The document outlines the Information Technology Act of 2000, which provides legal recognition for electronic transactions and establishes various offenses related to cybercrime, digital signatures, and electronic records. It details offenses and penalties, such as hacking, identity theft, and publishing obscene materials, alongside the establishment of authorities such as the Controller of Certifying Authorities. The Act aims to enhance cybersecurity and regulate electronic governance while defining the roles and responsibilities of various entities involved in the certification and regulation of digital signatures.

1. Prakhar Prasoon
M.Sc Forensic Science
Bundelkhand University

2. INFORMATION TECHNOLOGY, 2000
• Introduction
• Offences under IT Act
• Penalties under IT Act
• Digital and Electronic signature
• Offences and analysis related with digital and electronic
signature
• Statutory provisions
• Establishment of authorities, their functions and powers

3. Introduction
▪ provide legal recognition for transactions carried out by means of
electronic data interchange and other means of electronic
communication
▪ Introduced by Pramod Mahajan, Minister of
Communications and InformationTechnology

4. Why?
▪ Model Law on Electronic Commerce adopted by the United Nations
Commission on InternationalTrade Law dated the 30th January, 1997
▪ the said resolution recommends that all States give favourable
consideration to the said Model Law when they enact or revise their laws

5. Chapters in IT Act, 2000
CHAPTER I PRELIMINARY
CHAPTER I I DIGITAL SIGNATURE AND ELECTRONIC SIGNATURE
CHAPTER III ELECTRONIC GOVERNANCE
CHAPTER IV ATTRIBUTION, ACKNOWLEDGEMENT AND DESPATCH OF ELECTRONIC RECORDS
CHAPTERV SECURE ELECTRONIC RECORDS AND SECURE ELECTRONIC SIGNATURE
CHAPTERVI REGULATION OF CERTIFYING AUTHORITIES
CHAPTERVII ELECTRONIC SIGNATURE CERTIFICATES
CHAPTERVIII DUTIES OF SUBSCRIBERS
CHAPTER XI PENALTIES, COMPENSATION AND ADJUDICATION
CHAPTER X THE APPELLATETRIBUNAL
CHAPTER XI OFFENCES
CHAPTER XII INTERMEDIARIES NOT TO BE LIABLE IN CERTAIN CASES
CHAPTER XIIA EXAMINER OF ELECTRONIC EVIDENCE
CHAPTER XIII MISCELLANEOUS

6. Offences under IT ACT, 2000
▪ 65.Tampering with computer source documents.
▪ 66. Computer related offences.
▪ 66A. Punishment for sending offensive messages through communication service, etc.
▪ 66B. Punishment for dishonestly receiving stolen computer resource or communication
device.
▪ 66C. Punishment for identity theft.
▪ 66D. Punishment for cheating by personation by using computer resource.
▪ 66E. Punishment for violation of privacy.
▪ 66F. Punishment for cyber terrorism.

7. Offences under IT ACT, 2000
▪ 67. Punishment for publishing or transmitting obscene material in electronic form.
▪ 67A. Punishment for publishing or transmitting of material containing sexually explicit
act, etc., in electronic form.
▪ 67B. Punishment for publishing or transmitting of material depicting children in sexually
explicit act, etc., in electronic form.
▪ 67C. Preservation and retention of information by intermediaries.
▪ 68. Power of Controller to give directions.

8. Offences under IT ACT, 2000
▪ 69. Power to issue directions for interception or monitoring or decryption of any
information through any computer resource.
▪ 69A. Power to issue directions for blocking for public access of any information through
any computer resource.
▪ 69B. Power to authorise to monitor and collect traffic data or information through any
computer resource for cyber security.
▪ 70. Protected system.
▪ 70A. National nodal agency.
▪ 70B. Indian Computer Emergency ResponseTeam to serve as national agency for
incident response.
▪ 71. Penalty for misrepresentation.

9. Offences under IT ACT, 2000
▪ 72. Penalty for Breach of confidentiality and privacy.
▪ 72A. Punishment for disclosure of information in breach of lawful contract.
▪ 73. Penalty for publishing electronic signature Certificate false in certain particulars.
▪ 74. Publication for fraudulent purpose.
▪ 75. Act to apply for offence or contravention committed outside India.
▪ 76. Confiscation.
▪ 77. Compensation, penalties or confiscation not to interfere with other punishment.
▪ 77A. Compounding of offences.
▪ 77B. Offences with three years imprisonment to be bailable.
▪ 78. Power to investigate offences.

