Address : Royal Greens Apartment, Sirsi Road, Jaipur
Address : Royal Greens Apartment, Sirsi Road, Jaipur
MENU

Ask Your Query

The Leading Provider of Online Consultation, Legal Services, Education and Training

Book a Service Counselling and ADR Complaints and FIRs Legal Aid Cross Border Services The Lex Academy

Information Technology Act

Legal Framework of the Information Technology Act in India

  • The Information Technology Act, 2000 (IT Act): This Act encompasses a range of provisions to regulate electronic commerce, E-governance, and the broader digital ecosystem. The Act also provides legal recognition to electronic records and digital signatures while ensuring the authenticity of digital transactions. This Act is specially designed to address various cybercrimes and prescribes punishments for offenses related to digital fraud and cybercrimes. 
  • Historical Context: During the late 1990s, India experienced significant growth in internet usage and online transactions, primarily driven by economic liberalization, the development of technological infrastructure, and the rise of e-commerce. However, there was no legislation to regulate issues like electronic contracts, digital signatures, and cybercrimes. Meanwhile, incidents of cybercrime also increased, including hacking, identity theft, phishing, and online betrayal. The IT Act addressed this apprehension by highlighting various forms of cybercrime and imposing penalties for offenders.
  • Applicability: It applies to the entire country. It gives legal recognition to electronic records and digital signatures, bearing online transactions and agreements. The legislation includes provisions to safeguard businesses and government entities handling sensitive information through cybersecurity, as well as provisions for establishing Appellate Tribunals to resolve disputes. Additionally, the Act applies to international borders if the crime affects any computer, computer system, or computer network located in India.
  • Key Provisions
    • Electronic Signatures: The IT Act provides legal validity to digital signatures, recognizing them as equivalent to handwritten signatures, as per section 5 of the Act. This provision is instrumental in promoting e-commerce and electronic transactions.
    • Electronic Records: The Act acknowledges the legitimacy of electronic records under section 4 of the Act, allowing digital documents to be used as evidence in legal proceedings. This has streamlined the documentation process, reduced paperwork, and enhanced efficiency.
    • Intermediary Liability: The Act defines the responsibilities of intermediaries, including internet service providers and social media platforms, under section 79(3) of the Act regarding user-generated content. 
    • Adjudicating Authorities and Appellate Tribunal: The Act provides for the establishment of specialized bodies to adjudicate disputes related to Certifying Authorities and the Subscribers. These bodies ensure a fair and swift resolution of digital conflicts. The Act also provides for the establishment of Appellate Tribunals, which deal with appeals arising from orders passed by the Adjudicating Authorities or the Controller. 

Significant Amendments

  • Amendment in 2008
    • It provides for the establishment of the Indian Computer Emergency Response Team, which is responsible for monitoring and addressing incidents of cyberattacks, as well as implementing cybersecurity measures. 
    • The amendment also includes provisions related to compensation for failure to protect data, such as the introduction of section 43A. In contrast, section 79 was introduced, according to which the liabilities of intermediaries are exempted in some instances.
    • Amendments made in section 69, and new sections 3(A), 6(A), 40(A), 70(A) and 70(B), 72(A), 84(A), 84(B), 84(C) were introduced.
    • New definitions under section 2 were introduced, namely
      • Section 2(1)(ha): Defines a communication device that includes cell phones, personal digital assistants, or a combination of both.
      • Section 2(1)(na): Defines a cyber café as a public establishment that offers internet services.
      • Section 2(1)(ta): Defines an Electronic signature as the authentication of an electronic record by a subscriber and consists of a digital signature.
    • Section 3A: Introduced the provision of authenticating any electronic record by electronic signature or an electronic authentication technique, which is considered a reliable electronic authentication technique.
    • Section 40A: It states the duties of the Subscriber of the Electronic Signature Certificate.
    • Section 46(1A): It states the jurisdiction of the Adjudicating Officer to adjudicate matters in which the claim for injury or damage does not exceed ₹ 5 crores. (The word injury is removed from the section in the 2023 amendment.)
    • Section 69: Section 69 empowered the Union and State Governments to intercept, monitor, or decrypt any information transmitted, received, or stored in any computer resource, if necessary, in the interest of the sovereignty and integrity of India, the security of the state, and public order.
  • Amendment in 2023
    • Section 45: Defines the residuary penalty under the Act, that is, the penalty for sections for which no specific penalty has been defined. The financial penalty has been increased to a maximum of ₹ 1 lakh, up from ₹ 25,000, and compensation will be provided to individuals affected by the contravention of the law.
      • If the contravention is committed by an intermediary, company, or body, the compensation is increased to ₹ 10 lakh.
      • If any other person contravenes, the amount is increased to ₹ 1 lakh; earlier, it was up to ₹ 25,000.
    • Section 66A: Contains a provision to punish offensive online speech. In Shreya Singhal v. Union of India (2015), the Supreme Court's landmark judgment declared section 66A unconstitutional and subsequently omitted it through an amendment in 2023.
    • Section 67C(2): Failure to preserve and retain information in the manner, for the duration, and in the format prescribed by the Central Government by intermediaries will now attract a financial penalty of up to ₹ 25 lakh. Earlier, this attracted imprisonment of up to 3 years and a fine.
    • Section 68(2): On non-compliance with the Controller’s orders knowingly or intentionally, any certifying authority or its employee to ensure compliance with the provisions of the IT Act may now attract a penalty of up to ₹ 25 lakh. Earlier, the penalty included imprisonment for up to 2 years, a fine of up to ₹ 1 lakh, or both.
    • Section 70B(7): Enhances the penalty to ₹ 1 crore for non-compliance with the directions of the Indian Computer Emergency Response Team by service providers, intermediaries, and data centers.
    • Section 72A: States the punishment for disclosure of personal information obtained under a lawful contract without the consent of the concerned person, which is a fine of up to ₹ 25 lakh. Earlier, this carried a prison term of up to five years, a fine of up to ₹ 1 lakh, or both.
    • The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021: The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021: The Ministry of Electronics and Information Technology notified the IT Rules 2021, which notably expanded the regulatory landscape for social media, online gaming, digital media, and OTT platforms. The amendment mandates the intermediaries to perform due diligence by designating Compliance Officers who respond to complaints within specified deadlines. However, since the introduction of the Rules, it facilitated the traceability of messages to identify the first originator, and OTT platforms have been compelled to self-classify their content and adhere to a code of ethics.  

