it act 2000 case study

Search bar.

Legal Queries
Files
Online Law Courses
Lawyers Search
Legal Dictionary
The Indian Penal Code
Juvenile Justice
Negotiable Instruments
Commercial Courts Act
The 3 New Criminal Laws
Matrimonial Laws
Data Privacy
Court Fees Act
Commercial Law
Criminal Law
Procedural Law
The Constitutional Expert
Matrimonial
Writs and PILs
CrPC Certification Course
Criminal Manual
Execution U/O 21
Transfer of Property
Domestic Violence
Muslim Laws
Indian Constitution
Arbitration
Matrimonial-Criminal Law
Indian Evidence Act
Live Classes
Writs and PIL

Share on Facebook

Share on Twitter

Share on LinkedIn

Share on Email

Supinder Singh

Important Cases On Information Technology Act, 2000

Key Takeaways

Primarily, Information Technology Act, 2000 provides the basic legal framework for electronic transactions in India. Along with this Act, various rules notified under this Act play a significant role in regulating the digital space.
The rights of copyright owners cannot be restricted by Section 79 of the IT Act, 2000. So, intermediaries who infringe copyrights of anyone cannot seek protection under this section.
Banyan Tree case Judgment is a Landmark for determining the jurisdiction of the court,where neither party to a suit, claiming online copyright infringement, resides within the territorial jurisdiction of such court.
Union Government notified Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. But these Rules have been challenged by various organizations as being violative of Fundamental Rights.

Introduction

Information Technology Act, 2000 (hereinafter referred to as “IT Act) was enacted in India to provide legal recognition to transactions carried out through electronic mediums, and to facilitate the electronic filing of documents with the Government Agencies. It was enacted after the General Assembly of the United Nations adopted the ‘Model Law on Electronic Commerce’ through a resolution. This Act was largely based on the Model Law that was adopted by the UN.In this article, I will discuss some Important Case Laws inIT Act, of 2000.

Important Case Laws on Information Technology Act, 2000

1. state of tamil nadu v. dr. l prakash (w.p.m.p.no. 10120 of 2002).

In this case, an FIR was registered against Dr. L Prakash under Section 67 of the IT Act, 2000 read with Section 4 & 6 of the Indecent Representation of Women Act, Section 27 of the Arms Act, and Sections 120B & 506 (2) of the IPC. The said case was registered as Dr. L Prakash was accused of making pornographic videos and then sending those to the US & France for publication on pornographic websites.

The Fast Track Court convicted the accused under the aforesaid provisions and sentenced him to undergo imprisonment for life. A fine of Rs. 1.27 lakh was also imposed on him.

This case is a landmark in the Cyber Crime Law as it was the first time that pornographic websites and their brokers were targeted in India.

2. Amar Singh v. Union of India [(2011) 4 AWC 3726 SC]

In this case, the petitioner had alleged that his calls were being tapped unauthorizedly by his telecom service provider. He had claimed that the alleged tapping was violating his fundamental right to privacy under Article 21 of the Constitution of India. The service provider had argued that it was complying with the government orders. This case is important in the context of Sections 69, 69A, and 69B of the IT Act, 2000.

The court observed that a telecom service provider performs a function of public nature. It is his inherent duty to act carefully and in a responsible manner. Furthermore, it was observed that when the orders of the government ‘to tap calls’ have gross mistakes, then the service provider must verify the authenticity of such orders. The court also directed the Central Government to frame certain directions/guidelines to prevent unauthorized interception of calls.

3. Nirmaljit Singh Narula v. Indijobs at Hubpages.Com [CS (OS) 871 / 2012]

This case relates to an alleged defamatory article published by Defendant against the Petitioner (popularly known as ‘Nirmal Baba’). It is an important case in the context of Section 79 of the IT Act, 2000 since the petitioner had sent a legal notice to the intermediary, on whose website the ‘defamatory’ article was published. The intermediary refused to remove the ‘defamatory’ article, so the instant case was filed.

The court held that an intermediary is obliged to remove unlawful content from its website if it receives a notice from the affected party, claiming that any illegal content is being circulated through the intermediary’s service. An intermediary is not liable for 3rd party content if it removes such content upon receiving notice.

In this case, an injunction was issued against Defendant barring it from publishing any further defamatory content against the Petitioner, and the intermediary was ordered to produce the IP log of the 3rd party user who had published the ‘defamatory’ article.

4. Vyakti Vikas Kendra, India Public v. Jitender Bagga [CS (OS) No. 1340 / 2012]

It was also a case of online defamation . In this case, it was alleged that the defendants had published online some defamatory material against ‘Shri Ravi Shanker, owner of Art of Living Foundation’. The Petitioners had prayed for damages along with a mandatory & permanent injunction against the Defendants.

The Court observed that an intermediary is bound to comply with Information Technology (Intermediaries Guidelines) Rules, 2011. These rules require that an intermediary must not allowthe publication of any defamatory or libelous information on its platform. So, in this case, the court passed an interim order in the favor of the petitioner.

5. Super Cassettes Industries Ltd. v. Myspace Inc. [CS (OS) No. 2682/2008]

The plaintiff approached the court as Defendant was allegedly infringing the copyright of the plaintiff. The plaintiff alleged that the defendant’s website generates revenue by making available infringing copies of copyrighted media to the public. It was also contended that the defendant encourages the users to share such type of content with the public.

One of the primary issues between the parties was – Whether the acts of the defendant as an intermediatory are protected under the provisions of Section 79 of the IT Act, 2000.

The court observed that the rights of copyright owners cannot be restricted by Section 79 of the IT Act, 2000. The aforesaid Section does not save the defendants from liability in case of infringing acts due to the proviso of Section 81 of the IT Act.

6. Banyan Tree v. A. Murali Krishna Reddy & Anr, [2010 (42) PTC 361 (Del)]

In this case, the plaintiff had filed a suit claiming that the defendant was passing off its word mark ‘Banyan Tree’ through its online website. In this case, neither the plaintiff nor the Defendant was located within the local limits of Territorial Jurisdiction of the court (before which the suit was brought).

So, the court had to decide on the question that in what circumstances does the hosting of a universally accessible website by the Defendants gives jurisdiction to the forum court, if the Plaintiff is not carrying on business within the territorial jurisdiction of the forum court.

The court answered that for the purposes of a passing-off action, the plaintiff will have to show that the defendant has “purposefully availed” itself of the jurisdiction of the forum court.Further, it will have to be proved by the plaintiff that Defendant operated the website to conclude a commercial transaction with the website users. The plaintiff will also have to show that the operation of such a website resulted in injury to the Plaintiff in the forum state.

7. Writs challenging the validity of Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021

In 2021, the Union Government notified these rules by using its power under Section 87 of the IT Act, 2000. These rules supersede the Information Technology (Intermediaries Guidelines) Rules, 2011. With these rules, the Government seeks to regulate the Social Media intermediaries, the Digital news media, and the online streaming platforms.

These rules provide that the social media intermediaries need to follow an internal grievance redressal mechanism. These intermediaries are also required to share the information of the person, who originated an objectionable message in cases of serious offences, with the Government.

The rules provide that the Intermediaries who do not comply with the rules will lose the immunity available to them under Section 79 of the IT Act. Furthermore, the rules require the Digital News Media to follow a code of ethics and also set up an Internal grievance redressal system.

These rules have been challenged by various organizations including WhatsApp, The Quint, LiveLaw, and Foundation for Independent Journalists. The decisions in these cases will determine the further course of the jurisprudence in the field of Information Technology in India.

8. Shreya Singhal v. Union of India [AIR 2015 SC 1523]

In this case, the constitutionality of Section 66A of the IT Act, 2000 was challenged. The petitioner contended that this section infringes their fundamental right to freedom of speech and expression. It was submitted that the restrictions imposed by the said section are not even saved or allowed by Article 19 (2) of the Constitution. Another primary contention put forward by the petitioner was that the said section suffers from the vice of vagueness because the terms used in the Section cannot be defined. So, that creates a wide scope for arbitrary and whimsical action by the State against a large number of innocent persons.It was also argued that the said Section violates the Right to Equality provided by Article 14 since the Section unreasonably differentiates between the people who use the internet and the people who use other mediums of communication.

Respondent, on the other hand, argued that the legislature is in the best position to understand the needs of the people. So, the court must not interfere in the legislative process until there is a clear violation of rights provided under Part III of the Constitution of India. It was submitted that the presumption is also in the favor of the constitutionality of a statute and that the mere possibility of abuse of a particular provision of a statute cannot be a valid ground to declare it invalid.

After hearing detailed arguments from both sides, the Hon’ble Supreme Court struck down Section 66A of the IT Act, 2000 in its entirety as being violative of Article 19 (1) (A). It is observed that the said Section is not saved under Article 19 (2).However, the court upheld the constitutional validity of Sections 69A and 79 of the IT Act, 2000 along with the IT (Procedure & Safeguards for Blocking for Access of Information by Public) Rules, 2009.

9. M/s Gujarat Petrosynthese Ltd &Anr.v. Union of India [2014 (1) Kar L J 121]

This case relates to a writ petition filed by the petitioner praying the court to issue a writ of mandamus directing the appointment of Chairperson to the Cyber Appellate Tribunal (CAT) by the Central Government. The petitioners submitted that due to the absence of the CAT Chairperson, their appeal was not being heard.They, further, submitted that the Government of India hadfailed to take necessary action to make the Cyber Appellate Tribunal operational.By relying on Section 49 of the IT Act, 2000, it was argued that the process of appointment of CAT chairperson must be initiated by the Central Government.

The counsel appearing for the Respondent submitted that the Government would take all the necessary actions for filling up the post of the Chairperson of the Cyber Appellate Tribunal within 6 months from the day of the submission. After hearing the parties, the Karnataka High Court observed that no direction needed to be issued, but it remarked that considering the delay of more than 2 years, the respondent must appoint the CAT Chairperson with a “sense of urgency”.

10. CBI v. Arif Azim (Sony Sambandh case) [(2008) 150 DLT 769]

In this case, the accused had stolen the credit card details of Barbara Campa. He then used that stolen card to purchase products from a website (sony-sambandh.com) owned by Sony India Private Limited. When the transaction was disputed by Barbara, the credit card company informed Sony about the same. So, Sony reportedthe case of Internet Fraud and Cheating to the CBI. CBI, on its part, initiated an investigation u/s 418, 419, and 420 of the IPC. The Court convicted the accused under the said Sections for the offence of cyber fraud. This case particularly relates to Section 66C of the IT Act, 2000, which covers the dishonest & fraudulent usage of electronic passwords, signatures,and other unique identification features of any person (Identity Theft).

11. State of Tamil Nadu v. Suhas Katti [CC No. 4680 of 2004]

In this case, a complaint was filed by the victim u/s 67 of the IT Act and Section 469 & 509 of the IPC, 1860. It was alleged that the accused posted obscene messages related to the victim in various groups with the intention to harass the woman. He also shared her phone number and created a fake account in her name to cause disrepute to her. The court convicted the accused under the aforementioned Sections. This case is a landmark since it inspired people around the country to come forward and file cases related to harassment on the Internet.

12. SMC Pneumatics (India) Pvt Ltd v.Jogesh Kwatra [CM APPL No. 33474 of 2016]

In this case, the defendant was an ex-employee of the plaintiff company. It was alleged that the defendant was sending defamatory, obscene, derogatory, and abusive emails to Plaintiff. The plaintiff submitted that the emails were intended to cause disrepute to its Managing Director. The accused was identified to be the sender of the emails after an investigation by a private computer expert. So, a suit seeking a perpetual injunction against the defendant was filed in the court.However, the said suit was dismissed by the court citing the lack of electronic evidence, linking the derogatory emails with the defendants.

13. Avnish Bajaj v. State (NCT) of Delhi [(2008) 150 DLT 769]

This petition was filed under Section 482, CrPC for getting annulled the criminal prosecution initiated against the Managing Director of a Company/Website (baazee.com) under Section 292 of the IPC and Section 67 of the IT Act, 2000. The Website provided an online marketplace for buyers and sellers to interact.The Petitioner argued that since the Website Company was not made an accused in the case, the petitioner could not be made liable with the aid of Section 85, IT Act. The respondent-State, on the other hand, argued that since the petitioner failed to ensure an adequate filter on its website for filtering obscene content, so, he cannot escape legal consequences. It was also submitted that the crime is grievous and must not go unpunished based on some technicalities.

The court observed that the IPC does not recognize the concept of an automatic criminal liability attaching to the director where the company is an accused. So, the petitioner was discharged from offences under the IPC. However, regarding the liability of the petitioner under Section 67 of the IT Act, the court observed that the law recognizes the deemed criminal liability of the directors even if the company is not arraigned as an accused in a case. So, it was held that the prosecution of the petitioner under Section 67 read with Section 85, IT Act will continue.

14. Christian Louboutin SAS v. Nakul Bajaj &Ors [(2018) 253 DLT 728]

One of the primary issues before the court, in this case, was whether Defendant was protected u/s 79 of the IT Actto use thePlaintiff’s trademark, images, and logos. The court observed that Defendant’s website (Darveys.com) exercised complete control over the products it sold and its role is much more than that of just an intermediary. To enjoy immunity u/s 79 of the IT Act, e-commerce websites must operate with care & caution. The basic thumb rule to claim exemption u/s 79 of the IT Act, is to ensure that the entity does not actively participate in the selling process.

15. Nasscom v. Ajay Sood & Ors. [119 (2005) DLT 596]

This is a case of Cheating by personation by using a computer resource under Section 66D, IT Act, 2000. In this case, the petitioner had prayed for a permanent injunction against the defendant, restraining him from sending “fraudulent Emails” under the trademark ‘NASSCOM” belonging to the petitioner. It was alleged that the defendants were posing as NASSCOM to obtain personal data from various addresses for head-hunting. The parties, later, on compromised and a consent decree was passed. This is a landmark judgment because the court declared ‘phishing’ on the internet to be an illegal act, against which an ‘injunction’ could be granted and damages could also be awarded. The court described ‘Phishing’ as a form of internet fraud where a person misrepresents the identity of a legitimate party (like a bank or an insurance company) to extract personal data from a user. It also deliberated upon the fact that there is no legislation in India dealing particularly with ‘phishing’.

16. Department of Electronics and Information Technology v. Star India Pvt. Ltd. [R.P. 131/2016 in FAO(OS) 57/2015]

This case dealt with the live telecast of cricket matches. The primary issue between the parties was regarding the extent of the ban that could be imposed on the website of a person infringing the trademark of another.The respondent pushed for a ‘domain’ ban, citing that it is relatively easy for ‘internet pirates’ to change the URLs of the infringing content as compared to the domain names. The court observed that the websites which are known to be rogue i.e., the ones that host “predominantly infringing content”, could be blocked completely, rather than resorting to URL blocking.The court described such websites to be ‘rogue’ that is hardly carrying on any lawful business and in their entirety/to a large extent are resorting to piracy.

17. Kent Systems Ltd. and Ors. v. Amit Kotak and Ors. 2017 (69) PTC 551 (Del)

In this case, the court observed that the IT Rules, do not oblige an intermediary to screen/remove all content/information hosted on its portal for infringement of rights of all persons who have complained to the intermediary at any point in time. The only obligation is to remove the infringing information/content upon receipt of a complaint from the Rights Holder. The court ultimately concluded that to require an intermediary to do compulsory screening of infringing content would amount to unreasonable interference with the right of the said intermediary to carry on its business.

18. Google India Pvt. Ltd. v. M/S Vishaka Industries Limited [Second Appeal No. 505 of 2016]

The basic facts of the case were that a person had published certain defamatory articles aimed at the Respondent and some politicians of the country, in a group hosted by Google (Appellant). The respondent had issued a notice to the Appellant to block the aforementioned defamatory content, but the appellant did not make any effort in that regard.Keeping that in regard, the High Court passed an order in the favor of the Respondent while observing that the Petitioner could not claim any exemption under Section 79 of the IT Act.

19. State v. Mohd. Afzal & Ors. [2003 (71) DRJ 178]

This is an important case concerning Section 2 (ha) of the IT Act, 2000 that defines ‘Communication Device’. It relates to the trial of the persons accused in the 2001 Parliament House Attack. It was argued by the accused that computers &digital evidence could not be regarded as reliable, as they could be easily tampered with. So, they claimed it to be unreliable for a criminal trial. The Court dismissed the contentions of the accused by observing that the misuse or tampering of the evidence has to be established by the challenger.Further, it was held that the theoretical and generic doubts could not be cast on the evidence of the prosecution.

20. Syed Asifuddin& Ors. v. State of Andhra Pradesh & Anr. [2005 Cr LJ 4314]

This case relates to the tampering of low-cost hand sets that were being handed out by the Reliance Infocomm, with a lock-in period of 3 years. The petitioners, in this case, were accused of an offence under section 65 of the IT Act, for allegedly tampering with the source code of the aforesaid Reliance Infocomm handsets to wean away customers from Reliance Infocommto TATA Indicom. The petitioners, in the instant petition, prayed for the quashing of the criminal investigation. However, the court observed that unless the investigation is shown to be illegal, it cannot ordinarily be quashed. So, the court refused to quash the investigation under section 65 of the IT Act, 2000 and directed the police to complete the investigation within a period of 3 months.

21. Dharamvir v. Central Bureau of Investigation [148 (2008) DLT 289]

This case primarily relates to ‘Electronic Record’ defined under section2 (t) of the IT Act, 2000. In this case, the main question before the court was that of the admissibility & reliability of the digital evidence in a legal proceeding. A CD was presented before the court that contained telephonic conversations copied from a hard disk.The court observed that the recording of the telephone call and the hard disks constitute electronic records that can be used as evidence.

22. P.R Transport Agency v. Union of India & Ors. [AIR 2006 All 23]

This case relates to Section 13 (5) of the IT Act, 2000. In this case, Bharat Coking Coal Ltd. held an e-auction for coal. The petitioner’s bid was accepted for a particular lot of coal and the letter of acceptance was issued by email to the petitioner. Later on, some conflict arose andthe allocation was canceled. So, petitioners approached the High Court of Allahabad. The Bharat Coking Ltd. put up an objection regarding the jurisdiction of the Court, contending that no part of the cause of action arose within Uttar Pradesh. The Court observed that since the acceptance was received at Varanasi (UP), it had the jurisdiction to entertain the case. Further, it was observed that for the purpose of Section 13 (5) of the IT Act, the place of business is relevant and not the location of the information system.

23. Umashankar Sivasubramanian v. ICICI Bank (Petition No. 2462 of 2008)

In this case, the petitioner received an email from ICICI Bank asking for his Internet Banking username and password. The petitioner replied to the email with the aforementioned details and later on found that he was defrauded of Rs. 6.46 Lakhs. So, he filed a complaint against ICICI Bank with the adjudicating authority for getting compensation. The Adjudicating Authority found ICICI Bank to be guilty of offences under section 85 read with Section 43 of the IT Act, 2000 and directed it to pay Rs. 12.85 lakh to the petitioner.

In this way, various courts around the country have interpreted the provisions of the IT Act, 2000 according to the facts and circumstances of the particular cases. Along with the provisions of the IT Act, the rules notified by the Government also play a significant role in regulating the digital space.With the rapid advent of technology, Cyber Laws are becoming more and more relevant. There is a need for these laws to keep evolving with the latest developments in Information Technology.

Click here to Get More Content on LCI Android App

38268 Views

Category Others , Other Articles by - Supinder Singh

Browse by Category

Business Law
Constitutional Law
Labour & Service Law
Legal Documents
Intellectual Property Rights
Property Law

Top Members
Share Files
LCI Online Learning

Member Strength 9,50,852 and growing..

Download LCI APP

Our Network Sites

We are Hiring
Terms of Service
Privacy Policy

Lawyersclubindia Search

Whatsapp groups, login at lawyersclubindia.

Alternatively, you can log in using:

IT Act 2000 – Penalties, Offences With Case Studies

June 24, 2014 Lionel Faleiro Case Studies , Compliance , Laws & Regulations 6

Objectives of IT legislation in India

The Government of India enacted its Information Technology Act 2000 with the objectives stating officially as:

“to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers’ Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.”

What does IT Act 2000 legislation deals with? The Act essentially deals with the following issues:

Legal Recognition of Electronic Documents
Legal Recognition of Digital Signatures
Offenses and Contraventions
Justice Dispensation Systems for cyber crimes.

Why did the need for IT Amendment Act 2008 (ITAA) arise? The IT Act 2000, being the first legislation on technology, computers, e-commerce and e-communication, the was the subject of extensive debates, elaborate reviews with one arm of the industry criticizing some sections of the Act to be draconian and other stating it is too diluted and lenient. There were some obvious omissions too resulting in the investigators relying more and more on the time-tested (one and half century-old) Indian Penal Code even in technology based cases with the IT Act also being referred in the process with the reliance more on IPC rather on the ITA.

Thus the need for an amendment – a detailed one – was felt for the I.T. Act. Major industry bodies were consulted and advisory groups were formed to go into the perceived lacunae in the I.T. Act and comparing it with similar legislations in other nations and to suggest recommendations. Such recommendations were analyzed and subsequently taken up as a comprehensive Amendment Act and after considerable administrative procedures, the consolidated amendment called the Information Technology Amendment Act 2008 was placed in the Parliament and passed at the end of 2008 (just after Mumbai terrorist attack of 26 November 2008 had taken place). The IT Amendment Act 2008 got the President assent on 5 Feb 2009 and was made effective from 27 October 2009.

