Digital Violence, Real Harm: Are India’s Cyber Laws Failing Women and Children?

Introduction

The rapid expansion of digital platforms has fundamentally transformed the manner in which individuals communicate, access information, and participate in social and economic life. While these technological advancements have enhanced connectivity and opportunity, they have simultaneously given rise to new and deeply concerning forms of harm. Digital spaces, once perceived as neutral or empowering, have increasingly become sites of gendered violence and exploitation, particularly affecting women and children. Acts such as cyber stalking, online harassment, image-based sexual abuse, revenge pornography, and digital child sexual exploitation have emerged as pervasive threats, often causing psychological trauma, reputational damage, and social isolation that extend far beyond the virtual sphere.

This issue holds particular significance in the Indian context. India has one of the largest youth populations in the world and has witnessed an unprecedented surge in smartphone usage and internet penetration. However, this digital growth has occurred alongside persistent gender-based inequalities, including unequal access to digital literacy, social stigma, and limited institutional support for victims. Women and children, especially those from marginalized backgrounds, often encounter disproportionate risks online, while simultaneously facing social and legal barriers in seeking redress. The anonymity, speed, and permanence of digital communication further exacerbate the severity of harm, making digital violence both pervasive and difficult to escape.

Despite the evolving nature of these harms, India’s cyber legal framework was largely designed with a different set of priorities. The Information Technology Act, 2000 and related provisions were primarily framed to facilitate electronic commerce, regulate data, and address basic cyber offences. As a result, there exists a growing disjunction between the letter of the law and the lived realities of women and children subjected to technology-mediated abuse. Existing legal provisions often struggle to adequately define digital violence, capture its gendered dimensions, or provide timely and effective remedies.

Against this backdrop, the present research seeks to examine whether India’s cyber laws are adequately equipped to address digital violence against women and children. It further explores whether the current statutory framework offers meaningful preventive and remedial mechanisms, and where it falls short. The primary objectives of this study are to analyse the adequacy of existing legal definitions and protections, evaluate enforcement and institutional challenges, and propose targeted reforms informed by gender-sensitive jurisprudence and relevant international best practices.

Conceptual Framework

Definition of Digital Violence

Digital violence is not merely a subset of cybercrime defined by technical illegality; rather, it represents a distinct form of gendered harm facilitated through digital technologies. It encompasses a wide range of conduct, including online harassment, cyber stalking, threats, coercion, impersonation, doxxing, and the non-consensual creation or circulation of intimate images. Unlike conventional cyber offences that primarily focus on unauthorized access or data theft, digital violence is characterised by its targeted and personal nature, often directed at women and children with the intent to intimidate, humiliate, silence, or exert control. The harm inflicted is not incidental but deliberate, rooted in unequal power relations that are replicated and intensified in digital spaces. Recognising digital violence as a form of gender-based harm is essential to understanding why general cybercrime provisions often fail to capture its gravity and impact.

Distinguishing Online Harm from Offline Violence

A persistent misconception surrounding digital violence is that online harm is less serious than physical or offline violence. This distinction is both artificial and misleading. Acts committed in virtual spaces produce tangible real-world consequences, including psychological trauma, anxiety, depression, loss of employment opportunities, educational disruption, and social ostracisation. For women and children, the permanence and viral nature of digital content often mean that harm is continuous and inescapable. Digital platforms do not merely host such violence; they function as vehicles and amplifiers, enabling rapid dissemination, anonymity, and repeated victimisation at scale. Unlike offline violence, digital abuse can persist indefinitely, resurfacing across platforms and time, thereby extending the lifespan of harm. This interconnection between online acts and offline consequences underscores the need to treat digital violence as a serious violation of dignity and personal autonomy, rather than as a trivial or secondary offence.

International Standards

International human rights instruments increasingly recognise the obligation of States to address technology-facilitated violence. The UN Committee on the Elimination of Discrimination against Women (CEDAW), through its General Recommendations, has affirmed that gender-based violence against women includes acts committed through digital means and that States must exercise due diligence to prevent, investigate, and punish such conduct. Similarly, the Convention on the Rights of the Child (CRC) imposes a positive obligation on States to protect children from all forms of abuse and exploitation, including those occurring in online environments. These international standards emphasise that legal frameworks must evolve in response to technological change, ensuring that digital spaces are governed by principles of equality, safety, and accountability.

Designed for Data, Not Dignity: India’s Cyber Legal Framework Under Scrutiny

India’s legal response to cyber misconduct is spread across multiple statutes, each addressing a specific facet of unlawful conduct in the digital space. While this framework offers certain avenues for redress, it remains structurally fragmented and conceptually outdated when examined through the lens of digital violence against women and children. The absence of a unified, victim-centric approach often results in gaps between legal intent and effective protection.

