Awareness Law Awareness

Cyber Space and the various Challenges attached to the regulation of Information and Communication Technology.


Today cyberspace has become an inseparable element of our life but if we see two decades ago this term seemed like something science fiction. Cyberspace is the virtual space or imaginary space created by internet and it does not have any geographical boundaries/areas. This article talks introduction of the term Cyberspace and differentiate it with physical world and internet. It further deals with its introduction to India and Indian governance; challenges and issues faced by cyberspace governance; cybersecurity and law; Regulation of Information and Communication Technologies; criticism of IT act; ways to strengthen the Act and conclusion. 

Keyword: Cyberspace, Space, Geographical, Network, Internet, Communication, Physical World,

Information, Technology, Government, IT Act, Regulations


Today cyberspace has become an inseparable element of our life but if we see two decades ago this term seemed like something science fiction. In 21st century the cyberspace the virtual space (place) where people spend most of their times, like using internet network for work, study, games, entertainment, research and many more such activities[1]

What is cyberspace? 

There is not any proper definition which can define the term, ‘CYBERSPACE’, but the term was first coined by William Gibson in the year 1984 in his ‘Neuromancer’[2]. Prior to 1984 he also wrote, ‘Burning Chrome’ in the year 1982 and he used the term Cyberspace in that book. Cyberspace is the virtual space or imaginary space created by internet and it does not have any geographical boundaries/areas. 

Cyberspace is a large computer network which is made of different computer network all over the world that employ TCP/IP protocol to help in communication and data exchange works. It is three-dimensional representation of virtual place in a computer network. Cyberspace has three Layers:

  • Physical Layer: this layer is where physical network is present like, computer, wires etc.
  • Logical Layer: in this their physical components are not present like, where wire etc do not exist   Social Layer: layer beyond the logical layer

Cyberspace vs. Physical World

Cyberspace is the digital medium of physical world for communication, entertainment, and many more. It is only interactive world of physical word which do not have any geographical boundaries. It cannot be seen in Logical and Social layer. Cyberspace is dynamic, undefined and exponential and also do not have fixed space.

Whereas, the physical world is static, well defined, and incremental. It has fixed contours and limits. Physical world has humans which uses cyberspace with the internet for different works.

Cyberspace area

The largest area of cyberspace is the internet, in includes the World Wide Web (www), the USENET and IRC (internet relay chat)[3].

How cyberspace is different from Internet?

Internet is the global computer network which gives information as well as communication facilities through interconnected networks with the help of standardized communication protocols4.  Whereas, cyberspace is the virtual space or imaginary space created by internet, which works on the notional environment of the computer network and it does not have any geographical boundaries/areas. In simple words we can say that internet is the set of computer network that works using different communication protocols and cyberspace is the virtual place or world of computer which works because of the internet. 

India and Cyberspace

In India cyberspace was born in the year 1975 with the establishment of National Information Centre(NIC) with the aim to provide IT solutions for the government. Between 1986 and 1988 three networks were set up to connect various agencies to government. After liberalization in 1991 India witnessed steady economic growth because of globalization and information revolution. Intention of the government behind using the information technology is to improve governance by increasing transparency, time bound delivery of the government services and insuring financial inclusion and curbing corruption[4].  

Cyberspace has no formal comprehensive governance framework globally but it has become new common from few years. In last few years there has been attempts from different countries under united nation to create a global governance framework in the area of cyberspace. In this run India is making a play for defining this  framework of governance of cyberspace. In India New Delhi, Ministry of external Affair and ministry of electronics and information technology has set up cyber diplomacy through four endeavors[5]: i. By creation of cyber norms

  1. By managing internet governance
  2. By promoting the digital economy  iv.     By emphasis on capacity building  

Cyber Security Issues and Challenges  

The Indian government has been on the aim to digitize the country and during this process many enterprises have also moved forward to with the aim to digitize their business operations and processes. All of these technological advancement has indeed helped the organizations to bring their business to new heights and achievement but this has also lead to the exposure of critical data and theft of intellectual property. This threat to cyber security can range from cyber-attacks on critical infrastructure to new and different forms of misuse of social media. Various kinds of cyber threats have plagued India since years.[6] 

Cybercrimes can be said to be crimes that dealt with computers and networks specifically. Some of the common cybercrimes are as follows:

  • Child Pornography: Paedophiles (an individual who is physically drawn to kids) bait the kids by conveying explicit material and then seek after them for sexual exploitations.
  • Credit card Frauds: it is theft of the information of cardholder facing the payment issue.
  • Cyber Stalking: it is the use of internet services for harassing or threating a victim. Internet, emails or other communication devices are used to stalk someone.
  • Data Diddling: in this just before the raw data is processed by a computer it is altered and then changed back after it is completed.
  • Distribution of Malicious Software: in this a software is designed which is to perform unwanted illegal act through computer network.
  • Hacking: an unlawful interruption into a computer framework and system.
  • Identity fraud: it is the use of someone else’s identity for illicit purpose.
  • Mail Bombs: it refers to the sending of countless E-Mails to the victim so as to crash the victim’s Email account or an E-Mail service provider.
  • Password Sniffing: Password Sniffers are programs that screen and record the name and secret key of organization clients as they login, threatening security at a site. [7]

Regulation of Information and Communication Technologies

There has always been a challenging and complex regulatory environment in India. At the national level, regulations and various promotion schemes are frequently announced. New bills and guidelines have been announced that have impact on privacy, data protection, cross-border data flows etc. and India recently announced new bills and guidelines impacting data protection, privacy, cross-border data flows, and data localization.  The GOI has introduced the: –

  • Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules in 2021, 
  • Draft of Personal Data Protection Bill (PDPB), 
  • Non-Personal Data Governance Framework,
  • National Cyber Security Strategy in 2020 (NCSS 2020) etc.

India has introduced a digital tax. This tax is called Equalisation Levy, which is at the rate of 2% of the amount of the consideration received or which is receivable by an E-commerce operator from the supply of goods or services. This was introduced in March 2021, and it became effective on April,2021.[8]

The current laws that govern the Information and Communication Technology, they have been derived from different Acts. These Acts include-

  • Indian Telegraph Act 1885
  • Indian Wireless Telegraphy Act 1933
  • The Telegraph Wire Unlawful Possession Act 1950 and
  • The Cable Television Network (Regulation) Act 1995

The Information Technology Act 2000 covers all the issues relating to data security, cyber-crime, digital signatures, electronic commerce etc. and this Act also governs cyber space. Further this act grants legal sanction to the e-commerce transactions and prohibits the breach of privacy and confidentiality. The issues relating to electronic transactions, hacking, network service providers and digital signatures are also covered by the Act. It tries to resolve matters/issues relating to cyber jurisdiction. This Act also applies to the offences and the contraventions that have been committed outside India by any person regardless of his nationality.

But it is to be noted that the Act is silent on the issue of access and the sharing of personal information, which comes under the protection of data privacy laws in many countries. In the present Act there are no specific provisions relating to data privacy of the individuals

 It is very possible that in the near future, with the advancement of technologies, there might arise situations where the circumstances and transactions mentioned in the IT act 2000 may not be able to provide adequate protection and remedy to the individuals and the companies that are carrying on their business relating to personal data.   

At the end the parties will be left with the choice to enter into data privacy agreements. All of this affects the outsourcing/BPO companies that are from America and Europe, and where  they have laws which provide protection to personal data.[9]

Criticism of Information Technology Act 2000: –

There has been many criticism of the Act for being able to keep up with the technological developments. The country has witnessed a rise in the cyber-crime and the Act in this regard has been called a toothless Act as it h s been ineffective in tacking problems and keeping cyber-crime in check.  Some of the criticisms are:

  • The provisions of the Act are outdated and thus fail to safeguard the right to privacy of the people. With the arrival of Artificial Intelligence and machine learning, had made it necessary for the regulatory framework to be more detailed and effective which the 21-year-old IT law fails to do so. The Act does not only lack provisions that define data storage policy and also the metric for data retention don’t abide by the principles of data minimization.
  • Another criticism is that with the increase in number of data breeches the existing mechanism provided under the IT Act is not adequate, as under section 43A of the Act, in case of negligent handling of sensitive personal data only compensation is provided.
  • The IT act relies on the Code of Criminal Procedure 1974 for the purpose of laying out procedural mandates for criminal offences. This creates problems as the CrPC was introduce at such a time when there relatively less developed technological communications and resulting that tits provisions apply more to physical objects rather than tangible electronic records. Secondly, it is the police officer holding the rank of inspector who are regular police personnel, which are responsible for investigating online criminal, activities. But these crimes have gradient nature which requires years of specialised training and deep understanding of technology so as to be able to probe properly. 
  • The provisions under the Act are vague and arbitrary which has a negative effect on free speech. For instance, under sections 69 and 69A the authorities are empowered to intercept computer resources and can issues orders to block the network providers on the basis of interest of sovereignty and integrity of India. These provisions are overboard and they fail to maintain a balance between proportional social control and freedom of speech.
  • There are some statutory barriers in the IT Act that hinder the effective implementation of the frontier technologies that can help in reducing cyber susceptibilities. This can be seen from the example that under the IT Act it is  prohibited to use digital signatures in the transactions or documents relating to immovable property which as a result hinders the block-chain based applications which includes land tilting and record keeping, which is an important issue where seventy percent of the cases relates to property.[10]

Thus it can be seen various technological advancement has occurred but along with this comes a lot of risks that include threat to cyberspace, personal data and information. The current law still lacks in matters of protection of personal data of individuals. Exponential growth comes with a set of policy and regulatory challenges. There are ways through which the government can overcome this shortage. Firstly, the regulatory framework and the governmental policies should be in alignment so that it can enable the growth of the technological system and not hinder its growth. There exists a global competition for leadership positions in the emerging technological domains and this global race stresses on impactful innovation policies that ease up inventive activity, but does so in a responsible manner.