Notable features of the ITAA 2008 are:

Focusing on data privacy
Focusing on Information Security
Defining cyber café
Making digital signature technology neutral
Defining reasonable security practices to be followed by corporate
Redefining the role of intermediaries
Recognizing the role of Indian Computer Emergency Response Team
Inclusion of some additional cyber crimes like child pornography and cyber terrorism
Authorizing an Inspector to investigate cyber offenses (as against the DSP earlier)

Structure of IT Act

How is IT Act structured? The Act totally has 13 chapters and 90 sections. Sections 91 to 94 deal with the amendments to the four Acts namely Indian Penal Code 1860, The Indian Evidence Act 1872, The Bankers’ Books Evidence Act 1891 and the Reserve Bank of India Act 1934. The Act has chapters that deal with authentication of electronic records, electronic signatures etc. Elaborate procedures for certifying authorities and electronic signatures have been spelt out. The civil offence of data theft and the process of adjudication and appellate procedures have been described. Then the Act goes on to define and describe some of the well-known cyber crimes and lays down the punishments therefore. Then the concept of due diligence, role of intermediaries and some miscellaneous provisions have been described.
Negotiable instrument (other than a cheque) as defined in section 13 of the Negotiable Instruments Act, 1881;
A power-of-attorney as defined in section 1A of the Powers-of-Attorney Act, 1882;
A trust as defined in section 3 of the Indian Trusts Act, 1882
A will as defined in clause (h) of section 2 of the Indian Succession Act, 1925 including any other testamentary disposition

What is a cyber crime?

Cyber Crime is not defined officially in IT Act or in any other legislation. In fact, it cannot be too. Offence or crime has been dealt with elaborately listing various acts and the punishments for each, under the Indian Penal Code, 1860 and related legislations. Hence, the concept of cyber crime is just a “combination of crime and computer”.

Cybercrime in a narrow sense (computer crime): Any illegal behavior directed by means of electronic operations that targets the security of computer systems and the data processed by them.

Cybercrime in a broader sense (computer-related crime): Any illegal behavior committed by means of, or in relation to, a computer system or network, including such crimes as illegal possession and offering or distributing information by means of a computer system or network.

Any contract for the sale or conveyance of immovable property or any interest in such property;
Any such class of documents or transactions as may be notified by the Central Government

Cases Studies as per selected IT Act Sections

Here are the case studies for selected IT Act sections.

For the sake of simplicity and maintaining clarity, details on the IT Act sections have been omitted. Kindly refer the Appendix at the last section for the detailed account of all the penalties and offences mentioned in IT Act.

Section 43 – Penalty and Compensation for damage to computer, computer system, etc Related Case: Mphasis BPO Fraud: 2005 In December 2004, four call centre employees, working at an outsourcing facility operated by MphasiS in India, obtained PIN codes from four customers of MphasiS’ client, Citi Group. These employees were not authorized to obtain the PINs. In association with others, the call centre employees opened new accounts at Indian banks using false identities. Within two months, they used the PINs and account information gleaned during their employment at MphasiS to transfer money from the bank accounts of CitiGroup customers to the new accounts at Indian banks. By April 2005, the Indian police had tipped off to the scam by a U.S. bank, and quickly identified the individuals involved in the scam. Arrests were made when those individuals attempted to withdraw cash from the falsified accounts, $426,000 was stolen; the amount recovered was $230,000. Verdict : Court held that Section 43(a) was applicable here due to the nature of unauthorized access involved to commit transactions.
Section 65 – Tampering with Computer Source Documents Related Case: Syed Asifuddin and Ors. Vs. The State of Andhra Pradesh In this case, Tata Indicom employees were arrested for manipulation of the electronic 32- bit number (ESN) programmed into cell phones theft were exclusively franchised to Reliance Infocomm. Verdict : Court held that tampering with source code invokes Section 65 of the Information Technology Act.
Section 66 – Computer Related offenses Related Case: Kumar v/s Whiteley In this case the accused gained unauthorized access to the Joint Academic Network (JANET) and deleted, added files and changed the passwords to deny access to the authorized users.Investigations had revealed that Kumar was logging on to the BSNL broadband Internet connection as if he was the authorized genuine user and ‘made alteration in the computer database pertaining to broadband Internet user accounts’ of the subscribers.The CBI had registered a cyber crime case against Kumar and carried out investigations on the basis of a complaint by the Press Information Bureau, Chennai, which detected the unauthorised use of broadband Internet. The complaint also stated that the subscribers had incurred a loss of Rs 38,248 due to Kumar’s wrongful act. He used to ‘hack’ sites from Bangalore, Chennai and other cities too, they said. Verdict: The Additional Chief Metropolitan Magistrate, Egmore, Chennai, sentenced N G Arun Kumar, the techie from Bangalore to undergo a rigorous imprisonment for one year with a fine of Rs 5,000 under section 420 IPC (cheating) and Section 66 of IT Act (Computer related Offense).
Relevant Case #1: Fake profile of President posted by imposter On September 9, 2010, the imposter made a fake profile in the name of the Hon’ble President Pratibha Devi Patil. A complaint was made from Additional Controller, President Household, President Secretariat regarding the four fake profiles created in the name of Hon’ble President on social networking website, Facebook.The said complaint stated that president house has nothing to do with the facebook and the fake profile is misleading the general public. The First Information Report Under Sections 469 IPC and 66A Information Technology Act, 2000 was registered based on the said complaint at the police station, Economic Offences Wing, the elite wing of Delhi Police which specializes in investigating economic crimes including cyber offences.
Relevant Case #2: Bomb Hoax mail In 2009, a 15-year-old Bangalore teenager was arrested by the cyber crime investigation cell (CCIC) of the city crime branch for allegedly sending a hoax e-mail to a private news channel. In the e-mail, he claimed to have planted five bombs in Mumbai, challenging the police to find them before it was too late. At around 1p.m. on May 25, the news channel received an e-mail that read: “I have planted five bombs in Mumbai; you have two hours to find it.” The police, who were alerted immediately, traced the Internet Protocol (IP) address to Vijay Nagar in Bangalore. The Internet service provider for the account was BSNL, said officials.
The CEO of an identity theft protection company, Lifelock, Todd Davis’s social security number was exposed by Matt Lauer on NBC’s Today Show. Davis’ identity was used to obtain a $500 cash advance loan.
Li Ming, a graduate student at West Chester University of Pennsylvania faked his own death, complete with a forged obituary in his local paper. Nine months later, Li attempted to obtain a new driver’s license with the intention of applying for new credit cards eventually.
Section 66D – Punishment for cheating by impersonation by using computer resource Relevant Case: Sandeep Vaghese v/s State of Kerala A complaint filed by the representative of a Company, which was engaged in the business of trading and distribution of petrochemicals in India and overseas, a crime was registered against nine persons, alleging offenses under Sections 65, 66, 66A, C and D of the Information Technology Act along with Sections 419 and 420 of the Indian Penal Code. The company has a web-site in the name and and style `www.jaypolychem.com’ but, another web site `www.jayplychem.org’ was set up in the internet by first accused Samdeep Varghese @ Sam, (who was dismissed from the company) in conspiracy with other accused, including Preeti and Charanjeet Singh, who are the sister and brother-in-law of `Sam’ Defamatory and malicious matters about the company and its directors were made available in that website. The accused sister and brother-in-law were based in Cochin and they had been acting in collusion known and unknown persons, who have collectively cheated the company and committed acts of forgery, impersonation etc. Two of the accused, Amardeep Singh and Rahul had visited Delhi and Cochin. The first accused and others sent e-mails from fake e-mail accounts of many of the customers, suppliers, Bank etc. to malign the name and image of the Company and its Directors. The defamation campaign run by all the said persons named above has caused immense damage to the name and reputation of the Company. The Company suffered losses of several crores of Rupees from producers, suppliers and customers and were unable to do business.
Jawaharlal Nehru University MMS scandal In a severe shock to the prestigious and renowned institute – Jawaharlal Nehru University, a pornographic MMS clip was apparently made in the campus and transmitted outside the university.Some media reports claimed that the two accused students initially tried to extort money from the girl in the video but when they failed the culprits put the video out on mobile phones, on the internet and even sold it as a CD in the blue film market.
Nagpur Congress leader’s son MMS scandal On January 05, 2012 Nagpur Police arrested two engineering students, one of them a son of a Congress leader, for harassing a 16-year-old girl by circulating an MMS clip of their sexual acts. According to the Nagpur (rural) police, the girl was in a relationship with Mithilesh Gajbhiye, 19, son of Yashodha Dhanraj Gajbhiye, a zila parishad member and an influential Congress leader of Saoner region in Nagpur district.
Section-66F Cyber Terrorism Relevant Case: The Mumbai police have registered a case of ‘cyber terrorism’—the first in the state since an amendment to the Information Technology Act—where a threat email was sent to the BSE and NSE on Monday. The MRA Marg police and the Cyber Crime Investigation Cell are jointly probing the case. The suspect has been detained in this case.The police said an email challenging the security agencies to prevent a terror attack was sent by one Shahab Md with an ID [email protected] to BSE’s administrative email ID [email protected] at around 10.44 am on Monday.The IP address of the sender has been traced to Patna in Bihar. The ISP is Sify. The email ID was created just four minutes before the email was sent. “The sender had, while creating the new ID, given two mobile numbers in the personal details column. Both the numbers belong to a photo frame-maker in Patna,’’ said an officer. Status: The MRA Marg police have registered forgery for purpose of cheating, criminal intimidation cases under the IPC and a cyber-terrorism case under the IT Act.
As per 469 of IPC he has to undergo rigorous imprisonment for 2 years and to pay fine of Rs.500/-
As per 509 of IPC he is to undergo to undergo 1 year Simple imprisonment and to pay Rs 500/-
As per Section 67 of IT Act 2000, he has to undergo for 2 years and to pay fine of Rs.4000/-
Section 67B – Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc. in electronic form Relevant Case: Janhit Manch & Ors. v. The Union of India 10.03.2010 Public Interest Litigation: The petition sought a blanket ban on pornographic websites. The NGO had argued that websites displaying sexually explicit content had an adverse influence, leading youth on a delinquent path.
Section 69 – Powers to issue directions for interception or monitoring or decryption of any information through any computer resource Relevant Case: In August 2007, Lakshmana Kailash K., a techie from Bangalore was arrested on the suspicion of having posted insulting images of Chhatrapati Shivaji, a major historical figure in the state of Maharashtra, on the social-networking site Orkut.The police identified him based on IP address details obtained from Google and Airtel -Lakshmana’s ISP. He was brought to Pune and detained for 50 days before it was discovered that the IP address provided by Airtel was erroneous. The mistake was evidently due to the fact that while requesting information from Airtel, the police had not properly specified whether the suspect had posted the content at 1:15 p.m. Verdict: Taking cognizance of his plight from newspaper accounts, the State Human Rights Commission subsequently ordered the company to pay Rs 2 lakh to Lakshmana as damages. The incident highlights how minor privacy violations by ISPs and intermediaries could have impacts that gravely undermine other basic human rights.

Common Cyber-crime scenarios and Applicability of Legal Sections

Let us look into some common cyber-crime scenarios which can attract prosecution as per the penalties and offences prescribed in IT Act 2000 (amended via 2008) Act.

Harassment via fake public profile on social networking site A fake profile of a person is created on a social networking site with the correct address, residential information or contact details but he/she is labelled as ‘prostitute’ or a person of ‘loose character’. This leads to harassment of the victim. Provisions Applicable:- Sections 66A, 67 of IT Act and Section 509 of the Indian Penal Code.
Online Hate Community Online hate community is created inciting a religious group to act or pass objectionable remarks against a country, national figures etc. Provisions Applicable: Section 66A of IT Act and 153A & 153B of the Indian Penal Code.
Email Account Hacking If victim’s email account is hacked and obscene emails are sent to people in victim’s address book. Provisions Applicable:- Sections 43, 66, 66A, 66C, 67, 67A and 67B of IT Act.
Credit Card Fraud Unsuspecting victims would use infected computers to make online transactions. Provisions Applicable:- Sections 43, 66, 66C, 66D of IT Act and section 420 of the IPC.
Web Defacement The homepage of a website is replaced with a pornographic or defamatory page. Government sites generally face the wrath of hackers on symbolic days. Provisions Applicable:- Sections 43 and 66 of IT Act and Sections 66F, 67 and 70 of IT Act also apply in some cases.
Introducing Viruses, Worms, Backdoors, Rootkits, Trojans, Bugs All of the above are some sort of malicious programs which are used to destroy or gain access to some electronic information. Provisions Applicable:- Sections 43, 66, 66A of IT Act and Section 426 of Indian Penal Code.
Cyber Terrorism Many terrorists are use virtual(GDrive, FTP sites) and physical storage media(USB’s, hard drives) for hiding information and records of their illicit business. Provisions Applicable: Conventional terrorism laws may apply along with Section 69 of IT Act.
Online sale of illegal Articles Where sale of narcotics, drugs weapons and wildlife is facilitated by the Internet Provisions Applicable:- Generally conventional laws apply in these cases.
Cyber Pornography Among the largest businesses on Internet. Pornography may not be illegal in many countries, but child pornography is. Provisions Applicable:- Sections 67, 67A and 67B of the IT Act.
Phishing and Email Scams Phishing involves fraudulently acquiring sensitive information through masquerading a site as a trusted entity. (E.g. Passwords, credit card information) Provisions Applicable:- Section 66, 66A and 66D of IT Act and Section 420 of IPC
Theft of Confidential Information Many business organizations store their confidential information in computer systems. This information is targeted by rivals, criminals and disgruntled employees. Provisions Applicable:- Sections 43, 66, 66B of IT Act and Section 426 of Indian Penal Code.
Source Code Theft A Source code generally is the most coveted and important “crown jewel” asset of a company. Provisions applicable:- Sections 43, 66, 66B of IT Act and Section 63 of Copyright Act.
Tax Evasion and Money Laundering Money launderers and people doing illegal business activities hide their information in virtual as well as physical activities. Provisions Applicable: Income Tax Act and Prevention of Money Laundering Act. IT Act may apply case-wise.
Online Share Trading Fraud It has become mandatory for investors to have their demat accounts linked with their online banking accounts which are generally accessed unauthorized, thereby leading to share trading frauds. Provisions Applicable: Sections 43, 66, 66C, 66D of IT Act and Section 420 of IPC
Accesses or secures access to such computer, computer system or computer network or computer resource
Downloads, copies or extracts any data, computer data, computer database or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium;
Introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network-
Damages or causes to be damaged any computer, computer system or computer network, data, computer database, or any other programmes residing in such computer, computer system or computer network-
Disrupts or causes disruption of any computer, computer system, or computer network;
Denies or causes the denial of access to any person authorised to access any computer, computer system or computer network by any means
Charges the services availed of by a person to the account of another person by tampering with or manipulating any computer of a computer, computer system or computer network-
Provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made there under,
Charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network,
Destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means,
Steals, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage,
Section 43A – Compensation for failure to protect data Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation, not exceeding five crore rupees, to the person so affected.
Furnish any document, return or report to the Controller or the Certifying Authority, fails to furnish the same, he shall be liable to a penalty not exceeding one lakh and fifty thousand rupees for each such failure;
File any return or furnish any information, books or other documents within the time specified therefore in the regulations, fails to file return or furnish the same within the time specified therefore in the regulations, he shall be liable to a penalty not exceeding five thousand rupees for every day during which such failure continues:
Maintain books of account or records, fails to maintain the same, he shall be liable to a penalty not exceeding ten thousand rupees for every day during which the failure continues.
Section 45 – Residuary Penalty Whoever contravenes any rules or regulations made under this Act, for the contravention of which no penalty has been separately provided,shall be liable to pay a compensation not exceeding twenty-five thousand rupees to the person affected by such contravention or a penalty not exceeding twenty-five thousand rupees.
The amount of gain of unfair advantage, wherever quantifiable, made as a result of the default;
The amount of loss caused to the person as a result of the default,
The repetitive nature of the default.
Section 65 – Tampering with Computer Source Documents If any person knowingly or intentionally conceals, destroys code or alters or causes another to conceal, destroy code or alter any computer, computer program, computer system, or computer network,he shall be punishable with imprisonment up to three years, or with fine up to two lakh rupees, or with both.
Section – 66 Computer Related Offences If any person, dishonestly, or fraudulently, does any act referred to in section 43,he shall be punishable with imprisonment for a term which may extend to two three years or with fine which may extend to five lakh rupees or with both.
Any information that is grossly offensive or has menacing character;
Any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or ill will, persistently makes by making use of such computer resource or a communication device,
Any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages
Section 66B – Punishment for dishonestly receiving stolen computer resource or communication device. Whoever dishonestly receives or retains any stolen computer resource or communication device knowing or having reason to believe the same to be stolen computer resource or communication device,shall be punished with imprisonment of either description for a term which may extend to three years or with fine which may extend to rupees one lakh or with both.
Section 66C – Punishment for identity theft Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person,shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.
Section 66D – Punishment for cheating by personation by using computer resource Whoever, by means of any communication device or computer resource cheats by personating; shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees.
“transmit” means to electronically send a visual image with the intent that it be viewed by a person or persons;
“capture”, with respect to an image, means to videotape, photograph, film or record by any means;
“private area” means the naked or undergarment clad genitals, pubic area, buttocks or female breast;
“publishes” means reproduction in the printed or electronic form and making it available for public;
he or she could disrobe in privacy, without being concerned that an image of his private area was being captured; or
any part of his or her private area would not be visible to the public, regardless of whether that person is in a public or private place.
denying or cause the denial of access to any person authorized to access computer resource; or
attempting to penetrate or access a computer resource without authorization or exceeding authorized access; or
introducing or causing to introduce any Computer Contaminant and by means of such conduct causes or is likely to cause death or injuries to persons or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the life of the community or adversely affect the critical information infrastructure specified under section 70, or
knowingly or intentionally penetrates or accesses a computer resource without authorization or exceeding authorized access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons of the security of the State or foreign relations; or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism.
Whoever commits or conspires to commit cyber terrorism shall be punishable with imprisonment which may extend to imprisonment for life.
Section 67 – Punishment for publishing or transmitting obscene material in electronic form Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it,shall be punished on first conviction with imprisonment of either description for a term which may extend to two three years and with fine which may extend to five lakh rupees andin the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to five years and also with fine which may extend to ten lakh rupees.
Section 67A – Punishment for publishing or transmitting of material containing sexually explicit act, etc. in electronic form Whoever publishes or transmits or causes to be published or transmitted in the electronic form any material which contains sexually explicit act or conductshall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to ten lakh rupees andin the event of second or subsequent conviction with imprisonment of either description for a term which may extend to seven years and also with fine which may extend to ten lakh rupees.
publishes or transmits or causes to be published or transmitted material in any electronic form which depicts children engaged in sexually explicit act or conduct or
creates text or digital images, collects, seeks, browses, downloads, advertises, promotes, exchanges or distributes material in any electronic form depicting children in obscene or indecent or sexually explicit manner or
cultivates, entices or induces children to online relationship with one or more children for and on sexually explicit act or in a manner that may offend a reasonable adult on the computer resource or
facilitates abusing children online or
records in any electronic form own abuse or that of others pertaining to sexually explicit act with children,
Where the central Government or a State Government or any of its officer specially authorized by the Central Government or the State Government, as the case may be, in this behalf may, if is satisfied that it is necessary or expedient to do in the interest of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence, it may, subject to the provisions of sub-section (2), for reasons to be recorded in writing, by order, direct any agency of the appropriate Government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information transmitted received or stored through any computer resource.
The Procedure and safeguards subject to which such interception or monitoring or decryption may be carried out, shall be such as may be prescribed.
provide access to or secure access to the computer resource generating, transmitting, receiving or storing such information; or
intercept or monitor or decrypt the information, as the case may be; or
provide information stored in computer resource.
The subscriber or intermediary or any person who fails to assist the agency referred to in sub-section (3) shall be punished with an imprisonment for a term which may extend to seven years and shall also be liable to fine.
Where the Central Government or any of its officer specially authorized by it in this behalf is satisfied that it is necessary or expedient so to do in the interest of sovereignty and integrity of India, defense of India, security of the State, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognizable offence relating to above, it may subject to the provisions of sub-sections (2) for reasons to be recorded in writing, by order direct any agency of the Government or intermediary to block access by the public or cause to be blocked for access by public any information generated, transmitted, received, stored or hosted in any computer resource.
The procedure and safeguards subject to which such blocking for access by the public may be carried out shall be such as may be prescribed.
The intermediary who fails to comply with the direction issued under sub-section (1) shall be punished with an imprisonment for a term which may extend to seven years and also be liable to fine.
The Central Government may, to enhance Cyber Security and for identification, analysis and prevention of any intrusion or spread of computer contaminant in the country, by notification in the official Gazette, authorize any agency of the Government to monitor and collect traffic data or information generated, transmitted, received or stored in any computer resource.
The Intermediary or any person in-charge of the Computer resource shall when called upon by the agency which has been authorized under sub-section (1), provide technical assistance and extend all facilities to such agency to enable online access or to secure and provide online access to the computer resource generating, transmitting, receiving or storing such traffic data or information.
The procedure and safeguards for monitoring and collecting traffic data or information, shall be such as may be prescribed.
Any intermediary who intentionally or knowingly contravenes the provisions of subsection (2) shall be punished with an imprisonment for a term which may extend to three years and shall also be liable to fine.
Section 71 – Penalty for misrepresentation Whoever makes any misrepresentation to, or suppresses any material fact from, the Controller or the Certifying Authority for obtaining any license or Electronic Signature Certificate, as the case may be,shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
Section 72 – Breach of confidentiality and privacy Any person who, in pursuant of any of the powers conferred under this Act, rules or regulations made there under, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such electronic record, book, register, correspondence, information, document or other material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
Section 72A – Punishment for Disclosure of information in breach of lawful contract Any person including an intermediary who, while providing services under the terms of lawful contract, has secured access to any material containing personal information about another person, with the intent to cause or knowing that he is likely to cause wrongful loss or wrongful gain discloses, without the consent of the person concerned, or in breach of a lawful contract, such material to any other person shall be punished with imprisonment for a term which may extend to three years, or with a fine which may extend to five lakh rupees, or with both.
the Certifying Authority listed in the certificate has not issued it; or
the subscriber listed in the certificate has not accepted it; or
the certificate has been revoked or suspended, unless such publication is for the purpose of verifying a digital signature created prior to such suspension or revocation
Any person who contravenes the provisions of sub-section (1) shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
Section 74 – Publication for fraudulent purpose: Whoever knowingly creates, publishes or otherwise makes available a Electronic Signature Certificate for any fraudulent or unlawful purpose shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any offence or contravention committed outside India by any person irrespective of his nationality.
For the purposes of sub-section (1), this Act shall apply to an offence or contravention committed outside India by any person if the act or conduct constituting the offence or contravention involves a computer, computer system or computer network located in India.
A Court of competent jurisdiction may compound offences other than offences for which the punishment for life or imprisonment for a term exceeding three years has been provided under this Act.Provided further that the Court shall not compound any offence where such offence affects the socio-economic conditions of the country or has been committed against a child below the age of 18 years or a woman.
The person accused of an offence under this act may file an application for compounding in the court in which offence is pending for trial and the provisions of section 265 B and 265C of Code of Criminal Procedures, 1973 shall apply.
Section 77B – Offences with three years imprisonment to be cognizable Notwithstanding anything contained in Criminal Procedure Code 1973, the offence punishable with imprisonment of three years and above shall be cognizable and the offence punishable with imprisonment of three years shall be bailable.
Section 78 – Power to investigate offences Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer not below the rank of Inspector shall investigate any offence under this Act.

