Cyberstalking: Breach of Privacy

Cyberstalking: Breach of Privacy

Author: -Niranjan Biradar


People over the years have evolved in all aspects especially the tech world which has been a greater impact on the current generation. Globally, internet access has been rapidly increasing in recent years. IT sectors have been a boon to the economy. Largely the internet has curbed the people this implication can be seen in the dependence of people on the internet. Corporate sectors and Private sectors are mostly run by IT-based sectors. Government sectors have gradually adapted to IT-enabled public services like UDI, Public domain records, and also services relating to healthcare, education and financial services (Online payments), etc are available with the help of technological serves.

The cyber-world is vague and substantial; the enormous data which is stored can be exploited for malicious practices by cyber-criminal this may be termed as cyber-attacks. These cyber-attacks usually target the sensitive information of an individual, organization, firm, or any private/government sector. 

According to United Nations, Conference on Trade and Development 154 countries (79 per cent) have enacted cybercrime legislation, the pattern varies by region: Europe has the highest adoption rate (93 per cent) and Asia and the Pacific the lowest (55 per cent).1

The evolving cybercrime landscape and resulting skills gaps are a significant challenge for law enforcement agencies and prosecutors, especially for cross-border enforcement.

National Crime Records Bureau (NCRB) reports revealing that 21,796, 27,248, and 44,546 cybercrime cases have been reported in 2017, 2018, and 2019 respectively while there are no records for unreported cases.2

Cyberstalking is defined as a repeated act of harassment/threatening behaviour of the criminal towards the victim using internet services it involves following the victim, making harassing phone calls, vandalizing victims’ property, leaving written messages or objects.3

Cyberstalking is the present internet world that is trouble-free. Stalkers track the activities and target the victim by harassing, threatening through messages, phone calls, emails, etc. The motive for such acts maybe jealousy, revenge, sexual obsession/desperation, or any other malicious intention.4 

As the name itself suggest ‘Cyberstalking’ is online stalking/harassment. The victim may be a known person, a stranger, or under influence of someone. Cyberstalking doesn’t supposedly start with threatening or harassing acts; sometimes the stalker makes an acquaintance of the -02-

the victim in any way possible and later threatens/harasses the victim. Men and women both get stalked but women are stalked more comparably.5 

Social media is the main and easiest tool for stalkers to access a person’s information. Over the years the social media users are increasing; there were 142.23M users in 2015, 168.1M users in 2016 which has increased to 376.1M users as of 2020.

According to the National Crime Records Bureau (NCRB), 543, 739 and 777 cyberstalking cases have been reported in 2017, 2018, and 2019 respectively. Out of which 559 cases of previous years are still pending and total cases for investigation stands at 1336 as of 2019. Although the number seems less these are the reported ones while there are thousands of people being stalked every day but are helpless due to fear of being exposed or threatened.

As mentioned above cyberstalking is increasing in a virtual world and the privacy of individuals is at threat. Supreme court in the case of Puttuswamy v. Union of India6 ruled that right to privacy a fundamental right under Article 21. However, to date, there exists no codified law to tackle this problem. Hence, this article helps in knowing the need for legislation for cyberstalking and protect the right to privacy of people. 

Further, the article speaks about the protection of people’s right to privacy and also the alternatives to overcome the serious problem of cyberstalking.

1.1 Existing laws:

Although cybercrimes seem to be dangerous at the national and international level; India has no strict law completely dedicated to cybercrimes. Cyberstalking is one such serious issues rising in recent times. However, Chapter XI of The IT Act, 2000 deals with the offences under cybercrimes.

1.2 Research problem:

Stalking is known as illegal and manipulates throughout the world. Privacy is endangered in today’s world as everyone is open to the social media world in one or the other way. The problem here is any person can track the moves of an individual with malicious intent and to which victims fall easily who later gets manipulated/harassed by the stalker by all means possible.

1.3 Research question:

          1.  Whether cyberstalking deprives the right to privacy of an individual?

          2.  Whether the existing laws are sufficient enough to tackle cyberstalking?

          3.  What are the major alternatives to overcome the problem of cyberstalking?

1.4 Hypothesis:

This problem can be tackled by making certain new rules and regulations within the IT Act,2000, and also by bringing up new legislation for cyber relating crimes.

1.5 Scope:

The study is majorly on cyberstalking and the research further extends in dealing with a real-world problem faced by the people on social websites and the need for strict actions by the government at the earliest.

