Offences and Penalties under Technology Act

This is where the Information Technology Act of 2000 comes into the picture. The Act defines various offences related to breach of data and privacy of an individual and provides punishment or penalties for them. It also talks about intermediaries and regulates the power of social media. With the advancement of technology and e-commerce, there has been a tremendous increase in cyber crimes and offences related to data and authentic information. Even the data related to the security and integrity of the country was not safe, and so the government decided to regulate the activities of social media and data stored therein. 

the rise of technology and electronic commerce has led to a surge in cybercrimes and data-related offences in India. As per the latest news by a renowned paper house, the cybercrime cases increased from 3,693 in 2012 to 65,893 in 2022, recording the highest spike rate. The situation became alarming as even data crucial to national security and integrity was at risk. In response, the government opted to regulate activities on electronic mediums and the data stored therein.

Offences and Penalties under Technology Act

Background of Information Technology Act, 2000

The United Nations Commission on International Trade Law in 1996 adopted a model law on e-commerce and digital intricacies. It also made it compulsory for every country to have its own laws on e-commerce and cybercrimes. In order to protect the data of citizens and the government, the Act was passed in 2000, making India the 12th country in the world to pass legislation for cyber crimes. It is also called the IT Act and provides the legal framework to protect data related to e-commerce and digital signatures. It was further amended in 2008 and 2018 to meet the needs of society. The Act also defines the powers of intermediaries and their limitations

Schedule of Information Technology Act, 2000

The Act is divided into 13 chapters, 90 sections and 2 schedules. The following are the chapters under the Act:

  • Chapter 1 deals with the applicability of the Act and definitions of various terminologies used in the Act. 
  • Chapter 2 talks about digital and electronic signatures. 
  • Electronic governance and electronic records are given under Chapters 3 and 4 respectively. 
  • Chapter 5 is related to the security of these records and Chapter 6 deals with regulations of certifying authorities. 
  • Chapter 7 further gives the certificates needed to issue an electronic signature. 
  • Chapter 8 gives the duties of subscribers and Chapter 9 describes various penalties. 
  • Chapter 10 provides sections related to the Appellate Tribunal. 
  • Chapter 11 describes various offences related to breach of data and their punishments. 
  • Chapter 12 provides the circumstances where the intermediaries are not liable for any offence or breach of data privacy. 
  • The final chapter, i.e., Chapter 13 is the miscellaneous chapter. 

The 2 schedules given in the Act are:

  • Schedule 1 gives the documents and data where the Act is not applicable. 
  • Schedule 2 deals with electronic signatures or methods of authentication. 

Applicability of Information Technology Act, 2000

According to Section 1, the Act applies to the whole country, including the state of Jammu and Kashmir. The application of this Act also extends to extra-territorial jurisdiction, which means it applies to a person committing such an offence outside the country as well. If the source of the offence, i.e., a computer or any such device, lies in India, then the person will be punished according to the Act irrespective of his/her nationality. 

The Act, however, does not apply to documents given under Schedule 1. These are:

  • Any negotiable instrument other than a cheque as given under Section 13 of the Negotiable Instruments Act, 1881.
  • Any power of attorney according to Section 1A of the Powers of Attorney Act, 1882.
  • Any sort of trust according to Section 3 of the Indian Trusts Act, 1882.
  • Any will including testamentary disposition given under the Indian Succession Act, 1925. 
  • Any contract or sale deed of any immovable property. 

Objectives of Information Technology Act, 2000

  • The Act seeks to protect all transactions done through electronic means. 
  • E-commerce has reduced paperwork used for communication purposes. It also gives legal protection to communication and the exchange of information through electronic means. 
  • It protects the digital signatures that are used for any sort of legal authentication. 
  • It regulates the activities of intermediaries by keeping a check on their powers. 
  • It defines various offences related to data privacy of citizens and hence protects their data.
  • It also regulates and protects the sensitive data stored by social media and other electronic intermediaries.
  • It provides recognition to books of accounts kept in electronic form regulated by the Reserve Bank of India Act, 1934. 