Experience of over a decade in the IT and CyberSecurity domain. A cyber-detective by nature, and has solved numerous cyberattack-cases during his tenure at Network Intelligence. When not solving cybercrimes, he enjoys video-games and photography.

Hi, somebody used my official mail account to send confidential information to competitor company. Company filed legal case against me under section 72A and 66. Is there any case under similar circumstances before, how can i prove myself not guilty. Pls suggest.

The law defines the offenses in a detailed manner along with the penalties for each category of offence.

Good work. Dear Sir/Madam. If someone attempted to have unauthorized access to my email account from a remote area (I have the suspicious IP address as notified by google security mechanism), can I do something as per IT law against him? Please quote the specific act/rule.

how can we apply and where we have to apply for this act and have license for the same.

Excellent job for pub.information Thanks

Detailed and informative! Overall an excellent article.

Comments are closed.

Academia.edu no longer supports Internet Explorer.

To browse Academia.edu and the wider internet faster and more securely, please take a few seconds to upgrade your browser .

Enter the email address you signed up with and we'll email you a reset link.

We're Hiring!
Help Center

IT ACT 2000 – PENALTIES, OFFENCES WITH CASE STUDIES From

Related Papers

Bhartiya Shodh

Crime, in whatever forms it is, directly or indirectly, always affects the society. In today’s world, there is immense increase in the use of Internet in every field of the society and due to this increase in usage of Internet, a number of new crimes have evolved. Such crimes where use of computers coupled with the use of Internet is involved are broadly termed as Cyber Crimes.

International Journal of Engineering and Applied Sciences

Shrikant Sarda

Now a dayrsquos most of the activities and financial transactions uses internet, since internet is accessible from anywhere, perpetrator takes advantage of this and commit a crime.nbsp Cybercrime is a term used to broadly describe criminal activity in which computers or computer networks are a tool, a target, or a place of criminal activity and include everything from electronic cracking to denial of service attacks. It is also used to include traditional crimes in which computers or networks are used to enable the illicit activity. Cyber criminals take full advantage of the anonymity, secrecy, and interconnections provided by the Internet. In this paper we have tried to provide information about Cyber crime, its nature, Perpetrators, Classification of cyber crime, Reasons for its emergence, In next section of this paper we have given an information about cyber law, IT legislation in India. Further in next section we have discuses about Cyber crime scenario in India. Finally Last tw...

Dr. Manoj Kumar

BANGLADESH RESEARCH PUBLICATIONS JOURNAL

Dr. Md. Nayem Alimul Hyder

The advent of internet technology and the use of ICT tools in every human activity has facilitated people to live in a boundary less, borderless world that is known as cyber world. Computer today are being misused for illegal activities like e-mail espionage, credit card fraud, spams and software piracy and so on which invade our privacy. The objective of this article are; to know the basic concept of cyber crime and reasons for cyber crime, evaluate different provisions relating to computer and computer related crimes under ICT Act,2006 (amended 2013), analyze the role of police power of arrest without warrant under this Act etc. Secondary sources have been used during the time of the research. However this article has revealed some issues such as; cyber crime are increasing day by day, police can misuse their power regarding arrest without warrant, only few cyber tribunal have been established that's why it cannot provide adequate justice for the victims, police are not trained properly, there is no digital forensic laboratory etc. Later on this article has provided some recommendations such as; provisions relating to section 57 of the ICT Act should need to change, the government have to establish one digital forensic laboratory, a well trained cyber police force is needed in order to detect cyber criminals, adequate cyber tribunals are to be established, police power of arrest are to be removed by amending ICT Act and minor and major offences are to be tackled and penalized accordingly.

SSRN Electronic Journal

Danish ashraf Khan

International Journal IJRITCC

—No stones are untouched by technology which gives rise to various refined crimes performed by so called intellectual criminals. The crimes performed using technology is termed as cybercrime. This paper tries to give insight on the broader areas effected by cybercrime in India. It also tries to associate various laws under various sections of IT Act 2000 which can be levied upon the culprit. It focuses on three categories of crime, viz. crime against individual, crime against property and crime against government. The paper tries to give insight on the loopholes as well as statistics of various cybercrimes in India.

Dr-Prashant Kumar Srivastava

Fast growing internet has its own advantages as well as disadvantages. The increasing use of information technology facilitate common people to get information, store information, share information etc. Internet provides great facilities to society but same time it present opportunities for crime also. Credit card frauds, spams, defamation or hate expression on the social networking sites and piracies are some of disadvantages due to illegal activities on internet. Cyber Law has emerged due to proliferation of misuse of the computer and internet in the cyber space. The content of this article is intended to provide a general guide to the subject matter. In present paper there is brief discussion about cyber law and cyber crime and legal provisions to overcome cyber crimes and penalty there for.

International Res Jour Managt Socio Human

As we all know that this is the era where most of the things are done usually over the internet starting from online dealing to the online transaction. Since the web is considered as worldwide stage, anyone can access the resources of the internet from anywhere. The internet technology has been using by the few people for criminal activities like unauthorized access to other's network, scams etc. These criminal activities or the offense/crime related to the internet is termed as cyber crime. In order to stop or to punish the cyber criminals the term " Cyber Law " was introduced. We can define cyber law as it is the part of the legal systems that deals with the Internet, cyberspace, and with the legal issues. It covers a broad area, encompassing many subtopics as well as freedom of expressions, access to and utilization of the Internet, and online security or online privacy. Generically, it is alluded as the law of the web.

anuranjan misra

In the today’s era of rapid growth, Information technology is encompassing all walks of life all over the world. These technological developments have made the transition from paper to paperless transactions possible. We are now creating new standards of speed, efficiency, and accuracy in communication, which has become key tools for boosting innovations, creativity and increasing overall productivity. Computers are extensively used to store confidential data of political, social, economic or personal nature bringing immense benefit to the society. The rapid development of Internet and Computer technology globally has led to the growth of new forms of transnational crime especially Internet related. These crimes have virtually no boundaries and may affect any country across the globe. Thus, there is a need for awareness and enactment of necessary legislation in all countries for the prevention of computer related crime. Globally Internet and Computer based commerce and communications cut across territorial boundaries, thereby creating a new realm of human activity and undermining the feasibility and legitimacy of applying laws based on geographic boundaries. This new boundary, which is made up of the screens and passwords, separate the “Cyber world” from the "real world" of atoms. Territorially based law-making and law-enforcing authorities find this new environment deeply threatening.

Landmark Cyber Law cases in India

Post author By ashwin
Post date March 1, 2021

By:-Muskan Sharma

Introduction

Cyber Law, as the name suggests, deals with statutory provisions that regulate Cyberspace. With the advent of digitalization and AI (Artificial Intelligence), there is a significant rise in Cyber Crimes being registered. Around 44, 546 cases were registered under the Cyber Crime head in 2019 as compared to 27, 248 cases in 2018. Therefore, a spike of 63.5% was observed in Cyber Crimes [1] .

The legislative framework concerning Cyber Law in India comprises the Information Technology Act, 2000 (hereinafter referred to as the “ IT Act ”) and the Rules made thereunder. The IT Act is the parent legislation that provides for various forms of Cyber Crimes, punishments to be inflicted thereby, compliances for intermediaries, and so on.

Learn more about Cyber Laws Courses with Enhelion’s Online Law Course !

However, the IT Act is not exhaustive of the Cyber Law regime that exists in India. There are some judgments that have evolved the Cyber Law regime in India to a great extent. To fully understand the scope of the Cyber Law regime, it is pertinent to refer to the following landmark Cyber Law cases in India:

Shreya Singhal v. UOI [2]

In the instant case, the validity of Section 66A of the IT Act was challenged before the Supreme Court.

Facts: Two women were arrested under Section 66A of the IT Act after they posted allegedly offensive and objectionable comments on Facebook concerning the complete shutdown of Mumbai after the demise of a political leader. Section 66A of the IT Act provides punishment if any person using a computer resource or communication, such information which is offensive, false, or causes annoyance, inconvenience, danger, insult, hatred, injury, or ill will.

The women, in response to the arrest, filed a petition challenging the constitutionality of Section 66A of the IT Act on the ground that it is violative of the freedom of speech and expression.

Decision: The Supreme Court based its decision on three concepts namely: discussion, advocacy, and incitement. It observed that mere discussion or even advocacy of a cause, no matter how unpopular, is at the heart of the freedom of speech and expression. It was found that Section 66A was capable of restricting all forms of communication and it contained no distinction between mere advocacy or discussion on a particular cause which is offensive to some and incitement by such words leading to a causal connection to public disorder, security, health, and so on.

Learn more about Cyber Laws with Enhelion’s Online Law firm certified Course!

In response to the question of whether Section 66A attempts to protect individuals from defamation, the Court said that Section 66A condemns offensive statements that may be annoying to an individual but not affecting his reputation.

However, the Court also noted that Section 66A of the IT Act is not violative of Article 14 of the Indian Constitution because there existed an intelligible difference between information communicated through the internet and through other forms of speech. Also, the Apex Court did not even address the challenge of procedural unreasonableness because it is unconstitutional on substantive grounds.

Shamsher Singh Verma v. State of Haryana [3]

In this case, the accused preferred an appeal before the Supreme Court after the High Court rejected the application of the accused to exhibit the Compact Disc filed in defence and to get it proved from the Forensic Science Laboratory.

The Supreme Court held that a Compact Disc is also a document. It further observed that it is not necessary to obtain admission or denial concerning a document under Section 294 (1) of CrPC personally from the accused, the complainant, or the witness.

Syed Asifuddin and Ors. v. State of Andhra Pradesh and Anr. [4]

Facts: The subscriber purchased a Reliance handset and Reliance mobile services together under the Dhirubhai Ambani Pioneer Scheme. The subscriber was attracted by better tariff plans of other service providers and hence, wanted to shift to other service providers. The petitioners (staff members of TATA Indicom) hacked the Electronic Serial Number (hereinafter referred to as “ESN”). The Mobile Identification Number (MIN) of Reliance handsets were irreversibly integrated with ESN, the reprogramming of ESN made the device would be validated by Petitioner’s service provider and not by Reliance Infocomm.

Questions before the Court: i) Whether a telephone handset is a “Computer” under Section 2(1)(i) of the IT Act?

ii) Whether manipulation of ESN programmed into a mobile handset amounts to an alteration of source code under Section 65 of the IT Act?

Decision: (i) Section 2(1)(i) of the IT Act provides that a “computer” means any electronic, magnetic, optical, or other high-speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic, or optical impulses, and includes all input, output, processing, storage, computer software or communication facilities which are connected or related to the computer in a computer system or computer network. Hence, a telephone handset is covered under the ambit of “computer” as defined under Section 2(1)(i) of the IT Act.

(ii) Alteration of ESN makes exclusively used handsets usable by other service providers like TATA Indicomm. Therefore, alteration of ESN is an offence under Section 65 of the IT Act because every service provider has to maintain its own SID code and give its customers a specific number to each instrument used to avail the services provided. Therefore, the offence registered against the petitioners cannot be quashed with regard to Section 65 of the IT Act.

Shankar v. State Rep [5]

Facts: The petitioner approached the Court under Section 482, CrPC to quash the charge sheet filed against him. The petitioner secured unauthorized access to the protected system of the Legal Advisor of Directorate of Vigilance and Anti-Corruption (DVAC) and was charged under Sections 66, 70, and 72 of the IT Act.

Decision: The Court observed that the charge sheet filed against the petitioner cannot be quashed with respect to the law concerning non-granting of sanction of prosecution under Section 72 of the IT Act.

Christian Louboutin SAS v. Nakul Bajaj & Ors . [6]

Facts: The Complainant, a Luxury shoes manufacturer filed a suit seeking an injunction against an e-commerce portal www.darveys.com for indulging in a Trademark violation with the seller of spurious goods.

The question before the Court was whether the defendant’s use of the plaintiff’s mark, logos, and image are protected under Section 79 of the IT Act.

Decision: The Court observed that the defendant is more than an intermediary on the ground that the website has full control over the products being sold via its platform. It first identifies and then promotes third parties to sell their products. The Court further said that active participation by an e-commerce platform would exempt it from the rights provided to intermediaries under Section 79 of the IT Act.

Avnish Bajaj v. State (NCT) of Delhi [7]

Facts: Avnish Bajaj, the CEO of Bazee.com was arrested under Section 67 of the IT Act for the broadcasting of cyber pornography. Someone else had sold copies of a CD containing pornographic material through the bazee.com website.

Decision: The Court noted that Mr. Bajaj was nowhere involved in the broadcasting of pornographic material. Also, the pornographic material could not be viewed on the Bazee.com website. But Bazee.com receives a commission from the sales and earns revenue for advertisements carried on via its web pages.

The Court further observed that the evidence collected indicates that the offence of cyber pornography cannot be attributed to Bazee.com but to some other person. The Court granted bail to Mr. Bajaj subject to the furnishing of 2 sureties Rs. 1 lakh each. However, the burden lies on the accused that he was merely the service provider and does not provide content.

State of Tamil Nadu v. Suhas Katti [8]

The instant case is a landmark case in the Cyber Law regime for its efficient handling made the conviction possible within 7 months from the date of filing the FIR.

Facts: The accused was a family friend of the victim and wanted to marry her but she married another man which resulted in a Divorce. After her divorce, the accused persuaded her again and on her reluctance to marrying him, he took the course of harassment through the Internet. The accused opened a false e-mail account in the name of the victim and posted defamatory, obscene, and annoying information about the victim.

A charge-sheet was filed against the accused person under Section 67 of the IT Act and Section 469 and 509 of the Indian Penal Code, 1860.

Decision: The Additional Chief Metropolitan Magistrate, Egmore convicted the accused person under Section 469 and 509 of the Indian Penal Code, 1860 and Section 67 of the IT Act. The accused was subjected to the Rigorous Imprisonment of 2 years along with a fine of Rs. 500 under Section 469 of the IPC, Simple Imprisonment of 1 year along with a fine of Rs. 500 under Section 509 of the IPC, and Rigorous Imprisonment of 2 years along with a fine of Rs. 4,000 under Section 67 of the IT Act.

CBI v. Arif Azim (Sony Sambandh case)

A website called www.sony-sambandh.com enabled NRIs to send Sony products to their Indian friends and relatives after online payment for the same.

In May 2002, someone logged into the website under the name of Barbara Campa and ordered a Sony Colour TV set along with a cordless telephone for one Arif Azim in Noida. She paid through her credit card and the said order was delivered to Arif Azim. However, the credit card agency informed the company that it was an unauthorized payment as the real owner denied any such purchase.

A complaint was therefore lodged with CBI and further, a case under Sections 418, 419, and 420 of the Indian Penal Code, 1860 was registered. The investigations concluded that Arif Azim while working at a call center in Noida, got access to the credit card details of Barbara Campa which he misused.

The Court convicted Arif Azim but being a young boy and a first-time convict, the Court’s approach was lenient towards him. The Court released the convicted person on probation for 1 year. This was one among the landmark cases of Cyber Law because it displayed that the Indian Penal Code, 1860 can be an effective legislation to rely on when the IT Act is not exhaustive.

Pune Citibank Mphasis Call Center Fraud

Facts: In 2005, US $ 3,50,000 were dishonestly transferred from the Citibank accounts of four US customers through the internet to few bogus accounts. The employees gained the confidence of the customer and obtained their PINs under the impression that they would be a helping hand to those customers to deal with difficult situations. They were not decoding encrypted software or breathing through firewalls, instead, they identified loopholes in the MphasiS system.

Decision: The Court observed that the accused in this case are the ex-employees of the MphasiS call center. The employees there are checked whenever they enter or exit. Therefore, it is clear that the employees must have memorized the numbers. The service that was used to transfer the funds was SWIFT i.e. society for worldwide interbank financial telecommunication. The crime was committed using unauthorized access to the electronic accounts of the customers. Therefore this case falls within the domain of ‘cyber crimes”. The IT Act is broad enough to accommodate these aspects of crimes and any offense under the IPC with the use of electronic documents can be put at the same level as the crimes with written documents.

The court held that section 43(a) of the IT Act, 2000 is applicable because of the presence of the nature of unauthorized access that is involved to commit transactions. The accused were also charged under section 66 of the IT Act, 2000 and section 420 i.e. cheating, 465,467 and 471 of The Indian Penal Code, 1860.

SMC Pneumatics (India) Pvt. Ltd. vs. Jogesh Kwatra [9]

Facts: In this case, Defendant Jogesh Kwatra was an employee of the plaintiff’s company. He started sending derogatory, defamatory, vulgar, abusive, and filthy emails to his employers and to different subsidiaries of the said company all over the world to defame the company and its Managing Director Mr. R K Malhotra. In the investigations, it was found that the email originated from a Cyber Cafe in New Delhi. The Cybercafé attendant identified the defendant during the enquiry. On 11 May 2011, Defendant was terminated of the services by the plaintiff.

Decision: The plaintiffs are not entitled to relief of perpetual injunction as prayed because the court did not qualify as certified evidence under section 65B of the Indian Evidence Act. Due to the absence of direct evidence that it was the defendant who was sending these emails, the court was not in a position to accept even the strongest evidence. The court also restrained the defendant from publishing, transmitting any information in the Cyberspace which is derogatory or abusive of the plaintiffs.

The Cyber Law regime is governed by the IT Act and the Rules made thereunder. Also, one may take recourse to the provisions of the Indian Penal Code, 1860 when the IT Act is unable to provide for any specific type of offence or if it does not contain exhaustive provisions with respect to an offence.

However, the Cyber Law regime is still not competent enough to deal with all sorts of Cyber Crimes that exist at this moment. With the country moving towards the ‘Digital India’ movement, the Cyber Crimes are evolving constantly and new kinds of Cyber Crimes enter the Cyber Law regime each day. The Cyber Law regime in India is weaker than what exists in other nations.

Hence, the Cyber Law regime in India needs extensive reforms to deal with the huge spike of Cyber Crimes each year.

