This article is written by Kirtika Sarangi, a Law Graduate from ICFAI Foundation for Higher Education, in Hyderabad, Telangana, an intern under Legal Vidhiya

Abstract

This legal article delves into the intricate domain of Cyberspace Jurisdiction in India, comprehensively examining its Legal Framework, including its pivotal Acts and Regulations. Analysing Landmark Cases and Judgments elucidates the evolution of jurisprudence in this field. The article illuminates the Challenges posed by the borderless nature of cyberspace, emphasising the critical issues of data protection and privacy. Furthermore, it explores International Perspectives on Cyberspace Jurisdiction, comparing India’s approach with global counterparts and drawing vital lessons. Examining International Treaties and Agreements, notably India’s active participation, offers insights into the nation’s role in shaping global cybersecurity cooperation. Concluding with practical Recommendations for Future Treaties and scrutiny of Government Notifications and Initiatives, this article is a comprehensive guide to understanding and navigating the complex landscape of cyberspace jurisdiction in India.

Keywords- Cyberspace Jurisdiction, Legal Framework, Landmark Cases, International Treaties, Government Initiatives

Introduction

The exponential growth of cyberspace in India has ushered in an era of unprecedented connectivity, innovation, and economic potential. However, this digital transformation has created a complex web of legal challenges that demand meticulous attention. At the forefront of these challenges is cyberspace jurisdiction—an intricate and evolving landscape encompassing governments’ legal authority in the virtual realm. As cyberspace permeates every aspect of modern life, from e-commerce to social interactions and national security, the imperative for effective regulation becomes increasingly evident. This article embarks on a comprehensive exploration of the “Issues and Concerns of Cyberspace Jurisdiction in India.” It seeks to dissect the Legal Framework, Relevant Acts and Regulations, Landmark Cases and Judgments, and the myriad Challenges in cyberspace jurisdiction. Furthermore, the article ventures into International Perspectives on Cyberspace Jurisdiction, delving into India’s participation in International Cybersecurity Agreements and offering Recommendations for Future Treaties. By examining Government Notifications and Initiatives, this article aims to provide valuable insights into a critical and ever-evolving facet of India’s legal landscape.

Outlining Jurisdictional Concerns In Cyber Law

The dynamic landscape of cyberspace jurisdiction presents myriad intricate concerns within cyber law. Central to these concerns is the challenge of defining and asserting jurisdiction in an environment that transcends physical boundaries. The internet’s borderless nature complicates matters related to territorial jurisdiction, leaving legal experts grappling with questions of where a cybercrime or dispute originates, where it affects, and consequently, which legal framework should apply. Privacy and data protection concerns loom large, with the need to balance individual rights against the necessity for state surveillance and law enforcement. Moreover, the jurisdictional landscape is further complicated by the rapid evolution of technology, including emerging areas like artificial intelligence and blockchain, a necessitating continuous adaptation of laws and regulations. As we delve into the intricacies of cyberspace jurisdiction in India, these jurisdictional concerns serve as focal points for analysis and discussion.[1] Below is a brief of the case;[2]

Cyberspace Jurisdictional Approaches:

Legal authorities have developed several key approaches in navigating the intricate domain of cyberspace jurisdiction. One prominent model is territorial jurisdiction, where a nation asserts its legal authority over activities that originate within its geographical borders or substantially impact its residents. This approach, however, often falters in the borderless realm of the internet, giving rise to conflicts and ambiguities. Extraterritorial jurisdiction is another significant approach, allowing a nation to extend its legal reach beyond its boundaries to address cybercrimes that affect its citizens or interests abroad. However, extraterritoriality can raise questions of sovereignty and lead to diplomatic disputes. Additionally, cyber sovereignty emphasises a nation’s right to govern its cyberspace independently, even when dealing with global internet platforms. As we explore the challenges and concerns of cyberspace jurisdiction in India, these various approaches will be dissected to illuminate their applicability and implications in a digitally interconnected world.[3]

Issues between jurisdictions and how to resolve them:

Issues between jurisdictions in cyberspace jurisdiction can be complex and multifaceted. One primary challenge is the lack of clear boundaries in the digital landscape, making it difficult to determine where a cyber incident originated or where its effects are most strongly felt. This ambiguity can lead to conflicts when multiple jurisdictions claim authority over the same case. To resolve these conflicts, international cooperation and treaties often play a crucial role. Bilateral or multilateral agreements can establish frameworks for sharing information, evidence, and responsibilities in cross-border cybercrime investigations. Additionally, the principle of comity, which encourages nations to respect each other’s laws and judicial decisions, can aid in mitigating jurisdictional disputes. However, achieving consensus among different jurisdictions remains complex, requiring ongoing diplomatic efforts and legal harmonisation to ensure effective cyberspace governance.[4]

Cyberlaw Extraterritorial Jurisdiction:

Cyberlaw extraterritorial jurisdiction is critical to addressing cross-border cybercrimes and ensuring justice is served in the digital age. This legal principle allows a nation to extend its jurisdiction beyond its geographical boundaries, asserting authority over individuals or entities involved in cybercrimes that impact its citizens or interests, even if the activities occur in another country. While extraterritorial jurisdiction is a powerful tool for combating cyber threats that transcend borders, it can also lead to complexities and diplomatic tensions. Concerns may arise regarding the infringement of a foreign nation’s sovereignty or conflicts in legal approaches. Striking a balance between the pursuit of cybercriminals and respecting international norms and laws is a central challenge in the realm of extraterritorial jurisdiction within the evolving landscape of cyberspace governance.[5]

Global Cyber Crime Jurisdiction:

Global cybercrime jurisdiction is a pressing concern in the interconnected world of cyberspace. As cybercrimes know no borders and often involve actors from multiple nations, determining which jurisdiction has authority over a particular case can be immensely challenging. This issue becomes particularly pronounced when cybercriminals operate from one country but victimise individuals or organisations in others. Achieving a coordinated global response to cybercrime is crucial, as fragmented jurisdictional approaches can hinder investigations and prosecutions. International treaties and agreements play a pivotal role in facilitating cooperation among nations, allowing for the extradition of cybercriminals, sharing evidence, and harmonising legal frameworks to address this global challenge effectively. However, achieving consensus on these matters remains a complex endeavour, and the evolving nature of cyberspace constantly tests the limits of existing legal norms and cooperation mechanisms.[6]

Information Technology Act of 2000 jurisdiction:

The Information Technology Act of 2000[7] is the foundational legislation in India governing cyberspace jurisdiction. This landmark act provides the legal framework for regulating electronic transactions, digital signatures, and the security and integrity of data within the country. Under this act, Indian authorities have the jurisdiction to investigate and prosecute cybercrimes occurring within its territorial boundaries, ensuring that the law applies to offences committed using digital means. However, challenges arise when dealing with cross-border cybercrimes, as the act’s jurisdiction is limited to India. To address these concerns, the act’s extraterritorial application has been discussed, especially in cases where Indian citizens are affected by cybercrimes outside the country. The Information Technology Act⁷, as an essential component of India’s cyberspace jurisdiction, continues to evolve to meet the challenges and concerns of the digital age.[8]

Cyberspace Jurisdiction in India: Legal Framework

The legal framework governing cyberspace jurisdiction in India is primarily outlined in the Information Technology Act of 2000⁷. This legislation provides the foundation for regulating electronic transactions, data security, and digital signatures within the country’s borders. It grants Indian authorities jurisdiction over cybercrimes occurring within the nation but faces challenges in addressing cross-border cyber incidents, prompting discussions on the act’s extraterritorial applicability. As cyberspace jurisdiction continually evolves, the Information Technology Act⁷ remains a critical pillar in India’s efforts to navigate the complex legal landscape of the digital realm.[9]

