
The Information Technology Act, 2000, also known as the IT Act, is India's primary legislation for addressing cybercrime and electronic commerce. The Act, which came into effect on October 17, 2000, was formulated to ensure the lawful conduct of digital transactions and the reduction of cyber crimes, and contains provisions that outline different offences and penalties related to the misuse of technology and electronic communication. With the rapid increase in cyber crimes and offences related to data and authentic information, the Indian government passed this Act to protect the data of its citizens and the government, making India the 12th country in the world to pass dedicated cyber crime legislation.
| Characteristics | Values |
|---|---|
| Date of proposal | 2000 |
| Date of implementation | 17 October 2000 |
| Date of amendments | 2008, 2009, 2021, 2022, 2023 |
| Number of sections | 94 |
| Number of chapters | 13 |
| Number of schedules | 2 (originally 4) |
| Purpose | To deal with cybercrime and electronic commerce, and to facilitate lawful electronic, digital, and online transactions while mitigating cybercrime |
| Scope | All individuals, regardless of nationality and geographic location |
| Cyber laws within the act | 5: The IT Act, the Indian Penal Code of 1860 (IPC), the Information Technology Rules (IT Rules), the Companies Act of 2013, and the Cybersecurity Framework (NCFS) |
| Offences | Hacking, breach of trust, offences under Chapter 11 (Section 65 to 74) |
| Bodies affected | Companies, social media platforms, intermediaries, citizens |
| Bodies created | Cyber Regulations Advisory Committee |
Explore related products
What You'll Learn

The IT Act 2000 and its amendments
The Information Technology Act, 2000 (also known as the IT Act or ITA-2000) is an Act of the Indian Parliament that came into effect on 17 October 2000. It is the primary legislation in India dealing with cybercrime and electronic commerce. The IT Act provides a legal framework for electronic governance, giving recognition to electronic records, digital signatures, and electronic contracts. It also defines cyber crimes and prescribes penalties for civil wrongs.
The IT Act was formulated to ensure the lawful conduct of digital transactions and to reduce cyber crimes. It is based on the Model Law on Electronic Commerce, adopted by the United Nations Commission on International Trade Law. The Act contains 94 sections, divided into 13 chapters and initially 4 schedules, two of which were later omitted.
Amendments
The IT Act has undergone several amendments since its implementation to address evolving technological advancements and societal needs. Here are some key amendments:
- 2008 Amendment: This amendment introduced Section 66A, which penalised the sending of "offensive messages". It also introduced Section 69, authorising the interception, monitoring, or decryption of information through computer resources. Additionally, it addressed pornography, child pornography, cyberterrorism, and voyeurism.
- 2009 Amendment: The 2009 amendment added six new offences under Section 66, incorporated as Sections 66A to 66F.
- 2015 Amendment: In 2015, an initiative was proposed to amend Section 66A to safeguard the fundamental rights guaranteed to citizens by the Indian Constitution.
- 2017 Amendment: This amendment introduced the concept of "safe harbour" for intermediaries under Section 79 of the IT Act. It provided legal protection for intermediaries who fulfilled certain conditions, such as promptly removing unlawful content upon notification.
- 2022 Amendment: The Parliament of India passed the Digital Personal Data Protection Act, 2022, to safeguard individual privacy and data with provisions for informed consent.
- 2023 Amendment: The Jan Vishwas (Amendment of Provisions) Act, 2023, omitted Section 66A from the IT Act due to its unconstitutional nature.
Maintaining Your Law License: Is It Worth It?
You may want to see also
Explore related products

Cybercrime and electronic commerce
The Information Technology Act, 2000 (ITA-2000 or IT Act) is India's primary legislation for addressing cybercrime and electronic commerce. It was passed by the Indian Parliament and came into effect on 17 October 2000. The IT Act has 94 sections spread across 13 chapters and initially 4 schedules, two of which have since been omitted.
The IT Act was formulated based on the United Nations Commission on International Trade Law's Model Law on Electronic Commerce. It aims to ensure the lawful conduct of digital transactions and curb cybercrimes. The Act empowers government departments to accept and retain official documents in digital formats, giving legal validity to digital signatures and emails.
The IT Act outlines various offences and penalties related to the misuse of technology and electronic communication. It covers cybersecurity, digital certificates, and the regulation of certification authorities. The Act also addresses electronic governance, secure electronic records, and electronic signatures.
To address the evolving nature of cybercrime, the IT Act has undergone amendments over the years, such as in 2008-2009, which introduced six new offences under Section 66, and in 2023, where new criminal laws were introduced.
As cybercrime continues to escalate in India, the IT Act 2000 serves as a crucial step towards safeguarding data and sensitive information stored online. It provides a legal framework for the detection, control, and punishment of cybercrimes, protecting citizens' privacy and data from misuse.
Washington State: License Address Laws Explained
You may want to see also
Explore related products