[1] “Crime in India – 2019” Snapshots (States/UTs), NCRB, available at: https://ncrb.gov.in/sites/default/files/CII%202019%20SNAPSHOTS%20STATES.pdf (Last visited on 25 th Feb; 2021)

[2] (2013) 12 SCC 73

[3] 2015 SCC OnLine SC 1242

[4] 2005 CriLJ 4314

[5] Crl. O.P. No. 6628 of 2010

[6] (2018) 253 DLT 728

[7] (2008) 150 DLT 769

[8] CC No. 4680 of 2004

[9] CM APPL. No. 33474 of 2016

Tags artificial intelligence courses online , aviation law courses india , best online law courses , business law course , civil courts , civil law law courses online , civil system in india , competition law , corporate law courses online , covaxin , covid vaccine , diploma courses , diploma in criminal law , drafting , fashion law online course , how to study law at home , indian law institute online courses , innovation , Intellectual Property , international law courses , international law degree online , international law schools , introduction to law course , invention , knowledge , labour law course distance learning , law , law certificate courses , law certificate programs online , law classes , law classes online , law college courses , law courses in india , law firms , law schools , lawyers , learn at home , legal aid , legal courses , online law courses , online law courses in india , pfizer , pleading , space law courses , sports law , sports law courses , study criminal law online , study later , study law at home , study law by correspondence , study law degree online , study law degree online australia , study law distance education , study law distance learning , study law online , study law online free , study law online uk , study legal studies online , teach law online , technology law courses , trademark

First Conviction Case under Sec 67 of the IT ACT, 2000

Suhas Katti v. Tamil Nadu, was the first case in India where a conviction was handed down in connection with the posting of obscene messages on the internet under the controversial section 67 of the Information Technology Act, 2000. The case was filed in 2004 and within a short span of about seven months from the filing of the FIR, the Chennai Cyber Crime Cell achieved the conviction .The Case of Suhas Katti is a notable case where the conviction was achieved successfully within 7 months from filing of the FIR. The efficient handling of the case which happened to be the first case of the Chennai Cyber Crime Cell going to trial deserves a special mention.

The accused originated an obscene message on 7.02.04 from Bombay at a browsing centre and went on to surf Yahoo Web Site and created an email in the name of Roselind (the victim) as “ [email protected] ”. He went into five different Sex Groups through Yahoo website (Radha lovers, Beautiful Tamil Actresses, Tamil girls showing their P***ai, Tamil **** Babes, and Tamil girls showing everything ) and became a member. He started making obscene and defamatory messages about the victim as if she is soliciting sex work and gave her office phone numbers and residence phone number and her email ID- “ [email protected] ”. On seeing such messages in the Yahoo group, several people from different places made offending calls to the victim through phones and emails. The accused also started forwarding emails received in the fake account opened by him in the victim’s name. Again on 9.02.04, the accused posted another similar obscene message about the victim. After suffering defamation due to all such acts of the accused, victim filed a complaint against the accused. The police traced the accused that was the victim’s friend to Mumbai and was interested in marrying her. She married to another person, but that marriage ended in divorce and the accused started convincing her once again and her reluctance to marry him, he started harassing her through the internet. A Charge sheet was filed under section 67 of the IT Act 2000, 469 and 509 IPC against him.

The issues before the honorable court was –

Whether the accused was liable of the charges under Section 67 of the Information Technology Act, 2000.
Whether the accused was liable of the charges under Section 469 of IPC, 1860.
Whether the accused was liable of the charges under Section 509 of IPC, 1860.
Whether the documentary evidence under Sec 65B of the Evidence Act, 1872 was sustainable.

Arguments on behalf of the Prosecution analyzed

It is evident from the facts of the case presented before the honorable court about the relationship between the accused and the victim. Before the marriage of the victim with her ex-husband Prajapathi, the accused wanted to marry her and after the victim secured divorce, the accused expressed his desire to marry the victim but she refused his marriage proposal. In order to seek revenge of her refusal, he took the medium of Internet to abuse her by making a false ID in her name, projecting to be soliciting sex-work.

Sec.67 of the IT Act, 2000 provides the punishment for the person who transmits obscene content on an electronic form. From the evidence submitted, it is evident that the accused intentionally published obscene content in the victim’s name. The posting of such messages resulted in annoying phone calls and emails to the victim in the belief that she was soliciting sex-work. Creating a fake ID in the victim’s name and transmitting obscene content over the Yahoo groups revealing her personal details was completely an offence under the said section. The accused misused the medium of Internet and took revenge on the victim and is liable to be punished under the said section. Sec.498 of IPC talks about the Forgery for purpose harming reputation. Whoever commits forgery, [intending that the document or electronic record forged ] shall harm the reputation of any party, or knowing that it is likely to be used for that purpose, shall be punished. It is evident that the accused has chosen to post the obscene message for a reason that she refused to marry him. Unknown persons contacted her through phone and email and harmed her dignity which was very defamatory in nature resulting in harm in her reputation at her office and among her peer groups. The mental sufferings and humiliation undergone by the victim is irreversible.

Section 509 says that any person intending to insult the modesty of any woman through uttering any words, gesture, or exhibits any object intending that such gesture or words shall be seen by such woman intrudes upon the privacy of such woman, & shall be punished under this section. The accused posted such obscene messages over different sex groups through fake Yahoo ID in her name and tried to insult the modesty of the victim by portraying her as a call-girl which definitely became intruding for the victim’s privacy as he also shared her personal details for contacting. The documentary evidence under Sec 65B of the Evidence Act is sustainable before the court. Counsel for the Accused contended that as per sec.65B, to make an output admissible in evidence, the certificate of the person having lawful control over the use of computer is essential and that evidence produced before the court is invalid. This section doesn’t not suggest that the certificate should be issued by an expert, it is enough if the person issuing the certificate stated that any matter covered by the certificate was to be of his best knowledge. The victim herself has taken out the computer output from her systems and speaks about them in her evidence.

Arguments on behalf of the Accused discussed

The documentary evidence was not sustainable under Section 65B of the Indian Evidence Act, 1872. Section 85B of the IEA states that only in the case of secured electronic record, the court shall presume that such records have not been altered. In the case of other electronic records section 65B insists for a certificate. The legislative wisdom itself accepts that electronic records can be altered and hence the certificate. The accused is neither liable under sec.469 nor 509 of the Indian Penal Code. The complainant has blocked the ID of the alleged accused so that she doesn’t receive messages from him, in the same document produced it is seen that the email ID of her ex-husband was also blocked. Question arises why she blocked his messages that too after blocking the ID of the accused. The prosecution has no answers to these questions. Such obscene messages can also be made by her ex-husband too.

The accused is not liable under Sec.67 of the IT Act, 2000. The offending mails are sent by the lady herself to implicate the accused as accused alleged to have refused her marriage proposal. It is submitted from the evidence that the warning message and the blocking of E-mail ID of accused was done from the computer system installed at prosecution’s house and computer system installed at her office respectively. The Investigation Officer has failed to inspect the computer system at the residence and office nor took any precaution to establish the chain of custody required in computer forensics.

With the evidences and arguments proposed on behalf of the prosecution, and the witnesses produced, Ld. Additional Chief Metropolitan Magistrate, Egmore, delivered the judgment on 5-11-04 as follows - the accused was found guilty of offences under s.469, 509 IPC and under s.67 of the I.T. Act and the accused is convicted and is sentenced to undergo rigorous imprisonment for 2 years u/s 468 IPC and pay a fine of Rs-500/- and for offences u/s 509 IPC sentenced to undergo 1 year simple imprisonment and pay fine Rs-500/- and for offence u/s 67 of IT Act to undergo rigorous imprisonment for two years and pay fine of Rs-4000/-.

Internet has played a vital role in our lives in an unprecedented manner. State of Tamil Nadu v. Suhas Katti was the first case in India where a conviction was handled in connection with the posting of obscene messages on the Internet under sec.67 of the I.T. Act, 2000. Cases like Avnish Bajaj v. State [1] , National Association Of Software v. Ajay Sood And Ors. [2] are some noteworthy cyber law cases in India. There is a heavy toll in the growing number of cybercrimes across India. The law enforcement agencies should be made aware about the various facets of cybercrimes and that there should be an effective redressal mechanism taking cognizance of such cyber crime activities effectively.

NB - The case of Suhas Katti vs. State of Tamil Nadu is not available in any of the online legal databases. If you wish to read the original scanned judgement of the case, kindly mail us : [email protected]

[1] Avnish Bajaj v. State of N.C.T of Delhi , 116 (2005) DLT 427.

[2] National Association Of Software v. Ajay Sood And Ors ., 119 (2005) DLT 596

Article 21 and Victim Compensation Scheme- Case Analysis of Serina Mondal Judgement

Uniform Victim Compensation Scheme a necessity - Analysing the landmark case of Tekram

IRAC Analysis of a lesser-known landmark case on Mandatory Filing of FIR

Critical Appraisal of Information Technology Act

By Soumik Chakraborty and Sreedhar Kusuman

Editor’s Note: The Information Technology (Amendment) Act, 2008 serves as a suitable case study for an analysis of the legislative exercise of law and policy formulation in the field of cybercrime legislation, revealing quite emphatically the need for carefully worded provisions, foresight in the drafting process and imagination with respect to explanations to particular sections.

Introduction

It is a belief of Vernians [i] that Jules imagination and scientific temperament have been the reason for the development of modern technology as we see it today. When he wrote, “20,000 Leagues Under The Sea”, he wrote about the world’s first submarine, the Nautilus captained by the enigmatic Captain Nemo, and lo and behold, we soon had developed our own mode of underwater transportation.

Or when he wrote the story “From The Earth To The Moon” , he wrote about the Gun Club, a post American Civil War organization that had the ambition to develop and send the first men to the moon using a capsule fired off the muzzle of an incredibly long gun mechanism, scientists all over the world joined the space race culminating in the landing of Apollo 11 on the Sea of Tranquillity in July, 1969. In small or large measure such visionary works by prolific writers have always been the basis for modern inventions such as Nuclear Energy, Monorail Transportation or even the Internet. [ii]

After the development of the World Wide Web and different web-based applications that eased communication and made the availability of information easier, a rising menace emerged, the misuse of technology for unlawful and unwanted purposes such as credit card fraud, phishing, hacking and spamming. Hacktivists groups such as Anonymous, have emerged all over the world, who seek to make data free and available and expose state secrets that are being kept hidden by the government after being inspired by ‘martyrs’ such as Julian Assange and Edward Snowden.

For some people they are heroes and for government organizations, they are a nightmare. To curb the growing menace and to nip the problem in the bud in a technologically underdeveloped country like India, to give consideration to the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law (UNCITRAL) and to give legal recognition to electronic commerce, the Information Technology Act, 2000 was brought into place in India with a subsequent amendment in 2008.

The IT Act 2000 was mainly to ensure legal recognition of e-commerce within India. Due to this most provisions are mainly concerned with establishing digital certification processes within the country. Cybercrime as a term was not defined in the act. It only delved with few instances of computer-related crimes. These acts as defined in Chapter XI of the Act are:

Section 43 – Illegal access, the introduction of the virus, denial of services, causing damage and manipulating computer accounts.
Section 65 – Tampering, destroying and concealing computer code.
Section 66 – Acts of hacking leading to wrongful loss or damage.
Section 67 – Acts related to publishing, transmission or causing publication of obscene/ lascivious in nature.

Punishment in Section 65 and 66 is three years or fine up to two lakh rupees or both. For Section 67 the first time offenders can be punished up to 5 years with a fine up to one lakhs of rupees. A subsequent offense can lead to ten years of punishment and fine up to two lakhs of rupees.

Salient Features of Information Technology Amendment Act

Information Technology Act Amendment which came into force after Presidential assent in February 2009 has the following salient features:

Liability of body corporate towards Sensitive Personal Data- New amendment was brought in changes in Section 43 of IT Act 2000 in which for the first time anybody corporate which deals with sensitive personal information does not have adequate controls resulting in wrongful loss or wrongful gain to any person is liable to pay damages to that person to the tune of five crores.
Introduction of virus, manipulating accounts, denial of services etc made punishable- Section 66 has been amended to include offenses punishable as per section 43 which has also been amended to include offenses as listed above; punishment may lead to imprisonment which may extend to three years or with fine which may extend to five lakh rupees or with both. This is a change from an earlier position where the introduction of the virus, manipulating someone’s account has been made punishable with imprisonment for the first time.
Phishing and Spam- While this has not been mentioned specifically but this can be interpreted in the provisions mentioned here in Section 66 A. Through this section sending of menacing, annoying messages and also misleading information about the origin of the message has become punishable with imprisonment up to three years and fine.
Stolen Computer resource or communication device – Newly added Section 66B has been introduced to tackle with acts of dishonestly receiving and retaining any stolen computer resource. This has also been made punishable with three years or fine of one lakh rupees or both.
Misuse of Digital Signature-Section 66C. Dishonest use of somebody else’s digital signature has been made punishable with imprisonment which may extend to three years and shall also be liable to fine with may extend to rupees one lakh.
Cheating- Cheating using computer resource has been made punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupee ( Section 66D ).
Cyber terrorism- The newly introduced Section 66F talks about acts of cyber terror which threatens the unity, integrity or sovereignty of India or strike terror in the people or any section of the people include
Denial of service of resources in use by the nation.
Attempting to penetrate or access a computer resource without authorization or exceeding authorized access.
Introducing or causing to introduce any computer contaminant likely to cause death or injuries to person or damage to or destruction of property or disrupts or knowing that it is likely to cause damage or disruption of supplies or services essential to the life of the community or knowingly or intentionally penetrates or accesses a computer resource without authorization or exceeding authorized access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons for the security of the State or foreign relations, or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism.These acts have been made punishable with Imprisonment which may extend to imprisonment for life. In India, cyber terrorism has emerged as a new phenomenon. The probe against the 2008 serial blasts in cities like Ahmedabad, Delhi, Jaipur, and Bangalore found considerable evidence of cyber terrorism [iii] ; the 2008 attack on Mumbai Taj Hotel, which is now famously known as 26/11 and the 2010 blast in the holy city of Varanasi also had trails of cyber terrorism. [iv]
Child Pornography – Newly introduced Section 67 B attempts to address the issue of child pornography. Through this section it has made the publication or transmission of material in any electronic form which depicts children engaged in sexually explicit act or conduct, anyone who creates, facilitates or records these acts and images punishable with imprisonment of five years and fine which may extend up to ten lakhs in first offence and seven years and fine of ten lakhs on subsequent offence.
Intermediary’s liability- Intermediaries have been made liable to retain any information in the format that Central government prescribes. ( Sections 67C ) and are punishable for the violation with a punishment of imprisonment of 3 years and fine In case of any act which affects national sovereignty intermediaries are liable to seven years ( Section 69(4) ).
Surveillance, Interception, and Monitoring – In order to compact cyber terrorism the government has further armed itself with drastic powers Sections 69 of IT Act 2000 amended enhances the scope from the 2000 version to include interception and monitoring. This has been a major change in the section which also empowers the government not only to monitor any traffic but also block any site through an intermediary. Any failure on part of the intermediary is punishable by seven years and also fine (Section 69(4)). Earlier the provision did not mention any fine.
Cognizance of cases – All cases which entail a punishment of three years or more have been made cognizable. Offenses with three years of punishment have also been made bailable (Section 77B). This change though welcome will make sure most cases falling under the IT Act will be available with the sole exception of Cyber terrorism cases, cases related to child pornography and violations by intermediaries in some cases.
Investigation of Offences- One major change has been the inclusion of Inspectors as investigating officers for offenses defined in this act ( Section 78 ). Earlier these investigations were being done only by an officer of the rank of Deputy Superintendent of Police which was a serious limitation mainly because a number of officers in this rank is limited. With this change, one can look forward to more cases being filed and investigated by police.

Shortcomings of the Act

While the Act has been successful in setting down the framework of regulations in Cyber Space and addresses a few pressing concerns of misuse of technology, it suffers from a few serious lacunae that have not been discussed. Many experts, such as Supreme court lawyer and cyber rights activist, Pawan Duggal, argues that the Act is toothless legislation [v] which has not been completely effective in issuing penalties or sanctions against perpetrators who choose to misuse the reach of cyberspace. There are certain areas of cyber laws which need attention

Spam may be defined as Unsolicited Bulk E-mail. Initially, it was viewed as a mere nuisance but now it is posing major economic problems. In the absence of any adequate technical protection, stringent legislation is required to deal with the problem of spam. The Information Technology Act does not discuss the issue of spamming at all. The USA and the European Union have enacted anti-spam legislation. In fact, Australia has very stringent spam laws under which the spammers may be fined up to 1.1 million dollars per day.

Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details, by masquerading as a trustworthy entity in electronic communication. Phishing is typically carried out by e-mail and often directs users to enter personal and financial details at a website. Phishing is an example of a social engineering technique used to fool users.

There is no law against phishing in the Information Technology Act through the Indian Penal Code talks about cheating, it is not sufficient to check the activity of phishing. Recently a phishing attack was noticed on the customers of State Bank of India in which a clone of the SBI website was used. What is worse is that even SBI has not alerted its customers. So the need of the hour is legislation which prohibits the activity of phishing in India.

Data Protection in Internet Banking

Data protection laws primarily aim to safeguard the interest of the individual whose data is handled and processed by others. Internet Banking involves not just the banks and their customers, but numerous third parties too. Information held by banks about their customers, their transactions etc. changes hand several times. It is impossible for the banks to retain information within their own computer networks. High risks are involved in preventing leakage or tampering of data which ask for adequate legal and technical protection. India has no law on data protection leave alone a law governing an area as specific as protection of data in electronic banking.

The Information Technology Act talks about unauthorized access but it does not talk about maintaining the integrity of customer transactions. The act does not lay down any duty upon banks to protect the details of customers and clients. U.K has a data protection law which was enacted 10 years back that is in 1998 under which banks or any person holding sensitive information may be held liable for damages if it fails to maintain adequate security protection in respect of data. In India, a bank’s liability would arise out of contract as there is no statute on the point.

Privacy Protection

Privacy and data protection are important issues that need to be addressed today as information technology assumes greater importance in personal, professional and commercial spheres. The European Union and the United States have strict policies relating to privacy and protection of personal data when such data or information is being transferred out of their domain.

It is also pertinent to note here, that the absence of a specific privacy law in India has resulted in a loss of substantial foreign investment and other business opportunities. This deficiency has also served as an obstacle to the real growth of electronic commerce. Thus, a statute addressing various issues related to privacy is of utmost importance today, if not an entire act can be brought into force, then at least specific provisions relating to privacy and data protection be incorporated into the Act.

Identity Theft

Identity theft worldwide is a growing problem. IT act 2000 fails to address this issue. This is a major drawback considering the fact that the majority of outsourcing work that India does requires the companies in India to ensure there is no identity theft. In fact, identity theft was one of the main reasons for a major hue and cry over an incident involving personal information of UK customers and an Indian web marketing company. [vi]

The issue of Cyber War has also not been discussed in the Act. International law is an important part of any legal regime and due provisions need to be made in congruence with the international framework of laws. India, in recent times, has faced a number of cyber attacks from China and the Chinese hackers have overridden the Firewalls on Indian databases like a Mongol army on the rampage. In the 26/11 attacks, a number of classified data were provided as intel to the perpetrators from neighboring nations conspiring against India. There are no provisions in the Act to make such perpetrators liable for their actions.

In an interview Mr.Duggal stressed the need for overhauling the cybersecurity legal regime in the country, saying, “A historical mistake was made when the IT (Amendment) Act, 2008, made almost all cyber crimes, barring a couple, bailable offenses. The focus is more on enhancing the quantum of civil liability and reducing the quantum of punishment, which explains the reason why the number of cybercrime convictions in the country is in single digits.” [vii]

The most rampant cyber “misuse” that an individual makes nowadays is downloading movies through peer-to-peer sharing networks. This is a rampant violation of copyright laws but the volume of perpetrators is so large that an effective measure cannot be taken to restrict it. In order to curb the growing menace of cyber crimes government through measures often block access to websites. This has been argued to be a draconian measure and a violation of freedom of speech and expression under Article 19(1)(a).

Recently in the case of the Tamil movie, “Three”, the Madras High Court passed an order to prevent users from accessing torrent websites to dissuade them from downloading copies of the movie from the internet. While it may be a reasonable measure for just the singular movie, blocking access to the entire website is an unnecessarily strict measure. It is said that little knowledge can be a dangerous thing, which is exactly the case in the case of the government. It knows little and tries to implement measures based on such incomplete knowledge. Users are getting more proficient and sophisticated every day and know how to bypass security measures while the legislation is still stuck in the Stone Age of cyberspace.

Copyright and trademark violations do occur on the net but Copyright Act 1976, or Trade Mark Act 1994 is silent on that which specifically deals with the issue. Therefore have no enforcement machinery to ensure the protection of domain names on the net. Transmission of e-cash and transactions online are not given protection under the Negotiable Instrument Act, 1881. Online privacy is not protected only Section 43 (penalty for damage to computer or computer system) and 72 (Breach of confidentiality or privacy) talks about it in some extent but doesn’t hinder the violations caused in the cyberspace.

Even the Internet Service Providers (ISP) who transmits some third-party information without human intervention is not made liable under the Information Technology Act, 2000. One can easily take shelter under the exemption clause if he proves that it was committed without his knowledge or he exercised due diligence to prevent the offense.

It’s hard to prove the commission of the offense as the terms “due diligence” and “lack of knowledge” have not been defined anywhere in the Act. And unfortunately, the Act doesn’t mention how the extraterritoriality would be enforced. This aspect is completely ignored by the Act, where it had come into existence to look into cybercrime which is on the face of it an international problem with no territorial boundaries.