Relevant Acts and Regulations

In the realm of cyberspace jurisdiction in India, several relevant acts and regulations contribute to addressing issues and concerns. The Information Technology Act 2000⁷ provides legal frameworks for electronic transactions, cybersecurity, and data protection. The Indian Penal Code 1860[10] defines offences and penalties for cybercrimes. The Digital Signature Act[11] establishes the legal validity of digital signatures, while the Indian Evidence Act of 1872[12] governs the admissibility and evaluation of electronic evidence. The Telecommunication Act[13] regulates telecommunication networks and services, including internet service providers. Additionally, the recently introduced Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021[14] outline requirements for digital intermediaries and digital media platforms. These acts and regulations collectively offer a comprehensive legal framework to address the challenges and concerns of cyberspace jurisdiction in India.[15]

Landmark Cases and Judgments

The Shreya Singhal Case[16] and Section 66A[17]

The Shreya Singhal Case¹⁶ is a landmark judgement passed by the Supreme Court of India in 2015. The case challenged the constitutional validity of Section 66A of the Information Technology Act¹⁷, which criminalised sending “offensive” messages using a computer or any other communication device. The Court struck down Section 66A¹⁷, stating that it violated the fundamental right to freedom of speech and expression. The judgement played a crucial role in defining the legal parameters for regulating online speech and ensuring that internet users in India can freely express their opinions without fear of arbitrary or vague restrictions. The verdict is viewed as a significant victory for freedom of speech and expression in cyberspace jurisdiction in India.

Internet Shutdowns: A Case Study of Jammu and Kashmir[18]

The Jammu and Kashmir case study provides significant insight into the issues and concerns surrounding internet shutdowns in India. In 2019, the region witnessed a prolonged internet shutdown following the revocation of its special status. The case raised important questions about the balance between national security and the fundamental right to access information and freedom of expression in cyberspace jurisdiction. The shutdown severely impacted the lives of millions of individuals, hindering their access to essential services, communication, and the flow of information. The case study highlights the need for clear guidelines and legal frameworks that balance security concerns and the protection of civil liberties in the context of internet shutdowns in India. It brings attention to the challenges and concerns of cyberspace jurisdiction, emphasising the importance of upholding fundamental rights in the digital realm. 

The WhatsApp Traceability Case

The WhatsApp Traceability Case[19] in India is a significant legal battle that revolves around the issue of traceability of messages on the messaging platform. The case emerged from concerns regarding the spread of fake news, misinformation, and illegal content through WhatsApp. The Indian government had proposed measures to enforce traceability, requiring WhatsApp to disclose the originator of messages. However, WhatsApp argued that implementing such measures would violate user privacy and end-to-end encryption. The case raises important questions about balancing law enforcement requirements and individual privacy rights in cyberspace jurisdiction. It has broader implications on the role of technology platforms and the responsibility of intermediaries in ensuring a secure and free digital environment. The outcome of the WhatsApp Traceability Case¹⁹ is eagerly anticipated and will contribute to shaping the legal landscape of cyberspace jurisdiction in India. 

Jurisdictional Challenges in E-commerce Disputes

One landmark case highlighting the jurisdictional challenges in e-commerce disputes is the Amazon.com, Inc. v. Amway India Enterprises Pvt. Ltd. case[20]. This case revolved around the question of jurisdiction in disputes about online transactions. The Court held that in e-commerce transactions, jurisdiction could be established where the cause of action arises, such as where the transaction was initiated or the breach occurred. This case sheds light on the complexities in determining jurisdiction in the virtual world, where parties may be located in different locations. It highlights the need for clear legal frameworks and guidelines to address jurisdictional challenges in e-commerce disputes, ensuring fair and efficient resolution of such cases in the digital era.

Territoriality vs. Borderless Cyberspace

One of the primary challenges in cyberspace jurisdiction is the conflict between territoriality and the internet’s borderless nature. Traditional legal systems are built upon territorial jurisdiction, where the law applies within the boundaries of a specific jurisdiction. However, in cyberspace, it becomes difficult to define clear territorial boundaries due to the global and interconnected nature of the internet. The borderless nature of cyberspace raises questions about which jurisdiction should have the authority to regulate and enforce laws in online activities. This challenge becomes more evident in cross-border cybercrimes, where perpetrators may operate from one jurisdiction while targeting victims in another. Addressing these challenges requires international cooperation, harmonisation of laws, and the development of mechanisms to enforce cross-border regulations in cyberspace jurisdiction effectively.[21]

Data Protection and Privacy Concerns

Cyberspace jurisdiction poses several challenges regarding data protection and privacy concerns.

