Authored By: Swati Singh
Symbiosis Law School Pune
I. Introduction
The rise of social media platforms, messaging services, and other digital communication tools has revolutionised how people interact.1 But at the same time, online bullying and harassment have become major concerns, threatening our dignity, privacy, and mental health.2 Stories of online stalking, revenge porn, doxxing, trolling, and targeted digital abuse are on the rise in various parts of the world, and women, children, journalists, and marginalised groups are often the primary victims.3
The response to cyberbullying in terms of law has been inconsistent and inadequate. In India, issues of online harassment fall under provisions within the Information Technology Act, 2000, the Bharatiya Nyaya Sanhita, 2023, and certain other specialised laws.4 However, challenges related to enforcing the law, limitations of jurisdiction, the anonymity of offenders, and the ever-changing nature of digital platforms have led to serious loopholes in victim protection.5 Global cyberbullying trends have sparked a similar debate in many jurisdictions on whether existing civil and criminal laws can adequately deal with online harm.6
This paper argues that current laws regulating cyberbullying and online harassment are insufficient to address the complexities of online abuse in the digital age. Section II analyses current laws in India dealing with online bullying and harassment. Section III analyses judicial responses and enforcement issues. Section IV provides a comparative analysis of international laws on the subject, and Section V proposes amendments to enhance legal liability and victim protection in the digital domain.
II. Legal Provisions on Cyberbullying and Online Harassment
A. The Information Technology Act, 2000
The IT Act, 2000, is the principal law relating to cyber offences in India.7 Various provisions of the Act indirectly penalise harassment and offensive online activities.
1. Section 66E: Breach of Privacy
This provision penalises the intentional capture, publication, or transmission of a person’s private images without consent.8 This section can be used against offenders committing crimes related to revenge porn or the non-consensual sharing of sexual images.9
2. Sections 67 and 67A
Sections 67 and 67A of the IT Act criminalise the publication or transmission of obscene or sexually explicit material electronically.10 These are frequently invoked against offenders engaged in online sexual harassment or the illegal distribution of such content.11
3. Intermediary Liability
The IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, lay down the obligations of social media intermediaries in taking down unlawful content.12 Questions, however, arise on the efficacy of the intermediary’s role and the system of content moderation.13
B. The Bharatiya Nyaya Sanhita, 2023
The new penal law, the BNS, 2023, also includes several provisions applicable to cyberbullying and online harassment.14
1. Criminal Intimidation and Harassment
Provisions regarding criminal intimidation, stalking, defamation, and insulting a woman’s modesty may be extended to digital media.15
2. Cyberstalking and Gender-Based Abuse
Crimes relating to repeated digital monitoring, tracking, and harassment of women on digital platforms fall under laws relating to stalking and harassment.16
3. Hate Speech and Online Threats
Offences involving hate campaigns, incitement of crime, and public mischief on the web are regulated by public order provisions and similar criminal laws.17
C. Constitutional Dimensions
Several fundamental rights guaranteed under the Indian Constitution impact the regulation of cyberbullying.18
1. Freedom of Speech
Under Article 19(1)(a) of the Indian Constitution, all citizens have the right to freedom of speech and expression.19 However, this right can be reasonably restricted under Article 19(2) in the interests of public order, decency, morality, and defamation.20
2. Right to Privacy
In Justice K.S. Puttaswamy v. Union of India, the Supreme Court established privacy as a fundamental right that can extend to online privacy and the protection of personal and informational dignity on the internet.21
III. Judicial Pronouncements and Enforcement Issues
A. Shreya Singhal v. Union of India
The Shreya Singhal case was a landmark judgment that dealt with Section 66A of the IT Act.22 The Supreme Court ruled the provision unconstitutional because it was vague and an unreasonable restriction on freedom of speech.23 While the decision was instrumental in enhancing the constitutional protection afforded to freedom of speech online, the judgment had adverse practical effects.24 Law enforcement agencies had previously relied heavily on the provision as an avenue to tackle all forms of cyber-abuse, and the failure to enact an alternative has created lacunas in law enforcement and ambiguity in the regulation of harmful online speech.25
B. The Anonymity Problem
The ability of offenders to mask their identities behind fake accounts, encrypted messaging services, and anonymous web pages is a major impediment to bringing such offenders to book.
The transnational nature of internet usage and communications complicates investigative and prosecution processes. While the offender may be present in India, the storage of information on offshore servers and simultaneous use of applications across multiple countries poses a unique set of problems in data collection, processing, and admissibility.
C. Under-Reporting and Victim Vulnerability
The social stigma associated with being a victim of online abuse has led to victims refraining from reporting incidents due to fears of social ridicule and retaliation. Victims are often not informed about the legal mechanisms available to them, which results in limited reporting and, in many cases, increased vulnerability.
