top of page

Information Technology Act 2000 Section 35

IT Act Section 35 empowers the Controller to grant or refuse digital signature certificates, ensuring secure electronic authentication.

Section 35 of the Information Technology Act, 2000, deals with the powers of the Controller regarding digital signature certificates. It authorises the Controller to grant, suspend, or revoke such certificates to ensure secure and reliable electronic authentication. This section plays a vital role in maintaining trust in digital transactions and securing electronic communications.

In today's digital world, where electronic signatures and online authentication are widespread, Section 35 ensures that certificates are issued and managed properly. It impacts users, businesses, and law enforcement by providing a legal framework for digital identity verification and preventing misuse of digital signatures.

Information Technology Act Section 35 – Exact Provision

This section empowers the Controller to demand necessary information before issuing a digital signature certificate. It also allows suspension or revocation of certificates if required. This ensures that only valid and trustworthy certificates are active, maintaining the integrity of digital signatures.

  • Controller can request prescribed documents before issuing certificates.

  • Authority to suspend or revoke certificates with written reasons.

  • Ensures trustworthiness of digital signature certificates.

  • Supports secure electronic authentication.

  • Protects against misuse of digital signatures.

Explanation of Information Technology Act Section 35

This section defines the Controller’s authority over digital signature certificates.

  • The Controller must verify information before issuing certificates.

  • Applies to the Controller of Certifying Authorities (CCA).

  • Triggered when a certificate is requested, suspended, or revoked.

  • Legal criteria include prescribed documents and valid reasons for suspension or revocation.

  • Allows issuance, suspension, or cancellation of certificates.

  • Prohibits misuse by enabling revocation of compromised certificates.

Purpose and Rationale of IT Act Section 35

Section 35 aims to maintain the reliability of digital signature certificates by empowering the Controller to regulate their issuance and validity.

  • Protects users by ensuring certificates are issued after proper verification.

  • Prevents cyber fraud through suspension or revocation of certificates.

  • Supports secure electronic transactions and communications.

  • Regulates digital signature providers to uphold trust.

When IT Act Section 35 Applies

This section applies whenever a digital signature certificate is issued, suspended, or revoked by the Controller.

  • During application for a digital signature certificate.

  • If the Controller suspects misuse or invalidity.

  • When a certificate needs to be cancelled or suspended.

  • Invoked by the Controller of Certifying Authorities.

  • Requires evidence such as prescribed documents and valid reasons.

  • Relevant to digital authentication and electronic records.

  • Exceptions include certificates issued by other authorised entities under the Act.

Legal Effect of IT Act Section 35

Section 35 creates the Controller’s legal authority to regulate digital signature certificates, affecting rights and liabilities of certificate holders and issuers. It restricts the use of invalid or compromised certificates and imposes penalties for misuse under related provisions.

The section interacts with other IT Act provisions on digital signatures and electronic authentication. It supports enforcement by enabling revocation of certificates that threaten security.

  • Grants Controller power to issue, suspend, or revoke certificates.

  • Restricts use of invalid digital signatures.

  • Supports prosecution of misuse under IT Act and IPC.

Nature of Offence or Liability under IT Act Section 35

Section 35 primarily imposes regulatory compliance obligations on the Controller and certifying authorities. It does not create a direct offence but enables actions to prevent misuse of digital signature certificates.

The section supports criminal liability under other IT Act provisions if misuse occurs. It is non-cognizable regarding certificate management but may lead to cognizable offences if fraud is detected.

  • Regulatory compliance for certificate issuance.

  • Supports criminal liability for misuse under related sections.

  • Non-cognizable for certificate suspension or revocation.

  • No arrest without warrant related to certificate management.

Stage of Proceedings Where IT Act Section 35 Applies

Section 35 is relevant during the administrative and investigative stages of digital signature certificate management.

  • Investigation of certificate validity or misuse.

  • Collection of documents and information for issuance.

  • Filing complaints regarding certificate misuse.

