The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) is an Act of the Indian Parliament (No 21 of 2000) enacted at 09 June 2000 and notified on 17 October 2000.
It is the primary law in India dealing with cybercrime and electronic commerce. The laws apply to the whole of India. Persons of other nationalities can also be indicted under the law, if the crime involves a computer or network located in India.
A major amendment was made in 2008. It introduced the Section 66A which penalized sending of "offensive messages".
It also introduced the Section 69, which gave authorities the power of "interception or monitoring or decryption of any information through any computer resource".
It also introduced for child porn, cyber terrorism and voyeurism. It was passed on 22 December 2008 without any debate in Lok Sabha. The next day it was passed by the Rajya Sabha. It was signed into law by President Pratibha Patil, on 5 February 2009.
Offence – Tampering with computer source documents
Description – If a person knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force.
Penalty – Imprisonment up to three years, or/and with fine up to 200,000/-
Offence – Hacking with computer system
Description – If a person with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means, commits hack.
Penalty – Imprisonment up to three years, or/and with fine up to 500,000/-
Offence – Receiving stolen computer or communication device
Description – A person receives or retains a computer resource or communication device which is known to be stolen or the person has reason to believe is stolen.
Penalty – Imprisonment up to three years, or/and with fine up to 100,000/-
Offence – Using password of another person
Description – A person fradulently uses the password, digital signature or other unique identification of another person.
Penalty – Imprisonment up to three years, or/and with fine up to 100,000/-
Offence – Cheating using computer resource
Description – If a person cheats someone using a computer resource or communication.
Penalty – Imprisonment up to three years, or/and with fine up to 100,000/-
Offence – Publishing private images of others
Description – If a person captures, transmits or publishes images of a person's private parts without his/her consent or knowledge.
Penalty – Imprisonment up to three years, or/and with fine up to 200,000/-
Offence – Acts of cyberterrorism
Description – If a person denies access to an authorised personnel to a computer resource, accesses a protected system or introduces contaminant into a system, with the intention of threatening the unity, integrity, sovereignty or security of India, then he commits cyberterrorism.
Penalty – Imprisonment up to life.
Offence – Publishing information which is obscene in electronic form.
Description – If a person publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it.
Penalty – Imprisonment up to five years, or/and with fine up to 1,000,000/-
Offence – Publishing images containing sexual acts
Description – If a person publishes or transmits images containing a sexual explicit act or conduct.
Penalty – Imprisonment up to seven years, or/and with fine up to 1,000,000/-
Offence – Publishing child porn or predating children online
Description – If a person captures, publishes or transmits images of a child in a sexually explicit act or conduct. If a person induces a child into a sexual act. A child is defined as anyone under 18.
Penalty – Imprisonment up to five years, or/and with fine up to 1,000,000/- on first conviction. Imprisonment up to seven years, or/and with fine up to 1,000,000/- on second conviction.
Offence – Failure to maintain records
Description – Persons deemed as intermediatary (such as an ISP) must maintain required records for stipulated time. Failure is an offence.
Penalty – Imprisonment up to three years, or/and with fine.
Offence – Failure/refusal to comply with orders
Description – The Controller may, by order, direct a Certifying Authority or any employee of such Authority to take such measures or cease carrying on such activities as specified in the order if those are necessary to ensure compliance with the provisions of this Act, rules or any regulations made thereunder. Any person who fails to comply with any such order shall be guilty of an offence.
Penalty – Imprisonment up to three years, or/and with fine up to 200,000/-
Offence – Failure/refusal to decrypt data
Description – If the Controller is satisfied that it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, the security of the State, friendly relations with foreign Stales or public order or for preventing incitement to the commission of any cognizable offence, for reasons to be recorded in writing, by order, direct any agency of the Government to intercept any information transmitted through any computer resource. The subscriber or any person in charge of the computer resource shall, when called upon by any agency which has been directed, must extend all facilities and technical assistance to decrypt the information. The subscriber or any person who fails to assist the agency referred is deemed to have committed a crime.
Penalty – Imprisonment up to seven years and possible fine.
Offence – Securing access or attempting to secure access to a protected system
Description – The appropriate Government may, by notification in the Official Gazette, declare that any computer, computer system or computer network to be a protected system. The appropriate Government may, by order in writing, authorize the persons who are authorized to access protected systems. If a person who secures access or attempts to secure access to a protected system, then he is committing an offence.
Penalty – Imprisonment up to ten years, or/and with fine.
Offence – Misrepresentation
Description – If anyone makes any misrepresentation to, or suppresses any material fact from, the Controller or the Certifying Authority for obtaining any license or Digital Signature Certificate.
Penalty – Imprisonment up to three years, or/and with fine up to 100,000/-
The Information Technology Amendment Act, 2008 (IT Act 2008) is a substantial addition to India's Information Technology Act (ITA-2000). The IT Amendment Act was passed by the Indian Parliament in October 2008 and came into force a year later. The Act is administered by the Indian Computer Emergency Response Team.
Section 69A of the IT (Amendment) Act, 2008, allows the Central Government to block content where it believes that this content threatens the security of the State; the sovereignty, integrity or defence of India; friendly relations with foreign States; public order; or to prevent incitement for the commission of a cognisable offence relating to any of the above. A set of procedures and safeguards to which the Government has to adhere when doing so have been laid down in what have become known as the Blocking Rules.
Section 79 and the IT Rules: Privatising censorship in India
Section 79 of the Information Technology (Amendment) Act, 2008 regulates the liability of a wide range of intermediaries in India. The section came in the limelight mostly because of the infamous Intermediary Guidelines Rules, or IT Rules, which were made under it. The IT Rules constitute an important and worrying move towards the privatisation of censorship in India.
Section 66A: Do not send offensive messages
Section 66A of the Information Technology (Amendment) Act, 2008 prohibits the sending of offensive messages though a communication device (i.e. through an online medium). The types of information this covers are offensive messages of a menacing character, or a message that the sender knows to be false but is sent for the purpose of ‘causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or ill will.’ If you’re booked under Section 66A, you could face up to 3 years of imprisonment along with a fine.
To balance freedom of expression with other human rights is, at times, a difficult and delicate task. From hate speech to intermediary liability, we tease out and shed greater light on the various challenges that make this task particularly complicated, proposing ways forward that can further strengthen and promote the right to freedom of expression, in India and beyond, as well.
Cyber security and human rights
With the advent of new technology, new security threats have emerged for people, businesses and states. Oftentimes, responses to such threats, including states’ exercise of their unprecedented power to surveil their populations, have been criticised for their negative impact on human rights.