The Information Technology Act, 2000: A Law Born for Commerce, Not Care

The Information Technology Act, 2000 stands as India’s primary legislation governing online activity. Enacted to legitimise electronic transactions and ensure data security, the Act was not originally designed to address interpersonal harm or gendered violence online. Nevertheless, several provisions have been pressed into service in cases involving digital abuse.

Section 66E criminalises the violation of privacy through the non-consensual capture or transmission of private images, offering limited protection against voyeurism and image-based abuse. Sections 67 and 67A penalise the publication of obscene and sexually explicit content in electronic form, while Section 67B specifically addresses child sexual abuse material. However, the language of these provisions is broad and morality-driven, often conflating obscenity with harm and placing a heavy evidentiary burden on victims.

The now-struck-down Section 66A, invalidated in Shreya Singhal v. Union of India, exposed a deeper legislative flaw: the absence of narrowly tailored provisions to address online harassment without infringing free speech. The IT Act continues to be criticised for vague drafting, weak victim safeguards, and an overemphasis on content control rather than accountability and rehabilitation.

Old Penal Codes in New Digital Spaces: IPC Provisions and Their Limits

In the absence of specialised cyber violence legislation, enforcement agencies frequently resort to the Indian Penal Code, 1860. Provisions such as Section 292 (obscenity), Section 354D (stalking, including online surveillance), and Section 509 (insult to the modesty of a woman) are commonly invoked in cases of online harassment and abuse.

While these sections provide a legal foothold, they were conceived in an era of physical interaction and fail to capture the complexity of digital harm. Concepts like “modesty” and “obscenity” are inherently subjective and often ill-suited to address anonymous, repetitive, and technology-driven abuse such as doxxing, deepfakes, or coordinated online harassment. Their application in digital contexts remains inconsistent and inadequate.

Beyond the IT Act and IPC: Special Laws and Emerging Frameworks

The Protection of Children from Sexual Offences Act, 2012 (POCSO) offers comparatively stronger safeguards by explicitly recognising digital forms of child sexual abuse and criminalising the creation, possession, and dissemination of sexual content involving minors. Despite its robust framework, enforcement challenges persist due to technological complexities and cross-border digital platforms.

Recent legislative developments, including the Digital Personal Data Protection Act and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, signal a growing regulatory focus on platform accountability and data governance. However, these instruments remain largely compliance-oriented and stop short of addressing the lived realities of digital violence. Collectively, India’s cyber legal framework underscores an urgent need for cohesive reform—one that prioritises dignity, safety, and effective redress over fragmented regulation.

Invisible Offences, Inadequate Answers: Legal Gaps in Addressing Online Violence Against Women

Despite the increasing prevalence of technology-facilitated abuse, India’s legal framework continues to address violence against women online in a piecemeal and reactive manner. One of the most significant gaps lies in the absence of clear statutory definitions. Terms such as “cyber harassment” or “digital abuse” find no explicit recognition in Indian law. Instead, offline concepts of sexual harassment and obscenity are rigidly transposed onto online spaces, often failing to capture the repetitive, anonymous, and large-scale nature of digital harm. This definitional vacuum results in inconsistent interpretation and uneven legal protection.

Equally troubling are the challenges associated with evidence collection and technical capacity. Digital violence cases frequently involve encrypted communications, rapidly disappearing content, and data stored on cross-border servers. Law enforcement agencies often lack the forensic infrastructure and specialised training required to preserve and analyse digital evidence promptly. Delays in initiating takedown requests or securing platform data can allow harmful content to proliferate, compounding the psychological and social harm suffered by victims. For women, such delays frequently translate into silencing, withdrawal from online spaces, and loss of professional or personal opportunities.

Another critical gap concerns platform liability and intermediary accountability. Under the Information Technology Act, intermediaries enjoy broad safe harbour protections, subject primarily to a notice-and-take-down regime. While this framework shields platforms from excessive liability, it places the burden of reporting squarely on victims, who must repeatedly flag abusive content. The absence of a legal mandate for proactive monitoring, risk assessment, or gender-sensitive safeguards allows platforms to remain passive actors in the face of systemic online abuse.

Judicial responses further reflect the difficulty of adapting traditional legal reasoning to digital harms. While courts have acknowledged online stalking and harassment, judicial interpretations often remain cautious and case-specific, revealing an underlying struggle to conceptualise digital violence as a distinct and serious form of gender-based harm. Precedents tend to rely heavily on intent and overt threat, overlooking cumulative and indirect forms of abuse.

