EXTRACT FROM IT ACT 2008

(browsers are requested to follow the hyperlinks for detailed commentary the commentary is
courtesy our law department)

The amended IT Act came into effect from 27th Oct, 2009.
Main Features

The Act shall not apply to the documents listed in the First
Schedule. The exclusions include -A negotiable instrument (other
than a cheque) as defined in the NI Act, 181, POA as defined under
POA Act, 1882, trusts defined under Trust Act, a Will under Succession
Act, a contract for sale of immovable property.
Documents or transactions to which the Act shall not apply

Recognises Electronic signature as a record authentication

technique. Electronic signature includes Digital signature also. Also
lays down what constitutes a reliable Electronic signature.
Electronic Signature

Formally defines the meaning and scope of the following in the context
of the amended IT Act-2008-:
a) Intermediary , Cyber Cafe , Cyber Security , Communication
Device, Computer Network, Secure Electronic Signature;
b) Duties of Subscribers of Electronic Signature Certificate;
c) States that audit requirements for records maintained in physical
form shall automatically be extended to electronic records
/documents ;
Audit of documents maintained in Electronic Form
d)

Recognizes contracts entered into electronically as valid and

enforceable;
Validity of Contracts formed to Electronic means

e) Widens the list of acts of omission and commission in respect of

the usage of computer resources which could attract penal
action under the provision of amended IT Act.
Penalty and Compensation for Damage to Computer, Computer
System, etc.

f) Defines reasonable security practices and procedures for

Corporates handling sensitive personal data/ information as also
stipulates punishments for infringement.
Compensation for Failure to Protect Data
g) Empowers the Central Govt to appoint an appropriate officer to
act as an Adjudicative officer to enquire into cases of
contravention of the provisions of IT Act.
Adjudicative Power
h)

Empowers the Adjudicating officer with the powers of a civil

court under Order XXI of Code of Civil Procedures for the
purpose of execution of orders.
Adjudicative Power

i) Defines the scope/ powers/ jurisdiction of Cyber Appelate

Tribunal.
Cyber Appellate Tribunal
j) Section 66 (as per the amended Section) explains that if any
person dishonestly or fraudulently does any act for damage to
computer system, etc. as stated in Section 43, he shall be
punishable with imprisonment for a term which may extend to
three years or with fine which may extend to Rs.5 lacs or with
both. For the purpose of this Section, the words dishonestly
and fraudulently shall have the meanings assigned to it in
Section 24 and 25 of Indian Penal Code respectively.
Computer related Offences
k) Has added a host of new Sections have been added after
Section 66 as Sections 66A to 66F prescribing punishment for
offences such as, obscene electronic message transmissions,
identity theft, cheating by impersonation using computer
resources, violation of privacy and cyber terrorism.
Computer related Offences
We invite you to click the following link for a detailed commentary on the
provisions of IT Act-2008 as relevant to the Banking and Financial sector. The
commentary is courtesy SBI-Law department.

Salient Features of Information Technology (Amendment) Act, 2008

Annexure
Salient Features of Information Technology (Amendment) Act, 2008
1.

Introduction
Information Technology (Amendment) Act, 2008 (hereinafter referred to

as Amendment Act), has been passed by the Lok Sabha on 22nd December
2008 and by Rajya Sabha on 23rd December 2008 and received the assent of
the President on 5th February 2009. The Act came into force with effect from
27th October 2009. By the Amendment Act, various provisions of Information
Technology Act, 2000 (hereinafter IT Act or the Act) have been amended
and the major amendments are described hereunder.
2.

Documents or transactions to which the Act shall not apply

Sub-section (4) of Section 1 of the IT Act has been substituted,

whereby it is stated that nothing in the IT Act shall apply to documents or

transactions specified in the First Schedule. The Central Government has
been given the power to amend the First Schedule by way of addition or
deletion of entries thereto by issuing a notification. As of now, the following
documents are included in the First Schedule of the IT Act :
(i)

A negotiable instrument (other than a cheque) as defined in the

NI Act, 1881.

(ii)

The Power of Attorney as defined in the Power of Attorney Act,

1882.

(iii)

A Trust as defined in the Trust Act, 1882.

(iv)

A Will as defined in the Indian Succession Act, 1925, including

any other testamentary disposition by whatever name called.

(v)

A contract for the sale or conveyance of immovable property or

any interest in such property.

