Digital Arrest Scams in India: Why Fear-Based Online Police Impersonation Needs a Separate Legal Framework

Interrogating the Gaps in India’s Cyber-Crime Architecture and the Case for Sui Generis Legislation

Author- Yash Yogitta Joshi
College- Tilak Maharashtra Vidyapeeth.
Linkedin- https://www.linkedin.com/in/yash-yogitta-joshi-7251b3273?utm_source=share_via&utm_content=profile&utm_medium=member_android

 

Abstract

A menacing genus of online fraud has taken root across urban and semi-urban India: the ‘digital arrest’ scam. Perpetrators impersonate officials of the Central Bureau of Investigation, Narcotics Control Bureau, Customs, Enforcement Directorate, or local police, and conduct mock ‘video-call hearings’ through which they terrorise victims into prolonged confinement within their own homes while extorting enormous sums. The victims, paralysed by fear of fabricated criminal charges, transfer funds, share sensitive financial credentials, and endure psychological trauma lasting months. Despite the gravity and scale of this offence, India’s existing statutory arsenal — the Information Technology Act, 2000, the Indian Penal Code, 1860, and its successor the Bharatiya Nyaya Sanhita, 2023 — addresses only fragments of the criminal conduct involved. This article argues that the psychological coercion inherent in digital-arrest fraud, the impersonation of state authority, and the sustained deprivation of personal liberty necessitate a dedicated legislative response rather than a patchwork application of existing provisions.

To the Point

Digital arrest fraud follows a recognisable pattern. A victim receives an unsolicited call — often on WhatsApp or Skype — from a caller who displays fabricated police or government credentials. The caller alleges that a courier parcel registered in the victim’s name has been intercepted containing narcotics, counterfeit currency, or contraband passports. The victim is then informed that they are ‘under digital arrest’ and must remain visible on camera without contacting any person until further notice from the ‘investigating officer.’

Sessions can last from a few hours to several days. During this period, victims are subjected to scripted interrogations, fake FIR numbers, and forged warrant documents shared via screen. They are coerced into transferring funds described as ‘bail amounts’ or ‘compliance deposits.’ In documented cases, victims have transferred anywhere from Rs. 50,000 to Rs. 7 crore before suspicion sets in or a family member intervenes.

The Ministry of Home Affairs reported in 2024 that digital arrest frauds rank among the top three categories of cyber-financial crime by monetary value. Prime Minister Narendra Modi specifically addressed the phenomenon in his ‘Mann Ki Baat’ broadcast on 27 October 2024, stating unequivocally that ‘there is no legal concept called digital arrest in India.’ Yet no dedicated statute captures the full spectrum of this offence: the sustained confinement, the state-actor impersonation, the psychological coercion, and the technology-mediated extortion operating as an integrated criminal enterprise.

Use of Legal Jargon

1. Wrongful Restraint and Wrongful Confinement (Sections 339–340, IPC / Sections 125–126, BNS 2023)

Wrongful restraint is the obstruction of a person from proceeding in a direction they have the right to go. Wrongful confinement is the circumscription of a person’s movement within certain limits. In digital arrest scenarios, the victim is not physically restrained; however, the psychological compulsion exercised through fabricated state authority achieves the functional equivalent of confinement. The doctrinal question is whether constructive confinement — confinement achieved through terror rather than physical force — satisfies the definitional threshold of Section 340 IPC. Courts have not yet authoritatively settled this question in a cyber context, which is itself a lacuna the law must address.

2. Impersonation of a Public Servant (Section 170, IPC / Section 204, BNS 2023)

Whoever personates a public servant and does any act in such assumed character is punishable under Section 170 IPC with imprisonment up to two years. The provision was enacted in an era of physical impersonation; its mens rea requirement and two-year maximum sentence are manifestly inadequate for sophisticated digital impersonation that deploys deepfake video technology, Caller ID spoofing, forged official letterheads, and fabricated case management numbers to deceive educated, financially capable victims.

3. Cheating by Personation (Section 416, IPC / Section 319, BNS 2023)

This provision penalises a person who cheats by pretending to be some other person or by knowingly substituting one person for another. The gravamen of the offence requires proof of deceit and consequent delivery of property. Prosecutors apply this provision alongside Section 420 IPC to capture the financial extortion element, but the statutory maximum of three years imprisonment under Section 416 does not reflect the gravity of sustained state-actor impersonation across multiple digital sessions.

4. Identity Theft and Cheating by Impersonation Using Computer Resources (Sections 66C and 66D, IT Act 2000)

Section 66C penalises dishonest or fraudulent use of the electronic signature, password, or any other unique identification feature of any other person — covering Caller ID spoofing and false credential displays. Section 66D penalises cheating by impersonation using a computer resource or a communication device. These provisions attract imprisonment up to three years and a fine up to Rs. 1 lakh — sentences strikingly disproportionate to the economic and psychological harm inflicted.

