Cybercrime and the Crisis of Digital Justice: India’s invisible victims online As India’s online world expands, so does the gap between crime and accountability, NCRB data records numbers, but not the reasons behind their soaring increase
05, Nov 2025 | CJP Team
In the Crime in India 2023 report published by the National Crime Records Bureau (NCRB), it was the section on cybercrime that caused the most shock and alarm. The offence figures relating to cybercrime were staggering in the year-on-year figures, showing a substantial increase of 31.2% in registered offences in registered crimes. The number of cases increased from 65,893 (2022) to 86,128 (2023) in total cyber offences, with the greatest offence counts in online financial fraud, sexual exploitation, and identity theft (NCRB, p. 392). These staggering numbers confirmed citizens’ suspicions, already suspected, that the digital economics of being in India meant a fast-increasing, unsafe environment for everyday life. There was also another story behind the other numbers that were told by the report, one of institutional underreporting, bureaucratic silence, and a vacuity where online harm does not lead to legal recourse.
The Numbers behind the Screen
The data illustrates both advances and stagnation. On the one hand, the total number of reported cyber offences has increased, but they still account for only a tiny portion of overall (other) crimes. A 2023 Internet Freedom Foundation study found that nearly 68% of respondents who faced digital fraud or harassment did not report or seek help from the police because they did not believe the police would take action, or did not seek help due to fear of being shamed online. Even individuals who reported complaints were often turned away, told that the incident was “not serious enough” or “outside the jurisdiction” of their local police department.
The NCRB’s data on cyber offences is heavily biased towards documenting financial offences: 65% of total reported offences in 2023 were either banking or investment fraud, while non-financial classes of cyber offences – such as stalking, cyberbullying, morphing, etc. – are represented in total under 5%. Nevertheless, first-person reports from TN/NGO’s such as CyberPeace Foundation and Internet Democracy Project find that these personal and gendered violations may be even more pervasive, particularly for women, queer folks, and students. Statistically, these violations are invisible because the state cannot understand these forms of abuse as violence.
The NCRB’s Crime in India model is based on a First Information Report (FIR) registration. If a complaint is never registered as an FIR, it never appears in the Bureau’s reports. Consequently, what we have nationally is not a decrease in crime but an increase in barriers, this time bureaucratic, to counting crimes.
The Mirage of Decline: Delhi, Mumbai and the Art of Statistical Censorship
In Delhi, Mumbai, and many other large metro cities, the figures showed an abrupt decline despite the alarming figures. In Mumbai, the report shows a decline of 11.7% from the previous year in total cybercrime cases, whilst RTI data suggested that only two percent of all complaints made to the National Cyber Crime Portal were ever converted into FIRs. In Delhi, likewise, all categories show declines in clear contradiction to multiple news articles from the media presentations of data that clearly suggested increases in cyber fraud, phishing scams, and gender-based online harassment. The disconnection between the data provided through the official reports and lived human experience represents, in and of itself, a new type of censorship – a digital censorship.
The observable decrease in cybercrimes in regions such as Delhi and Mumbai illustrates how underreporting has functioned as a method of digital governance. Police officers in Mumbai, for example, privately confirmed to the Times of India (2023) that increased reports of cyber fraud were negatively affecting the public’s perception of law and order in the city, and many police stations even ceased to record phishing and fake-profile incidents as cybercrime, instead logging them as petty property offences. The entirety of the TOI report can be read here.
The situation in Delhi is paradoxically similar. The NCRB reports a slight decrease in the number of cybercrime incidents reported in 2023, yet, according to the Ministry of Electronics and Information Technology, the city’s cybercrime reporting helpline received over 80,000 calls. This disparity is an articulation of what one officer termed “reclassifying for efficiency,” meaning the police advised the victims to call the bank, private website, or intermediary instead of filing a FIR or police report.
This form reduces the number of FIRs filed but improves the statistical reporting; using the data as a measure no longer reveals security; it is a measure of bureaucratic discipline. The illusion of a positive or outward improvement conceals a structural refusal to document crime. Therefore, the censorship of cyberspace does not come from assertion, but comes from data.
Gender, Class, and the Digital Divide
The statistics given by the bureau also erase the social hierarchies within digital victimisation. The usual victims within a phishing scam and job fraud scheme is not the urban middle class, but rather it is low-income workers, migrant families, or elderly populations – all of whom are least literate in navigating digital bureaucracy. In 2023, the National Payments Corporation of India found that UPI-linked fraud was up by 71%, yet many victims did not feel assured or capable of making a formal complaint. The NCRB marks this crime as “banking offences” and erases the human story of systemic victimization or exploitation.
