Information Technology Act, 2000

From Wikipedia, the free encyclopedia

Information Technology Act, 2000
Parliament of India
  • An Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involves the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.
CitationInformation Technology Act, 2000
Enacted byParliament of India
Enacted9 June 2000
Assented to9 June 2000
Signed9 May 2000
Commenced17 October 2000
Introduced byPramod Mahajan
Minister of Communications and Information Technology
Amended by
IT (Amendment) Act 2008
Related legislation
IT Rules 2021
Status: Amended

The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) is an Act of the Indian Parliament (No 21 of 2000) notified on 17 October 2000. It is the primary law in India dealing with cybercrime and electronic commerce.

Secondary or subordinate legislation to the IT Act includes the Intermediary Guidelines Rules 2011 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.


The bill was passed in the budget session of 2000 and signed by President K. R. Narayanan on 9 May 2000. The bill was finalised by a group of officials headed by the then Minister of Information Technology, Pramod Mahajan.[1]


The original Act contained 94 sections, divided into 13 chapters and 4 schedules, out of which the third and fourth schedule were omitted later. The law applies to the whole of India. If a crime involves a computer or network located in India, persons of other nationalities can also be indicted under the law.[2]

The Act provides a legal framework for electronic governance by giving recognition to electronic records and digital signatures. It also defines cyber crimes and prescribes penalties for them. The Act directed the formation of a Controller of Certifying Authorities to regulate the issuance of digital signatures. It also established a Cyber Appellate Tribunal to resolve disputes rising from this new law.[2] The Act also amended various sections of the Indian Penal Code, 1860, the Indian Evidence Act, 1872, the Banker's Books Evidence Act, 1891, and the Reserve Bank of India Act, 1934 to make them compliant with new technologies.[2]


A major amendment was made in 2008. It introduced Section 66A which penalized sending "offensive messages". It also introduced Section 69, which gave authorities the power of "interception or monitoring or decryption of any information through any computer resource". Additionally, it introduced provisions addressing: pornography, child porn, cyber terrorism and voyeurism. The amendment was passed on 22 December 2008 without any debate in Lok Sabha. The next day, it was passed by the Rajya Sabha. It was signed into law by the then President Pratibha Patil, on 5 February 2009.[3][4][5][6]


List of offences and the corresponding penalties:[7][8]

Section Offence Penalty
65 Tampering with computer source documents Imprisonment up to three years, or/and with fine up to ₹2,00,000
66 Hacking with computer system Imprisonment up to three years, or/and with fine up to ₹5,00,000
66B Receiving stolen computer or communication device Imprisonment up to three years, or/and with fine up to ₹1,00,000
66C Using password of another person Imprisonment up to three years, or/and with fine up to ₹1,00,000
66D Cheating using computer resource Imprisonment up to three years, or/and with fine up to ₹1,00,000
66E Publishing private images of others Imprisonment up to three years, or/and with fine up to ₹2,00,000
66F Acts of cyberterrorism Imprisonment up to life.
67 Publishing information which is obscene in electronic form. Imprisonment up to five years, or/and with fine up to ₹10,00,000
67A Publishing images containing sexual acts Imprisonment up to seven years, or/and with fine up to ₹10,00,000
67C Failure to maintain records Imprisonment up to three years, or/and with fine.
68 Failure/refusal to comply with orders Imprisonment up to 2 years, or/and with fine up to ₹1,00,000
69 Failure/refusal to decrypt data Imprisonment up to seven years and possible fine.
70 Securing access or attempting to secure access to a protected system Imprisonment up to ten years, or/and with fine.
71 Misrepresentation Imprisonment up to 2 years, or/and with fine up to ₹1,00,000
72 Breach of confidentiality and privacy Imprisonment up to 2 years, or/and with fine up to ₹1,00,000
72A Disclosure of information in breach of lawful contract Imprisonment up to 3 years, or/and with fine up to ₹5,00,000
73 Publishing electronic signature certificate false in certain particulars Imprisonment up to 2 years, or/and with fine up to ₹1,00,000
74 Publication for fraudulent purpose Imprisonment up to 2 years, or/and with fine up to ₹1,00,000

Notable cases[edit]

Section 66[edit]

