Information Technology Act, 2000

Information Technology Act, 2000
An Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.
Citation Act No 21 of 2000
Enacted by Parliament of India
Date enacted 9 June 2000
Date assented to 9 June 2000
Date signed 9 May 2000
Date commenced 17 October 2000
Status: In force

The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) is an Act of the Indian Parliament (No 21 of 2000) notified on 17 October 2000. It is the primary law in India dealing with cybercrime and electronic commerce. It is based on the United Nations Model Law on Electronic Commerce 1996 (UNCITRAL Model) recommended by the General Assembly of United Nations by a resolution dated 30 January 1997.[1]


The bill was passed in the budget session of 2000 and signed by President K. R. Narayanan on 9 May 2000. The bill was finalised by group of officials headed by then Minister of Information Technology Pramod Mahajan.[2]


The original Act contained 94 sections, divided in 13 chapters and 4 schedules. The laws apply to the whole of India. Persons of other nationalities can also be indicted under the law, if the crime involves a computer or network located in India.[3]

The Act provides legal framework for electronic governance by giving recognition to electronic records and digital signatures. The formations of Controller of Certifying Authorities was directed by the Act, to regulation issuing of digital signatures. It also defined cyber crimes and prescribed penalties for them. It also established a Cyber Appellate Tribunal to resolve disputes rising from this new law.[3] The Act also amended various sections of Indian Penal Code, 1860, Indian Evidence Act, 1872, Banker's Book Evidence Act, 1891, and Reserve Bank of India Act, 1934 to make them compliant with new technologies.[3]


A major amendment was made in 2008. It introduced the Section 66A which penalized sending of "offensive messages". It also introduced the Section 69, which gave authorities the power of "interception or monitoring or decryption of any information through any computer resource". It also introduced penalties for child porn, cyber terrorism and voyeurism. It was passed on 22 December 2008 without any debate in Lok Sabha. The next day it was passed by the Rajya Sabha. It was signed by the then President (Pratibha Patil) on 5 February 2009.[4][5][6][7]


List of offences and the corresponding penalties:[8][9][10]

Section Offence Description Penalty
65 Tampering with computer source documents If a person knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force. Imprisonment up to three years, or/and with fine up to 200,000
66 Hacking with computer system If a person with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means, commits hack. Imprisonment up to three years, or/and with fine up to 500,000
66B Receiving stolen computer or communication device A person receives or retains a computer resource or communication device which is known to be stolen or the person has reason to believe is stolen. Imprisonment up to three years, or/and with fine up to 100,000
66C Using password of another person A person fradulently uses the password, digital signature or other unique identification of another person. Imprisonment up to three years, or/and with fine up to 100,000
66D Cheating using computer resource If a person cheats someone using a computer resource or communication. Imprisonment up to three years, or/and with fine up to 100,000
66E Publishing private images of others If a person captures, transmits or publishes images of a person's private parts without his/her consent or knowledge. Imprisonment up to three years, or/and with fine up to 200,000
66F Acts of cyberterrorism If a person denies access to an authorised personnel to a computer resource, accesses a protected system or introduces contaminant into a system, with the intention of threatening the unity, integrity, sovereignty or security of India, then he commits cyberterrorism. Imprisonment up to life.
67 Publishing information which is obscene in electronic form. If a person publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it. Imprisonment up to five years, or/and with fine up to 1,000,000
67A Publishing images containing sexual acts If a person publishes or transmits images containing a sexual explicit act or conduct. Imprisonment up to seven years, or/and with fine up to 1,000,000
67B Publishing child porn or predating children online If a person captures, publishes or transmits images of a child in a sexually explicit act or conduct. If a person induces a child into a sexual act. A child is defined as anyone under 18. Imprisonment up to five years, or/and with fine up to 1,000,000 on first conviction. Imprisonment up to seven years, or/and with fine up to 1,000,000 on second conviction.
67C Failure to maintain records Persons deemed as intermediatary (such as an ISP) must maintain required records for stipulated time. Failure is an offence. Imprisonment up to three years, or/and with fine.
68 Failure/refusal to comply with orders The Controller may, by order, direct a Certifying Authority or any employee of such Authority to take such measures or cease carrying on such activities as specified in the order if those are necessary to ensure compliance with the provisions of this Act, rules or any regulations made thereunder. Any person who fails to comply with any such order shall be guilty of an offence. Imprisonment up to three years, or/and with fine up to 200,000
69 Failure/refusal to decrypt data If the Controller is satisfied that it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, the security of the State, friendly relations with foreign Stales or public order or for preventing incitement to the commission of any cognizable offence, for reasons to be recorded in writing, by order, direct any agency of the Government to intercept any information transmitted through any computer resource. The subscriber or any person in charge of the computer resource shall, when called upon by any agency which has been directed, must extend all facilities and technical assistance to decrypt the information. The subscriber or any person who fails to assist the agency referred is deemed to have committed a crime. Imprisonment up to seven years and possible fine.
70 Securing access or attempting to secure access to a protected system The appropriate Government may, by notification in the Official Gazette, declare that any computer, computer system or computer network to be a protected system.