For women, queers, and minors, the stakes are different but equally severe. While image-based abuse, stalking, and cyber blackmail are on the rise, the report lists only 10,730 cases of “cyberstalking” or “cyberbullying” in 2023. That is highly impossible statistically, in a population of 1.4 billion. Experts agree that it is “ludicrously low” given the modern reach of social media and similar avenues. Ground-level studies conducted by Sabrang India and The Hindu have shown police would often, depending on the situation, suggest to women that deleting accounts was better than pursuing legal action for cyberstalking.
This gendered digital divide reproduces offline hierarchies: women and marginalized communities endure disproportionate online violence, and the state responds in a procedural and disengaged manner. In converting these experiences into codes for action, as the bureau does, the violence itself is rendered invisible — a point stripped of dignity and pain.
Invisible Harms, Invisible Justice
Cybercrime, unlike conventional crime, leaves behind traces, such as screenshots, IP logs, and chat histories, yet the Indian legal system has not adapted to utilize these for legal accountability. Data from the bureau for 2023 denotes that 22% of cybercrimes were charged, and less than 3% were convicted at trial. This poor record is compounded by the fact that there is no system for protecting victims or offering mental health services for victims of online harassment.
The NCRB’s framework also does not distinguish between cyber offences that are conducted based on economic fraud and cybercrime that is motivated by gendered violence or political ideology. Hate campaigns against journalists and activists, such as doxing or coordinated trolling, rarely go as far as registration. The India Freedom of Expression Index (IFEI) reports that 226 journalists suffered online abuse in 2023, and it seldom seems to be reflected in the observation category in the report. The very Digital Personal Data Protection Act of 2023 did focus on privacy, yet failed to discuss the accountability of platforms or intermediaries.
So, the issue is not that we lack data; rather, the data is abstract. Cybercrime is documented, but not interpreted or contextualized. Victims become statistics and records, devoid of narrative and recourse.
From Privacy to Accountability: Rethinking Digital Governance
A rights-based framework for cyber governance must move beyond the NCRB’s numerical formalism. Start with a recognition: that digital violence is not a niche technical problem, but a civic crisis that brings forward social hierarchies of power. Reforms should strengthen reporting mechanisms with a requirement of FIR registration if there is an investigation, and provide police with training to sensitively handle gendered and caste-based cyber offences.
Transparency is equally important. The bureau should report how many complaints on their portal turn into FIRs, and they should report on the data of those complaints in a disaggregated manner by gender, caste, and age. This would surface both the social pattern of online harms and expose the administrative bottlenecks to access to justice.
India’s approach towards cybercrime has primarily adopted an approach to surveillance more than safety, with broad internet shutdowns – recorded over 80 in 2023 by Access Now and SFLC.in – used as instruments for the appearance of prevention, even in the contexts of protests and communal tensions. Broad shutdowns, although often explained as security measures, mute voices and obfuscate evidence. Interventions instead of maintaining accountability for perpetrators, punish entire populations, thereby further complicating digital justice.
As the digital-acquainted world expands, so must the social governance moral imagination. Repairing safety for citizens online requires more than cybersecurity infrastructure, but accountability, empathy, and counting all the invisible victims.
Counting the Uncounted
The NCRB’s 2023 data on cybercrime showcases a contradiction within India’s digital transformation. A rise of 31.2% in reported offences demonstrates both acknowledgement of the growing threat of online crime and limitations in reporting incidents of crime. It is not that citizens are less threatened in cities such as Delhi and Mumbai; fewer offences are permitted to be documented in the first instance. The state’s digital apparatus is noting its accomplishments through denials and silence.
Gendered violence, class-based fraud, and ideological harassment thrive in the silence of non-reporting. When the NCRB records fewer incidences of crimes, it is not recognised as justice but rather accepted as erasure. In a democracy that prides itself on statistical knowledge, the absence of numbers becomes the strongest measurement of control.
Cybercrime is not, therefore, simply a technological challenge; it is a challenge to citizenship. Until every form of harm experienced in digital spaces can be translated into redress in the physical world, India’s digital democracy remains one of invisible victims, and a crisis of numbers devoid of presence.
(The legal research team of CJP consists of lawyers and interns; this resource has been worked on by Preksha Bothara)
Image: telecom.economictimes.indiatimes.com
Related:
Counting Crimes, Discounting Justice: The NCRB’s statistical blind spots
Mapping Gender-Based Violence in India: Trends, determinants, and institutional frameworks
The Ghost of Shreya Singhal: Re-litigating digital free speech
