Jyoti Bezbarua Goswami v. State of Assam
Jyoti Bezbarua Goswami v. State of Assam
In the High Court of Gauhati
WP(C) 3085/2013
Before Justice Kalyan Rai Surana
Decided on September 18, 2023
Relevancy of the case: Petition for directing the bank to refund the loss due to unauthorised online transactions through ATM card
Statutes and Provisions Involved
- The Information Technology Act, 2000 (Section 66)
- The Indian Penal Code, 1860 (Section 420)
- The Constitution of India, 1950 (Article 226)
Relevant Facts of the Case
- The petitioner holds an account in the respondent’s bank. The respondent’s bank issued her a non-e-commerce 16-digit ATM card. The respondent did not inform the CVV number to the petitioner, nor did she create a 3D password for the same.
- Within nine days in May 2012, ₹4.44 lakhs were stolen from her account via unauthorised online transactions without any SMS alerts.
- The Banking Ombudsman rejected her complaint due to a lack of evidence.
Prominent Arguments by the Advocates
- The petitioner’s counsel argued that the petitioner had received an SMS that prompted her regarding a declined transaction. She consequentially requested SBI to block her card and issue a new one.
- The second respondent’s (CID) counsel submitted that the CID investigation has led to 12 suspected IP addresses. The agency could not verify SMS alerts due to a lack of evidence.
- The third respondent’s (RBI) counsel contended that matters like this are appropriate before the Banking Ombudsman or a civil suit. Moreover, the bank did not follow the RBI-mandated additional authentication requirements for online transactions.
- The fourth and fifth respondents’ (SBI and its local branch) counsel acknowledged that the petitioner’s 19-digit card did not support e-commerce. However, it is possible that she would have shared her details with someone else. Supplementing this, the counsel stated that it is possible to divert SMS alerts. Throughout the submissions, the bank’s senior counsel maintained that one cannot carry out transactions without the card details and its corresponding password.
Opinion of the Bench
- The petitioner was a victim of a cyber crime and was not responsible for the unauthorised transactions. Moreover, the bank has failed to provide evidence of SMS alerts for the disputed transactions.
Final Decision
- The court ordered SBI to refund the lost amount within 60 days, with interest if not deposited within the stipulated time.