🏛️ Part 4.1

Police Machinery & Jurisdiction

"Know your forum before you fight your battle"

The first challenge in any cyber crime case: which authority has jurisdiction? With crimes spanning multiple states and countries, understanding the investigation ecosystem — from local thanas to I4C — is essential for effective legal practice.

1.1

The Cyber Crime Investigation Hierarchy

🏗️ Multi-Tier Architecture

India's cyber crime investigation system operates at four levels: National (I4C, CERT-In), State (State Cyber Crime Coordination Centres), District (Cyber Crime Cells/Police Stations), and Local (regular police stations with cyber desks).

Understanding this hierarchy helps you choose the right forum and escalate appropriately when needed.

🇮🇳
National Level — I4C, MHA
Indian Cyber Crime Coordination Centre (I4C) under Ministry of Home Affairs. Coordinates all cyber crime efforts nationally. Operates NCRP portal (cybercrime.gov.in). No direct investigation — policy & coordination role.
🏛️
State Level — State Cyber Crime Cells
State Cyber Crime Coordination Centres (e.g., Maharashtra Cyber, Karnataka CID Cyber). Handle complex/inter-district cases. Provide technical support to districts. Nodal officers for intermediary coordination.
🏢
District Level — Cyber Crime Police Stations
Dedicated Cyber Crime Police Stations in each district. Handle bulk of cyber crime complaints. Have trained personnel and forensic capabilities. Usually located at district headquarters.
👮
Local Level — Regular Police Stations
Local thanas with cyber desks or trained officers. First point of contact for most citizens. Can register FIR (Zero FIR) and transfer to appropriate cyber cell. Limited technical capability but mandatory to accept complaints.
💡 Practical Insight: Which Level to Approach?

Start Local, Escalate if Needed: In most cases, approach the local cyber crime police station first. If they lack capability or jurisdiction spans multiple districts, request transfer to State Cyber Cell.

NCRP Portal: For financial frauds (especially UPI/banking), file on cybercrime.gov.in first — triggers 1930 helpline and immediate bank coordination for potential fund recovery.

Direct State Approach: For complex cases (ransomware attacks on corporates, large-scale data breaches), consider approaching State Cyber Cell directly.

1.2

Key Investigation Agencies

🔒
I4C (Indian Cyber Crime Coordination Centre)
Nodal agency under MHA for cyber crime coordination. Operates NCRP portal, 1930 helpline, coordinates with states, runs Citizen Financial Cyber Fraud Reporting System.
Portal: cybercrime.gov.in | Helpline: 1930
🛡️
CERT-In (Indian Computer Emergency Response Team)
National nodal agency for cyber security incidents under MeitY. Handles incident response, issues advisories, coordinates vulnerability disclosure. Mandatory reporting for data breaches.
Portal: cert-in.org.in | Reporting: incident@cert-in.org.in
💰
SFIO (Serious Fraud Investigation Office)
Under Ministry of Corporate Affairs. Investigates corporate frauds including cyber-enabled corporate crimes. Works on complex financial cyber crimes involving companies.
Referral through MCA or court order
🏦
ED (Enforcement Directorate)
Investigates money laundering including crypto-related crimes under PMLA. Traces proceeds of cyber crimes. Can attach properties and arrest for money laundering.
ECIR based on predicate offence
🔍
CBI (Cyber Crime Unit)
Handles cases with inter-state/international ramifications. Cases transferred by High Courts or Supreme Court. Specialized cyber forensic laboratory.
Referral only — court order or state consent required
📊
NIA (National Investigation Agency)
Cyber terrorism cases under Schedule to NIA Act. Cases involving threats to national security. Can take suo moto cognizance of scheduled offences.
Transfer from state or suo moto
⚠️ Common Mistakes in Agency Selection

1. Going Directly to CBI: CBI cannot investigate without state consent or court order. Don't waste time — start at state level.

2. Ignoring Local Police: Even for complex cases, local FIR creates the legal foundation. Zero FIR can always be transferred later.

3. Multiple Complaints: Filing same complaint at multiple agencies creates confusion. File at one place, request transfer if needed.

4. Skipping NCRP for Financial Fraud: For money-related cyber crimes, NCRP's 1930 helpline can freeze funds within hours — don't skip this step.

1.3

NCRP Portal — cybercrime.gov.in

🌐 National Cyber Crime Reporting Portal

The NCRP portal (cybercrime.gov.in) is the primary online mechanism for reporting cyber crimes in India. Launched in 2019, it handles millions of complaints annually and is particularly effective for financial frauds.