Suggestions for Improvement

The IT (Amendment) Act, 2008, reduced the quantum of punishment for a majority of cyber crimes. This needs to be rectified.
The majority of cyber crimes need to be made non-bailable offenses.
The IT Act does not cover a majority of crimes committed through mobiles. This needs to be rectified.
A comprehensive data protection regime needs to be incorporated in the law to make it more effective.
Detailed legal regime needed to protect the privacy of individuals and institutions.
Cyberwar as an offense needs to be covered under the IT Act.
Parts of Section 66A of the IT Act are beyond the reasonable restrictions on freedom of speech and expression under the Constitution of India. These need to be removed to make the provisions legally sustainable.

International Scenario

Anti spam laws, united states.

The United States has a specific CAN-Spam Act 2003 [viii] which came into force in January 2004. Major provisions are:

False and misleading header information is banned.
Deceptive subject lines are prohibited.
Opt-out methods must be provided.
Commercial email must be identified as an advertisement and it must include the sender’s valid physical postal address.
Receivers must be warned of sexually explicit material.

Penalties include fine upto USD 11000 and also imprisonment in specific circumstances.

Europe union through the directive on privacy and electronic communication, 2003 [ix] has been a major driving force behind the enactments of anti-spam laws in Europe. UK imposes a fine of GBP 5000 on spammers if they fall within the ambit of its Anti Spam Act.

Computer Misuse

This was addressed in the US way back in 1984 through the Computer Fraud and Abuse Act [x] . This act governs cases with a compelling federal interest, where computers of the federal government or certain financial institutions are involved, where the crime itself is interstate in nature or computers used in interstate and foreign commerce [xi] .

This act punishes anyone who not just commits or attempts to commit an offense under the Computer Fraud and Abuse Act but also those who conspire to do so. This act has been further amended by the US Patriot Act, 2001 which enhanced the scope and penalties imposed. First offense penalties are ten years imprisonment and second offense penalty is imprisonment of 20 years. These are much more stringent considering Indian law provides for just around three years of punishment in most cases.

United Kingdom

UK computer misuse was defined in 1990 through its Computer Misuse Act. [xii] This act dealt with unauthorized access, modification of computer material. Penalties imposed are to the tune of five years imprisonment with fine.

Data Protection and Personal Privacy

These have been of major concern internationally and legislation has been passed as long ago as 1998 to ensure the protection of personal data. One of the leading legislation is the Data Protection Act, 1998 of UK. While Indian IT act Amendment talks about ‘sensitive personal data’ in section 43 but fails to define what exactly it implies by sensitive personal data.

Identity Theft Enforcement and Restitution Act of US has made further enhancements to the original act (Computer Fraud and Abuse Act, 1984) by making the act of causing damage to ten or more computers as the felony. It also removed the limit of damage which was earlier set to USD 5000 in the Computer Fraud and Abuse Act.

One of the major emphasis of this act has been to criminalize not only explicit threats to cause damage to a computer, but also threats (1) to steal data on a victim’s computer, (2) to publicly disclose stolen data, or (3) do not repair damage the offender already caused to the computer; and also ensuring that restitution orders for identity theft cases may include an amount equal to the value of the victim’s time spent remediating the actual or intended harm of the identity theft or aggravated identity theft offense

Void of Vagueness Doctrine

The doctrine of Void for Vagueness, indigenous to the American legal system, has been derived from the due process clauses of the Fifth and Fourteenth Amendments to the U.S. Constitution. [xiii] The basis of the doctrine is uncertainty and lack of specificity and the philosophy underlying the principle appears to be quite simple – no one may be required at peril of life, liberty, or property to speculate as to the meaning of penal law. [xiv]

Thus, if it is found that a reasonably prudent man is unable to determine by himself the nature of the punishment, the prohibited conduct as envisaged under the statute, and what class of persons the law seeks to regulate, for lack of definiteness, the law may be regarded as‘void for vagueness’. [xv]

The objective of a criminal statute is fairly simple, allowing citizens to organize the affairs of their lives with the knowledge of acts that are forbidden by the law, and the negation of this should logically be considered an infirmity of the legal system.

Thus, for example, the phrase ‘gangster’ when used in a penal statute, may render the statute void, since the phrase is open to wide-ranging interpretations, both by the court and the enforcing agencies. [xvi]

While there exist several such instances, mere uncertainty in a single phrase of a hastily drafted statute could render the law unconstitutional and void, thereby necessitating precaution in the framing of penal statutes that are bound to affect a majority of citizens, as is certainly the case with a statute regulating activities on the internet in a country as large as ours.

The Information Technology (Amendment) Act, 2008 serves as a suitable case study for an analysis of the legislative exercise of law and policy formulation in the field of cybercrime legislation, revealing quite emphatically the need for carefully worded provisions, foresight in the drafting process and imagination with respect to explanations to particular sections.

The inadequacies of the legislation and the resultant realistically anticipated problems reinforce the notion that criminal legislation cannot be left open to broad interpretations, especially with regard to internet regulations, considering the fact that cyberspace provides certain liberties in action that makes it easier to transgress laws, and with such characteristics inherent to the environment, any regulatory mechanism or legislative measure must seek to be comprehensive, clear and narrow in interpretive scope.

While the purpose of the Information Technology (Amendment) Act was to address increasing trends of cybercrime and in effect, make it difficult to be a cybercriminal, the irony rests in the fact that what the Amendment Act eventually has created is a situation wherein it perhaps, isn’t ‘easier to be a criminal’, but rather, ‘easier to be classified as a criminal’. The danger, in both cases, cannot be overemphasized.

Formatted on March 1st, 2019.

REFERENCES:

[i] Followers of the work of Jules Verne

[ii] Also brought to you from the mind of Jules Verne.

[iii] (NDTV Correspondent, 2010)

[iv] (NDTV Correspondent, 2010).

[v] http://www.dnaindia.com/scitech/report-indias-information-technology-act-has-not-been-effective-in-checking-cyber-crime-expert-1818328, Last visited on 31 st march, 2014

[vi] Horror of outsourcing to India – Indian call centers are illegally selling personal information of tens of thousand Australian customers http://www.indiadaily.com/editorial/4198.asp

[vii] http://www.dnaindia.com/scitech/report-indias-information-technology-act-has-not-been-effective-in-checking-cyber-crime-expert-1818328 Last visited on 31st march, 2014

[viii] Spam Laws: http://www.spamlaws.com/spam-laws.html

[ix] European Union directive: http://www.opsi.gov.uk/si/si2003/20032426.htm

[x] Computer Fraud and Abuse Act, 1984 USA

[xi] Compute fraud and abuse act: http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act

[xii] Computer Misuse Act, UK: http://www.opsi.gov.uk/acts/acts1990/UKpga_19900018_en_1.htm

[xiii] Void for Vagueness Doctrine , LAW.JRANK.ORG, http://law.jrank.org/pages/11152/Void-Vagueness-

Doctrine.html

[xv] A. G. A., The Void for Vagueness Doctrine in the Supreme Court , 109(1) U. PA. L. REV. 67

[xvi] Lanzetta v . New Jersey, 306 U.S. 451 (1939); Edelman v. California, 344 U.S. 357 (1953).

Information Technology Act, 2000 (IT Act 2000)

Important enactments of the Indian Parliament are crucial topics coming under the polity and governance segments of the UPSC syllabus . The Information Technology Act, 2000 (also known as the IT Act 2000 in short) is an important legislation that is frequently referred to in the daily news. In this article, you can read the salient features of the act and also about the controversial Section 66A of the IT Act 2000.

Information Technology Act, 2000 (IT Act 2000):- Download PDF Here

IT Act, 2000

The Information Technology Act, 2000 was enacted by the Indian Parliament in 2000. It is the primary law in India for matters related to cybercrime and e-commerce.

The act was enacted to give legal sanction to electronic commerce and electronic transactions, to enable e-governance, and also to prevent cybercrime .
Under this law, for any crime involving a computer or a network located in India, foreign nationals can also be charged.
The law prescribes penalties for various cybercrimes and fraud through digital/electronic format.
It also gives legal recognition to digital signatures.
The IT Act also amended certain provisions of the Indian Penal Code (IPC) , the Banker’s Book Evidence Act, 1891, the Indian Evidence Act, 1872 and the Reserve Bank of India Act, 1934 to modify these laws to make them compliant with new digital technologies.
In the wake of the recent Indo-China border clash, the Government of India banned various Chinese apps under the Information Technology Act. Read more about this in an RSTV titled, ‘TikTok, Other Chinese Apps Banned’ .

Given below are the links of relevant topics that will help aspirants prepare for their UPSC examination-

IT Act – 2008 Amendments

The IT Act 2000 was amended in 2008. This amendment introduced the controversial Section 66A into the Act.

Section 66A

Section 66A gave authorities the power to arrest anyone accused of posting content on social media that could be deemed ‘offensive’.
This amendment was passed in the Parliament without any debate.
As per the said section, a person could be convicted if proven on the charges of sending any ‘information that is grossly offensive or has menacing character’.
It also made it an offence to send any information that the sender knows to be false, but for the purpose of annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill-will, through a computer or electronic device.
The penalty prescribed for the above was up to three years’ imprisonment with a fine.

Arguments against Section 66A

Experts stated that the terms ‘offensive’, ‘menacing’, ‘annoyance’, etc. were vague and ill-defined or not defined at all.
Anything could be construed as offensive by anybody.
There was a lot of scope for abuse of power using this provision to intimidate people working in the media.
This also curbed the freedom of speech and expression enshrined as a fundamental right in the Constitution.
The section was used most notably to arrest persons who made any uncharitable remarks or criticisms against politicians.

The government contended that the section did not violate any fundamental right and that only certain words were restricted. It stated that as the number of internet users mushroomed in the country, there was a need to regulate the content on the internet just like print and electronic media. The Supreme Court, however, in 2015, struck down this section of the IT Act saying it was unconstitutional as it violated Article 19(1)(a) of the Constitution. This was in the famous Shreya Singhal v Union of India case (2015) .

Section 69A

Section 69A empowers the authorities to intercept, monitor or decrypt any information generated, transmitted, received or stored in any computer resource if it is necessary or expedient to do so in the interest of the sovereignty or integrity of India, defense of India, the security of the State, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognizable offence or for investigation of any offence.
It also empowers the government to block internet sites in the interests of the nation. The law also contained procedural safeguards for blocking any site.
When parties opposed to the section stated that this section violated the right to privacy, the Supreme Court contended that national security is above individual privacy. The apex court upheld the constitutional validity of the section. Also read about privacy laws and India .
The recent banning of certain Chinese Apps was done citing provisions under Section 69A of the IT Act.
Note:- The Indian Telegraph Act, 1885 allows the government to tap phones. However, a 1996 SC judgement allows tapping of phones only during a ‘public emergency’. Section 69A does not impose any public emergency restriction for the government.

Read all the important acts and laws for UPSC & other govt. exams in the linked article.

Information Technology Intermediary Guidelines (Amendment) Rules, 2018

The Rules have been framed under Section 79 of the Information Technology Act. This section covers intermediary liability.

Section 79(2)(c) of the Act states that intermediaries must observe due diligence while discharging their duties, and also observe such other guidelines as prescribed by the Central Government.
An intermediary is a service that facilitates people to use the Internet, such as Internet Services Providers (ISPs), search engines and social media platforms.
Conduits: Technical providers of internet access or transmission services.
Hosts: Providers of content services (online platforms, storage services).
Information Technology Intermediary Guidelines (Amendment) Rules were first released in 2011 and in 2018, the government made certain changes to those rules.
In 2018, there was a rise in the number of mob lynchings spurred by fake news & rumours and messages circulated on social media platforms like WhatsApp.
To curb this, the government proposed stringent changes to Section 79 of the IT Act.

What do the Rules say?

According to the 2018 Rules, social media intermediaries should publish rules and privacy policies to curb users from engaging in online material which is paedophilic, pornographic, hateful, racially and ethnically objectionable, invasive of privacy, etc.
The 2018 Rules further provide that whenever an order is issued by government agencies seeking information or assistance concerning cybersecurity , then the intermediaries must provide them the same within 72 hours.
The Rules make it obligatory for online intermediaries to appoint a ‘Nodal person of Contact’ for 24X7 coordination with law enforcement agencies and officers to ensure compliance.
The intermediaries are also required to deploy such technologies based on automated tools and appropriate mechanisms for the purpose of identifying or removing or disabling access to unlawful information.
The changes will also require online platforms to break end-to-end encryption in order to ascertain the origin of messages.
Online Intermediaries are required to remove or disable access to unlawful content within 24 hours. They should also preserve such records for a minimum period of 180 days for the purpose of investigations.

Rationale behind the Rules

The government intends to make legal frameworks in order to make social media accountable under the law and protect people and intermediaries from misusing the same.
The government wants to curb the spread of fake news and rumours, and also pre-empt mob violence/lynching.
There is a need to check the presentation of incorrect facts as news by social media, that instigates people to commit crimes.

There has been criticism of the Rules from certain quarters, that says that the State is intruding into the privacy of the individual. Some also say that this law widens the scope of state surveillance of its citizens. These criticisms are notwithstanding the fact that the new Rules are in line with recent SC rulings.

Tehseen S. Poonawalla case (2018): SC said that authorities have full freedom to curb the dissemination of explosive and irresponsible messages on social media, that could incite mob violence and lynchings.
Prajwala Letter case (2018): SC ordered the government to frame the necessary guidelines to “eliminate child pornography, rape and gang rape imagery, videos, and sites in content hosting platforms and other applications”.

Frequently Asked Questions Related to Information Technology Act 2000

What is the main provision of it act 2000, what are the features of it act 2000.

Features of the Information Technology Act, 2000

All electronic contracts created through secure electronic channels were legally valid.
Legal recognition for digital signatures.
Security measures for electronic records and conjointly digital signatures are in place.

How many sections are in the IT Act 2000?

IAS 2024 - Your dream can come true!

Download the ultimate guide to upsc cse preparation.

Share Share

Register with BYJU'S & Download Free PDFs

A Critical Analysis of Sec.79 of IT Act 2000

Cyber Law Subject-wise Law Notes
July 16, 2020

The basis for enforcement and enactment of the Information Technology Act,2000 was to provide recognition to e-commerce and e-transactions and also to protect the users from digital crimes, piracy etc. The Ministry of Electronics and IT has prepared the Information Technology [Intermediaries Guidelines (Amendment) Rules] 2018 (hereinafter referred to as “2018 Rules”) in order to prevent spreading of fake news, curb obscene information on the internet, prevent misuse of social-media platforms and to provide security to the users.

The Information Technology (Intermediaries Guidelines) Rules, 2011(hereinafter referred to as “ 2011 Rules)created a lot of heat waves in the digital world with regard to the duties and liabilities of the intermediaries even after safe harbor protection provided under Section 79 of the Information Technology Act,2000(hereinafter referred to as “the Act”). Section 79 of the Act provided that the Intermediaries or any person providing services as a network service provider are exempted from the liabilities in certain instances. In 2018, the government has come out with certain changes in the 2011 Rules and has elaborately explained the liabilities and functions of the Intermediaries and to oversee that the social media platform is not misused

Section 79 of the Act is a ‘safe harbor’ provision which grants conditional immunity to intermediaries from liability for third party acts. Section 79(1) of the Act grants intermediaries a conditional immunity with regard to any third-party information, data or communication link made available or hosted by them. This immunity is subject to section 79 (2) and 79 (3) of the Act.

Section 79(2) essentially covers cases where the activity undertaken by the intermediary is of a technical, automatic and passive nature. Thus, for section 79(2) to be applicable, intermediaries are to have neither knowledge nor control over the information which is transmitted or stored.

Furthermore, Section 79(3)(b) envisages a ‘notice and take down’ regime, wherein the intermediary is required to take down unlawful content upon receiving actual knowledge of its existence.

Who is an Intermediary?

An ‘intermediary’ has been defined in Section 2(w) of the Act as “any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, web-housing service providers, search engines, online payment sites, online auction sites, online market places and cyber cafes ” .

This term has belied a narrow construction. Typically, intermediaries are persons who facilitate the use of the internet. Interestingly, the definition of an intermediary includes cyber cafes, and is not restricted to online intermediaries. Although a disparate range of functions are performed by intermediaries; common functions include hosting content, collecting information, evaluating scattered information, facilitating communication and information exchange, aggregating information, providing access to the internet etc. Internet service providers, search engines, social media platforms, cloud service provider, cyber cafes, are all intermediaries.

Section 79 of the Information Technology Act, 2000 provides that subject to the intermediary complying with certain requirements, it shall not be liable for any third party data or information made available by it. The conditions to be fulfilled by an intermediary include the following:

a) It needs to exercise due diligence while discharging obligations under the law;

b) It needs to comply with the provisions of the Information Technology Act, 2000 and rules and regulations made thereunder;

c) It must not need to conspire or abet in the commission of any offence;

d) Once called upon to remove or disable access to any content, it must expeditiously do so without vitiating the original electronic evidence.

If these conditions are fulfilled, the intermediary cannot be made liable for third party data. A majority of intermediaries are today hiding behind the judgement of the Supreme Court of India in the case of Shreya Singhal v/s Union of India.

This held that an intermediary will not remove or disable access to any third-party data on its network, unless it gets either an order from a court of competent jurisdiction or an order from a governmental agency to that effect. Ever since the Shreya Singhal judgment[1], a majority of intermediaries have chosen to hide behind this pronouncement.

The spread of fake news in the electronic ecosystem is an immense concern for India as a nation. The recent Indian elections saw massive dissemination of fake news. Given the fact that India does not have a fake news law, a majority of the intermediaries and media service providers have failed to take effective steps to prevent fake news disseminating on their networks. Clearly, existing legal frameworks on the subject under hand are not adequate.

It needs to be also noted that the government has been given powers under Section 87 of the Information Technology Act, 2000 to come up with rules to regulate the conduct of intermediaries. The government had notified the Information Technology (Intermediary Guidelines) Rules in 2011 but these rules provided very limited elements of due diligence.

Given the fact that today large numbers of intermediaries are emerging as strong media companies, it is time to regulate their legal activities by means of appropriate strong legal frameworks. There is also a need for revisiting Section 79 of the Information Technology Act, 2000 in such a manner that the rights, duties and responsibilities of the intermediaries as media companies need to be well defined.

Further, the kind of requirements that service providers and intermediaries need to perform in the context of protecting and preserving cyber security is another area where appropriate legal frameworks need to be beefed up. The government has been in the process of coming up with some draft guidelines for intermediaries. However, these have not yet been specified. It is time for a fresh look at the issue of intermediary liability

is clear that these intermediaries will play a very important role in the electronic ecosystem. The need to transform intermediaries from being mute spectators into legal entities, complying with the applicable law prevailing for the time being is an urgent necessity. Since a number of these intermediaries are often not located in India, many are complying with the Indian cyber law more in breach rather than in observance.

Intermediaries located outside India must be compelled to comply with applicable Indian cyber laws, so long as their services are made available on computers, computers systems and networks located in India. All eyes will now be on the government as to how it deals with the issue of intermediary liability and how it strengthens the rights of users and provides a substantial harmonious balance, in the context of media and electronic ecosystem stakeholders at large.

[1] Shreya Singhal vs UOI AIR 2015 SC 1523, Supreme Court of India.

Author Details: Madhav Mantri

You might like

Lee v Knapp (1967)

Lakshmi Rajan v Malar Hospital

Legal recognition of digital signature in india, leave a reply cancel reply.

Your email address will not be published. Required fields are marked *

Name *

Email *

Add Comment *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Post Comment

Dispute resolution framework under the Information Technology Act, 2000

This blog post highlights the key developments and concerns in the dispute resolution framework under the Information Technology Act, 2000.

1. INTRODUCTION

More than 131 million Indian consumers have been victims of cybercrime and India has lost INR 1.24 trillion in cyber-attacks in the previous year [1] . Most victims of cyber-attacks or frauds in India do not know how to proceed against a cyber-attack. Although multiple online cybercrime complaint portals exist [2] , the procedure after filing such complaint is blurry.

The Information Technology Act, 2000 (“ IT Act ”) sets out a framework for resolution of disputes arising out of cyber-attacks like hacking, data theft, and phishing [3] . The framework allows victims of such attacks to claim damages and compensation from the attackers. The IT Act lays down a two-tier dispute resolution process: (i) Adjudication of disputes; and (ii) appeal against the outcome of such adjudication. However, this process seems to exist mostly on paper, and hasn’t really been implemented. Cybercrimes are mostly dealt with by ‘cybercrime cells’ of the respective police departments. In addition to briefly discussing the current framework for dispute resolution under the IT Act, this blogpost also seeks to discuss the existing challenges in this framework, and how they can be addressed.

2. KEY DETAILS OF THE FRAMEWORK

The scope of the framework is limited; it only applies to disputes that relate to the violations listed in the IT Act [4] . There are two categories of violations under the IT Act: (i) contraventions [5] relating to damage to computer, computer systems; protection of data; failure to furnish information, violation of any provision, rule, regulation or direction under the Act; and (ii) offences [6] including cyber terrorism, violation of privacy and cheating. Only disputes relating to contraventions can be resolved through the dispute resolution framework [7] . Offences are criminal in nature, they are dealt with under the criminal laws of India.

The IT Act is applicable to persons and entities both within and outside India [8] . Once a cyber-dispute is adjudicated as per the dispute resolution framework of the IT Act, the same dispute cannot be taken up by a civil court [9] .

