INFORMATION TECHNOLOGY ACT, 2000
(1) This Act may be called the Information Technology Act, 2000.
(2) It shall extend to the whole of India and, save as otherwise provided in this Act, it applies also to any offence or contravention there-under committed outside India by any person.
(3) It shall come into force on such date1 as the Central Government may, by notification, appoint and different dates may be appointed for different provisions of this Act and any reference in any such provision to the commencement of this Act shall be construed as a reference to the commencement of that provision.
2[(4) Nothing in this Act shall apply to documents or transactions specified in the First Schedule:
Provided that
(1) In this Act, unless the context otherwise requires,-
(a) "access" with its grammatical variations and cognate expressions means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network;
(b) "addressee" means a person who is intended by the originator to receive the electronic record but does not include any intermediary;
(c) "adjudicating officer" means an adjudicating officer appointed under sub-section (1) of section 46;
(d) "affixing 3[electronic signature]" with its grammatical variations and cognate expressions means adoption of any methodology or
The Information Technology Act, 2000 (IT Act) was enacted to provide legal recognition for electronic transactions and to facilitate electronic commerce in India. Section 2 of the IT Act outlines various definitions crucial for understanding the scope and application of the Act.
Section 2 of the IT Act provides definitions for key terms used throughout the legislation. This includes definitions for "computer," "data," "electronic record," and "intermediary," among others. These definitions are essential for interpreting the provisions of the Act and understanding the legal framework surrounding electronic transactions and cybercrimes.
The scope of Section 2 is broad, as it lays the foundational definitions that govern the entire IT Act. It is crucial for the interpretation of various provisions related to electronic transactions, data protection, and cybercrimes.
While Section 2 itself does not prescribe punishments, it sets the stage for understanding the applicability of other sections of the IT Act that do impose penalties for violations related to electronic records and transactions.
This commentary highlights the significance of Section 2 of the Information Technology Act, 2000, in shaping the legal landscape for electronic transactions and cyber law in India.
16[DIGITAL SIGNATURE AND ELECTRONIC SIGNATURE]
(1) Subject to the provisions of this section any subscriber may authenticate an electronic record by affixing his digital signature.
(2) The authentication of the electronic record shall be effected by the use of asymmetric crypto system and hash function which envelop and transform the initial electronic record into another electronic record.
Explanation.-For the purposes of this sub-section, "hash function" means an algorithm mapping or translation of one sequence of bits into another, generally smaller, set known as "hash result" such that an electronic record yields the same hash result every time the algorithm is executed with the same electronic record as its input making it computationally infeasible -
&
17[S. 3A. Electronic signature.—
(1) Notwithstanding anything contained in section 3, but subject to the provisions of sub-section (2), a subscriber may authenticate any electronic record by such electronic signature or electronic authentication technique which-
(a) is considered reliable; and
(b) may be specified in the Second Schedule.
(2) For the purpose of this section any electronic signature or electronic authentication technique shall be considered reliable if-
(a) the signature creation data or the authentication data are, within the context in which they are used, linked to the signatory or, as the case may be, the authenticator and to no other person;
&nbs
Where any law provides that information or any other matter shall be in writing or in the typewritten or printed form, then, not-withstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is-
(a) rendered or made available in an electronic form; and
(b) accessible so as to be usable for a subsequent reference.
S. 5. Legal recognition of
Where any law provides that information or any other matter shall be authenticated by affixing the signature or any document should be signed or bear the signature of any person then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied, if such information or matter is authenticated by means of 19[electronic signatures] affixed in such manner as may be prescribed by the Central Government.
Explanation.-For the purposes of this section, "signed", with its grammatical variations and cognate expressions, shall, with reference to a person, mean affixing of his hand written signature or any ma
S. 6. Use of electronic records and
(1) Where any law provides for-
(a) the filing of any form, application or any other document with any office, authority, body or agency owned or controlled by the appropriate Government in a particular manner;
(b) the issue or grant of any licence, permit, sanction or approval by whatever name called in a particular manner;
(c) the receipt or payment of money in a particular manner,
then, notwithstanding anything contained in any other law for the time being in force, such requirem
21[S. 6A. Delivery of service by service provider.—
(1) The appropriate Government may, for the purposes of this Chapter and for efficient delivery of services to the public through electronic means authorise, by order, any service provider to set up, maintain and upgrade the computerised facilities and perform such other service as it may specify by notification in the Official Gazette.
Explanation.-For the purposes of this section, service provider so authorised includes any individual, private agency, private company, partnership firm, sole proprietor firm or any such other body or agency which has been granted permission by the appropriate Government to offer services through electronic means in accordance with the policy governing such service sector.
(2)
(1) Where any law provides that documents, records or information shall be retained for any specific period, then, that requirement shall be deemed to have been satisfied if such documents, records or information are retained in the electronic form, if-
(a) the information contained therein remains accessible so as to be usable for a subsequent reference;
(b) the electronic record is retained in the format in which it was originally generated, sent or received or in a format, which can be demonstrated to represent accurately the information originally generated, sent or received;
(c) the details which will facilitate the identification of the origin, destination, date and time of dispatch or receipt of such electronic record are available in the electronic record:
&n
22[S. 7A. Audit of documents etc., maintained in electronic form.—
Where in any law for the time being in force, there is a provision for audit of documents, records or information, that provision shall also be applicable for audit of documents, records or information processed and maintained in the electronic form.]
_______________________________
22. Inserted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 8 (w.e.f. 27-10- 2009).
Where any law provides that any rule, regulation, order, bye-law, notification or any other matter shall be published in the Official Gazette, then, such requirement shall be deemed to have been satisfied if such rule, regulation, order, bye-law, notification or any other matter is published in the Official Gazette or Electronic Gazette:
Provided that where any rule, regulation, order, bye-law, notifications or any other matter is published in the official gazette or Electronic Gazette, the date of publication shall be deemed to be the date of that Official Gazette which was first published in any form.
Nothing contained in sections 6, 7 and 8 shall confer a right upon any person to insist that any Ministry or Department of the Central Government or the State Government or any authority or body established by or under any law or controlled or funded by the Central or State Government should accept, issue, create, retain, preserve any document in the form of electronic records or effect any monetary transaction in the electronic form.
S. 10. Power to make rules by Central Government in respect of23[electronic signature].—
The Central Government may, for the purposes of this Act, by rules, prescribe-
(a) the type of 24[electronic signature];
(b) the manner and format in which the digital signature shall be affixed;
(c) the manner or procedure, which facilitates identification of the person affixing the 25[electronic signature];
(d) control processes and procedures to ensure adequate integrity, security and confidentiality of electronic records or payments; and
(e) any other matter which is necessary to give legal effect
27[S. 10A. Validity of contracts formed through electronic means.—
Where in a contract formation, the communication of proposals, the acceptance of proposals, the revocation of proposals and acceptances, as the case may be, are expressed in electronic form or by means of an electronic record, such contract shall not be deemed to be unenforceable solely on the ground that such electronic form or means was used for that purpose.]
__________________________________________
27. Inserted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 9 (w.e.f. 27-10- 2009).
An electronic record shall be attributed to the originator-
(a) if it was sent by the originator himself;
(b) by a person who had the authority to act on behalf of the originator in respect of that electronic record; or
(c) by an information system programmed by or on behalf of the originator to operate automatically.
(1) Where the originator has not agreed with the addressee that the acknowledgment of receipt of electronic record be given in a particular form or by a particular method, an acknowledgment may be given by-
(a) any communication by the addressee, automated or otherwise; or
(b) any conduct of the addressee, sufficient to indicate to the originator that the electronic record has been received.
(2) Where the originator has stipulated that the electronic record shall be binding only on receipt of an acknowledgment of such electronic record by him, then unless acknowledgment has been so received, the electronic record shall be deemed to have been never sent by the originator.
(3) Where the originator has not stipulated that the electronic record shall be
Section 12 of the Information Technology Act, 2000 (IT Act) primarily deals with the acknowledgment of receipt of electronic records, establishing the legal framework for the recognition of electronic communications and transactions. It aims to facilitate secure and reliable electronic exchanges, ensuring that parties can rely on electronic acknowledgments similar to traditional paper-based methods.
Section 12 stipulates that when an electronic record is sent, the originator may require an acknowledgment of receipt from the recipient, which shall be binding only upon receipt, unless otherwise stipulated. It provides provisions for the manner of acknowledgment, whether in a particular form or method, and emphasizes that such acknowledgment can be in any form unless specifically required otherwise by the originator.
Section 12 applies to electronic records exchanged between parties, particularly in commercial transactions, contracts, and official communications. It recognizes electronic acknowledgment as a valid form of confirming receipt, thus promoting trust and efficiency in electronic commerce. It is applicable across various sectors including banking, government, and private enterprises, provided the parties agree to such electronic communication methods.
Section 12 itself does not prescribe any specific punishment. However, violations related to false acknowledgment or breach of electronic communication protocols may attract penalties under other provisions of the IT Act, such as Sections 66, 66C, or 66D, which deal with cyber offenses, forgery, and cheating.
Note: The references are based on the provided sources, primarily emphasizing the legal recognition, scope, and implications of Section 12 within the framework of the IT Act and related legal principles.
(1) Save as otherwise agreed to between the originator and the addressee, the dispatch of an electronic record occurs when it enters a computer resource outside the control of the originator.
(2) Save as otherwise agreed between the originator and the addressee, the time of receipt of an electronic record shall be determined as follows, namely:-
(a) if the addressee has designated a computer resource for the purpose of receiving electronic records,-
(i) receipt occurs at the time when the electronic record enters the designated computer resource; or
(ii) if the electronic record is sent to a computer resource of the addressee that is not the designated computer resource, receipt occurs at the time when the electronic record is retrieved by the addre
SECURE ELECTRONIC RECORDS AND SECURE
Where any security procedure has been applied to an electronic record at a specific point of time, then such record shall be deemed to be a secure electronic record from such point of time to the time of verification.
____________________________________________
28. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 2 for ‘DIGITAL SIGNATURES’ (w.e.f. 27-10-2009).
29[S. 15. Secure electronic signature.—
An electronic signature shall be deemed to be a secure electronic signature if-
(i) the signature creation data, at the time of affixing signature, was under the exclusive control of signatory and no other person; and
(ii) the signature creation data was stored and affixed in such exclusive manner as may be prescribed.
Explanation.-In case of digital signature, the "signature creation data" means the private key of the subscriber.
___________________
29. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 11 (w.e.f. 27-10-2009).
The Central Government may for the purposes of sections 14 and 15, prescribe the security procedures and practices:
Provided that in prescribing such security procedures and practices, the Central Government shall have regard to the commercial circumstances, nature of transactions and such other related factors as it may consider appropriate.
(1) The Central Government may, by notification in the Official Gazette, appoint a Controller of Certifying Authorities for the purposes of this Act and may also by the same or subsequent notification appoint such number of Deputy Controllers 30[Assistant Controllers, other officers and employees] as it deems fit.
(2) The Controller shall discharge his functions under this Act subject to the general control and directions of the Central Government.
(3) The Deputy Controllers and Assistant Controllers shall perform the functions assigned to them by the Controller under the general superintendent and control of the Controller.
(4) The qualifications, experience and terms and conditions of service of Controller, Deputy Controllers 31[Assistant Controllers, othe
The Controller may perform all or any of the following functions, namely:-
(a) exercising supervision over the activities of the Certifying Authorities;
(b) certifying public keys of the certifying authorities;
(c) laying down the standards to be maintained by the Certifying Authorities;
(d) specifying the qualifications and experience which employees of the Certifying Authorities should possess;
(e) specifying the conditions subject to which the Certifying Authorities shall conduct their business;
(f) specifying the contents of written, printed or visual material and advertisements that may be distributed or used in respect of a Digital Signature Certificate a
(1) Subject to such conditions and restrictions as may be specified by regulations, the Controller may with the previous approval of the Central Government, and by notification in the Official Gazette, recognise any Foreign Certifying Authority as a Certifying Authority for the purposes of this Act.
(2) Where any Certifying Authority is recognised under sub-section (1), the 32[Electronic Signature] Certificate issued by such Certifying Authority shall be valid for the purposes of this Act.
(3) The Controller may, if he is satisfied that any Certifying Authority has contravened any of the conditions and restrictions subject to which it was granted recognition under sub-section (1) he may, for reasons to be recorded in writing, by notification in the Official Gazette, revoke such recognition.