  • Trial for offences involving digital signatures.

  • Appeal against suspension or revocation decisions.

Penalties and Consequences under IT Act Section 35

While Section 35 itself does not prescribe penalties, it enables actions that prevent misuse of digital signature certificates. Misuse or fraudulent use of certificates may attract penalties under other IT Act sections.

Corporate entities and intermediaries must comply with certificate regulations to avoid legal consequences. Compensation claims may arise from damages caused by invalid certificates.

  • Suspension or revocation of certificates by Controller.

  • Penalties under related IT Act provisions for misuse.

  • Corporate liability for failing to maintain certificate integrity.

  • Possible compensation for affected parties.

Example of IT Act Section 35 in Practical Use

Mr. X applies for a digital signature certificate to sign electronic contracts. The Controller requests prescribed documents to verify his identity. Later, if the Controller discovers that Mr. X’s certificate was compromised, they suspend the certificate with written reasons. This prevents fraudulent use of Mr. X’s digital signature, protecting businesses relying on electronic authentication.

  • Ensures only verified individuals receive certificates.

  • Prevents misuse by timely suspension or revocation.

Historical Background of IT Act Section 35

The IT Act, 2000 was introduced to regulate electronic commerce and digital signatures. Section 35 was crafted to empower the Controller to manage digital signature certificates effectively.

The IT Amendment Act, 2008 enhanced provisions related to digital signatures and certifying authorities. Over time, interpretation has evolved to address emerging cybersecurity challenges.

  • Introduced to regulate digital signature issuance.

  • Amended in 2008 for stronger control mechanisms.

  • Evolved with technological advancements in digital security.

Modern Relevance of IT Act Section 35

In 2026, cybersecurity and digital identity are critical. Section 35 remains vital for ensuring trust in digital transactions, especially with increased online payments and fintech growth.

It supports enforcement of digital signature integrity amid social media and intermediary reforms, safeguarding digital evidence and online safety.

  • Ensures validity of digital evidence.

  • Supports online safety through certificate management.

  • Addresses enforcement challenges in digital authentication.

Related Sections

  • IT Act Section 34 – Functions of Controller of Certifying Authorities.

  • IT Act Section 36 – Duties of Certifying Authorities.

  • IT Act Section 39 – Suspension and revocation of digital signature certificates.

  • IT Act Section 43 – Penalty for unauthorised access and data theft.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • IPC Section 463 – Forgery, relevant for digital signature misuse.

Case References under IT Act Section 35

  1. No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 35

  • Section: 35

  • Title: Controller’s Power on Digital Signature Certificates

  • Category: Digital Signature Regulation

  • Applies To: Controller of Certifying Authorities, certificate applicants

  • Stage: Certificate issuance, suspension, revocation

  • Legal Effect: Grants Controller authority to regulate certificates

  • Penalties: Suspension/revocation of certificates; misuse penalised under other sections

Conclusion on IT Act Section 35

Section 35 is a cornerstone provision that empowers the Controller to maintain the integrity of digital signature certificates. By requiring prescribed information and enabling suspension or revocation, it protects the digital ecosystem from fraudulent electronic authentication.

This section supports trust in electronic transactions, benefiting individuals, businesses, and law enforcement. Its regulatory framework is essential for secure digital communication and preventing cybercrime related to digital signatures.

FAQs on IT Act Section 35

What authority does the Controller have under Section 35?

The Controller can request necessary documents before issuing digital signature certificates and has the power to suspend or revoke certificates with written reasons.

Who does Section 35 apply to?

It applies primarily to the Controller of Certifying Authorities and individuals or entities seeking digital signature certificates.

Can a digital signature certificate be revoked under this section?

Yes, the Controller may suspend or revoke any digital signature certificate for valid reasons recorded in writing.

Does Section 35 impose penalties for misuse?

Section 35 itself does not prescribe penalties but supports actions that prevent misuse; penalties arise under other related IT Act provisions.

