime against humanity, though terming it as aforesaid shall always be debated.

EXTRA TERRITORIAL JURISDICTION AND INDIA

The Indian Penal Code, 1860 which deals with criminal offences, propounds the basic
jurisdictional principle that Indian courts will have jurisdiction to cover offences committed in
India. According to Section 3 of the Act, “Any person liable, by any Indian law, to be tried for
an offence committed beyond India shall be dealt with according to the provisions of this Code
for any act committed beyond India in the same manner as if such act had been committed within
India.” Sec. 3 provides for extraterritorial operation of the code, but only if the terms of the
section are satisfied. A key ingredient of the provision is contained in the words “any person
liable by any Indian law”. This section operates only where an Indian law specifically provides
that an act committed outside India may be dealt with under that law in India. Thus, for the
applicability of Sec. 3 of IPC, it is essential for a person to be liable under the Act.

Similarly, Sec. 422 of the Act is related to extension of Code to extraterritorial offences.
Procedurally, the jurisdictional principles for crimes are contained in the Code of Criminal
Procedure, 1973. However, the application of Cr.P.C. for offences committed outside India is
very limited.
For better scope and clarity, Sec. 4 and Sec. 18823 of the Criminal Procedure Code are extracted
herein as under: Trial of offences under the Indian Penal Code and other laws (a) All offences
under the Indian Penal Code (45 of 1860) shall be investigated, inquired into, tried, and
otherwise dealt with according to the provisions hereinafter contained (b) All offences under any
other law shall be investigated, inquired into, tried, and otherwise dealt with according to the
same provisions, but subject to any enactment for the time being in force regulating the manner
or place of investigating, inquiring into, trying or otherwise dealing with such offences
Thus it is apparent from Sec. 4 above that the provisions of Cr.P.C. are applicable where an
offence under the IPC or any other law is being investigated, inquired into or tried or otherwise
dealt with. The jurisdiction under Sec. 4 is comprehensive to the extent that no valid machinery
is set up under any Act for the trial of any particular case, the jurisdiction of the ordinary
criminal court cannot be held to have been excluded. Sec. 188 only deals with procedure and
does not make it a substantive offence. It is the procedural counterpart of Sec. 4 of the Indian
Penal Code. The jurisdictional principles of IPC based on territoriality and nationality has been
widened by the Information Technology Act, 2000. According to Sec. 1 (2) of the Act- “It shall
extend to the whole of India and, save as otherwise provided in this Act, it applies also to any
offence or contravention there under committed outside India by any person.”

22
Extension of Code to Extra Territorial Offences “The provisions of this Code apply also to any offence committed
by— (i) any citizen of India in any place without and beyond India; (ii) any person on any ship or aircraft registered
in India wherever it may be. (iii) any person in any place without and beyond India committing offence targeting a
computer resource located in India.”
23
Sec 188. Offence committed outside India- (a) by a citizen of India, whether on the high seas or elsewhere; or (b)
by a person, not being such citizen, on any ship or aircraft registered in India, he may be dealt with in respect of
such offence as if it had been committed at any place within India at which he may be found: Provided that,
notwithstanding anything in any of the preceding sections of this Chapter, no such offence shall be inquired into or
tried in India except with the previous sanction of the Central Government.
Further when dealing with section 7524 of the IT Act, the extra territorial operation of the IT Act
has been put in place considering the ease with which anybody actually present anywhere in the
world can commit a cyber crime having an impact in India. In this way legislature in India has
been influenced by the effect theory whereby the jurisdiction is determined by examining where
the effect of a particular offence is felt. This principle is an extension of the principle
propounded in section 182 of Cr.P.C. whereby an offence which is committed by means of
telecommunication message can be inquired into or tried by any court within whose local
jurisdiction such messages were received.

24
(1) Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any offence or
contravention committed outside India by any person irrespective of his nationality. (2) For the purposes of sub-
section (1), this Act shall apply to an offence or contravention committed outside India by any person if the act or
conduct constituting the offence or contravention involves a computer, computer
system or computer network located in India.