&n
33[* * * * *]
_________________________________
33. Omitted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 13 (w.e.f. 27-10- 2009).
S. 21. Licence to issue 34[Electronic Signature] Certificates.—
(1) Subject to the provisions of sub-section (2), any person may make` an application, to the Controller, for a licence to issue Digital Signature Certificates.
(2) No licence shall be issued under sub-section (7), unless the applicant fulfills such requirements with respect to qualification, expertise, manpower, financial resources and other infrastructure facilities, which are necessary to issue Digital Signature Certificates as may be prescribed by the Central Government.
(3) A licence granted under this section shall-
(a) be valid for such period as may be prescribed by the Central Government;
(b) not be transferab
(1) Every application for issue of a licence shall be in such form as may be prescribed by the Central Government.
(2) Every application for issue of a licence shall be accompanied by-
(a) a certification practice statement;
(b) a statement including the procedures with respect to identification of the applicant;
(c) payment of such fees, not exceeding twenty-five thousand rupees as may be prescribed by the Central Government;
(d) such other documents, as may be prescribed by the Central Government.
An application for renewal of a licence shall be-
(a) in such form;
(b) accompanied by such fees, not exceeding five thousand rupees,
as may be prescribed by the Central Government and shall be made not less than forty-five days before the date of expiry of the period of validity of the licence:
Provided that an application for the renewal of the licence made after the expiry of the licence may be entertained on payment of such late fee, not exceeding five hundred rupees, as may be prescribed.
The Controller may, on receipt of an application under sub-section (1) of section 21, after considering the documents accompanying the application and such other factors, as he deems fit, grant the licence or reject the application:
Provided that no application shall be rejected under this section unless the applicant has been given a reasonable opportunity of presenting his case.
(1) The Controller may, if he is satisfied after making such inquiry, as he may think fit, that a Certifying Authority has,-
(a) made a statement in, or in relation to, the application for the issue or renewal of the licence, which is incorrect or false in material particulars;
(b) failed to comply with the terms and conditions subject to which the licence was granted;
35[(c) failed to maintain the procedures and standards specified in section 30];
(d) contravened any provisions of this Act, rule, regulation or order made thereunder, revoke the licence:
Provided that no licence shall be revoked unless the Certifying Authority has been given a reasonable opportunity of showing cause again
Section 25 of the IT Act, 2000, pertains to the suspension of licenses granted to Certifying Authorities (CAs). It is a crucial provision that ensures regulatory oversight and compliance within the digital certification ecosystem, aiming to maintain trust and security in electronic transactions.
Section 25 states that the Controller of Certifying Authorities (CCA) may, after making an inquiry, suspend the license of a Certifying Authority if it is satisfied that the CA has violated provisions of the Act, rules, or regulations. The section emphasizes the procedural fairness by requiring the CA to be given a reasonable opportunity to show cause before suspension.
Section 25 itself does not prescribe penal consequences but provides for regulatory action—suspension of licenses. However, violations of the Act, rules, or regulations by CAs may attract penalties under other provisions of the IT Act, such as Sections 66, 66A, or 66F, which prescribe imprisonment, fines, or both.
This concise commentary and the bullet-point legal insights encapsulate the core principles, scope, and significance of Section 25 of the IT Act, 2000, within the context of electronic governance and cyber regulation.
(1) Where the licence of the Certifying Authority is suspended or revoked, the Controller shall publish notice of such suspension or revocation, as the case may be, in the data-base maintained by him.
(2) Where one or more repositories are specified, the Controller shall publish notices of such suspension or revocation, as the case may be, in all such repositories.
Provided that the data base containing the notice of such suspension or revocation, as the case may be, shall be made available through a web site which shall be accessible round the clock:
Provided further that the Controller may, if he considers necessary, publicise the contents of data base in such electronic or other media, as he may consider appropriate.
The Controller may, in writing, authorise the Deputy Controller, Assistant Controller or any officer to exercise any of the powers of the Controller under this Chapter.
(1) The Controller or any officer authorised by him in this behalf shall take up for investigation any contravention of the provisions of this Act, rules or regulations made thereunder.
(2) The Controller or any officer authorised by him in this behalf shall exercise the like powers which are conferred on Income-tax authorities under Chapter XIII of the Income-tax Act, 1961 (43 of 1961) and shall exercise such powers, subject to such limitations laid down under that Act.
(1) Without prejudice to the provisions of sub-section (1) of section 69, the Controller or any person authorised by him shall, if he has reasonable cause to suspect that 37[any contravention of the provisions of this chapter], has been committed, have access to any computer system, any apparatus, data or any other material connected with such system, for the purpose of searching or causing a search to be made for obtaining any information or data contained in or available to such computer system.
(2) For the purposes of sub-section (1), the Controller or any person authorised by him may, by order, direct any person incharge of, or otherwise concerned with the operation of, the computer system, data apparatus or material, to provide him with such reasonable technical and other assistance as he may consider necessary.
__
Every Certifying Authority shall-
(a) make use of hardware, software, and procedures that are secure from intrusion and misuse:
(b) provide a reasonable level of reliability in its services which are reasonably suited to the performance of intended functions;
(c) adhere to security procedures to ensure that the secrecy and privacy of the 38[electronic signatures] are assured; 39[* * *]
40[(ca) be the repository of all Electronic Signature Certificates issued under this Act;
(cb) publish information regarding its practices, Electronic Signature Certificates and current status of such certificates; and]
(d) ob
Every Certifying Authority shall ensure that every person employed or otherwise engaged by it complies, in the course of his employment or engagement, with the provisions of this Act, rules, regulations and orders made thereunder.
Every Certifying Authority shall display its licence at a conspicuous place of the premises in which it carries on its business.
(1) Every Certifying Authority whose licence is suspended or revoked shall immediately after such suspension or revocation, surrender the licence to the Controller.
(2) Where any Certifying Authority fails to surrender a licence under sub-section (1), the person in whose favour a licence is issued, shall be guilty of an offence and shall be punished with imprisonment which may extend up to six months or a fine which may extend up to ten thousand rupees or with both.
(1) Every Certifying Authority shall disclose in the manner specified by regulations-
(a) its 41[Electronic Signatures] Certificate 42[* * *]
(b) any certification practice statement relevant thereto;
(c) notice of the revocation or suspension of its Certifying Authority certificate, if any; and
(d) any other fact that materially and adversely affects either the reliability of a 43[Electronic Signature] Certificate, which that Authority has issued, or the Authority's ability to perform its services.
(2) Where in the opinion of the Certifying Authority any event has occurred or any situation has arisen which may materially and adversely affect the integ
45[ELECTRONIC SIGNATURE] CERTIFICATES 35
S. 35. Certifying Authority to issue 46[Electronic Signature] Certificate.—
(1) Any person may make an application to the Certifying Authority for the issue of a 47[Electronic Signature] Certificate in such form as may be prescribed by the Central Government.
(2) Every such application shall be accompanied by such fee not exceeding twenty-five thousand rupees as may be prescribed by the Central Government, to be paid to the Certifying Authority:
Provided that while prescribing fees under sub-section (2) different fees may be prescribed for different classes of applicants.
A Certifying Authority while issuing a Digital Signature Certificate shall certify that-
(a) it has complied with the provisions of this Act and the rules and regulations made thereunder;
(b) it has published the Digital Signature Certificate or otherwise made it available to such person relying on it and the subscriber has accepted it;
(c) the subscriber holds the private key corresponding to the public key, listed in the Digital Signature Certificate;
51[(ca) the subscriber holds a private key which is capable of creating a digital signature
(cb) the public key to be listed in the certificate can be used to verify a digital signature affixed by the private key held by the subscriber;]<
(1) Subject to the provisions of sub-section (2), the Certifying Authority which has issued a Digital Signature Certificate may suspend such Digital Signature Certificate,-
(a) on receipt of a request to that effect from-
(i) the subscriber listed in the Digital Signature Certificate; or
(ii) any person duly authorised to act on behalf of that subscriber;
(b) if it is of opinion that the Digital Signature Certificate should be suspended in public interest.
(2) A Digital Signature Certificate shall not be suspended for a period exceeding fifteen days unless the subscriber has been given an opportunity of being heard in the matter.
(3) On suspension of a Digital
(1) A Certifying Authority may revoke a Digital Signature Certificate issued by it-
(a) where the subscriber or any other person authorised by him makes a request to that effect; or
(b) upon the death of the subscriber; or
(c) upon the dissolution of the firm or winding up of the company where the subscriber is a firm or a company.
(2) Subject to the provisions of sub-section (3) and without prejudice to the provisions of sub-section (1), a Certifying Authority may revoke a Digital Signature Certificate which has been issued by it at any time, if it is of opinion that-
(a) a material fact represented in the Digital Signature Certificate is false or has been concealed;
&nbs
(1) Where a Digital Signature Certificate is suspended or revoked under section 37 or section 38, the Certifying Authority shall publish a notice of such suspension or revocation, as the case may be, in the repository specified in the Digital Signature Certificate for publication of such notice.
(2) Where one or more repositories are specified, the Certifying Authority shall publish notices of such suspension or revocation, as the case may be, in all such repositories.
Where any Digital Signature Certificate, the public key of which corresponds to the private key of that subscriber which is to be listed in the Digital Signature Certificate has been accepted by a subscriber, 52[* *], the subscriber shall generate 53[that key] pair by applying the security procedure.
_____________________________________
52. The word 'then' omitted by the I.T. (Removal of Difficulties) Order, 2002 vide Notfn. No. S.O. 1015(E), dt. 19-9-2002.
53. The words 'the key' subs. by the I.T. (Removal of Difficulties) Order, 2002 vide Notfn. No. S.O. 1015(E), dt. 19-9-2002.
54[S. 40A. Duties of subscriber of Electronic Signature Certificate.—
In respect of Electronic Signature Certificate the subscriber shall perform such duties as may be prescribed.]
________________________________
54. Inserted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 19 (w.e.f. 27-10- 2009).
(1) A subscriber shall be deemed to have accepted a Digital Signature Certificate if he publishes or authorises the publication of a Digital Signature Certificate-
(a) to one or more persons;
(b) in a repository, or
otherwise demonstrates his approval of the Digital Signature Certificate in any manner.
(2) By accepting a Digital Signature Certificate the subscriber certifies to all who reasonably rely on the information contained in the Digital Signature Certificate that-
(a) the subscriber holds the private key corresponding to the public key listed in the Digital Signature Certificate and is entitled to hold the same;
(b) all representations made by the subsc
(1) Every subscriber shall exercise reasonable care to retain control of the private key corresponding to the public key listed in his Digital Signature Certificate and take all steps to prevent its disclosure 55[* * * *].
(2) If the private key corresponding to the public key listed in the Digital Signature Certificate has been compromised, then, the subscriber shall communicate the same without any delay to the Certifying Authority in such manner as may be specified by the regulations.
Explanation.-For the removal of doubts, it is hereby declared that the subscriber shall be liable till he has informed the Certifying Authority that the private key has been compromised.
______________________________
55. The words 'to a person not
56[PENALTIES, COMPENSATION AND ADJUDICATION]
S. 43. 57[Penalty and compensation] for damage to computer, computer system, etc.—
If any person without permission of the owner or any other person who is incharge of a computer, computer system or computer network,-
(a) accesses or secures access to such computer, computer system or computer network 58[or computer resource]
(b) downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium;
(c) introduces or causes to be introduc
Section 43 of the Information Technology Act, 2000, primarily addresses civil liabilities arising from unauthorized actions involving computer systems and networks. It establishes the basis for damages and compensation for damage or loss caused due to certain acts committed without permission, reflecting the law's focus on protecting digital infrastructure and data integrity.
Section 43 stipulates that any person who, without permission of the owner or any other person in charge of a computer, computer system, or computer network—by destroying, damaging, deleting, altering, or disclosing data—causes damage shall be liable to pay damages by way of compensation to the affected party. It also covers acts like unauthorized access, downloading, copying, or introducing viruses, among others, which result in damage or loss.
Section 43 does not prescribe criminal punishment but provides a mechanism for claiming damages through civil proceedings. The affected party can file a suit for damages before a competent court, which may award compensation based on the damage caused.
