Introduction
Section 66C of the Information Technology Act, 2000, directly addresses the issue of identity theft in the online world. The provision declares that anyone who fraudulently or dishonestly uses another person’s electronic signature, password, or any unique identification feature will face legal punishment. The law provides for imprisonment of up to three years. It also allows for a fine that may extend to one lakh rupees. In simple terms, the law makes it a crime to impersonate another person in the digital space. Using someone else’s digital credentials without consent amounts to identity theft. The legislature designed this section to protect individuals from cybercriminals who exploit sensitive information for unlawful purposes.
Exact Text of Section 66C IT Act, 2000
“Whoever, fraudulently or dishonestly makes use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.”
Section 66C
Whoever, fraudulently or dishonestly makes use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.
Section 66C deals with identity theft in the digital world. It makes it a crime to use another person’s electronic signature, password, or unique ID (like Aadhaar details, PAN, or login credentials) without permission.
- If someone pretends to be you online by using your password or signature, it is identity theft.
- The law says this act must be done fraudulently (with bad intention) or dishonestly (for wrongful gain or loss to another).
- The punishment can go up to 3 years in jail.
- The offender may also have to pay a fine up to ₹1 lakh.
Why Is Section 66C Important in Today’s World?
The importance of this provision has increased with the rise of online transactions, mobile banking, and social media. Every individual now relies heavily on digital tools for communication, shopping, payments, and professional interactions. As more people share personal data online, cybercriminals find new ways to misuse that information. Identity theft cases have become frequent across India. Victims often face fraudulent financial transactions, harassment, or reputational harm. Section 66C ensures that offenders face strict consequences, and it acts as a deterrent for potential misusers of digital identity.
What Happens If Someone Misuses Your Digital Identity?
If a person misuses another’s electronic signature, password, or digital ID, the law treats it as a serious cybercrime. The offender may face imprisonment for up to three years. Along with jail time, the court may also impose a fine that can extend to one lakh rupees. The punishment highlights that identity theft is not a minor offense. It affects financial security, personal privacy, and trust in digital systems. Individuals must remain cautious while sharing sensitive data. Using another person’s credentials without consent is never permissible under law.
How Has Section 66C Been Applied in Real Cases?
Several cases show how Section 66C operates in practice. In July 2017, Pune police registered an FIR against a fake social media profile of state minister Girish Bapat. The impersonator used the account to share obscene content. The police filed the case under IPC Section 500 and Section 66C of the IT Act at Bund Garden police station. The matter revealed how impersonation could damage a public figure’s reputation and spread false information.
Another case involved the comedy group AIB. On May 17, 2017, AIB released a video titled If Apps Were People. At 4:34 minutes into the video, a character mentioned a phone number. Unfortunately, the number matched Rohina Chhabra’s personal number from Jaipur. Soon after, she received continuous spam calls. The incident caused harassment and privacy violation. An FIR was registered against AIB members in July 2017, and the police booked the case under Section 66C. This example shows that even unintentional disclosure of private information can lead to serious consequences.
How Did WhatsApp Hacking Lead to Arrests?
Identity theft is not limited to social media or accidental leaks. In June 2017, Nashik police investigated several complaints of WhatsApp account hacking. Victims reported unauthorized access to their accounts. The cybercrime team traced the crime to Diptesh Salecha, a student from Rajasthan. The police arrested him for hacking 31 WhatsApp accounts. The case highlighted how digital identity theft can extend to messaging apps and disrupt personal communication. Section 66C provided the legal basis for punishing the hacker.
What Happened in the Case of Kareena Kapoor’s IT Account?
In January 2017, Mumbai cyber police arrested a 26-year-old paramilitary man. He hacked actress Kareena Kapoor’s Income Tax account to obtain her mobile number. He wanted to speak to her directly, and he misused her digital credentials for that purpose. The police charged him with impersonation and identity theft under the IT Act. This case demonstrated how even celebrities are vulnerable to such crimes. Unauthorized access to government-linked accounts represents a grave misuse of digital identity.
How Did a Senior Citizen Become a Victim of Phone Fraud?
In May 2017, a senior citizen from Mumbai lost ₹71,000 to a scam. A woman posed as a bank executive and requested his debit card details. He shared the information, believing it was a genuine call. Immediately after, the fraudster debited money from his account. Even though the bank issued alerts, the victim still lost his savings. This case illustrated how fraudsters exploit trust and lack of awareness among citizens. Section 66C plays a crucial role in punishing such crimes, but prevention through awareness is equally important.
What Are the Broader Implications of Section 66C?
The broader implication of Section 66C lies in protecting digital trust. Citizens must feel safe while using online services. When cybercriminals misuse identity data, the entire digital ecosystem suffers. People may hesitate to adopt online banking or e-commerce if they fear scams. Strict enforcement of Section 66C creates accountability and reassures users. It also compels companies, platforms, and banks to strengthen their cybersecurity measures. By holding offenders accountable, the law helps prevent large-scale misuse of digital identities.
How Can Individuals Protect Themselves from Identity Theft?
While Section 66C provides legal remedies, prevention is equally important. Individuals should avoid sharing passwords, OTPs, or sensitive numbers over calls or messages. They must also verify the authenticity of emails and phone calls claiming to be from banks or government agencies. Using strong passwords, enabling two-factor authentication, and regularly updating digital security settings reduces the chances of hacking. Reporting suspicious activity at the earliest stage helps law enforcement act quickly.
For any specific query call at +91 – 8569843472
Conclusion
Section 66C of the IT Act acts as a shield against identity theft in India. It criminalizes the fraudulent use of another person’s electronic signature, password, or unique identification feature. The law prescribes imprisonment up to three years and a fine up to one lakh rupees. Real cases show how this section protects ordinary citizens, public figures, and even celebrities from digital impersonation and fraud. Identity theft leads to financial losses, emotional distress, and reputational damage. Strict enforcement of Section 66C is necessary to build confidence in digital platforms. Awareness, quick reporting, and responsible online behavior can strengthen digital safety. A secure digital environment ensures that citizens can continue to rely on online services without fear of misuse.
