What if someone became you online and you had to spend a year proving you were the real one?

In Episode 5 of Beyond Consent, we break down what identity theft actually looks like in India today, not the Hollywood version, but the version that happens to ordinary people. Fakeprofiles, Aadhaar misuse, SIM swapping, data breaches. And the legal maze survivors are expected to navigate alone.

Through Meera’s story, we show how a single identity theft can damage finances, professional reputation, and personal relationships simultaneously and what to do about it.

Listen if you’ve searched: identity theft India • fake profile India • Aadhaar misuse • SIM swapping India • IT Act Section 66C • impersonation online India • what to do if someone is impersonating me online

What this episode covers

• What digital identity theft actually includes, beyond stolen credit cards

• Five forms of identity theft most common in India: fake profiles, account takeover, Aadhaar misuse, SIM swapping, phishing for credentials

• Meera’s story: fake LinkedIn profile, Aadhaar-linked SIM fraud, and the four-agency reporting maze

• The legal framework: IT Act 66C (identity theft), 66D (impersonation), IPC 419 and 420

• Why identity theft is hard to prosecute, digital forensics, jurisdiction, platform cooperation

• Why documentation is the single most important thing a victim can do

• Practical steps if your identity has been stolen

• How to check if your Aadhaar has been used without your knowledge

• The emotional cost: having to prove you are who you say you are

Key Takeaways

• Digital identity theft is not just financial, it affects reputation, relationships, and mental health

• Your face, name, and voice are now assets that can be stolen and weaponised

• Most victims don’t find out for weeks or months, by then the damage is layered

• The reporting process for identity theft often involves multiple separate agencies, plan for this

• You are not responsible for someone else’s decision to steal from you

The Five Forms of Digital Identity Theft Covered

1. Fake social media profiles

Using your photos and name tocreate impersonation accounts that contact your network.

2. Account takeover

Taking control of your existingsocial media or email account and using it to communicate as you.

3. Aadhaar / PAN misuse

Using your government ID detailsto open bank accounts, register SIM cards, or take loans in your name.

4. SIM swapping

Convincing a telecom provider toissue a new SIM with your number, then using it to intercept OTPs and accessfinancial accounts.

5. Phishing for credentials

Fake login pages for Gmail,banking apps, or government portals that capture your username and password.

Relevant Laws

• IT Act Section 66C — identity theft using electronic signature or unique identifier. Punishment: up to 3 years + fine

• IT Act Section 66D — impersonation using a computer resource. Same punishment

• IPC Section 419 — cheating by impersonation

• IPC Section 420 — cheating and dishonestly inducing delivery of property

• Aadhaar Act 2016 — offence provisions for Aadhaar misuse

• IT Act Section 66E — relevant where identity theft involves non-consensual image use

Prevention: Reduce Your Risk

• Audit your social media privacy settings — most people have far more public than they realise

• Set up a free Google Alert for your own name to flag fake profiles early

• Be careful where you share document copies — use watermarked copies for KYC where possible

• Enable SIM lock with your telecom provider — makes SIM swapping significantly harder

• Check your Aadhaar authentication history at uidai.gov.in to see if it has been used without your knowledge

• Check if your email has appeared in a data breach: haveibeenpwned.com (free)

• Use unique passwords for every account, especially email and banking

• Enable two-factor authentication (2FA) on all accounts, preferably via an authenticator app not SMS

India’s primary cyber law was written in the year 2000. WhatsApp didn’t exist. Deepfakes didn’t exist. AI-generated abuse didn’t exist.

In Episode 4 of Beyond Consent, we examine the structural reasons why law enforcement keeps falling short in cybercrime cases, not as an excuse, but as an explanation. Through Priya’sstory of cyberstalking and repeated institutional failure, we name four specific gaps: no case continuity, evidence burden on survivors, harmful questioning, and no follow-up protocol.

And we ask: what would actually need to change?

Listen if you’ve searched: police cybercrime training India • IT Act 2000 gaps • cyberstalking law India • why cybercrime complaints fail • trauma-informed policing India • Section 354D IPC stalking

What this Episode Covers

• Why India’s IT Act (2000, amended 2008) struggles to cover 2025 crimes like deepfakes and AI-generated abuse

• The absence of a standardised national cybercrime training curriculum for police

• Training disparities between metro cyber cells and district-level units

• Why gender-based cybercrimes require trauma-informed response, and why that’s almost entirely absent

• Priya’s story: cyberstalking, harmful questioning, and the cost of having to re explain everything

• Four named structural failures: case continuity, evidence burden, investigative re-traumatisation, no follow-up protocol

• What legal and digital rights organisations are calling for

• A direct message to anyone who has been through this

Key Takeaway

• India’s IT Act was written before most of today’s digital crimes existed, the legal framework is structurally behind

• Cybercrime training is state-level and inconsistent, outcomes depend on geography and available officers

• Gender-based digital crimes require trauma-informed response, not just technical expertise

• Asking survivors about romantic history or personal behaviour has no investigative value, it is a product of untrained instinct

• If your complaint was dismissed, questioned, or buried in process, that is not evidence that your harm wasn’t real