Data protection and privacy
India has recently passed a long-awaited data protection and privacy law, which governs how entities process users' personal data. The Digital Personal Data Protection Act (DPDP Act) establishes guidelines for how organisations should handle personal data and offers citizens control over the personal data gathered about them. The Act will make it mandatory for entities collecting user data to obtain express user consent before processing the data, with some exceptions.
The DPDP Act introduces several compliances with respect to the collection, processing, storage, and transfer of digital personal data. It is applicable to Indian entities that engage in the processing of personal data, but also has extra-territorial applicability, applying to foreign entities that offer goods and services to Data Principals located within India and process personal data in connection with these activities. The DPDP Act does not apply to personal data used by an individual for personal or domestic purposes or personal data deliberately made publicly accessible by the Data Principal or another individual or entity mandated by law.
The DPDP Act also designates certain entities as "Significant Data Fiduciaries", imposing heightened compliance measures on them given the nature and volume of personal data they process. These entities must appoint a Data Protection Officer based in India, who will be responsible to the Board of Directors and act as the point of contact for user grievances. They must also appoint independent data auditors who will evaluate the entity's compliance and undertake periodic Data Protection Impact assessments, which include assessing the rights of users and the management of risks related to processing their personal data.
The DPDP Act prohibits the behavioural monitoring of and targeted advertising directed at minors. It also establishes the Personal Data Protection Board, which will investigate data breaches and handle consumer inquiries about the processing of their personal data.
The Information Technology Act, 2000 (IT Act) and rules notified under it formed the basis of India's data protection framework until the DPDP Act was passed. The IT Act is a legal framework proposed by the Indian Parliament that deals with cybercrime and electronic commerce. It contains provisions that outline different offences and penalties related to the misuse of technology and electronic communication.
Real Estate License Exemptions: Who's Exempt from the Law?
You may want to see also
Explore related products

Offences and penalties
The Information Technology Act, 2000 (also known as the IT Act) is the primary legislation in India dealing with cybercrime and electronic commerce. The IT Act provides a legal framework for electronic transactions, digital communication, and cybercrime in India. It was formulated to ensure the lawful conduct of digital transactions and the reduction of cyber crimes. The Act defines various offences related to data privacy and breach of data and provides punishments or penalties for them.
The IT Act defines various offences and their punishments. Chapter 11 of the Act describes various offences related to data breach and their punishments. The Act also provides for the duties of subscribers and various penalties in case a computer system is damaged by anyone other than the owner of the system. The Act also provides for an Appellate Tribunal to be established under the Act, and an appeal from the tribunal lies with the High Court.
The Act also regulates and protects the sensitive data stored by social media and other electronic intermediaries. It provides for the validity and recognition of electronic records and digital signatures. The Act also has extra-territorial jurisdiction, meaning it applies to a person committing an offence outside the country if the source of the offence is in India.
The data privacy rules introduced in 2011 require firms to obtain written permission from customers before collecting and using their personal data. Section 69 allows the interception of information and the refusal to decrypt information is an offence. The Act also provides for offences related to offensive online content under Section 66A, although this was struck down by the Supreme Court of India in 2015 as unconstitutional.
The IT Act has undergone multiple amendments to address emerging technologies and new forms of cybercrime. The 2021 amendments introduced a framework to regulate social media platforms and digital news content, including measures to address objectionable content and user data privacy.
Top Law Schools: Where to Study Law?
You may want to see also
Explore related products

The future: Digital India Act
The Information Technology Act, 2000 (ITA-2000 or IT Act) is the primary legislation in India dealing with cybercrime and electronic commerce. The Act was formulated to ensure the lawful conduct of digital transactions and the reduction of cyber crimes, which had seen a rapid escalation in India. The IT Act provides a legal framework to protect data related to e-commerce and digital signatures.
In 2022, there were proposals to replace the Information Technology Act with a more comprehensive and updated Digital India Act. This new act would have a broader scope and address the following:
- Privacy: The Digital India Act would focus on protecting citizens' privacy and personal data, with provisions for informed consent. This is a key area of concern for the Indian government, which closely connects data to citizens' privacy.
- Social Media Regulation: With the increasing use of social media and the amount of data stored therein, the new act would likely further regulate the activities of social media platforms and ensure better protection of user data.
- Regulation of Over-the-Top (OTT) Platforms: The Digital India Act could also bring in regulations for OTT platforms, which currently fall under the IT Act's intermediary guidelines.
- Internet Intermediaries: The new act would likely continue to regulate internet intermediaries, as defined in the IT Act, and ensure they are compliant with data protection and privacy measures.
- Governance of New Technologies: As technology advances, the Digital India Act would need to address the legal implications and governance of emerging technologies, such as artificial intelligence, blockchain, and the Internet of Things (IoT).
- Additional Offences and Contraventions: The Digital India Act is expected to introduce new sections that define and address additional offences and contraventions related to the misuse of technology, data breaches, and privacy violations.
The Digital India Act aims to address the evolving landscape of technology and data protection, providing an updated legal framework that safeguards citizens' privacy and data while also promoting innovation and the growth of the digital economy.
Understanding Copyright Laws in India
You may want to see also
Frequently asked questions
The Information Technology Act, 2000 (ITA-2000 or IT Act) is a law in India that deals with cybercrime and electronic commerce. It provides a legal framework to protect data related to e-commerce and digital signatures.
The IT Act has 94 sections, divided into 13 chapters and 4 schedules (now 2). It covers offences and penalties related to the misuse of technology and electronic communication, data privacy, and the protection of sensitive information stored by intermediaries.
The IT Act was introduced to address the rapid increase in cybercrime cases in India and the need to safeguard data and sensitive information. It was also formulated to ensure the lawful conduct of digital transactions, based on the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law in 1996.
Yes, the IT Act has undergone amendments over the years. In 2009, an amendment brought in 6 different offences under Section 66, from Section 66A to 66F. In 2023, the Indian Parliament passed new criminal laws, replacing the old IPC, Evidence Act, and Criminal Procedure Code. There have also been proposals to replace the IT Act with a more comprehensive Digital India Act.








