Aadhar data security and privacy concerns

Aadhaar is a national identification system introduced by the Indian government to provide a unique identification number for all residents. Despite its potential benefits, the Aadhaar database has raised concerns about data security and privacy. Critics have raised concerns about collecting, storing, and using biometric data on a massive scale, citing the potential for misuse, hacking, and identity theft. To address these concerns, the government has implemented various security measures, such as multi-factor authentication and encryption. However, it remains to be seen whether these measures are effective in safeguarding Aadhaar data and ensuring user privacy.[22]

The Personal Data Protection

Challenges in cyberspace jurisdiction for personal data protection encompass various aspects that require attention in India. Firstly, jurisdictional issues arise due to the global nature of the internet, where personal data is often stored and processed across international boundaries. Determining which jurisdiction’s laws apply to data protection becomes complicated. Secondly, balancing privacy rights with the legitimate interests of law enforcement and national security poses challenges. Striking the right balance between data protection and the need for access to personal data for investigative purposes is crucial.

Additionally, the adequacy of legal frameworks and enforcement mechanisms is essential to ensure adequate personal data protection. Harmonising data protection laws with international standards and ensuring organisations’ compliance with data protection regulations remain significant challenges. Addressing these concerns is imperative for establishing robust cyberspace jurisdiction for personal data protection in India.[23]

Cross-border data flow issues

Cross-border data flow issues have emerged as a significant challenge for cyberspace jurisdiction in India. The increasing digitisation of global commerce has made it essential for companies to transfer data across borders. However, cross-border data flows raise concerns about data localisation, privacy, and sovereignty. Various Indian regulations, such as the RBI’s data localisation requirements and the proposed Personal Data Protection Bill’s[24] cross-border data transfer provisions, impose restrictions and challenges on cross-border data flow. These restrictions may increase business compliance costs and raise questions about India’s compatibility with global data flows. To ensure India’s continued participation in the global digital economy, there is a need for a balanced and nuanced approach to cross-border data flow issues in cyberspace jurisdiction.[25]

International Perspectives on Cyberspace Jurisdiction

International perspectives on cyberspace jurisdiction play a crucial role in understanding the complex legal landscape of governing online activities. The challenges and concerns surrounding cyberspace jurisdiction are not limited to one country and often span international borders. Different jurisdictions have varying approaches, regulations, and legal frameworks for addressing cybercrimes, data privacy, intellectual property rights, and online speech. International organisations and agreements, such as the United Nations, the Council of Europe’s Convention on Cybercrime, and the European Union’s General Data Protection Regulation²⁷, provide global guidelines and standards to harmonise cyberspace jurisdiction. However, conflicts may arise when countries have divergent views on jurisdictional reach, data sovereignty, and cross-border law enforcement. Coordinated efforts, collaboration among nations, and the development of international norms are necessary to effectively address the issues and concerns of cyberspace jurisdiction in India and around the world.[26]

Regulation of AI in Other Countries

Regulation of AI varies across countries, each implementing different frameworks to address the issues and concerns associated with the technology.

In the United States, the approach to AI regulation is generally more risk-based, focusing on sector-specific regulations and guidelines.

The European Union has taken a more comprehensive approach with the General Data Protection Regulation (GDPR)[27], which applies to AI systems that process personal data. Countries like Canada and Australia have also developed guidelines and frameworks to address ethical considerations and potential risks associated with AI.

The government has introduced regulations to govern AI and promote responsible use in China.