Key Categories:

Women/Child Related Crimes: CP, rape/gangrape threats, blackmail, morphed images (auto-referred to state women cells)

Financial Fraud: UPI fraud, OTP fraud, job fraud, investment fraud (triggers 1930 helpline coordination)

Other Cyber Crimes: Hacking, data theft, defamation, social media crimes, ransomware

1
Registration
Create account with mobile number OTP verification. For anonymous reporting of child abuse content, registration not required.
2
Complaint Filing
Select crime category, fill detailed form with incident description, upload evidence (screenshots, transaction records, communication logs).
3
Acknowledgment
Receive complaint number and acknowledgment. For financial frauds, call 1930 immediately to expedite fund freeze.
4
Assignment
Complaint routed to concerned state/district cyber cell based on jurisdiction (victim location or offence location).
5
Investigation
Police verifies complaint, may call for statement, registers FIR if cognizable offence disclosed. Track status online.
✅ 1930 Helpline — Golden Hour for Financial Fraud

For financial cyber frauds, the first 24-48 hours are critical for fund recovery. The 1930 helpline operates 24/7 and can:

• Immediately alert banks to freeze suspected accounts

• Coordinate between multiple banks in the transaction chain

• Prevent withdrawal of fraudulently obtained funds

• Generate complaint that gets priority processing

Pro Tip: Call 1930 FIRST for financial fraud, then file detailed NCRP complaint, then approach local police for FIR.

⚠️ NCRP Limitations

Not a Substitute for FIR: NCRP complaint is not an FIR. For court proceedings, you need a proper FIR registered under BNSS.

Delay in Conversion: NCRP complaints often take 15-30 days to be converted to FIR. For urgent matters, file at police station directly.

Jurisdictional Issues: NCRP routes complaints based on algorithms — sometimes to wrong jurisdiction. Follow up and request transfer if needed.

Limited Follow-up: Status updates on portal are often delayed. Visit police station in person for actual progress.

1.4

Jurisdictional Rules under BNSS

📖BNSS Section 173
Ordinary Place of Inquiry and Trial (formerly CrPC S.177-178)
"Every offence shall ordinarily be inquired into and tried by a Court within whose local jurisdiction it was committed... Where an offence is committed partly in one local area and partly in another... it may be inquired into or tried by a Court having jurisdiction over any of such local areas."
🌐 Cyber Crime Jurisdiction — The Challenge

Cyber crimes inherently transcend physical boundaries. A hacker in Kolkata targets a server in Mumbai, steals data of victims in Delhi, and routes payments through accounts in Chennai. Where is the offence committed?

Answer (per BNSS S.173 read with IT Act S.75): The offence is committed at ALL these locations:

• Where the accused acted (Kolkata)

• Where the computer system was located (Mumbai)

• Where the victim suffered loss (Delhi)

• Where the proceeds were received (Chennai)

Jurisdiction BasisBNSS ProvisionPractical Application
Place of OffenceS.173(1)Where computer was accessed, where server located, where malware executed
Consequence LocationS.173(2)Where victim is located, where loss/injury occurred
Continuing OffenceS.173(3)Defamatory content accessible from multiple states — any state has jurisdiction
ExtraterritorialIT Act S.75Offence outside India affecting Indian computer — Indian courts have jurisdiction
Forum SelectionStrategic ChoiceComplainant can often choose among multiple valid jurisdictions
⚖️
Swapnil Tripathi v. Supreme Court of India
(2018) 10 SCC 639
"In cases involving offences committed through electronic medium, the offence can be deemed to have been committed at the place where the computer resource was located, where the victim is located, or where the consequence of the offence occurred."
💡 Strategic Forum Selection

When multiple jurisdictions are available, consider:

Convenience: Choose jurisdiction closest to your client

Cyber Cell Capability: Some cities have better-equipped cyber cells

Evidence Location: Where are witnesses and documents?

Court Pendency: Some courts have faster disposal rates

Precedent: Which High Court has favorable jurisprudence?

1.5

Zero FIR & Transfer Mechanisms

📖BNSS Section 173(3)
Zero FIR Concept
"When information about the commission of a cognizable offence is given to an officer in charge of a police station... such officer shall reduce the same to writing irrespective of the area in which the offence is committed, and forward the same to the police station having jurisdiction..."
📋 What is Zero FIR?

Zero FIR is an FIR registered at any police station regardless of jurisdiction, given serial number "0", and then transferred to the police station having actual jurisdiction.

