What are Cyber Laws in India?

What are Cyber Laws in India?

Date : 26 Mar, 2021

Post By Advocate Chandni Joshi

Cyber laws are laws that regulate cyberspace; it regulates transactions and activities on the internet. India is the second-largest user of the internet in the world lacks dedicated cybersecurity law. In India, cybersecurity and legislation are contained in the Information Technology Act 2000 called the IT Act, and in the supporting rules and regulations. The act was created by redrafting the eCommerce Act 1998, which was enacted by conceptualizing with model law of the United Nations. 

The IT act provides legal recognition to transactions done through electronic means of communication and through electronic data interchange. The act consists of provisions for securing digital data and information thereby avoiding illegal use of a computer system. The act deals with filing documents to government bodies through electronic modes instead of paper-based methods of communication.

Consult the best lawyer online

The act deals with offences within India and applies to persons committing offences outside India. The IT act amended the Indian Evidence Act, the Indian Penal Code, the Reserve Bank of India Act, the Bankers Books Evidence Act, and related provisions. The increased rate of electronic transactions and data interchange has made people and companies vulnerable to cybercrimes. There is no proper definition of the word cyber crime in Indian laws. There is only an elaborate description of certain acts and punishments. 

The term cybercrime as such is not defined in the IT act and other laws. Thus it is an illegal act targeting computer networks and data handled by them through electronic methods. Instead of cybercrimes, various offences are specifically envisaged in the IT Act 2000  known as cyber offenses they are illegal acts carried out in an advanced manner that targets a computer network. 

Cyber offences envisaged under the IT act are Tampering with the computer source documents, Hacks the computer systems, Publishing of electronic form of obscene content, Power of Controller to give directions, Directions to decode information by subscribing extend facilities, Protected system, Punishment for misrepresentation, Imposing fine for violating confidentiality and privacy, Punishing for Digital Signature Publishing Certificate false in certain particulars, Publishing to commit fraud, Act also applies for violations purported outside India, Confiscation, Power to enquire into offences. All the offences are defined in specific sections under the act, which we will discuss further.

In addition to this certain rules are constituted under the act of 2000 :

  1. The  SPDI rules of 2011, that are the Information Technology Rules (Reasonable security practices and procedures and sensitive personal data or information).

  2. The 2018 Information Technology Rules (Information Security Practices and Procedures for Protected System) known as the protected system rules.

  3. The 2011 Information Technology Rules, 2011 also known as the intermediaries guidelines rules.

The SPDI rules of 2011 prescribe practices and procedures which are reasonable to be observed for collecting and processing personal or sensitive personal data. The Information Technology (Information Security Practices and Procedures for Protected System) Rules 2018 (the Protected System Rules) lays down specific information security measures to be followed by organizations having protected systems, as defined under the IT Act.

The Intermediaries Guide Rules of 2011 in which the provisions of the rules prescribe reasonable security practices and procedures to be employed for securing computer resources and information. An intermediary is a person who receives, retains, and transmits information on others behalf. 

The computer emergency Response Team (CERT-In) a nodal agency formed with the responsibility for the surveillance of cyber incidents and for taking immediate action to contain such situations. It is an agency constituted in line with the IT Rules 2013 known as the CERT rules.

In addition to this, the rules and regulations that regulate cyberspace are contained in the Indian Penal Code 1860, Companies (Management and Administration) Rules 2014 and in other sector-specific regulations issued by regulators.

There are many provisions in the IPC and the IT Act that overlap with each other. They penalize cyber-crimes and contain many provisions in the IPC and the IT Act that relate to each other. The IPC prescribes punishment for cyber offences such as cheating, defamation, criminal intimation, and obscenity.

 The Companies (Management and Administration) Rules 2014 constituted by the Companies Act 2013 directs companies to ensure that electronic records and security systems are secure from unauthorized access and tampering.

In addition to all this, there are sector-specific regulations framed by regulators in sectors such as banks, insurance companies, telecoms service providers, and listed entities. Which are framed by the respective regulators such as the Reserve Bank, the Department of Telecommunication (DOT), and the Securities Exchange Board of India the Insurance Regulatory and Development Authority of India Act 1999.

