Introduction Of 

 The Information Technology Act, 2000

The Information Technology Act, 2000 provides legal recognition for transactions carried out by means
of electronic data interchange and other means of electronic communication, commonly referred to
as“electronic commerce”, which involve the use of alternatives to paper-based methods of
communication and storage of information, to facilitate electronic filing of documents with the
Government agencies and further to amend The Indian Penal Code, The Indian Evidence Act, 1872, The
Banker’s Books Evidence Act, 1891 and The Reserve Bank of India Act, 1934 and for matters connected
therewith or incidental thereto.
The Information Technology Act, 2000 extend to the whole of India and it applies also to any offence or
contravention thereunder committed outside India by any person.
Salient Features of The Information Technology Act, 2000

 Digital signature has been replaced with electronic signature to make it a more technology
neutral act.
 It elaborates on offenses, penalties, and breaches.
 It outlines the Justice Dispensation Systems for cyber-crimes.
 The Information Technology Act defines in a new section that cyber café is any facility
from where the access to the internet is offered by any person in the ordinary course of
business to the members of the public.
 It provides for the constitution of the Cyber Regulations Advisory Committee.
 The Information Technology Act is based on The Indian Penal Code, 1860, The Indian
Evidence Act, 1872, The Bankers’ Books Evidence Act, 1891, The Reserve Bank of India
Act, 1934, etc.
 It adds a provision to Section 81, which states that the provisions of the Act shall have
overriding effect. The provision states that nothing contained in the Act shall restrict any
person from exercising any right conferred under the Copyright Act, 1957.
Application of The Information Technology Act, 2000
Nothing in The Information Technology Act, 2000 shall apply to documents or transactions specified in
the First Schedule: Provided that the Central Government may, by notification in the Official Gazette,
amend the First Schedule by way of addition or deletion of entries thereto. Every notification issued shall
be laid before each House of Parliament.
Following are the documents or transactions to which the Act shall not apply −
 Negotiable Instrument(Other than a cheque) as defined in The Negotiable Instruments Act,
1881;
 A power-of-attorney as defined in The Powers of Attorney Act, 1882;
 A trust as defined in The Indian Trusts Act, 1882;
 A will as defined in The Indian Succession Act, 1925 including any other testamentary
disposition;
 Any contract for the sale or conveyance of immovable property or any interest in such
property;
 Any such class of documents or transactions as maybe notified by the Central
Government.
 Amendments Brought in The Information Technology Act, 2000
The Information Technology Act, 2000 has brought amendment in four statutes vide section 91-94. These
changes have been provided in schedule 1-4.
 The first schedule contains the amendments in the Penal Code. It has widened the scope of
the term “document” to bring within its ambit electronic documents.
 The second schedule deals with amendments to the India Evidence Act. It pertains to the
inclusion of electronic document in the definition of evidence.
 The third schedule amends the Banker’s Books Evidence Act. This amendment brings
about change in the definition of “Banker’s-book”. It includes printouts of data stored in a
floppy, disc, tape or any other form of electromagnetic data storage device. Similar change
has been brought about in the expression “Certified-copy” to include such printouts within
its purview.
 The fourth schedule amends the Reserve Bank of India Act. It pertains to the regulation of
fund transfer through electronic means between the banks or between the banks and other
financial institution.
A major amendment was made in 2008. Amendment introduced the Section 66A which penalized sending
of “offensive messages”. It also introduced the Section 69, which gave authorities the power of
“interception or monitoring or decryption of any information through any computer resource”. It also
introduced penalties for child porn, cyber terrorism and voyeurism. Amendment was passed on 22
December 2008 without any debate in Lok Sabha. The next day it was passed by the Rajya Sabha. It was
signed by the then President (Pratibha Patil) on 5 February 2009.

The objectives of the Act are as follows:

i. Grant legal recognition to all transactions done via electronic exchange of data or other
electronic means of communication or e-commerce, in place of the earlier paper-based
method of communication.
ii. Give legal recognition to digital signatures for the authentication of any information or
matters requiring legal authentication

iii. Facilitate the electronic filing of documents with Government agencies and also
departments

iv. Facilitate the electronic storage of data

v. Give legal sanction and also facilitate the electronic transfer of funds between banks and
financial institutions

vi. Grant legal recognition to bankers under the Evidence Act, 1891 and the Reserve Bank of
India Act, 1934, for keeping the books of accounts in electronic form.

Features of the Information Technology Act, 2000

a. All electronic contracts made through secure electronic channels are legally valid.
 b. Legal recognition for digital signatures.

c. Security measures for electronic records and also digital signatures are in place

d. A procedure for the appointment of adjudicating officers for holding inquiries under the
Act is finalized

e. Provision for establishing a Cyber Regulatory Appellant Tribunal under the Act. Further,
this tribunal will handle all appeals made against the order of the Controller or Adjudicating
Officer.

f. An appeal against the order of the Cyber Appellant Tribunal is possible only in the High
Court

g. Digital Signatures will use an asymmetric cryptosystem and also a hash function

h. Provision for the appointment of the Controller of Certifying Authorities (CCA) to license
and regulate the working of Certifying Authorities. The Controller to act as a repository of all
digital signatures.

i. The Act applies to offences or contraventions committed outside India

j. Senior police officers and other officers can enter any public place and search and arrest
without warrant

k. Provisions for the constitution of a Cyber Regulations Advisory Committee to advise the
Central Government and Controller.

Applicability and Non-Applicability of the Act

Applicability

According to Section 1 (2), the Act extends to the entire country, which also includes Jammu and
Kashmir. In order to include Jammu and Kashmir, the Act uses Article 253 of the constitution.
Further, it does not take citizenship into account and provides extra-territorial jurisdiction.