Key Benefits:

No Jurisdictional Excuse: Police cannot refuse FIR citing lack of jurisdiction

Immediate Recording: Complaint recorded without delay — crucial for time-sensitive evidence

Transfer Mechanism: FIR transferred to appropriate police station for investigation

Citizen Convenience: Victim can approach nearest police station

⚖️
Lalita Kumari v. State of U.P.
(2014) 2 SCC 1
"Registration of FIR is mandatory under Section 154 of the Code, if the information discloses commission of a cognizable offence and no preliminary inquiry is permissible in such a situation... The police officer cannot refuse to register an FIR on the ground that the place of occurrence is not within his jurisdiction."
⚠️ When Police Refuse to Register FIR

Despite Lalita Kumari mandate, police sometimes refuse FIR registration. Remedies:

1. Written Complaint to SP/DCP: Send complaint by registered post to Superintendent of Police. If not acted upon within prescribed time, SP must explain.

2. Magistrate Complaint (BNSS S.200/223): File private complaint before Magistrate who can direct police to register FIR and investigate.

3. High Court Petition (Article 226): Writ of mandamus directing police to register FIR — most effective remedy.

4. NCRP Portal: Online complaint that creates documented trail and gets routed to appropriate authority.

✅ Transfer of Investigation

After Zero FIR, investigation may need to be transferred:

Within State: Transfer ordered by DGP or State Cyber Cell as per investigation requirements.

Inter-State: Application to High Court for transfer of investigation to another state (more common for trial transfer than investigation).

To CBI: High Court or Supreme Court can direct CBI investigation in cases involving inter-state elements or lack of faith in state police.

Grounds for Transfer: Convenience of parties, fair investigation concerns, inter-state nature of crime, better technical capability elsewhere.

⚖️
Arnab Goswami v. Union of India
(2020) SCC OnLine SC 462
"When identical or substantially similar allegations are made in multiple FIRs, and they arise out of the same incident or transaction, subsequent FIRs are liable to be quashed... The power to transfer investigation exists and should be exercised when fair investigation is in question."

🎯 Key Takeaways — Part 4.1

  • India has 4-tier cyber crime investigation hierarchy: National (I4C), State (Cyber Cells), District, Local
  • I4C coordinates nationally through NCRP portal (cybercrime.gov.in) and 1930 helpline
  • 1930 helpline critical for financial frauds — call within 24 hours for fund freeze
  • NCRP complaint is NOT a substitute for FIR — follow up at police station
  • Cyber crime jurisdiction exists at: place of offence, consequence location, victim location, server location
  • BNSS S.173 allows strategic forum selection among multiple valid jurisdictions
  • Zero FIR mandatory at any police station — cannot refuse citing jurisdiction (Lalita Kumari)
  • If FIR refused: complaint to SP, Magistrate complaint (S.200/223), High Court writ
  • Investigation transfer possible: within state (DGP), inter-state (High Court), to CBI (court order)
  • Multiple FIRs on same cause of action — subsequent FIRs quashable (Arnab Goswami)

📝 Assessment — Part 4.1 (10 Questions)

1. The National Cyber Crime Reporting Portal is operated by:
Correct: B. The NCRP portal (cybercrime.gov.in) is operated by I4C (Indian Cyber Crime Coordination Centre) under the Ministry of Home Affairs.
2. For financial cyber frauds, the most time-critical action is:
Correct: C. The 1930 helpline can coordinate immediate fund freeze within hours — critical before fraudsters withdraw money.
3. According to Lalita Kumari v. State of U.P., police:
Correct: A. Lalita Kumari mandates FIR registration when cognizable offence is disclosed. Police cannot refuse citing jurisdiction — they must register Zero FIR and transfer.
4. Under BNSS S.173 and IT Act S.75, cyber crime jurisdiction exists at:
Correct: D. Cyber crime jurisdiction is available at multiple locations — where accused acted, server located, victim located, and consequence occurred.
5. Zero FIR means:
Correct: B. Zero FIR is registered at any police station regardless of territorial jurisdiction, given serial number "0", and then transferred to appropriate police station.
6. If police refuses to register FIR, the most effective remedy is:
Correct: C. Writ of mandamus from High Court directing police to register FIR is the most effective judicial remedy when police refuses FIR registration.
7. CERT-In is the nodal agency for:
Correct: A. CERT-In (under MeitY) handles cyber security incidents, issues advisories, and receives mandatory data breach reports — but doesn't register FIRs or prosecute.
8. According to Arnab Goswami case, multiple FIRs on same cause of action:
Correct: D. When identical allegations arise from same incident, subsequent FIRs are quashable — only one FIR should proceed.
9. CBI investigation in cyber crime cases requires:
Correct: B. CBI needs either state government consent or court order (High Court/Supreme Court) to investigate — it cannot take up cases suo moto.
10. NCRP portal complaint:
Correct: C. NCRP complaint is not an FIR. For court proceedings requiring FIR, you need separate police station FIR or follow up to ensure conversion.