10. Penalties under IT ACT, 2000
65.Tampering with computer source documents
If a person knowingly or intentionally conceals, destroys or alters any computer source
code used for a computer, computer programme, computer system or computer network
when the computer source code is required to be kept or maintained by law for the
time being in force.
Penalty:
Imprisonment up to three years, or/and with fine up to ₹200,000

11. Penalties under IT ACT, 2000
66. Hacking with computer system
If a person intentionally cause wrongful loss or damage to the public, destroys or
deletes or alters any information residing in a computer resource or diminishes its
value or utility or affects it injuriously by any means, commits hack.
Penalty:
Imprisonment up to three years, or/and with fine up to ₹500,000

12. Penalties under IT ACT, 2000
66A. Publishing offensive, false or threatening information
Any person who sends by any means of a computer resource any information that is
grossly offensive or has a menacing character for the purpose of causing annoyance,
inconvenience, danger, obstruction.
Penalty:
Imprisonment up to three years, with fine.

13. Penalties under IT ACT, 2000
66A. Publishing offensive, false or threatening information
Any person who sends by any means of a computer resource any information that is
grossly offensive or has a menacing character for the purpose of causing annoyance,
inconvenience, danger, obstruction.
Penalty:
Imprisonment up to three years, with fine.

14. Penalties under IT ACT, 2000
66B. Receiving stolen computer or communication device
A person receives or retains a computer resource or communication device which is
known to be stolen or the person has reason to believe is stolen.
Penalty:
Imprisonment up to three years, or/and with fine up to ₹100,000

15. Penalties under IT ACT, 2000
66C. Using password of another person
A person fraudulently uses the password, digital signature or other unique
identification of another person.
Penalty:
Imprisonment up to three years, or/and with fine up to ₹100,000

16. Penalties under IT ACT, 2000
66D. Cheating using Computer Resource
If a person cheats someone using a computer resource or communication.
Penalty
Imprisonment up to three years, or/and with fine up to ₹100,000

17. Penalties under IT ACT, 2000
66E. Publishing private images of others
If a person captures, transmits or publishes images of a person’s private parts without
his/her consent or knowledge.
Penalty
Imprisonment up to three years, or/and with fine up to ₹200,000

18. Penalties under IT ACT, 2000
66F. Acts of cyberterrorism
If a person denies access to an authorized personnel to a computer resource, accesses
a protected system or introduces contaminant into a system, with the intention of
threatening the unity, integrity, sovereignty or security of India, then he commits
cyberterrorism.
Penalty
Imprisonment up to life.

19. Penalties under IT ACT, 2000
67. Publishing information which is obscene in electronic form.
If a person publishes or transmits in the electronic form, any material which is
lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave
and corrupt persons who are likely, to read, see or hear the matter contained or
embodied in it.
Penalty
Imprisonment up to five years, or/and with fine up to ₹1,000,000

20. Penalties under IT ACT, 2000
67A. Publishing images containing sexual acts
If a person publishes or transmits images containing a sexual explicit act or conduct.
Penalty
Imprisonment up to seven years, or/and with fine up to ₹1,000,000

21. Penalties under IT ACT, 2000
67B. Publishing child porn or predating children online
If a person captures, publishes or transmits images of a child in a sexually explicit act
or conduct. If a person induces a child into a sexual act. A child thus defined as anyone
under 18.
Penalty
Imprisonment up to five years, or/and with fine up to ₹1,000,000 on first conviction.
Imprisonment up to seven years, or/and with fine up to ₹1,000,000 on second
conviction.

22. Penalties under IT ACT, 2000
67C. Failure to maintain records
Persons deemed as intermediator (such as an ISP) must maintain required records for
stipulated time. Failure is an offence.
Penalty
Imprisonment up to three years, or/and with fine.

23. Penalties under IT ACT, 2000
68. Failure/refusal to comply with orders
The Controller may, by order, direct a Certifying Authority to take such measures or
cease carrying on such activities as specified in the order if those are necessary to
ensure compliance. Any person who fails to comply with any such order shall be guilty
of an offence.
Penalty
Imprisonment up to three years, or/and with fine up to ₹200,000

24. Penalties under IT ACT, 2000
69. Failure/refusal to decrypt data
If the Controller is satisfied that it is necessary for preventing incitement to the
commission of any cognizable offence, for reasons to be recorded in writing, by order,
direct any agency of the Government to intercept any information transmitted
through any computer resource.The subscriber or any person in charge of the
computer resource shall, when called upon by any agency which has been directed,
must extend all facilities and technical assistance to decrypt the information.The
subscriber or any person who fails to assist the agency referred is deemed to have
committed a crime.
Penalty
Imprisonment up to seven years and possible fine.

25. Penalties under IT ACT, 2000
70. Securing access or attempting to secure access to a protected
The appropriate Government may, by notification in the Official Gazette, declare that
any computer, computer system or computer network to be a protected system. If a
person who secures access or attempts to secure access to a protected system, then he
is committing an offence.
Penalty
Imprisonment up to ten years, or/and with fine.

