The Information Technology Act, 2000 (IT Act) is India’s primary legislation dealing with cybercrime and electronic commerce. It provides legal recognition for electronic transactions and aims to ensure secure digital communication in business and governance.
Objectives of the IT Act, 2000
The Act was enacted with the following primary objectives:
1. Legal Recognition of Electronic Transactions
The Act aims to provide legal validity to contracts and records formed through electronic means (e.g., emails, digital signatures).
Example: A purchase agreement made via email has legal validity under this Act.
2. Facilitate E-Governance and E-Commerce
It enables government services and business transactions to be conducted electronically, improving efficiency and accessibility.
3. Prevent Cybercrimes
The Act defines and penalizes cyber offences such as hacking, identity theft, and data theft.
4. Promote Digital Trust
By legalizing digital signatures and authentication mechanisms, the Act helps build trust in online communication.
5. Align with International Standards
The Act brings India’s cyber laws in line with global practices, especially the UNCITRAL Model Law on E-Commerce.
Provisions of the IT Act, 2000
The Act is comprehensive and covers various aspects of digital communication and cyber law. Below are its key provisions:
1. Legal Recognition of Electronic Records and Digital Signatures (Sections 4 to 10A)
The Act gives legal status to:
-
Electronic records (e.g., contracts, invoices)
-
Digital signatures (used for authentication)
Digital Signature: A cryptographic method to authenticate the identity of the sender and ensure data integrity.
Example: Signing a PDF contract using a digital signature is equivalent to signing a physical paper document.
2. Regulation of Certifying Authorities (Sections 17 to 34)
A Certifying Authority (CA) is an entity licensed to issue digital signature certificates.
The Act lays down:
-
The procedure to appoint CAs
-
Duties and responsibilities of CAs
-
Conditions for revoking a digital signature certificate
3. Cyber Offences and Penalties (Sections 43 to 66F)
The Act defines various cyber offences and prescribes civil and criminal penalties.
| Offence | Description | Penalty |
|---|---|---|
| Hacking (Sec. 66) | Unauthorized access to computer systems | Up to 3 years imprisonment or fine |
| Data theft (Sec. 43) | Downloading, copying, or extracting data without consent | Compensation to the affected party |
| Identity theft (Sec. 66C) | Fraudulent use of another person’s credentials | Up to 3 years and fine |
| Cyber terrorism (Sec. 66F) | Acts causing threat to national security via cyber means | Life imprisonment |
4. Adjudication and Cyber Appellate Tribunal (Sections 46 to 62)
The Act provides for the appointment of Adjudicating Officers to decide on cyber disputes involving damages up to ₹5 crore.
For appeals, a Cyber Appellate Tribunal is established.
5. Liability of Network Service Providers (Section 79)
Network intermediaries (e.g., ISPs, social media platforms) are not liable for third-party information hosted by them if:
-
They had no knowledge of the illegal content
-
They acted swiftly to remove it upon notification
This provision offers a “safe harbour” to intermediaries.
6. Offences by Companies (Section 85)
If a company commits a cyber offence:
-
The company is liable
-
Persons in charge (like directors or managers) are also held responsible unless they prove lack of knowledge or due diligence
7. Electronic Governance (Sections 6 to 9)
Government departments can:
-
Accept electronic records and digital signatures
-
Issue licenses, permits, and certificates electronically
This has facilitated the growth of e-governance platforms like DigiLocker, eSign, and online tax filing.
8. Amendments through IT (Amendment) Act, 2008
This amendment:
-
Introduced new offences like cyber terrorism, phishing, and cyberstalking
-
Replaced “digital signature” with the broader term “electronic signature”
-
Made provisions for data protection and privacy
Conclusion
The Information Technology Act, 2000 plays a vital role in establishing a legal framework for electronic transactions and cybersecurity in India. By addressing cybercrimes, enabling digital signatures, and supporting e-governance, the Act ensures a secure environment for businesses and individuals in the digital economy. For UGC NET Commerce aspirants, a clear understanding of this Act is essential to appreciate the legal aspects of modern business operations.