Pranjali Pandya pursuing BA LL.B. (Hons.) from Damodaram Sanjivayya National Law University, Vishakapatnam.
JURISDICTION OF CYBERSPACE: ANALYSIS OF LAWS OF UNITED STATES AND INDIA
Jurisdiction is one of the first major issues before any court of law. If the court does not have jurisdiction to entertain the matter which has come forward before it, then the matter will not be further proceeded The Court either Domestic or International without jurisdiction does not have any authority to entertain the matter, to decide rights and duties or impose penalty or punishment. The Cyber space has raised the basic problems of jurisdiction in International laws and domestic laws because of its de-territorial nature. Internet allows parties to execute transactions without disclosing their identity; and the parties` world and violate the rights of the other party or person. The paradigm of the jurisdiction in the International law and national law is required to be shifted because of the peculiar nature, increasing use and need of the cyber space.
PRINCIPLES OF JURISDICTION
There are three types of jurisdiction generally recognized in international law. These are – (i) the jurisdiction to prescribe; (ii) the jurisdiction to enforce; and (iii) the jurisdiction to adjudicate. The jurisdiction to prescribe is the right of a state to make its law applicable to the activities, relations, the status of person, or the interest of persons in things.
Under International law, there are six generally accepted bases of jurisdiction or theories under which a state may claim to have jurisdiction to prescribe a rule of law over an activity. In the usual order of preference, they are – (i) Subjective Territoriality, (ii) Objective Territoriality, (iii) Nationality, (iv) Protective Principle, (v) Passive Nationality, (vi)Universality.
As a general rule of International law, even where one of the bases of jurisdiction is present, the exercise of jurisdiction must be reasonable.
Subjective territoriality is by far the most important of the six. If an activity takes place within the territory of the forum state, then the forum state has the jurisdiction to prescribe a rule for that activity. The case majority of criminal legislation in the world is of this type.
Nationality is the basis for jurisdiction where the forum state asserts the right to prescribe a law for an action based on the nationality of the actor.
INDIAN POSITION OF THE JURISDICTION IN CYBERSPACE
In majority of instances the Indian Penal Code, 1860 (IPC) and Information Technology Act, 2000 (IT, Act) in India deals with the position of jurisdiction of cyber space. Section 2 to 4 (2) of the IPC deals with territorial and extra territorial offences. The IPC is made applicable to the any offence committed by the India citizen in the whole of the globe. In the instances of person (non – citizens) doing offence outside the Indian Territory, the offences does not fit in the scope and ambit of the Indian Penal Code, 1860. Therefore, offence conducted by the person from other sovereign nation in cyberspace is not punishable under the Penal Codes, 1860. Another important legislation, IT Act, 2000 is enacted to resolve the problem of jurisdiction in India. The Information Technology Act, 2000 is applicable to the citizen and non – citizens committing crimes outside the India territory (Section 1(2) and Section 75 of the Information Act, 2000).
It is submitted that even Section 75 of Information Technology Act of 2000 and Section 3 and Section 4 of the Indian Penal Code provides extraterritorial jurisdiction. The
Provisions of both the Acts have only partially resolved the problem of the jurisdiction. According to sub – section 1 of the Section 75 of the Information Technology Act of 2000 the jurisdiction with respect to the offence or contravention committed outside India by any person irrespective of his nationality the Information Technology Act of 2000 would be applicable. The sub – section 1 of the Section 75 is subject to qualification provided under sub 0 section 2 of the Section 75. Sub – section 2 of the Section 75 of the Information Technology Act, 2000 applies to an offence or contravention committed outside India by any person if the act or conduct constituting the offence or contravention “involves” a computer, computer system or computer network located in the territory of India. The word “involve”, is very broad word. It may include the offence committed by the foreigner against another foreigner of different country involving computer network located in the territory of India. In such cases the offence may be conducted on internet from one sovereign state to another sovereign state via network located in India. In above example though internet network is located in India neither interest of India territory nor citizen of India is involved in any manner.
Therefore, these types of broad wording of the legislation are in conflict with the territorial principle of the International Law.
In addition to above Sections, Section 13 of Information Technology Act of 2000 is also relevant to analyze the problem of jurisdiction in cyber space. Section 13 deals with time and place of dispatch and receipt of electronic record. Sub – section 3 of the Section 13 is worded as follows – “Save as otherwise agreed between the originator and the addressee, an electronic record is deemed to be dispatched at the place where the originator has his place of business, and is deemed to be received at the place where the addressee has his place of business”. Section 13 of the Information Technology Act, 2000 assumed the place of dispatch and place of dispatch or receipts of the electronic record. This assumption is important because it provides jurisdiction to the Indian Courts if the place of business of originator or addressee is in India. According to Section 13 of the Act, the court will have jurisdiction though the electronic record in fact may or may not be received in or dispatched from the computer, computer systems or computer mechanism situated in India. Normally, the Court gets jurisdiction at the place of business, place of dispatching of electronic record and place of receiving the electronic record. Section 13 of Information Technology Act of 2000 will have overriding effect on Civil Procedure Code and Criminal Procedure Code.