All these rules and regulations are intended to establish healthy and secure cyberspace as technology advances and reliance on digital platforms increases. It is obvious that a major step in this direction is the enactment of the Information Technology Act 2000 in accordance with the United Nations Commissions on International Trade Law (UNCITRAL) model law. The United Nations Commission on International Trade Law urges the countries to enact suitable legislation. It accordingly enacted a Model Law for E-Commerce in 1996. The IT act 2000 lays down cyber offences penalize them and makes them punishable. The classes of offences are:

The IT act 2000 lays down cyber offences penalize them and makes them punishable. The classes of offences are:

  1. Tampering with the computer source documents: IT Act section 65 deals with tampering of computer source documents. According to this section whoever tampers with computer source documents shall be punishable with imprisonment up to three year, or with fine which may extend up to two lakh rupees, or with both

  1. Hacking with the computer system: Section 66 deals with hacking with computer systems, according to this section, whoever commits hacking shall be punished with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both.

  1. Publishing obscene information in electronic form: Section 67 deals with the publishing information that is obscene in electronic form, according to section 67, whoever publishes or transmits or causes to be published in the electronic form on the first time will be punished with imprisonment for a term of five years and with fine and for second-time imprisonment for ten years with fine extend to two lakh rupees.

  1. Power of Controller to give directions: Section 68 deals with the power of controller to give directions, according to this section, any person who fails to comply with any order under sub-section (1) shall be guilty of offence will be punished with three years imprisonment and fine

  1. Direction to subscribers to facilitate decrypt information: If it is necessary for the interest of the nation it may allow the Government to intercept any information transmitted through any computer resource.

  1. Protected system: Section 70 deals with protected systems, according to section 70, any person who secures access or attempts to secure access to a protected system in contravention of the provision of the act shall be punishable with ten years imprisonment and fine.

  2. Penalty for misrepresentation: Section 71 prescribed punishment for misrepresentation with two years imprisonment and fine rupees, or with both.

  3. Penalty for breach of confidentiality and privacy: Section 72 deals with the penalty for breach of confidentiality and privacy, according to this section who breach confidentiality and privacy shall be punished with imprisonment for a term which may extend to two years, or with a fine which may extend to one lakh rupees, or with both.

  4. Penalty for publishing Certificate false in certain particulars: Section 73 states that, Any person who publishes Certificate false in certain particulars shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.

  5. Publication for fraudulent purpose: Section 74 deals with publication for a fraudulent purpose which prescribes punishment with imprisonment for a term which may extend to two years, or with fine which extends to one lakh rupees, or with both.

  6. Act to apply for offence or contravention committed outside India:  Section 75 deals with the offences or contravention committed outside India by any person irrespective of his nationality.

  7. Confiscation: Section 76 deals with confiscation, Anything related to the provisions of this Act, rules, and regulations framed there if contravened is liable to confiscation.

  8. Penalties or confiscation not to interfere with other punishments: The penalties and codification under the will not interfere with punishment  the time being in force given under Section 77.

  9. Power to investigate offenses: The act gives the power to Investigate offences to the government under Section 78 of the Act.

These are the offences that are made penalized and punishable under the IT act 2000. It is clear that the IT Act needs to be amended as the scope and reach of threats to cyberspace have increased. Still, many offences need to be included within the scope of the IT act and should make cyber law regulation up to date and capable of dealing with emerging threats.


Get in touch with the best lawyer online 


 How to register a complaint against cybercrime

As we have discussed various offences enumerated under the act it is important to know how to register an offence under the Act. Proper reporting of offences can to a great extent help in avoiding future offences and helps to keep track of the offenders. In case of the occurrence of cybercrime, one has to register a complaint in writing to the nearest cyber cell. A cyber complaint can be made to any cyber cell in India irrespective of the place of occurrence. While filing a complaint a person is required to provide his name, contact details, and address for mailing. The complaint should be addressed to the head of the cyber cell of the city.

Online harassment complaints can be reported with help of legal counsel. While making such a complaint certain needs to be submitted if required according to the nature of the crime. 

Other than a cyber cell a complaint can be made to the nearest police station if making a complaint to the cyber cell is not possible. A complaint can also be made to a Judicial Magistrate. Cyber offences under the IPC can be registered at the nearest police station. 

If you found this blog to be informative subscribe to our page. We keep posting such enlightening articles which are useful in the day-to-day life of people. Anyone can use Lawtendo which connects clients with qualified lawyers in the courts of any city in India.

Comment on Blog

Get Free Response


Consult a Lawyer Now