IT Act 2000: Objectives, Features, Amendments, Sections, Offences and Penalties

Over the past decade, the rise of technology and electronic commerce has led to a surge in cybercrimes and data-related offences in India. As per the latest news, the cybercrime cases in India have tripled between 2022 and 2024. However, the Information Technology Act or IT Act 2000 helps to curb cyber crimes and protect curcial data. 

In this article, we will provide a comprehensive overview of the IT Act, highlighting all the associated factors that you need to know.

What Is the Information Technology Act 2000? 

A legal framework proposed by the Indian Parliament, the Informational Technology Act of 2000, is the primary legislation in India dealing with cybercrime and electronic commerce. It was formulated to ensure the lawful conduct of digital transactions and the reduction of cyber crimes, on the basis of the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law. This legal framework, also known as IT Act 2000, comes with 94 sections, divided into 13 chapters and 4 schedules. 

When IT Act 2000 Came Into Effect? 

The bill of this law was passed in the Budget by a group of Parliament members, headed by the then Minister of Information Technology and signed by the President on 9 May 2000. It finally came into effect on 17 October 2000, imposing restrictions on all individuals regardless of their nationality and geographic location. 

Importance of IT Act 2000

Read the pointers highlighted below to understand the importance of formulating Information Technology Act 2000: 

• The Act provides legal recognition to electronic records, resulting in the growth of e-commerce and digital transactions in India. 
• It has established electronic signatures as the legal equivalent of physical signatures. 
• The formulation of this act has come up with the establishment of the Controller of Certifying Authorities (CCA), a government body that is responsible for issuing and maintaining the security of digital signatures as well as certificates. 
• The Act has made it mandatory for companies to obtain consent from consumers when it comes to collecting or using their personal information. 
• With the Act becoming effective, individuals have the right to seek compensation in case of damage or misuse of their personal data by an unauthorised party. 
• Through the Act, the Government of India can criminalise cybercrime, hacking and spreading of computer viruses. 
• The Information Technology Act 2000 also authorised the establishment of the Appellate Tribunal, a specialised official body to enforce the Act.

Objectives of the Information Technology Act 2000

The following are the main objectives of the Information Technology Act of 2000 that you should know:

• Promote efficient delivery of government services electronically or facilitate digital transactions between firms and regular individuals. 
• Impose penalties upon cybercrimes like data theft, hacking, identity theft, cyberstalking and so on, in order to create a secure cyber landscape.
• Formulate rules and regulations that monitor the cyber activity and electronic mediums of communication and commerce. 
• Promote the expansion and foster innovation and entrepreneurship in the Indian IT/ITES sector.

Features of the Information Technology Act 2000

Take a look at the salient features of the Information Technology Act 2000:

• The provisions of this Act are implemented by the Central Government to regulate electronic commerce and penalise cybercrime. 
• The Act states the roles and responsibilities of intermediaries as well as conditions under which their liability can be exempted. 
• The Information Technology Act is associated with CERT-In (Indian Computer Emergency Response Team), a nodal agency that is responsible for cybersecurity and cyber incident response. 
• The Act provides validity to electronic records and signatures in business.
• It facilitates to manage records electronically in government offices.
• The provisions of this Act provides for securing personal and sensitive information.
• It recognises and establishes the legality of digital signatures.

IT Act 2000 and Its Amendments

As technology evolved over time, the Indian Parliament recognised the need to revise the Act in order to align it with societal needs, resulting in its amendment. Two significant amendments made to the IT Act 2000 are as follows:

1. Amendment of 2008 

The 2008 amendment came up with modifications to Section 66A of the IT Act, 2000. This section outlined penalties for sharing offensive messages electronically. However, this was omitted by the Jan Vishwas (Amendment of Provisions) Act, 2023. Other significant changes made to the Act by the 2008 amendment was the introduction of electronic signature to authenticate electronic records. It provided that contracts formed through electronic means are valid. 

The amendment also provided that if any company handles sensitive personal data or information in a negligent way which causes wrongful loss to any person, such company should pay damages to the affected person. It provides punishments for disclosure of information of contract terms in a breach of lawful contract.

2. Amendment Bill 2015 

In 2015, another bill was initiated to amend Section 66A with the aim of safeguarding the fundamental rights guaranteed to citizens by the country's Constitution. This was later accomplished by declaring it as violative of Article 19 of the Constitution and omitting Section 66A from the Act.

Digital Signature Under IT Act 2000

The Information Technology Act 2000 includes provisions that legally introduce the use of digital signatures for submitting crucial documents online, ensuring their security and authenticity. The Act further mandates all companies/LLPs under the MCA21 e-Governance programme to utilise digital signatures for document filing. 

