Bengaluru: Procedural gaps, errors in documenting and preserving evidence, securing witnesses and a lack of accountability from intermediaries were some of the key factors affecting convictions in cybercrime cases in Karnataka, which remain abysmally low.

Between 2020 and July 2025, as many as 85,642 cases under the IT Act were registered in Karnataka, and only 204 accused were convicted — a mere 0.23 per cent.

Last year saw the most cases at 22,472 and the fewest convictions at 20, according to the data seen by DH.

Senior officials opined that many cases are part of the backlog, while others falter due to procedural errors.

This may be due to a lack of proper training or a failure to apply critical thinking when chargesheeting, the officials said.

Investigators struggle while securing witnesses, who, like the accused, more often than not reside in different parts of the country.

While notices have to be served in person and warrants issued, their compliance remains uncertain.

Equally challenging is the safeguarding of electronic evidence.

“The very nature of electronic evidence is such that it gets lost over time, naturally,” C Vamsi Krishna, joint commissioner of police (West Bengaluru), told DH.

Sample this: If only a copy of the CCTV footage is secured and produced as evidence, and the court, during trial, seeks the raw footage and the original file, which is often overwritten after a few weeks, the case falters. 

Vijayashankar Nagarajarao, a Bengaluru-based expert in cyberlaws, highlighted another challenge: the lack of cooperation from intermediaries such as banks, Internet Service Providers (ISPs), social media firms and email service providers in providing logs and other details that act as evidence. 

“Most of the reliable evidence gets stuck with intermediaries, who seldom cooperate. Till the time they are held accountable like the other suspects, securing convictions becomes challenging,” Nagarajarao told DH. 

“As an example, if the government takes strict action against Proton Mail and blocks the domain, which is used in many cases to send hoax bomb threats due to its anonymity and no-logs policy, it will send the necessary message. The IT Act provides for stringent measures if the intermediary does not cooperate in preventing the crime and assisting law enforcement.”

Another challenge are the mule accounts and the complex layering of transactions by cybercriminals to launder crime proceeds. Some knowingly lend their bank accounts as mules, while others are deceived.

In complex cases, investigators have traced layering up to 1,000 accounts. 

The individual peeling of the layers, gaining access and verifying each account, tracing the holders, serving notices and waiting for a response, all while cases keep getting registered, becomes nearly impossible.

Well-placed sources said efforts were underway to amend the laws and bring certain provisions to aid the probe and trial, while ensuring they don’t get misused.

“We have learnt from our experiences and have incorporated the solutions into our training. Along with the police, regular training is provided to prosecutors and judicial officers,” Vamsi Krishna said.