The Amendment at a Glance

  • Laid emphasis on data privacy and information security.
  • Defined cyber-café.
  • Classified digital signatures as technology neutral.
  • Defined the security process to be followed by a corporate.
  • Redefined the role of intermediaries.
  • Recognized the role of Indian Computer Emergency Response Team.
  • Made way for inclusion of crimes such as child pornography and cyber terrorism.
  • Vested an Inspector with the rights of investigating cyber-crimes. The role was previously donned by a DSP (Deputy Superintendent of Police).

Information Technology Act, 2000: Offences and Penalties

Section 43 – Penalty for Damages

On a lighter note, any person damaging the computer (or its network) of the owner or any other person-in-charge would be forced to remit a penalty and compensation to the person so affected.

Section 44 – Documentation and Reporting

  • Any person not furnishing the required documents, returns or report to the controller or certifying authority would be liable to remit a penalty of up to INR 1,50,000.
  • If a person fails to furnish any information, books or other documents within the prescribed time-frame, then he/she would be imposed with a penalty of INR 5,000 for each day of the default.
  • If a person doesn’t maintain the books of accounts or other records, he/she would be forced to remit a penalty of INR 10,000 per day.

Section 65 – Manipulating Source Document

Any person who deliberately tampers, destroys, conceals or alters any computer source document intentionally would be liable for penal charges amounting to Rs. 2,00,000 and/or imprisonment of up to three years.

Section 66 – Dishonesty and Fraudulence

Any person committing dishonesty and fraudulence under the Act as specified in Section 43 above would be forced to remit a penalty of up to INR 5,00,000 and/or imprisonment of up to three years. On similar lines:

  • Section 66B of the Act states that any person who dishonestly or fraudulently receives/retains any stolen computer resource or communication device would be required to remit a penalty of INR 1,00,000 and/or imprisonment of up to three years.
  • Section 66C of the Act states that any person who dishonestly or fraudulently employs the electronic signature, password or any other unique identification feature of another person would be required to remit a penalty of up to INR 1,00,000 and/or imprisonment of up to three years.
  • Section 66D states that any person who dishonestly or fraudulently personates through any communication device or computer resource would be forced to remit a penalty of INR 1,00,000 or lesser, which could be added or replaced by an imprisonment term of three years.
  • Section 66E states that any person who deliberately captures, publishes or transmits the image of a private area of a person without his/her consent would be slapped a penalty of not more than INR 2,00,000, which could be replaced or added with an imprisonment period of three years or less.
  • Section 66F states that any person who fails to act electronically or threatens the unity, integrity, security or sovereignty of the country would be imprisoned for life.

Section 67 – Electronic Publishing or Transmission

Any person who electronically transmits any material which appeals to unhealthy interest, or is likely to deprave and corrupt any other who may refer to the information provided in it, would be forced to remit a penalty of not more than INR 5,00,000. The penalty could be added or replaced by a period of imprisonment of up to three years. If convicted again on the same grounds, the concerned individual would be levied with a penalty of up to INR 10,00,000, which again, could be added or replaced by a term of imprisonment of up to five years.

On the same page, Section 67A coveys that any person who electronically publishes or transmits any content which may not be unhealthy but consists of any sexually explicit act or conduct, he/she would be liable to remit a penalty of not more than INR 10,00,000, which could be replaced or added with a five-year imprisonment term. Repeated offences of such kind may result in a similar penalty, with an imprisonment term that could scale up to seven years.

Section 68 – Powers if the Controller

The Controller may order a Certifying Authority or any employee of such authority to cease the performance of any activities as stated in the order. Any person who deliberately contravenes with such an order is bound to pay a penalty of INR 1,00,000, which could be added or replaced with a term of imprisonment of two years or less.

Section 69 – Powers of the Government

The Central or State Government, in the best interests of the nation, may order any agency to monitor or decrypt any information generated, transmitted, received or stored in any computer resource. Any non-compliance with such order could result in imprisonment of seven years and a fine as determined by the authorities.