Women are most vulnerable to gender-based cyber violence, including stalking, sexual harassment, impersonation, the circulation of obscene photographs or videos without consent, and other forms of online abuse. Children and young people are particularly vulnerable to online grooming and other forms of abuse, given their limited awareness of potential online risks. Victims of relentless online harassment suffer prolonged psychological torment, which invariably pervades other areas of their lives, affecting their personal relationships and professional well-being.
D. Platform’s Role and Enforcement Shortcomings
The power that platforms have in determining how online content is published gives them extensive control over free speech online. However, existing regulations and laws largely rely on platform self-regulation, which has given rise to complaints about arbitrary content moderation. Delayed content removal, inconsistent platform standards, and opaque algorithms continue to leave victims inadequately protected from online harm and harassment, while allowing malicious actors to abuse platforms with impunity. The algorithms that platforms employ frequently fail to differentiate between abusive harassment and protected online speech.
IV. Global Approaches to Regulating Online Harms
A. The United Kingdom
The UK has passed an exhaustive law on the matter: the Online Safety Act 2023.26 This legislation imposes numerous responsibilities on tech companies, making them accountable for user-generated content and the prevention of harm online.27 It also establishes an independent regulator, Ofcom, responsible for overseeing the implementation of these regulations, giving it immense power and oversight into the online sphere. This marks an increased focus on the culpability of intermediaries in controlling cyberbullying.
B. The United States
The cyberbullying legal framework in the USA varies from state to state, as federal law has not specifically addressed cyberbullying in detail.28 While the First Amendment to the U.S. Constitution prohibits infringement on the right to free speech, numerous states have adopted legislation criminalising cyberbullying.29 Critics, however, claim that the absence of a federal law leaves victims without consistent protections.
C. European Union
The EU relies heavily on a rights-based approach and has enacted the Digital Services Act and the General Data Protection Regulation (GDPR) to combat cyberbullying.30 While the Digital Services Act deals with intermediary liability and the imposition of due diligence obligations, the GDPR empowers users by giving them greater control over their data. This framework effectively regulates abusive online behaviour while maintaining user rights.
V. Critical Assessment of Existing Laws
A. Fragmented Legislation
The Indian legal framework has failed to introduce a comprehensive law dealing with cyberbullying and online harassment. The fragmented approach of introducing and enforcing different provisions under different laws, such as the IT Act and the new BNS, has created several issues of interpretation.
B. Lack of Victim-Centric Mechanisms
The primary focus of existing laws appears to be the punishment of offenders. However, much more needs to be done to ensure that victims are properly guided, advised, and counselled regarding the remedies available to them. There is a lack of infrastructure to provide victims with the counselling they require, facilitate education on safe digital practices, and offer immediate recourse.
C. Jurisdictional and Technological Issues
The borderless nature of internet communications presents difficulties for traditional criminal law when it comes to assigning jurisdiction and initiating legal proceedings. Fast-paced technological advancements frequently render legislation outdated and insufficient, as offenders exploit these gaps to perpetuate harm.
D. Balancing Regulation and Free Speech
A regulatory approach to cyber harassment needs to strike a careful balance between free speech and protection against online abuse. Laws that are too broad may suppress legitimate criticism, dissent, and political speech. The central task is developing a narrowly tailored statute that addresses harmful behaviours without jeopardising constitutional protections.
VI. Recommendations for Reform
A. Dedicated Anti-Cyberbullying Law
India should adopt a statute specifically targeting cyberbullying and online harassment. Such a law should establish clear definitions of prohibited conduct, victim support mechanisms, and procedural protections against its misuse.
B. Enhanced Platform Liability
Digital intermediaries should have greater obligations for transparency and reporting. Mandatory deadlines for the removal of malicious content and independent dispute resolution systems should be introduced.
C. International Cooperation
Given the borderless nature of computer crimes, India should foster stronger bilateral and multilateral cooperation mechanisms, including protocols on digital evidence exchange and cybercrime investigation.
D. Awareness and Digital Literacy Programs
Cyberbullying cannot be eradicated by laws alone. Educational institutions, the tech industry, and government should launch programs promoting digital literacy, responsible online behaviour, and public knowledge of legal remedies.
VII. Conclusion
Cyberbullying and online harassment are among the most pressing issues facing today’s interconnected world. While existing Indian laws offer piecemeal solutions to digital abuse, the current legal regime remains unintegrated, reactive, and inadequate to cope with the changing patterns of digital harm.
This paper establishes that there are substantial loopholes in intermediary liability, victim protection, effective enforcement, and cross-border jurisdiction. The examples from the UK and EU suggest a worldwide trend towards an integrated online safety regime and increased platform responsibility.
It is contended that a specific and balanced legislative framework that safeguards citizens against digital abuse while upholding constitutional guarantees of free expression is crucial for India. A successful reform would require an amalgamation of legal responsibility, technology regulation, victim support services, and public awareness programs. With online interaction ever more integral to the fabric of modern society, assuring safety and respect for users in cyberspace is a contemporary legal necessity.
