Six of 10 cybercrime cases registered in India now come from just the southern states of Andhra Pradesh, Karnataka, Kerala, Tamil Nadu, and Telangana, as per the National Crime Records Bureau’s (NCRB) 2024 report released in May. Are southern states facing a cybercrime epidemic, or are they simply better at detecting and recording offences that go unreported elsewhere in India?An overview of the rate and incidence of cybercrime over three years shows a steady increase in the overall incidence and the rate (crimes reported per one lakh population). The increase may be because of the addition of new provisions in the Indian Penal Code (IPC)/Bharatiya Nyaya Sanhita (BNS) to capture emerging forms of cybercrime; creation of new heads in the “crime in India 2024 report” using existing provisions in the IT Act; contribution of southern states to overall incidence of cybercrime and share of some crimes such as fraud, cheating and forgery to cybercrime in the country.BNS, which came into force on July 1, 2024, introduced provisions that addressed emerging forms of cybercrime, such as sexual intercourse by deceitful means, organized cybercrime and publishing false or misleading information that jeopardizes the sovereignty, unity and integrity or security of India. The number of cases registered under these provisions was 99, 60 and 2, which indicates that BNS does not really help register a high number of cases. These additions, though, may facilitate the registration of cases in the future.A couple of new crime categories were found in the 2024 report that were not included in the reports released in previous years. These crime heads reflect the provisions of the IT Act, 2000, namely, breach of confidentiality and privacy and publication of an electronic signature for fraudulent purposes. Only 37 and five cases were registered under these categories in 2024. While the numbers are small, the inclusion of new classifications should be considered when interpreting year-on-year changes in cybercrime statistics.The most striking feature of the NCRB data is the concentration of cybercrime in southern India. Cybercrime cases across India rose steadily from about 65,000 in 2022 to 86,000 in 2023 and 1.1 lakh in 2024. Telangana recorded the highest incidence, with cases increasing from 18,000 in 2023 to 27,000 in 2024. Karnataka followed with 21,993 cases and a crime rate of 32.2. Tamil Nadu was among the lowest of the southern states recording an increase from 2,000 in 2022 to 6,000 in 2024, but its cybercrime rate rose from 47.8 to 71.1 per lakh population over the same period. Together, the southern states recorded 60,506 cases in 2024, accounting for 60% of cybercrime cases registered in the country.The concentration becomes more significant when viewed against national trends. While India added 15,508 cybercrime cases between 2023 and 2024, a substantial share of that increase came from southern states, particularly Telangana and Tamil Nadu. The growth in cybercrime is not spread evenly across offence categories; it is largely driven by fraud-related offences.Southern states accounted for 79.2% of all cheating-by-personation cases registered in India, 68.1% of fraud cases and 58.1% of cheating cases. There were also notable variations between states. In Karnataka, cheating by personation constituted the majority of cybercrime cases, while in Telangana, fraud cases dominated the statistics. In Tamil Nadu and Kerala as well, fraud and cheating-related offences accounted for a substantial share of overall cybercrime.Crime data is gathered to understand why and how crime occurs and to inform policy responses to reduce offences and consequences. So, why do victims exhibit poor reporting behaviour, or why are they hesitant to report their victimization to the agencies of the criminal justice system, particularly police? The answer could be fear of poor treatment at police stations or lack of faith in the system.The low incidence of crime can also be due to non-registration of cases. Police have the unreasonable fear that an increase in crime in a given jurisdiction would be taken as an indicator of poor performance. In truth, it is the other way around. If the system is responsive to public needs, victims will be encouraged to report. High reporting may be considered an indicator of good performance!A 2019 study in the Netherlands, of 97,000 victims, compared associations between victim characteristics and crime-reporting behaviour for cybercrime versus traditional crimes. Findings showed cybercrimes were among the least reported types of crime.Crime rate and incidence are the result of dynamic changes occurring in various spheres – social, economic, cultural and political. In the case of cybercrime, additional influences include the scale of digital transactions, internet usage, social media engagement and online financial activity.Viewed in this light, the disproportionately high incidence of cybercrime in southern states may reflect both greater exposure to digital risks and a greater willingness or ability to report such offences. The challenge for policymakers is to determine how much of the increase represents rising criminal activity and how much reflects improvements in detection and reporting.(The writer is professor, department of criminology at University of Madras)
