top of page

Information Technology Act 2000 Section 24

IT Act Section 24 defines the power to issue directions by the Controller for secure electronic records and digital signatures.

Section 24 of the Information Technology Act, 2000 empowers the Controller of Certifying Authorities to issue directions to ensure the security and authenticity of electronic records and digital signatures. This section plays a vital role in maintaining trust in electronic transactions by regulating how digital signatures are managed and used.

In today's digital world, where electronic communication and e-commerce are widespread, Section 24 helps safeguard users, businesses, and government agencies from fraud and misuse of digital signatures. It ensures that digital signatures remain reliable and legally valid, supporting secure electronic governance and commerce.

Information Technology Act Section 24 – Exact Provision

This section grants the Controller authority to issue written directions to certifying authorities, subscribers, or any person using digital signatures. The goal is to secure electronic records and digital signatures, ensuring their integrity and preventing misuse.

  • Empowers the Controller to issue security directions.

  • Applies to certifying authorities and digital signature users.

  • Aims to protect electronic records and digital signatures.

  • Supports the integrity of electronic transactions.

  • Ensures compliance with digital signature standards.

Explanation of Information Technology Act Section 24

Section 24 authorizes the Controller to regulate digital signature use by issuing necessary directions.

  • States that the Controller can issue written directions.

  • Applies to certifying authorities, subscribers, and other digital signature users.

  • Triggered when security or authenticity concerns arise.

  • Legal criteria focus on securing electronic records and digital signatures.

  • Allows directions to maintain trust and prevent fraud.

  • Prohibits actions that compromise digital signature security.

Purpose and Rationale of IT Act Section 24

This section ensures that digital signatures and electronic records remain secure and trustworthy. It empowers the Controller to act proactively against risks and maintain the legal sanctity of electronic transactions.

  • Protects users in the digital signature ecosystem.

  • Prevents misuse and fraud involving digital signatures.

  • Ensures secure electronic transactions and records.

  • Regulates behaviour of certifying authorities and users.

When IT Act Section 24 Applies

Section 24 applies whenever the Controller identifies the need to issue directions to secure digital signatures or electronic records. It is invoked to maintain system integrity and user trust.

  • When security threats to digital signatures arise.

  • Controller or government invokes the section.

  • Requires evidence of risk or misuse.

  • Relevant to electronic records, digital signatures, and certification.

  • Exceptions may apply if directions conflict with other laws.

Legal Effect of IT Act Section 24

Section 24 creates a regulatory framework empowering the Controller to issue binding directions. It restricts actions that compromise digital signature security and enforces compliance among certifying authorities and users. Non-compliance can lead to penalties under the Act and affect the validity of electronic records.

  • Creates rights for the Controller to regulate digital signatures.

  • Restricts misuse or insecure handling of digital signatures.

  • Penalties may apply for non-compliance.

Nature of Offence or Liability under IT Act Section 24

This section primarily imposes regulatory compliance obligations. Failure to follow the Controller's directions may lead to civil or criminal liability under related provisions of the IT Act. The offences are generally non-cognizable but serious for maintaining digital trust.

  • Regulatory compliance obligation.

  • Non-compliance can lead to penalties.

  • Offence is generally non-cognizable.

  • Arrest usually requires warrant.

Stage of Proceedings Where IT Act Section 24 Applies

Section 24 is relevant during regulatory oversight and enforcement stages. The Controller may investigate, collect evidence, and issue directions. Compliance monitoring and legal proceedings may follow if directions are ignored.

  • Investigation by Controller or authorities.

  • Collection of digital evidence and records.

  • Issuance of directions to concerned parties.

  • Filing complaints for non-compliance.

  • Trial and appeal in case of disputes.

Penalties and Consequences under IT Act Section 24

While Section 24 itself does not specify penalties, failure to comply with the Controller's directions can attract penalties under other sections of the IT Act. This includes fines, suspension of certification, or prosecution for offences related to digital signatures.

  • Fines for non-compliance.

  • Suspension or cancellation of certification.

  • Liability for certifying authorities and users.

  • Possible compensation claims.

Example of IT Act Section 24 in Practical Use

Consider a certifying authority "X" that fails to update its security protocols despite warnings from the Controller. The Controller issues directions under Section 24 to enhance security. If "X" ignores these directions, it risks suspension and legal action. This ensures that digital signatures issued remain trustworthy and secure.

  • Controller's directions ensure security compliance.

  • Non-compliance risks certification suspension and penalties.

Historical Background of IT Act Section 24

The IT Act, 2000 was introduced to regulate electronic commerce and digital signatures. Section 24 was designed to empower the Controller to maintain security standards. The 2008 Amendment enhanced regulatory powers to address evolving cyber threats and improve trust in digital transactions.

  • Introduced to regulate digital signatures and e-commerce.

  • Amended in 2008 to strengthen Controller's powers.

  • Evolved with technological advancements and cyber threats.

Modern Relevance of IT Act Section 24

In 2026, with the rise of fintech, digital identity, and online payments, Section 24 remains crucial. It supports cybersecurity by enabling the Controller to enforce security measures. It also addresses challenges in social media and intermediary liability by securing digital signatures.

  • Supports digital evidence integrity.

  • Enhances online safety and trust.

  • Addresses enforcement challenges in cyberspace.

Related Sections

  • IT Act Section 23 – Duties of Certifying Authorities.

  • IT Act Section 25 – Suspension and revocation of certificates.

