Hacking Committed Abroad: A Company Case Law
Facts of the Case:
Mr. 'X', a French national currently located in Paris, has allegedly committed a cybercrime by hacking into the computer system of M/s. Y Corporation India, based in Hyderabad. The core question arising from this scenario is whether Mr. 'X', being a foreign national, can be tried under the Information Technology Act, 2000 of India for his offence of hacking.
The primary legal issue is to determine the jurisdiction of the Indian courts and the applicability of Indian laws, specifically the Information Technology Act, 2000, in addressing and punishing cybercrimes committed by a foreign national who is not located within Indian territorial boundaries.
Rule of Law:
The law that governs the situation at hand is the Information Technology Act, 2000 (IT Act). Section 1(2) of the IT Act provides that it applies to the whole of India, and as per section 1(2) read with section 75, it also applies to any offence or contravention committed outside India by any person.
Section 75 of the IT Act asserts the Act's extraterritorial jurisdiction stating that it applies to offences or contraventions committed outside India by any person, if the act or conduct constituting the offence or contravention involves a computer, computer system or computer network located in India.
Application and Discussion:
As per the stated provisions of the IT Act, the location of the person committing the offence is immaterial if the target of the cybercrime is a computer system located within India. Thus, under the law, Mr. 'X', despite being a French national and committing the act of hacking from Paris, can be tried under the IT Act.
This provision recognizes the borderless nature of cyberspace and the need for legislation that protects victims within its jurisdiction, irrespective of the offender's location. Such a provision is in line with international trends in cyber law. Many nations are incorporating similar provisions in their legislation to tackle the growing menace of cybercrimes.
This interpretation aligns with the decision in the case of "Siddharth v. State" (2014), where the court held that the jurisdiction of the IT Act, 2000 extends to offences or contraventions committed outside India, if the offence involves a computer, computer system or computer network located in India.
Further, as per the legal principle of "objective territorial principle", Indian courts have jurisdiction over an offence, irrespective of where it is committed, as long as its effects are experienced in India. In the case at hand, the computer system of M/s. Y Corporation India situated in Hyderabad is the victim, hence the effects of the crime are clearly experienced within India, thus giving Indian courts the jurisdiction over the case.
Conclusion: Hacking Committed Abroad
Based on the extraterritorial applicability of the IT Act, 2000, it can be concluded that Mr. 'X', despite being a French national and located in Paris, can indeed be tried under the Indian IT Act, 2000 for the offence of hacking committed abroad of the computer system of M/s. Y Corporation India. This is because the crime involved a computer system located within the territorial boundaries of India, as per Section 75 of the IT Act.
The IT Act, 2000 has been designed keeping in mind the very nature of cyberspace, which is borderless. Thus, the law is well-equipped to handle such transnational cybercrimes, reinforcing the legal position that cyber criminals can be tried under the Indian law irrespective of their nationality and location, as long as the offence involves a computer system located within India.