  • In February 2001, in one of the first cases, the Delhi police arrested two men running a web-hosting company. The company had shut down a website over non-payment of dues. The owner of the site had claimed that he had already paid and complained to the police. The Delhi police had charged the men for hacking under Section 66 of the IT Act and breach of trust under Section 408 of the Indian Penal Code. The two men had to spend 6 days in Tihar jail waiting for bail.[9]
  • In February 2017, a Delhi based e-commerce portal made a complaint with Hauz Khas Police Station against some hackers from different cities accusing them of IT Act / Theft / Cheating / Misappropriation / Criminal Conspiracy / Criminal Breach of Trust / Cyber Crime of Hacking / Snooping / Tampering with Computer source documents and the website and extending the threats of dire consequences to employees. As a result, four hackers were arrested by South Delhi Police for Digital Shoplifting.[10]

Section 66A[edit]

  • In September 2012, a freelance cartoonist Aseem Trivedi was arrested under the Section 66A of the IT Act, Section 2 of Prevention of Insults to National Honour Act, 1971 and for sedition under the Section 124 of the Indian Penal Code.[11] His cartoons depicting widespread corruption in India were considered offensive.[12][13]
  • On 12 April 2012, a Chemistry professor from Jadavpur University, Ambikesh Mahapatra, was arrested for sharing a cartoon of West Bengal Chief Minister Mamata Banerjee and the then Railway Minister Mukul Roy.[14] The email was sent from the email address of a housing society. Subrata Sengupta, the secretary of the housing society, was also arrested. They were charged under Section 66A and 66B of the IT Act, for defamation under Section 500, for obscene gesture to a woman under Section 509, and for abetting a crime under Section 114 of the Indian Penal Code.[15]
  • On 30 October 2012, a Puducherry businessman Ravi Srinivasan was arrested under Section 66A. He had posted a tweet accusing Karti Chidambaram, son of the then Finance Minister P. Chidambaram, of corruption. Karti Chidambaram had complained to the police.[16]
  • On 19 November 2012, a 21-year-old girl was arrested from Palghar for posting a message on Facebook criticising the shutdown in Mumbai for the funeral of Bal Thackeray. Another 20-year-old girl was arrested for "liking" the post. They were initially charged under Section 295A of the Indian Penal Code (hurting religious sentiments) and Section 66A of the IT Act. Later, Section 295A was replaced by Section 505(2) (promoting enmity between classes).[17] A group of Shiv Sena workers vandalised a hospital run by the uncle of one of the girls.[18] On 31 January 2013, a local court dropped all charges against the girls.[19]
  • On 18 March 2015, a teenaged boy was arrested from Bareilly, Uttar Pradesh, for making a post on Facebook insulting politician Azam Khan. The post allegedly contained hate speech against a community and was falsely attributed to Azam Khan by the boy. He was charged under Section 66A of the IT Act, and Sections 153A (promoting enmity between different religions), 504 (intentional insult with intent to provoke breach of peace) and 505 (public mischief) of the Indian Penal Code. After Section 66A was struck down by the Supreme Court on 24 March 2015, the state government said that they would continue the prosecution under the remaining charges.[20][21]

Section 69A[edit]


Section 66A and restriction of free speech[edit]

From its establishment as an amendment to the original act in 2008, Section 66A attracted controversy over its unconstitutional nature:

Section Offence Description Penalty
66A Publishing offensive, false or threatening information Any person who sends by any means of a computer resource any information that is grossly offensive or has a menacing character; or any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult shall be punishable with imprisonment for a term which may extend to three years and with fine. Imprisonment up to three years, with fine.

In December 2012, P Rajeev, a Rajya Sabha member from Kerala, tried to pass a resolution seeking to amend Section 66A. He was supported by D. Bandyopadhyay, Gyan Prakash Pilania, Basavaraj Patil Sedam, Narendra Kumar Kashyap, Rama Chandra Khuntia and Baishnab Charan Parida. P Rajeev pointed out that the cartoons and editorials allowed in the traditional media were being censored in the new media. He also said that the law was barely debated before being passed in December 2008.[27]

Rajeev Chandrasekhar suggested that 66A should only apply to person-to-person communication pointing to a similar section under the Indian Post Office Act, 1898. Shantaram Naik opposed any changes, saying that the misuse of law was insufficient to warrant changes. The then Minister for Communications and Information Technology, Mr Kapil Sibal, defended the existing law, saying that similar laws existed in the US and the UK. He also said that a similar provision existed under the Indian Post Office Act, 1898. However, P Rajeev said that the UK law dealt only with communication from person to person.[27]

