top of page

Information Technology Act 2000 Section 35

IT Act Section 35 empowers the Controller to grant or refuse digital signature certificates, ensuring secure electronic authentication.

Section 35 of the Information Technology Act, 2000, deals with the powers of the Controller regarding digital signature certificates. It authorises the Controller to grant, suspend, or revoke such certificates to ensure secure and reliable electronic authentication. This section plays a vital role in maintaining trust in digital transactions and securing electronic communications.

In today's digital world, where electronic signatures and online authentication are widespread, Section 35 ensures that certificates are issued and managed properly. It impacts users, businesses, and law enforcement by providing a legal framework for digital identity verification and preventing misuse of digital signatures.

Information Technology Act Section 35 – Exact Provision

This section empowers the Controller to demand necessary information before issuing a digital signature certificate. It also allows suspension or revocation of certificates if required. This ensures that only valid and trustworthy certificates are active, maintaining the integrity of digital signatures.

  • Controller can request prescribed documents before issuing certificates.

  • Authority to suspend or revoke certificates with written reasons.

  • Ensures trustworthiness of digital signature certificates.

  • Supports secure electronic authentication.

  • Protects against misuse of digital signatures.

Explanation of Information Technology Act Section 35

This section defines the Controller’s authority over digital signature certificates.

  • The Controller must verify information before issuing certificates.

  • Applies to the Controller of Certifying Authorities (CCA).

  • Triggered when a certificate is requested, suspended, or revoked.

  • Legal criteria include prescribed documents and valid reasons for suspension or revocation.

  • Allows issuance, suspension, or cancellation of certificates.

  • Prohibits misuse by enabling revocation of compromised certificates.

Purpose and Rationale of IT Act Section 35

Section 35 aims to maintain the reliability of digital signature certificates by empowering the Controller to regulate their issuance and validity.

  • Protects users by ensuring certificates are issued after proper verification.

  • Prevents cyber fraud through suspension or revocation of certificates.

  • Supports secure electronic transactions and communications.

  • Regulates digital signature providers to uphold trust.

When IT Act Section 35 Applies

This section applies whenever a digital signature certificate is issued, suspended, or revoked by the Controller.

  • During application for a digital signature certificate.

  • If the Controller suspects misuse or invalidity.

  • When a certificate needs to be cancelled or suspended.

  • Invoked by the Controller of Certifying Authorities.

  • Requires evidence such as prescribed documents and valid reasons.

  • Relevant to digital authentication and electronic records.

  • Exceptions include certificates issued by other authorised entities under the Act.

Legal Effect of IT Act Section 35

Section 35 creates the Controller’s legal authority to regulate digital signature certificates, affecting rights and liabilities of certificate holders and issuers. It restricts the use of invalid or compromised certificates and imposes penalties for misuse under related provisions.

The section interacts with other IT Act provisions on digital signatures and electronic authentication. It supports enforcement by enabling revocation of certificates that threaten security.

  • Grants Controller power to issue, suspend, or revoke certificates.

  • Restricts use of invalid digital signatures.

  • Supports prosecution of misuse under IT Act and IPC.

Nature of Offence or Liability under IT Act Section 35

Section 35 primarily imposes regulatory compliance obligations on the Controller and certifying authorities. It does not create a direct offence but enables actions to prevent misuse of digital signature certificates.

The section supports criminal liability under other IT Act provisions if misuse occurs. It is non-cognizable regarding certificate management but may lead to cognizable offences if fraud is detected.

  • Regulatory compliance for certificate issuance.

  • Supports criminal liability for misuse under related sections.

  • Non-cognizable for certificate suspension or revocation.

  • No arrest without warrant related to certificate management.

Stage of Proceedings Where IT Act Section 35 Applies

Section 35 is relevant during the administrative and investigative stages of digital signature certificate management.

  • Investigation of certificate validity or misuse.

  • Collection of documents and information for issuance.

  • Filing complaints regarding certificate misuse.

  • Trial for offences involving digital signatures.

  • Appeal against suspension or revocation decisions.