Right to Privacy

Every individual has the right to protect his/her privacy regardless of the circumstances. The concept of “online privacy” is very broad and tends to cover other aspects of telecommunication and technology. The privacy concerns are related to both the misuse of certain information or the disclosure of this to others. The growth of the internet in general has produced new concerns about protecting the rights of consumers online.7

Article 12 of the Universal Declaration of Human Rights states everyone has the right to the protection of the law against interference with an individual’s privacy.8 General Data Protection Regulation (GDPR) was introduced by the European Government in 2018 to protect the data of European citizens.9 Following GDPR an attempt was made by the Indian government to bring a data protection law but the same was rejected as it had failed to weigh the economic costs and benefits of implementing a GDPR-style law in India.10

The Data Protection Act, 1998 under Schedule 1 specifies the Eight principles that the information handler should follow.

  1. Fairly and lawfully 
  2. Specified and lawful purposes, 
  3. Adequate, relevant, and not excessive 
  4. Accurate 
  5. Not be kept for longer than is necessary 
  6. Processed under the rights of data
  7. Secure
  8. Data shall not be processed outside the territory without an adequate level of protection.11

The right to privacy in India was identified and declared as a fundamental right under Article 21 by the Supreme court of India with subject to restrictions.  

The present world is largely dependent on the internet for day to day basis work. Internet users have increased in recent years. Social media sites have encroached on people’s minds. People interact, post pictures, share things on the internet especially on social websites namely Facebook, Instagram, Twitter, WhatsApp, and other social networks. The information stored here can be accessed by any individual.

Privacy issues within these social networking sites exist especially with the privacy agreement of these sites. This agreement states that the social network owns all of the content that users upload. These sites store content even if the account is terminated.12 

The Internet Services Providers (ISP) these ISP’s have access to user’s content as all the data is transmitted using these ISP’s. Although ISPs are prevented from participating in such illegal activities of cyberstalking some of these ISPs gather information and sell the user’s activity patterns to advertising companies.13

The data collected proves extremely valuable to business because not only is it possible to for them to target market products and services that are increasingly tailored to their visitors’ interests, but also permits them to boost their revenues by selling advertising space on their web sites.14

The organisation owning the information is responsible for securing the data of its customers. However, the user’s data is not protected which makes stalkers to gain the information easily. Although the stalker cannot physically attack or threaten the victim he can send offensive/sexually abusive content to harass them.

Cyberstalkers follow the victim on social networking sites, e-mails, messages, or telephone calls, or through any other mode, the stalker always tries to monitor every move of the victim. This causes distress and a sense of threat in the mind of the victim. The victim cannot enjoy his personal space which is guaranteed under Article 21. Cyberstalkers can easily locate private information about a potential victim with a few mouse clicks or key stokes which is a clear breach of privacy.15

Laws protecting Cyberstalking

Cybercrimes in India can be penalised under the IPC and IT Act. 

3.1 Information Technology Act:16 Section 43A of IT Act,2000 deals with the compensation awarded to a victim for breach of his/her data. 

Section 66 of the Act deals with computer-related offences like punishment for sending offensive messages, dishonestly receiving stolen computer resources, identity theft, personation, violation of privacy, and cyber-terrorism.  

Section 72 speaks about the breach of confidentiality and privacy. It specifies the person who secures the information in pursuance of powers that he or she exercises under the act. It punishes with imprisonment or fine or both the disclosure of such information to third parties without the consent of the person to who the information relates.17

Section 67, 67A & 67B of Information Technology Act, 2000 relates to a part of cyberstalking crime. Section 67 & 67A states that if stalker attempts to publish any “obscene” and “sexually explicit” material respectively in electronic form i.e., through emails, messages, or on social media then he shall be guilty of an offence under these two sections and 67B states the punishment for targeting children of age below 18 years.

The IT Act provided a shade of privacy protection to guard against unwanted disclosure and also section 69 and 69B serves as an exception as it gives provision for the disclosure of information but only with PUCL directions when a public emergency and public safety situation exist.

Although section 66 prescribes the punishments for computer-related offences, it restricts itself to the means of stalking but not the matter. The IT Act originally lacked various aspects, it was believed that over time act would have changed and grown further in overall aspects but the act still suffers “qualitative law”.

3.2 Indian Penal Code18:

Section 354D subclause (ii) of IPC defines Stalking as any man who monitors the use by a woman of the internet, email, or any other form of electronic communication commits the offence of stalking. extend to seven years, or with fine, or with both.

Section 507 deals with Criminal intimidation by an anonymous communication it states whoever commits the offence of criminal intimidation by an anonymous communication or having taken the precaution to conceal the name or abode of the person from whom the threat comes, shall be punished with imprisonment.

These laws lack the factor of specification as it doesn’t mention the “method of monitoring” and mainly it focuses only on “women” the fact that men and women have faced the problem of cyberstalking is ignored here.