In conclusion, Section 43 of the IT Act, 2000, primarily addresses civil liabilities for damage caused due to unauthorized acts involving computers and networks, serving as a crucial mechanism for protecting digital data and infrastructure through damages and compensation. It complements criminal provisions and reinforces the law's objective to foster a secure digital environment.
Note: The references are based on the provided sources and are formatted as per instructions.
62[S. 43A. Compensation for failure to protect data.—
Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, in negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation to the person so affected.
Explanation.-For the purposes of this section,-
(i) "body corporate" means any company and includes a firm, sole proprietorship or other association of individuals engaged in commercial or professional activities;
&nbs
The Information Technology Act, 2000 (IT Act) was enacted to provide legal recognition for electronic transactions, facilitate e-governance, and ensure the security of electronic data. Section 43 of the IT Act specifically addresses penalties and compensation for unauthorized access and damage to computer systems.
Section 43(a) of the IT Act states that if any person, without permission of the owner or any other person in charge of a computer, computer system, or computer network, accesses or secures access to such computer, computer system, or computer network, they shall be liable to pay damages by way of compensation to the person affected.
Section 43(a) covers a wide range of unauthorized actions, including accessing, securing access, and causing damage to computer systems. It serves as a civil remedy for individuals or entities affected by such unauthorized actions.
While Section 43 itself deals with civil liability, Section 66 of the IT Act prescribes criminal penalties for acts done with dishonest or fraudulent intent, including imprisonment for up to three years or a fine that may extend to five lakh rupees.
Unauthorized Access - Section 43(a) penalizes unauthorized access to computer systems, emphasizing the need for permission from the owner or authorized person. - [ BAJRANG GUPTA VS CBI]
Civil Liability - The section provides a mechanism for civil liability, allowing affected parties to seek compensation for damages incurred due to unauthorized access. - [ Gagan Harsh Sharma VS State of Maharashtra]
Concurrent Remedies - Section 43(a) and Section 66 provide concurrent remedies for unauthorized access, allowing for both civil and criminal actions. - [ P. Abdul Razak VS State Rep. by Deputy Superintendent of Police, CBCID, Chennai]
Dishonest Intent - If the unauthorized access is done with dishonest or fraudulent intent, it escalates to a criminal offense under Section 66. - [ Gagan Harsh Sharma VS State of Maharashtra]
Judicial Interpretation - Courts have interpreted Section 43(a) as a means to protect the integrity of computer systems and data, reinforcing the importance of cybersecurity. - [ State Bank of India VS Chander Kalani]
Scope of Damage - The term "damage" under Section 43(a) includes not only physical damage but also loss of data and unauthorized alteration of information. - [ Gagan Harsh Sharma VS State of Maharashtra]
Compensation Claims - Affected individuals can file claims for compensation under Section 43(a) in civil courts, making it a vital tool for victims of cybercrimes. - [ Gagan Harsh Sharma VS State of Maharashtra]
Jurisdictional Issues - The applicability of Section 43(a) may vary based on jurisdiction, as seen in cases where courts have quashed notices due to lack of jurisdiction. - [ Lovish Kathuria VS State Of Punjab]
Legal Framework - The IT Act provides a comprehensive legal framework for addressing cybercrimes, with Section 43(a) being a critical component in safeguarding digital assets. - [ Gagan Harsh Sharma VS State of Maharashtra]
Prosecution Without Sanction - The IT Act does not require prior sanction for prosecution under Sections 43 and 66, allowing law enforcement to act swiftly against cyber offenses. - [ P. Abdul Razak VS State Rep. by Deputy Superintendent of Police, CBCID, Chennai]
Impact on E-Commerce - Section 43(a) plays a crucial role in fostering trust in e-commerce by penalizing unauthorized access and ensuring data protection. - [ Gagan Harsh Sharma VS State of Maharashtra]
Legal Precedents - Judicial decisions have reinforced the interpretation of Section 43(a) as essential for maintaining cybersecurity and protecting individuals' rights in the digital space. - [ State Bank of India VS Chander Kalani]
Cybersecurity Measures - The enactment of Section 43(a) encourages organizations to implement robust cybersecurity measures to prevent unauthorized access and potential liabilities. - [ Gagan Harsh Sharma VS State of Maharashtra]
Public Awareness - There is a need for increased public awareness regarding the implications of Section 43(a) to deter unauthorized access and promote responsible digital behavior. - [ Gagan Harsh Sharma VS State of Maharashtra]
Evolving Cyber Threats - As cyber threats evolve, the provisions of Section 43(a) must be continuously assessed and updated to address new forms of unauthorized access. - [ Gagan Harsh Sharma VS State of Maharashtra]
Interplay with IPC - The relationship between Section 43(a) and relevant provisions of the Indian Penal Code (IPC) highlights the need for a cohesive approach to cybercrime legislation. - [ BAJRANG GUPTA VS CBI]
Enforcement Challenges - Law enforcement agencies face challenges in investigating cybercrimes under Section 43(a) due to the technical nature of offenses and jurisdictional complexities. - [ Lovish Kathuria VS State Of Punjab]
Role of Technology - The implementation of technology in monitoring and preventing unauthorized access is crucial for compliance with Section 43(a) and enhancing cybersecurity. - [ Gagan Harsh Sharma VS State of Maharashtra]
Future Amendments - Future amendments to the IT Act may be necessary to address emerging cyber threats and enhance the effectiveness of Section 43(a) in protecting digital assets. - [ Gagan Harsh Sharma VS State of Maharashtra]
If any person who is required under this Act or any rules or regulations made thereunder to-
(a) furnish any document, return or report to the Controller or the Certifying Authority fails to furnish the same, he shall be liable to a penalty not exceeding one lakh and fifty thousand rupees for each such failure;
(b) file any return or furnish any information, books or other documents within the time specified therefor in the regulations fails to file return or furnish the same within the time specified therefore in the regulations, he shall be liable to a penalty not exceeding five thousand rupees for every day during which such failure continues;
(c) maintain books of account or records fails to maintain the same, he shall be liable to a penalty not exceeding ten thousand rupees for every day
Legal Comments
"Scope of Section 44" - Section 44 deals with penalties for contravention where no specific penalty is provided; it empowers the Central Government to issue directions or lay down penalties for offences under the IT Act not otherwise prescribed in other sections - [Tarun Tyagi VS Central Bureau of Investigation]
"Essential ingredients" - Section 44 requires presence of contravention of any provision of the IT Act or rules where no other penalty is provided; the remedy is-by-default penalty or compensation as prescribed - [02500100082]
"Punishment for Section" - Section 44 provides residual penalties; it contemplates imprisonment up to a specified term or fine, depending on the nature of contravention, when no other penalty is provided in the Act -
"What does Section Says" - It covers offences where no specific penalty is laid down, enabling Central Government to provide for penalties to ensure effective enforcement; it functions as a catch-all remedial provision -
"Introduction" - Information Technology Act, 2000 (as amended) creates a framework for cyber offences and intermediary liability; Section 44 forms part of the penal provisions, supplementing other explicit sections like 43, 66, etc. -
"Relation to other penalties" - Section 44 operates in tandem with Sections 43–47; when a specific penalty is not stated for a contravention, Section 44 fills the gap by prescribing appropriate punishment - [Anand Kumar Sahu VS State Of Jharkhand]
"Interpretation principle" - Where statutory scheme provides a detailed penalty structure for particular offences, Section 44 does not automatically apply; it only governs residual penalties for other contraventions - [Rajesh, S/o. Dhananjayan VS State Of Kerala, Represented By The Public Prosecutor, High Court Of Kerala]
"Application to intermediaries" - While Section 79 and the IT Rules govern intermediary liability, Section 44 may come into play for contraventions not specifically punishable otherwise; however, interplay depends on the particular charge and whether a specific penalty exists in sub-sections like 66A (struck down) or 43, 43-D, 44, 45 - [Binoy Viswam VS Union of India]
"Judicial treatment in defamation and IT Act" - Courts have addressed the scope of penalties under IT Act provisions; where a separate offence exists (e.g., defamation under IPC or Section 66 of IT Act), Section 44's residual penalties may not be applicable if a more specific penalty is provided elsewhere - [Manoj Oswal VS State of Maharashtra, Through Sr. P. I]
"Quashing and procedural context" - In matters where FIRs or charge-sheets are challenged, courts often examine whether the relevant sub-section provides a penalty; if not, Section 44 may be invoked to sanction punishments for contraventions of IT Act provisions where no penalty is provided - [Imtionenla Walling D/o Rema Pongen VS State of Nagaland]
"Connection with Section 43/66" - Section 44 cannot override the prescriptive penalties in Sections 43–67; it applies only where no other penalty is expressly provided for a given contravention; this ensures proportionate and legally consistent punishment - [00400058148]
"Relation to Aadhaar and CIDR provisions" - Where offences concern data security, privacy, or breach of CIDR, penalties may arise under Sections 43–47; Section 44 may be invoked in exceptional contraventions where no explicit penalty exists - [Justice K. S. Puttaswamy (Retd. ) VS Union of India]
"Administrative/central direction relevance" - Section 44 empowers the Central Government to specify penalties by rule or notification for offences not otherwise enumerated in the IT Act; this reinforces central supervisory control over cyber offences -
"Process to apply" - The application of Section 44 typically follows after a finding of contravention by the adjudicating authority or court when no other penalty provision applies; it is not a standalone automatic liability but relies on the existence of a contravention without a specific penalty - [02500100082]
"Interaction with 2008 Amendment" - Amendments expanding exemptions and establishing 69A/69B provisions illustrate that penalties under Section 44 must align with the evolving statutory framework; care is needed to avoid duplicative or inconsistent penalties - [Harsh Kadam @ Hitendra Kumar VS State of U. P. Thru Prin. Secy. Home]
"Case-law example (restitution context)" - In several judgments, Section 44 was referenced to determine remedial penalties or compensation where the IT Act’s other sections do not prescribe; the exact quantum or term depends on the contravention and central directives - [B. N. Firos VS State of Kerala, Rep. by its Secretary Department of Information Technology]
"Public interest and deterrence" - Section 44 serves as a deterrent and fallback mechanism to address non-stipulated contraventions, ensuring that offenders face consequences even when no explicit penalty is stated - [ARUN R. K. S/O MADHUSOODANAN P. VS STATE OF KERALA]
"Synthesis on scope" - Section 44 complements the IT Act’s structured penalties by filling gaps; it does not supplant explicit penalties but operates as a residuary provision to maintain enforcement integrity - [01100072817]
"Procedural safeguards" - While Section 69A and IT Rules provide procedural safeguards for blocking and intermediate actions, Section 44’s penalties are generally applied after due process in adjudication; it is not the primary procedural framework for information blocking - [Facebook. Inc VS State of West Bengal]
"Practical takeaway" - For practitioners, Section 44 may become applicable in cases where a specific offence under the IT Act is alleged without a corresponding penalty; counsel should verify whether another provision prescribes a penalty before invoking Section 44 - [Vishal H. Shah s/o late Hasmukh D. Shah VS State of Jharkhand]
"Limitations" - Section 44 cannot be used to import generic penalties where the statute already prescribes a particular punishment; its application is circumscribed by the presence or absence of an explicit penalty in relation to the alleged contravention - [BIKRAM CHHOTARAY VS STATE OF ODISHA]
"Illustrative statutory cross-reference" - The Act’s structure shows that penalties are primarily defined in Sections 43–67; Section 44 acts as a legislative safety net for non-stipulated offences, subject to constitutional and due process constraints - [S. Harish VS Inspector of Police, AWPS – Ambattur, Chennai]
"Judicial caution" - Courts have emphasized narrow interpretation of IT Act provisions; Section 44 should be invoked with caution and in alignment with the Act’s overall penal scheme to avoid incompatibility with due process or constitutional rights - [Facebook Inc VS Surinder Malik]
Whoever contravenes any rules or regulations made under this Act, for the contravention of which no penalty has been separately provided, shall be liable to pay a compensation not exceeding twenty-five thousand rupees to the person affected by such contravention or a penalty not exceeding twenty-five thousand rupees.
(1) For the purpose of adjudging under this Chapter whether any person has committed a contravention of any of the provisions of this Act or of any rule, regulation, 63[direction or order made thereunder which renders him liable to pay penalty or compensation] the Central Government shall, subject to the provisions of sub-section (3), appoint any officer not below the rank of a Director to the Government of India or an equivalent officer of a State Government to be an adjudicating officer for holding an inquiry in the manner prescribed by the Central Government.