Petitions challenging constitutionality[edit]

In November 2012, IPS officer Amitabh Thakur and his wife, social activist Nutan Thakur, filed a petition in the Lucknow bench of the Allahabad High Court claiming that Section 66A violated the freedom of speech guaranteed under Article 19(1)(a) of the Constitution of India. They said that the section was vaguely worded and frequently misused.[28]

Also in November 2012, a Delhi-based law student, Shreya Singhal, filed a Public Interest Litigation (PIL) in the Supreme Court of India. She argued that Section 66A was vaguely phrased, and as a result, it violated Article 14, 19 (1)(a) and Article 21 of the Constitution. The PIL was accepted on 29 November 2012.[29][30]

In August 2014, the Supreme Court asked the central government to respond to petitions filed by the Internet and Mobile Association of India (IAMAI) which claimed that the IT Act gave the government power to arbitrarily remove user-generated content.[31]

Revocation by the Supreme Court[edit]

On 24 March 2015, the Supreme Court of India gave the verdict that Section 66A is unconstitutional in entirety.[32] The court said that Section 66A of IT Act 2000 "arbitrarily, excessively and disproportionately invades the right of free speech" provided under Article 19(1) of the Constitution of India. But the Court turned down a plea to strike down sections 69A and 79 of the Act, which deal with the procedure and safeguards for blocking certain websites.[33][34] Despite this, as per a research paper by Abhinav Sekhri and Apar Gupta, Section 66A of the Information Technology Act 2000 continues to be used by police departments across India in prosecutions.[35]

Strict data privacy rules[edit]

The data privacy rules introduced in the Act in 2011 have been described as too strict by some Indian and US firms. The rules require firms to obtain written permission from customers before collecting and using their personal data. This has affected US firms which outsource to Indian companies. However, some companies have welcomed the strict rules, saying it will remove fears of outsourcing to Indian companies.[36]

Section 69 and mandatory decryption[edit]

Section 69 allows intercepting any information and ask for information decryption. To refuse decryption is an offence. The Indian Telegraph Act, 1885 allows the government to tap phones. But according to a 1996 Supreme Court verdict, the government can tap phones only in case of a "public emergency". But there is no such restriction on Section 69.[4] On 20 December 2018, the Ministry of Home Affairs cited Section 69 in the issue of an order authorising ten central agencies to intercept, monitor, and decrypt “any information generated, transmitted, received or stored in any computer.” [37] While some claim this to be a violation of the fundamental right to privacy, the Ministry of Home Affairs has claimed its validity on the grounds of national security.[38][39]

Section 69A and banning of mobile apps[edit]

The bans on Chinese apps based on Section 69A has been criticized for possibly being in conflict with Article 19(1)(a) of the Constitution of India ensuring freedom of speech and expression to all, as well as possibly in conflict with WTO agreements.[40][41] The Internet Freedom Foundation has criticized the ban for not following the required protocols and thus lacking transparency and disclosure.[42]

Future changes[edit]

On 2 April 2015, the then Chief Minister of Maharashtra, Devendra Fadnavis revealed to the state assembly that a new law was being framed to replace the repealed Section 66A. Fadnavis was replying to a query by Shiv Sena leader Neelam Gorhe. Gorhe had said that the repeal of the law would encourage online miscreants and asked whether the state government would frame a law in this regard. Fadnavis said that the previous law had resulted in no convictions, so the law would be framed such that it would be strong and result in convictions.[43]

On 13 April 2015, it was announced that the Ministry of Home Affairs would form a committee of officials from the Intelligence Bureau, Central Bureau of Investigation, National Investigation Agency, Delhi Police and the ministry itself to produce a new legal framework. This step was reportedly taken after complaints from intelligence agencies that they were no longer able to counter online posts that involved national security matter or incited people to commit an offence, such as online recruitment for ISIS.[44][45] Former Minister of State with the Ministry of Information Technology, Milind Deora has supported a new "unambiguous section to replace 66A".[46]

In 2022, it was reported[47] that there has been a proposal to replace the Information Technology Act with a more comprehensive and updated Digital India Act, which would cover a wider range of information technology issues and concerns. This law could ostensibly have focal areas around privacy, social media regulation, regulation of over-the-top platforms, internet intermediaries, introducing additional contraventions or offences, and governance of new technologies.[48]