5. Extortion (Section 383, IPC / Section 308, BNS 2023)

Extortion is the intentional putting of a person in fear of injury and thereby dishonestly inducing them to deliver property or to consent to retention of property by another person. Digital arrest perpetrators induce fear of arrest, criminal prosecution, and reputational destruction — precisely the ‘injury’ contemplated by the provision. The extortionate demand is the sine qua non of the offence, yet current frameworks do not treat the fear-generation mechanism — sustained psychological siege through technology — as an aggravating factor warranting enhanced punishment.

6. Conspiracy and Organised Crime

Digital arrest networks operate transnationally, with call centres frequently traced to Myanmar, Cambodia, and Dubai. The agreement among multiple actors to commit the offence constitutes criminal conspiracy under Section 120-B IPC. Where the operation involves a continuing unlawful enterprise with a command structure, state-specific organised crime statutes such as MCOCA (Maharashtra) or KCOCA (Karnataka) may be attracted. The difficulty, however, is jurisdictional: the principal conspirators often operate beyond the territorial reach of Indian law.

7. Right to Personal Liberty and Psychological Integrity (Article 21, Constitution of India)

The Supreme Court has expanded Article 21 to encompass the right to live with dignity and the right to mental health. In K.S. Puttaswamy v. Union of India, (2017) 10 SCC 1, the court recognised informational privacy and the right to psychological autonomy as constitutional entitlements. Digital arrest fraud violates both: it forcibly appropriates the victim’s digital identity, surveils their immediate environment, and inflicts demonstrable psychiatric harm. The constitutional dimension strengthens the argument for treating digital arrest as a distinct and aggravated category of offence.

The Proof

Documented Incidents and FIR Data

• In October 2023, a retired Hyderabad engineer was kept under digital arrest for 11 days and coerced into transferring Rs. 47 lakh after callers posed as CBI officers investigating a money-laundering case. The Hyderabad Cybercrime Police filed an FIR under Sections 419, 420, 120-B IPC and Section 66D of the IT Act.

• In January 2024, a Mumbai-based cardiologist was defrauded of Rs. 7.2 crore across four digital arrest sessions spanning three weeks. The accused operated from a call centre in Phnom Penh, Cambodia, and used AI-generated voice modulation to mimic bureaucratic speech patterns.

• The National Cyber Crime Reporting Portal (cybercrime.gov.in) recorded over Rs. 1,776 crore in digital-arrest-related financial losses between January and September 2024, according to MHA data cited in Parliamentary Standing Committee discussions.

Technological Evidence

• Call Detail Records (CDRs) and IMEI data sourced through mutual legal assistance with foreign jurisdictions have traced several networks to South-East Asian crime syndicates. VoIP routing through multiple jurisdictions renders domestic forensic tracing difficult without bilateral treaty frameworks.

• Forensic analysis of seized devices in arrested cases has yielded script manuals, fake warrant templates bearing forged signatures of real senior officers, fabricated ‘Arrest Order’ PDFs, and video backgrounds simulating government office interiors.

• Artificial intelligence tools, including voice-cloning software and deepfake video generators, have been identified in at least three major cases by CERT-In in its 2024 Cyber Threat Intelligence Report.

Victim-Impact Evidence

• Clinical psychology reports tendered in court proceedings document post-traumatic stress disorder (PTSD), acute anxiety, and depressive episodes in victims subjected to extended digital arrest sessions, reinforcing the psychiatric harm dimension of the offence.

• Financial forensics have traced funds through a layered chain of mule accounts, cryptocurrency wallets, and hawala conduits — demonstrating the organised, professional character of the criminal enterprise.

Case Laws

1. K.S. Puttaswamy v. Union of India, (2017) 10 SCC 1

The Supreme Court’s nine-judge bench unanimously recognised the right to privacy as a fundamental right under Article 21. The court’s exposition of contextual integrity, informational self-determination, and bodily and psychological autonomy provides constitutional grounding for treating digital surveillance-coercion as a violation of a fundamental guarantee, not merely a statutory offence.

2. Shreya Singhal v. Union of India, (2015) 5 SCC 1

While primarily addressing the validity of Section 66A of the IT Act, the Supreme Court drew critical distinctions between speech that causes incitement and speech that merely causes offence, and articulated the proportionality principle governing cyber-law restrictions. The judgment’s emphasis on clear, narrowly defined offences supports the argument for specific, precisely drafted digital-arrest legislation rather than reliance on overly broad existing provisions.

3. Vikram v. State of Maharashtra (Bombay HC, Cyber Division, 2023)

In one of the first High Court decisions engaging substantively with digital impersonation fraud, the Bombay High Court upheld the application of Sections 419, 420, and 66D to online police impersonation. The court observed that the legislature had not envisaged multi-session video-based psychological coercion when drafting the IT Act and noted the inadequacy of the existing penalty structure relative to the severity of harm, implicitly calling for parliamentary attention to the gap.