64[(1A) The adjudicating officer appointed under sub-section (1) shall exercise jurisdiction to adjudicate matters in which the claim for injury or damage does not exceed rupees five crore:
Provided that the jurisdiction in respect of the claim
While adjudging the quantum of compensation under this Chapter, the adjudicating officer shall have due regard to the following factors, namely-
(a) the amount of gain of unfair advantage, wherever quantifiable, made as a result of the default;
(b) the amount of loss caused to any person as a result of the default;
(c) the repetitive nature of the default.
THE CYBER 66[*] APPELLATE TRIBUNAL
(1) The Central Government shall, by notification, establish one or more appellate tribunals to be known as the Cyber 67[*] Appellate Tribunal.
(2) The Central Government shall also specify, in the notification referred to in sub-section (1), the matters and places in relation to which the Cyber Appellate Tribunal may exercise jurisdiction.
__________________________
66. Word “REGULATIONS” omitted by Information Technology (Amendment) Act, 2008 (10 of 2009) (w.e.f. 27-10-2009).
67. Word "Regulations" omitted by Information Technology (Amendment) Act, 2008 (10 of 2009) (w.e.f. 27-10-2009).
68[S. 49. Composition of Cyber Appellate Tribunal.—
(1) The Cyber Appellate Tribunal shall consist of a Chairperson and such number of other Members, as the Central Government may, by notification in the Official Gazette, appoint:
Provided that the person appointed as the Presiding Officer of the Cyber Appellate Tribunal under the provisions of this Act immediately before the commencement of the Information Technology (Amendment) Act, 2008 shall be deemed to have been appointed as the Chairperson of the said Cyber Appellate Tribunal under the provisions of this Act as amended by the Information Technology (Amendment) Act, 2008.
(2) The selection of Chairperson and Members of the Cyber Appellate Tribunal shall be made by the Central Government in consultation with the Ch
(1) A person shall not be qualified for appointment as a Chair person of the Cyber Appellate Tribunal unless he is, or has been, or is qualified to be, a Judge of a High Court.
(2) The Members of the Cyber Appellate Tribunal, except the Judicial Member to be appointed under sub-section (3), shall be appointed by the Central Government from amongst persons, having special knowledge of, and professional experience in, information technology, telecommunication, industry, management or consumer affairs:
Provided that a person shall not be appointed as a Member, unless he is, or has been, in the service of the Central Government or a State Government, as has held the post of Additional Secretary to the Government of India or any equivalent post in the Central Government or State Government for a period of not less than one year or Joint Secre
(1) The Chairperson or Member of the Cyber Appellate Tribunal shall hold office for a term of five years from the date on which he enters upon his office or until he attains the age of sixty-five years, whichever is earlier.
(2) Before appointing any person as the Chairperson or Member of the Cyber Appellate Tribunal, the Central Government shall satisfy itself that the person does not have any such financial or other interest as is likely to affect prejudicially his functions as such Chairperson or Member.
(3) An officer of the Central Government or State Government on his selection as the Chairperson or Member of the Cyber Appellate Tribunal, as the case may be, shall have to retire from service before joining as such Chairperson or Member.
The salary and allowances payable to, and the other terms and conditions of service including pension, gratuity and other retirement benefits of, the Chairperson or a Member of the Cyber Appellate Tribunal shall be such as may be prescribed.
The Chairperson of the Cyber Appellate Tribunal shall have powers of general superintendence and directions in the conduct of the affairs of that Tribunal and he shall, in addition to presiding over the meetings of the Tribunal, exercise and discharge such powers and functions of the Tribunal as may be prescribed.
The Information Technology Act, 2000 (IT Act) was enacted to provide legal recognition for electronic transactions and to facilitate e-governance in India. Section 52(a) specifically addresses the issue of copyright infringement in the digital realm, aiming to protect the rights of copyright holders while balancing the interests of users.
Section 52(a) of the IT Act provides exceptions to copyright infringement, allowing for certain uses of copyrighted material without the need for permission from the copyright owner. This section is crucial for promoting the free flow of information and innovation in the digital space.
The scope of Section 52(a) is broad, covering various forms of digital content including text, images, and software. It aims to strike a balance between protecting intellectual property and allowing for the dissemination of information.
While Section 52(a) itself does not prescribe punishment, violations of copyright law can lead to penalties under other sections of the IT Act and the Copyright Act, including fines and imprisonment.
Where Benches are constituted, the Chairperson of the Cyber Appellate Tribunal may, by order, distribute the business of that Tribunal amongst the Benches and also the matters to be dealt with the each Bench.
On the application of any of the parties and after notice to the parties, and after hearing such of them as he may deem proper to be heard, or suo motu without such notice, the Chairperson of the Cyber Appellate Tribunal may transfer any case pending before one Bench, for disposal to any other Bench.
If the Members of a Bench consisting of two Members differ in opinion on any point, they shall state the point or points on which they differ, and make a reference to the Chairperson of the Cyber Appellate Tribunal who shall hear the point or points himself and such point or points shall be decided according to the opinion of the majority of the Members who have heard the case, including those who first heard it.]
If, for reason other than temporary absence, any vacancy occurs in the office of the 69[Chairperson or Member as the case may be] Presiding Officer of a Cyber Appellate Tribunal, then the Central Government shall appoint another person in accordance with the provisions of this Act to fill the vacancy and the proceedings may be continued before the Cyber Appellate Tribunal from the stage at which the vacancy is filled.
___________________________
69. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 28 for "Presiding officer" (w.e.f. 27-10-2009).
(1) The 70[Chairperson or the member] of a Cyber Appellate Tribunal may, by notice in writing under his hand addressed to the Central Government, resign his office:
Provided that the said 71[Chairperson or the member] shall, unless he is permitted by the Central Government to relinquish his office sooner, continue to hold office until the expiry of three months from the date of receipt of such notice or until a person duly appointed as his successor enters upon his office or until the expiry of his term of office, whichever is the earliest.
(2) The 72[Chairperson or the member] of a Cyber Appellate Tribunal shall not be removed from his office except by an order by the Central Government on the ground of proved misbehaviour or incapacity after an inquiry made by a Judge of the Supreme
No order of the Central Government appointing any person as the 74[Chairperson or the member] of a Cyber Appellate Tribunal shall be called in question in any manner and no act or proceeding before a Cyber Appellate Tribunal shall be called in question in any manner on the ground merely of any defect in the constitution of a Cyber Appellate Tribunal.
__________________________________
74. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 29 for "Presiding officer" (w.e.f. 27-10-2009).
(1) The Central Government shall provide the Cyber Appellate Tribunal with such officers and employees as that Government may think fit.
(2) The officers and employees of the Cyber Appellate Tribunal shall discharge their functions under general superintendence of the 75[Chairperson].
(3) The salaries and allowances and other conditions of service of the officers and employees of the Cyber Appellate Tribunal shall be such as may be prescribed by the Central Government.
________________________________
75. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 30 for Presiding officer (w.e.f. 27-10-2009).
Legal Comments
Introduction - Information Technology Act, 2000 (IT Act) governs electronic transactions, cyber offences, intermediary liability, and the admissibility/recognition of electronic records; it operates alongside IPC and Evidence Act to modernize cyber jurisprudence. [Rohit Vedpaul Kaushal VS State of Maharashtra - 2007 0 Supreme(Bom) 1106]
Section 56 - Information Technology Act, 2000 - Not present in provided extracts as a standalone section citation; related references discuss jurisdictional and appellate principles under IT Act provisions (e.g., Section 78 on investigation) rather than a standalone Section 56. No direct summarization available from sources. [Google India Private Limited VS Visakha Industries - 2019 0 Supreme(SC) 1351]
Section 79 (intermediary exemption) - Pre/post amendment framework; intermediaries may be exempt from liability if they meet specified conditions (no actual knowledge of illicit content, prompt takedown upon notification, etc.); post-2008 amendments clarified liability shields with caveats; critical for platform immunity in defamation/copyright cases. [Google India Private Limited VS Visakha Industries - 2019 0 Supreme(SC) 1351]
Essential ingredients for intermediary immunity (Section 79) - Exemption from liability requires that (i) the intermediary does not initiate the content; (ii) upon receiving actual knowledge or on notification, it acts expeditiously to remove/disable access; (iii) the intermediary’s role is limited to hosting information; (iv) exceptions apply when the intermediary has conspired or failed to act despite notice. [Facebook Inc VS Surinder Malik - 2019 0 Supreme(Del) 2214]
Scope of Section 79 - Applies to intermediaries hosting user-generated content; case law clarifies it interacts with 69A blocking provisions and 79(3)(b) read down in light of 66A jurisprudence; screens content, not general censorship; 69A provides targeted blocking with safeguards. [Facebook Inc VS Surinder Malik - 2019 0 Supreme(Del) 2214]
Defamation and Section 66A (and post-66A jurisprudence) - Section 66A was struck down as unconstitutional (Ultra vires Article 19(1)(a)); subsequent cases emphasize limitation of IT Act to prevent abuse of free speech online; defamation remains governed by IPC Section 499/500 with applicable IT Act provisions for intermediary takedown under 79/Rules. [Harsh Kadam @ Hitendra Kumar VS State of U. P. Thru Prin. Secy. Home - 2021 0 Supreme(All) 1172], [Manoj Oswal VS State of Maharashtra, Through Sr. P. I - 2013 0 Supreme(Bom) 1480]
Section 66 (cyber offences) - Addressed in several matters; offensives include hacking and other computer-related offences; adjudication structure contemplates separate adjudicating officers (not Magistrates) for 66, with Section 78 enabling investigation by police officers of appropriate rank; penalties depend on the section invoked (66, 66D, 66A historically). [Rajat Teneja VS Harmeeta Singh - 2008 0 Supreme(P&H) 664], [Bittu Singh @ Rahul Singh @ Bittu Rahul Singh VS State Of Jharkhand - 2018 0 Supreme(Jhk) 2202]
Penalties under IT Act (general) - IT Act sections 43–47, 65–67 establish a spectrum of penalties including fines and imprisonment for various computer-related offences; 66 (hacking) and 67 (publishing obscene data) are commonly invoked; Section 67A/67B address specific offences (e.g., obscene content and sexual content involving minors). [Rohit Vedpaul Kaushal VS State of Maharashtra - 2007 0 Supreme(Bom) 1106], [B. N. Firos VS State of Kerala, Rep. by its Secretary Department of Information Technology - 2006 0 Supreme(Ker) 258]
Section 67 and related provisions - Offence under Section 67 is cognizable and often non-bailable; combined with IPC sections 292/354 etc. in some cases; courts have treated Section 67 with seriousness given cyber-pornography and obscene material contexts. [Rohit Vedpaul Kaushal VS State of Maharashtra - 2007 0 Supreme(Bom) 1106], [B. N. Firos VS State of Kerala, Rep. by its Secretary Department of Information Technology - 2006 0 Supreme(Ker) 258]
Prosecution vs. civil liability - Distinction between civil liability (e.g., damages under Section 43) and criminal liability (e.g., 66–67) remains; Adjudicating Authority handles civil aspects while Magistrates/Courts address criminal aspects; identity and evidentiary standards for electronic records recognized by IT Act amendments. [Amit Kumar Jadaun (Amit) VS State of U. P. - 2018 0 Supreme(All) 1949], [Amit Kumar Jadaun (Amit) VS State of U. P. - 2018 0 Supreme(All) 1686]
Nomination/e-filing and e-governance - IT Act supports electronic filing and e-government processes; courts direct state agencies to accept electronic nominations and filings; e-gazettes and publication via IT Act mechanisms recognized in customs/administrative contexts. [Communist Party of India (Marxist) VS State of West Bengal - 2018 0 Supreme(Cal) 259], [Adani Wilmar Limited VS Union of India - 2022 0 Supreme(Guj) 1160]
Intermediary liability and takedown duties - Courts have clarified that intermediaries are not obligated to proactively screen all content; takedown upon notification is sufficient, subject to compliance with guidelines under IT Act and Intermediary Guidelines Rules, 2011. [Facebook Inc VS Surinder Malik - 2019 0 Supreme(Del) 2214], [Vyakti Vikas Kendra, India Public Charitable Trust Thr Trustee Mahesh Gupta VS Jitender Bagga - 2012 0 Supreme(Del) 1334]
