ITR Season 2025 Banner

IT Act 2000: Objectives, Features, Amendments, Sections, Offences and Penalties

By Mayashree Acharya

|

Updated on: Apr 29th, 2025

|

8 min read

Over the past decade, the rise of technology and electronic commerce has led to a surge in cybercrimes and data-related offences in India. As per the latest news, the cybercrime cases in India have tripled between 2022 and 2024. However, the Information Technology Act or IT Act 2000 helps to curb cyber crimes and protect curcial data. 

In this article, we will provide a comprehensive overview of the IT Act, highlighting all the associated factors that you need to know.

What Is the Information Technology Act 2000? 

A legal framework proposed by the Indian Parliament, the Informational Technology Act of 2000, is the primary legislation in India dealing with cybercrime and electronic commerce. It was formulated to ensure the lawful conduct of digital transactions and the reduction of cyber crimes, on the basis of the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law. This legal framework, also known as IT Act 2000, comes with 94 sections, divided into 13 chapters and 4 schedules. 

When IT Act 2000 Came Into Effect? 

The bill of this law was passed in the Budget by a group of Parliament members, headed by the then Minister of Information Technology and signed by the President on 9 May 2000. It finally came into effect on 17 October 2000, imposing restrictions on all individuals regardless of their nationality and geographic location. 

Importance of IT Act 2000

Read the pointers highlighted below to understand the importance of formulating Information Technology Act 2000: 

  • The Act provides legal recognition to electronic records, resulting in the growth of e-commerce and digital transactions in India. 
  • It has established electronic signatures as the legal equivalent of physical signatures. 
  • The formulation of this act has come up with the establishment of the Controller of Certifying Authorities (CCA), a government body that is responsible for issuing and maintaining the security of digital signatures as well as certificates. 
  • The Act has made it mandatory for companies to obtain consent from consumers when it comes to collecting or using their personal information. 
  • With the Act becoming effective, individuals have the right to seek compensation in case of damage or misuse of their personal data by an unauthorised party. 
  • Through the Act, the Government of India can criminalise cybercrime, hacking and spreading of computer viruses. 
  • The Information Technology Act 2000 also authorised the establishment of the Appellate Tribunal, a specialised official body to enforce the Act.

Objectives of the Information Technology Act 2000

The following are the main objectives of the Information Technology Act of 2000 that you should know:

  • Promote efficient delivery of government services electronically or facilitate digital transactions between firms and regular individuals. 
  • Impose penalties upon cybercrimes like data theft, hacking, identity theft, cyberstalking and so on, in order to create a secure cyber landscape.
  • Formulate rules and regulations that monitor the cyber activity and electronic mediums of communication and commerce. 
  • Promote the expansion and foster innovation and entrepreneurship in the Indian IT/ITES sector.

Features of the Information Technology Act 2000

Take a look at the salient features of the Information Technology Act 2000:

  • The provisions of this Act are implemented by the Central Government to regulate electronic commerce and penalise cybercrime. 
  • The Act states the roles and responsibilities of intermediaries as well as conditions under which their liability can be exempted. 
  • The Information Technology Act is associated with CERT-In (Indian Computer Emergency Response Team), a nodal agency that is responsible for cybersecurity and cyber incident response. 
  • The Act provides validity to electronic records and signatures in business.
  • It facilitates to manage records electronically in government offices.
  • The provisions of this Act provides for securing personal and sensitive information.
  • It recognises and establishes the legality of digital signatures.

IT Act 2000 and Its Amendments

As technology evolved over time, the Indian Parliament recognised the need to revise the Act in order to align it with societal needs, resulting in its amendment. Two significant amendments made to the IT Act 2000 are as follows:

1. Amendment of 2008 

The 2008 amendment came up with modifications to Section 66A of the IT Act, 2000. This section outlined penalties for sharing offensive messages electronically. However, this was omitted by the Jan Vishwas (Amendment of Provisions) Act, 2023. Other significant changes made to the Act by the 2008 amendment was the introduction of electronic signature to authenticate electronic records. It provided that contracts formed through electronic means are valid. 

The amendment also provided that if any company handles sensitive personal data or information in a negligent way which causes wrongful loss to any person, such company should pay damages to the affected person. It provides punishments for disclosure of information of contract terms in a breach of lawful contract.

2. Amendment Bill 2015 

In 2015, another bill was initiated to amend Section 66A with the aim of safeguarding the fundamental rights guaranteed to citizens by the country's Constitution. This was later accomplished by declaring it as violative of Article 19 of the Constitution and omitting Section 66A from the Act.

Digital Signature Under IT Act 2000

The Information Technology Act 2000 includes provisions that legally introduce the use of digital signatures for submitting crucial documents online, ensuring their security and authenticity. The Act further mandates all companies/LLPs under the MCA21 e-Governance programme to utilise digital signatures for document filing. 