2.1. The process of adjudication under the IT Act:

The power to adjudicate is given to an ‘Adjudicating Officer’ (“ AO ”) appointed by the central government [10] . As per the Ministry of Electronics and Information Technology (“ MeitY ”), the secretary of the department of information technology of each state is appointed as the AO for that state by default [11] . The AO is a quasi-judicial body [12] , as it has dual-powers to: (i) order investigation i.e. hold inquiry into the violation of the IT Act on the basis of evidence produced before it [13] ; and (ii) adjudicate i.e. it decides the quantum of compensation or penalty to be awarded in case of a violation [14] . The AO can exercise its jurisdiction over matters in which the claim for compensation or damage does not exceed INR 5 crore [15] . The process of adjudication is as follows–

Figure 1: Adjudication Process under the IT Act

The AO is entitled to order investigation into a complaint at any time from the receipt of a complaint by it [16] . This investigation is conducted by an officer in the Office of Controller of Certifying Authorities or CERT-In, or by a Deputy Superintendent of Police [17] .

2.2 . Appeal

Orders issued by an AO are appealable before the Telecom Disputes Settlement and Appellate Tribunal (“ TDSAT ”) [18] . A party can appeal against AO’s order before the TDSAT within 45 days of receiving the order [19] . The right to appeal is not available to the parties if the adjudication order was passed with the consent of the parties [20] .

The TDSAT may confirm, modify or set the adjudication order appealed against, after giving the parties a reasonable opportunity to be heard [21] . The TDSAT has the same powers as are vested in a civil court to summon the parties, order production of documents and to review its decisions [22] . A party can file an appeal against TDSAT’s order to the High Court, within 60 days of receiving the order [23] .

3. ISSUES WITH THE DISPUTE RESOLUTION FRAMEWORK UNDER THE IT ACT

The framework may look promising in theory, but it has not been as effective in practice. There is hardly any reportage on a cyber-dispute and there is no data available on the number of cases adjudicated upon by officers or the tribunal. We have identified certain issues that highlight the lacunae in the system:

3.1. Possibility of conflicting orders passed by AOs:

They AOs enjoy wide powers. They can adjudicate on violation of any provision, rule, regulation or direction passed under the IT Act [24] . AOs have sometimes passed orders with significant ramifications. For example, in one case, an AO held a bank liable for not exercising due diligence to prevent phishing [25] . The AO referred to the prevailing RBI guidelines [26] on internet banking to arrive at this conclusion. Thus, AOs can play a significant role in interpreting the IT Act.

There are multiple AOs, who address similar kind of issues, at the same time. This results in the problem of conflicting opinions on the same issue. For instance, in a case [27] , the AO had held that Section 43 [28] of the IT Act was not applicable to the bank as it was a body corporate. However, AOs in other states had held otherwise. In multiple cases, Section 43 has been invoked against body corporates [29] . This can make it difficult for an entity to comply with the IT Act, as it may have to consider the opinion of multiple AOs to function across India.

3.2. Poor availability of orders passed by AOs:

To access adjudication orders passed under the IT Act, one has to search through websites of state governments which are not easy to navigate. There is no reportage of these disputes by popular legal databases as well. There should be a central database for adjudication orders. This will enable officers and other stakeholders to refer to these adjudication orders while dealing with violations under the IT Act. It will also enable businesses to keep a track of cyber disputes.

3.3. Excessive burden on department secretaries appointed as AOs:

Secretaries of the department of information technology of the states are AOs by virtue of an old MeitY Order from 2003 [30] . They are responsible for the administration of their department, and are actively involved in the governance of the state, in addition to performing their duties as AOs. The dual-aspect of their job is extremely burdensome. Considering the high amount of cyber-offences in the country, there is a need to revamp this system for appointment of AOs. There are other Indian laws where AOs are given independent roles for adjudicating violations [31] . For instance, the Prevention of Money Laundering Act, 2002 (“ PMLA ”) lays down a similar adjudication procedure for offences. However, instead of appointing AOs, the PMLA has established an ‘Adjudicating Authority’ [32] . This authority comprises of a chairperson and two other members. This authority is only involved in adjudication of offences, it is also allowed to have its own staff for assistance [33] . The IT Act could adopt a mechanism similar to the other laws to ensure efficacy and speedy disposal of adjudications.

3.4. Need for capacity building in adjudication of cyber offences:

There is a need to build the capacity of AOs. The Crown Prosecution Service of the United Kingdom has issued ‘Cybercrime-prosecution guidance’ [34] . This guidance has defined major kinds of cybercrimes like hacking, social media related offences, etc. They provide basic principles for adjudication of cybercrimes. A guidance of a similar nature should be introduced in India to ensure better handling of complaints.

3.5. Investigation and appreciation of evidence during the adjudication process

Investigation into violations is conducted by an officer in the Office of Controller of Certifying Authorities or CERT-IN; or by the Deputy Superintendent of Police [35] . However, the capacity of these bodies to conduct cyber investigations is questionable.

Most cyber-offences are reported to the police departments, as the National Cyber Crime Portal functions under the domain of the Ministry of Home Affairs [36] . Complaints on this portal are referred to the police department of the state in which the alleged cyber-offence was committed. The police personnel are not equipped to deal with cybercrimes; they may not have the requisite expertise in areas like cyber forensics and investigation. They often appoint private firms to investigate into such matters. [37]

There is no guiding document under the Indian regulatory framework on cyber investigation or cyber forensics. The Information Technology (Amendment) Act, 2008 has established a body called the “Examiner of Electronic Evidence” [38] . This body provides expert opinion on electronic evidence. The MeitY has appointed various forensic science laboratories as the examiner [39] . These laboratories hold expertise in conducting cyber investigation. However, the Holding of Enquiry Rules, 2003 have not been updated post the coming of the 2008 amendment act. The rules must be amended to give AOs the power to order such examiners to investigate into the matters before them.

There should be guidelines or principles on investigation of cyber offences to better equip the police and other investigating agencies to handle such cases. For instance, the United States Department of Justice had issued a guide on ‘Electronic Crime Scene Investigation’ in 2001 [40] . This is a comprehensive guide which sets out investigation techniques for different kinds of cyber violations like frauds, identity theft etc. A similar national guideline on cyber investigations must be issued in India. A cybercrime investigation manual was launched by the Data Security Council of India [41] . Steps must be taken by the central government to notify such guidelines.

3.6. Issues with the TDSAT

Initially, a “Cyber Appellate Tribunal” was established under the IT Act to deal with appeals from orders of AOs. In 2015, a Parliamentary Standing Committee was constituted to study the conditions of tribunals and pendency of cases. This committee in its report highlighted that the position of the Chairperson of the Cyber Appellate Tribunal was vacant since 2011 and was thus dysfunctional. As of 31 December 2014, only 34 cases were pending in this tribunal [42] . Considering the state of affairs, this tribunal was merged with the TDSAT in 2017 [43] .

As per the TRAI Act, the TDSAT consists of a chairperson and two other members only. Considering that telecom and information technology are separate subjects, a different set of expertise is required to decide upon them. It is necessary that the TDSAT increase its strength and involve experts having a background in information technology to decide upon cases relating to the subject. There should be a separate bench to decide upon cyber appeals.

3.7. Adjudication and handling of cyber violations by sectoral authorities

Most instances of cyber violations relate to online banking frauds, including KYC frauds and phishing related cases [44] . For this, the RBI has an “Ombudsman Scheme for Digital Transaction, 2019” [45] . This allows victims of cyber violations to file online complaints. Such complaints should relate to default of the bank, payment system or prepaid payment instruments provider. The ombudsman is empowered to award compensation up to INR 20 lakh rupees to the victim. Similarly, the Ministry of Home Affairs had introduced a National Cyber Crime Reporting Portal [46] . Complaints pertaining to online financial frauds, social media related frauds and hacking can be reported on this portal [47] . However, the procedure post filing a complaint on this portal is not set out. It is good to have sectoral regulations for handling cybercrimes. Sectoral regulators may be better equipped to deal with the cybercrimes pertaining to their particular area. At the same time, different sets of regulations may lead to potential conflict between authorities under the IT Act and the sectoral authorities. There should be a channel for sectoral regulators to seek consultation from the authorities under the IT Act, where required. For instance, Section 21 of the Competition Act, 2002 lays down a framework for references by statutory authorities. This section allows other statutory authorities to take the Competition Commission of India’s opinion on whether any decision taken by such authority would be contrary to the Competition Act. A similar framework should be incorporated into the IT Act.

4. CONCLUSION

Considering the large number of incidents of cyber-attacks in the country, it is the need of the hour to bolster the current dispute resolution framework under the IT Act. The dispute resolution framework can create a strong deterrent for cyber offenders by forcing them to pay damages and compensation. It can also serve as an effective complaint redress platform for victims. In its current state it has failed to achieve the desired result.

The authorities under the IT Act function in a vast domain, which encompasses issues relating to cybersecurity, intermediary liability, data privacy, and cyber offences. Therefore, these authorities must be adequately equipped to exercise their wide ranging powers.

The government has stressed heavily upon its Digital India initiative which will support India’s goal of becoming a $5 trillion economy by 2025 [48] . Also, India has a large user base of 697 million internet users [49] . Considering India’s quest to digital transformation, it is pertinent to give teeth to the Act, especially to its dispute resolution framework. This will ensure that disputes in the cyberspace are effectively managed and resolved. This will increase the confidence of the masses as well as the stakeholders towards the regulatory framework.

This post is authored by Aditya Sharma, Associate with inputs from Arpit Gupta, Senior Associate.

For more on the topic, please reach out to us at [email protected]

[1] Page 9, 2019 Cyber Safety Insights Report Global Results , The Harris Poll – Norton LifeLock, March 30, 2020, https://now.symassets.com/content/dam/norton/campaign/NortonReport/2019/2018_Norton_LifeLock_Cyber_Safety_Insights_Report_US_Media_Deck.pdf?promocode=DEFAULTWEB%20

[2] National Cyber Crime Reporting Portal, Ministry of Home Affairs, https://www.cybercrime.gov.in/

[3] Chapter IX, Information Technology Act, 2000.

[4] As per Rule 4(a) of the Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003, the Adjudicating shall exercise jurisdiction in respect of the contraventions in relation to Chapter IX of I T Act, 2000 and the matter or matters or places or area or areas in a State or Union Territory of the posting of the person.

[5] Section 43-44, Chapter IX, Information Technology Act, 2000.

[6] As per Section 61 of the Information Technology Act, 2000, no civil court shall have jurisdiction to entertain any suit or proceeding in respect of any matter which an adjudicating officer appointed under this Act.

[7] As per Rule 4(l) of the Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003, if an adjudicating officer is convinced that the scope of a case extends to any offence (under the Information Technology Act, 2000), she should transfer the case to a Magistrate having jurisdiction to try the case.

[8] Section 1(2), Information Technology Act, 2000.

[9] Section 61, Information Technology Act, 2000.

[10] Section 46 of the Information Technology Act provides for the appointment of an ‘adjudicating officer’; as per Section 46(3) of the Information Technology Act, 2000, no person shall be appointed as an adjudicating officer unless she possesses such experience in the field of information technology and legal or judicial experience as may be prescribed. Rule 3 of the Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003 sets out a detailed eligibility criterion for appointment as an Adjudicating Officer.

[11] Order, Ministry of Communication and Information Technology (Department of Information Technology), Gazette of India, 25 March 2013, http://egazette.nic.in/WriteReadData/2003/E_136_2011_029.pdf

[12] As per Section 46(5) of the Information Technology Act, 2000, every Adjudicating Officer shall have the powers of a civil court and all proceedings before it shall be deemed to be judicial proceedings within the meaning of section 193 and Section 228 of the Indian Penal Code. In the case of Indian National Congress (I) v. Institute of Social Welfare [(2002) 5 SCC 685] it was held that where law requires an authority to hold enquiry before arriving at a decision, such a requirement of law makes the authority a quasi-judicial authority.

[13] Rule 4, the Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003.

[14] As per Section 47 of the Information Technology Act, 2000, while adjudging the quantum of compensation or penalty, the Adjudicating Officer shall have due regard to the following factors: (i) the amount of gain of unfair advantage, wherever quantifiable, made as a result of the default; (ii) the amount of loss caused to any person as a result of the default; and (iii) the repetitive nature of the default.

[15] Section 46(1A), Information Technology Act, 2000.

[16] Rule 4(i), the Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003.

[18] Established under Section 14 of the Telecom Regulatory Authority of India Act, 1997. Introduced by Finance Act, 2017, which omitted the sections pertaining to the Cyber Appellate Tribunal.

[19] However, the appellate tribunal may entertain an appeal after the expiry of the said period of forty-five days if it is satisfied that there was sufficient cause for not filing it within that period, according to section 57(3), Information Technology Act, 2000.

[20] Section 57(2), Information Technology Act, 2000.

[21] Section 57(4), Information Technology Act, 2000.

[22] Section 58(2), Information Technology Act, 2000.

[23] Section 62, Information Technology Act, 2000.

[24] Section 46(1), Information Technology Act, 2000.

[25] Umashankar Sivasubramanian v. ICICI Bank , Adjudicating Officer Chennai, Petition No. 2462 of 2008, Order dated April 12, 2010, https://www.naavi.org/cl_editorial_10/umashankar_judgement.pdf

[26] RBI Master Circular on KYC norms, July 01, 2008, https://m.rbi.org.in/scripts/BS_CircularIndexDisplay.aspx?Id=4354&Mode=0

[27] Rajendra Prasad Yadav v. ICICI Bank , Complaint no. 015/2011, Adjudicating Officer, Karnataka.

[28] Section 43 of the Information Technology Act, 2000, lays down penalty and compensation against “any person” for damage to computer or computer system.

[29] Raju Dada Raut v. ICICI Bank , http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_RajuDadaRaut_Vs_ICICIBank-13022013.pdf

Saurabh Jain v. ICICI Bank , http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_SourabhJain_Vs_ICICI&Idea-22022013.PDF

Ravindra Gunale v. Bank of Maharashtra , http://it.maharashtra.gov.in/Site/Upload/ACT/DIT_Adjudication_RavindraGunale_Vs_BoM&Vodafone_20022013.PDF

[30] Order, Ministry of Communication and Information Technology (Department of Information Technology), Gazette of India, 25 March 2013, http://egazette.nic.in/WriteReadData/2003/E_136_2011_029.pdf

[31] The process of adjudication is provided under the SEBI Act, 1992; Prevention of Money Laundering Act, 2002; and the Electricity Act, 2003.

[32] Section 6, Prevention of Money Laundering Act, 2002.

[33] Section 7, Prevention of Money Laundering Act, 2002.

[34] Cybercrime – prosecution guidance , Crown Prosecution Service, United Kingdom, https://www.cps.gov.uk/legal-guidance/cybercrime-prosecution-guidance

[36] National Cyber Crime Reporting Portal, Ministry of Home Affairs (India), https://www.cybercrime.gov.in/

[37] Police in states across India are relying on private firms and consultants to solve cybercrime cases , Economic Times, 13 December 2019, https://economictimes.indiatimes.com/news/politics-and-nation/police-in-states-across-india-are-relying-on-private-firms-and-consultants-to-solve-cybercrime-cases/articleshow/72499885.cms?from=mdr

[38] Section 79A, Information Technology Act, 2000.

[39] The Regional Forensic Science laboratory, Dharamshala; Cyber Forensic Laboratory, Army Cyber Group, New Delhi; State Forensic Science Laboratory, Bengaluru; Central Forensic Laboratory, Hyderabad; Directorate of Forensic Science, Gandhinagar; Computer Forensic and Data Mining Laboratory, SFIO, Delhi; and Forensic Science Laboratory, Govt. of NCT, New Delhi, have been notified as ‘Examiner of Electronic Evidence, https://meity.gov.in/notification-forensic-labs-%E2%80%98examiner-electronic-evidence%E2%80%99-under-section-79a-information-technology

[40] Electronic Crime Scene Investigation, A guide for first responders , U.S. Department of Justice, 2001, https://www.ncjrs.gov/pdffiles1/nij/187736.pdf

[41] Cybercrime Investigation Manual , Data Security Council of India, https://uppolice.gov.in/writereaddata/uploaded-content/Web_Page/28_5_2014_17_4_36_Cyber_Crime_Investigation_Manual.pdf

[42] Report of the Department-Related Parliamentary Standing Committee On Personnel, Public Grievances, Law and Justice , 26 February 2015, https://www.prsindia.org/sites/default/files/bill_files/SC_Report-_Tribunals_Bill%2C_2014.pdf

[43] The Cyber Appellate Tribunal was merged into the TDSAT by virtue of Section 169 of the Finance Act, 2017, https://naavi.org/uploads_wp/finance_act_2017.pdf

[44] A Review of the Functioning of the Cyber Appellate Tribunal and Adjudicatory Officers under the IT Act, Divij Joshi, The Centre for Internet & Society, 16 June 2014, https://cis-india.org/internet-governance/blog/review-of-functioning-of-cyber-appellate-tribunal-and-adjudicatory-officers-under-it-act

[45] Ombudsman Scheme for Digital Transaction, 2019, Reserve Bank of India. https://rbidocs.rbi.org.in/rdocs/Content/PDFs/OSDT31012019.pdf

[46] National Cyber Crime Reporting Portal, Ministry of Home Affairs (India), https://www.cybercrime.gov.in/

[47] FAQs to the National Crime Reporting Portal, https://www.cybercrime.gov.in/Webform/FAQ.aspx

[48] India’s Trillion Dollar Digital Opportunity , Ministry of Electronics and Information Technology (India), 2019, https://meity.gov.in/writereaddata/files/india_trillion-dollar_digital_opportunity.pdf

[49] Internet usage in India – Statistics & Facts , Statista, June 29 2020, https://www.statista.com/topics/2157/internet-usage-in-india/

RELATED WRITING

Innovation in Dispute Resolution: A Look at UK’s Cutting-Edge Arbitration Rules for Novel Technologies

Qatar/Saudi Arabia Copyright Piracy Dispute: Implications of WTO’s Rejection of the National Security Exception

Dispute resolution framework under the Information Technology Act, 2000

Adopt experimental regulatory approach for emerging technologies

Satellite broadband- The world is gearing up for India, but are we ready?

Internet Exchanges in India: A Legal Anomaly

Our comments on the draft National Geospatial Policy, 2021

Mapping the contours of the new Geospatial Guidelines on India

Labelling of Plant-Based Meats: Regulatory Landscape

Overview – Regulatory Issues Surrounding Cultivated Meat

Challenge the status quo.

Skip to primary navigation
Skip to main content
Skip to primary sidebar

Info. Technology Law

A. Section 2: Definitions – Computer, Computer Network, etc

1. K. Ramajayam V. The Inspector Of Police [The DVR is an electronic record withinn the meaning of Section 2(t) of the Information Technology Act, 2000, as it stores data in electronic form and is also capable of output]

2. Syed Asifuddin And Ors. vs The State Of Andhra Pradesh [2005 CriLJ 4314]

Summary: Reliance model handsets were to be exclusively used by Reliance India Mobile Limited but the TATA Indicom staff members who were figured as an accused tampered with pre-programmed CDMA digital handsets belonging to Reliance Infocomm and activated with TATA Indicom network with all dubious means. Offence was held to be made out under Section 65 of IT Act.

3. Diebold Systems Pvt. Ltd. vs The Commissioner Of Commercial Tax [2006 144 STC 59 Kar]

B. Section 43: Penalty and Compensation for damage to computer, computer system, etc

1. Poona Auto Anillaries Pvt. Ltd., Pune Versus Punjab National Bank, HO New Delhi & Others Summary: In 2013, in one of the largest compensation awarded in legal adjudication of a cyber crime dispute, Maharashtra’s IT secretary Rajesh Aggarwal had ordered PNB to pay Rs 45 lakh to the Complainant Manmohan Singh Matharu, MD of Pune-based firm Poona Auto Ancillaries. A fraudster had transferred Rs 80.10 lakh from Matharu’s account in PNB, Pune after Matharu responded to a phishing email. Complainant was asked to share the liability since he responded to the phishing mail but the Bank was found negligent due to lack of proper security checks against fraud accounts opened to defraud the Complainant.

C. Section 65: Tampering with Computer Source Document

1. Syed Asifuddin And Ors. vs The State Of Andhra Pradesh [2005 CriLJ 4314]

2. Bhim Sen Garg vs State Of Rajasthan and Others. on 13 June, 2006 [2006 CriLJ 3643]

E. Section 66: Computer Related Offences

1. A. Shankar vs State Rep. [2010] The petitioner had secured access unauthorisedly to the protected system of the Legal Advisor.

E. Section 66A: Punishment for sending offensive messages through communication service, etc.

1. Supreme Court Judgment (in PDF) as to scrapping of Section 66A in the matter of Shreya Singhal V Union of India (2015)

Summary: Section 66A of the Information Technology Act, 2000 is struck down in its entirety being violative of Article 19(1)(a) and not saved under Article 19(2). )Section 69A and the Information Technology (Procedure & Safeguards for Blocking for Access of Information by Public) Rules 2009 are constitutionally valid. Further, Section 79 is valid subject to Section 79(3)(b) being read down and so on.

F. Section 67: Punishment for publishing or transmitting obscene material in electronic form

1. Avnish Bajaj vs State, famously known as Bazee.com case (2005) Summary : CEO of E-Commerce Portal was arrested and given bail later under Section 67 of IT Act on account of an obscene video uploaded on Bazee.com for sale. He proved Due Diligence but in 2005, Information Technology Act did not have any provisions related to ‘Intermediary’ !