Click here to go backMain Features

In view of the above provision, the provisions of IT Act shall not be
applicable to the documents mentioned in the First Schedule which as of now
are the five types of documents mentioned above.
3.

Electronic Signature
As per Section 2(ta) of the IT Act, as inserted by the Amendment Act,

Electronic Signature means the authentication of any electronic record by a

subscriber by means of the electronic techniques specified in the Second
Schedule to the IT Act and includes digital signature.
Electronic Signature Certificate has been defined as an Electronic
Signature Certificate issued under Section 35 and includes Digital Signature
Certificate [Section 2(tb)].

(As per Section 35, any person can make an

application to the Certifying Authority for the issue of a Electronic Signature

Certificate, by paying the prescribed fee and giving such other details)
A new Section has been inserted as Section 3A, wherein it is stated
that notwithstanding anything in respect of the authentication of an electronic
record by affixing digital signature (under Section 3), a subscriber may
authenticate any electronic record by such electronic signature or electronic
authentication technique which is considered reliable and may be specified in
the Second Schedule. For this purpose, an electronic signature or electronic
authentication technique shall be considered reliable, if

(i)

the signature creation data or the authentication data are, within

the context in which they are used, linked to the signatory or, as
the case may be, the authenticator and no other person;

(ii)

the signature creation data or the authentication data were, at

the time of signing, under the control of the signatory or, as the
case may be, the authenticator and of no other person;

(iii)

any alteration to the electronic signature made after affixing

such signature is detectable;
Click here to go backMain Features

(iv)

any alteration to the information made after its authentication by

electronic signature is delectable; and

(v)

electronic signature should also fulfil such other conditions

which may be prescribed under the rules.

The Central Government can also prescribe the procedure for the
purpose of ascertaining whether the Electronic signature is that of the person
by whom it is purported to have been affixed or authenticated. The Central
Government can also by notification in the Official Gazette add or omit any
electronic signature or electronic authentication technique and the procedure
for affixing such signature from the Second Schedule. Further, no electronic
signature or authentication technique shall be specified in the Second
Schedule unless such signature or technique is reliable.
As per Section 2 of the Amendment Act, the words Digital Signature
has been replaced with Electronic Signature in various provisions of the IT
Act.
The net effect of such amendment is that the scope of authentication of
electronic records has been got widened.

Earlier, the only legal way to

authenticate an electronic record was the authentication by digital signature.

However, after amendment, in addition to the digital signature, the electronic
records can be authenticated by electronic signature or electronic
authentication technique included in the Second Schedule of the IT Act. Any

procedure for affixing electronic signature or any technique of electronic

authentication which is reliable and fulfils the criteria specified above can be
included in the Second Schedule by the Central Government. As on date, to
our information, no such techniques have been included in the Second
Schedule.
Click here to go backMain Features

4.

Certain New Definitions

Apart from the definitions of electronic signature and electronic

signature certificate, certain other new terms are defined by the Amendment
Act. Certain existing definitions have also been amended. The details of
such additions / amendments are given below :
(a)

Intermediary
The term intermediary has been defined in Section 2(w) of the IT Act.

As per the said Section, intermediary with respect to any particular electronic
records, means any person who on behalf of another person receives, stores
or transmits that record or provides any service with respect to that record and
includes telecom service providers, network service providers, internet service
providers, web-hosting service providers, search engines, online payment
sites, online market places and cyber cafes.
(b)

Cyber Cafe
As per Section 2(na), cyber cafe means any facility from where access

to the internet is offered by any person in the ordinary course of business to

the members of the public.
(c)

Cyber Security

As per Section 2(nb), cyber security means protecting information,

equipment, devices computer, computer resources, communication device
and information stored therein from unauthorised access, use, disclosure,
disruption, modification or destruction.
(d)

Communication Device
As per Section 2(ha), communication device means cellphones,

personal digital assistance or combination of both or any other device used to

communicate, send or transmit any text, video, audio or image.
(e)

Computer Network
Section 2(j) of the Act has been amended to include inter connection of

computer systems and communication devices through various means such

as through satellite, microwave, terrestrial line, wire, wireless, etc.
Click here to go backMain Features
5.