26. Penalties under IT ACT, 2000
71. Misrepresentation
If anyone makes any misrepresentation to, or suppresses any material fact from, the
Controller or the Certifying Authority for obtaining any license or Digital Signature
Certificate.
Penalty
Imprisonment up to three years, or/and with fine up to ₹100,000

27. Penalties under IT ACT, 2000
72. Penalty for breach of confidentiality and privacy
Any person who, in pursuance of any of the powers conferred under this Act, rules or
regulation made there under, has secured assess to any electronic record, book,
register, correspondence, information, document or other material without the
consent of the person.
Penalty
Imprisonment for a term which may extend to two years and a fine of one lakh rupees
or with both

28. Penalties under IT ACT, 2000
73. Penalty for publishing Digital Signature Certificate false in certain particulars
(1) No person shall publish a Digital Signature Certificate or otherwise make it
available to any other person with the knowledge that-
(a)The Certifying Authority listed in the certificate has not issued it; or
(b)The subscriber listed in the certificate has not accepted it; or
(c)The certificate has been revoked or suspended, unless such publication is for the
purpose of verifying a digital signature created prior to such suspension or revocation.
Penalty
Imprisonment for a term which may extend to two years, or with fine which may
extend to one lakh rupees, or with both.

29. Penalties under IT ACT, 2000
74. Publication for fraudulent purpose
Whoever knowingly creates, publishes or otherwise makes available a Digital
Signature Certificate for any fraudulent or unlawful purpose shall be punished under
this section.
Penalty
Imprisonment for a term which may extend to two years, or with fine which extend to
one lakh rupees, or with both.

30. Penalties under IT ACT, 2000
77. Penalties or confiscation not to interfere with other punishments
No penalty imposed or confiscation made under this Act shall prevent the imposition
of any other punishment to which the person affected thereby is liable under any
other law for the time being in force.

31. Penalties under IT ACT, 2000
78. Penalties or confiscation not to interfere with other punishments
Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police
officer not below the rank of Deputy Superintendent of Police shall investigate any
offence under this Act.

32. ELECTRONIC AND DIGITAL SIGNATURE
Chapter-II of IT Act 2000

33. Electronic Signature
▪ a subscriber may authenticate any electronic record by such electronic signature or
electronic authentication technique
• by the use of asymmetric crypto system and hash function

34. Digital Signature
According to the IT ACT, 2000
“digital signature” means authentication of any electronic record by a subscriber by
means of an electronic method or procedure in accordance with the provisions of
section 3.
Digital signature is a mathematical scheme to verify the authenticity of digital
documents or messages.
Also, any person in possession of the public key can verify the electronic record where
“public key” means the key of a key pair used to verify a digital signature

35. ▪ Both are used for authentication.
▪ Digital Signature provides a security over electronic signature.
▪ any person in possession of the public key can verify the electronic record where
“public key” means the key of a key pair used to verify a digital signature

36. Offences related with Digital Signature
and Electronic signature
66C.
A person fraudulently uses the password, digital signature or other unique
identification of another person.
Penalty:
Imprisonment up to three years, or/and with fine up to ₹100,000

37. Offences related with Digital Signature
and Electronic signature
71.
If anyone makes any misrepresentation to, or suppresses any material
fact from, the Controller or the Certifying Authority for obtaining any
license or Digital Signature Certificate.
Penalty
Imprisonment up to three years, or/and with fine up to ₹100,000

38. Offences related with Digital Signature
and Electronic signature
74.
Whoever knowingly creates, publishes or otherwise makes available a
Digital Signature Certificate for any fraudulent or unlawful purpose shall
be punished under this section.
Penalty
Imprisonment for a term which may extend to two years, or with fine
which extend to one lakh rupees, or with both.

39. Offences related with Digital Signature
and Electronic signature
73. Penalty for publishing Digital Signature Certificate false in certain
particulars
Penalty
Imprisonment for a term which may extend to two years, or with fine
which may extend to one lakh rupees, or with both.

40. Offences related with Digital Signature
and Electronic signature
74.
Whoever knowingly creates, publishes or otherwise makes available a
Digital Signature Certificate for any fraudulent or unlawful purpose shall
be punished under this section.
Penalty
Imprisonment for a term which may extend to two years, or with fine
which extend to one lakh rupees, or with both.

41. AUTHORTIES UNDER IT ACT

42. 1. Controller of Certifying Authorities(CCA)
▪ exercising supervision over the activities of the Certifying Authorities
▪ certifying public keys of the Certifying Authorities
▪ resolving any conflict of interests between the Certifying Authorities and the
subscribers
▪ maintaining a data base containing the disclosure record of every Certifying
Authority containing such particulars as may be specified by regulations,
which shall be accessible to public.

43. 2. Deputy Controllers and 3. Assistant Controllers
▪ perform the functions assigned to them by the Controller under the general
superintendence and control of the Controller.

44. 4.CERTIFYING AUTHORITIY
▪ has been granted a license to issue a digital signature certificate under section
24 of this act.

45. 5. Adjudicating Officer
▪ for holding an inquiry in the manner prescribed by the Central Government.
▪ adjudicate matters in which the claim for injury or damage does not exceed rupees five
crore