Power to Investigate Offences — Inspector and Above (Section 78)

Cybercrime is investigated by ordinary policemen working under an extraordinary statute. Section 78 of the Information Technology Act, 2000 is the short but pivotal provision that decides which policeman may lawfully take a cyber offence in hand. Originally it reserved that power to a Deputy Superintendent of Police; after the Information Technology (Amendment) Act, 2008 it was lowered to a police officer "not below the rank of Inspector". The change is far from cosmetic. It re-engineered the investigative chain for every offence in Chapter XI of the Act, sits in deliberate tension with Section 80 (which still demands a DSP for warrantless search and arrest), and interlocks with Section 77B's new cognizability scheme and Section 81's overriding clause. This chapter unpacks the text, the 2008 amendment, the rank logic, the cognizability question, and the rich case law on what happens when the wrong-ranked officer investigates — drawing throughout on the scheme of the Act and the Information Technology Act hub.

The Bare Text of Section 78

Section 78, as it presently stands, reads: "Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer not below the rank of Inspector shall investigate any offence under this Act." It is a single sentence, yet three of its limbs carry weight. First, the non-obstante opening — "Notwithstanding anything contained in the Code of Criminal Procedure, 1973" — signals that the provision displaces the ordinary CrPC scheme of investigation to the extent of inconsistency. Second, the rank floor — "not below the rank of Inspector" — fixes the minimum competence to investigate. Third, the universal object — "any offence under this Act" — extends the rule across the whole of the IT Act's penal chapter, not merely a chosen few sections.

The provision sits in Chapter XI ("Offences"), alongside the substantive offences in Sections 65 to 74 and the procedural provisions in Sections 77, 77A and 77B. Read in isolation it looks like a mere allocation rule. Read against the CrPC, it is a carve-out: under the general law of Section 156 CrPC an officer in charge of a police station — frequently a Sub-Inspector — may investigate a cognizable offence without a Magistrate's order. Section 78 raises that floor for IT Act offences, recognising that cyber investigation demands a more senior, presumably more experienced, officer. For the surrounding architecture of definitions and offences see the definitions chapter.

From DSP to Inspector: The 2008 Amendment

As originally enacted in 2000, Section 78 read "a police officer not below the rank of Deputy Superintendent of Police shall investigate any offence under this Act." The Information Technology (Amendment) Act, 2008 (Act 10 of 2009), brought into force on 27 October 2009, substituted "Inspector" for "Deputy Superintendent of Police". The amendment thus lowered the rank floor by two steps in the police hierarchy — from DSP (a gazetted officer) down through the Assistant/Deputy SP layer to Inspector, a non-gazetted station-house officer.

The legislative motive was practical. By 2008 the volume and geographic spread of cybercrime had outpaced the thin layer of DSP-rank officers. Confining every IT Act investigation to a DSP created bottlenecks, delayed FIRs and registration, and made it impossible to staff cyber cells at the district and police-station level. Lowering the floor to Inspector aligned IT Act investigation with the practical reality that the Inspector is typically the station house officer who first receives and registers a cyber complaint. The same 2008 amendment package also inserted Section 77B (cognizability and bailability) and recast the offences, so Section 78 must be read as one piece of a larger procedural overhaul rather than a stand-alone tweak. The broader thrust of the 2008 amendments — intermediaries, data protection, new offences — is surveyed in the introduction.

Why a Rank Floor at All?

The CrPC ordinarily permits investigation by the officer in charge of a police station, regardless of a special seniority threshold. Special statutes, however, frequently raise that floor where the subject matter is technical, the potential for harassment is high, or the offence touches sensitive interests. The Prevention of Corruption Act famously required (under the old Section 5A) investigation by an officer of a specified rank with magisterial sanction; the NDPS Act and others contain analogous safeguards. The rationale is twofold: competence and accountability. A more senior officer is assumed to bring better judgment to a technically intricate field, and the higher the rank, the lesser the perceived risk of casual or oppressive investigation.

For cybercrime the competence rationale is acute. Digital evidence is volatile, easily altered, and demands disciplined seizure, hashing and chain-of-custody handling. Section 78 embeds a structural assurance that the person directing such an investigation is at least of Inspector rank. Yet the legislature balanced competence against capacity: a DSP-only rule would have starved the system of investigators, so the 2008 amendment struck the compromise at Inspector — senior enough to be trusted, common enough to be available.