The appropriate Government may, by order in writing, authorise the persons who are authorised to access protected systems. If a person who secures access or attempts to secure access to a protected system, then he is committing an offence.

Imprisonment up to ten years, or/and with fine.
71 Misrepresentation If anyone makes any misrepresentation to, or suppresses any material fact from, the Controller or the Certifying Authority for obtaining any license or Digital Signature Certificate. Imprisonment up to three years, or/and with fine up to 100,000

Notable cases

Section 66

Section 66A


Section 66A and restriction of free speech

From its establishment as an amendment to the original act in 2008, Section 66A attracted controversy over its unconstitutional nature:

Section Offence Description Penalty
66A Publishing offensive, false or threatening information Any person who sends by any means of a computer resource any information that is grossly offensive or has a menacing character; or any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult shall be punishable with imprisonment for a term which may extend to three years and with fine. Imprisonment up to three years, with fine.

Resolution for amendment

In December 2012, P Rajeev, a Rajya Sabha member from Kerala, tried to pass a resolution seeking to amend the Section 66A. He was supported by D. Bandyopadhyay, Gyan Prakash Pilania, Basavaraj Patil Sedam, Narendra Kumar Kashyap, Rama Chandra Khuntia and Baishnab Charan Parida. P Rajeev pointed that cartoons and editorials allowed in traditional media, were being censored in the new media. He also said that law was barely debated before being passed in December 2008.[23]

Rajeev Chandrasekhar suggested the 66A should only apply to person to person communication pointing to a similar section under the Indian Post Office Act, 1898. Shantaram Naik opposed any changes, saying that the misuse of law was sufficient to warrant changes. Then Minister for Communications and Information Technology Kapil Sibal defended the existing law, saying that similar laws existed in US and UK. He also said that a similar provision existed under Indian Post Office Act, 1898. However, P Rajeev said that the UK dealt only with communication from person to person.[23]

Petitions challenging constitutionality

In November 2012, IPS officer Amitabh Thakur and his wife social activist Nutan Thakur, filed a petition in the Lucknow bench of the Allahabad High Court claiming that the Section 66A violated the freedom of speech guaranteed in the Article 19(1)(a) of the Constitution of India. They said that the section was vague and frequently misused.[24]

Also in November 2012, a Delhi-based law student, Shreya Singhal, filed a Public Interest Litigation (PIL) in the Supreme Court of India. She argued that the Section 66A was vaguely phrased, as result it violated Article 14, 19 (1)(a) and Article 21 of the Constitution. The PIL was accepted on 29 November 2012.[25][26] A similar petition was also filed by the founder of, Faisal Farooqui,[27] and NGO Common Cause represented by Prashant Bhushan[28] In August 2014, the Supreme Court asked the central government to respond to petitions filed by and later petition filed by the Internet and Mobile Association of India (IAMAI) which claimed that the IT Act gave the government power to arbitrarily remove user-generated content.[29]

Revocation by the Supreme Court

On 24 March 2015, the Supreme Court of India, gave the verdict that Section 66A is unconstitutional in the Shreya Singhal v. Union of India case. It however rejected the plea to strike down Sections 69A and 79. The Court said that the offences defined under the law were "open-ended, undefined and vague" and that "public's right to know" is directly affected by it.[30][31]

Strict data privacy rules

The data privacy rules introduced in the Act in 2011 have been described as too strict by some Indian and US firms. The rules require firms to obtain written permission from customers before collecting and using their personal data. This has affected US firms which outsource to Indian companies. However, some companies have welcomed the strict rules, saying it will remove fears of outsourcing to Indian companies.[32]

Mandatory decryption

The Section 69 allows intercept any information and ask for information decryption. To refuse decryption is an offence. The Indian Telegraph Act, 1885 allows the government to tap phones. But, according to a 1996 Supreme Court verdict the government can tap phones only in case of a "public emergency". But, there is no such restriction on Section 69.[5]

Future changes

On 2 April 2015, the Chief Minister of Maharashtra, Devendra Fadnavis revealed to the state assembly that a new law was being framed to replace the repealed Section 66A. Fadnavis was replying to a query Shiv Sena leader Neelam Gorhe. Gorhe had said that repeal of the law would encourage online miscreants and asked whether the state government would frame a law to this regard. Fadnavis said that the previous law had resulted in no convictions, so the law would be framed such that it would be strong and result in convictions.[33]

On 13 April 2015, it announced that the Ministry of Home Affairs would form a committee of officials from the Intelligence Bureau, Central Bureau of Investigation, National Investigation Agency, Delhi Police and ministry itself to produce a new legal framework. This step was reportedly taken after complaints from intelligence agencies that, they were no longer able to counter online posts that involved national security matter or incite people to commit an offence, such as online recruitment for ISIS.[34][35] Former Minister of State with the Ministry of Information Technology, Milind Deora has supported a new "unambiguous section to replace 66A".[36]

