top of page

Information Technology Act 2000 Section 24

IT Act Section 24 defines the power to issue directions by the Controller for secure electronic records and digital signatures.

Section 24 of the Information Technology Act, 2000 empowers the Controller of Certifying Authorities to issue directions to ensure the security and authenticity of electronic records and digital signatures. This section plays a vital role in maintaining trust in electronic transactions by regulating how digital signatures are managed and used.

In today's digital world, where electronic communication and e-commerce are widespread, Section 24 helps safeguard users, businesses, and government agencies from fraud and misuse of digital signatures. It ensures that digital signatures remain reliable and legally valid, supporting secure electronic governance and commerce.

Information Technology Act Section 24 – Exact Provision

This section grants the Controller authority to issue written directions to certifying authorities, subscribers, or any person using digital signatures. The goal is to secure electronic records and digital signatures, ensuring their integrity and preventing misuse.

  • Empowers the Controller to issue security directions.

  • Applies to certifying authorities and digital signature users.

  • Aims to protect electronic records and digital signatures.

  • Supports the integrity of electronic transactions.

  • Ensures compliance with digital signature standards.

Explanation of Information Technology Act Section 24

Section 24 authorizes the Controller to regulate digital signature use by issuing necessary directions.

  • States that the Controller can issue written directions.

  • Applies to certifying authorities, subscribers, and other digital signature users.

  • Triggered when security or authenticity concerns arise.

  • Legal criteria focus on securing electronic records and digital signatures.

  • Allows directions to maintain trust and prevent fraud.

  • Prohibits actions that compromise digital signature security.

Purpose and Rationale of IT Act Section 24

This section ensures that digital signatures and electronic records remain secure and trustworthy. It empowers the Controller to act proactively against risks and maintain the legal sanctity of electronic transactions.

  • Protects users in the digital signature ecosystem.

  • Prevents misuse and fraud involving digital signatures.

  • Ensures secure electronic transactions and records.

  • Regulates behaviour of certifying authorities and users.

When IT Act Section 24 Applies

Section 24 applies whenever the Controller identifies the need to issue directions to secure digital signatures or electronic records. It is invoked to maintain system integrity and user trust.

  • When security threats to digital signatures arise.

  • Controller or government invokes the section.

  • Requires evidence of risk or misuse.

  • Relevant to electronic records, digital signatures, and certification.

  • Exceptions may apply if directions conflict with other laws.

Legal Effect of IT Act Section 24

Section 24 creates a regulatory framework empowering the Controller to issue binding directions. It restricts actions that compromise digital signature security and enforces compliance among certifying authorities and users. Non-compliance can lead to penalties under the Act and affect the validity of electronic records.

  • Creates rights for the Controller to regulate digital signatures.

  • Restricts misuse or insecure handling of digital signatures.

  • Penalties may apply for non-compliance.

Nature of Offence or Liability under IT Act Section 24

This section primarily imposes regulatory compliance obligations. Failure to follow the Controller's directions may lead to civil or criminal liability under related provisions of the IT Act. The offences are generally non-cognizable but serious for maintaining digital trust.

  • Regulatory compliance obligation.

  • Non-compliance can lead to penalties.

  • Offence is generally non-cognizable.

  • Arrest usually requires warrant.

Stage of Proceedings Where IT Act Section 24 Applies

Section 24 is relevant during regulatory oversight and enforcement stages. The Controller may investigate, collect evidence, and issue directions. Compliance monitoring and legal proceedings may follow if directions are ignored.

  • Investigation by Controller or authorities.

  • Collection of digital evidence and records.

  • Issuance of directions to concerned parties.

  • Filing complaints for non-compliance.

  • Trial and appeal in case of disputes.

Penalties and Consequences under IT Act Section 24

While Section 24 itself does not specify penalties, failure to comply with the Controller's directions can attract penalties under other sections of the IT Act. This includes fines, suspension of certification, or prosecution for offences related to digital signatures.

  • Fines for non-compliance.

  • Suspension or cancellation of certification.

  • Liability for certifying authorities and users.

  • Possible compensation claims.

Example of IT Act Section 24 in Practical Use

Consider a certifying authority "X" that fails to update its security protocols despite warnings from the Controller. The Controller issues directions under Section 24 to enhance security. If "X" ignores these directions, it risks suspension and legal action. This ensures that digital signatures issued remain trustworthy and secure.

  • Controller's directions ensure security compliance.

  • Non-compliance risks certification suspension and penalties.

Historical Background of IT Act Section 24

The IT Act, 2000 was introduced to regulate electronic commerce and digital signatures. Section 24 was designed to empower the Controller to maintain security standards. The 2008 Amendment enhanced regulatory powers to address evolving cyber threats and improve trust in digital transactions.

  • Introduced to regulate digital signatures and e-commerce.

  • Amended in 2008 to strengthen Controller's powers.

  • Evolved with technological advancements and cyber threats.

Modern Relevance of IT Act Section 24

In 2026, with the rise of fintech, digital identity, and online payments, Section 24 remains crucial. It supports cybersecurity by enabling the Controller to enforce security measures. It also addresses challenges in social media and intermediary liability by securing digital signatures.

  • Supports digital evidence integrity.

  • Enhances online safety and trust.

  • Addresses enforcement challenges in cyberspace.

Related Sections

  • IT Act Section 23 – Duties of Certifying Authorities.

  • IT Act Section 25 – Suspension and revocation of certificates.

  • IT Act Section 43A – Compensation for data protection failures.

  • IT Act Section 66 – Computer-related offences.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • IPC Section 420 – Cheating, relevant for digital fraud.