Reference(S):
Cases
Justice K.S. Puttaswamy v. Union of India, (2017) 10 SCC 1 (India).
Shreya Singhal v. Union of India, (2015) 5 SCC 1 (India).
Constitutional Provisions
India Const. art. 19, cl. 1(a).
India Const. art. 19, cl. 2.
Legislation and Rules
Bharatiya Nyaya Sanhita, 2023 (India).
Information Technology Act, 2000 (India).
Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (India).
Online Safety Act 2023, c. 50 (UK).
Regulation (EU) 2016/679 of the European Parliament and of the Council of Apr. 27, 2016, 2016 O.J. (L 119) 1.
Regulation (EU) 2022/2065 of the European Parliament and of the Council of Oct. 19, 2022 on a Single Market for Digital Services and Amending Directive 2000/31/EC, 2022 O.J. (L 277) 1.
Bibliography
Law Commission of India, Consultation Paper on Cyber Crime and Digital Safety (2023).
OECD, Combatting Online Harassment and Abuse in Digital Spaces (2021).
Ofcom, Online Safety Regulation Framework (2024).
UNICEF, Ending Online Child Abuse and Exploitation (2023).
United Nations Human Rights Council, The Right to Privacy in the Digital Age, U.N. Doc. A/HRC/48/31 (Sept. 13, 2021).
Websites
India Code, Government of India
Ministry of Electronics and Information Technology, Government of India
United Nations Human Rights Council
European Commission – Digital Services Act
Endnote(S):
- Andrew Murray, INFORMATION TECHNOLOGY LAW: THE LAW AND SOCIETY 412-18 (4th ed. 2019).
- Danielle Keats Citron, HATE CRIMES IN CYBERSPACE 23-28 (Harvard Univ. Press 2014).
- UNICEF, ENDING ONLINE CHILD ABUSE AND EXPLOITATION 14-19 (2023).
- Information Technology Act, 2000 (India); Bharatiya Nyaya Sanhita, 2023 (India).
- OECD, Combatting Online Harassment and Abuse in Digital Spaces 8-13 (2021).
- United Nations Human Rights Council, The Right to Privacy in the Digital Age, U.N. Doc. A/HRC/48/31 (Sept. 13, 2021).
- Information Technology Act, 2000 (India).
- Information Technology Act, 2000, § 66E (India).
- Danielle Keats Citron & Mary Anne Franks, Criminalizing Revenge Porn, 49 WAKE FOREST L. REV. 345, 350-54 (2014).
- Information Technology Act, 2000, §§ 67, 67A (India).
- Mary Anne Franks, Drafting an Effective “Revenge Porn” Law: A Guide for Legislators, 14 GEO. MASON L. REV. 1301, 1308-14 (2015).
- Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, Rule 3 (India).
- Lilian Edwards, Regulating Social Media: The Challenges of Balancing Free Speech and Harm Prevention, 14 LAW, INNOVATION & TECH. 45, 49-53 (2021).
- Bharatiya Nyaya Sanhita, 2023 (India).
- Bharatiya Nyaya Sanhita, 2023, §§ 74, 75, 356 (India). [Author to confirm — see Analysis Report.]
- Bharatiya Nyaya Sanhita, 2023, § 78 (India).
- Bharatiya Nyaya Sanhita, 2023, § 79 (India). [Author to confirm — see Analysis Report.]
- India Const. art. 19.
- India Const. art. 19, cl. 1(a).
- India Const. art. 19, cl. 2.
- Justice K.S. Puttaswamy v. Union of India, (2017) 10 SCC 1 (India).
- Shreya Singhal v. Union of India, (2015) 5 SCC 1 (India).
- Id. at 81-82.
- Eric Goldman, Why Section 230 Is Better Than the First Amendment, 95 NOTRE DAME L. REV. 33, 40-44 (2019).
- Law Commission of India, Consultation Paper on Cyber Crime and Digital Safety 44-51 (2023).
- Online Safety Act 2023, c. 50 (UK).
- Ofcom, Online Safety Regulation Framework 12-18 (2024).
- Danielle Citron, Cyber Civil Rights, 89 B.U. L. REV. 61, 67-74 (2009).
- Eric Goldman, Why Section 230 Is Better Than the First Amendment, 95 NOTRE DAME L. REV. 33, 40-44 (2019).
- Regulation (EU) 2022/2065 of the European Parliament and of the Council of Oct. 19, 2022 on a Single Market for Digital Services and Amending Directive 2000/31/EC, 2022 O.J. (L 277) 1; Regulation (EU) 2016/679 of the European Parliament and of the Council of Apr. 27, 2016, 2016 O.J. (L 119) 1.