Intermediary Guidelines and rights - The IT Intermediaries Guidelines (Rules 2011) govern takedown timelines and due diligence; reliefs and sanctions balanced against free speech protections under Article 19; courts have emphasized careful application to avoid overreach. [Vyakti Vikas Kendra, India Public Charitable Trust Thr Trustee Mahesh Gupta VS Jitender Bagga - 2012 0 Supreme(Del) 1334], [Facebook Inc VS Surinder Malik - 2019 0 Supreme(Del) 2214]
Defamation and online content - While defamation remains primarily under IPC, IT Act provisions influence takedown and platform liability; courts have directed platforms (e.g., Twitter, Facebook) to suspend accounts or remove content upon prima facie defamation and copyright infringement, invoking 79 and intermediary principles. [Alok Kumar Brara VS Sarah Jane - 2019 0 Supreme(Del) 611], [Vyakti Vikas Kendra, India Public Charitable Trust Thr Trustee Mahesh Gupta VS Jitender Bagga - 2012 0 Supreme(Del) 1334]
Jurisdiction and forum conveniens - IT Act matters may require appropriate forum under Section 62/78 considerations; appellate jurisdiction and proper court choices depend on where the cause of action arose and where the adverse actions occurred; misfiling can be returned to proper forum. [State Bank of India VS Chander Kalani - 2019 0 Supreme(Del) 1261]
Evidence and electronic records - IT Act aligns with the Indian Evidence Act on electronic records; Section 65B and related provisions facilitate admissibility of electronic records; the act supports recognition of electronic signatures, certificates, and secure electronic records. [Sudarshan Cargo Private Limited, Bangalore VS Techvac Engineering Private Limited, Mysore - 2013 0 Supreme(Kar) 344], [ORIENTAL BANK OF COMMERCE VS NANDKISHORE VISHWANATH SHIGNE - Consumer (2015)]
Bail and anticipatory bail under IT Act - Courts consider section-specific gravity and investigative status; bail orders may include conditions minimizing risk of tampering with electronic evidence; 66A previously used to justify bail restrictions; post-66A invalidity shifts focus to 66, 66D, 67, and IPC equivalents. [Himanshu Kumar VS State NCT Of Delhi - 2022 0 Supreme(Del) 977], [BIKRAM CHHOTARAY VS STATE OF ODISHA - 2017 0 Supreme(Ori) 1476]
Production of digital evidence (Section 91 CrPC) - Forensic examination of devices is permissible via appointed Examiners of Electronic Evidence under Section 79-A IT Act; notices and compulsion to produce devices are balanced against rights under Article 20(3) and the principle of self-incrimination. [P. Gopalakrishnan Alias Dileep VS State of Kerala Represented by the Public Prosecutor - 2022 0 Supreme(Ker) 254]
Section 43 - Civil damages and penalties for computer-related acts - Civil liability for damages arises from unauthorized access or data theft; combined with 66, 66D for criminal liability when appropriate. Jurisdictional distinctions apply with Adjudicating Authority. [Amit Kumar Jadaun (Amit) VS State of U. P. - 2018 0 Supreme(All) 1949]
Section 69A (blocking) and procedure - Narrowly tailored blocking of information with safeguards; requires reasons to be recorded in writing and a hearing under Rules; upheld as constitutionally valid in Kerala/others decisions, with 66A being struck down. [Jaydeep Madhukar Wakankar VS State of Andhra Pradesh - 2022 0 Supreme(AP) 942], [B. N. Firos VS State of Kerala, Rep. by its Secretary Department of Information Technology - 2006 0 Supreme(Ker) 258]
Special marriages online and IT Act - IT Act provisions (Section 6) support online solemnization and recognition of electronic records; courts direct government bodies to align with online processes under IT Act in family law contexts. [Bilbin Joy VS Marriage Officer & Sub Registrar - Current Civil Cases (2023)], [ARUN R. K. S/O MADHUSOODANAN P. VS STATE OF KERALA - 2023 0 Supreme(Ker) 74]
Defences and exemptions for intermediaries - Intermediaries may rely on Section 79 exemptions if they satisfy conditions; conspiracy or aiding content removal delays can undermine exemption; context-specific judgments emphasize strict compliance with statutory conditions. [Neha Rafiq Chachadi VS State Of Karnataka, rep. by Addl. State Public Prosecutor - 2023 0 Supreme(Kar) 307], [Facebook Inc VS Surinder Malik - 2019 0 Supreme(Del) 2214]
Quashing FIRs and settlements - High Courts may quash FIRs where compromise or settlement adequately reflects ends of justice; IT Act offences (non-compoundable in some cases like 67A against a woman) require careful consideration of the nature of the offence and whether settlement is permissible. [Mansi Sharma VS State NCT of Delhi - 2023 0 Supreme(Del) 1961], [Imtionenla Walling D/o Rema Pongen VS State of Nagaland - 2024 0 Supreme(Gau) 326]
Costs and remedies in IT Act disputes - Courts frequently times direct parties to bear their own costs or grant limited relief while directing further investigation or enforcement; reliance on constitutional rights and due process standards. [Rajat Teneja VS Harmeeta Singh - 2008 0 Supreme(P&H) 664], [Imtionenla Walling D/o Rema Pongen VS State of Nagaland - 2024 0 Supreme(Gau) 326]
Observations on 66A ultra vires jurisprudence - The landmark establishment that 66A violates Article 19(1)(a) led to a reorientation of how online speech issues are addressed under IT Act; emphasis on safeguarding free speech with proportionate restrictions under Article 19(2). [Harsh Kadam @ Hitendra Kumar VS State of U. P. Thru Prin. Secy. Home - 2021 0 Supreme(All) 1172], [B. N. Firos VS State of Kerala, Rep. by its Secretary Department of Information Technology - 2006 0 Supreme(Ker) 258]
Section 81 and electronic evidence hierarchy - IT Act’s special status emphasizes that electronic records and related provisions trump conflicting general laws in certain contexts; courts stress harmonization with evidence law. [ORIENTAL BANK OF COMMERCE VS NANDKISHORE VISHWANATH SHIGNE - Consumer (2015)], [Ramesh Chandra Kathuria vs State - Delhi (2019)]
Section 67A/67B nuances - Offences involving sexual content or obscenity, particularly with minors, carry stringent penalties and non-compoundability in certain contexts; courts consider safety, public order, and the need for protective measures. [Sreekanth C. Nair VS Developer of Website - 2008 0 Supreme(Ker) 462], [Amit Kumar Jadaun (Amit) VS State of U. P. - 2018 0 Supreme(All) 1686]
Section 66E (privacy) considerations - Privacy-related offences under IT Act interplay with 78/78A adjudication; quashing orders may consider privacy rights and due process; courts have scrutinized the registration of FIRs under 66E. [Neha Rafiq Chachadi VS State Of Karnataka, rep. by Addl. State Public Prosecutor - 2023 0 Supreme(Kar) 307]
General takeaway - IT Act provides essential tools: recognition of electronic records, intermediary liability framework, and a spectrum of offences; effective governance requires precise application of exemptions, prompt takedown, and respect for free speech and due process constraints. [Rajesh Jiwan Bhai Bharwad VS State of Himachal Pradesh - 2019 0 Supreme(HP) 813], [Communist Party of India (Marxist) VS State of West Bengal - 2018 0 Supreme(Cal) 259]
(1) Save as provided in sub-section (2), any person aggrieved by an order made by an adjudicating officer under this Act may prefer an appeal to a Cyber Tribunal having jurisdiction in the matter.
(2) No appeal shall lie to the Cyber Appellate Tribunal from an order made by an adjudicating officer with the consent of the parties.
(3) Every appeal under sub-section (1) shall be filed within a period of forty-five days from the date on which a copy of the order made by the controller or the adjudicating officer is received by the person aggrieved and it shall be in such form and be accompanied by such fee as may be prescribed:
Provided that the Cyber Appellate Tribunal may entertain an appeal after the expiry of the said period of forty-five days if it is satisfied that there was sufficient caus
(1) The Cyber Appellate Tribunal shall not be bound by the procedure laid down by the Code of Civil Procedure, 1908 (5 of 1908) but shall be guided by the principles of natural justice and, subject to the other provisions of this Act and of any rules, the Cyber Appellate Tribunal shall have powers to regulate its own procedure including the place at which it shall have its sittings.
(2) The Cyber Appellate Tribunal shall have, for the purposes of discharging its functions under this Act, the same powers as are vested in a civil court under the Code of Civil Procedure, 1908 (5 of 1908), while trying a suit, in respect of the following matters, namely:-
(a) summoning and enforcing the attendance of any person and examining him on oath;
(b) requiring the discovery and production of documents or o
The appellant may either appear in person or authorise one or more legal practitioners or any of its officers to present his or its case before the Cyber Appellate Tribunal.
The provisions of the Limitation Act, 1963 (36 of 1963) , shall, as far as may be, apply to an appeal made to the Cyber Appellate Tribunal.
No court shall have jurisdiction to entertain any suit or proceeding in respect of any matter which an adjudicating officer appointed under this Act or the Cyber Appellate Tribunal constituted under this Act is empowered by or under this Act to determine and no injunction shall be granted by any court or other authority in respect of any action taken or to be taken in pursuance of any power conferred by or under this Act.
Any person aggrieved by any decision or order of the Cyber Appellate Tribunal may file an appeal to the High Court within sixty days from the date of communication of the decision or order of the Cyber Appellate Tribunal to him on any question of fact or law arising out of such order:
Provided that the High Court may, if it is satisfied that the appellant was prevented by sufficient cause from filing the appeal within the said period, allow it to be filed within a further period not exceeding sixty days.
(1) Any contravention under this 76[Act] may, either before or after the institution of adjudication proceedings, be compounded by the Controller or such other officer as may be specially authorised by him in this behalf or by the adjudicating officer, as the case may be, subject to such conditions as the Controller or such other officer or the adjudicating officer may specify:
Provided that such sum shall not, in any case, exceed the maximum amount of the penalty which may be imposed under this Act for the contravention so compounded.
(2) Nothing in sub-section (1) shall apply to a person who commits the same or similar contravention within a period of three years from the date on which the first contravention, committed by him, was compounded.
Explanation.-For the purposes
Section 63 of the Information Technology Act, 2000, deals with offences related to false electronic records, digital signatures, and contraventions in the digital environment. It provides a legal framework for penalizing acts that involve falsification, tampering, or misuse of electronic data, ensuring integrity and authenticity in electronic transactions and records.
Section 63 prescribes the penalties for certain contraventions under the IT Act, primarily focusing on offences related to:- Publishing or transmitting electronic records that bear false digital signatures.- Falsification or tampering of electronic records.- Offences involving false or misleading electronic data.- Offences related to the use of false electronic signatures or certificates.
The section also provides for the compounding of contraventions, allowing parties to settle certain offences upon payment of a specified sum, subject to restrictions.
Section 63 of the IT Act serves as a crucial provision to penalize acts of falsification, tampering, and misuse of electronic records and digital signatures, thereby fostering trust and integrity in electronic transactions. Its effective enforcement requires strict adherence to procedural safeguards to prevent misuse and protect individual rights, while its provisions for compounding offer a balanced approach to civil and criminal liabilities in cyberspace.
Note: This commentary synthesizes legal principles from the provided sources and established jurisprudence, emphasizing the importance of Section 63 in the cyber legal framework of India.
S. 64. Recovery of 77[penalty or compensation].—
A 78[penalty imposed or compensation awarded] under this Act, if it is not paid, shall be recovered as an arrear of land revenue and the licence or the 79[Electronic Signature] Certificate, as the case may be, shall be suspended till the penalty is paid.
_______________________________
77. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 31 for 'penalty' (w.e.f. 27-10-2009).
78. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 31 for 'penalty imposed' (w.e.f. 27-10-2009).
79. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2
Section 64 of the Information Technology Act, 2000, serves as a critical mechanism for maintaining the integrity of the Digital Signature Infrastructure (DSI). Unlike the criminal penal provisions under Chapter XI, Section 64 deals with civil and administrative sanctions, specifically empowering the Controller of Certifying Authorities (Controller) to suspend or revoke Digital Signature Certificates (CAs) when they cease to comply with the prescribed security standards or regulatory requirements. The amendment in 2008 added a proviso to this section, allowing for the recovery of penalties or compensation alongside suspension, thereby balancing the administrative power with financial recourse for the victimized party.