Case References under IT Act Section 24

No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 24

  • Section: 24

  • Title: Controller's Directions

  • Category: Digital Signature Regulation

  • Applies To: Certifying Authorities, Subscribers, Digital Signature Users

  • Stage: Regulatory Oversight, Investigation, Compliance

  • Legal Effect: Empowers Controller to issue binding directions

  • Penalties: Fines, Certification Suspension, Legal Action

Conclusion on IT Act Section 24

Section 24 is a key regulatory provision empowering the Controller to issue directions for securing electronic records and digital signatures. This authority helps maintain trust and integrity in electronic transactions, which is essential in the digital economy.

By enabling proactive security measures and compliance enforcement, Section 24 supports the safe use of digital signatures. It protects users, businesses, and government agencies from fraud and misuse, ensuring the continued growth of secure digital communication and commerce.

FAQs on IT Act Section 24

What authority does Section 24 grant to the Controller?

Section 24 authorizes the Controller to issue written directions to certifying authorities, subscribers, or any digital signature users to secure electronic records and digital signatures.

Who must comply with the directions issued under Section 24?

Certifying authorities, subscribers, and any person using digital signatures must comply with the Controller's directions to ensure security and authenticity.

Are there penalties for not following Section 24 directions?

Yes, non-compliance can lead to penalties such as fines, suspension of certification, or legal action under related provisions of the IT Act.

Does Section 24 apply to all electronic records?

Section 24 specifically relates to electronic records and digital signatures that require security and authenticity measures under the IT Act.

How does Section 24 impact digital transactions?

By empowering the Controller to issue security directions, Section 24 ensures that digital signatures used in electronic transactions remain reliable and legally valid, enhancing trust.

Get a Free Legal Consultation

Reading about legal issues is just the first step. Let us connect you with a verified lawyer who specialises in exactly what you need.

K_gYgciFRGKYrIgrlwTBzQ_2k.webp

Related Sections

IPC Section 4

IPC Section 4 defines the extension of the Indian Penal Code to extra-territorial offences committed by Indian citizens or against Indian interests.

Is Quran Legal In India

Understand the legal status of the Quran in India, including rights, restrictions, and enforcement realities.

Are Fantacy Leaugues Legal In India

Fantasy leagues are conditionally legal in India, regulated under skill game laws and subject to state-specific rules.

IPC Section 302

IPC Section 302 defines punishment for murder, outlining legal consequences and scope of this grave offence.

Is Phenibut Legal In India

Phenibut is not legally approved in India and its sale or use is unregulated, with potential risks and enforcement challenges.

Income Tax Act 1961 Section 44BBB

Income Tax Act Section 44BBB prescribes presumptive taxation for non-resident professionals providing technical services in India.

Negotiable Instruments Act 1881 Section 30

Negotiable Instruments Act, 1881 Section 30 defines the liability of the acceptor of a bill of exchange upon acceptance.

CGST Act 2017 Section 166

Detailed guide on Central Goods and Services Tax Act, 2017 Section 166 covering appeals to Appellate Authority for Advance Ruling.

IPC Section 340

IPC Section 340 defines wrongful confinement by a person in authority, focusing on unlawful restraint by public servants or officials.

Companies Act 2013 Section 72

Companies Act 2013 Section 72 governs the procedure for making nominations by shareholders and depositors in Indian companies.

IPC Section 46

IPC Section 46 defines the right of private defense of the body, detailing when and how force may be used to protect oneself.

Companies Act 2013 Section 26

Companies Act 2013 Section 26 governs alteration of memorandum of association by companies in India.

CrPC Section 194

CrPC Section 194 defines punishment for giving false evidence, ensuring integrity of judicial proceedings.

Information Technology Act 2000 Section 66F

IT Act Section 66F defines cyber terrorism offences and penalties for acts threatening digital security and public safety.

Negotiable Instruments Act 1881 Section 124

Negotiable Instruments Act, 1881 Section 124 defines 'holder in due course' and its significance in negotiable instruments law.

CrPC Section 133

CrPC Section 133 empowers magistrates to prevent public nuisance by ordering removal of obstructions or nuisances.

Companies Act 2013 Section 129

Companies Act 2013 Section 129 mandates preparation and presentation of financial statements by companies in India.

IPC Section 408

IPC Section 408 defines criminal breach of trust by a clerk or servant, covering misuse of entrusted property.

Consumer Protection Act 2019 Section 107

Consumer Protection Act 2019 Section 107 details the power of the Central Government to make rules for effective consumer protection.

Companies Act 2013 Section 42

Companies Act 2013 Section 42 governs private placement of securities and related compliance requirements.

IPC Section 463

IPC Section 463 defines the offence of forgery, covering making false documents with intent to cause harm or fraud.

Income Tax Act 1961 Section 276B

Income Tax Act Section 276B deals with prosecution for failure to pay tax deducted at source (TDS).

Income Tax Act 1961 Section 278AB

Income Tax Act, 1961 Section 278AB empowers authorities to attach property for tax recovery and enforcement.

Is Instarem Legal In India

Instarem is legal in India as a regulated money transfer service under RBI guidelines with compliance requirements.

Income Tax Act 1961 Section 184

Section 184 of the Income Tax Act 1961 deals with penalties for failure to furnish return of income in India.

Is Camping Legal In India

Camping in India is generally legal with permissions in protected areas; rules vary by location and enforcement can be strict in national parks.

Companies Act 2013 Section 338

Companies Act 2013 Section 338 governs the power of the Tribunal to grant relief in cases of oppression and mismanagement.

bottom of page