In recent times, #CryptoCrimes have occupied a fair share of space in newspaper columns. As per Reddit, Investopedia and Indian Express some of the interesting headlines are as follows: “India’s Bitcoin boom is fueling a surge in cryptocurrency crimes”, “Indian Businessman kidnapped for Bitcoin Fraud of trading cryptocurrency in India”, “Investigation ongoing of a multicore MLM Bitcoin scam”.
With the absence of any specified legislation in place #cryptocurrency crimes have increased manifold. The fact that the Reserve Bank of India (#RBI), 2018 Circular
that banned Crypto currency in India has added fuel to the fire. The Supreme Court Judgment in the case of Internet Mobile Association of India v. Reserve Bank of India WP(C) No. 373 of 2018 dated 04.03.2020 wherein the Supreme Court quashed the 2018 Circular issued by RBI stating that the 2018 Circular is disproportionate and fails the reasonableness test under Article 19(1)(g) of the Constitution of India which guarantees to all Indian citizens the Right to carry on any occupation, trade or business, a vacuum has been created in this area. The position is such that cryptocurrencies are not illegal in India but the said Sector seems unmonitored due to lack of specific Laws. Hence, most of these crimes would fall within the purview of Fraud and Cheating.
While at present, holding or trading in Virtual currencies is not a crime per se, they may form a part of modus operandi of a separate offence when used to purchase illicit goods such as weapons, drugs, payment for services like gambling which are criminalized in certain jurisdictions. These currencies may also be collected or circulated with an intention to finance terrorist activities. Hence, cryptos may become “instrumentalities of crime” and manifest themselves in multitude of ways – it may be ancillary to the core offence, for example, breaking into a personal wallet through ‘hacking’ or stealing bitcoins that would be theft.
The crimes relating to cryptos would come in the category of cyber-crimes. The word “Cyber” is not defined in any statute. Simply put, the term is used for anything related to computers, information technology, internet, or digital space. The Indian Penal Code and the Information Technology Act cumulatively consist of many distinct and some parallel provisions relating to cyber-crimes.
Sections 43 and 66 of the IT Act penalises a number of activities ranging from hacking into a computer network, data theft, introducing and spreading viruses through computer networks, to destroying information residing in a computer etc. Consecutively, Section 378 of the IPC relates to “theft” of movable property. It shall also apply to the theft of any data, online or otherwise . The term “movable property” defined in Section 22 of the IPC also includes digital property because by using the word “properties of every description” the legislative intent of drafters was to cover all properties, such as cryptocurrencies that have come up in the “internet age”.
Section 425 of the IPC deals with Mischief and includes the act of damaging computer systems and even denying access to a computer system under its scope. Similarly, Section 66B of the IT Act prescribes punishment for dishonestly receiving any stolen computer resource or communication device. Parallelly, Section 411 of the IPC too prescribes punishment for dishonestly receiving stolen property and is worded in a manner that is almost identical to Section 66B of the IT Act.
Under Section 43(h) read with Section 66 of the IT Act an individual who charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network shall be penalised. Hence, when a cryptocurrency is wrongfully transferred to a person by tampering with the computer system of another person and gaining illegal access to it, this Section would be attracted.
Further, underSection 65 of the IT Act, tampering/interfering with the computer source code is punishable with imprisonment for up to 3 (three) years or with a fine which may extend to Rs. 3,00,000 (Rupees lac) or with both. Section 409 of the IPC overlaps with Section 65 of the IT Act to a extent that Section 409 deals with criminal breach of trust by a public servant or banker or merchant or agent .The point of difference between the two provisions is that, Section 65 of the IT Act does not require that the person who tampers /damages /destroys computer source documents to have been entrusted with such source code while Section 409 of the IPC requires the criminal breach of trust to be committed by someone to whom the property was entrusted.
Section 66F of the IT Act prescribes punishment for cyber terrorism. It includes within its ambit alteration or interference with computer data or database without authorization and with the purpose of threatening the sovereignty and integrity of the nation. Though there is no mirror provision in the IPC like 66F of the IT Act but Section 121 of the IPC (waging, or attempting to wage war, or abetting waging of war, against the Government of India) does touch upon this offence partially. In context of crypto crimes, any use of crypto currency for terror financing would be ancillary to the core crime and its use would attract punishment under Section 66F of the IT act as well as Section 121 of the IPC.
For an act of crypto crime to be attracted under the statute, the following criteria should be met : (i) There should be an act(s) of manipulation/interference with data (damaging, deletion, deterioration, alteration or suppression of computer data or any part of the computer system) (ii) Data interference should be committed “without right”, whether legislative, executive, administrative, judicial, contractual or consensual or conduct that is otherwise not covered by established legal defenses under the relevant principles of domestic law. (iii) Intent to interfere with computer data should be proven. (iv) No specific damages, impact or adverse effect whatsoever is necessary – the mere act in itself, without triggering any specific effects, is a criminal offence.
Today the biggest challenge before the Authorities is actually identifying crypto crimes as these transactions are mostly fast and irreversible as some of these virtual currencies have been designed specifically to provide transactional anonymity. The canonical example of a decentralised virtual currency is Bitcoin. It may be used as an example of the threat of transactional anonymity.
Under the current updated legislations in India, be it the Indian Penal Code or the Information Technology Act, there is heavy reliance on electronic evidence with respect to digital transactions. With Cryptos, the problem is that there is virtually no paper trail available, except for a limited set of operations that involve exchange of virtual currency into fiat money, or vice versa, and relevance of such paper trail in terms of virtual currency-related investigations is similarly limited.
Post the Supreme Court Judgment that quashes the 2018 RBI Circular a high level Inter-Ministerial Committee has proposed draft legislation for the Banning of Cryptocurrency and Regulation of Official Digital Currency. The Draft Bill proposes to ban mining, trading, holding, issuance or disposal of cryptocurrencies in India and imposes monetary as well as penal consequences for violation of the same with an exemption to use the technology for the purposes of experiment, research or teaching. It also proposes to introduce an ‘official digital currency’ wherein RBI may issue the Indian Rupee in a digital format and recognise certain foreign digital currencies as well. When the Bill will see the light of day is a wait and watch situation.
Student at National University of Singapore
Intern at The Indian Lawyer & Allied Services