Section 1 (2) along with Section 75, specifies that the Act is applicable to any offence or
contravention committed outside India as well. If the conduct of person constituting the offence
involves a computer or a computerized system or network located in India, then irrespective of
his/her nationality, the person is punishable under the Act.
Offences under The Information Technology Act, 2000
The Information Technology Act, 2000 has specified that Tampering with computer source documents,
Hacking computer system, Publishing of information which is obscene in electronic form or failure of a
CA or its employees to follow the directions/ Orders of the CCA, failure to comply with Directions of
Controller to a subscriber to extend facilities to decrypt information, accessing a protected system without
proper authorization, material mis-representation, Penalty for publishing Electronic Signature Certificate
 false particulars, Publication for fraudulent purpose, sending of grossly offensive information, false
information, etc will be offences.
The various offences and corresponding punishments thus summarized and tabulated below with detailed
explanation in the following:

Sectio
Offence Description Penalty
n

If a person knowingly or intentionally

conceals, destroys or alters or intentionally or
knowingly causes another to conceal, destroy
Imprisonment up to three
Tampering with computer source or alter any computer source code used for a
65 years, or/and with fine up
documents computer, computer programme, computer
to ₹200,000
system or computer network, when the
computer source code is required to be kept or
maintained by law for the time being in force.

If a person with the intent to cause or knowing

that he is likely to cause wrongful loss or
damage to the public or any person destroys or Imprisonment up to three
66 Hacking with computer system deletes or alters any information residing in a years, or/and with fine up
computer resource or diminishes its value or to ₹500,000
utility or affects it injuriously by any means,
commits hack.

66A Publishing offensive, false or
threatening information
Any person who sends by any means of a Imprisonment up to three
computer resource any information that is years, with fine.
grossly offensive or has a menacing character;
or any information which he knows to be false,
but for the purpose of causing annoyance,
inconvenience, danger, obstruction, insult shall
be punishable with imprisonment for a term
 which may extend to three years and with fine.

A person receives or retains a computer

Receiving stolen computer or
66B
communication device
Imprisonment up to three
resource or communication device which is
years, or/and with fine up
known to be stolen or the person has reason to
to ₹100,000
believe is stolen.

A person fradulently uses the password, digital Imprisonment up to three

66C Using password of another person signature or other unique identification of years, or/and with fine up
another person. to ₹100,000

Imprisonment up to three
If a person cheats someone using a computer
66D Cheating using computer resource years, or/and with fine up
resource or communication.
to ₹100,000

If a person captures, transmits or publishes Imprisonment up to three

Publishing private images of
66E images of a person’s private parts without years, or/and with fine up
others
his/her consent or knowledge. to ₹200,000

If a person denies access to an authorised

personnel to a computer resource, accesses a
protected system or introduces contaminant
66F Acts of cyberterrorism Imprisonment up to life.
into a system, with the intention of threatening
the unity, integrity, sovereignty or security of
India, then he commits cyberterrorism.

67 Publishing information which If a person publishes or transmits or causes to Imprisonment up to five years,
is obscene in electronic form. be published in the electronic form, any or/and with fine up
material which is lascivious or appeals to the to ₹1,000,000
prurient interest or if its effect is such as to
 tend to deprave and corrupt persons who are
likely, having regard to all relevant
circumstances, to read, see or hear the matter
contained or embodied in it.

Imprisonment up to seven
Publishing images If a person publishes or transmits images
67A years, or/and with fine up
containing sexual acts containing a sexual explicit act or conduct.
to ₹1,000,000

Imprisonment up to five years,

If a person captures, publishes or transmits or/and with fine up
images of a child in a sexually explicit act or to ₹1,000,000 on first
Publishing child porn or predating
67B conduct. If a person induces a child into a conviction. Imprisonment up
children online
sexual act. A child thus defined as anyone to seven years, or/and with
under 18. fine up to ₹1,000,000 on
second conviction.

Persons deemed as intermediatary (such as an

Imprisonment up to three
67C Failure to maintain records ISP) must maintain required records for
years, or/and with fine.
stipulated time. Failure is an offence.

The Controller may, by order, direct a

Certifying Authority or any employee of such
Authority to take such measures or cease
carrying on such activities as specified in the Imprisonment up to three
Failure/refusal to comply with
68 order if those are necessary to ensure years, or/and with fine up
orders
compliance with the provisions of this Act, to ₹200,000
rules or any regulations made thereunder. Any
person who fails to comply with any such order
shall be guilty of an offence.
 If the Controller is satisfied that it is necessary
or expedient so to do in the interest of the
sovereignty or integrity of India, the security of
the State, friendly relations with foreign Stales
or public order or for preventing incitement to
the commission of any cognizable offence, for
reasons to be recorded in writing, by order,
direct any agency of the Government to
Imprisonment up to seven
69 Failure/refusal to decrypt data intercept any information transmitted through
years and possible fine.
any computer resource. The subscriber or any
person in charge of the computer resource
shall, when called upon by any agency which
has been directed, must extend all facilities and
technical assistance to decrypt the information.
The subscriber or any person who fails to assist
the agency referred is deemed to have
committed a crime.

The appropriate Government may, by

notification in the Official Gazette, declare that
any computer, computer system or computer
network to be a protected system.
Securing access or attempting to The appropriate Government may, by order in Imprisonment up to ten years,
70
secure access to a protected system writing, authorise the persons who are or/and with fine.
authorised to access protected systems. If a
person who secures access or attempts to
secure access to a protected system, then he is
committing an offence.

71 Misrepresentation If anyone makes any misrepresentation to, or Imprisonment up to three

suppresses any material fact from, the years, or/and with fine up
Controller or the Certifying Authority for
obtaining any license or Digital Signature to ₹100,000
Certificate.