top of page

Information Technology Act 2000 Section 24

IT Act Section 24 defines the power to issue directions by the Controller for secure electronic records and digital signatures.

Section 24 of the Information Technology Act, 2000 empowers the Controller of Certifying Authorities to issue directions to ensure the security and authenticity of electronic records and digital signatures. This section plays a vital role in maintaining trust in electronic transactions by regulating how digital signatures are managed and used.

In today's digital world, where electronic communication and e-commerce are widespread, Section 24 helps safeguard users, businesses, and government agencies from fraud and misuse of digital signatures. It ensures that digital signatures remain reliable and legally valid, supporting secure electronic governance and commerce.

Information Technology Act Section 24 – Exact Provision

This section grants the Controller authority to issue written directions to certifying authorities, subscribers, or any person using digital signatures. The goal is to secure electronic records and digital signatures, ensuring their integrity and preventing misuse.

  • Empowers the Controller to issue security directions.

  • Applies to certifying authorities and digital signature users.

  • Aims to protect electronic records and digital signatures.

  • Supports the integrity of electronic transactions.

  • Ensures compliance with digital signature standards.

Explanation of Information Technology Act Section 24

Section 24 authorizes the Controller to regulate digital signature use by issuing necessary directions.

  • States that the Controller can issue written directions.

  • Applies to certifying authorities, subscribers, and other digital signature users.

  • Triggered when security or authenticity concerns arise.

  • Legal criteria focus on securing electronic records and digital signatures.

  • Allows directions to maintain trust and prevent fraud.

  • Prohibits actions that compromise digital signature security.

Purpose and Rationale of IT Act Section 24

This section ensures that digital signatures and electronic records remain secure and trustworthy. It empowers the Controller to act proactively against risks and maintain the legal sanctity of electronic transactions.

  • Protects users in the digital signature ecosystem.

  • Prevents misuse and fraud involving digital signatures.

  • Ensures secure electronic transactions and records.

  • Regulates behaviour of certifying authorities and users.

When IT Act Section 24 Applies

Section 24 applies whenever the Controller identifies the need to issue directions to secure digital signatures or electronic records. It is invoked to maintain system integrity and user trust.

  • When security threats to digital signatures arise.

  • Controller or government invokes the section.

  • Requires evidence of risk or misuse.

  • Relevant to electronic records, digital signatures, and certification.

  • Exceptions may apply if directions conflict with other laws.

Legal Effect of IT Act Section 24

Section 24 creates a regulatory framework empowering the Controller to issue binding directions. It restricts actions that compromise digital signature security and enforces compliance among certifying authorities and users. Non-compliance can lead to penalties under the Act and affect the validity of electronic records.

  • Creates rights for the Controller to regulate digital signatures.

  • Restricts misuse or insecure handling of digital signatures.

  • Penalties may apply for non-compliance.

Nature of Offence or Liability under IT Act Section 24

This section primarily imposes regulatory compliance obligations. Failure to follow the Controller's directions may lead to civil or criminal liability under related provisions of the IT Act. The offences are generally non-cognizable but serious for maintaining digital trust.

  • Regulatory compliance obligation.

  • Non-compliance can lead to penalties.

  • Offence is generally non-cognizable.

  • Arrest usually requires warrant.

Stage of Proceedings Where IT Act Section 24 Applies

Section 24 is relevant during regulatory oversight and enforcement stages. The Controller may investigate, collect evidence, and issue directions. Compliance monitoring and legal proceedings may follow if directions are ignored.

  • Investigation by Controller or authorities.

  • Collection of digital evidence and records.

  • Issuance of directions to concerned parties.

  • Filing complaints for non-compliance.

  • Trial and appeal in case of disputes.

Penalties and Consequences under IT Act Section 24

While Section 24 itself does not specify penalties, failure to comply with the Controller's directions can attract penalties under other sections of the IT Act. This includes fines, suspension of certification, or prosecution for offences related to digital signatures.

  • Fines for non-compliance.

  • Suspension or cancellation of certification.

  • Liability for certifying authorities and users.

  • Possible compensation claims.

Example of IT Act Section 24 in Practical Use

Consider a certifying authority "X" that fails to update its security protocols despite warnings from the Controller. The Controller issues directions under Section 24 to enhance security. If "X" ignores these directions, it risks suspension and legal action. This ensures that digital signatures issued remain trustworthy and secure.

  • Controller's directions ensure security compliance.

  • Non-compliance risks certification suspension and penalties.

Historical Background of IT Act Section 24

The IT Act, 2000 was introduced to regulate electronic commerce and digital signatures. Section 24 was designed to empower the Controller to maintain security standards. The 2008 Amendment enhanced regulatory powers to address evolving cyber threats and improve trust in digital transactions.

  • Introduced to regulate digital signatures and e-commerce.

  • Amended in 2008 to strengthen Controller's powers.

  • Evolved with technological advancements and cyber threats.

Modern Relevance of IT Act Section 24

In 2026, with the rise of fintech, digital identity, and online payments, Section 24 remains crucial. It supports cybersecurity by enabling the Controller to enforce security measures. It also addresses challenges in social media and intermediary liability by securing digital signatures.

  • Supports digital evidence integrity.

  • Enhances online safety and trust.

  • Addresses enforcement challenges in cyberspace.

Related Sections

  • IT Act Section 23 – Duties of Certifying Authorities.

  • IT Act Section 25 – Suspension and revocation of certificates.