While no specific AI regulation framework exists in India, the government has released a draft AI strategy document for public consultation. The regulation of AI globally is an evolving field, with countries aiming to balance promoting innovation and addressing concerns related to ethics, privacy, and accountability.[28]

Lessons from International Jurisdictional Practices

Examining jurisdictional practices in the EU’s General Data Protection Regulation (GDPR)²⁷, the extraterritorial reach of the California Consumer Privacy Act (CCPA)[29], and their implications for India’s cyberspace jurisdiction offers valuable lessons. The GDPR²⁷, implemented in the European Union, sets high standards for data protection and grants authorities jurisdiction over entities offering goods or services to EU residents, irrespective of their location. This underscores the importance of defining jurisdictional boundaries to regulate cross-border data flow effectively. Similarly, the extraterritorial reach of the CCPA²⁹ illustrates the need to consider the impacts of local regulations on global businesses. By analysing these practices, India can gain insights into formulating a practical cyberspace jurisdiction framework that balances data privacy protection while fostering innovation and promoting digital commerce. There is, thus, a renewed emphasis on the need to develop comprehensive legislation and cross-border cooperation to address the challenges arising in the global digital landscape.[30]

International Treaties and Agreements

International treaties and agreements play a crucial role in addressing the issues and concerns of cyberspace jurisdiction in India. These treaties and agreements provide a framework for cooperation, collaboration, and standardisation among countries to effectively tackle cybercrimes, protect digital rights, and establish guidelines for cross-border data flows. For example, the Budapest Convention[31] on Cybercrime is a notable international treaty that aims to harmonise legislation and foster international cooperation in combating cybercrimes. Additionally, agreements like the General Data Protection Regulation (GDPR)²⁷ of the European Union have influenced data protection laws globally. These international instruments contribute to developing consistent and interoperable laws, strengthening cyberspace jurisdiction, and ensuring a harmonious global approach towards addressing the challenges and concerns arising in the digital world.

India’s Participation in International Cybersecurity Agreements

India’s Participation in International Cybersecurity Agreements: India actively participates in various international cybersecurity agreements to address global challenges and concerns in cyberspace jurisdiction. It has signed agreements with countries and multinational organisations to promote cooperation in combating cyber threats and ensuring digital infrastructure security. These agreements facilitate information sharing, capacity building, and collaborative efforts to enhance cybersecurity measures. India’s participation in international cybersecurity agreements demonstrates its commitment to addressing the global shared concerns and issues that arise in the digital realm.[32]

Budapest Convention on Cybercrime

The Budapest Convention³¹ on Cybercrime is a significant international treaty addressing cybercrime and facilitating cooperation among member states. India signed this convention in 2010, which has since been essential in shaping the country’s legal framework for dealing with cybercrimes. The convention focuses on harmonising national legislation, procedural rules, and cybercrime investigation and prosecution policies. By being a party to the convention, India is committed to aligning its laws with global cybersecurity standards and promoting international cooperation in dealing with cyber threats.

The UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications

India actively participates in the United Nations Group of Governmental Experts on Development[33]. This group promotes discussions and collaborations among member states to address emerging issues and concerns in cyberspace. It provides a platform for governments to exchange knowledge, share best practices, and develop norms and rules for responsible state behaviour in cyberspace. India’s involvement in this group reflects its commitment to shaping international cybersecurity discussions and contributing to developing global norms and regulations in the field of information and telecommunications.

Recommendations for Future Treaties

In order to strengthen India’s position in international cyberspace governance and address the concerns of cyberspace jurisdiction, several recommendations can be put forth. Firstly, India should actively participate in developing international treaties and agreements related to cyberspace, such as the United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications³³ in the Context of International Security. This would give India a voice in shaping global policies and norms concerning cyberspace. Secondly, India should promote global cybersecurity cooperation by establishing partnerships and sharing best practices with other countries. This would help exchange information, joint investigations, and capacity building to combat cross-border cyber threats. Additionally, India should prioritise the development of its own comprehensive cybersecurity legal framework that aligns with international standards and best practices. This would provide a solid foundation for addressing the concerns of cyberspace jurisdiction and enhancing India’s credibility in the global cyber governance landscape.[34]

