Connect with us

Research & Opinion

21 Years Of India’s IT Act: Here Are 21 Milestones Of The Historic Cyber Law

Published

on

21 Years Of India’s IT Act: Here Are 21 Milestones Of The Historic Cyber Law

By Deepak Maheshwari

It’s been 21 years since India’s Information Technology Act (IT Act) had come into force on October 17, 2000. Considering the adoption, diffusion and integration in daily lives of Internet and mobile over the past two decades, this legislation has been a subject of enormous interest, intense debate and fervent litigation.

Here is a brief overview of 21 milestones in this 21-year journey:

1. July 25, 1998

108 recommendations of the Prime Minister’s IT Task Force notified after approval by the Union Cabinet. These include the need to expedite cyberlaw.

2. May 17, 2000

Parliament passes the Information Technology Bill, 2000, an amended version of the Information Technology Bill, 1999 (IT Bill, 1999)

IT Bill, 1999 was introduced on 16 December 1999 in the Parliament by then Minister for Information Technology Pramod Mahajan. The Bill was referred to the Standing Committee on Science and Technology, Environment and Forests.

3. October 17, 2000

Information Technology Act, 2000 comes into force. President had given assent to Information Technology Act, 2000 (IT Act, 2000) on June 9, 2000.

4. February 5, 2002

Safescrypt becomes the first Certifying Authority (CA) under the IT Act, 2000 and issues the first digital signature to (late) Pramod Mahajan, then Minister of Communications & IT at NASSCOM’s India Leadership Forum (NILF) in Mumbai on the following day, February 6, 2002.

5. February 27, 2003

Procedure for Blocking of websites notified with Computer Emergency Response Team – India (CERT-IND) as the sole authority for issuing instructions in this context. CERT was not a statutory body then.

6. December 17, 2004 

Avnish Bajaj, CEO of the online marketplace Bazee.com (now eBay.in) is arrested (subsequently granted bail on 21 December 2004 and ultimately acquitted by the Supreme Court) on account of an obscene video clip of 2 minute 37 seconds that had been listed and sold by Ravi Raj one of its registered sellers named, also arrested on the same day.

7. January 2005

Government constitutes Expert Committee chaired by then IT secretary Brijesh Kumar to review the IT Act, 2000.

8. August 29, 2005

Expert Committee proposes numerous amendments to the IT Act, 2000:

Press Release

Summary of the Amendments Proposed by the Expert Committee

Report of the Expert Committee

9. July 20, 2006

Government directs Internet Service Providers to “provide unhindered access to Internet except for the websites/webpages which have been specifically” directed to be blocked.

10. December 15, 2006

Information Technology (Amendment) Bill, 2006 introduced in the Parliament by then Minister of Communications & IT Thiru. Dayanidhi Maran, and referred to the Parliamentary Standing Committee on IT chaired by Mr. Nikhil Kumar on December 19, 2006.

11. September 7, 2007

Parliamentary Standing Committee on IT recommends additional amendments in its report

Summary of the Standing Committee Report by PRS Legislative Research

12. December 23, 2008

Information Technology (Amendment) Bill, 2008 passed by the Parliament (December 22 by Lok Sabha and December 23 by Rajya Sabha, respectively). It had been tabled on 16 December 2008 by then Minister of Communications & IT Thiru. A. Raja.

13. October 27, 2009

Information Technology (Amendment) Act 2008 comes into force. Rules notified in respect of:

President had given assent to the Information Technology (Amendment) Act, 2008 on February 5, 2009.

14. July 26, 2010

TETRA Communication Secured Communication System Network notified as a ‘Protected System’ under IT Act, first such notification by the Government of India.

15. April 11, 2011

Rules notified in respect of procedure and safeguards for:

16.  January 16, 2014

National Critical Information Infrastructure Protection Centre (NCIIPC) notified as the National Nodal Agency under Section 70A.

Computer Emergency Response Team (CERT-In) rules notified under Section 70B. Incidentally, CERT-In had been set up more than a decade prior to this notification, albeit vide an executive order.

17. March 24, 2015

Supreme Court strikes down Section 66A of the IT Act holding it ultra vires of the Constitution in the Public Interest Litigation (PIL) filed by Shreya Singhal, then a law student.

18. September 18, 2015

Draft Encryption Policy based on recommendations of a High Level Expert Committee published for public comments.

Subsequently, the government clarified that the draft policy did not represent its final view and the draft encryption policy was withdrawn on 22 September 2015

19. December 21, 2015

Central Identity Depository Data Repository (CIDR) of Unique Identification Authority of India (UIDAI) notified as a ‘Protected System’ under the IT Act. Incidentally, the Aadhaar Act was enacted in 2016.

20. June 2020

Starting with 59 on that day, Government goes on to block 267 mobile apps.

21. February 25, 2021

Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 notified.

The much-awaited Personal Data Protection Bill, 2019 in India is under review by the Joint

Parliamentary Committee since 2019 and hopefully, it would be enacted soon and become enforceable. Till such time, we may still have to depend on a myriad of provisions across different legislations, especially under the IT Act and even then may not assert privacy and uphold data protection to the extent warranted.

The Writer- Deepak Maheshwari is a Public Policy Consultant

Continue Reading