Why is Section 35 important in digital transactions?

It ensures that digital signature certificates are issued and managed securely, maintaining trust and preventing fraud in electronic communications.

Get a Free Legal Consultation

Reading about legal issues is just the first step. Let us connect you with a verified lawyer who specialises in exactly what you need.

K_gYgciFRGKYrIgrlwTBzQ_2k.webp

Related Sections

IPC Section 299

IPC Section 299 defines culpable homicide and distinguishes it from other forms of homicide based on intention and knowledge.

IPC Section 445

IPC Section 445 defines house-trespass, covering unlawful entry into a property with intent to commit an offence or intimidate.

Evidence Act 1872 Section 33

Evidence Act 1872 Section 33 covers the relevancy of facts showing the existence of any state of mind, including intention, knowledge, and good faith.

Evidence Act 1872 Section 153

Evidence Act 1872 Section 153 defines the burden of proof for facts that a party asserts, specifying who must prove what in civil and criminal cases.

Income Tax Act 1961 Section 45

Income Tax Act Section 45 deals with capital gains arising from transfer of capital assets and their taxation.

Income Tax Act 1961 Section 285B

Income Tax Act, 1961 Section 285B mandates furnishing of annual information returns by specified entities for tax compliance.

Is Kodi Legal In India

Understand the legality of Kodi in India, including its lawful uses, restrictions, and enforcement realities.

CrPC Section 161

CrPC Section 161 details police powers to examine witnesses during investigation without oath or affirmation.

Evidence Act 1872 Section 18

Evidence Act 1872 Section 18 explains how admissions made by parties are relevant and admissible as evidence in legal proceedings.

Information Technology Act 2000 Section 42

IT Act Section 42 defines the power to intercept, monitor, and decrypt digital information for lawful investigation.

IPC Section 391

IPC Section 391 defines robbery and prescribes punishment for theft accompanied by violence or threat.

Is Book Of Mormon Legal In India

The Book of Mormon is legal in India with no restrictions on possession or distribution under Indian law.

Companies Act 2013 Section 35

Companies Act 2013 Section 35 governs the appointment and powers of inspectors for company investigations.

CPC Section 58

CPC Section 58 defines the procedure for service of summons to defendants in civil suits.

CrPC Section 14

CrPC Section 14 empowers police officers to investigate cognizable offences without prior magistrate approval.

CrPC Section 397

CrPC Section 397 outlines the procedure for revision against orders passed by criminal courts, ensuring judicial oversight.

Is Handwritten Will Legal In India

In India, handwritten wills (nuncupative wills) are legal if they meet specific requirements under the Indian Succession Act.

Companies Act 2013 Section 234

Companies Act 2013 Section 234 deals with the power of the Tribunal to grant relief in cases of oppression and mismanagement.

IPC Section 371

IPC Section 371 penalizes dishonestly or fraudulently withholding or disposing of property entrusted for a specific purpose.

Is Localbitcoin Com Is Legal In India

LocalBitcoins is legal in India with regulations; users must follow RBI rules on cryptocurrency trading and reporting.

IPC Section 501

IPC Section 501 defines criminal intimidation by an anonymous communication, addressing threats made without revealing identity.

Companies Act 2013 Section 321

Companies Act 2013 Section 321 governs the power of the Tribunal to order rectification of register or records of the company.

Is Black Magic Legal In India

Understand the legality of black magic in India, including laws, enforcement, and common misconceptions about supernatural practices.

Is Sniffing To All India Radio Is Legal

Sniffing All India Radio signals is illegal under Indian law with strict enforcement and no exceptions.

CrPC Section 465

CrPC Section 465 details the procedure for the destruction of seized property after legal proceedings conclude.

Companies Act 2013 Section 179

Companies Act 2013 Section 179 defines the powers of the Board of Directors in Indian companies.

Is Adult Sexting Legal In India

In India, adult sexting is legal with consent but can face restrictions under certain laws related to obscenity and privacy.

bottom of page