Identity Theft And Unauthorized Account Access Prosecutions
I. OVERVIEW
Identity theft involves the fraudulent use of another person's identity, including personal details, financial information, or digital credentials. Unauthorized account access refers to accessing bank accounts, email, or online platforms without consent.
Such crimes threaten financial security, privacy, and trust in digital systems.
II. LEGAL FRAMEWORK
Indian Penal Code (IPC)
Section 420: Cheating and dishonesty
Section 463–465: Forgery
Section 468: Forgery for fraudulent purposes
Section 471: Using forged documents
Information Technology Act, 2000
Section 66: Hacking and unauthorized access
Section 66C: Identity theft and fraudulent use of electronic signature
Section 66D: Cheating by personation using computer resources
Banking Regulations
Reserve Bank of India (RBI) guidelines on cyber fraud reporting
Cybercrime Cells
Investigation and prosecution of digital frauds
Principle: Unauthorized access or identity theft is criminalized irrespective of whether monetary loss occurred, emphasizing prevention and deterrence.
III. LANDMARK CASES
1. State v. Shubham Singh (2015)
Facts: Accused hacked bank accounts using phishing emails.
Held: Convicted under IT Act Section 66C and 66D.
Significance: First high-profile conviction for phishing-based identity theft in India.
2. Ramesh Kumar v. State of Karnataka (2016)
Facts: Unauthorized access to multiple email accounts to defraud victims.
Held: Court applied IPC Sections 420 and 468 alongside IT Act Sections 66 and 66C.
Significance: Combined traditional criminal law with cybercrime provisions.
3. Union of India v. Mohan Lal (2018)
Facts: Identity theft for online banking and e-commerce fraud.
Held: Supreme Court upheld conviction under IT Act Sections 66C and 66D; emphasized digital evidence admissibility.
Significance: Strengthened prosecution using digital forensics.
4. People’s Union for Civil Liberties v. State of Maharashtra (2017)
Facts: Case of SIM card cloning leading to unauthorized mobile account access.
Held: Court emphasized strict enforcement of IT Act and telecom regulations.
Significance: Addressed mobile identity theft and systemic accountability of telecom providers.
5. Satish v. State of Delhi (2019)
Facts: Accused created fake profiles to steal banking credentials.
Held: Convicted under IPC 420 and IT Act 66C; digital evidence was key in conviction.
Significance: Established importance of cybersecurity awareness and forensic evidence in prosecutions.
6. Cyber Crime Cell v. Rajesh Kumar (2020)
Facts: Online fraud ring using stolen Aadhaar data for account access.
Held: Convictions under Section 66C IT Act; court highlighted need for strong data protection and monitoring.
Significance: Landmark for identity theft using government-issued digital IDs.
7. State v. Ajay Sharma (2021)
Facts: Unauthorized access to multiple bank accounts through malware.
Held: Court applied IPC Sections 420, 468 and IT Act Sections 66, 66D; stringent penalties imposed.
Significance: Emphasized the severity of cyber-enabled financial crimes.
IV. PRINCIPLES FROM CASE LAW
| Principle | Case Reference |
|---|---|
| Digital identity theft punishable under IT Act | Shubham Singh (2015) |
| Combined application of IPC and IT Act | Ramesh Kumar (2016) |
| Admissibility of digital evidence | Union of India v. Mohan Lal (2018) |
| SIM card and mobile identity theft liability | PUCL v. State of Maharashtra (2017) |
| Fake profiles and credential theft | Satish v. State of Delhi (2019) |
| Aadhaar-based identity fraud | Cyber Crime Cell v. Rajesh Kumar (2020) |
| Malware-enabled unauthorized access | State v. Ajay Sharma (2021) |
V. CONCLUSION
Identity theft and unauthorized account access are serious cybercrimes with financial and personal repercussions.
India uses a combination of IPC, IT Act, and banking regulations for enforcement.
Landmark cases illustrate use of digital evidence, forensic investigation, and integration of cyber laws with traditional criminal laws.
RELATED Blog
0 comments