2. Sharat Babu Digumarti vs State, Govt. of NCT of Delhi (Bazee.com Case, Appeal) Summary: Petitioner was working as Senior Manager, Trust and Safety, BIPL on the day when DPS MMS was put up for sale on Bazee.com. That is, the office responsible for the safety of the Portal, taking action on suspect lists when reported by our users, and block the user or close items listed accordingly. It was held that there is prima-facie sufficient material showing petitioner‟s involvement to proceed against him for the commission of offence punishable under Section 292 IPC. Though he was alrady discharged of offences only under Section 67 read with Section 85 of IT Act and Section 294 IPC.

3. Dr. L. Prakash vs State Of Tamil Nadu (2002) Summary: Petitioner was arrested by the Inspector of Police, R8 Vadapalani Police Station, Chennai for various offences, particularly Section 67 of the Information Technology Act, 2000, Section 4 read with Section 6 of the Indecent Representation of Women (Prohibition) Act, 1986 and Section 120-B of the Indian Penal Code.

4. Mohammed vs State on (2010) Summary: Section 67 of Information Technology Act analyzed and held it is not applicable to the case of threatening email received by Chief Minster of Gujarat, hence ordered to be deleted from the matter.

5. Sreekanth C.Nair vs Licensee/Developer (2008) [Blocking of Website] Summary: A student of ASCL, came across the website “www.incometaxpune.com”, and on visiting the said site, the complainant was taken to a pornographic site and move the court for blocking order against the website. The court ordered that only when the authorities enumerated under Clauses (i) to (vii) when moved were either not inclined or had refused to prefer a complaint to the Director, CERT-In, then the court could be moved for a direction to the officer concerned.

F. Section 70: Protected system

2. Firos vs State Of Kerala (2006)

G. Section 79: Exemption of Liability of Intermediary in certain cases and Information Technology (Intermediary Guidelines) Rules, 2011

1. CHRISTIAN LOUBOUTIN SAS Versus NAKUL BAJAJ & ORS (Intermediary Liability as an E-commerce Operator – November 2018)

Great analysis of section 79 of IT Act, 2000 and the Intermediary Guidelines done by honorable Judge Ms Pratibha M Singh. Importantly, it lays down the circumstances, in which the Intermediary will be assumed to be abetting the sale of online products/services and therefore, cannot go scott free. In the said matter, the Complainant, a manufacturer of Luxury Shoes filed for injunction against an e-commerce portal www.darveys.com for indulging in Trademark violation, along with the seller of spurious goods.

2. KENT RO SYSTEMS LTD & ANR Versus AMIT KOTAK & ORS (EBAY – January 2017)

Kent RO had lodged Complaint with eBay as to IPR violation of its rights by a seller on later’s platform and wanted Ebay to verify the products before it is uploaded on it’s platform. Court said the IT Intermediary Rules only require the intermediary to publish the Rules and Regulations and Privacy Policy and to inform the users of its computer resources not to host, display, uphold or publish any information that infringes any Intellectual Proprietary Rights. Further, the IT Rules require the eBay as an intermediary to, upon any person as the plaintiffs approaching it in writing, of products infringing that person’s patent, trademark or copyright rights to within 36 hours disable the infringing information. Court held that hosting of information on such portals is automatic and it is not expected of the eBay to screen each and every information except when the same is brought to it’s knowledge. Therefore, to require an intermediary to do such screening would be an unreasonable interference with the rights of the intermediary to carry on its business.

3. Google India Pvt Ltd VS. Visaka Industries Limited (2009) [Google liable as Intermediary (if proved guilty) as criminal complaint instituted before the Information technology (Amendment) Act 2008 came into force]

4. Gaussian Network Pvt. Ltd V Monica Lakhanpal & Another (2012) [Whether there is any restriction on playing the Games of Rummy, Chess, Golf, Poker, Bridge, and Snooker of skill with stakes on the websites making profit and whether wagering and betting on games of skill make the activity “Gambling”, as covered under Rule 3 of Intermediary Guidelines ?]

5. Vyakti Vikas Kendra & other vs Jitender Bagga & Google (2012) [Art Of Living Foundation filed for interim relief against a blogger and the intermediary Google owned Blogger.com for cyber defamation. The latter was ordered to remove all the defamatory content within 36 hours]

H. Section 65B of Indian Evidence Act, 1872: Admissibility Of Electronic Records

1. Anvar P.V vs P.K. Basheer & Others [An electronic record by way of secondary evidence shall not be admitted in evidence unless the requirements under Section 65B are satisfied]

2. SC: Harpal Singh V. State of Punjab (2016) – Electronic Evidence [November 2016] [Apparently the prosecution has relied upon the secondary evidence in the form of printed copy of the call details, even assuming that the mandate of Section 65B(2) had been complied with, in absence of a certificate under Section 65B(4), the same has to be held inadmissible in evidence]

3. K. Ramajayam V. The Inspector Of Police [If an electronic record as such is used as primary evidence under Section 62 of the Indian Evidence Act, 1872 the same is admissible in evidence, without compliance with the conditions in Section 65B of the Evidence Act. In this case, DVR which contains the information is before the Court]

I. Effects Test – Jurisdiction

1. Banyan Tree Holding (P) Limited vs A. Murali Krishna Reddy & Anr (2009) [While courts have more readily applied the “effects” test in defamation cases, there have been problems in its application to trademark infringement cases]

2. United States Supreme Court in the matter of CALDER v. JONES, (1984) [The United States District Court for the Western District of Texas applied the “effects test” set forth by the United States Supreme Court in Calder v. Jones, 465 U.S. 783 (1984), to deny a defendant’s motion to dismiss an Internet defamation case for lack of personal jurisdiction]

J. Blocking of Website

1. Sreekanth C.Nair vs Licensee/Developer (2008) [Blocking of Website]

K. Domain Names – Domain & Trademark issues

1. Infosys Technologies Limited vs Akhil Gupta (2005)

2. Yahoo! Inc. vs Akash Arora (1999)

3. Satyam Infoway Ltd vs Siffynet Solutions Pvt. Ltd (2004)

L. .COM Domain Name Disputes

1. Vertex Pharmaceuticals Incorporated v. Ramzan Arif, Vertex Medical (pvt) Ltd. [WIPO Case No. D2020-2334] (Domain: VertexMedical.com)

M. Software Piracy

1. Adobe Systems Inc. vs Sachin Naik (Delhi High Court – 2013)

Information Technology Rules

In exercise of the powers conferred by respective sections of Information Technology Act 2000, the Central ...

Further Section

Information Technology Act, 2000

1. Cyber Crime in India 2. Check Domain Name WHOIS Info 3. Section 63B of Copyright Act, ...

Cyber Crime in India

Engineering Mathematics
Discrete Mathematics
Operating System
Computer Networks
Digital Logic and Design
C Programming
Data Structures
Theory of Computation
Compiler Design
Computer Org and Architecture
Cyber Security Tutorial

Introduction

OSI Security Architecture
Active and Passive attacks in Information Security
Types of Security Mechanism
A Model for Network Security

Cyber Technology

Basics of Wi-Fi
The Internet and the Web
What is a Website ?
Cryptography and Network Security Principles
Public Key Infrastructure
What is Electronic Signature?
Identity and Access Management
What Is Cloud Computing ?

Cyber Ethics

Intellectual Property Rights
Fundamental Rights (Articles 12-35): A Comprehensive Guide
Introduction to Ethical Hacking
What is a Scam?

Cyber Crimes

Psychological Profiling in Cybersecurity
Social Engineering - The Art of Virtual Exploitation
Cyber Stalking
How to Defend Against Botnets ?
Emerging Attack Vectors in Cyber Security
Malware and its types
What is Phishing?
Cyber Crime - Identity Theft
What is Cyber Terrorism?
What is Proxy Server?

Cyber Crime Techniques

Worms, Viruses and beyond !!
Trojan Horse in Information Security

Keyloggers and Spyware

Types of SQL Injection (SQLi)
Buffer Overflow Attack with Example
Reverse Engineering - Software Engineering
Difference Between Vulnerability and Exploit
Basic Network Attacks in Computer Network
Kali Linux - Hacking Wi-Fi
Web Server and its Types of Attacks
Types of VoIP Hacking and Countermeasures
How to Spoof SMS Message in Linux ?
Difference between Backup and Recovery
Manual Code Review : Security Assessment
Penetration Testing - Software Engineering

Prevention and Protection

What is Vulnerability Assessment?
Secure coding - What is it all about?
Chain of Custody - Digital Forensics
Digital Forensics in Information Security
Introduction of Computer Forensics
What is Network Forensics?

Cyber Forensics

Cybercrime Causes And Measures To Prevent It
Digital Evidence Collection in Cybersecurity
Digital Evidence Preservation - Digital Forensics
Computer Forensic Report Format
How to Stop Phishing?

Cyber Crime Investigation

Intellectual Property in Cyberspace
Cyber Security Policy
History of Cyber Security
What is Internet? Definition, Uses, Working, Advantages and Disadvantages
Cyber Security Metrics
What is Cybersecurity Framework?
Cyber Security, Types and Importance

Cyber security Evolution

Substitution Cipher
Difference between Substitution Cipher Technique and Transposition Cipher Technique
Difference between Block Cipher and Transposition Cipher

Cyber security Objectives

Data encryption standard (DES) | Set 1
Strength of Data encryption standard (DES)
Differential and Linear Cryptanalysis

Classical Encryption Techniques

Difference between AES and DES ciphers
Advanced Encryption Standard (AES)

Block Ciphers and the Data Encryption Standard

Implementation of RC4 algorithm
Introduction to Chinese Remainder Theorem
Discrete logarithm (Find an integer k such that a^k is congruent modulo b)
Public Key Encryption

Advanced Encryption Standard

Key Management in Cryptography
Implementation of Diffie-Hellman Algorithm

Moreon Symmetric Ciphers

Message Authentication Requirements
How message authentication code works?
Hash Functions in System Security

Introduction to Number Theory

Whirlpool Hash Function in Python
HMAC Algorithm in Computer Network

Public-Key Cryptography and RSA

Types of Authentication Protocols
Digital Signature Standard (DSS)

Key Management:OtherPublic-Key Cryptosystems

X.509 Authentication Service
PGP - Authentication and Confidentiality

Message Authentication and Hash Functions

IP security (IPSec)
IPSec Architecture
Internet Protocol Authentication Header

Hashand MAC Algorithms

Web Security Considerations
Secure Socket Layer (SSL)
Transport Layer Security (TLS)

Digital Signatures and Authentication Protocols

Intruders in Network Security
Password Management in Cyber Security

Authentication Applications

Electronic mail security, ip security, web security, malicious software, information technology act, 2000 (india).

The Information Technology Act, 2000 also Known as an IT Act is an act proposed by the Indian Parliament reported on 17th October 2000. This Information Technology Act is based on the United Nations Model law on Electronic Commerce 1996 (UNCITRAL Model) which was suggested by the General Assembly of United Nations by a resolution dated on 30th January, 1997. It is the most important law in India dealing with Cybercrime and E-Commerce.

The main objective of this act is to carry lawful and trustworthy electronic, digital and online transactions and alleviate or reduce cybercrimes. The IT Act has 13 chapters and 94 sections. The last four sections that starts from ‘section 91 – section 94’, deals with the revisions to the Indian Penal Code 1860.

The IT Act, 2000 has two schedules:

First Schedule – Deals with documents to which the Act shall not apply.
Second Schedule – Deals with electronic signature or electronic authentication method.

The offences and the punishments in IT Act 2000 : The offences and the punishments that falls under the IT Act, 2000 are as follows :-

Tampering with the computer source documents.
Directions of Controller to a subscriber to extend facilities to decrypt information.
Publishing of information which is obscene in electronic form.
Penalty for breach of confidentiality and privacy.
Hacking for malicious purposes.
Penalty for publishing Digital Signature Certificate false in certain particulars.
Penalty for misrepresentation.
Confiscation.
Power to investigate offences.
Protected System.
Penalties for confiscation not to interfere with other punishments.
Act to apply for offence or contravention committed outside India.
Publication for fraud purposes.
Power of Controller to give directions.

Sections and Punishments under Information Technology Act, 2000 are as follows :

Please Login to comment...

Improve your Coding Skills with Practice

What kind of Experience do you want to share?

Artificial Intelligence
Generative AI
Business Operations
IT Leadership
Application Security
Business Continuity
Cloud Security
Critical Infrastructure
Identity and Access Management
Network Security
Physical Security
Risk Management
Security Infrastructure
Vulnerabilities
Software Development
Enterprise Buyer’s Guides
United States
United Kingdom
Newsletters
Foundry Careers
Terms of Service
Privacy Policy
Cookie Policy
Member Preferences
About AdChoices
E-commerce Links
Your California Privacy Rights

Our Network

Computerworld
Network World

India’s IT Act 2000 a toothless tiger?

The recent whatsapp breach turned the spotlight yet again on india’s dated, ineffectual it act, 2000. cyberlaw experts pavan duggal, prashant mali and puneet bhasin tell us everything that’s wrong with the act and what the government ought to do to fix it..

The recent fiasco around the that accessed confidential information via WhatsApp on Indian government officials, scientists and journalists caused a fair bit of outrage with heated debates around privacy and data protection.

However, the Facebook-owned messaging app got away scot-free with a light rap on the knuckles. This isn’t the first time a tech major has been found guilty of compromising data and getting away without being penalized – all thanks to India’s infecund two-decade-old IT Act, 2000.

Drafted in an age when the internet penetration in India stood at 0.5 percent, the IT Act is not built to accommodate technologies like AI, cloud, mobility, IoT, and quantum computing. Adding to the complexity is the multitude of social media apps and unregulated content from news websites and online discussion forums.

[Note to the reader: Internet penetration in India currently stands at over 40 percent and is projected to reach 627 million users by the end of 2019]

“The IT Act also doesn’t address privacy issues – privacy is now a fundamental right and the law needs to specifically address privacy concerns, but that’s not the case.”

— Dr Pavan Duggal, Advocate, Supreme Court of India & Founder-Pavan Duggal Associates

CSO India talks to the country’s eminent cyber law experts to get a read on the deficits in the IT Act, 2000 and how global tech majors view the Indian demographic as a perfect hunting ground to gather and monetize humongous amounts of unregulated data.

Loopholes in the Indian IT Act, 2000

Simply put, the Indian IT Act is not a cybersecurity law and therefore does not deal with the nuances of cybersecurity, explains Dr Pavan Duggal, Advocate, Supreme Court of India and founder of Pavan Duggal Associates. “The IT Act also doesn’t address privacy issues – privacy is now a fundamental right and the law needs to specifically address privacy concerns, but that’s not the case,” he points out.

So was the IT Act, 2000 flawed to start with? Not really, opines international cyber law expert and founder of Cyberjure Legal Consulting, Adv. Puneet Bhasin. She believes that when the IT Act 2000 came into being, it was actually a good piece of legislation. She explains that the surface of cyber-attacks has exponentially increased and this was not foreseen by the government.

“WhatsApp and Facebook are covered by the ‘safe harbour’ provision under Sec-79 of the IT Act, 2000, which exempts intermediaries from liability in certain instances.”

–Adv (Dr) Prashant Mali, cyber & privacy law expert, Bombay High Court

The penalties levied by the IT Act are minimal compared to GDPR, and the manner of implementation is even more dismal. For instance, the IT Act has provided for damages of up to INR 5 crore, under section-43 of the IT Act. However, Duggal reveals that there hasn’t been a single case when the penalty levied has exceeded INR 12-13 lakh.

To add some perspective, Facebook makes INR 18 crore per day , so the maximum penalty amount levied by the Indian IT Act is roughly what the company makes in three-and-a-half hours.

How Facebook and WhatsApp got away without having to pay a penny

Adv (Dr) Prashant Mali, cyber & privacy law expert at the Bombay High Court explains that the companies are covered within the definition of the “Intermediary” under Section 2(1) (w) of the Information and Technology Act, 2000.

“WhatsApp and Facebook are covered by the ‘safe harbour’ provision under Sec-79 of the IT Act, 2000, which exempts intermediaries from liability in certain instances,” says Mali.

Simply put, the law states that intermediaries will not be liable for any third party information, data or communication link made available by them. Furthermore, the guidelines do not specify any penalty or damage to be borne by a company if the rules are not followed.

In addition, the Computer Emergency Response Team (CERT) does not penalize intermediaries to report a breach or unauthorized access on their own accord.

10 takeaways for the Indian government

An amendment that did more harm than good

The Indian IT Act, 2000 was formed to grant legality to electronic transactions and to promote e-commerce. However, the Act hasn’t been amended in 20 years, barring once in 2008.

Contrary to what one might expect, Duggal reveals that the 2008 amendment further debilitated the Act by making cyber-crime a cognizable (bail-able) offence. This explains the near absence of cyber-crime convictions.

“The 2008 amendment was built on an erroneous presumption that it would be better to reduce the quantum of punishment and increase the fine,” reveals Duggal. Now, this was a bad idea as it eliminated the deterrents from the IT Act.

India – a data goldmine for major league tech giants

Indian citizens have been victims to numerous instances of data breach and privacy violations – take for instance the Cambridge Analytica incident, or the Aadhaar account breach of 1.1 billion citizens, or for that matter the 2018 personal data leak incident of 5 lakh Google+ users.

“Why do you think the trends like business analytics, business intelligence, and digital marketing have seen such rapid growth in India? We’ve been sitting ducks for the last 20 years.”

–Puneet Bhasin, International cyber law expert, Founder-Cyberjure Legal Consulting

The absence of strict data protection and privacy laws coupled with insipid, inconsequential penalties has made India a data-rich demographic for global heavyweights. “Why do you think the trends like business analytics, business intelligence, and digital marketing have seen such rapid growth in India? We’ve been sitting ducks for the last 20 years,” says Bhasin.

Seconding Bhasin’s observation, Duggal opines that the absence of stringent cyber laws makes India a fertile ground for large companies to carry out all kinds of experimentation. “These experiments invariably land up making guinea pigs out of Indian citizens, simply because we don’t have a data protection law,” he says.

The fundamental right to privacy is only enforceable against state action and not against private entities. Also, a lot of service providers are companies located outside the territorial boundaries of the country and therefore are not required to comply with India’s IT Act.

More from this author

Air india data breach highlights concerns around third-party risk and supply-chain security, the biggest data breaches in india, gomeet pant joins abb as vice president and global head of infosec services, personal information and exam results of 1.9 lakh cat aspirants leaked on dark web, most popular authors.

Show me more

Dell data breach exposes data of 49 million customers.

Social engineering: Definition, examples, and techniques

Some strategies for CISOs freaked out by the specter of federal indictments

CSO Executive Sessions: The personality of cybersecurity leaders

CSO Executive Sessions: Geopolitical tensions in the South China Sea - why the private sector should care

CSO Executive Sessions: 2024 International Women's Day special

DUAL APPLICABILITY OF THE IT ACT, 2000 AND IPC, 1860: A COMPREHENSIVE ANALYSIS

Introduction.

In today’s era, technology plays a very important role in every phase of our lives, also has seen rapid growth in the rate of cybercrimes. The Information Technology Act, 2000 (IT Act) was introduced by the Indian government in response to this increasing threat to tackle with various cyber-related crimes. However, since both laws may be potentially relevant to the same offence, concerns are raised about how the IT act interacts with the Indian Penal Code 1860 (IPC). The goal of this blog is to present a study of the dual applicability of the InWdian Penal Code 1860 and the Information Technology Act 2000 for the same offence.

The IT Act 2000 was passed to promote e-commerce and give it legal legitimacy, and protect against cybercrime and electronic transactions. It focuses primarily on crimes including cyberstalking, data theft, identity theft, and unauthorised access. To address the particular difficulties created by digital crimes, the Act incorporated new terminology and legal requirements.

A comprehensive piece of legislation that addresses conventional criminal offences is the Indian Penal Code 1860. It covers only a few of the many crimes they are: Theft, fraud, forgery, defamation and offences against the state. The IPC does not directly address cybercrimes but applies to crimes committed in the physical world.

DUAL APPLICABILITY: OVERLAPPING OFFENCES

The occurrence of overlapping offences is one of the major concerns with the dual applicability of the IT Act,2000 and IPC 1860. Several violations of the IPC’s requirements may apply to the IT Act. For instance, trespassing or a criminal breach of trust under the Indian Penal Code may apply to unauthorised access to a computer system, which is a crime under the Information Technology Act.

The question of which law ought to be applied in these situations became so complicated by the dual applicability. Being a specialised piece of legislation, the IT Act includes unique provisions and guidelines for handling cybercrimes. But the Indian Penal Code has been seen in effect for more than a century and has a valid legal foundation. In the case of Sharat Babu [1] , the defendants were charged with infringing both the section of the IPC and the IT ACT. Section 67 [2] of the Information Technology Act, 2000 and Section 292 [3] of the Indian Penal Code, 1860. A major issue arises before the Supreme Court whether the accused could be tried under Section 292 of the IPC after being acquitted under Section 67 of the Information Technology Act, 2000. It was determined that the charge under Section 292 could not stand, relying on non-obstante provisions under Section 81 [4] of the IT Act and Sections 67A [5] and 67B [6] . The reasoning behind the ruling was that the non-obstante provision in Section 81 makes the IT Act a special law that will take precedence over the general law, the IPC and that Sections 67 [7] , 67A, and 67B were a comprehensive code governing the offence of publishing and transmitting obscene content in electronic form. To ensure a fair and just legal process, it is essential to decide which laws to apply.

