The Information Technology (IT) Act was introduced in India in 2000. It regulates cyber activities and ensure online safety. Back then, the internet was just starting to grow in India. But even then, the need for cyber laws was clear. Over time, the Act has evolved to include many digital offences. These laws help protect your privacy, secure digital communication, and punish cybercrime.
What Are Cyber Offenses?
Offences are enumerated in Chapter XI of the IT Act. Cyber offenses are unlawful acts carried out using advanced technology. In these crimes, the computer acts as a tool, a target, or both. Offenders use digital systems to commit fraud, theft, or data breaches. These crimes are complex and often hard to trace.
Key Cybercrime Offenses Under the IT Act
Section 65 – Tampering with Computer Source Documents
This section deals with the unauthorized alteration, destruction, or concealment of critical computer source code or system files. These documents are essential for the proper functioning of computer systems, and tampering with them can disrupt security or operations.
Section 66 – Computer-Related Offenses
Covers digital fraud, dishonesty, or unauthorized access related to data, programs, or services. If someone violates Section 43 (like hacking, data theft, or introducing viruses), this section makes those acts punishable.
Section 66A – Sending Offensive Messages via Communication Services (Struck down by Supreme Court in 2015)
This section originally criminalized sending offensive, false, or threatening messages via electronic communication.
Section 66B – Receiving Stolen Computer Resources
If a person knowingly receives or keeps any stolen computer system, device, or digital property, this section applies. It extends the concept of “stolen goods” to the digital domain.
Section 66C – Digital Identity Theft
Focuses on the misuse of someone else’s digital identity — like passwords, digital signatures, or biometric data — without permission. It aims to protect users from impersonation and fraud in the digital space.
Section 66D – Online Impersonation & Cheating
Covers fraudulent impersonation online to deceive someone — such as fake job offers, phishing scams, or fake social media profiles — done with the intent to cheat.
Section 66E – Violation of Privacy
This section criminalizes the capture, distribution, or publishing of private images or information without the subject’s consent. It’s commonly invoked in cases of revenge porn or unauthorized photo sharing.
Section 66F – Cyber Terrorism
Addresses cyber activities that threaten national security, such as hacking into critical infrastructure or government systems with malicious intent. It focuses on protecting India’s sovereignty and integrity from digital threats.
Section 67 – Publishing Obscene Content Online
Prohibits publishing or transmitting any obscene material in digital form. It’s aimed at regulating pornographic or sexually explicit content accessible online.
Section 67A – Publishing Sexually Explicit Material
Deals with the distribution of sexually explicit content (distinct from obscenity under Section 67). This includes explicit videos or images shared without consent.
Section 67B – Child Pornography
Strictly prohibits creating, sharing, downloading, or promoting child sexual abuse material. It also criminalizes encouraging minors to engage in explicit online acts.
Section 67C – Data Retention by Intermediaries
Obligates platforms like social media companies and ISPs to retain specific user data and logs for a prescribed period. This helps law enforcement trace and investigate cybercrimes.
Section 68 – Powers of the Controller
Grants the Controller of Certifying Authorities the authority to direct any certifying authority or personnel to comply with specific instructions. It’s related to the enforcement of digital signature guidelines and trust services.
Section 69 – Government Surveillance and Decryption Powers
Enables the Central or State Government to authorize agencies to monitor, intercept, or decrypt any digital information for reasons related to national security, public order, or sovereignty.
Section 69A – Blocking Access to Online Content
Allows the Central Government to block public access to specific online content in the interest of national security, public order, or foreign relations. Often used to block websites or social media posts deemed harmful.
Section 69B – Monitoring of Network Traffic
Permits authorized agencies to monitor and collect traffic data from any computer network to enhance cybersecurity and protect sensitive infrastructure.
Section 70 – Protected Systems
The government can declare certain computer systems as “protected systems,” typically those involved in critical infrastructure (like power grids, banking systems). Unauthorized access to these systems is strictly prohibited.
Section 70A – Nodal Agency for Critical Information Infrastructure (CII)
Authorizes the Central Government to appoint a national nodal agency responsible for safeguarding India’s critical information infrastructure, ensuring its resilience against cyber threats.
Section 70B – CERT-In (Indian Cyber Emergency Response Team)
CERT-In is designated as the national agency for responding to cybersecurity incidents. It coordinates alerts, vulnerability management, and emergency responses across the digital ecosystem.