Importance of the Information Technology Act[edit]

The Indian government closely connects data to citizens' privacy and this is demonstrated when Shiv Shankar Singh states, "Each person must be able to exercise a substantial degree of control over that data and its use. Data protection is legal safeguard to prevent misuse of information about individual person on a medium including computers."[49]

Secondary legislation[edit]

The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 suppresses India's Intermediary Guidelines Rules 2011.[50]

See also[edit]


  1. ^ "IT Act to come into force from August 15". Rediff. 9 August 2000. Retrieved 14 April 2015.
  2. ^ a b c Sujata Pawar; Yogesh Kolekar (23 March 2015). Essentials of Information Technology Law. Notion Press. pp. 296–306. ISBN 978-93-84878-57-3. Retrieved 14 April 2015.
  3. ^ "Section 66A of the Information Technology Act". Centre for Internet and Society (India). Retrieved 14 April 2015.
  4. ^ a b "Yes, snooping's allowed". The Indian Express. 6 February 2009. Retrieved 14 April 2015.
  5. ^ "Deaf, Dumb & Dangerous - 21 Minutes: That was the time our MPs spent on Section 66A. How they played". The Telegraph (India). 26 March 2015. Archived from the original on 28 March 2015. Retrieved 6 May 2015.
  6. ^ "Amended IT Act to prevent cyber crime comes into effect". The Hindu. 27 October 2015. Retrieved 8 May 2015. Vishal rintu -journalists of the new era
  7. ^ "The Information Technology (Amendment) Act, 2008". Retrieved 7 May 2017.
  8. ^ "Chapter 11: Offences Archives - Information Technology Act". Information Technology Act.
  9. ^ Ganapati, Priya (19 February 2001). "Cyber crime that wasn't?". Retrieved 5 June 2022.
  10. ^ "Four Hackers Arrested in Delhi, Cyber Crime, Gift Vouchers, Hacking, Section 65 / 66 of IT Act, Gyftr". Information Technology Act. 10 February 2010. Retrieved 7 May 2017.
  11. ^ "'If Speaking The Truth Is Sedition, Then I Am Guilty'". Outlook India. 10 September 2010. Retrieved 14 April 2015.
  12. ^ "Indian cartoonist Aseem Trivedi jailed after arrest on sedition charges". The Guardian. 10 September 2010. Retrieved 14 April 2015.
  13. ^ Section 66A: Punishment for sending offensive messages through communication service, etc.
  14. ^ "Professor arrested for poking fun at Mamata". Hindustan Times. 14 April 2012. Archived from the original on 2 July 2014. Retrieved 14 April 2015.
  15. ^ "Cartoon a conspiracy, prof an offender: Mamata". Hindustan Times. 13 April 2012. Archived from the original on 18 May 2015. Retrieved 14 April 2015.
  16. ^ "Arrest over tweet against Chidambaram's son propels 'mango man' Ravi Srinivasan into limelight". India Today. 2 November 2012. Retrieved 14 April 2015.
  17. ^ "Mumbai shuts down due to fear, not respect". The Hindu. 19 November 2012. Retrieved 23 April 2015.
  18. ^ "FB post: 10 Sainiks arrested for hospital attack". The Hindu. 20 November 2012. Retrieved 23 April 2015.
  19. ^ "Facebook row: Court scraps charges against Palghar girls". The Hindu. 31 January 2013. Retrieved 23 April 2015.
  20. ^ "Teen arrested for Facebook post attributed to Azam Khan gets bail". The Times of India. 19 March 2015. Retrieved 6 May 2015.
  21. ^ "UP tells SC that prosecution on boy for post against Azam Khan will continue". The Indian Express. 24 April 2015. Retrieved 6 May 2015.
  22. ^ "Government Bans 59 mobile apps which are prejudicial to sovereignty and integrity of India, defence of India, security of state and public order". Retrieved 24 November 2020.
  23. ^ Soni, Aayush (6 July 2020). "Can Chinese apps appeal India's ban? Section 69A of IT Act has the answer". ThePrint. Retrieved 24 November 2020.