Electronic Governance Under IT Act 2000

Electronic Governance or E-Governance involves the application of legal rules and regulations for managing, controlling, and administering government processes that are conducted through electronic means. Electronic governance is dealt with under the Information Technology Act 2000 as follows:

  • Section 4: This Section grants legal recognition to electronic records, making it an equivalent of paper-based documents. 
  • Section 5: In Section 5 of the Indian IT Act, 2000, electronic signatures get equal legal recognition as handwritten signatures. However, the authentication of these electronic signatures is determined by the Central Government.
  • Section 6: Eliminating red tapism, Section 6 promotes use of the electronic records and electronic signatures by all agencies of the Indian Government. This involves online filing of documents, issuance of licences/approvals electronically and digital receipt/payment of money. 
  • Section 7: This Section authorises the retention of electronic records for fulfilment of legally retaining records. 

IT Act 2000 Sections

The Information Technology Act 2000 has 94 sections focusing on the regulation of electronic exchanges. These sections collectively establish a comprehensive framework for electronic governance, digital signatures, and the legal recognition of electronic records. All these sections play a crucial role in facilitating the use of digital technologies in governance. Some of the prominent sections of the IT Act 2000 are provided below.

Section 43 of IT Act 2000

Section 43 of Chapter IX of the IT Act, 2000 outlines various actions for which a penalty is imposed if done without permission from the person in charge of the computer system. These actions are discussed below. 

  • Access information from the system 
  • Download or copy data with proper authorisation 
  • Introduce virus or other malicious software into the system 
  • Cause damage to a computer network or database 
  • Prevent an authorised user from accessing the system
  • Assist others in breaching the provisions of the law
  • Charge someone for services they have not utilised 
  • Alter or remove information to reduce its value or cause harm 
  • Steal or mess with the code that makes a computer program work

Section 66 of IT Act 2000

If an individual engages in any action outlined in Section 43 with dishonest or fraudulent intent, he/she shall be subject to punishment. As per Section 66 of the IT Act 2000, this punishment may include imprisonment for a period of up to 3 years, a fine of up to Rs. 5 lakh, or both.

Section 66B of IT Act 2000

Section 66B outlines the punishment for dishonestly receiving stolen computer resources or communication devices. As per this section, anyone who knowingly receives or retains any stolen computer resource or communication device shall be liable to imprisonment for up to 3 years, or a fine of up to Rs. 1 lakh, or both.

Section 67A of the IT Act 2000

Section 67A deals with the punishment for publishing or sharing material containing sexually explicit acts in electronic form. On 1st conviction, individuals who publish such material shall face imprisonment for up to 3 years and a fine of up to Rs. 5 lakh. In the event of a 2nd or subsequent conviction, the punishment may extend to imprisonment for up to 5 years and a fine of up to Rs. 10 lakh.

Offences and Penalties Under IT Act 2000

There are provisions in the Information Technology Act 2000 that outline different offences and penalties related to the misuse of technology and electronic communication. Let us take a look: 

Section Offence Penalty 
Section 65 Tampering documents stored within a computer systemImprisonment of 3 years or a fine of Rs. 2 lakhs or both
Section 66Offences associated with computers or any act outlined in Section 43Imprisonment of 3 years or a fine that extends to Rs. 5 lakhs or both
Section 66BDishonestly receiving a stolen computer source or deviceImprisonment for 3 years or a fine of Rs. 1 lakh or both
Section 66CIdentity theftImprisonment of 3 years or a fine of Rs. 1 lakh or both
Section 66DCheating by personationEither imprisonment for 3 years or a fine of Rs. 1 lakh or both
Section 66EInvading privacy Either imprisonment up to 3 years or a fine of Rs. 2 lakhs or both
Section 66F Cyber terrorismLife imprisonment 
Section 67Sending explicit or obscene material in electronic formImprisonment of 5 years and a fine of Rs. 10 lakhs
Section 67A Sending material containing sexually explicit acts of through electronic meansImprisonment of 7 years and a fine of Rs. 10 lakhs
Section 67BDepicting children in sexually explicit form and sharing such material through electronic modeImprisonment of 7 years and a fine of Rs. 10 lakhs
Section 67CFailure to preserve and retain the information by intermediaries Penalty upto Rs. 25 lakhs
Section 68Failure to comply orders the ControllerPenalty upto Rs. 25 lakhs
Section 69Failure to intercept, monitor or decrypt data as per the instructions of the governmentImprisonment for 7 years and a fine
Section 69AFailure to block public access of any information through computer resource as per the instructions of the governmentImprisonment for 7 years and a fine
Section 69BFailure to monitor and collect traffic data or information through computer resource for cyber security as per the government notificationImprisonment for 1 year or a fine of Rs. 1 crore
Section 70Secures access or attempts to secure access to a protected system Imprisonment for 10 years and a fine
Section 71Misrepresentation to the Controller or the Certifying AuthorityImprisonment for 2 years or a fine of Rs. 1 lakh or both
Section 72Breach of confidentiality and privacy Penalty of Rs. 5 lakhs
Section 72ADisclosure of information in breach of lawful contractPenalty of Rs. 25 lakhs
Section 73Falsy publishing electronic signature certificateImprisonment for 2 years or a fine of Rs. 1 lakhs or both
Section 74Publication for fraudulent purposes Imprisonment for 2 years or a fine of Rs. 1 lakhs or both

Cyber Crime Under IT Act 2000

When it comes to cybersecurity, there are 5 main types of laws followed in India. These include the Information Technology Act 2000 (IT Act), the Indian Penal Code of 1860 (IPC), the Information Technology Rules (IT Rules), the Companies Act of 2013, and the Cybersecurity Framework (NCFS). 

