Abstract
The rapid growth of digital transactions — including e-commerce, online banking, fintech services, digital payments, and virtual assets — has reshaped consumer behaviour and financial activity in India. While these developments offer greater convenience, speed, and market access, they have also amplified risks of cyber-enabled financial fraud such as phishing, identity theft, impersonation, data breaches, UPI-related scams, and misuse of intermediary platforms. As consumers increasingly depend on digital systems and automated technologies, the need for a strong legal framework that protects consumer rights and ensures platform accountability becomes crucial. This paper examines the convergence of India’s cyber-law framework under the Information Technology Act, 2000 and consumer protection law embodied in the Consumer Protection Act, 2019, in dealing with online financial fraud. It analyses key statutory provisions, regulations, and judicial precedents governing liability, due-diligence obligations, and grievance-redressal mechanisms for intermediaries, e-commerce entities, digital service providers, and financial platforms. The study also highlights persistent enforcement challenges, including attribution of responsibility, jurisdictional complexities, evidentiary difficulties, cross-border data issues, and low consumer awareness.
INTRODUCTION
The digital revolution has transformed the landscape of commerce, finance, and personal interactions, offering unparalleled convenience through online banking, e-commerce, digital payments, and investment platforms. However, this shift has simultaneously amplified vulnerabilities, exposing consumers to a range of online frauds and financial scams such as phishing, identity theft, SIM-swap fraud, fake investment schemes, and digital impersonation. These cyber-enabled threats not only inflict financial losses on victims but also erode consumer trust and undermine the integrity of digital commerce.
In this context, the intersection of cyber law and consumer protection law becomes critical. Cyber law, primarily embodied in India’s Information Technology Act, 2000,[1] criminalizes offenses such as identity theft (Section 66C) and cheating by personation through electronic means (Section 66D), offering penal deterrence against digital misconduct. However, criminal prosecution alone may not provide immediate restitution to victims. Consumer protection law, under the Consumer Protection Act, 2019,[2] complements cyber law by enabling civil remedies, allowing consumers to claim compensation, refunds, or damages when fraud arises due to unfair trade practices, deficient services, or negligence by intermediaries like banks, e-commerce platforms, or fintech providers.
Judicial precedents illustrate this dual approach. Landmark decisions, such as Suhas Katti v. Tamil Nadu,[3] establish the admissibility of electronic evidence, crucial for prosecuting cybercrime. Consumer forum rulings increasingly hold financial institutions accountable for failing to prevent unauthorised transactions, demonstrating that liability extends beyond individual fraudsters to systemic negligence by intermediaries. Nonetheless, significant challenges persist, including the evolving sophistication of scams, jurisdictional and cross-border limitations, delays in enforcement, limited consumer awareness, and ambiguities in intermediary liability.
Scholarly research underscores that while statutory frameworks exist, effective protection requires synergy between law enforcement, regulatory oversight, technological safeguards, and consumer education. This paper explores the doctrinal, statutory, and judicial contours of this intersection in India, examining strengths, limitations, enforcement challenges, and emerging trends in cyber-enabled financial fraud. It also proposes reforms aimed at enhancing preventive regulation, evidence collection, institutional accountability, consumer awareness, and legislative updates to address emerging threats.
Ultimately, the study highlights that addressing online fraud and financial scams necessitates a holistic, multi-dimensional approach combining criminal accountability, civil redress, regulatory oversight, and consumer empowerment to ensure the credibility, safety, and resilience of the digital economy. The convergence of cyber law and consumer protection is not merely complementary but essential for a robust framework capable of responding to the complexities of digital commerce in the 21st century.
[1]The Information Technology Act, No. 21 of 2000 (India).
[2] Consumer Protection Act, No. 35 of 2019 (India).
[3]State of Tamil Nadu v. Suhas Katti, C.C. No. 4680/2004 (Addl. CMM, Egmore, Chennai Nov. 5, 2004).