  24. ^ "Government of India blocks 43 mobile apps from accessing by users in India". Retrieved 24 November 2020.
  25. ^ "Indian government bans 43 apps: Here's the list". Hindustan Times Tech. 24 November 2020. Retrieved 24 November 2020.
  26. ^ "Garena Free Fire, 53 other 'Chinese' apps banned: Full list of banned apps". The Indian Express. 16 February 2022. Retrieved 16 February 2022.
  27. ^ a b "Section 66A of IT Act undemocratic: RS MPs". The Times of India. 15 December 2012. Retrieved 6 May 2015.
  28. ^ "After Mumbai FB case, writ filed in Lucknow to declare section 66A, IT Act 2000 as ultra-vires". The Times of India. 21 November 2012. Retrieved 14 April 2015.
  29. ^ "SC accepts PIL challenging Section 66A of IT Act". The Times of India. 29 November 2012. Retrieved 23 April 2015.
  30. ^ "Shreya Singhal: The student who took on India's internet laws". BBC News. 24 March 2015. Retrieved 6 May 2015.
  31. ^ "SC seeks govt reply on PIL challenging powers of IT Act". Live Mint. 30 August 2015. Retrieved 6 May 2015.
  32. ^ Shrivastava, Prachi (30 March 2015). "Behind the scenes of the fight against Section 66A". mint. Retrieved 29 July 2022.
  33. ^ "SC strikes down 'draconian' Section 66A". The Hindu. 25 March 2015. Retrieved 23 April 2015.
  34. ^ "SC quashes Section 66A of IT Act: Key points of court verdict". The Times of India. 24 March 2015. Retrieved 6 May 2015.
  35. ^ Gupta, Apar; Sekhri, Abhinav (4 November 2018). "The ghosts of laws past: on the application of Section 66A of IT Act". The Hindu. ISSN 0971-751X. Retrieved 29 July 2022.
  36. ^ "India data privacy rules may be too strict for some U.S. companies". The Washington Post. 21 May 2011. Retrieved 23 April 2015.
  37. ^ "All computers can now be monitored by govt. agencies". The Hindu. 21 December 2018. ISSN 0971-751X. Retrieved 27 December 2018.
  38. ^ "A spy state? Home ministry's blanket surveillance order must be tested against fundamental right to privacy". Times of India Blog. 24 December 2018. Retrieved 27 December 2018.
  39. ^ "Government's surveillance order key to national security: MHA officials". Hindustan Times. 27 December 2018. Retrieved 27 December 2018.
  40. ^ "India Takes a Tough Stand on Neighbouring Apps". The National Law Review. Retrieved 24 November 2020.
  41. ^ "Chinese apps ban – legality in domestic and international law". 30 May 2022.
  42. ^ "59 Chinese apps banned | Is it legal? Here's what the Indian Information Technology Act says". Moneycontrol. 30 June 2020. Retrieved 24 November 2020.
  43. ^ "Centre working on new law similar to Section 66A: Devendra Fadnavis". The Times of India. 2 April 2015. Retrieved 6 May 2015.
  44. ^ "Section 66A of the IT Act likely to be back in softer avatar". The Economic Times. 14 April 2015. Retrieved 6 May 2015.
  45. ^ "New panel to work on Section 66A alternative". Hindustan Times. 14 April 2015. Archived from the original on 15 April 2015. Retrieved 6 May 2015.
  46. ^ "Former IT minister Milind Deora: Why we need a new Section 66A". Rediff. 2 April 2015. Retrieved 6 May 2015.
  47. ^ "Comprehensive legal framework is in the works: Ashwini Vaishnaw". LiveMint. 4 August 2022. Retrieved 25 August 2022.
  48. ^ Avasarala, Sameer. "Advent of a new-era Digital India Act – Key aspects to look out". Lakshmikumaran & Sridharan Attorneys. Retrieved 25 August 2022.
  49. ^ Shankar Singh, Shiv (2011). Accessed 13 Mar. 2021. "PRIVACY AND DATA PROTECTION IN INDIA: A CRITICAL ASSESSMENT". Journal of the Indian Law Institute. 53: 671. {{cite journal}}: Check |url= value (help)
  50. ^ Dalmia, Vijay Pal (4 March 2021). "Information Technology (Guidelines For Intermediaries And Digital Media Ethics Code) Rules, 2021". Retrieved 5 March 2021.

Further reading[edit]

External links[edit]