  • IT Act Section 43A – Compensation for data protection failures.

  • IT Act Section 66 – Computer-related offences.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • IPC Section 420 – Cheating, relevant for digital fraud.

Case References under IT Act Section 24

No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 24

  • Section: 24

  • Title: Controller's Directions

  • Category: Digital Signature Regulation

  • Applies To: Certifying Authorities, Subscribers, Digital Signature Users

  • Stage: Regulatory Oversight, Investigation, Compliance

  • Legal Effect: Empowers Controller to issue binding directions

  • Penalties: Fines, Certification Suspension, Legal Action

Conclusion on IT Act Section 24

Section 24 is a key regulatory provision empowering the Controller to issue directions for securing electronic records and digital signatures. This authority helps maintain trust and integrity in electronic transactions, which is essential in the digital economy.

By enabling proactive security measures and compliance enforcement, Section 24 supports the safe use of digital signatures. It protects users, businesses, and government agencies from fraud and misuse, ensuring the continued growth of secure digital communication and commerce.

FAQs on IT Act Section 24

What authority does Section 24 grant to the Controller?

Section 24 authorizes the Controller to issue written directions to certifying authorities, subscribers, or any digital signature users to secure electronic records and digital signatures.

Who must comply with the directions issued under Section 24?

Certifying authorities, subscribers, and any person using digital signatures must comply with the Controller's directions to ensure security and authenticity.

Are there penalties for not following Section 24 directions?

Yes, non-compliance can lead to penalties such as fines, suspension of certification, or legal action under related provisions of the IT Act.

Does Section 24 apply to all electronic records?

Section 24 specifically relates to electronic records and digital signatures that require security and authenticity measures under the IT Act.

How does Section 24 impact digital transactions?

By empowering the Controller to issue security directions, Section 24 ensures that digital signatures used in electronic transactions remain reliable and legally valid, enhancing trust.

Related Sections

CrPC Section 228

CrPC Section 228 details the procedure for trial of offences committed by public servants in relation to their official duties.

Negotiable Instruments Act 1881 Section 72

Negotiable Instruments Act, 1881 Section 72 defines the term 'holder in due course' and its significance under the Act.

Is Buying And Selling Bitcoins Legal In India

In India, buying and selling bitcoins is legal but regulated with specific guidelines and restrictions.

Is Adverse Possession Legal In India

Understand the legality and rules of adverse possession in India, including how it works and its enforcement.

Companies Act 2013 Section 171

Companies Act 2013 Section 171 mandates directors to disclose their interest in contracts or arrangements with the company.

Income Tax Act 1961 Section 115H

Income Tax Act, 1961 Section 115H deals with taxation of resident individuals who become non-residents in the previous year.

IPC Section 182

IPC Section 182 penalizes giving false information to public servants, hindering official duties.

Evidence Act 1872 Section 119

Evidence Act 1872 Section 119 defines the presumption of ownership when possession of property is proved.

Is Zerodha Legal In India

Zerodha is legal in India as a registered stockbroker regulated by SEBI, complying with all financial laws and regulations.

IPC Section 232

IPC Section 232 covers the procedure for sentencing when a person is convicted of an offence, detailing how courts pronounce and record sentences.

Evidence Act 1872 Section 68

Evidence Act 1872 Section 68 governs the admissibility of electronic records as evidence in Indian courts.

Income Tax Act 1961 Section 245D

Income Tax Act, 1961 Section 245D details the procedure for adjustment of refund against outstanding tax demands.

Is Gel Plates Legal In India

Gel plates are legal in India with no specific restrictions, but usage must comply with general safety and import regulations.

CrPC Section 75

CrPC Section 75 details the procedure for issuing summons to witnesses to attend court proceedings.

Is Using Spotify In India Using Hola Legal

Using Spotify in India with Hola VPN is conditionally legal but may breach Spotify's terms and risk service disruption.

Companies Act 2013 Section 249

Companies Act 2013 Section 249 governs the right of shareholders to requisition a general meeting in Indian companies.

Is Online Legal India Genuine Company

Understand the legal status and authenticity of Online Legal India as a company in India.

Is It Legal To Take Logo Online In India

Taking logos online in India is legal if you respect copyright and trademark laws and avoid unauthorized use.

Income Tax Act 1961 Section 129

Income Tax Act Section 129 deals with detention, seizure, and release of books of account and assets during income tax searches.

Is Service Agreement Legal In India

Understand the legality of service agreements in India, their enforceability, and key considerations under Indian law.

Is Cross Gender Massage Legal In India

Cross gender massage is legal in India with regulations; professional conduct and consent are key to lawful practice.

CPC Section 58

CPC Section 58 defines the procedure for service of summons to defendants in civil suits.

Negotiable Instruments Act 1881 Section 39

Negotiable Instruments Act, 1881 Section 39 defines the liability of the drawee of a bill of exchange upon acceptance.

CGST Act 2017 Section 14

Detailed guide on Central Goods and Services Tax Act, 2017 Section 14 covering determination of time of supply under CGST Act.

CPC Section 93

CPC Section 93 empowers courts to summon witnesses, compel attendance, and enforce evidence production in civil suits.

Negotiable Instruments Act 1881 Section 17

Negotiable Instruments Act, 1881 Section 17 defines the holder in due course and their rights under negotiable instruments law.

IPC Section 470

IPC Section 470 defines the offence of using a forged document as genuine, outlining its scope and punishment.

bottom of page