Government Notifications and Initiatives

Government notifications and initiatives play a crucial role in shaping and addressing the issues and concerns of cyberspace jurisdiction in India. The Indian government has introduced various notifications and initiatives to regulate and govern activities in the digital domain. One such initiative is the Digital India campaign, launched in 2015, which aims to transform India into a digitally empowered society. This initiative focuses on digital infrastructure, connectivity, digital literacy, and governance.[35] Additionally, the government has introduced the National Cyber Security Policy, 2013,[36] to strengthen the country’s cybersecurity framework. Several notifications have also been issued under the Information Technology Act⁷ to address cybersecurity, data protection, and intermediary liability issues. These notifications and initiatives reflect the government’s commitment to addressing the challenges and concerns of cyberspace jurisdiction in India while promoting a secure and inclusive digital environment.[37] [38]

Conclusion

In conclusion, the issues and concerns surrounding cyberspace jurisdiction in India shed light on the evolving nature of the digital realm and its impact on legal frameworks. The interplay between technology, law, and individual rights presents challenges that require careful consideration and adaptation. Key legislative acts such as the Indian Penal Code, Information Technology Act⁷, Code of Criminal Procedure, and Indian Evidence Act¹² play a crucial role in addressing cybercrimes, ensuring due process, and establishing the admissibility of electronic evidence. Landmark cases, such as the Shreya Singhal case¹⁶ and the WhatsApp traceability case¹⁹, have shaped the landscape by safeguarding freedom of speech and expression and emphasising the need to balance security concerns and fundamental rights. However, emerging areas such as digital personal data protection, internet shutdowns, and challenges related to jurisdiction in cyberspace require ongoing discussions and legal reform. Policymakers, legal practitioners, and society must navigate these issues with a forward-thinking approach, striking a balance between innovation, protection of individual rights, and the effective governance of cyberspace jurisdiction in India. 

---

[1] CorpBiz, ‘The Concepts and Issues of Jurisdiction in Cyberspace’ (2023) https://corpbiz.io/learning/the-concepts-and-issues-of-jurisdiction-in-cyberspace/.

[2] VakeelKhoj, ‘Issues of Jurisdiction in Cyberspace’ (2023) https://vakeelkhoj.com/blog-1/f/issues-of-jurisdiction-in-cyberspace.

[3] LawBhoomi, ‘Jurisdictional Aspects in Cyber Law and Information Technology Act’ (2023) https://lawbhoomi.com/jurisdictional-aspects-in-cyber-law-and-information-technology-act/.

[4] Legal Service India, ‘Analysis of Cyber Jurisdiction in India’ (2023) https://www.legalserviceindia.com/legal/article-3329-analysis-of-cyber-jurisdiction-in-india.html.

[5] University of Lucknow, ‘Cyber Jurisdiction’ (2023) https://udrc.lkouniv.ac.in/Content/DepartmentContent/SM_cd8441f8-76c2-495f-8ad6-ead3d120fb0f_30.pdf.

[6] Journal of Constitutional & International Law, ‘Cyberspace and Jurisdiction’ (2023) https://jcil.lsyndicate.com/wp-content/uploads/2023/06/CYBERSPACE-AND-JURISDICTION-FINAL-PAPER-Prevy-Tarunya.pdf.

[7] Information Technology Act, No. 21 of 2000, INDIA CODE (2000).

[8] National Judicial Academy India, ‘Jurisdictional Issues in Adjudication of Cyber Crimes’ (2023) https://nja.gov.in/Concluded_Programmes/2022-23/P-1299_PPTs/2.Jurisdictional Issues in Adjudication of Cyber Crimes.pdf.

[9] Drishti IAS, ‘Rising Up to Cyber Security Challenges’ (2023) https://www.drishtiias.com/daily-updates/daily-news-editorials/rising-up-to-cyber-security-challenges#:~:text=What are the Challenges related,₹35 crore of damage.

[10] Indian Penal Code, No. 45 of 1860, INDIA CODE (1860).

[11] Information Technology Act, No. 21 of 2000, INDIA CODE § 2(1)(p), 3, 15 (2000).