Section 78 versus Section 80: A Deliberate Asymmetry

One of the most testable points in this area is the deliberate asymmetry between Sections 78 and 80. Section 78 governs investigation and fixes the floor at Inspector. Section 80, by contrast, governs the more intrusive power to enter any public place, search and arrest without warrant a person reasonably suspected of an IT Act offence — and it retains the higher floor of a police officer "not below the rank of a Deputy Superintendent of Police" (or an authorised officer of the Central/State Government). The 2008 amendment touched Section 78's rank but left Section 80's DSP threshold intact.

The asymmetry is principled, not accidental. Routine investigation — recording statements, collecting documents, examining devices under proper authority — is entrusted to the Inspector. But the drastic, liberty-curtailing power of warrantless entry, search and arrest in a public place is reserved for the senior DSP. A student must not conflate the two: an Inspector may lawfully investigate an IT Act offence under Section 78, yet cannot invoke the special Section 80 power of warrantless search-and-arrest in a public place, which remains a DSP's preserve. Section 80(2) further provides that, except where inconsistent with the section, the CrPC applies to any entry, search or arrest made under it. The contrast with the warrantless powers and the scheme of secure handling is best read alongside secure electronic records and signatures.

Cognizability, Bailability and Section 77B

Section 78 tells us who may investigate; it does not, by itself, tell us whether an offence is cognizable. That is the work of Section 77B, also inserted by the 2008 amendment, which provides that — notwithstanding the CrPC — an offence punishable with imprisonment of three years and above shall be cognizable, and an offence punishable with imprisonment of up to three years shall be bailable. The two provisions operate together: Section 77B classifies the offence; Section 78 assigns the competent investigator.

The interaction matters because cognizability determines whether the police may register an FIR and investigate without a Magistrate's order under Section 156(1) CrPC, or whether they must first obtain an order under Section 155(2) for a non-cognizable offence. For the graver IT Act offences (three years and above), the Inspector under Section 78 may proceed on registration; for the lesser, bailable offences, the cognizance route is more constrained. Many IT Act offences — for instance Sections 66, 66C, 66D and 67 — carry maximum terms at or above three years and are therefore cognizable, squarely within the Inspector's Section 78 mandate. The classification of records and signatures that underpin these offences is treated in the chapter on digital and electronic signatures.

The Non-Obstante Clause and the CrPC

Section 78 opens with "Notwithstanding anything contained in the Code of Criminal Procedure, 1973." The clause does not oust the CrPC wholesale; it displaces the Code only to the extent of the specific subject Section 78 governs — namely the rank of the investigating officer. In every other respect the CrPC machinery of investigation continues to apply: registration of the FIR under Section 154, the power and duty to investigate under Section 156, recording of statements under Section 161, search and seizure under Sections 91 to 100, and the filing of a report under Section 173 all operate as usual. Section 78 simply substitutes its rank rule for the Code's lower default.

This reading flows from the settled canon that a non-obstante clause is confined to the field it addresses and is not to be read as a blanket repeal of the general law. The clause's effect is therefore narrow and surgical: where the CrPC would have permitted a Sub-Inspector to investigate a cognizable offence, Section 78 intervenes to require at least an Inspector for offences "under this Act." The overriding logic of the IT Act more generally is anchored in Section 81, discussed below.

The Reach of "Any Offence Under This Act"

The object of Section 78 — "any offence under this Act" — is expansive. It captures the full run of penal provisions in the IT Act: tampering with computer source documents (Section 65), the computer-related offences in Section 66 and its sub-clauses (66B receiving stolen device, 66C identity theft, 66D cheating by personation, 66E violation of privacy, 66F cyber terrorism), the obscenity offences (Sections 67, 67A, 67B), breach of confidentiality (Section 72), and the rest. For all of these, the investigator must satisfy the Inspector floor.

A recurring difficulty arises where the same facts disclose both an IT Act offence and an offence under the general penal law — say, cheating under the Indian Penal Code alongside Section 66D. Does Section 78 govern only the IT Act counts, or does it colour the investigation as a whole? This is the fault line litigated in the Gagan Harsh Sharma and Awadhesh Kumar Parasnath Pathak line of cases discussed in the next sections, where the overriding effect of the IT Act and the competence of the investigating officer were squarely in issue.

