xIoTz | Managed Cyber Assurance Platform

Cyber Law in India

October 11, 2023

Table of Contents

Cyber Security for Internet of Things

What is Cyber Law?

Cyber Law is the law regarding Information-technology particularly including computers and the internet. It covers things like copyrights, contracts, privacy, and free speech online. It also makes sure the internet is safe and punishes cybercrimes. Cyber law is also particularly referred to as the Law of the Internet.

Cyber law specifically applies to the various categories of cyber crimes such as:

  • Crimes against People –  Examples of crimes directed against individuals include cyberbullying, stalking, as well as posting offensive. And emotionally charged content, credit card fraud, cheating, identity theft, online defamation, and related misconduct.
  • Crimes against Property – Unrecognized and unapproved intrusion through cyberspace, computer vandalism, the transmission of viruses in any network or system, copyright infringement, IPR violations, and unauthorized possession of sensitive data are examples of Crimes against Property.
  • Crimes against Government – Crimes against the government are an attack on state sovereignty and particularly can create a state of war. This category is significantly the most important and includes activities such as hacking government websites, unauthorized privacy, cyber warfare and involvement in terrorism, virus infection, and software hacking the use of shells and others.

5 Major Cyber Crimes:

  1. Phishing Scam:  Specifically fraudulent attempts to obtain sensitive information via email or messaging. It often leads users to fake websites to enter personal or financial information.
  2. Identity theft scams: Criminals use stolen credentials to significantly commit fraud, obtain credit cards, and more. Protect yourself by significantly limiting the sharing of personal information online.
  3. Denial of Service (DOS) Attack:  Temporarily disrupts web applications, not particularly data theft. Achieved through massive traffic generated by specialized bots.
  4. Internet access: Using electronic communications significantly to harass or intimidate others. Often particularly threatening emails are sent. 
  5. Invasion of privacy: Meddling particularly with one’s personal life, such as hacking, reading emails and monitoring online activity. The law particularly punishes many violations of privacy; Report threats significantly to the police and file a complaint.

What is the first cyber crime in India?

In India, one of the significantly first cases of cyber crime was that of Yahoo v. Akash Arora. This case particularly occurred in 1999. In this case, the defendant Akash Arora was accused of using specifically the trademark or domain name ‘yahooindia.com’ and an order of permanent injunction was sought.

What are Cyber Laws in India?

Cyber laws cover the following statutes, rules, and guidelines. There are particularly five main types of laws that must be followed.

Information Technology Act,2000

The first cyberlaw to be significantly approved by the Indian Parliament. The Act particularly defines the following as its object:

“To provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as electronic methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Banker’s Book Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.”

Sections and Punishments significantly under Information Technology Act, 2000 are as follows :



Section 43

This section of IT Act, 2000 specifically states that any act of destroying, altering or stealing computer system/network or deleting data with malicious intentions without authorization from the owner of the computer is liable for the payment to be made to the owner as compensation for damages.

Section 43A

This section of IT Act, 2000 particularly states that any corporate body dealing with sensitive information that fails to implement reasonable security practices causing loss of other person will also be liable as a convict for compensation to the affected party.

Section 66

Hacking of a Computer System with malicious intentions like fraud will be particularly punished with 3 years imprisonment or the fine of Rs.5,00,000 or both.

Section 66 B, C, D

Fraud or dishonesty using or transmitting information or identity theft is significantly punishable with 3 years imprisonment or Rs. 1,00,000 fine or both.

Section 66 E

This Section is for Violation of privacy by specifically transmitting image of private area is punishable with 3 years imprisonment or 2,00,000 fine or both.

Section 66 F

This Section is on Cyber Terrorism affecting unity, integrity, security, sovereignty of India significantly through digital medium is liable for life imprisonment.

Section 67

This section states publishing obscene information or pornography or transmission of obscene content in public is liable for imprisonment up to 5 years or fine of Rs. 10,00,000 or both.

Indian Penal Code, 1860 (IPC)

It is a comprehensive code intended to cover all substantive aspects of criminal law. The code was drafted on the recommendations of first law commission of India established in 1834 under the Charter Act of 1833 under the chairmanship of Thomas Babington Macaulay.

If the IT Act is not sufficient to cover specific cyber crimes, law enforcement agencies can apply the following IPC sections:

Section 292

Addresses sale of obscene materials and various cybercrimes, significantly including electronic transmission of obscene content. Penalties include up to 2 years in prison and a fine of Rs. 2000, with particularly up to 5 years and Rs. 5000 for repeat offenders.