Section 64 authorizes the Controller to pass an order suspending the operations of a Certifying Authority (CA) or revoking the license to operate, if the CA cannot comply with security practices and procedures. The provision states that the Controller may order the suspension to maintain trust in the electronic authentication system. Post-2008 amendment, the language was modified to include the recovery of penalties or compensation awarded due to non-compliance, not just the imposition of penalties. The section is operationalized when a Certifying Authority fails to meet the security standards mandated under Section 73.
The scope of Section 64 extends to the entire lifecycle of a Digital Signature Certificate. It applies to both the issuer (Certifying Authority) and the validity of the certificate issued by them. If the CA's infrastructure is compromised or the CA breaches trust, the Controller has the discretion to suspend the certificate temporarily (often with a notice period, sometimes six months as per regulations regarding suspension of practice) or revoke it permanently. This section is vital for preventing fraudulent transactions and maintaining the sanctity of electronic commerce. It complements Section 78 regarding the investigation into such complaints.
The "punishment" under Section 64 is primarily administrative rather than penal in the traditional sense. The Controller has the power to:* Suspend the operations of the Certifying Authority.* Revoke the license to issue Digital Signature Certificates.* Recover Penalties or Compensation: Under the amended clause, if the suspension or revocation results in harm or negligence, the Controller can also impose penalties or order the recovery of compensation to be paid by the CA to the affected party. This can be imposed in addition to or alongside the suspension order.
Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force, shall be punishable with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both.
Explanation.-For the purposes of this section, "computer source code" means the listing of programmes, computer Commands, design and layout and programme analysis of computer resource in any form.
Section 65 of the IT Act, 2000, criminalizes the act of tampering with computer source documents, reflecting the importance of safeguarding digital data and source codes from unauthorized manipulation. It forms a core part of cyber security laws in India, aiming to prevent cyber crimes related to data integrity and source code tampering.
Section 65 states:"Whoever knowingly or intentionally conceals, destroys or alters or causes another to conceal, destroy, or alter any computer source code used for a computer, computer programme, computer system or computer network, shall be punishable with imprisonment which may extend to three years, or with fine which may extend to two lakh rupees, or with both."It explicitly targets acts of malicious or unauthorized modification of source code.
"Cyber Crime" - Acts of tampering with source code are criminalized to prevent unauthorized modifications that could compromise system security and data integrity [Source: "Tampering with Computer Source Code" - Various online legal summaries].
"Intent" - The act must be committed knowingly or intentionally; accidental or unintentional acts may not attract liability under Section 65 [Source: "Penalties under Cyber Law" - Various legal commentaries].
"Source Code" - The term includes any computer program, system, or network-related source code, emphasizing broad coverage of digital assets [Source: "Section 65 of the IT Act Explained" - Legal interpretations].
"Protection of Digital Assets" - Section 65 aims to safeguard the core digital assets, including source codes, from malicious tampering that can lead to data breaches or system failures [Source: "Cyber Law" - Indian Cyber Law Reports].
"Cyber Security" - Acts under Section 65 are fundamental to maintaining cyber security and preventing cyber espionage, hacking, or sabotage [Source: "Cyber Crime and Cyber Laws in India" - Cyber Law Journals].
"Punishment Severity" - The prescribed punishment reflects the seriousness of tampering acts, which can destabilize critical infrastructure or cause financial loss [Source: "Penalties for Cyber Offenses" - Legal Texts].
"Scope of Application" - The section applies to acts of concealment, destruction, or alteration, regardless of whether the act was successful or not, provided the act was knowingly committed [Source: "Offenses under Sections 65-78" - Cyber Law Guidelines].
"Mens Rea" - The requirement of knowledge or intent aligns with general criminal law principles, establishing mens rea for cyber offenses [Source: "Cyber Law and Mens Rea" - Indian Penal Code Principles].
"Cyber Security Measures" - Acts under Section 65 can be used as evidence in cyber forensic investigations to establish malicious intent or tampering [Source: "Cyber Forensics" - Digital Evidence Laws].
"Legal Precedents" - Courts have held that acts of source code tampering, if proven, warrant punishment under Section 65, reinforcing the importance of source code integrity [Source: Supreme Court judgments on cyber offenses].
"Complementary Provisions" - Sections 66 (hacking), 66A (offensive messages), and 66F (cyber terrorism) complement Section 65, covering broader cyber crimes [Source: "Cyber Crime Offenses" - Legal Manuals].
"Digital Evidence" - The requirement of a certificate under Section 65-B of the Evidence Act for electronic records underscores the importance of authentic digital evidence in prosecution [Source: "Section 65-B of Evidence Act" - Indian Evidence Law].
"Cyber Law Enforcement" - Law enforcement agencies are empowered to investigate and prosecute acts under Section 65, including forensic analysis and digital audits [Source: "Cyber Crime Investigation" - Law Enforcement Manuals].
"International Relevance" - Similar provisions exist in international cyber laws, indicating the global consensus on protecting source code and digital data [Source: "Global Cyber Laws" - Comparative Legal Studies].
"Preventive Measures" - Organizations are advised to implement source code management and access controls to prevent violations of Section 65 [Source: "Cyber Security Best Practices" - IT Security Guidelines].
"Legal Responsibility" - Individuals and organizations have a legal obligation to maintain the integrity of source code; breach can lead to criminal liability under Section 65 [Source: "Corporate Cyber Security Laws" - Legal Advisory].
Section 65 of the IT Act, 2000, plays a pivotal role in safeguarding the integrity of digital source codes by criminalizing acts of concealment, destruction, or alteration with knowledge or intent. Its broad scope and severe penalties underscore the importance of maintaining cyber hygiene and digital security in an increasingly digital world. Proper legal understanding and adherence to procedural requirements, such as certification of electronic evidence, are essential for effective enforcement and prosecution of offenses under this section.
80[S. 66. Computer related offences.—
If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with both.
Explanation.-For the purpose of this section,-
(a) the word "dishonesty" shall have the meaning assigned to it in section 24 of the Indian Penal Code (45 of 1860).
(b) the word "fraudulently" shall have the meaning assigned to it in section 25 of the Indian Penal Code (45 of 1860).
_____________________________________
80. Ss. 66 and 67 substituted by Information Technolog
SupremeToday AI Service seems to be Down for a While!
Any person who sends, by means of a computer resource or a communication device,-
(a) any information that is grossly offensive or has meaning character, or
(b) any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will, persistently by making use of such computer resource or a communication device; or
(c) any electronic mail or electronic mail massage for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such massage,
shall be punishable with imprisonment for a term which may extend to three years and with fine.
&nb
Section 66A of the Information Technology Act, 2000 was enacted to address the misuse of digital communication platforms by penalizing the sending of offensive, menacing, or false information electronically. It aimed to regulate online speech and prevent cyber harassment, cyber defamation, and related offences. However, the provision faced significant legal challenges and was ultimately struck down by the Supreme Court in 2015 for violating fundamental rights.
Section 66A criminalized sending, by means of a computer resource or communication device, any information that is grossly offensive or has a menacing character, or any information that is false and causes annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or ill-will, with the intent to cause such effects. The section prescribed punishments including imprisonment up to three years and fines.
Note: The section also defined terms such as "electronic mail" and "electronic mail message" to include messages transmitted or received via computers or communication devices.
Initially, Section 66A covered a wide ambit of online speech, including offensive messages, false information, and messages that could cause harm or fear. It aimed to regulate online content and prevent misuse of digital platforms. However, its scope was challenged on grounds of constitutional rights, particularly freedom of speech and expression.
Important: The scope included acts such as sending offensive messages through communication service, etc., which could include emails, SMS, social media posts, and other electronic messages.
In conclusion, Section 66A of the IT Act, 2000 was a well-intentioned but overbroad law that infringed upon constitutional rights. Its striking down by the Supreme Court reaffirmed the importance of precise legislation respecting fundamental freedoms, especially in the digital age. Any future laws governing online speech must adhere to the constitutional principles of clarity, specificity, and reasonableness to withstand judicial scrutiny.
Whoever dishonestly receives or retains any stolen computer resource or communication device knowing or having reason to believe the same to be stolen computer resource or communication device, shall be punished with imprisonment of either description for a term which may extend to three years or with fine which may extend to rupees one lakh or with both.
Section 66(b) of the Information Technology Act, 2000, addresses the offense of dishonestly receiving or retaining stolen computer resources or communication devices. It forms part of the broader legal framework aimed at combating cybercrimes and protecting digital assets in India. This section emphasizes the criminality of knowingly possessing stolen digital resources, aligning with the objectives of the IT Act to secure electronic communications and prevent cyber theft.
Section 66(b) states:
"Whoever dishonestly receives or retains any stolen computer resource or communication device knowing or having reason to believe the same to be stolen computer resource or communication device, shall be punished with imprisonment of either description for a term which may extend to three years or with fine which may extend to one lakh rupees, or with both."
This provision criminalizes the act of dishonestly possessing stolen digital resources, with a clear mental element of knowledge or reason to believe that the resource is stolen.
Section 66(b) applies broadly to any digital or electronic resource that has been stolen, including hard disks, communication devices, or data. It covers acts of dishonestly retaining such resources, whether physically or electronically, and is applicable irrespective of the nature of the resource, provided it is stolen and the accused has knowledge of this fact. The section complements other provisions under the IT Act, such as Sections 66A and 66C, which address related cyber offenses like sending offensive messages or identity theft.
The severity of punishment reflects the seriousness with which cyber theft and dishonest retention of digital resources are viewed under Indian law.
This concise legal commentary highlights the scope, essential elements, and judicial interpretation of Section 66(b), emphasizing its role in combating cyber theft and dishonestly retaining stolen digital resources under Indian law.
Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.
Section 66(c) of the Information Technology Act, 2000, addresses the offence of identity theft, a prevalent cybercrime in the digital age. It criminalizes the fraudulent or dishonest use of another person's electronic signature, password, or any other unique identification feature, thereby safeguarding individuals' digital identities and ensuring trust in electronic transactions.
Section 66(c) stipulates that:
"Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person, shall be punishable with imprisonment for a term which may extend to three years, or with fine which may extend to five lakh rupees, or with both."
This provision explicitly criminalizes acts of identity theft involving electronic means, emphasizing the importance of protecting digital identities from misuse.
Section 66(c) covers:- Unauthorized access to and use of electronic signatures or passwords.- Acts of identity theft in digital environments.- Acts committed through electronic means, including emails, online platforms, or digital devices.- It applies to both individuals and entities involved in cyber frauds involving identity theft.- The section complements other provisions of the IT Act and IPC related to cybercrimes, such as cheating (Section 420 IPC) and hacking (Section 66).
This concise legal commentary aims to provide a comprehensive understanding of Section 66(c) of the IT Act, 2000, highlighting its legal provisions, scope, and significance in combating cyber identity theft.
Whoever, by means of any communication device or computer resource cheats by personation, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees.
Section 66(d) of the Information Technology Act, 2000, addresses the criminal offense of cheating by personation using computer resources. It is a vital provision in India's cyber law framework, aiming to curb fraudulent activities conducted through electronic means, especially impersonation and deception.
Section 66(d) states:"Whoever, by means of any communication device or computer resource cheats by personation, shall be punished with imprisonment of either description for a term which may extend to three years, or with a fine which may extend to one lakh rupees, or with both."This provision criminalizes the act of cheating through impersonation facilitated by electronic communication or resources.
In summary, Section 66(d) of the IT Act criminalizes cheating by impersonation through electronic means, with penalties of up to three years imprisonment and a fine. Its effective enforcement hinges on clear evidence of deception and misuse of communication resources, serving as a crucial tool in combating online frauds and impersonation crimes.
Whosoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent, under circumstances violating the privacy of that person, shall be punished with imprisonment which may extend to three years or with fine not exceeding two lakh rupees, or with both.
Explanation.-Fro the purposes of this section-
(a) "transmit" means to electronically send a visual image with the internet that it be viewed by a person or persons;
(b) "capture", with respect to an image, means to videotape, photograph, film or record by any means;
(c) "private area" means the naked or undergarment clad genitals, public area, buttocks or female breast;
(d) "publishes"
Section 66(e) of the Information Technology Act, 2000, addresses the offense of violation of privacy through electronic means. It criminalizes the act of capturing, publishing, or transmitting images of a person's private areas without consent, under circumstances that violate the individual's reasonable expectation of privacy. This section aims to protect individuals from electronic voyeurism and unauthorized invasion of privacy in the digital age.