Gagan Harsh Sharma: Can the Officer Invoke the IPC at All?

In Gagan Harsh Sharma v. State of Maharashtra (Bombay High Court, decided 26 October 2018), employees were accused of stealing data and software from their employer. They were charged under Sections 408 and 420 of the Indian Penal Code and simultaneously under Sections 43, 65 and 66 of the IT Act. The petitioners argued that since the alleged acts fell squarely within the IT Act, the IPC charges could not stand. A Division Bench of the Bombay High Court accepted the argument, holding that where an offence is sufficiently covered by the IT Act, the special law operates as lex specialis to the exclusion of the IPC, by virtue of the overriding effect of Sections 79 and 81.

Crucially for our subject, the Court extended this reasoning to the investigative stage. It held that it is not permissible for the investigating officer to invoke and apply the provisions of the IPC, given the overriding effect of the IT Act, even at the stage of investigation. The decision thus tied the competence question in Section 78 to the substantive overriding question in Section 81: if the IPC counts fall away, the investigation proceeds purely as an IT Act investigation, governed by the Inspector floor. Whether this exclusion was too absolute became the next chapter in the story.

The Full Bench Course-Correction: Awadhesh Kumar Parasnath Pathak

A later Division Bench in Awadhesh Kumar Parasnath Pathak v. State of Maharashtra disagreed with Gagan Harsh Sharma and referred the conflict to a Full Bench. On 15 April 2024 the Full Bench of the Bombay High Court resolved the tension. It held that although the IT Act is a special enactment for cybercrime and carries an overriding effect under Section 81, that overriding effect does not wholly preclude the application of the IPC where the offences are not adequately addressed by the IT Act.

The Full Bench reasoned that neither Section 43 nor Section 66 of the IT Act covers a situation where the act is committed by inducing the owner or person in charge of a computer system through cheating — the ingredient of inducement central to Sections 415 and 420 IPC. Where the IT Act does not capture all the ingredients of the offence, the IPC may be simultaneously invoked. The practical effect for investigation is significant: an officer may, in a properly mixed case, pursue both the IT Act counts (subject to the Section 78 rank floor) and the IPC counts together, rather than being forced to abandon the IPC. The Full Bench thereby narrowed Gagan Harsh Sharma's broad exclusion while preserving the IT Act's primacy where it does cover the field. The principle dovetails with the Supreme Court's approach in Sharat Babu Digumarti, considered next.

Sharat Babu Digumarti: Special Law Over General Law

The Supreme Court's decision in Sharat Babu Digumarti v. Government (NCT of Delhi), (2017) 2 SCC 18 (decided 14 December 2016), is the leading authority on the IT Act's primacy in matters touching electronic records. The case grew out of the Baazee.com listing of an obscene video clip. The accused, a senior officer of the marketplace, faced charges under both Section 292 IPC (sale of obscene material) and Section 67 of the IT Act. The Court held that once an offence has a nexus or connection with an electronic record, the special provisions of the IT Act — and the protection of Section 79 — cannot be ignored or negated in favour of the IPC.

The Court reasoned that obscenity in electronic form is comprehensively dealt with by Section 67 of the IT Act, so the general provision of Section 292 IPC could not be pressed into service to circumvent the special scheme. For Section 78, the lesson is that the IT Act's procedural and investigative architecture — including the rank requirement — is not an optional overlay but the governing regime wherever the offence is genuinely an electronic-record offence. The decision supplies the doctrinal backbone for both Gagan Harsh Sharma and its Full Bench refinement.

Avnish Bajaj: Investigation, Directors and the Limits of Liability

Avnish Bajaj v. State (NCT of Delhi) — the Baazee.com / DPS MMS matter — is a touchstone for how an IT Act investigation translates into prosecution. The Managing Director of the marketplace was arrayed for an obscene listing uploaded by a user. The Delhi High Court in 2005 (Justice Vikramajit Sen) discharged him under Sections 292 and 294 IPC, holding that the IPC does not fasten automatic criminal liability on a director where the company is the accused; but it found a prima facie case under Section 67 read with Section 85 of the IT Act, since the Act's deeming provision can attach to those in charge.