See also


  1. B.M.Gandhi. Indian Penal Code. India: Eastern Book Company. p. 41. ISBN 9788170128922.
  2. "IT Act to come into force from Aug 15". Rediff. 9 August 2000. Retrieved 14 April 2015.
  3. 1 2 3 Sujata Pawar; Yogesh Kolekar (23 March 2015). Essentials of Information Technology Law. Notion Press. pp. 296–306. ISBN 978-93-84878-57-3. Retrieved 14 April 2015.
  4. "Section 66A of the Information Technology Act". Centre for Internet and Society (India). Retrieved 14 April 2015.
  5. 1 2 "Yes, snooping's allowed". The Indian Express. 6 February 2009. Retrieved 14 April 2015.
  6. "Deaf, Dumb & Dangerous - 21 Minutes: That was the time our MPs spent on Section 66A. How they played". The Telegraph (India). 26 March 2015. Retrieved 6 May 2015.
  7. "Amended IT Act to prevent cyber crime comes into effect". The Hindu. 27 October 2015. Retrieved 8 May 2015.
  8. "The Information Technology (Amendment) Act, 2008" (PDF). Department of Electronics and Information Technology. Retrieved 8 May 2015.
  9. "Information Technology Act, 2000" (PDF). Department of Electronics and Information Technology. Retrieved 8 May 2015.
  10. Chapter 11: Offences
  11. "Cyber crime that wasn't?". Rediff. 19 February 2001. Retrieved 14 April 2015.
  12. "'If Speaking The Truth Is Sedition, Then I Am Guilty'". Outlook India. 10 September 2010. Retrieved 14 April 2015.
  13. "Indian cartoonist Aseem Trivedi jailed after arrest on sedition charges". The Guardian. 10 September 2010. Retrieved 14 April 2015.
  14. Section 66A: Punishment for sending offensive messages through communication service, etc.
  15. "Professor arrested for poking fun at Mamata". Hindustan Times. 14 April 2012. Retrieved 14 April 2015.
  16. "Cartoon a conspiracy, prof an offender: Mamata". Hindustan Times. 13 April 2012. Retrieved 14 April 2015.
  17. "Arrest over tweet against Chidambaram's son propels 'mango man' Ravi Srinivasan into limelight". India Today. 2 November 2012. Retrieved 14 April 2015.
  18. "Mumbai shuts down due to fear, not respect". The Hindu. 19 November 2012. Retrieved 23 April 2015.
  19. "FB post: 10 Sainiks arrested for hospital attack". The Hindu. 20 November 2012. Retrieved 23 April 2015.
  20. "Facebook row: Court scraps charges against Palghar girls". The Hindu. 31 January 2013. Retrieved 23 April 2015.
  21. "Teen arrested for Facebook post attributed to Azam Khan gets bail". The Times of India. 19 March 2015. Retrieved 6 May 2015.
  22. "UP tells SC that prosecution on boy for post against Azam Khan will continue". The Indian Express. 24 April 2015. Retrieved 6 May 2015.
  23. 1 2 "Section 66A of IT Act undemocratic: RS MPs". The Times of India. 15 December 2012. Retrieved 6 May 2015.
  24. "After Mumbai FB case, writ filed in Lucknow to declare section 66A, IT Act 2000 as ultra-vires". The Times of India. 21 November 2012. Retrieved 14 April 2015.
  25. "SC accepts PIL challenging Section 66A of IT Act". The Times of India. 29 November 2012. Retrieved 23 April 2015.
  26. "Shreya Singhal: The student who took on India's internet laws". BBC News. 24 March 2015. Retrieved 6 May 2015.
  27. "'Heavens Won't Fall' if Controversial Parts of IT Act are Stayed, Says Supreme Court". NDTV. 4 December 2014. Retrieved 6 May 2015.
  29. "SC seeks govt reply on PIL challenging powers of IT Act". Live Mint. 30 August 2015. Retrieved 6 May 2015.
  30. "SC strikes down 'draconian' Section 66A". The Hindu. 25 March 2015. Retrieved 23 April 2015.
  31. "SC quashes Section 66A of IT Act: Key points of court verdict". The Times of India. 24 March 2015. Retrieved 6 May 2015.
  32. "India data privacy rules may be too strict for some U.S. companies". The Washington Post. 21 May 2011. Retrieved 23 April 2015.
  33. "Centre working on new law similar to Section 66A: Devendra Fadnavis". The Times of India. 2 April 2015. Retrieved 6 May 2015.
  34. "Section 66A of the IT Act likely to be back in softer avatar". The Economic Times. 14 April 2015. Retrieved 6 May 2015.
  35. "New panel to work on Section 66A alternative". Hindustan Times. 14 April 2015. Retrieved 6 May 2015.
  36. "Former IT minister Milind Deora: Why we need a new Section 66A". Rediff. 2 April 2015. Retrieved 6 May 2015.

Further reading

External links

This article is issued from Wikipedia - version of the 11/2/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.