Section 66(e) states:
"Whoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent, under circumstances violating the privacy of that person, shall be punished with imprisonment which may extend to three years or with fine which may extend to two lakh rupees, or with both."
It explicitly prohibits the non-consensual capturing, publishing, or transmitting of images of private areas, emphasizing the importance of privacy rights in electronic communications.
In conclusion, Section 66(e) of the IT Act, 2000, is a vital legal provision aimed at protecting individuals from electronic violations of privacy, especially in the context of images of private areas. Its effective enforcement depends on clear evidence of violation under circumstances that breach the reasonable expectation of privacy, with significant penalties to deter such offenses.
(1) Whosoever,-
(A) with intent to threaten the unity, integrity, security or sovereignty of India or to strike terror in the people or any section of the people by-
(i) denying or cause the denial of access to any person authorised to access computer resource; or
(ii) attempting to penetrate or access a computer resource without authorisation or exceeding authorised access; or
(iii) introducing or causing to introduce any computer contaminant,
and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disputes or knowing that it is likely to cause damage or disruption of supplies or services essential to the life of the community or a
SupremeToday AI Service seems to be Down for a While!
Whoever publishes or transmits or causes to be published or transmitted in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to three years and with fine which may extend to five lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to five years and also with fine which may extend to ten lakh rupees.
Section 67 of the Information Technology Act, 2000, is a penal provision that addresses the transmission and publication of obscene material in electronic form. It is a crucial section that aims to regulate cyber obscenity and prevent the spread of harmful content online. Given the proliferation of digital communication, Section 67 has become a significant tool for addressing cyber offenses related to obscenity, especially in the context of social media, messaging platforms, and internet-based content dissemination.
Section 67 stipulates that:- Whoever publishes or transmits, or causes to be published or transmitted, in electronic form, any material that is obscene shall be punishable.- The punishment may extend to imprisonment for up to three years and/or a fine.- The section also includes provisions for aggravated offenses under Section 67A, which deals with material containing sexually explicit acts.
Section 67 of the IT Act, 2000, plays a pivotal role in regulating obscene content in the digital age. While it provides necessary deterrence and legal recourse against cyber obscenity, its application must be balanced with constitutional rights and safeguards against misuse. Judicial interpretations continue to evolve, emphasizing the importance of context, societal norms, and technological measures in enforcing this section effectively.
Whoever publishes or transmits or causes to be published or transmitted in the electronic form any material which contains sexually explicit act or conduct shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to ten lakh rupees and in the event of second or subsequent conviction with imprisonment of either description for a term which may extend to seven years and also with fine which may extend to ten lakh rupees.
The Information Technology Act, 2000 (IT Act) was enacted to provide legal recognition for electronic transactions and to facilitate e-governance in India. Section 67(a) specifically addresses the issue of publishing or transmitting material containing sexually explicit acts in electronic form, reflecting the need to regulate and penalize the misuse of technology in the context of obscenity and sexual exploitation.
Section 67(a) of the IT Act states that any person who publishes or transmits material containing sexually explicit acts in electronic form shall be punished. The punishment for the first conviction may extend to five years of imprisonment and a fine, while subsequent convictions may lead to imprisonment for up to seven years and a higher fine.
The scope of Section 67(a) is broad, covering various forms of electronic communication, including social media, websites, and other digital platforms. It aims to protect individuals from the dissemination of non-consensual explicit content and to uphold societal standards regarding decency and morality.
This commentary provides a comprehensive overview of Section 67(a) of the Information Technology Act, 2000, highlighting its significance in the context of digital law and the protection of individual rights.
Whoever-
(a) publishes or transmits or causes to be published or transmitted material in any electronic form which depicts children engaged in sexually explicit act or conduct; or
(b) creates text or digital images, collects, seeks, browses, downloads, advertises, promotes, exchanges or distributes material in any electronic form depicting children in obscene or indecent or sexually explicit manner; or
(c) cultivates, entices or induces children to online relationship which one or more children for and on sexually explicit act or in a manner that may offend a reasonable adult on the computer resource; or
(d) facilitates abusing children online; or
(e) records in any electronic form own abuse or that of ot
Section 67(b) of the Information Technology Act, 2000, addresses the punishment for publishing or transmitting obscene material in electronic form, specifically focusing on content that involves children in sexually explicit acts. This provision is part of the broader legal framework aimed at regulating cyber obscenity and child protection in digital spaces.
Section 67(b) states:"Whoever publishes or transmits or causes to be published or transmitted in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend or deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished with imprisonment of either description for a term which may extend to five years and with a fine which may extend to ten lakh rupees."
This section criminalizes the electronic publication or transmission of sexually explicit and lascivious material, with special emphasis on content involving children under Section 67B.
In conclusion, Section 67(b) of the IT Act criminalizes the publication or transmission of obscene material, with a specific and stringent focus on child pornography. Its scope encompasses all forms of electronic publication and transmission, emphasizing the societal harm caused by such content and aligning with international standards for child protection. Judicial interpretation continues to refine its application, balancing the need for effective deterrence with safeguarding individual rights.
(1) Intermediary shall preserve and retain such information as may be specified for such duration and in such manner and format as the Central Government may prescribed.
(2) Any intermediary who intentionally or knowingly contravenes the provisions of sub-section (1) shall be punished with an imprisonment for a term which may extend to three years and shall also be liable to fine.]
The Information Technology Act, 2000 (IT Act) was enacted to provide legal recognition for electronic transactions and to facilitate electronic governance. Section 67(c) specifically addresses the responsibilities of intermediaries regarding the preservation and retention of information.
Section 67(c) mandates that intermediaries must preserve and retain information as specified by the Central Government for a designated duration and in a specified manner. This provision aims to ensure that data is available for law enforcement and regulatory purposes.
The scope of Section 67(c) extends to all intermediaries operating within the digital ecosystem in India. It is designed to enhance accountability and ensure that intermediaries comply with legal requests for information.
Any intermediary who intentionally or knowingly contravenes the provisions of this section may face imprisonment for a term that may extend up to three years, along with a fine.
(1) The Controller may, by order, direct a Certifying Authority or any employee of such Authority to take such measures or cease carrying on such activities as specified in the order if those are necessary to ensure compliance with the provisions of this Act, rules or any regulations made thereunder.
81[(2) Any person who intentionally or knowingly fails to comply with any order under sub-section (1) shall be guilty of an offence and shall be liable on conviction to imprisonment for a term not exceeding two years or a fine not exceeding one lakh rupees or with both.]
___________________________________
81. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 33 for sub-s. (2) (w.e.f. 27-10-2009).
82[S. 69. Power to issue directions for interception or monitoring or decryption of any information through any computer resource.—
(1) Where the Central Government or a State Government or any of its officers specially authorised by the Central Government or the State Government, as the case may be, in this behalf may, if satisfied that it is necessary or expedient so to do, in the interest of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence, it may subject to the provisions of sub-section (2), for reasons to be recorded in writing by order, direct any agency of the appropriate Government to intercept, monitor or decrypt or cause to be
(1) Where the Central Government or any of its officers specially authorised by it in this behalf is satisfied that it is necessary or expedient so to do, in the interest of sovereignty and integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above, it may subject to the provisions of sub-section (2), for reasons to be recorded in writing by order, direct any agency of the Government or intermediary to block for access by the public any information generated, transmitted, received or stored in any computer resource.
(2) The procedure and safeguards subject to which such blocking for access by the public may be carried out, shall be such as may be prescribed.
(3) The intermediary who fails to
(1) The Central Government may, to enhance cyber security and for identification analysis and prevention of intrusion or spread of computer containment in the country, by notification in the Official Gazette, authorise any agency of the Government to monitor and collect traffic data or information generated, transmitted, received or stored in any computer resource.
(2) The intermediary or any person in-charge or the computer resource shall, when called upon by the agency which has been authorised under sub-section (1), provide technical assistance and extend all facilities to such agency to enable online access or to secure and provide online access to the computer resource generating, transmitting, receiving or storing such traffic data or information.
(3) The procedure and safeguards for monitoring and collecting traffic data or inform
83[(1) The appropriate Government may, by notification in the Official Gazette, declare that any computer resource which directly or indirectly affects the facility of Critical Information Infrastructure, to be a protected system. Explanation.-For the purposes of this section, "Critical Information Infrastructure" means the computer resource, the incapacitation or destruction of which, shall have debilitating impact on national security, economy, public health or safety.]
(2) The appropriate Government may, by order in writing, authorise the persons who are authorised to access protected systems notified under sub-section (1).
(3) Any person who secures access or attempts to secure access to a protected system in contravention of the provisions of this section shall be punished with imprisonment of either description fo
(1) The Central Government may, by notification published in the Official Gazette, designate any organisation of the Government as the national nodal agency in respect of Critical Information Infrastructure Protection.
(2) The national nodal agency designated under sub-section (1) shall be responsible for all measures including Research and Development relating to protection of Critical Information Infrastructure.
(3) The manner of performing functions and duties of the agency referred to in sub-section (1) shall be such as may be prescribed.
85[S. 70B. Indian Computer Emergency Response Team to serve as national agency for incident response.—
(1) The Central Government shall, by notification in the Official Gazette, appoint an agency of the Government to be called the Indian Computer Emergency Response Team.
(2) The Central Government shall provide the agency referred to in sub-section (1) with a Director-General and such other officers and employees as may be prescribed.
(3) The salary and allowances and terms and conditions of the Director-General and other officers and employees shall be such as may be prescribed.
(4) The Indian Computer Emergency Response Team shall serve as the national agency for performing the following functions in the area o
Whoever makes any misrepresentation to, or suppresses any material fact from, the Controller or the Certifying Authority for obtaining any licence or 86[Electronic Signature] Certificate, as the case may be, shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
_______________________________
86. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 2 for 'Digital Signature' (w.e.f. 27-10-2009).
Save as otherwise provided in this Act or any other law for the time being in force, any person who, in pursuant of any of the powers conferred under this Act, rules or regulations made thereunder, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such electronic record, book, register, correspondence, information, document or other material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
87[S. 72A. Punishment for disclosure of information in breach of lawful contract.—
Save as otherwise provided in this Act or any other law for the time being in force, any person including and intermediary who, while providing services under the terms of lawful contract, has secured access to any material containing personal information about another person, with the intent to cause or knowing that he is likely to cause wrongful loss or wrongful gain discloses, without the consent of the person concerned, or in breach of a lawful contract, such material to any other person, shall be punished with imprisonment for a term which may extend to three years, or with fine which may extend to five lakh rupees, or with both.]
___________________________________________________
8
S. 73. Penalty for publishing 88[Electronic Signature] Certificate false in certain particulars.—
(1) No person shall publish a 89[Electronic Signature] Certificate or otherwise make it available to any other person with the knowledge that-
(a) the Certifying Authority listed in the certificate has not issued it; or
(b) the subscriber listed in the certificate has not accepted it; or
(c) the certificate has been revoked or suspended,
unless such publication is for the purpose of verifying a 90[electronic signature] created prior to such suspension or revocation.
&n
Whoever knowingly creates, publishes or otherwise makes available a 91[Electronic Signature] Certificate for any fraudulent or unlawful purpose shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
____________________
91. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 2 for 'Digital Signature' (w.e.f. 27-10-2009).
(1) Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any offence or contravention committed outside India by any person irrespective of his nationality.
(2) For the purposes of sub-section (1), this Act shall apply to an offence or contravention committed outside India by any person if the act or conduct constituting the offence or contravention involves a computer, computer system or computer network located in India.
Any computer, computer system, floppies, compact disks, tape drives or any other accessories related thereto, in respect of which any provision of this Act, rules, orders or regulations made thereunder has been or is being contravened, shall be liable to confiscation:
Provided that where it is established to the satisfaction of the court adjudicating the confiscation that the person in whose possession, power or control of any such computer, computer system, floppies, compact disks, tape drives or any other accessories relating thereto is found is not responsible for the contravention of the provisions of this Act, rules, orders or regulations made thereunder, the court may, instead of making an order for confiscation of such computer, computer system, floppies, compact disks, tape drives or any other accessories related thereto, make such other order authorised by this Act against
Section 76 of the Information Technology Act, 2000, primarily deals with the confiscation of computer hardware and accessories involved in contraventions of the Act. It provides a legal mechanism for authorities to seize and confiscate devices that are used in violation of the provisions of the Act, thereby aiding enforcement and deterrence of cyber offenses.