The cyber law established under the IT Act of 2000 stands as the first cyber law approved by the Indian Parliament. It highlights penalties and sanctions enacted by the Parliament of India that safeguard the sectors of e-governance, e-banking and e-commerce.

Advantages and Disadvantages of IT Act 2000

While the IT Act of 2000 offers numerous benefits, it also carries certain disadvantages. Let us begin by exploring its advantages.

  • Before the Act was enacted, emails, messages and such other means of communication were not legally recognised and thus not admissible as evidence in court. However, with the introduction of the IT Act of 2000, electronic communications gained legal recognition.
  • By leveraging the legal infrastructure provided by this Act, companies can engage in e-commerce or e-business. 
  • With the legalisation of digital signatures, it has become easier to carry out transactions online or verify the identity of an individual on the internet. 
  • Corporations get statutory remedies in the event of unauthorised access or hacking into their computer systems or networks.
  • Individuals get monetary assistance or compensation as a remedy for damages of any kind incurred in computer systems.
  • The Act identifies and penalises various cybercrimes such as hacking, spamming, identity theft, phishing, and so on, which were previously not addressed in any legislation.
  • The Act permits companies to serve as certifying authorities and issue digital certificates.
  • It empowers the Indian Government to issue notices on the internet through e-governance.

Let us now walk through a list of disadvantages that came forth after the enactment of the Information Technology Act 2000:

  • The Information Technology Act of 2000 fails to address the issues involving domain names, and the rights, and liabilities of domain owners.
  • Despite the prevalence of copyright and patent issues in India, the Act still does not protect Intellectual Property Rights when it comes to computer programs and networks.
  • Various kinds of cybercrimes such as cyberstalking, cyber fraud, chat room abuse, theft of internet hours, and many more are not covered by this Act.
  • The IT Act has also failed to address critical issues such as privacy and content regulation. 

With the rapid escalation of cybercrime cases in India, there emerged an urgent need for a mechanism to detect and control them. The IT Act 2000 is a step towards safeguarding the data and sensitive information stored with online intermediaries. In addition, this Act comes with various provisions that benefit citizens and protect their data from misuse. 

Can't get yourself started on taxes?
Get a Cleartax expert to handle all your tax filing start-to-finish

Frequently Asked Questions

How many schedules are there in IT Act 2000?

As of March 2025, the IT Act contains 2 schedules. Initially, the Act included 4 schedules, with 2 of them being omitted over time.

What are the components of the Information Technology Act 2000?

The Information Technology Act 2000 is a legal framework focusing on the legal recognition of digital certificates and the regulation of certification authorities as its components. 

What are the salient features of IT Act 2000?

The primary feature of the IT Act of 2000 is to facilitate lawful electronic, digital, and online transactions while mitigating cybercrimes.

How many sections are in the IT Act 2000?

There are 94 sections in the Information Technology Act of 2000. 

What is digital signature as per IT Act 2000?

A digital signature is the authentication of any electronic record by a subscriber through an electronic method or procedure. It serves as the digital equivalent of a traditional handwritten signature or stamped seal.

What is the IT Act of 2000 to control?

The Information Technology Act 2000 has a primary objective to regulate and control the prevalent cybercrime cases in India. 

What is Section 67A of the IT Act?

Section 67A of the Information Technology Act states the punishment for publishing or sharing material that contains sexually explicit acts through electronic means. 

About the Author

I am an advocate by profession and have a keen interest in writing. I write articles in various categories, from legal, business, personal finance, and investments to government schemes. I put words in a simplified manner and write easy-to-understand articles. Read more

Clear offers taxation & financial solutions to individuals, businesses, organizations & chartered accountants in India. Clear serves 1.5+ Million happy customers, 20000+ CAs & tax experts & 10000+ businesses across India.

Efiling Income Tax Returns(ITR) is made easy with Clear platform. Just upload your form 16, claim your deductions and get your acknowledgment number online. You can efile income tax return on your income from salary, house property, capital gains, business & profession and income from other sources. Further you can also file TDS returns, generate Form-16, use our Tax Calculator software, claim HRA, check refund status and generate rent receipts for Income Tax Filing.

CAs, experts and businesses can get GST ready with Clear GST software & certification course. Our GST Software helps CAs, tax experts & business to manage returns & invoices in an easy manner. Our Goods & Services Tax course includes tutorial videos, guides and expert assistance to help you in mastering Goods and Services Tax. Clear can also help you in getting your business registered for Goods & Services Tax Law.

Save taxes with Clear by investing in tax saving mutual funds (ELSS) online. Our experts suggest the best funds and you can get high returns by investing directly or through SIP. Download Black by ClearTax App to file returns from your mobile phone.

Cleartax is a product by Defmacro Software Pvt. Ltd.

Company PolicyTerms of use

ISO

ISO 27001

Data Center

SSL

SSL Certified Site

128-bit encryption