Electronic Governance Under IT Act 2000

Electronic Governance or E-Governance involves the application of legal rules and regulations for managing, controlling, and administering government processes that are conducted through electronic means. Electronic governance is dealt with under the Information Technology Act 2000 as follows:

• Section 4: This Section grants legal recognition to electronic records, making it an equivalent of paper-based documents. 
• Section 5: In Section 5 of the Indian IT Act, 2000, electronic signatures get equal legal recognition as handwritten signatures. However, the authentication of these electronic signatures is determined by the Central Government.
• Section 6: Eliminating red tapism, Section 6 promotes use of the electronic records and electronic signatures by all agencies of the Indian Government. This involves online filing of documents, issuance of licences/approvals electronically and digital receipt/payment of money. 
• Section 7: This Section authorises the retention of electronic records for fulfilment of legally retaining records. 

IT Act 2000 Sections

The Information Technology Act 2000 has 94 sections focusing on the regulation of electronic exchanges. These sections collectively establish a comprehensive framework for electronic governance, digital signatures, and the legal recognition of electronic records. All these sections play a crucial role in facilitating the use of digital technologies in governance. Some of the prominent sections of the IT Act 2000 are provided below.

Section 43 of IT Act 2000

Section 43 of Chapter IX of the IT Act, 2000 outlines various actions for which a penalty is imposed if done without permission from the person in charge of the computer system. These actions are discussed below. 

• Access information from the system 
• Download or copy data with proper authorisation 
• Introduce virus or other malicious software into the system 
• Cause damage to a computer network or database 
• Prevent an authorised user from accessing the system
• Assist others in breaching the provisions of the law
• Charge someone for services they have not utilised 
• Alter or remove information to reduce its value or cause harm 
• Steal or mess with the code that makes a computer program work

Section 66 of IT Act 2000

If an individual engages in any action outlined in Section 43 with dishonest or fraudulent intent, he/she shall be subject to punishment. As per Section 66 of the IT Act 2000, this punishment may include imprisonment for a period of up to 3 years, a fine of up to Rs. 5 lakh, or both.

Section 66B of IT Act 2000

Section 66B outlines the punishment for dishonestly receiving stolen computer resources or communication devices. As per this section, anyone who knowingly receives or retains any stolen computer resource or communication device shall be liable to imprisonment for up to 3 years, or a fine of up to Rs. 1 lakh, or both.

Section 67A of the IT Act 2000

Section 67A deals with the punishment for publishing or sharing material containing sexually explicit acts in electronic form. On 1st conviction, individuals who publish such material shall face imprisonment for up to 3 years and a fine of up to Rs. 5 lakh. In the event of a 2nd or subsequent conviction, the punishment may extend to imprisonment for up to 5 years and a fine of up to Rs. 10 lakh.

Offences and Penalties Under IT Act 2000

There are provisions in the Information Technology Act 2000 that outline different offences and penalties related to the misuse of technology and electronic communication. Let us take a look: 

Cyber Crime Under IT Act 2000

When it comes to cybersecurity, there are 5 main types of laws followed in India. These include the Information Technology Act 2000 (IT Act), the Indian Penal Code of 1860 (IPC), the Information Technology Rules (IT Rules), the Companies Act of 2013, and the Cybersecurity Framework (NCFS). 

The cyber law established under the IT Act of 2000 stands as the first cyber law approved by the Indian Parliament. It highlights penalties and sanctions enacted by the Parliament of India that safeguard the sectors of e-governance, e-banking and e-commerce.

Advantages and Disadvantages of IT Act 2000

While the IT Act of 2000 offers numerous benefits, it also carries certain disadvantages. Let us begin by exploring its advantages.

• Before the Act was enacted, emails, messages and such other means of communication were not legally recognised and thus not admissible as evidence in court. However, with the introduction of the IT Act of 2000, electronic communications gained legal recognition.
• By leveraging the legal infrastructure provided by this Act, companies can engage in e-commerce or e-business. 
• With the legalisation of digital signatures, it has become easier to carry out transactions online or verify the identity of an individual on the internet. 
• Corporations get statutory remedies in the event of unauthorised access or hacking into their computer systems or networks.
• Individuals get monetary assistance or compensation as a remedy for damages of any kind incurred in computer systems.
• The Act identifies and penalises various cybercrimes such as hacking, spamming, identity theft, phishing, and so on, which were previously not addressed in any legislation.
• The Act permits companies to serve as certifying authorities and issue digital certificates.
• It empowers the Indian Government to issue notices on the internet through e-governance.

Let us now walk through a list of disadvantages that came forth after the enactment of the Information Technology Act 2000:

• The Information Technology Act of 2000 fails to address the issues involving domain names, and the rights, and liabilities of domain owners.
• Despite the prevalence of copyright and patent issues in India, the Act still does not protect Intellectual Property Rights when it comes to computer programs and networks.
• Various kinds of cybercrimes such as cyberstalking, cyber fraud, chat room abuse, theft of internet hours, and many more are not covered by this Act.
• The IT Act has also failed to address critical issues such as privacy and content regulation. 

With the rapid escalation of cybercrime cases in India, there emerged an urgent need for a mechanism to detect and control them. The IT Act 2000 is a step towards safeguarding the data and sensitive information stored with online intermediaries. In addition, this Act comes with various provisions that benefit citizens and protect their data from misuse.