<p>Last month, a holistic unit was set up to tackle the growing menace of cybercrimes in Karnataka. Cyber Command, touted as the first of its kind in India and headed by an officer of DGP rank, will coordinate the work of 45 cybercrime police stations for ensuring cyber security of the State’s critical infrastructure, preventing and handling cybercrimes and tackling misinformation and disinformation. Within 20 days of this development, the Karnataka High Court directed the setting up of an SIT to probe a case involving a private drone development company whose sensitive defence technology data was allegedly stolen. The North-East CEN Police Station in Bengaluru had, apparently, failed to conduct even a custodial interrogation of the accused despite the rejection of their anticipatory bail pleas. Cyber Command has a long way to go to prove its capabilities.</p>.<p>More than 75,000 cybercrimes were reported between 2020-2024, according to the Karnataka Police’s annual crime reports. During the first quarter of 2025 alone, about 38,000 cases have been registered through a dedicated helpline. Financial losses incurred by victims in 2024 amounted to almost Rs 2,400 crore but the police were reportedly able to recover only 9% of this amount from the banks.</p>.Two held from Gujarat's Surat in Rs 1.12 crore cyber fraud case.<p>I learnt of one such victim who lost more than Rs 45 lakh while participating in a fake Whatsapp investment group, last year. Thankfully, she has in hand a court order directing SBI and another private sector bank to de-freeze the accounts to give her back about Rs 18.55 lakh. But since June 2024, she has been running from pillar to post to reclaim this amount. The most appalling development was the court’s staff telling her that her case file had gone missing. Her application for certified copies of the case papers submitted under the court’s own rules was ignored. The clerks even told the judge, who granted her relief, that the file could not be traced.</p>.<p>I helped her file an RTI application demanding an inspection of the <br />case file. Miraculously, the file reappeared in the registry within less than two weeks! We do not know whether <br />the threat of penalty imposable <br />under the RTI Act, up to Rs 25,000, worked its magic.</p>.<p>However, I was not as lucky with my RTI intervention. After learning of the lady’s sordid saga, I decided to pay attention to the problem of cyber bank fraud. The first step was to explore the questions raised in Parliament. In February this year, the Union Home Ministry informed the Lok Sabha that as many as 9.23 lakh mule accounts have been lien-marked (to prevent the account holders from withdrawing the deposited funds). Details of more than 18.28 lakh mule accounts had been shared with banks and other financial institutions participating in the Suspect Registry. Mule accounts are bank accounts opened by KYC-compliant customers but operated by scamsters to commit fraud. Parliament was also told that social media influencers were employed to spread awareness about cybercrimes through SMS, and social media platforms such as X, Facebook, Instagram, and Telegram.</p>.<p>In February this year, I filed an RTI application with the Home Ministry asking for bank-wise data about the lien-marked accounts and the red-flagged mule accounts. I also sought the social media account details of the influencers who had been hired for public education and the remuneration they were paid for this purpose.</p>.<p>The Central Public Information Officer (CPIO) refused access to the bank-wise number of accounts already identified for involvement in fraud, saying it was available only to the participating entities of the Suspect Registry. The CPIO mechanically cited RTI exemption clauses that protect national security and ongoing investigation processes as also the information shared in fiduciary relationships. However, the CPIO supplied a list of eight social media handles and URLs used for the public education campaign saying that none of the influencers had been paid any money. When I appealed the refusal of statistical data, the appellate authority simply upheld the CPIO’s order without bothering to respond to my arguments calling for disclosure.</p>.<p>What the Ministry is trying to protect by treating even statistical data about cybercrimes like sarkari secrets is anybody’s guess. I plan to challenge this refusal before the Central Information Commission. Given the pendency of more than 23,600 appeals and complaints there, my case is not likely to see the light of day until next year. Meanwhile, the doughty lady is yet to see a single paisa of the funds she is entitled to get back.</p>
<p>Last month, a holistic unit was set up to tackle the growing menace of cybercrimes in Karnataka. Cyber Command, touted as the first of its kind in India and headed by an officer of DGP rank, will coordinate the work of 45 cybercrime police stations for ensuring cyber security of the State’s critical infrastructure, preventing and handling cybercrimes and tackling misinformation and disinformation. Within 20 days of this development, the Karnataka High Court directed the setting up of an SIT to probe a case involving a private drone development company whose sensitive defence technology data was allegedly stolen. The North-East CEN Police Station in Bengaluru had, apparently, failed to conduct even a custodial interrogation of the accused despite the rejection of their anticipatory bail pleas. Cyber Command has a long way to go to prove its capabilities.</p>.<p>More than 75,000 cybercrimes were reported between 2020-2024, according to the Karnataka Police’s annual crime reports. During the first quarter of 2025 alone, about 38,000 cases have been registered through a dedicated helpline. Financial losses incurred by victims in 2024 amounted to almost Rs 2,400 crore but the police were reportedly able to recover only 9% of this amount from the banks.</p>.Two held from Gujarat's Surat in Rs 1.12 crore cyber fraud case.<p>I learnt of one such victim who lost more than Rs 45 lakh while participating in a fake Whatsapp investment group, last year. Thankfully, she has in hand a court order directing SBI and another private sector bank to de-freeze the accounts to give her back about Rs 18.55 lakh. But since June 2024, she has been running from pillar to post to reclaim this amount. The most appalling development was the court’s staff telling her that her case file had gone missing. Her application for certified copies of the case papers submitted under the court’s own rules was ignored. The clerks even told the judge, who granted her relief, that the file could not be traced.</p>.<p>I helped her file an RTI application demanding an inspection of the <br />case file. Miraculously, the file reappeared in the registry within less than two weeks! We do not know whether <br />the threat of penalty imposable <br />under the RTI Act, up to Rs 25,000, worked its magic.</p>.<p>However, I was not as lucky with my RTI intervention. After learning of the lady’s sordid saga, I decided to pay attention to the problem of cyber bank fraud. The first step was to explore the questions raised in Parliament. In February this year, the Union Home Ministry informed the Lok Sabha that as many as 9.23 lakh mule accounts have been lien-marked (to prevent the account holders from withdrawing the deposited funds). Details of more than 18.28 lakh mule accounts had been shared with banks and other financial institutions participating in the Suspect Registry. Mule accounts are bank accounts opened by KYC-compliant customers but operated by scamsters to commit fraud. Parliament was also told that social media influencers were employed to spread awareness about cybercrimes through SMS, and social media platforms such as X, Facebook, Instagram, and Telegram.</p>.<p>In February this year, I filed an RTI application with the Home Ministry asking for bank-wise data about the lien-marked accounts and the red-flagged mule accounts. I also sought the social media account details of the influencers who had been hired for public education and the remuneration they were paid for this purpose.</p>.<p>The Central Public Information Officer (CPIO) refused access to the bank-wise number of accounts already identified for involvement in fraud, saying it was available only to the participating entities of the Suspect Registry. The CPIO mechanically cited RTI exemption clauses that protect national security and ongoing investigation processes as also the information shared in fiduciary relationships. However, the CPIO supplied a list of eight social media handles and URLs used for the public education campaign saying that none of the influencers had been paid any money. When I appealed the refusal of statistical data, the appellate authority simply upheld the CPIO’s order without bothering to respond to my arguments calling for disclosure.</p>.<p>What the Ministry is trying to protect by treating even statistical data about cybercrimes like sarkari secrets is anybody’s guess. I plan to challenge this refusal before the Central Information Commission. Given the pendency of more than 23,600 appeals and complaints there, my case is not likely to see the light of day until next year. Meanwhile, the doughty lady is yet to see a single paisa of the funds she is entitled to get back.</p>