Finally, social media moderation practices are not immune to gender bias. Algorithmic decision-making, opaque community standards, and socio-cultural prejudices frequently result in women’s complaints being dismissed or inadequately addressed. The lack of transparency in content moderation processes further erodes trust and accountability, underscoring the urgent need for reform that places women’s safety and dignity at the centre of digital governance.

Hidden Screens, Silent Victims: Legal Gaps in Protecting Children Online

Children occupy digital spaces with increasing frequency, yet the legal and institutional mechanisms designed to protect them remain ill-equipped to respond to technology-facilitated abuse. While Indian law recognises the vulnerability of children, significant gaps persist in addressing the complex and evolving nature of online exploitation.

Child Sexual Abuse Material (CSAM): Old Categories, New Technologies

Indian law criminalises child sexual abuse material under both the Information Technology Act, 2000 and the Protection of Children from Sexual Offences Act, 2012. Despite this dual framework, enforcement faces substantial challenges. Definitions of prohibited content often struggle to keep pace with technological developments. Emerging forms of abuse, such as deepfake imagery and AI-generated sexual content involving minors, blur the line between real and fabricated material, complicating categorisation and prosecution. While the harm to the child’s dignity and psychological well-being remains real, existing legal provisions are not always explicit in addressing such synthetic content, creating uncertainty in investigation and adjudication.

Grooming and Online Exploitation

Online grooming represents one of the most insidious threats to children, characterised by gradual manipulation rather than overt coercion. Proving criminal intent in such cases is particularly difficult, as grooming often unfolds through seemingly innocuous conversations over extended periods. Perpetrators frequently operate across multiple platforms and rely on anonymity, encrypted messaging, and false identities to evade detection. Current legal frameworks tend to intervene only after harm has occurred, offering limited scope for early intervention or preventive action.

Reporting Mechanisms and Accessibility

Another critical gap lies in the inaccessibility of reporting mechanisms. Existing complaint portals and procedures are largely designed for adults and assume a level of digital literacy and confidence that many children do not possess. Fear of stigma, parental backlash, or disbelief further discourages reporting. Moreover, there is no uniform requirement mandating the appointment of trained child protection officers within cybercrime units, resulting in inconsistent and often insensitive handling of complaints.

Institutional Coordination and Enforcement

Effective child protection in digital spaces requires seamless coordination among law enforcement agencies, cyber cells, Child Welfare Committees, and bodies such as the National Commission for Protection of Child Rights (NCPCR). In practice, such coordination remains uneven. Limited training in child-centric digital investigation, jurisdictional confusion, and delayed response times undermine timely redress. These institutional gaps not only weaken enforcement but also risk retraumatising child victims through prolonged and fragmented legal processes.

Taken together, these shortcomings reveal that while India possesses the legislative intent to protect children online, the legal architecture and enforcement mechanisms require urgent reform to address the realities of digital exploitation and ensure meaningful protection.

From Law to Lived Reality: Enforcement Gaps, Global Lessons, and the Road Ahead

Even where legal provisions exist, their effectiveness is substantially undermined by persistent enforcement challenges. A primary concern is the limited digital literacy and technical capacity of law enforcement and prosecutorial authorities. Investigating technology-facilitated violence requires familiarity with digital forensics, platform architecture, and data preservation techniques—skills that remain unevenly distributed across police units. Consequently, investigations often rely excessively on victim testimony, placing an unfair evidentiary burden on women and children who may already be traumatised and reluctant to repeatedly recount their experiences.

Procedural delays further exacerbate harm. Prolonged investigations, delayed takedowns of abusive content, and slow trial processes contribute to secondary victimisation, as harmful material continues to circulate and social stigma deepens. Privacy concerns during investigation and court proceedings also remain inadequately addressed, deterring victims from pursuing legal remedies.

Additionally, digital violence frequently transcends national borders. Major digital platforms are headquartered overseas, and access to user data is often contingent upon cumbersome legal processes. Mutual Legal Assistance Treaty (MLAT) requests are notoriously slow, rendering timely intervention difficult. These jurisdictional hurdles allow perpetrators to exploit legal and territorial gaps, undermining effective enforcement.

Comparative and International Perspectives

International jurisdictions have begun to acknowledge and respond to these challenges with more nuanced regulatory frameworks. The European Union’s Digital Services Act and GDPR impose proactive obligations on platforms, including risk assessment, transparency reporting, and swift removal of harmful content. The United Kingdom’s Online Safety framework similarly prioritises user safety and imposes heightened duties of care toward vulnerable groups.