Section 71 – Misrepresentation to Obtain Digital Certificates
This section deals with anyone who gains digital licenses or certificates by providing false information or hiding material facts.
Section 72 – Breach of Confidentiality by Authorized Persons
Covers unauthorized access or disclosure of information by someone who had lawful access (e.g., IT personnel, service providers) but misuses it without consent.
Section 72A – Breach of Privacy and Contractual Confidentiality
Applies to individuals or intermediaries who misuse personal data accessed through service contracts. This section reinforces data protection responsibilities in commercial agreements.
Section 73 – Misuse of Digital Signature Certificates
Prohibits the unauthorized publication of digital certificates, especially after revocation or expiration, which could mislead the public or businesses.
Section 74 – Fraud Involving Digital Certificates
Targets individuals who forge or use fake digital certificates for illegal activities, ensuring trust in digital identity infrastructure.
Section 75 – Applicability to Offenses Outside India
Ensures the IT Act applies to any offense involving Indian computer systems, even if committed by a foreigner or from outside the country.
Section 76 – Confiscation of Equipment
Empowers authorities to confiscate any digital device used to commit a cyber offense, such as hard drives, mobile phones, or servers.
Section 77 – Dual Liability Under Other Laws
Clarifies that a person can face legal action under the IT Act and also under other applicable laws simultaneously for the same act.
Section 77A – Compounding of Offenses
Allows certain IT Act offenses (except severe ones) to be settled through mutual agreement in court, reducing the burden of prolonged litigation.
Section 77B – Bailable Offenses for Minor Cybercrimes
States that offenses under the IT Act carrying punishment of three years or less are considered bailable, making the legal process smoother for minor infractions.
Section 78 – Investigating Authority
Specifies that only a police officer of at least Inspector rank can investigate offenses under the IT Act, ensuring proper scrutiny and seriousness in handling cybercrimes.
Popular Case Laws
Syed Asifuddin Case: ESN Tampering Invokes IT Act
In the Syed Asifuddin case, Tata Indicom employees faced arrest for manipulating the Electronic Serial Number (ESN) programmed into mobile phones. These phones were exclusively franchised to Reliance Infocom. The court ruled that tampering with the source code falls under Section 65 of the Information Technology Act. This section deals with altering or destroying computer source code with fraudulent intent.
Parliament Attack Case: Digital Evidence Key in Terror Conviction
On 13 December 2001, terrorists attacked the Indian Parliament. Digital evidence played a crucial role in convicting the accused. The suspects argued that computer data could be easily tampered with and should not be trusted.
Investigators recovered laptops and storage devices from a truck in Srinagar based on suspect disclosures. The laptop contained fake ID templates, video clips of political leaders from news broadcasts, and the Ministry of Home Affairs car sticker design. It also had a game titled “Wolf Pack” with the user name ‘Ashiq,’ matching a name used on a fake ID.
No data backup existed, and the defense challenged the digital evidence’s reliability in court. However, the court accepted it, emphasizing the role of digital forensics in national security cases.
How Did The Shreya Singhal Case Impact Section 66A Of The IT Act?
This landmark verdict came in response to the Shreya Singhal v. Union of India case. Shreya Singhal, a law student, filed a public interest litigation after two girls were arrested for a Facebook post. The case challenged the constitutional validity of Section 66A. The Court ruled in her favor, striking down the provision and strengthening digital free speech in India.
On March 24, 2015, the Supreme Court struck down Section 66A of the IT Act. It ruled that the section violated Article 19(1)(a) of the Indian Constitution, which protects freedom of speech and expression.
The Court found the law too vague and broad. It caused a chilling effect on free speech. Authorities often misused it to silence political dissent and social commentary. Arbitrary arrests under the section were common.
Terms like “offensive” and “menacing” lacked clear definitions. This gave excessive power to the authorities. The Court stressed that any law limiting speech must be clear and precise.
The judgment set a strong legal precedent. It highlighted the need for narrow and specific laws when restricting speech. It also reinforced the importance of protecting fundamental rights.
Conclusion
The IT Act plays a big role in today’s digital age. It protects users, ensures online responsibility, and punishes cybercriminals. As technology evolves, knowing your digital rights and the laws that guard them becomes more important than ever.