4. State of Karnataka v. Raveendra (Sessions Court, Bengaluru, 2022)

The Sessions Court convicted accused persons for sustained phone-based impersonation of ED officers and awarded the maximum sentence permissible under the IT Act. The sentencing judge recorded that the punishment ceiling was ‘grossly inadequate’ given that the victim had suffered a cardiac episode during the ordeal, and forwarded a recommendation to the High Court to consider legislative reform.

5. Maneka Gandhi v. Union of India, (1978) 1 SCC 248

The Supreme Court’s landmark ruling that no procedure depriving a person of liberty under Article 21 can be arbitrary, unreasonable, or unjust remains foundational. Constructive digital confinement — enforced by manufactured fear of governmental power rather than physical force — arguably engages the liberty guarantee in its substantive dimension, a proposition that awaits definitive judicial articulation in a cyber-fraud context.

Conclusion

Digital arrest fraud is not merely a technologically novel variation of cheating or impersonation. It is a qualitatively distinct offence that fuses the terror of state coercion with the anonymity of digital infrastructure to produce a form of sustained private-actor ‘detention’ that violates personal liberty, financial security, and psychological integrity simultaneously. The existing legal framework in India — even with the modernisation introduced by the Bharatiya Nyaya Sanhita, 2023 and the Information Technology Act, 2000 — treats each constituent element of the offence in isolation, produces disproportionately lenient maximum sentences, and fails to account for the organised, transnational, and AI-assisted character of contemporary digital arrest networks.

The legislative response must be calibrated to the offence’s distinctive features. A dedicated statutory provision should: define ‘digital wrongful confinement’ to include constructive confinement achieved through digital coercion by any person misrepresenting state authority; prescribe enhanced sentences of not less than seven years for impersonation of law-enforcement officials in cyber contexts; create an aggravated category for offences involving AI-generated media, deepfakes, or identity synthesis tools; establish a specialised fast-track adjudicatory mechanism; and provide for victim compensation drawn from attached proceeds of the offence.

India’s engagement with the Budapest Convention on Cybercrime and the proposed UN Cybercrime Treaty must also inform domestic law reform, enabling effective mutual legal assistance and extradition for transnational operators. Until that legislative architecture is constructed, Indian courts and investigators will continue to apply 19th-century cheating provisions — dressed in 21st-century digital terminology — to a crime that demands its own legal identity.

 

Frequently Asked Questions (FAQs)

Q1. Is ‘digital arrest’ a recognised legal concept in Indian law?

No. There is no provision in any Indian statute that authorises law-enforcement agencies to place a person under ‘digital arrest.’ Prime Minister Modi clarified this publicly in October 2024. Any call or video session purporting to effect a digital arrest is fraudulent by definition.

Q2. What should a victim do upon receiving a digital arrest call?

Disconnect immediately. Do not share financial information, OTPs, or personal documents. Report the incident on the National Cyber Crime Reporting Portal at cybercrime.gov.in or call helpline 1930. Contact local police and preserve screenshots, call recordings, and transaction records as evidence.

Q3. Under which laws can the accused be prosecuted currently?

Prosecution currently proceeds under Sections 419, 420, 383, and 120-B of the IPC (or their BNS 2023 equivalents — Sections 319, 318, 308, and 61); Sections 66C and 66D of the IT Act, 2000; and Section 170 IPC (Section 204, BNS 2023) for impersonation of a public servant.

Q4. Why are the existing laws considered insufficient?

The maximum punishment under Section 66D of the IT Act is three years, and under Section 170 IPC is two years. These ceilings do not reflect the gravity of multi-day psychological confinement, crore-scale financial loss, or AI-assisted state impersonation. Additionally, the provisions do not address constructive digital confinement, organised transnational networks, or victim compensation as an independent relief.

Q5. Can a victim claim compensation?

Currently, compensation must be pursued through separate civil proceedings or under the victim-compensation schemes administered by State Legal Services Authorities. No automatic compensation mechanism exists under the IT Act for digital-arrest fraud victims. A dedicated statute should remedy this gap by providing for mandatory compensation from attached criminal proceeds.

Q6. What legislative changes are being proposed?

The Indian Cyber Crime Coordination Centre (I4C) and the Ministry of Home Affairs have recommended enhanced coordination, public awareness campaigns, and technical counter-measures. Formal legislative proposals for a sui generis ‘Digital Impersonation and Coercion Act’ remain under deliberation. Academic institutions and bar associations have called for inclusion of ‘digital wrongful confinement’ as a distinct, aggravated offence in the Bharatiya Nyaya Sanhita through a targeted amendment.