Violation of the IT Act

  • Cybercrime: Section 66 of the Act outlines penalties for damage to a computer or computer system, including unauthorized access, transmitting viruses, destroying or deleting information, etc, which may result in imprisonment for up to 3 years, a fine of up to ₹ 5 lakhs, or both. 
  • Obscene Content: Section 67 of the Act deals with the publication or transmission of obscene material electronically, which may result in imprisonment of up to 3 years and a fine of up to ₹ 5 lakh, and for subsequent conduct, imprisonment for up to 5 years and a fine of up to ₹ 10 Lakh.
  • Government Directions: Section 69 of the Act empowers the government to issue directions for the interception, monitoring, or decryption of information for reasons such as national security, public order, and the safeguarding of the public against crimes. Non-compliance with such directions shall result in a penalty of up to 7 years of imprisonment and a fine.
  • Due Diligence: Negotiators, such as those involved in social media platforms and internet services, should serve as unbiased entities while also adhering to due diligence requirements related to the detection and removal of illegal content. If a negotiator fails or neglects to act against unlawful content or does not comply due to a lack of diligence, it may result in criminal liability. Section 79 of the Act addresses the liabilities of intermediaries.
  • Cybersecurity: Institutions that handle critical information infrastructure or sensitive personal data are required to implement cybersecurity protocols. Violating or failing to meet these standards jeopardizes national security and may result in imprisonment, a fine, or both. Sections 70 and 70B deal with such offenses.
  • Unauthorized Access: Unauthorized access to computer systems or identity theft is punishable under the IT Act. Section 66C of the Act addresses identity theft, carrying a punishment of up to 3 years of imprisonment and a fine of up to ₹ 1 lakh. Section 66D of the Act deals with cheating by personation, and the punishment includes a term of up to 3 years and a fine of ₹ 1 lakh.
  • Confidentiality and Privacy: The unauthorized disclosure of personal information without the individual's consent or beyond the limits of sanctioning constitutes a violation of privacy. The punishment may include fines of up to ₹ 5 lakhs for persons or organizations found guilty of violating privacy under section 72 of the Act.
  • Act of Companies: If a company violates any part of the IT Act, the directors, managers, and other liable persons might face personal liability. This may involve imprisonment and fines, depending on the specific offense. Section 85 defines the offenses by Companies. 