Section 76 states that any computer, computer system, floppy disks, compact disks, tape drives, or related accessories involved in contravening the provisions of the Act, rules, orders, or regulations made thereunder, shall be liable to confiscation by the authorities.
The scope encompasses all hardware and accessories related to computers that are used in the commission of offenses under the Act. It applies to devices involved in cybercrimes such as hacking, spreading viruses, or other illegal activities as per the Act's provisions.
Section 76 itself does not prescribe a punishment but provides for confiscation. The penalties and punishments for offenses related to contraventions under the Act are detailed elsewhere in the Act, with penalties potentially extending to imprisonment and fines, especially in cases of subsequent or serious offenses.
Note: The analysis is based on the provided sources and general legal principles related to Section 76 of the IT Act, 2000.
92[S. 77. Compensation penalties or confiscation not to interfere with other punishment.—
No compensation awarded, penalty imposed or confiscation made under this Act shall prevent the award of compensation or imposition of any other penalty or punishment under any other law for the time being in force.
______________________________
92. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 38 for s. 77 (w.e.f. 27-10-2009).
(1) A court of competent jurisdiction may compound offences, other than offences for which the punishment for life or imprisonment for a term exceeding three years has been provided, under this Act:
Provided that the court shall not compound such offences where the accused is, by reason of his previous conviction, liable to either enhance punishment or to a punishment of a different kind:
Provided further that the court shall not compound any offence where such offence affects the socio economic conditions of the country or has been committed against a child below the age of 18 years or a woman.
(2) The person accused of an offence under this Act may file an application for compounding in the court in which offence is pending for trial and the provisions of section 265B and 265C of the Code of
Notwithstanding anything contained in the Code of Criminal Procedure, 1973 (2 of 1974), the offence punishable with imprisonment of three years and above shall be cognizable and the offence punishable with imprisonment of three years shall be bailable.]
Notwithstanding anything contained in the Code of Criminal Procedure, 1973 (2 of 1974), a police officer not below the rank of 93[Inspector] shall investigate any offence under this Act.
______________________
93. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 39 for "Deputy Superintendent of Police" (w.e.f. 27-10-2009).
94INTERMEDIARIES NOT TO BE LIABLE IN CERTAIN CASES
(1) Notwithstanding anything contained in any law for the time being in force but subject to the provisions of sub-section (2) and (3), an intermediary shall not be liable for any third party information, data, or communication link made available or hosted by him.
(2) The provisions of sub-section (1) shall apply if-
(a) the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored or hosted; or
(b) the intermediary does not-
(i) initiate the transmission,
Section 79 of the Information Technology Act, 2000 (IT Act) provides a framework for the liability of intermediaries in India. It aims to protect intermediaries from liability for third-party content, provided they adhere to certain conditions. This section is crucial in the context of the digital landscape, where intermediaries play a significant role in facilitating online communication and commerce.
Section 79 states that an intermediary shall not be liable for any third-party information, data, or communication link made available or hosted by them, provided they meet specific criteria outlined in the Act.
The scope of Section 79 extends to various forms of intermediaries, including internet service providers, social media platforms, and e-commerce websites. It delineates the conditions under which these intermediaries can claim immunity from liability for user-generated content.
Section 79 itself does not prescribe punishment but outlines the conditions under which intermediaries can be held liable. If an intermediary fails to comply with the due diligence requirements or does not act upon receiving actual knowledge of unlawful content, they may lose their immunity and face legal consequences.
This commentary provides a comprehensive overview of Section 79 of the Information Technology Act, 2000, highlighting its significance in the context of intermediary liability and the broader implications for digital governance in India.
The Central Government may, for the purposes of providing expert opinion on electronic form evidence before any court or other authority specify, by notification in the Official Gazette, any Department, body or agency of the Central Government or a State Government as an Examiner of Electronic Evidence.
Explanation.-For the purpose of this section, "electronic form evidence" means any information of probative value that is either stored or transmitted in electronic form and includes computer evidence, digital audio, digital video, cell phone, digital fax machines.]
(1) Notwithstanding anything contained in the Code of Criminal Procedure, 1973 (2 of 1974), any police officer, not below the rank of a 95[Inspector], or any other officer of the Central Government or a State Government authorised by the Central Government in this behalf may enter any public place and search and arrest without warrant any person found therein who is reasonably suspected or having committed or of committing or of being about to commit any offence under this Act.
Explanation.-For the purposes of this sub-section, the expression "public place" includes any public conveyance, any hotel, any shop or any other place intended for use by, or accessible to the public.
(2) Where any person is arrested under sub-section (1) by an officer other than a police officer, such officer shall, without unnecessary delay, t
The provisions of this Act shall have effect notwithstanding anything inconsistent therewith contained in any other law for the time being in force.
96[Provided that nothing contained in this Act shall restrict any person from exercising any right conferred under the Copyright Act, 14 of 1957 or the Patents Act, 39 of 1970.]
_____________________________________
96. Inserted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 42 (w.e.f. 27-10- 2009).
97[S. 81A. Application of the Act to electronic cheque and truncated cheque.—
(1) The provisions of this Act, for the time being in force, shall apply to, or in relation to, electronic cheques and the truncated cheques subject to such modifications and amendments as may be necessary for carrying out the purposes of the Negotiable Instruments Act, 1881 (26 of 1881) by the Central Government, in consultation with the Reserve Bank of India, by notification in the Official Gazette.
(2) Every notification made by the Central Government under sub-section (1) shall be laid, as soon as may be after it is made, before each House of Parliament, while it is in session, for a total period of thirty days which may be comprised in one session or in two or more successive sessions, and if, before the expiry of the session immedi
Section 81 of the Information Technology Act, 2000 (IT Act) is a crucial provision that establishes the overriding effect of the Act over other laws in force. It underscores the primacy of the IT Act in regulating electronic activities and cyber offences, ensuring uniformity and clarity in legal proceedings related to electronic records and cybercrimes.
Section 81 states:"The provisions of this Act shall have effect notwithstanding anything inconsistent therewith contained in any other law for the time being in force."It emphasizes that the IT Act prevails over conflicting laws unless explicitly exempted or modified by the provisions of the Act itself.
Section 81 of the IT Act is a cornerstone provision that grants the Act a supreme position in the hierarchy of laws concerning electronic records, cyber offences, and digital transactions. Its overriding effect ensures that the cyber law regime remains coherent, effective, and adaptable to technological advances, safeguarding individual rights and promoting safe digital commerce. Courts have consistently recognized its importance, emphasizing that the IT Act’s provisions should be applied as the primary legal framework for cyber-related offences, with due regard for rights conferred under other laws.
S. 82. 1[Chairperson, Members, Officers and employees to be public servants].—
The 2[Chairperson, Members] and other officers and employees of a Cyber Appellate Tribunal, the Controller, the Deputy Controller and the Assistant Controllers shall be deemed to be public servants within the meaning of section 21 of the Indian Power to give direct on -Sec 3
______________________
1. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 43 for "Control- ler, Deputy Controller and Assistant Controller to be public servants" (w.e.f. 27-10-2009).
2. Substituted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 43 for "Presiding officer" (w.e.f. 27-10-2009).
The Central Government may give directions to any State Government as to the carrying into execution in the State of any of the provisions of this Act or of any rule, regulation or order made thereunder.
No suit, prosecution or other legal proceeding shall lie against the Central Government, the State Government, the Controller or any person acting on behalf of him, the Presiding Officer, adjudicating officers and the staff of the Cyber Appellate Tribunal for anything which is in good faith done or intended to be done in pursuance of this Act or any rule, regulation or order made thereunder.
3[S. 84A. Modes or methods for encryption.—
The Central Government may, for secure use of the electronic medium and for promotion of e-governance and ecommerce, prescribe the modes or methods for encryption.
__________________________
3. Inserted by Information Technology (Amendment) Act, 2008 (10 of 2009), s. 45 (w.e.f. 27-10- 2009).
Whoever abets any offence shall, if the act abetted is committed in consequence of the abetment, and no express provision is made by this Act for the punishment of such abetment, be punished with the punishment provided for the offence under this Act.
Explanation.-An act or offence is said to be committed in consequence of abetment, when it is committed in consequence of the instigation, or in pursuance of the conspiracy, or with the aid which constitutes the abetment.
Whoever attempts to commit an offence punishable by this Act or causes such an offence to be committed, and in such an attempt does any act towards the commission of the offence, shall, where no express provision is made for the punishment of such attempt, be punished with imprisonment of any description provided for the offence, for a term which may extend to one-half of the longest term of imprisonment provided for the offence, or with such fine as is provided for the offence, or with both.]
(1) Where a person committing a contravention of any of the provisions of this Act or of any rule, direction or order made thereunder is a company, every person who, at the time the contravention was committed, was in charge of, and was responsible to, the company for the conduct of business of the company as well as the company, shall be guilty of the contravention and shall be liable to be proceeded against and punished accordingly:
Provided that nothing contained in this sub-section shall render any such person liable to punishment if he proves that the contravention took place without his knowledge or that he exercised all due diligence to prevent such contravention.
(2) Notwithstanding anything contained in sub-section (1), where a contravention of any of the provisions of this Act or of any rule, direction or order made thereunder
(1) If any difficulty arises in giving effect to the provisions of this Act, the Central Government may, by order published in the Official Gazette, make such provisions not inconsistent with the provisions of this Act as appear to it to be necessary or expedient for removing the difficulty:
Provided that no order shall be made under this section after the expiry of a period of two years from the commencement of this Act.
(2) Every order made under this section shall be laid, as soon as may be after it is made, before each House of Parliament.
(1) The Central Government may, by notification in the Official Gazette, and in the Electronic Gazette make rules to carry out the provisions of this Act.
(2) In particular, and without prejudice to the generality of the foregoing power, such rules may provide for all or any of the following matters, namely:-
4[(a) the conditions for considering reliability of electronic signature or electronic authentication technique under sub-section (2) of section 3A;
(aa) the procedure for ascertaining electronic signature or authentication under sub-section (3) of section 3A;
(ab) the manner in which any information or matter may be authenticated by means of electronic signature under section 5;]
&nb
(1) The Central Government shall, as soon as may be after the commencement of this Act, constitute a Committee called the Cyber Regulations Advisory Committee.
(2) The Cyber Regulations Advisory Committee shall consist of a Chairperson and such number of other official and non-official members representing the interests principally affected or having special knowledge of the subject-matter as the Central Government may deem fit.
(3) The Cyber Regulations Advisory Committee shall advise-
(a) the Central Government either generally as regards any rules or for any other purpose connected with this Act;
(b) the Controller in framing the regulations under this Act.
(4) There shall be paid to the non-official m
(1) The Controller may, after consultation with the Cyber Regulations Advisory Committee and with the previous approval of the Central Government, by notification in the Official Gazette, make regulations consistent with this Act and the rules made there-under to carry out the purposes of this Act.
(2) In particular, and without prejudice to the generality of the foregoing power, such regulations may provide for all or any of the following matters, namely:-
(a) the particulars relating to maintenance of data-base containing the disclosure record of every Certifying Authority under clause 20[(n)] of section 18;
(b) the conditions and restrictions subject to which the Controller may recognise any foreign Certifying Authority under sub-section (1) of section 19;
&
(1) The State Government may, by notification in the Official Gazette, make rules to carry out the provisions of this Act.
(2) In particular, and without prejudice to the generality of the foregoing power, such rules may provide for all or any of the following matters, namely:-
(a) the electronic form in which filing, issue, grant receipt or payment shall be effected under sub-section (1) of section 6;
(b) for matters specified in sub-section (2) of section 6; (c) 21[* * *]
(3) Every rule made by the State Government under this section shall be laid, as soon as may be after it is made, before each House of the State Legislature where it consists of two Houses, or where such Legislature consists of one House, before that House.
&
23[FIRST SCHEDULE
[See sub-section (4) of section 1]
DOCUMENTS OR TRANSACTIONS TO WHICH THE ACT SHALL NOT APPLY
| Sl. No. | [See sub-section (1) of section 3A]
|
Elevate your legal practice with advanced AI-driven research and drafting solutions. Experience unmatched efficiency, precision, and security, tailored exclusively for legal professionals.