Section 354C

Defines cybercrime as taking/publishing explicit pictures of a woman without consent, particularly focusing on voyeurism. Penalties vary, significantly up to 3 years for first-time offenders and up to 7 years for repeat offenders.

Section 354D

Covers stalking, including cyberstalking, with penalties of up to 3 years for the first offense and up to 5 years for the second offense, particularly along with fines.

Section 379

Addresses theft, relevant for cybercrimes involving evidently stolen devices or data. Penalties include up to 3 years significantly in prison and a fine.

Section 420

Deals with cheating and dishonestly inducing property delivery, significantly penalizing cybercrimes like fake websites and fraud with up to 7 years in prison.

Sections 463, 465

Cover forgery, including email spoofing and false document preparation, especially with imprisonment up to 2 years or both.

Section 468

Punishes fraud with up to 7 years in prison and a fine, particularly including email spoofing.

Information Technology Rules (IT Rules)

The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 significantly is secondary or subordinate legislation that suppresses India’s Intermediary Guidelines Rules 2011.


Information Technology Rules 2021: Mandates

  • The intermediary should particularly observe due diligence.
  • Significantly mandatory Grievance redressal mechanism.
  • Grievance Appellate Committee(s).
  • Particularly about Internet Intermediaries.

Companies Act, 2013

The Companies Act, 2013 is a law that particularly regulates the governance of companies in India. It was enacted by the Government of India on April 1, 2013 and came into force on April 1, 2014. 

This ACT include provisions such as: 

  1. A Company shall not make any statement or publish any advertisement which is false or misleading in any material particularly.
  2. A Company shall not make any statement which is specifically disparaging of another person’s reputation.
  3.  A Company shall not make any statement which is significantly disparaging of goods or services.
  4. A Company particularly shall not indulge in unfair practices. 
  5. The Companies Act, 2013 was enacted to address the problems of the business environment and make it more conducive for companies. It is a piece of legislation that the Indian Parliament has passed. It is the first law to be given in India for company incorporation.

Cybersecurity Framework (NCFS)

The National Institute of Standards and Technology (NIST) has approved the Cybersecurity Framework (NCFS) as a framework significantly for harmonizing the cybersecurity approach. To manage cyber-related risks responsibly, the NIST Cybersecurity Framework specifically includes guidelines, standards, and best practices. According to this framework, flexibility and affordability are of prime importance. Moreover, it aims at fostering resilience and protecting critical infrastructure by implementing the following measures:

A better understanding, management, and reduction of the risks associated with cybersecurity.

  • Prevent significantly data loss, misuse, and restoration costs.
  • Particularly, determine the most critical activities and operations that must be secured.
  • Provides evidence of the trustworthiness of organizations that protect critical assets.
  • Optimize the cybersecurity return on investment (ROI) by particularly prioritizing investments.
  • Responds significantly to regulatory and contractual requirements
  • Assists specifically in the wider information security program.

Cyber Security Solution Organization Needs

xIoTz, cyber assurance platform offers comprehensive cybersecurity solutions to organizations by providing a range of tools, technologies, and services designed to assess, manage, and mitigate cyber risks. Here’s how xIoTz delivers cybersecurity solutions:

  1. SOC (Security Operations Center): Detects and responds to security threats in real-time, particularly safeguarding data and systems.
  2. NOC (Network Operations Center): Manages network performance and availability, particularly ensuring smooth operations.
  3. TOC (Threat Operations Center): Proactively hunts for advanced threats, and thus enhancing threat detection capabilities.
  4. NGVM (Next-Gen Vulnerability Management): Identifies vulnerabilities, significantly helping prioritize and address them, reducing risks.
  5. XOC (eXtended Operations Center): Specifically combination of Security(SOC), Network(NOC), Threat(TOC) and Vulnerability Management(NGVM).
  6. CAP (Cyber Assurance Platform): xIoTz Cyber Assurance Platform is an unified eXtended Operation Center(XOC) for providing especially data safety and business continuity .
  7. CCA (Continues Compromise Assessment): Checks for cybersecurity breaches and particularly unauthorized access in an organization’s systems or data.

Quick Links:

For Career Opportunities

For Partnership Opportunities

For a Live Demonstration

Explore our Blogs  

Posted in AwarenessTags: