Go Back Research Article April, 2026

Legal Gaps in Cybercrime for Cloud Data Flows and the Machine Malfunction Defense

Abstract

Abstract : This research examines legal gaps in cybercrime and data protection enforcement for cloud-based data flows, focusing on how corporate defendants may evade penalties—or reduce exposure—by asserting “machine malfunction” (bugs, false activations, misconfigurations) to reframe unauthorized data collection as inadvertent rather than intentional. [14] [17] Using doctrinal and comparative methods, the paper analyzes primary sources: leading decisions of Indian High Courts and the Supreme Court, select foreign court decisions (notably U.S. federal courts) involving automated or “accidental” interception, and key statutes/regulatory instruments (IT Act 2000; CERT-In Directions 2022; DPDP Act 2023 and DPDP Rules 2025). [15] The analysis identifies recurring legal and evidentiary bottlenecks: intent requirements in criminal provisions, fragmented remedies, corporate arraignment/vicarious liability pitfalls, and cloud-forensics constraints on attribution and proof. [16] The paper concludes with recommendations for law reform, enforcement architecture, and technical controls designed to reduce ambiguity and make “malfunction” claims auditable rather than exculpatory by assertion.

Document Preview
Download PDF
Details
Volume 4
Issue 4
ISSN 2984-889X