  • IT Act Section 43A – Compensation for data protection failures.

  • IT Act Section 66 – Computer-related offences.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • IPC Section 420 – Cheating, relevant for digital fraud.

Case References under IT Act Section 24

No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 24

  • Section: 24

  • Title: Controller's Directions

  • Category: Digital Signature Regulation

  • Applies To: Certifying Authorities, Subscribers, Digital Signature Users

  • Stage: Regulatory Oversight, Investigation, Compliance

  • Legal Effect: Empowers Controller to issue binding directions

  • Penalties: Fines, Certification Suspension, Legal Action

Conclusion on IT Act Section 24

Section 24 is a key regulatory provision empowering the Controller to issue directions for securing electronic records and digital signatures. This authority helps maintain trust and integrity in electronic transactions, which is essential in the digital economy.

By enabling proactive security measures and compliance enforcement, Section 24 supports the safe use of digital signatures. It protects users, businesses, and government agencies from fraud and misuse, ensuring the continued growth of secure digital communication and commerce.

FAQs on IT Act Section 24

What authority does Section 24 grant to the Controller?

Section 24 authorizes the Controller to issue written directions to certifying authorities, subscribers, or any digital signature users to secure electronic records and digital signatures.

Who must comply with the directions issued under Section 24?

Certifying authorities, subscribers, and any person using digital signatures must comply with the Controller's directions to ensure security and authenticity.

Are there penalties for not following Section 24 directions?

Yes, non-compliance can lead to penalties such as fines, suspension of certification, or legal action under related provisions of the IT Act.

Does Section 24 apply to all electronic records?

Section 24 specifically relates to electronic records and digital signatures that require security and authenticity measures under the IT Act.

How does Section 24 impact digital transactions?

By empowering the Controller to issue security directions, Section 24 ensures that digital signatures used in electronic transactions remain reliable and legally valid, enhancing trust.

Related Sections

IPC Section 431

IPC Section 431 punishes mischief by fire or explosive substance with intent to cause damage to property.

IPC Section 510

IPC Section 510 addresses intentional insult or interruption with intent to provoke breach of peace, ensuring public order protection.

Companies Act 2013 Section 29

Companies Act 2013 Section 29 governs the voting rights of shareholders in company meetings.

CrPC Section 470

CrPC Section 470 deals with the procedure when a person is tried for an offence not punishable under the law.

CrPC Section 328

CrPC Section 328 defines the offence of causing hurt to extort property or to compel restoration of property.

Companies Act 2013 Section 142

Companies Act 2013 Section 142 governs the powers and duties of company auditors in India.

CrPC Section 278

CrPC Section 278 details the procedure for issuing search warrants by Magistrates to recover stolen or unlawfully obtained property.

IPC Section 70

IPC Section 70 covers the offence of threatening a public servant to deter them from duty, ensuring protection of lawful public functions.

CrPC Section 306

CrPC Section 306 deals with abetment of suicide, outlining legal consequences and procedural aspects under Indian law.

IPC Section 361

IPC Section 361 defines the offence of kidnapping from lawful guardianship, protecting minors and others from unlawful removal.

Evidence Act 1872 Section 105

Evidence Act 1872 Section 105 explains the burden of proof for possession of stolen property, shifting it to the accused under specific conditions.

Evidence Act 1872 Section 85C

Evidence Act 1872 Section 85C covers the presumption of electronic records' authenticity, crucial for digital evidence admissibility in courts.

CrPC Section 461

CrPC Section 461 details the procedure for the disposal of unclaimed property by the police or magistrate.

CrPC Section 188

CrPC Section 188 deals with punishment for disobedience to an order lawfully promulgated by a public servant.

CrPC Section 45

CrPC Section 45 defines the role and powers of the Public Prosecutor in criminal trials and proceedings.

Consumer Protection Act 2019 Section 2(18)

Consumer Protection Act 2019 Section 2(18) defines 'defect' in goods, crucial for consumer rights and product liability claims.

IPC Section 335

IPC Section 335 covers causing grievous hurt by act endangering life or personal safety, defining punishment and scope.

Evidence Act 1872 Section 7

Evidence Act 1872 Section 7 defines the rule of 'Judicial Notice' where courts accept certain facts without requiring proof.

IPC Section 405

IPC Section 405 defines criminal breach of trust, covering dishonest misappropriation of property entrusted to a person.

Companies Act 2013 Section 92

Companies Act 2013 Section 92 mandates annual return filing requirements for companies in India.

Information Technology Act 2000 Section 5

IT Act Section 5 defines the scope and territorial application of the Information Technology Act, 2000 in India.

Evidence Act 1872 Section 61

Evidence Act 1872 Section 61 defines the competency of witnesses, outlining who may testify in court and its significance in legal proceedings.

Consumer Protection Act 2019 Section 21

Consumer Protection Act 2019 Section 21 details the procedure for filing complaints before Consumer Commissions.

Companies Act 2013 Section 12

Companies Act 2013 Section 12 governs the registered office of a company and its official address requirements.

CrPC Section 445

CrPC Section 445 details the procedure for attachment and sale of movable property when a person fails to pay fine imposed by a court.

CrPC Section 157

CrPC Section 157 details the procedure for police to register an FIR and begin investigation upon receiving information about a cognizable offence.

Companies Act 2013 Section 134

Companies Act 2013 Section 134 mandates the preparation and approval of financial statements by the Board of Directors.

bottom of page