Praesidium IP

logo-praesidiumip

Recent Amendments and Landmark Judgments on Cybercrime & Stalking

Yesterday morning on a bus ride, a girl noticed a stranger who was sitting behind in the bus. The next morning her social media is filled with messages from a new account saying “I saw you in black yesterday.” Soon her college email is spammed, her parents also get spam calls, and a class WhatsApp group has her deep-faked videos. That is how cyberstalking happens nowadays, this is more dangerous as it leads victims more anxious, isolated, and unsure which law to invoke first.

The new criminal laws, Bharatiya Nyaya Sanhita, 2023 (BNS) replaced IPC laying down stalking as a specific offence which explicitly includes monitoring electronic communications. Section 78 of BNS is a part of chapter V which lays down offences against women and children, it says that:-

Any man who,

  1. follows a woman and contacts, or attempts to contact such woman to foster personal interaction repeatedly despite a clear indication of disinterest by such woman; or
  2. monitors woman by internet, e-mail or any other form of electronic communication, commits the offence of stalking;

Apart from BNS, the Information Technology Act of 2000 penalises different types of cybercrime in India such as hacking (section 66), identity theft (section 66C), cyber terrorism (section 65F),  phishing Section 66C, 66D, spamming, cheating by personation using computer resource (66D), cyber stalking and cyber harassment (section 66E), Publishing and transmitting obscene material (section 67), child pornography (section 67B), Sending Offensive or Threatening Messages through Communication Service (Section 66A), Data Theft and Data Breach (Section 43 & 66); These sections often pair with offences provided in BNS/IPC.

Platform liability is provided under the IT (Intermediary Guidelines & Digital Media Ethics Code) Rules of 2021. In 2023, the government came up with Grievance Appellate Committees (GACs) and the Digital Personal Data Protection Act, 2023 (DPDP) which talks extensively about consent and privacy and laying down duties of “data fiduciaries” and heavy penalties for data breaches. Though it does not talk about cyberstalking, it governs how platforms and organisations must collect, retain, and delete personal data.

Landmark judgments

  • Shreya Singhal v. Union of India (2015) – The hon’ble Supreme Court in this case struck down Section 66A of IT, Act which made it illegal to send “offensive” messages via communication services, including social media, and permitted the arrest of individuals based on unclear standards. The court said that Article 19(1)(a) of the Indian Constitution, ensures the right to freedom of speech and expression which is fundamental to democracy and it cannot be taken away by any law in any given circumstances.
  • Krishna Kumar V. State of Uttar Pradesh (2021) The Allahabad High Court in this case said that section 66E of the IT Act which addresses privacy violation and unauthorised capturing of publishing or sharing images of an individual’s private parts. The Court highlighted in this that each person possesses a right to privacy as a fundamental right under Article 21 of the Constitution. Publishing personal images without permission is a definite violation of this right.
  • X v. State of Telangana (2021) – The case stands out as an important decision by the Telangana High Court, focusing on the significant matter of online harassment, especially concerning the distribution of altered images of women.  It significantly emphasized the necessity for strong legal safeguards against online harassment and the significance of tackling the emotional impacts of these actions.
  • Justice K.S. Puttaswamy v. Union of India (2017)— In this landmark case Supreme Court constitutionalised privacy as a fundamental right, which invariably supports stronger scrutiny of surveillance and strong action against stalking, privacy breach and non-consensual sharing of intimate data.
  • Delhi HC deepfake takedown orders (2023–24) – After the viral Rashmika Mandanna deepfake video, the Delhi High Court ordered removal and proactive blocking of variants, signalling judicial impatience with platform latency, hence setting practical templates in such cases

Recent developments

  1. New criminal laws – The BNS has the explicit reference to online monitoring which invariably helps prosecutors to investigate stalking cases through social media such as chats, follower graphs, calls, and location without just relying on older methods of investigation.
  2. Bombay High Court struck down the “fact-check unit” (2025) – By invalidating the FCU that could compel takedowns of purportedly false government-related information, the Court here preserved space for legitimate government criticism and also underscored that free speech and expression must be followed up with restrictions, only delegated executive power is not enough we need strong legislative safeguards. This is because many cyber crime complaints invariably have free speech like committing cyber crime in the wind of ‘exposing truth’.
  3. Deepfake advisories (2023–24). The Ministry of Electronics and Information Technology asked platforms to identify and remove any kind of  misinformation and deepfakes within the period of 36 hours when reported, and morphed images must be removed within 24 hours when a complaint is filed under Rule 3(2)(b). As it is important to understand that these are not new crimes, but they invariably accelerate responses for harassment.
  4. Six hour breach rule – Organisations must report cyber incidents to the national computer emergency response team within the period of six hours of noticing it this will help in tracing when stalkers use hacked credentials or any form of data leaks.
  5. UK Online Safety Act 2023 – Created new platform duties in case of circulation of harmful communications and illegal content which includes intimate-image abuse; on the other hand the EU Digital Services Act requires “very large platforms” to assess system-level risks and accordingly mitigate them. These global regimes shape how platforms respond to Indian users.

Critical analysis:

If we  see section 78 of BNS, it directly covers electronic monitoring, which helps survivors who can show DM logs, stalking through “alts,” or “seen at” tags, making it easy to track. The deepfake/misinformation advisories, GAC appeals, and Delhi High Court emergency orders reduce the distance between complaint and takedown of the harmful content.But still victims need to navigate local police,  platform forms (IT Rules) and sometimes even civil courts for injunctions, and in all these hustle missed screenshots can sink the entire case. Courts in such cases  often look for repetition to prove stalking is also questionable. Now what would move the needle is the consistent and time-bound steps for fast evidence preservation and support to victims.

Conclusion

In today’s digital world it is important tosave messages, call logs, profile URLs, and screenshots with timestamps; this can be one of the strongest proofs. Additionally it is important to file a complaint under BNS section 78 with relevant IT Act sections and trigger platform takedown pathways citing the 24/36-hour obligations for morphed or illegal content. It is also important to seek help from legal counsel in order to file for injunctions. Now the bottom line is that India’s legal net for cyberstalking is tighter than what it was five years ago, yet AI-enabled harms are accelerating, so the next wave of reform must have remedies which are faster, simpler, and also survivor-centred, without infringing the fundamental right to speech free.

Leave a Reply

Your email address will not be published. Required fields are marked *