The Supreme Court subsequently set aside even that finding, holding that vicarious liability could not be fastened on the director when the company itself had not been arraigned as an accused. The case is instructive for Section 78 in two ways. First, it shows that even a competently conducted investigation cannot manufacture liability the statute does not create. Second, it underscores that the IT Act's special provisions (Sections 67, 79, 85) govern the substance, even though the mechanics of investigation borrow from the CrPC as modified by Section 78.

What If the Wrong-Ranked Officer Investigates?

A practically vital question is the consequence when an officer below the rank of Inspector — say a Sub-Inspector — investigates an IT Act offence in breach of Section 78. Does the defect vitiate the trial? The governing principle comes from the Supreme Court's seminal decision in H.N. Rishbud and Inder Singh v. State of Delhi, AIR 1955 SC 196. There, investigation under the Prevention of Corruption Act had been conducted by an officer not legally empowered. The Court held that an illegality in the course of investigation does not, by itself, vitiate the resulting trial or the cognizance taken by the court, unless it has brought about a miscarriage of justice or caused prejudice to the accused. The defect, the Court said, can be cured and does not oust the jurisdiction of the trial court.

That principle was reaffirmed in State of Madhya Pradesh v. Mubarak Ali, AIR 1959 SC 707, again in the context of the rank-and-sanction safeguard under the Prevention of Corruption Act. The Court reiterated that breach of the investigative safeguard is an irregularity that does not automatically invalidate the trial absent demonstrated prejudice, though the prosecution must be prepared to justify the course taken when the objection is raised at the earliest opportunity. Applied to Section 78, the upshot is that investigation by a sub-Inspector-rank officer is a curable procedural illegality, not a jurisdictional bar — but it is far better practice (and the accused may legitimately object) for an Inspector to lead the investigation as the statute commands.

Section 81 and the Overriding Architecture

Section 78 cannot be fully understood without Section 81, the IT Act's general overriding clause: "The provisions of this Act shall have effect notwithstanding anything inconsistent therewith contained in any other law for the time being in force." A proviso added by the 2008 amendment carves out the Copyright Act, 1957 and the Patents Act, 1970, so that the IT Act does not restrict rights conferred under those intellectual property statutes. Section 81 is the doctrinal source of the special-law primacy the courts applied in Sharat Babu Digumarti, Gagan Harsh Sharma and the Awadhesh Full Bench.

For investigation, Section 81 and Section 78 work in tandem. Section 81 ensures that the IT Act's regime prevails over inconsistent general law; Section 78 ensures that, within that regime, the right-ranked officer investigates. Together with Section 77B's cognizability rule, they form a self-contained procedural triad layered on top of, but displacing where inconsistent, the CrPC. Students should also recall Shreya Singhal v. Union of India, (2015) 5 SCC 1, which struck down Section 66A and read down the intermediary-liability scheme in Section 79 — a reminder that the offences Section 78 directs officers to investigate are themselves subject to constitutional limits. The wider governance scheme of the Act is traced in electronic governance.

Putting It Together: The Investigative Workflow

In practice, a cyber offence travels a predictable path under the IT Act as modified by Sections 77B, 78 and 81. A complaint reaches the police station; the offence is classified for cognizability under Section 77B (three years and above being cognizable). If cognizable, an FIR is registered under Section 154 CrPC and investigation commences under Section 156, but the officer leading it must be of Inspector rank or above by force of Section 78. Where the more intrusive power of warrantless entry, search and arrest in a public place is required, the investigation must be elevated to a Deputy Superintendent of Police under Section 80. Throughout, digital evidence is collected, preserved and proved in accordance with the Act's provisions on electronic records and the rules of evidence.

Where the facts also disclose IPC offences with ingredients the IT Act does not capture — cheating by inducement being the paradigm — the post-Awadhesh position permits simultaneous invocation of the IPC, so the investigation may run on both tracks. Where the offence is purely one of electronic records squarely covered by the IT Act, Sharat Babu Digumarti directs that the special law governs. The thread that runs through the whole sequence is competence and authority: the right offence, classified correctly, investigated by the right-ranked officer, under the right statute. For the foundational concepts of attribution and records that these investigations turn on, see attribution, acknowledgment and dispatch of electronic records.