Apart from the above legislations; Article 21 of the Indian Constitution “No person shall be deprived of his life or personal liberty except according to the procedure established by law”. This section condemns any person from depriving another such person of the right to personal liberty19.

However, these laws don’t meet the mere need for privacy on social sites which is a major concern for an individual. Cyberstalkers aim at entering into the private space of the victim thereby ruining his/her right to privacy and right to personal liberty; these stalkers may or may not have the malicious intention but the fact that the privacy is breached must be taken into a serious note.

3.3 The Personal data protection bill, 201920

The Personal Data Protection Bill, 2019 (“PDPB”) was introduced in Lok Sabha by the Minister of Electronics and Information Technology, on December 11, 2019. The purpose of this Bill is to provide for the protection of privacy of individuals relating to their Data and to establish a Data Protection Authority of India for the said purposes and the matters concerning the personal data of an individual.21 

The personal data protection bill, 2019 is yet to be given consent by the parliament. The bill under CHAPTER II Section 4 prohibits the processing of personal data of any individual except for any clear lawful purpose.

Section 5 specifies every person processing personal data should process the data fairly and reasonably and Section 6 puts a restriction on the extent of processing personal data.

Chapter III talks about the exception where the Personal Data can be processed without Consent.

The Bill largely covers the topic of individual data protection and ways of implementation. 

Laws in other countries

Nations like the US and EUROPE have responded to the problem of cybercrime

The EU Cybersecurity Act was brought in to respond to all challenges, protect the citizens, and stay competitive. Europe had granted a permanent mandate to the EU Agency for Cybersecurity. With the Cybersecurity Act, the Directive on the security of networks and information systems, they have put forward a strong EU pattern, based on their democratic values and safeguarding citizens’ interests.22 

Unlike the European Union, the US has no single federal law that regulates information security, cybersecurity, and privacy throughout the country. Several states have their cybersecurity laws in addition to data breach notification laws. These areas are currently regulated by a patchwork of industry-specific federal laws and state legislation, with varying scope and jurisdiction.23

Many countries following the US and Europe have implemented cybercrime laws timely and also have reached the needs partially. 


Cyberstalking is one of the products of advanced technology in the modern era. Anyone can quickly become the offender as well as the victim of cyberstalking crimes. However, with the prevalence of cybercrimes and the negative impact brought on the victims’ well-being, cyberstalking should be taken seriously by the legal authorities and victim assistance professionals.

As mentioned earlier, some developed nations have taken serious steps in combating cybercrimes and also have achieved their needs. But a country like India with a large population is yet to implement laws to combat cyber-related crimes. Very few cases get reported and actions against such cases are rarely taken by the authorities. It’s very essential to find out such problems at the earliest to stop their spread which affects society.

Although, India has succeeded in curbing cybercrimes issues to an extent through the IT Act, 2000. The act needs augmentation in all aspects to deal with all cyber-related issues individually. 

The government at the earliest should consider the matter and adopt the steps taken by the nations like the US and Europe to combat the increasing problem of cyberstalking to ensure the privacy of its citizens. 

In light of the above research, it is proved that legislation is required to combat the problem of cyberstalking and upheld people’s privacy rights citizens. 




3.  R.P. Kataria. S.K.P Sriniwas, ‘CYBER CRIMES’, 1st ed, 2013.


5.  Nandan Kamath, ‘LAW RELATING TO COMPUTERS, INTERNET, & E- COMMERCE’, 5th ed, 2000.

6. Puttuswamy v. Union of India (2017) 10 SCC 1

7. Dr. Gupta & Agarwal, ‘CYBER LAWS’,1st ed, 2016





12. Dr. Gupta & Agarwal, ‘CYBER LAWS’, 1st ed, 2016

13.  Ibid

14.  Nandan Kamath, ‘LAW RELATING TO COMPUTERS, INTERNET, & E- COMMERCE’, 5th ed, 2000.



17. Supra 5










  1. R.P. Kataria. S.K.P Sriniwas, ‘CYBER CRIMES’, 1st ed, 2013.
  2. Nandan Kamath, ‘LAW RELATING TO COMPUTERS, INTERNET, & E-COMMERCE’, 5th ed, 2000.
  3. Dr. Gupta & Agarwal, ‘CYBER LAWS’, 1st ed, 2016

Primary Sources:

  1. United Nations Conference on Trade and Development
  2. National Crime Records Bureau (NCRB)
  3. Universal Declaration of Human Rights (UDHR)
  4. General Data Protection Regulation (GDPR)

Secondary sources:                                



                        Wei-Jung, Chang, ‘Cyberstalking and Law Enforcement’



Featured Image: –

Do NOT follow this link or you will be banned from the site!