[12] Indian Evidence Act, No. 1 of 1872, INDIA CODE (1872).

[13] Telecommunications Act of 1996, Pub. LA. No. 104-104, 110 Stat. 56 (1996)

[14] Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, No. G.S.R. 139(E) of 2021, INDIA CODE (2021).

[15] National Criminal Justice Reference Service, ‘Cybercrime Jurisdiction’ (2023) https://www.ojp.gov/ncjrs/virtual-library/abstracts/cybercrime-jurisdiction.

[16] Shreya Singhal v. Union of India, AIR 2015 SC 1523 (India).

[17] Information Technology Act, No. 21 of 2000, INDIA CODE § 66A (2000).

[18] Anuradha Bhasin v. Union of India, (2020) 3 SCC 637 (India).

[19] WhatsApp Inc. v. Union of India, W.P.© 4425/2021 (India).

[20] Amway India Enterprises Pvt. Ltd. v. Amazon Seller Services Pvt. Ltd., SLP© No. 6460/2021 (India).

[21] LawBhoomi, ‘Jurisdictional Aspects in Cyber Law and Information Technology Act’ (2023) https://lawbhoomi.com/jurisdictional-aspects-in-cyber-law-and-information-technology-act/.

[22] Jackson School of International Studies, ‘The Aadhaar Card: Cybersecurity Issues with India’s Biometric Experiment’ (2023) https://jsis.washington.edu/news/the-aadhaar-card-cybersecurity-issues-with-indias-biometric-experiment/.

[23] UNCTAD, ‘Data Protection and Privacy Legislation Worldwide’ (2023) https://unctad.org/page/data-protection-and-privacy-legislation-worldwide.

[24] Personal Data Protection Bill, No. of 2023, INDIA CODE (2023).

[25] International Trade Administration, ‘Cross-Border Data Flows: Where Are Barriers and What Do They Cost?’ (2023) https://www.trade.gov/cyber-mission-india.

[26] Carnegie Endowment for International Peace, ‘A Brief Primer on International Law and Cyberspace’ (2023) https://carnegieendowment.org/2021/06/14/brief-primer-on-international-law-and-cyberspace-pub-84763.

[27] General Data Protection Regulation, 2016 O.J. (L 119) 1 (EU).

[28] Academia, ‘International Jurisdiction in Cyberspace: A Comparative Perspective’ (2023) https://www.academia.edu/5198261/INTERNATIONAL_JURISDICTION_IN_CYBERSPACE_A_COMPARATIVE_PERSPECTIVE.

[29] California Consumer Privacy Act, Cal. Civ. Code §§ 1798.100-1798.199 (West 2023).

[30] CORE, ‘Cyber Jurisdiction Article’ (2023) https://core.ac.uk/download/pdf/232684908.pdf.

[31] Council of Europe, Convention on Cybercrime, Nov. 23, 2001, E.T.S. No. 185.

[32] U.S. Department of Commerce, ‘Cyber Mission India’ (2023) https://www.trade.gov/cyber-mission-india.

[33] U.N. GAOR, 66th Sess., Supp. No. 49, at 4, U.N. Doc. A/66/49 (2012).

[34] Press Information Bureau, ‘Government of India’ (2023) https://pib.gov.in/PressReleasePage.aspx?PRID=1845321.

[35] Government of India, Ministry of Electronics & Information Technology, Digital India (2015), available at https://digitalindia.gov.in/

[36] Ministry of Electronics and Information Technology, Government of India, National Cyber Security Policy, 2013, available at https://www.india.gov.in/national-cyber-security-policy-2013

[37] Ministry of External Affairs, ‘Fact Sheet on the Framework for the US-India Cyber Relationship’ (2023) https://mea.gov.in/outoging-visit-detail.htm?26880/Fact+Sheet+on+the+framework+for+the+USIndia+Cyber+Relationship.

[38] CSO Online, ‘23 Notable Government Cybersecurity Initiatives in 2022’ (2023) https://www.csoonline.com/article/573769/23-notable-government-cybersecurity-initiatives-in-2022.html.