Procedure for Complaint 

  • Type of Offense: To begin, it is important to identify the exact breach or circumstance of non-compliance as specified in the IT Act. Evaluating the type of offense will help determine where the case should be filed, even if it involves cybercrime, data protection, contractual disputes, or cybersecurity offenses.
  • Appropriate Forum
    • Cyber Cell: If the case involves a cybercrime, such as hacking, data theft, or fraud, one must first submit a complaint to the Cyber Cell, a specialized unit within the Police that investigates cybercrimes. Such police officials are trained to investigate cyber offenses and initiate an investigation once the information is received. You can report the matter to the Cyber Cell or the local police if it involves a cybercrime.
    • Adjudicating Officer or Controller: In the event of non-compliance with the provisions specified to carry on business or other such activities as outlined in the Act, or any other violation that requires the intervention of the Adjudicating Officer or the Controller, written submission of the grievance along with the details of non-compliance, breach, or violation can be submitted for resolution of the matter below ₹ 5 crore. The competent court will handle matters involving damages exceeding ₹ 5 crore.
    • Appellate Tribunal: The Appellate Tribunal is authorized to hear appeals and resolve disputes primarily concerning orders issued by the Adjudicating Officer or Controller. 

How Can Seasoned Advocates Help You? 

  • Legal Advice: Experts possess deep knowledge of the laws and their application to particular instances and are well acquainted with important legal judgments, including interpretations made by the courts concerning diverse sections of the Act, enabling them to advise you. Guide you in understanding how your data is protected under the Act, and how you can take lawful action if any of the terms are breached. If an individual’s circumstances involve data violations, privacy infractions, or failure to comply with data protection laws, experts may assist in filing for compensation under the Act.
  • Legal Assistance: Guides and compliance advice, helping you comply with the IT Act by offering advice on data protection best practices, cybersecurity measures, and electronic contracts. Helps with drafting by addressing all necessary regulatory requirements, particularly in online businesses or service providers. Ensures that the institutions or entities meet all the legal requirements of the Act. Intermediaries, such as social media platforms and internet service providers (ISPs), may face legal challenges under the Act if they are unable to fulfill their liabilities. In such an event, experts provide them with assistance on how to meet due diligence standards under section 79 of the Act.  
  • Case Filing: Helps identify the correct forum for filing a complaint or lawsuit, whether it be the Cyber Cell, the Adjudicating Authority, or the Appellate Tribunal. Ensures that the case is lodged with the appropriate authority and that the correct legal procedures are followed up.
  • Representation Before Court: Represents clients in court, presenting their case and evidence. Cases of cyber crimes often involve technical aspects, such as digital evidence or cyber forensic analysis. Deals with and presents or counters such evidence. Collaborates with specialists like cybersecurity professionals or forensic experts to gather, examine, and present the mandatory technical evidence. Conduct a court examination of witnesses and ensure that the case is conveyed swiftly. 
  • Appeal: Appeal can be done if applicable; if the decision or order is not in your favor, you have the option to appeal to the Appellate Tribunal or a higher court. Regarding the IT Act, the period for filing an appeal is 45 days (as per section 57) from the date of the adjudicating officer's order. Filing an Appeal to the High Court from the order of the appellate tribunal is within 60 days (section 62).

Conclusion 

The Information Technology Act of 2000 is a comprehensive legislation in India that establishes a legal framework for electronic transactions, verifies the validity of digital agreements, and outlines penalties for offenses such as hacking, identity theft, and cybercrimes. The Act also addresses the protection of sensitive personal information and requires organizations to implement security measures to prevent data breaches. Although it has made notable progress in regulating the internet and e-commerce, it continues to adapt to address new technological matters and ensure a secure digital environment. To know more, contact us.

For Clients

For Lawyers

Academy

X

Share it

Areas of Practice

  • Head Office: Royal Greens Apartment, Sirsi Road, Jaipur
  • Phone: +91-9509766567
  • Email: lex@lexpartem.com

Quick Links

Useful Links

Disclaimer

This website serves solely as a directory and should not be interpreted as any form of promotion or advertising. Visitors to this site will find specific information that is not actively promoted. The content herein does not imply an offer or an attempt to provide services to potential clients. We do not intend to solicit or offer legal services, as per regulated by the Bar Council of India. Any disputes related to this website will be subject to the exclusive jurisdiction of the courts in Jaipur, India. The website owner does not aim to represent individuals seeking legal representation solely based on their visit to this website. This platform is not intended as an advertising medium or solicitation, and its content should not be construed as legal advice. Readers are advised against considering this information as an invitation to establish a lawyer-client relationship. We prioritize confidentiality, trust, and service. Furthermore, we do not assume responsibility for any unsatisfactory services provided by associates connected with us who are not our official members. We disclaim liability in the event of any third party impersonating us and engaging in deceptive activities. All payments are to be made exclusively through the official payment gateway. We disclaim responsibility if any other channel is utilized for payments.

© 2024-2025. All rights reserved. Made With ❤️ By xLab