LEX SPECIALIS AND INTERPRETATION PRINCIPLE

The Lex Specialis principle is applied in legal doctrine when two laws cross over. This rule states that when two laws cover the same issue, the more particular law will take precedence over the general law. When the IT Act and IPC are both applicable, according to this principle, the IT Act will take precedence in situations involving cyber offences.

Courts have often emphasised the significance of harmoniously interpreting legislation. The IT Act and the IPC must be interpreted in a way that gives both laws effect while keeping none superfluous. The goal of the IT Act’s enactment was to address the issues posed by growing cybercrimes, hence this goal should be taken into account while interpreting and enforcing the law. As it also violates the privacy of the individuals. In the famous case of K S Puttaswamy, [8] the nine-judge bench held the right to privacy as a fundamental right under Article 21 [9] of the Indian Constitution.

LEGISLATIVE INTENT AND TECHNOLOGICAL NEUTRALITY

While analyzing dual Applicability, it is crucial to take into account the legislative goals that led to the establishment of both legislation. To create a legal framework for electronic transactions and prevent cybercrimes, the IT Act was explicitly passed. On the other hand, the IPC predates the digital era and is largely concerned with physical offences. But as technology has developed, many crimes now include both analogue and digital elements. This implies a thorough strategy to make sure that both laws can be applied successfully. To ensure that these laws remain applicable in the face of technological changes, the principle of technical neutrality should be taken into consideration while interpreting and applying them.

CLARITY AND HARMONY ARE REQUIRED

Clarity and harmony between the two are essential to addressing the challenges brought on by dual applicability. Several elements of criminal offences. But as technology develops, regular crimes and cybercrimes are becoming more and more similar.

It is crucial to interpret and apply these rules harmoniously, taking into account the legislative intent and technical improvements, to guarantee a just and efficient legal system. Clarity, harmonization, and measures to raise awareness can help to navigate the difficulties of dual applicability and make way for a more effective legal framework to combat cybercrime in India.

A challenging legal situation is created by the concurrent application of the IT Act, 2000 and the IPC, 1860 for the same offence. Both laws have a specific function and deal with certain parts of criminal offences. The Indian Penal Code of 1860 and the Information Technology Act of 2000 both play very important roles in overseeing and regulating many facets of digital activities in India. The IPC is a comprehensive statute that covers a very large area of criminal offences, including those crimes taken birth using digital means, the IPC bridges the gaps by including digital activities under its umbrella, While the IT Act covers a specialised framework for dealing with cybercrimes such unauthorized access, hacking, cyberstalking, and data breaches, the IT Act main focuses on e-commerce, data protection, and cybersecurity. But as technology is developing, regular crimes and cybercrimes are becoming more and more similar.

It is very important to interpret and apply these rules harmoniously, taking into consideration the legislative intent and technical improvements, to guarantee a just and efficient legal system. Clarity, harmonization, and measures to raise awareness can help to navigate the difficulties of dual applicability and make way for a more effective legal framework to combat cybercrime in India.

Author(s) Name: Bhamini Priya (Sai Nath University, Ranchi)

Reference(s):

[1] Sharat Babu Digumarti v Govt. (NCT of Delhi) [2017] 2 SCC 18

[2] Information Technology Act 2000, s 67

[3] Indian Penal Code 1860, s 292

[4] Information Technology Act 2000, s 81

[5] Information Technology Act 2000, s 67A

[6] Information Technology Act 2000, s 67B

[7] Information Technology Act 2000, s 67

[8] K S Puttaswamy v Union of India (2017) 10 SCC 1

[9] Constitution of India 1950, a 21

Top Stories
SC Repels Challenge Against Sec. 70...

SC Repels Challenge Against Sec. 70 Of IT Act Giving Power To Govt To Declare Computer Resource As ‘Protected System’ [Read Judgment]

Manu sebastian.

31 March 2018 7:26 AM GMT

SC Repels Challenge Against Sec. 70 Of IT Act Giving Power To Govt To Declare Computer Resource As ‘Protected System’ [Read Judgment]

“Plainly read, the power of declaration of a “protected system” may invade a copyright which may be vested in a private owner. However, such a situation is taken care of by the provisions contained in Section 2(k) and 17(d) of the Copyright Act.”The Supreme Court has repelled challenge to the constitutional validity of Section 70 of the Information Technology Act 2000, which gives...

The Supreme Court has repelled challenge to the constitutional validity of Section 70 of the Information Technology Act 2000, which gives power to the government to declare any computer resource as ‘protected system’. The consequence of such a declaration is that only persons authorized by government will be able to access the system, and access by unauthorized persons is treated as an offence leading to imprisonment up to 10 years.

The challenge was raised by a programmer, who claimed that he had developed an e-governance program for the Government of Kerala named ‘FRIENDS’. The program was commissioned by the Government through Microsoft Corporation of India (Pvt) Ltd, which agreed to provide the application software free of cost. The appellant in the Supreme Court was a member of Microsoft’s Developer Forum, and he developed the FRIENDS program on contract with Microsoft. The government entrusted the management of the program with another state agency, Centre for Development of Imaging Technology(C-DIT).

Meanwhile, disputes arose between the appellant and another private agency regarding the copyright of the software. C-DIT also claimed rights over the software, and instituted a civil suit for declaring its rights. On 27.12.2000, the government declared the FRIENDS software as a ‘protected system’ exercising powers under Section 70(1) of the IT Act. In that backdrop, the appellant approached the High Court of Kerala, challenging the notification declaring the software as ‘protected system’. The validity of Section 70 was also called into question, on the ground that it delegated excessive and unfettered powers to the executive to arbitrarily declare any software as ‘protected system’.

The high court did not find Section 70 to be suffering from vice of excessive delegation. It held that the power under Section 70 is circumscribed by Section 2(k) and 17(d) of the Copyright Act. Section 2(k) of the Copyright Act defined “government work” and Section 17(d) of the Act held that copyright of government work vested with the government. On that basis, it held that power under Section 70 was available only with respect to “government work”. The challenge to the notification was rejected noting that the appellant was yet to establish his rights over the software. The matter was further carried to the Supreme Court.

Senior counsel R Basant, appearing for the appellant in the Supreme Court, invited the attention of the court to the fact that Section 70(1) underwent amendment in 2009. After 2009 amendment to Section 70, a software can be declared as a “protected system” only if its incapacitation or destruction have a debilitating impact on national security, economy, public health or safety. This, according to him, was an indication that the provision suffered from constitutional fragility, which prompted the legislature to step in with an amendment to render clarity to the scope of power. It was also contended that the appellant was the developer of the program, and had the right to be acknowledged as the first owner of copyright.

Senior counsel Pallav Sisodia, appearing for the state of Kerala, contended that Section 70(1), as it stood at the relevant time, had to read along with Section 2(k) and 17(d) of the Copyright Act and was valid. The appellant’s claim for first ownership of copyright was contested on ground that he had developed the program on contract with Microsoft, and hence Microsoft had to be treated as first owner by virtue of Section 17(a) of the Copyright Act.

The bench comprising Justice Ranjan Gogoi and Justice Mohan M Shantanagoudar did not accept the contentions of the appellant. The court agreed with the conclusions of the high court regarding the validity of Section 70.

The balance is struck by Section 17 between copyright pertaining to any other person and copyright vested in the Government in a “government work”. Section 70 of the IT Act, therefore, cannot be construed independent of the provisions of the Copyright Act; if Section 70 of the I.T. Act has to be read in conjunction with Section 2(k) and Section 17 of the Copyright Act 1957 the rigours that would control the operation of Section 70(1) of the IT Act are clearly manifested,” the court observed.

The appellant’s contention that 2009 amendment was an indicator of inherent constitutional defect in the provision at the relevant time was also rejected. The court held that the amendment was an attempt to circumscribe the power even further than what was prevailing under the pre-amended law, by narrowing down the ambit of “government work”.

The challenge to the notification declaring FRIENDS software as ‘protected system’ was repelled noting that the appellant had no first ownership rights. The admitted/pleaded case of the appellant was that he was enlisted by Microsoft to develop the software for which it received due consideration from Microsoft. If that be so, on the appellant’s own pleadings in the writ petition, it would not be entitled to claim copyright in the FRIENDS application software under Section 17(a) of the Copyright Act, said the bench.

IMAGES

Cyber Law and Information Technology Act 2000 with case studies
Critical Assessment of Information Technology Act, 2000
(PDF) IT ACT 2000
ISCA Chapter 7 Objectives of IT Act,2000
(PDF) Research on Cyber Offenses under Information Technology Act, 2000
Cyber Law and Information Technology Act 2000 with case studies

VIDEO

Overview of IT Act ,2000||Information Technology Act 2000
CASE STUDY Topic Wise I The Companies Act 2013 I CTC Classes
2000$ Case opening (csgocases.com)
Investment Management VTU 2000 Case Study-Part-01
The Companies Act 2013 CA Foundation I Corporate veil theory CA Foundation I #ctcclasses
JEEPERS! INC. IN 2000 Case solution

COMMENTS

Important Cases On Information Technology Act, 2000
Important Case Laws on Information Technology Act, 2000. 1. State of Tamil Nadu v. Dr. L Prakash (W.P.M.P.No. 10120 of 2002) In this case, an FIR was registered against Dr. L Prakash under Section 67 of the IT Act, 2000 read with Section 4 & 6 of the Indecent Representation of Women Act, Section 27 of the Arms Act, and Sections 120B & 506 (2 ...
IT Act 2000
As per Section 67 of IT Act 2000, he has to undergo for 2 years and to pay fine of Rs.4000/-. All sentences were to run concurrently. The accused paid fine amount and he was lodged at Central Prison, Chennai. This is considered the first case convicted under section 67 of Information Technology Act 2000 in India.
IT ACT 2000
Network Intelligence (India) Pvt. Ltd. Page 19 of 24 IT Act 2000: Penalties, Offences with Case Studies Section 67A - Punishment for publishing or transmitting of material containing sexually explicit act, etc. in electronic form Whoever publishes or transmits or causes to be published or transmitted in the electronic form any material which ...
Landmark Cyber Law cases in India
Around 44, 546 cases were registered under the Cyber Crime head in 2019 as compared to 27, 248 cases in 2018. Therefore, a spike of 63.5% was observed in Cyber Crimes [1]. The legislative framework concerning Cyber Law in India comprises the Information Technology Act, 2000 (hereinafter referred to as the " IT Act ") and the Rules made ...
First Conviction Case under Sec 67 of the IT ACT, 2000
Suhas Katti v. Tamil Nadu, was the first case in India where a conviction was handed down in connection with the posting of obscene messages on the internet under the controversial section 67 of the Information Technology Act, 2000. The case was filed in 2004 and within a short span of about seven months from the filing of the FIR, the Chennai Cyber Crime Cell achieved the conviction .The Case ...
Critical Appraisal of Information Technology Act
The IT Act 2000 was mainly to ensure legal recognition of e-commerce within India. Due to this most provisions are mainly concerned with establishing digital certification processes within the country. ... The Information Technology (Amendment) Act, 2008 serves as a suitable case study for an analysis of the legislative exercise of law and ...
Information Technology Act, 2000
The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) is an Act of the Indian Parliament (No 21 of 2000) notified on 17 October 2000. ... But according to a 1996 Supreme Court verdict, the government can tap phones only in case of a "public emergency".
The role of 'IT law' in settlement of ODR's
Structure of the IT Act 2000. The Act comprises 13 chapters having 90 sections. Sections 91 to 94 deals with the Information Technology Act, 2000 and conjointly read with the Amendments of The Indian Penal Code 1860, The Indian Evidence Act 1872, The Bankers' Books Evidence Act 1891 and the Reserve Bank of India Act 1934).
Research on Cyber Offenses under Information Technology Act, 2000
the IT Act, 2000. It covers all the crimes and punishments related to those crimes and describes all. the things which come under Cyber Crime. The objective of this study is to cybercrimes and ...
Information Technology Act, 2000 (IT Act 2000)
The IT Act 2000 was amended in 2008. This amendment introduced the controversial Section 66A into the Act. Section 66A. Section 66A gave authorities the power to arrest anyone accused of posting content on social media that could be deemed 'offensive'. This amendment was passed in the Parliament without any debate.
Indian Information Technology Act, 2000
THE AIM of this paper is to focus on provisions relating to criminal liability, analysing a few on-going cyber cases in India, and bridging. the gap between cyber law and traditional Indian criminal laws. It is. intended to be a complete in-depth study of the area proposed, but. merely a bird's eye view of India's first cyber law and a proposal ...
A Critical Analysis of Sec.79 of IT Act 2000
Section 79 (1) of the Act grants intermediaries a conditional immunity with regard to any third-party information, data or communication link made available or hosted by them. This immunity is subject to section 79 (2) and 79 (3) of the Act. Section 79 (2) essentially covers cases where the activity undertaken by the intermediary is of a ...
IT Act 2000 Penalties, Offences with case studies
4. IT Act 2000: Penalties, Offences with Case Studies 1. O BJECTIVES OF IT LEGISLATION IN I NDIA The Government of India enacted its Information Technology Act 2000 with the objectives stating officially as: "to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic ...
Dispute resolution framework under the Information Technology Act, 2000
The Information Technology Act, 2000 (" IT Act ") sets out a framework for resolution of disputes arising out of cyber-attacks like hacking, data theft, and phishing [3]. The framework allows victims of such attacks to claim damages and compensation from the attackers. The IT Act lays down a two-tier dispute resolution process: (i ...
IT Act Judgements, Cyber Law Judgements, Cyber Case Laws
1. Vertex Pharmaceuticals Incorporated v. Ramzan Arif, Vertex Medical (pvt) Ltd. [WIPO Case No. D2020-2334] (Domain: VertexMedical.com) M. Software Piracy. 1. Adobe Systems Inc. vs Sachin Naik (Delhi High Court - 2013) IT Act Judgements, Cyber Law Judgements, Cyber Case Laws, Cyber Defamation, Intermediary Guidelines, Hacking, Google India.
Information Technology Act, 2000 (India)
The Information Technology Act, 2000 also Known as an IT Act is an act proposed by the Indian Parliament reported on 17th October 2000. This Information Technology Act is based on the United Nations Model law on Electronic Commerce 1996 (UNCITRAL Model) which was suggested by the General Assembly of United Nations by a resolution dated on 30th January, 1997.
India's IT Act 2000 a toothless tiger?
The Indian IT Act, 2000 was formed to grant legality to electronic transactions and to promote e-commerce. However, the Act hasn't been amended in 20 years, barring once in 2008. Contrary to ...
Case analysis : the State Cyber Cell v Yogesh Pandurang Prabhu
The present case discusses sending obscene materials by email. Yogesh was accused of cyberstalking by sending obscene emails to a reporter. He was punished under Section 509 of the IPC and Section 66E of IT Act, 2000 but not under Sections 67 and 67A of IT Act, 2000. Let us further study the facts of the case and the judgment given by the court.
Dual Applicability of The It Act, 2000 and Ipc, 1860: a Comprehensive
The goal of this blog is to present a study of the dual applicability of the InWdian Penal Code 1860 and the Information Technology Act 2000 for the same offence. The IT Act 2000 was passed to promote e-commerce and give it legal legitimacy, and protect against cybercrime and electronic transactions. It focuses primarily on crimes including ...
Section 66A of the IT Act, 2000
About: Section 66A of the Information Technology Act, of 2000 made it a punishable offence for any person to send offensive information using a computer or any other electronic device. The provision also made it punishable for a person to send information that they believed to be false. Section 66A had prescribed three years' imprisonment if a ...
PDF The Information Technology Act, 2000 --------- Arrangement of Sections
1. Short title, extent, commencement and application.—(1) This Act may be called the Information Technology Act, 2000. (2) It shall extend to the whole of India and, save as otherwise provided in this Act, it applies also to any offence or contravention thereunder committed outside India by any person.
IT Act 2000 Cases
This is considered the irst case convicted under section 67 of Information Technology Act 2000 in India. Section 67B - Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc. in electronic form Relevant Case: Janhit Manch & Ors. v.
SC Repels Challenge Against Sec. 70 Of IT Act Giving Power To ...
The Supreme Court has repelled challenge to the constitutional validity of Section 70 of the Information Technology Act 2000, which gives power to the government to declare any computer resource ...
Managing Fabric Data Pipelines: a step-by-step guide to source control
Introduction. In the post Microsoft Fabric: Integration with ADO Repos and Deployment Pipelines - A Power BI Case Study. we have outlined key best practices for utilizing the seamless integration between Fabric and GIT via Azure DevOps repositories and the use of Fabric Deployment Pipelines, both features intended to improve collaborative development and agile application publishing in the ...

Important Cases On Information Technology Act, 2000

Key Takeaways

Introduction

Important Case Laws on Information Technology Act, 2000

2. Amar Singh v. Union of India [(2011) 4 AWC 3726 SC]

3. Nirmaljit Singh Narula v. Indijobs at Hubpages.Com [CS (OS) 871 / 2012]

4. Vyakti Vikas Kendra, India Public v. Jitender Bagga [CS (OS) No. 1340 / 2012]

5. Super Cassettes Industries Ltd. v. Myspace Inc. [CS (OS) No. 2682/2008]

6. Banyan Tree v. A. Murali Krishna Reddy & Anr, [2010 (42) PTC 361 (Del)]

7. Writs challenging the validity of Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021

8. Shreya Singhal v. Union of India [AIR 2015 SC 1523]

9. M/s Gujarat Petrosynthese Ltd &Anr.v. Union of India [2014 (1) Kar L J 121]

10. CBI v. Arif Azim (Sony Sambandh case) [(2008) 150 DLT 769]

11. State of Tamil Nadu v. Suhas Katti [CC No. 4680 of 2004]

12. SMC Pneumatics (India) Pvt Ltd v.Jogesh Kwatra [CM APPL No. 33474 of 2016]

13. Avnish Bajaj v. State (NCT) of Delhi [(2008) 150 DLT 769]

14. Christian Louboutin SAS v. Nakul Bajaj &Ors [(2018) 253 DLT 728]

15. Nasscom v. Ajay Sood & Ors. [119 (2005) DLT 596]

16. Department of Electronics and Information Technology v. Star India Pvt. Ltd. [R.P. 131/2016 in FAO(OS) 57/2015]

17. Kent Systems Ltd. and Ors. v. Amit Kotak and Ors. 2017 (69) PTC 551 (Del)

18. Google India Pvt. Ltd. v. M/S Vishaka Industries Limited [Second Appeal No. 505 of 2016]

19. State v. Mohd. Afzal & Ors. [2003 (71) DRJ 178]

20. Syed Asifuddin& Ors. v. State of Andhra Pradesh & Anr. [2005 Cr LJ 4314]

21. Dharamvir v. Central Bureau of Investigation [148 (2008) DLT 289]

22. P.R Transport Agency v. Union of India & Ors. [AIR 2006 All 23]

23. Umashankar Sivasubramanian v. ICICI Bank (Petition No. 2462 of 2008)

Click here to Get More Content on LCI Android App

Recent Articles

Popular Articles

Browse by Category

Download LCI APP

Our Network Sites

Lawyersclubindia Search

IT Act 2000 – Penalties, Offences With Case Studies

Objectives of IT legislation in India

Structure of IT Act

What is a cyber crime?

Cases Studies as per selected IT Act Sections

Common Cyber-crime scenarios and Applicability of Legal Sections

IT ACT 2000 – PENALTIES, OFFENCES WITH CASE STUDIES From

Related Papers

RELATED PAPERS

Landmark Cyber Law cases in India

First Conviction Case under Sec 67 of the IT ACT, 2000

Arguments on behalf of the Prosecution analyzed

Arguments on behalf of the Accused discussed

Article 21 and Victim Compensation Scheme- Case Analysis of Serina Mondal Judgement

Uniform Victim Compensation Scheme a necessity - Analysing the landmark case of Tekram

IRAC Analysis of a lesser-known landmark case on Mandatory Filing of FIR

Critical Appraisal of Information Technology Act

Introduction

Salient Features of Information Technology Amendment Act

Shortcomings of the Act

Data Protection in Internet Banking

Privacy Protection

Identity Theft

Suggestions for Improvement

International Scenario

Computer Misuse

United Kingdom

Data Protection and Personal Privacy

Void of Vagueness Doctrine

REFERENCES:

Related Posts:

Leave a Comment Cancel reply

Information Technology Act, 2000 (IT Act 2000)

IT Act, 2000

IT Act – 2008 Amendments

Information Technology Intermediary Guidelines (Amendment) Rules, 2018

Frequently Asked Questions Related to Information Technology Act 2000

How many sections are in the IT Act 2000?

Leave a Comment Cancel reply

IAS 2024 - Your dream can come true!

Register with BYJU'S & Download Free PDFs

A Critical Analysis of Sec.79 of IT Act 2000

Who is an Intermediary?

You might like

Lee v Knapp (1967)

Lakshmi Rajan v Malar Hospital

Dispute resolution framework under the Information Technology Act, 2000