What needs to Change

• Mandatory trauma-informed training for all officers handling gender-based cybercrime complaints

• Dedicated case officers, one complaint, one point of contact, tracked throughout

• Survivor communication protocols, automatic updates at 30, 60, 90 days

• Updated IT Act to specifically address deepfakes, AI-generated abuse, and real-time digital surveillance

• Standardised national training curriculum across all state cyber cells

Relevant Laws Mentioned

• Information Technology Act, 2000- primary cyber law framework

• IT Act Section 66E- privacy violation (publishing images without consent)

• IT Act Section 67A- sexually explicit content online

• IPC Section 354D- cyberstalking

• IPC Section 354C- voyeurism

• IPC Section 509- words or gestures intended to insult the modesty of a woman

Resources

Reporting:

• National Cyber Crime Reporting Portal: cybercrime.gov.in

• Cyber Crime Helpline: 1930 (24×7)

• National Commission for Women Helpline: 181

• State Cyber Cell contacts: cybercrime.gov.in/Webform/Crime_NodalGrivanceList.aspx

Legal guidance:

• NCORE Foundation: ncorefoundation.org

• Cyber Saathi: cybersaathi.org

• NALSA Legal Aid: 15100

• Internet Freedom Foundation (digital rights): internetfreedom.in

Mental health support:

• iCALL (TISS): +91-9152987821 — Mon–Sat, 8am–10pm

• Sneha Foundation: +91-44-24640050 (24×7)

• Vandrevala Foundation: 1860-266-2345 (24×7)

You’ve been harassed online.You’ve documented everything. You’ve done what everyone said to do. So you walk into a cyber cell.

And the first thing the officer asks is: “Why were your photos public?”

In Episode 3 of Beyond Consent, we go inside the real experience of reporting cybercrime to law enforcement inIndia. Through Kunal’s story, a composite based on multiple documented cases we explore what cyber cells actually do, why jurisdiction creates delays that feel like inaction, and why so many people leave feeling more confused than when they walked in.

This episode is not about blaming officers. It’s about replacing myths with clarity, so if you ever need to walkin, you know what you’re walking into.

Listen if you’ve wondered: what happens when I report cybercrime in India • what does a cyber cell actually do • why do cybercrime complaints take so long • how to prepare before filing a complaint • IT Act jurisdiction India • cybercrime reporting process IndiaWhat This Episode Covers

• What cyber cells are and what they are not

• Kunal’s composite story: fake profiles, workplace damage, and three visits to the cyber cell

• Why the question ‘why were your photos public?’ is both procedural and harmful

• How jurisdiction over platform servers creates real investigative limits

• Why evidence burden falls on the survivor, not the system

• Training gaps across state cyber cells and what that means for case outcomes

• The gap between lived harm and procedural logic, where survivor frustration grows

• What to do before, during, and after a cyber cell visit

Key Takeaways

• Cyber cells are part of the regular police system, not specialised tech agencies

• Jurisdiction depends on where the complainant, accused, and platform servers are, which creates genuine delays

• Inconsistent training across states means outcomes can vary significantly based on where you report

• Feeling dismissed is not evidence that your case isn’t serious it’s evidence of a system gap

• Preparation is the only leverage survivors have while structural change is still pending

Practical guide: Going to a Cyber Cell

Before you go:

• Organise all evidence chronologically, oldest to newest

• Write a one-page factual summary: what happened, when, where, which platform, who was involved

• Print your evidence, officers may need physical copies for their log

• Carry a government-issued ID (Aadhaar preferred)

• Note down all relevant URLs, profile links, and transaction IDs

While you’re there:

• Stick to facts, avoid speculation or emotional framing in your statement

• Always ask for a complaint number or diary entry before you leave

• If asked irrelevant questions, you can say: ‘I’m not sure how that’s relevant, can you help me understand?’

• You are not required to justify why you were online, what you posted, or who you spoke to

• If redirected to the online portal, file there AND in person, both create records

After:

• Follow up in writing to the cyber cell if there is an email address

• Keep copies of your complaint acknowledgement and all documents submitted

• Two weeks is a reasonable starting timeline for a follow-up

• If no response, escalate to your state’s cyber nodal officer, link in resources below

• Stepping back at any point, does not erase the harm or mean you failed

Resources

Reporting:

• National Cyber Crime Reporting Portal: cybercrime.gov.in

• Cyber Crime Helpline: 1930 (24×7)

• State Cyber Cell Nodal Officers: cybercrime.gov.in/Webform/Crime_NodalGrivanceList.aspx

Legal guidance:

• NCORE Foundation (legal + psychological support): ncorefoundation.org

• Cyber Saathi (cyber law awareness): cybersaathi.org

• CCCBI (complaint drafting support): cccbi.in/services

• NALSA Legal Aid Helpline: 15100

Mental health support:

• iCALL (TISS): +91-9152987821 — Mon–Sat, 8am–10pm

• Vandrevala Foundation: 1860-266-2345 / 1800-233-3300 (24×7)

• AASRA: +91-22-27546669 (24×7)