Secondly, after 2016 various incidents have demonstrated the rise of the information and communication technologies, and has created susceptibilities and new kinds of harm to individuals as well as community rights. In cyberspace there is a threat to the security and data, information which gets worsened when the digital literacy doesn’t keep up with digital use. Nowadays, for the purpose of monetization and profiling, personal data has become a critical tool for it but not much step has been taken to secure such data and to respect individual privacy. Thus there is an urgent need to bring respect for privacy and the individual as well as community rights and in this whole process regulations will play a crucial role. 

Ways to strengthen the IT Act

  • The Amendment Act of 2008 had reduced the amount of punishment for the majority of the cybercrimes and this issue needs to be resolved immediately.
  • The Act should make majority of the cyber-crimes non-bailable.
  • Another issue is that the Act doesn’t covers the offences committed through mobiles, which again needs to be resolved.
  • The Act needs to incorporate in the law a comprehensive data protection regime as it will make the Act more effective.
  • Lastly, the Act must include cyber war under the category of offence[11].


Thus from the above discussion it can be seen that what is cyber space, the various challenges attached to the regulation of Information and Communication Technology and also that there are many issues that need to be resolved in the matters of regulations relating to information and communication technology. The IT Act 2000 was enacted to grant legal sanction to e-commerce and to control the growing cyber-crime but this law is not adequate enough to meet the present needs of cyber space. With the development of information and communications technologies the Act has been able to keep up with the current situations and lacks in many areas. The Indian authorities are also aware of the truth that they struggle to deal with criminal activity in digital spheres. This lack is from the lack of proper training in the technological field. As discussed the sphere of cyber-crimes has many shades which requires an in-depth knowledge to understand it. Furthermore, there are crimes that are not covered in the ambit of Act, that is they are not considered as crimes which affects and threatens the security of the data available online. And most importantly India lacks laws on the protection of personal information data which in other countries are strictly protected and secured. There are various aspects where India needs to make improvement in regard to its regulatory framework concerning information and communications technologies. The government has also realized and is working on to make the Act sturdier to protect the citizens from the cyber-crimes. It might take some time but there is hope that soon the Act will be able to meet the demands of the society growing continuously in the field of information and communication technologies.

[1] Introduction to Cyberspace, , Retrieved January 22, 2022,   

[2] Introduction to Cyberspace, , Retrieved January 22, 2022,  

[3] What is Cyberspace? – Definition, Features and More, www-computertechreviews-com, Retrieved January 22, 2022,    4 Anwar Shakeel, 2018, December 04, What is Cyberspace Internet and how it different from internet?, m-jagranjosh-com, Retrieved January 22, 2022, .

[4] The Indian Cyberspace And Cyber Security Initiatives Information Technology Essay, Chapter 3, Retrieved January 25, 2022 cybersecurityinitiativesinformationtechnologyessay.php.  

[5] Patil Sameer, India’s lead on cyberspace governance, , Retrieved January 23, 2022 .

[6] Merchandani, D. (2021, October 28). The Current State of Cyber Security in India. Retrieved January 14, 2022, from    

[7] Badruddin, & Ahmad, Anis. (2019). Cyber Security Challenges: Some Reflections on Law and Policy in India. 1. 76-91. dia/citation/download  

[8] India – Country Commercial Guide. (2021, October 22). Retrieved January 13, 2022, from :

[9] Goel, R. (2005, October 20). Home India Employment and HR CONTRIBUTOR Legally Lawyers ARTICLE Share Follow this topic Follow Ask a Question Question Print this Article Print Translate this page Translate India: Information and Communication

Technology         Regulatory          Framework.         Retrieved         January                                    13,                      2022,                           from

[10] Update the IT Act 2000: India needs a reboot! (2021, July 12). Retrieved January 13, 2022, from  

[11] Zargar, H. (2018, March 11). India’s Information Technology Act has not been effective in checking cyber crime: Expert. Retrieved January 13, 2022, from   

By – Marisha Shandilya & Nidhi Kumari

Leave a comment

Your email address will not be published. Required fields are marked *