Secure Electronic Signature

Before the Amendment Act, Section 15 in the IT Act was dealing with

the Secure Digital Signature. The said Section has been substituted by the
new Section dealing with Secure Electronic Signature. As per the amended
section, an Electronic Signature shall be deemed to be a Secure Electronic
Signature, if
(i)

The signature creation data, at the time of affixing signature,

was under the exclusive control of signatory and no other
person; and

(ii)

The signature creation data was stored and affixed in such

exclusive manner as may be prescribed.

In respect of a Digital Signature, the signature creation data mentioned

above means the private key of the subscriber.

Further, as per Section 16 of the amended Act, in respect of secure

electronic records (Section 14) and secure electronic signature (Section 15),
the Central Government can prescribe the security procedures and practices
to be complied. In prescribing such security procedures and practices, the
Central Government has to take regard of the commercial circumstances, the
nature of transactions and such other related factors, as it may consider
appropriate.
Click here to go backMain Features
6.

Duties of Subscribers of Electronic Signature Certificate

A new Section has been inserted as Section 40A whereby it is

stipulated that in respect of Electronic Signature Certificate, the subscriber

shall perform such duties as may be prescribed by the rules notified under the
IT Act.
Click here to go backMain Features
7.

Electronic Governance - Delivery of Service by Service Provider

The new Section as Section 6A has been inserted to the IT Act,

whereby powers have been given to the Government to authorise any service
provider to set up, maintain and upgrade the computerised facilities and
perform such other services as specified in the notification for the purpose of
Electronic Governance and for efficient delivery of services to the public
through electronic means. For this purpose, any individual, private agency,
private company, partnership firm, sole proprietory firm or any such other
body or agency can be appointed as a service provider and they have to offer
services through electronic means in accordance with the policy governing
such service sector.

The Government can also authorise such service

provider to collect, retain and appropriate such service charges as may be

prescribed by the Government for the purpose of providing such services.

The Government can also provide scales of service charge which may be
charged and collected by the service provider.
Click here to go backMain Features
8.

Audit of documents maintained in Electronic Form

A new Section as Section 7A has been inserted whereby it is stated

that if there is a provision for audit of documents, records or information in any

law, then, such provision shall also be applicable for audit of documents,
records or information processed and maintained in Electronic form.
This provision may be noted and considered for including its electronic
records also within the ambit of audit of documents, records or information,
wherever applicable as above.
Click here to go backMain Features
9.

Validity of Contracts formed to Electronic means

A new Section as Section 10A has been inserted for recognising

communication of proposals, acceptance of proposals, revocation of

proposals and acceptances, as the case may be which are expressed in
electronic form or by means of an electronic record. It is specifically provided
that a contract concluded electronically by such communications shall not be
deemed to be unenforceable solely on the ground that electronic form or
means are used for that purpose.
Click here to go backMain Features
10.

Removal of Repository functions from the Controller

As per Section 20 of the IT Act, as it stood before amendment, the

Controller shall be the repository of all the digital signature certificates issued
under the Act. However, as per the amendment Act, this section has been

omitted. The role of repository of all electronic signature certificates has been
assigned to Central Certifying Authority by amending Section 30 of the IT Act.
It is also stipulated that every Certifying Authority shall publish information
regarding its practices, electronic signature certificates and current status of
such certificates.
Click here to go backMain Features
11.

Penalty and Compensation for Damage to Computer, Computer

System, etc.
The damage of compensation not exceeding Rs.1 crore prescribed
under Section 43 of the IT Act (before its amendment) for damage to
computer, computer system, etc. has been deleted and the relevant portion of
the section has been substituted by the words he shall be liable to pay
damages by way of compensation to the person so affected. In addition to
the other existing provisions (Section 43), the following are also added as
instances where a person can be made liable to pay damages by way of
compensation :
If a person without permission of the owner or any other person, who is
in-charge of a computer, computer system or computer network, (a)

accesses or secures access to computer resource;

(b)

destroys, deletes or alters any information residing in a

computer resource or diminishes its value or utility or affects its
injuriously by any means;

(c)

steal, conceals, destroys or alters or causes any person to steal,

conceal, destroy or alter any computer source code used for
computer resource with an intention to cause damage.

For the purpose of the section dealing with the penalties (Section 43)
Computer Source Code has been defined as the listing of programmes,
computer commands, design and layout and programme analysis of computer
source code in any form.

Click here to go backMain Features

12.

Compensation for Failure to Protect Data

A new Section 43A has been inserted to protect sensitive personal

data or information possessed, dealt or handled by a body corporate in a

computer resource which such body corporate owns, controls or operates. If
such body corporate is negligent in implementing and maintaining reasonable
security practices and procedures and thereby causes wrongful loss or
wrongful gains to any person, such body corporate shall be liable to pay
damages by way of compensation to the person so affected.
The explanation to Section 43A defines body corporate as any
company including a firm, sole proprietorship or other association of
individuals engaged in commercial or professional activities.

Further,

reasonable security practices and procedures means security practices and

procedures designed to protect such information from unauthorised access,
damage, use, modification, disclosure or impairment, as may be specified in
an agreement between the parties or as may be specified in any law for the
time being in force and in the absence of such agreement or any law, such
reasonable security practices and procedures as may be prescribed by the
Central Government in consultation with such professional bodies or
associations as it may deem fit.

Sensitive personal data or information

means such personal information as may be prescribed by the Central

Government in consultation with such professional bodies or association as it
may deem fit.
Click here to go backMain Features
13.

Adjudicative Power
Section 46 of the IT Act gives power to the Central Government to

appoint any officer not below the rank of a Director of Government of India or

an equivalent officer of State Government to be an adjudicating officer for

holding enquiry in cases where any person has committed a contravention of
any provisions of the Information Technology Act, or any rules, regulations,
direction or order made thereunder which renders such person liable to pay
penalty or compensation within the scope of such enquiry. By Amendment
Act, it is now stipulated that the jurisdiction of such adjudicating officer shall
be in respect of matters in which the claim for injury or damage does not
exceed Rs.5 crore. If the claim exceeds Rs.5 crore, the jurisdiction shall be
with the competent Court. It is also stipulated by the Amendment Act that the
adjudicating officer shall have the powers of a civil court under Order XXI of
Code of Civil Procedures for the purpose of execution of orders.
Click here to go backMain Features
14.

Cyber Appellate Tribunal

The Cyber Regulations Appellate Tribunal as it was mentioned in the IT

Act prior to its amendment has been renamed as Cyber Appellate Tribunal
(Section 48).

Similarly, the Presiding Officer of the Tribunal has been

redesignated as Chairperson.
As per the IT Act prior to its amendment, the Tribunal shall consist of
one person only. However, as per the amendment made to Section 49 of the
IT Act, the Cyber Appellate Tribunal shall consist of a Chairperson and such
number of other Members as the Central Government may appoint by
notification. Further, the selection of Chairperson and members of the Cyber
Appellate Tribunal shall be made by the Central Government in consultation
with the Chief Justice of India.
The jurisdiction, powers and authority of the Cyber Appellate Tribunal
can be exercised by the benches of the Tribunal. The chairperson of the
Tribunal can constitute a bench with one or two members of the Tribunal as
he deems fit. The benches of the Tribunal shall sit at New Delhi and such

other places as the Central Government may notify in consultation with the
Chairperson.
A person shall not be qualified for appointment as a Chairperson of the
Cyber Appellate Tribunal, unless he is or has been or qualified to be a judge
of a High Court. The IT Act also stipulates the qualifications for a person to
be appointed as a member or judicial member of Cyber Appellate Tribunal.
Further, before appointing any person as Chairperson or Member of the
Tribunal, the Central Government shall satisfy itself that the person does not
have any such financial or other interest as is likely to affect judicially his
functions as such chairperson or Member.
The salary and allowances payable to, and other terms and conditions
of services of the Chairman or Member shall be such as may be prescribed by
the Central Government. The Chairperson of the Cyber Appellate Tribunal
shall have the powers of general superintendence and directions in the
conduct of the affairs of the Tribunal including power to distribute the business
or transfer of cases among the different benches of Cyber Appellate Tribunal.
Click here to go backMain Features
15.

Computer related Offences

Section 66 of the IT Act prior to its amendment, dealing with Hacking

with Computer System has been substituted with a new Section titled as
Computer related Offences.

As per the new Section, if any person

dishonestly or fraudulently does any act for damage to computer system, etc.
as stated in Section 43, he shall be punishable with imprisonment for a term
which may extend to three years or with fine which may extend to Rs.5 lacs or
with both.

For the purpose of this Section, the words dishonestly and

fraudulently shall have the meanings assigned to it in Section 24 and 25 of

Indian Penal Code respectively.

A host of new Sections have been added after Section 66 as Sections

66A to 66F prescribing punishment for offences such as, obscene electronic
message transmissions, identity theft, cheating by impersonation using
computer resources, violation of privacy and cyber terrorism. The details of
such offences are given below.
Section 66A deals with punishment for sending offensive messages
through communication services, etc. As per this section, any person who
sends by means of a computer resource or a communication device, (i)

any information that is grossly offensive or has menacing

character; or

(ii)

any information which he knows to be false, but for the purpose

of causing annoyance, inconvenience, danger, obstruction,
insult, injury, criminal intimidation, enmity, hatred or ill-will,
persistently by making use of such computer resources or a
communication device; or

(iii)

any electronic mail message for the purpose of causing

annoyance or inconvenience or to deceive or to mislead the
addressee or recipient about the origin of such messages,
shall be punishable with imprisonment for a term, this may
extend to three years and with fine.

For the purpose of above stated Section, terms electronic mail and
electronic mail message means a message or information created or
transmitted or received on a computer or a computer system, computer
resources or communication device including attachments in text, image,
audio, video and any other electronic record, which may be transmitted with
the message.
Section 66B deals with the punishment for dishonestly receiving stolen
computer resource or communication device. As per this Section, whoever
dishonestly

receives

or

retains

any

stolen

computer

resource

or

communication device knowing or having reason to believe, the same to be

stolen computer resource or communication device shall be punished with

imprisonment of either description for a term which may extend to three years
or with fine which may extend to one lac rupees or with both.
Section 66C deals with the punishment for identity, theft. As per this
Section, whoever fraudulently or dishonestly makes use of the electronic
signature, password or any other unique identification feature of any other
person shall be punished with imprisonment of either description for a term
which may extend to three years and shall also be liable to fine which may
extend to one lac rupees.
Section 66D deals with the punishment for cheating by personation by
using computer resource. As per this Section, whoever by means for any
communication device or computer resource, cheats by personating, shall be
punished with the imprisonment of either description for a term which may
extend to three years and shall also be liable to fine which may extend to one
lac rupees.
Section 66E deals with the punishment for violation of privacy. As per
this Section, whoever intentionally or knowingly captures, publishes or
transmits the image of a private area of any person without his or her consent
under circumstances violating the privacy of that person, shall be punished
with imprisonment which may extend to three years or with fine not exceeding
Rs.2 lacs or with both.
Section 66F deals with the punishment for cyber terrorism. As per this
Section, whoever commits or conspires to commit cyber terrorism shall be
punishable with imprisonment which may extend imprisonment for life. The
offence of cyber terrorism has been defined as whoever, with intent to
threaten the unity, integrity, security or sovereignty of India or to strike terror in
the people or any section of the people by
(i)

denying or cause the denial of access to any person authorised

to access computer resources; or

(ii)

attempting to penetrate or access a computer resource without

authorisation or exceeding authorised access; or

(iii)

introducing or causing to introduce any computer contaminant;

and by means of such conduct causes or is likely to cause death or

injuries to persons or damage to or destruction of property or disrupts or
knowing that it is likely to cause damage or disruption of supplies or services
essential to the life of the community or adversely affect the critical
information, infrastructure specified under the Section 70 dealing with
protected system.
Further, whoever knowingly or intentionally penetrates or accesses a
computer resource without authorisation or exceeding authorised access and
by means of such conduct obtains access to information, data or computer
data base, that is restricted for reasons of the security of the State or foreign
relations; or any restricted information data or computer database, with
reasons to believe that such information, data or computer database so
obtained may be used to cause or likely to cause injury to the interests of the
sovereignty and integrity of India, the security of the State, friendly relations
with the foreign State, public order, decency or morality, or in relation to
contempt of Court, defamation or incitement of an offence, or to the
advantage of any foreign nation, group of individuals or otherwise also
commits the offence of cyber terrorism.
Click here to go backMain Features
16.

Punishment for Publishing or transmitting obscene material in

electronic form
Section 67 of the IT Act is amended to reduce the term of
imprisonment for publishing or transmitting obscene material in electronic
form to three years from five years and increase the fine from Rs. 1 lac to
Rs.5 lacs. A host of new Sections have been inserted as Section 67A to 67C.

While 67A and 67B inserts penal provisions in respect of offences of

publishing or transmitting of material containing sexually explicit act and child
pronography in electronic form, Section 67C deals with the obligation of an
intermediary to preserve and retain such information as may be specified for
such duration and in such manner and format as the Central Government may
prescribe.
17.

Interception or Monitoring or Decryption of any information through any

Computer Resource
Section 69 of the IT Act has been amended giving power to the Central

Government or State Government to issue directions to the authorised

Government officials for interception or monitoring or decryption of any
information through any computer resource and such powers can be
exercised, if the Government is satisfied that it is necessary or expedient so to
do in the interest of the sovereignty or integrity of India, defence of India,
Security of the State, friendly relations with foreign State or public order or for
preventing incitement to the commission of any cognizable offence relating to
above or for investigation of any offence. Government can also issue the
procedure and safeguards to be followed for such interception or monitoring
or decryption.
A new Section has been added as Section 69A whereby power has
been given to the Central Government or any of its officer specifically
authorised by it to issue directions for blocking public access of any
information through any computer resources in circumstances where it is
necessary or expedient to do so, in the interest of sovereignty and integrity of
India, Defence of India, Security of India, friendly relations with foreign State
or public order or for preventing incitement to the commission of any
cognizable offence relating to the above.

A new section 69B has been inserted whereby power has been
conferred on the Central Government to authorise, monitor and collect traffic
data or information through any computer resources for cyber security.
Click here to go backMain Features
18.

Protected System
Section 70 of the IT Act dealing with the protected system has been

amended. As per amended provision, the appropriate Government may by

notification in the official Gazette declare any computer resource which
directly or indirectly affects the facility of Critical Information Infrastructure to
be a protected system.

For the purpose of the said section, Critical

Information Infrastructure means the computer resource, the incapacitation or

destruction of which, shall have debilitating impact on national security,
economy, public health or safety. Further, as per the amended provision, the
Central Government can prescribe information security practice and
procedures for such protected system.
19.

National Nodal Agency & Indian Computer Emergency Response

Team
A new Section, 70A has been inserted whereby it is stated that the

Central Government may, by notification published in the official Gazette

designate any organisation of the Government as the National Nodal Agency
in respect of Critical Information Infrastructure Protection. The National Nodal
Agency so designated shall be responsible for all measures including
research and development relating to protection of Critical Information
Infrastructure. The Government can issue rules prescribing the manner of
performing functions and duties of the National Nodal Agency.
As per Section 70B, it is stipulated that the Central Government may by
notification in the official Gazette can appoint an agency of the Government
as Indian Computer Emergency Response Team (ICERT). There shall be a

Director General and such other officers and employee to the ICERT. The
salary and allowances of such Director General and such other officers and
employees shall be as prescribed by the Central Government.
The ICERT shall serve as the National Agency for performing the
following functions in the area of cyber security.
(i)

Collection, analysis and dissemination of information on cyber

incidents.

(ii)

Forecast and alert of cyber security incidents.

(iii)

Emergency measures for handling cyber security incidents.

(iv)

Coordination of cyber incidents response activities.

(v)

Issue guidelines, advisories, vulnerability notes and white

papers relating to information security practices, procedures,
prevention, response and reporting of cyber incidents.

(vi)

Such other functions relating to cyber security as may be

prescribed by the Government.

The Government can issue rules prescribing the manner of performing

functions and duties by ICERT. ICERT for carrying out its functions have the
power for calling information and give directions to the service providers,
intermediaries, data centres, body corporate and any other person.

Any

person who fails to comply with any such directions given by ICERT shall be
punishable with imprisonment for a term which may extend to one year or with
fine which may extend to Rs.1 lac or with both.
Click here to go backMain Features
20.

Punishment for Disclosure of Information

A new Section has been inserted as Section 72A dealing with

punishment for disclosure of information in breach of lawful contract. As per

this Section, save as provided in the IT Act or any other law for time being in
force, any person including an intermediary who, while providing services

under the terms of lawful contract, has secured access to any material
containing personal information about any other person, with the intent to
cause or knowing that he is likely to cause wrongful loss or wrongful gain
discloses, without the consent of the person concerned, or in breach of a
lawful contract such material to any other person, shall be punished with
imprisonment for a term which may extend to three years or with fine which
may extend to Rs.5 lacs or with both.
Click here to go backMain Features
21.

Compounding of offences
A new Section has been inserted as Section 77A whereby, it is

specified that offences under IT Act other than those for which the punishment
is for life or imprisonment for a term exceeding three years shall be
compoundable. However, cases where the accused is liable to enhanced
punishment or for a punishment of different kind on account of previous
conviction shall not be compoundable. Further, offences affecting the socioeconomic conditions of the country or which has been committed against child
below the age of 18 years or against a woman shall not be compoundable.
As per Section 77B of the IT Act, the offences punishable with
imprisonment of three years and above shall be cognizable and the offences
with punishment of imprisonment with three years shall be bailable.
Section 78 of the Act has been amended to confer power upon a police
officer not below the rank of inspector to investigate any offence under the IT
Act whereas prior to the amendment, it was an officer not below the rank of
Deputy Superintendent of Police.
Similarly, Section 80 has also been amended to authorise police officer
not below the rank of inspector to enter any public place and search, and
arrest without warrant any suspected offender under IT Act, whereas, as per

earlier provisions, the powers were vested with an officer not below the rank
of Deputy Superintendent of Police.
Click here to go backMain Features
22.

Exemption from Liability of Intermediary

Section 79 of the IT Act which exempted network service providers

from liability in certain cases has been amended to provide exemption from
liability of intermediary in certain cases. As per the amended provisions, an
intermediary shall not be liable for any third party information, data or
communication link made available or hosted by him if ;
(a)

the function of the intermediary is limited to providing access to

a communication system over which the information made
available by third parties is transmitted or temporarily stored or
hosted;

(b)

the intermediary does not, (i) initiate the transmission, (ii) select
the receiver of the transmission and (iii) select or modify the
information contained in the transmission.

(c)

the intermediary observes due diligence while discharging its

duties.

However, the exemptions under Section 79 mentioned above shall not

apply to an intermediary, if (a) the intermediary has conspired or abated or
aided or induced whether by threats or promise or authorised in the
commission of the unlawful act; (b) upon receiving actual knowledge, or on
being notified that any information, data or communication links residing in or
connected to computer resource controlled by it is being used to commit
unlawful act, the intermediary fails to expeditiously remove or disable access
to that material on that resource without vitiating the evidence in any manner.
For the purpose of the Section third party information means any information
dealt with by an intermediary in his capacity as an intermediary.
Click here to go backMain Features

23.

Examiner of Electronic Evidence

A new Section 79A has been inserted whereby the Central

Government has been conferred with the power to specify any department,
body or agency of the Central Government or a State Government as an
Examiner of an Electronic Evidence for the purpose of providing expert
opinion on electronic form evidence before any Court or other authority. Here,
electronic form evidence means any information of probative value, i.e. either
stored or transmitted in electronic form and includes computer evidence,
digital audio, digital video, cellphones, digital fax machines.
Click here to go backMain Features
24.

Application of the IT Act to Electronic Cheque and Truncated Cheque

A new Section has been inserted as Section 81A whereby it is stated

that the provisions of the IT Act shall apply to, or in relation to electronic
cheques and the truncated cheques.

However, such application shall be

subject to such modifications and amendments prescribed by the Central

Government in consultation with RBI for carrying out the purposes of the NI
Act.
Click here to go backMain Features
25.

Protection of Copyright
A proviso has been added to Section 81 which is dealing with the

overriding effect of the IT Act on other laws. As per the proviso, now added
the said overriding effect of IT Act shall not restrict any person from exercising
any right conferred under the Copyright Act or Patent Act.
Click here to go backMain Features
26.

Modes of Encryption

A new Section as 84A has been inserted whereby it is stated that the
Central Government may for secure use of the Electronic media and
promotion of e-governance and e-commerce prescribe the modes or methods
for encryption.
Click here to go backMain Features
27.

Punishment for Abatement and Attempts

As per Section 84B inserted by the Amendment Act, whoever abates

any offence shall also be punishable with the punishment provided for the
offences so abated provided the abated offence has been committed in
consequences of such abatement.
As per Section 84C inserted by the Amendment Act, whoever attempts
to commit an offence punishable under the IT Act or causes such an offence
to be committed and in such an attempt does any act towards the commission
of the offence, shall, be punished with imprisonment for a term which may
extend to one half of the longest term of imprisonment provided for the
offence or with such fine as is provided for the offence, or with both.
Click here to go backMain Features