According to statutory assumptions created under Section 13 of the Information Technology Act of 2000 though of India and if his place of business is outside the territory of India, the Indian Court cannot exercise the jurisdiction. Similarly, according to said assumption created under Section 13 of the Act the Court can assumed jurisdiction though electronic message is dispatched or received outside the territory of India if the person receiving or dispatching an electronic message has place of business in India.
It is pertinent to note that because of Section 13 of the Information Technology Act of 2000 the Indian Court would not be able to take cognizance of the matter though Act of dispatching electronic message is partially or fully conducted from the territory of India.
Further, because of this statutory assumption the court would be unable to take cognizance of the matter even of the electronic message has an adverse impact on rights or interests of the citizen(s) of India. The assumption created under Section 13 of Information Technology Act of 2000 does not have any advantage as such because otherwise also according to general principles of jurisdiction and CPC and Cr. P.C the Court was empowered to take cognizance of the matter at the place of the business of the person. Section 13 of the IT Act, is apparently inconsistence with territorial and passive nationality principles of International Law on jurisdiction.
Section 4 of the IPC, 1860 has been amended by amendment Act, 2008. According to new sub – section (3) of Section 4 of the IPC, the code would apply, “any person in any place without and beyond India committing offence targeting a computer resource located in India”. According to explanation (b) the expression “computer resource”, shall have the same meaning assigned to it in clause (k) of sub – section (1) of section (2) of Information Technology Act of 2000 (21 of 2000). According to the new provision of the IPC, 1860 for applying the India Penal Code “targeted computer resource”, shall be located in India.
It is pertinent to note that the word “targeting” is used in sub – section 3 of Section 4 IPC, 1860. The word “targeting” is not further defined or clarified by the legislature. The literal or dictionary meaning of “targeting” is “aiming at”. The literal or dictionary meaning of words used in criminal law is needed to stress out because the rule of strict interpretation is applicable to the criminal law. The rule of strict interpretation implies the strict or literal interpretation of the criminal law. It is submitted that, after applying the rule strict interpretation, there is a doubt whether IPC would be applied when –
(a) Aim or target is not a computer resources but a person. It means the intention is not to cause wrongful loss to the computer resources including computer or data per se but to the person via or with help of computer resources. In this example “means” and “target” are different, means is computer resource and target is a person. Therefore, in the above example offence is committed with the help of computer resource and not by targeting it.
(b) the offences are committed via network located in India;
(c) Wrongful loss is caused to the person by making data accessible to the entire world including India but date is copied from the computer located outside the territory of India.
(d) In the examples of passive websites registered and created outside India (for example photographical websites) but accessible in India. Similarly, a website with unauthorized copyrighted material may have access in India without targeting computer resources located in India. In these examples the target is not computer resources located in India per se. The intention is to make it accessible to the entire world. Incidentally, it would be accessible in India also. The above explanation shows that the jurisdiction clause is resource (object) centric rather than victim centric.
UNITED STATES POSITION OF JURISDICTION IN CYBER SPACE
It is important to understand the traditional principles of jurisdiction, like personal jurisdiction, local state`s long arm statute and the due process clause of the United States Constitution to know how these principles have been used by various courts to resolve e – commerece related disputes.
Computer crimes because of their transitional nature involve certain difficult jurisdictional issues. Suppose a hacker operating from a computer in country A, enters a database in country B, and after routing the information through several countries causes a consequence in C, here atleast three jurisdictions are involved and who shall try him? The dilemma was described very appropriate by La Forest, J., in Libman v. The Queen, in following words – “one is to assume that the jurisdiction lies in the country where the crime is planned or initiated. Other possibilities include the impact of the offence is felt, where it is initiated. Other possibilities include the impact of the offences is felt, where it is initiated. Where it is completed or again where the gravamen or the essential element of the offence took place. It is also possible to maintain that any country where any substantial or any part of the chain of events constituting an offence takes place may take jurisdiction”.
The Cyber Space is a world with no limits and hence it becomes difficult to determine the power of the court to adjudicate upon the matter hence the need of the hour is to look into provisions of law that can be applicable to deal with the case of cyber crime.
Recently, also due to the COVID – 19 pandemic there had been an increase in the number of cyber crimes and itself shows how the countries including US and India are vulnerable position to cyber threats and hence addressing this issue is vital.