Countries such as Australia and Canada have adopted gender-sensitive cybercrime approaches, recognising non-consensual image sharing and online harassment as distinct harms with severe psychological consequences. These models underscore the importance of proactive regulation, institutional accountability, and victim-centric remedies.

For India, these frameworks offer valuable lessons: platform neutrality must give way to measured responsibility, and oversight mechanisms must operate independently of executive influence to ensure credibility and trust.

Reform Proposals

Addressing digital violence requires clear statutory definitions of offences such as digital violence, cyberstalking, and non-consensual dissemination of intimate imagery. A gender-inclusive and child-centric framework must recognise non-monetary harm, including emotional distress and reputational damage.

Enforcement can be strengthened through specialised cyber cells equipped with gender-sensitivity training, robust digital forensics infrastructure, and expedited data preservation orders. Platform accountability must extend beyond reactive takedowns to include proactive moderation, transparency obligations, and accessible reporting mechanisms.

Finally, sustainable reform demands education and digital literacy initiatives targeting parents, educators, children, and frontline officers. Without informed users and responsive institutions, legal reform alone cannot ensure safety. A future-ready cyber law regime must therefore balance technological innovation with dignity, accountability, and protection for the most vulnerable.

Conclusion

The analysis undertaken in this study reveals that India’s existing cyber legal framework offers only fragmented and inadequate protection against gendered digital violence. While multiple statutes address aspects of online misconduct, they operate in silos and lack conceptual clarity in recognising digital violence as a distinct and serious form of harm. Offline legal constructs are often mechanically extended to online spaces, resulting in gaps that fail to reflect the scale, anonymity, and permanence of technology-facilitated abuse. For women and children, this fragmentation translates into delayed justice, inconsistent remedies, and heightened vulnerability.

The central argument of this paper is that the law must decisively move beyond the artificial distinction between the “online” and the “real.” Digital violence produces tangible offline consequences, including psychological trauma, reputational damage, social exclusion, and, in certain cases, physical harm. Treating such conduct as peripheral or less serious undermines the lived experiences of victims and weakens public trust in legal institutions. Legal responses must therefore be as real, nuanced, and victim-centric as the harms they seek to address.

In conclusion, effective cyber governance in India demands a forward-looking legal framework that is technologically literate, gender-responsive, and child-sensitive. Laws must prioritise prevention alongside punishment, strengthen institutional capacity, and impose meaningful accountability on digital platforms. Only through such a holistic and rights-oriented approach can the legal system ensure that digital spaces do not become zones of unchecked violence, but environments governed by dignity, safety, and justice.

References

• Information Technology Act, 2000, Statement of Objects and Reasons.
• National Crime Records Bureau, Crime in India (latest available edition), data on cybercrimes against women and children.
• Shreya Singhal v Union of India (2015) 5 SCC 1.
• Information Technology Act, 2000, ss 66E, 67, 67A, 67B.
• Indian Penal Code, 1860, ss 292, 354D, 509.
• State of West Bengal v Animesh Boxi 2018 SCC OnLine Cal 3711 (recognising harm of image-based sexual abuse).
• Protection of Children from Sexual Offences Act, 2012, ss 13–15.
• United Nations Committee on the Elimination of Discrimination against Women, General Recommendation No 35 on Gender-Based Violence against Women (2017).
• Convention on the Rights of the Child (adopted 20 November 1989, entered into force 2 September 1990).
• European Commission, Guidance on the Application of Article 102 TFEU (2009).
• Regulation (EU) 2022/2065 (Digital Services Act).
• UK Online Safety Act 2023.
• OECD, Combatting Online Violence Against Women (OECD Publishing 2021).
• Lina M Khan, ‘The Separation of Platforms and Commerce’ (2019) 119 Columbia Law Review
• Eleanor M Fox, ‘The End of Antitrust History Revisited’ (2014) 61 Antitrust Bulletin
• Australian Criminal Code Act 1995 (Cth), Part 10.6 (Telecommunications offences).
• Canadian Criminal Code, RSC 1985, c C-46, s 162.1 (non-consensual distribution of intimate images).
• Competition Commission of India, Market Study on Digital Platforms in India (CCI 2020).
• Ministry of Electronics and Information Technology, Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules (2021).
• Digital Personal Data Protection Act, 2023.
• Justice J S Verma Committee, Report on Amendments to Criminal Law (2013).
• National Commission for Protection of Child Rights, Guidelines for Preventing and Combating Cybercrime against Children (2020).
• Supreme Court of India, Justice K S Puttaswamy v Union of India (2017) 10 SCC 1.
• UN Office on Drugs and Crime, Gender Dimensions of Cybercrime (2022).