Section 70 – Declaration a Protected System

The Governments concerned is vested with the rights of declaring any computer resource, which affects the facility of Critical Information Infrastructure, as a protected system. Non-compliance with this notification, which as per rules would be published in the Official Gazette, would lead to a period of imprisonment of ten years and a fine so determined by the authorities.

Section 71 – Misrepresentation or Suppression

This section is applicable for any person who makes any misrepresentation of information or suppresses any material facts from the Controller or the Certifying Authority with the intention of obtaining any License or Electronic Signature Certificate. The Act explicitly states that such individuals would be forced to remit a penalty of up to INR 1,00,000; as an addition or replacement to which, a period of imprisonment which numbers to not more than two years would be applicable.

Section 72 – Provisions of Secured Access

This provision applies to any person with secured access to any electronic record, book, register, correspondence, information, document or other material. The Act states that if such a person reveals the details of such documents to any other person without the consent of the person concerned, then he/she would be forced to remit a penalty of INR 1,00,000; which could be added or replaced by a term of imprisonment which is not more than two years.

On the other hand, if any person indulges in such acts with the intent of causing wrongful loss or wrongful gain disclosures, then the range of penalty imposable goes up to INR 5,00,000, and that of imprisonment to three years.

Section 73 and 74 – Publishing of Certificate

The provisions of Section 73 would apply to a person who publishes an Electronic Signature Certificate or makes it available to any other person knowing that the Certifying Authority hasn’t issued it, the subscriber hasn’t accepted it, or the certificate has been revoked or suspended. The Act states that such a person would be forced to remit a penalty of up to INR 1,00,000; which could be added or replaced by imprisonment for a term of two years.

On the other hand, Section 74 states that any person who deliberately creates, publishes or otherwise makes available Electronic Signature Certificate for any fraudulent or unlawful purpose would be imposed with a penalty of up to INR 1,00,000; which could be added or replaced with an imprisonment of not more than two years.

Section 75 – Offence or Contravention Outside India

Any person who has committed any offence or contravention outside India involving a computer, computer system or computer network located in India would qualify for the penal provisions of the Act, irrespective of his/her nationality.

Section 76 – Provision of Confiscation

Section 76 of the Act states that any non-compliances concerned with the provisions of a computer, computer system, floppies, compact disks, tape drives or any other relevant accessories could result in the confiscation of such accessories. However, proving that such accessories weren’t employed in committing any fraud may abate any instance of arrests.

Landmark judgment on Information Technology Act, 2000

Shreya Singhal v. Union of India (2015)

Facts

In this case, 2 girls were arrested for posting comments online on the issue of shutdown in Mumbai after the death of a political leader of Shiv Sena. They were charged under Section 66A for posting the offensive comments in electronic form. As a result, the constitutional validity of the Section was challenged in the Supreme Court stating that it infringes upon Article 19 of the Constitution. 

Issue 

Whether Section 66A is constitutionally valid or not?

Judgment 

The Court, in this case, observed that the language of the Section is ambiguous and vague, which violates the freedom of speech and expression of the citizens. It then struck down the entire Section on the ground that it was violative of Article 19 of the Constitution. It opined that the Section empowered police officers to arrest any person whom they think has posted or messaged anything offensive. Since the word ‘offensive’ was not defined anywhere in the Act, they interpreted it differently in each case. This amounted to an abuse of power by the police and a threat to peace and harmony.

FAQs

What is the main purpose of the Information Technology Act, 2000?

The aim of the Act is to :

  • Protect all the transactions done through electronic means.
  • Recognise the digital signatures that are used for any sort of legal authentication. 
  • Regulate the activities of intermediaries and protect citizens from cybercrime.
What will happen if any of the offences given in the Act is committed by a company?

According to Section 85 of the Act, if any of the offences is committed by a company, then all the people involved in the commission of the offence shall be liable and proceedings will be initiated against them.

Practice area's of B K Goyal & Co LLP

Most read resources