Bolstering Digital Defenses: Bombay High Court Paves Way for Expert-Led Cyber Security Upgrades

In a proactive move to address the increasing threats against government digital infrastructure, the Bombay High Court has disposed of a Public Interest Litigation (PIL) that sought to fortify Maharashtra’s government websites against cyber-attacks. The bench, comprising Chief Justice Alok Aradhe and Justice Bharati Dangre, opted for a collaborative, results-oriented approach by inviting the petitioner—a seasoned expert in Information Technology and Law—to engage directly with state cyber authorities.

The Petitioner’s Case: Aligning Expertise with Governance

The petitioner, Ruzbeh Dossabhoy Raja, brought this litigation before the court not merely as a concerned citizen, but as an expert. Holding a Master of Laws (LL.M.) with a specialization in IT and Intellectual Property Rights, and functioning as a visiting law professor and IT consultant, Raja claimed the technical acumen necessary to identify systemic vulnerabilities in web hosting and domain infrastructure.

Raja’s petition sought urgent judicial intervention, specifically: * A comprehensive study into the nature and scale of cyber-attacks on state websites. * The implementation of robust preventive security measures. * Directions for law enforcement to register FIRs against the perpetrators of such attacks.

Bridging the Gap: The Judicial Strategy

Rather than tasking the court with technical audits—a field traditionally reserved for executive agencies—the bench facilitated a bridge between the petitioner’s expertise and the state’s regulatory apparatus.

The State’s counsel, representing respondents including the Office of the Special Inspector General of Police (Maharashtra Cyber) and the Mumbai Police’s Cyber Crime division, signaled readiness to cooperate. The state acknowledged that if the petitioner provided actionable proposals, the authorities would review them for technical and administrative feasibility.

Key Observations

The Court’s order centers on the principle of practical collaboration to secure public digital assets. The following observations define the court's stance:

> "Undoubtedly, there is need to prevent the government websites from the cyber-attacks."

> "The petitioner, who claims to be an expert is willing to give suggestions to the competent authority to prevent such cyber-attacks."

> "Needless to state that on receipt of such proposal/suggestions made by the petitioner, respondent nos. 4 and 6 shall take effective steps to implement the same subject to feasibility of the proposal/suggestions."

The Final Order and Its Implications

The Court ultimately disposed of the petition, granting the petitioner liberty to submit his proposals directly to the respective cyber authorities. While the court did not issue an order to register specific FIRs or mandate an immediate study, the ruling provides a legal framework for experts to contribute to state security directly.

This decision marks a significant procedural shift: by making government departments the primary recipients of actionable, expert-led feedback, the High Court has bypassed lengthy litigation in favor of a "feasibility-focused" model. For government bodies, it ensures that security protocols remain agile, while for civil society, it offers a tangible mechanism to hold institutions accountable for their digital safety.

Looking forward, the success of this directive will hinge on the responsiveness of the state’s cyber units to these upcoming proposals. Should they be implemented, it could serve as a replicable model for other states grappling with the growing challenge of digital infrastructure security.