Penalties and Consequences under IT Act Section 35

While Section 35 itself does not prescribe penalties, it enables actions that prevent misuse of digital signature certificates. Misuse or fraudulent use of certificates may attract penalties under other IT Act sections.

Corporate entities and intermediaries must comply with certificate regulations to avoid legal consequences. Compensation claims may arise from damages caused by invalid certificates.

  • Suspension or revocation of certificates by Controller.

  • Penalties under related IT Act provisions for misuse.

  • Corporate liability for failing to maintain certificate integrity.

  • Possible compensation for affected parties.

Example of IT Act Section 35 in Practical Use

Mr. X applies for a digital signature certificate to sign electronic contracts. The Controller requests prescribed documents to verify his identity. Later, if the Controller discovers that Mr. X’s certificate was compromised, they suspend the certificate with written reasons. This prevents fraudulent use of Mr. X’s digital signature, protecting businesses relying on electronic authentication.

  • Ensures only verified individuals receive certificates.

  • Prevents misuse by timely suspension or revocation.

Historical Background of IT Act Section 35

The IT Act, 2000 was introduced to regulate electronic commerce and digital signatures. Section 35 was crafted to empower the Controller to manage digital signature certificates effectively.

The IT Amendment Act, 2008 enhanced provisions related to digital signatures and certifying authorities. Over time, interpretation has evolved to address emerging cybersecurity challenges.

  • Introduced to regulate digital signature issuance.

  • Amended in 2008 for stronger control mechanisms.

  • Evolved with technological advancements in digital security.

Modern Relevance of IT Act Section 35

In 2026, cybersecurity and digital identity are critical. Section 35 remains vital for ensuring trust in digital transactions, especially with increased online payments and fintech growth.

It supports enforcement of digital signature integrity amid social media and intermediary reforms, safeguarding digital evidence and online safety.

  • Ensures validity of digital evidence.

  • Supports online safety through certificate management.

  • Addresses enforcement challenges in digital authentication.

Related Sections

  • IT Act Section 34 – Functions of Controller of Certifying Authorities.

  • IT Act Section 36 – Duties of Certifying Authorities.

  • IT Act Section 39 – Suspension and revocation of digital signature certificates.

  • IT Act Section 43 – Penalty for unauthorised access and data theft.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • IPC Section 463 – Forgery, relevant for digital signature misuse.

Case References under IT Act Section 35

  1. No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 35

  • Section: 35

  • Title: Controller’s Power on Digital Signature Certificates

  • Category: Digital Signature Regulation

  • Applies To: Controller of Certifying Authorities, certificate applicants

  • Stage: Certificate issuance, suspension, revocation

  • Legal Effect: Grants Controller authority to regulate certificates

  • Penalties: Suspension/revocation of certificates; misuse penalised under other sections

Conclusion on IT Act Section 35

Section 35 is a cornerstone provision that empowers the Controller to maintain the integrity of digital signature certificates. By requiring prescribed information and enabling suspension or revocation, it protects the digital ecosystem from fraudulent electronic authentication.

This section supports trust in electronic transactions, benefiting individuals, businesses, and law enforcement. Its regulatory framework is essential for secure digital communication and preventing cybercrime related to digital signatures.

FAQs on IT Act Section 35

What authority does the Controller have under Section 35?

The Controller can request necessary documents before issuing digital signature certificates and has the power to suspend or revoke certificates with written reasons.

Who does Section 35 apply to?

It applies primarily to the Controller of Certifying Authorities and individuals or entities seeking digital signature certificates.

Can a digital signature certificate be revoked under this section?

Yes, the Controller may suspend or revoke any digital signature certificate for valid reasons recorded in writing.

Does Section 35 impose penalties for misuse?

Section 35 itself does not prescribe penalties but supports actions that prevent misuse; penalties arise under other related IT Act provisions.

Why is Section 35 important in digital transactions?

It ensures that digital signature certificates are issued and managed securely, maintaining trust and preventing fraud in electronic communications.

Related Sections

Evidence Act 1872 Section 136

Evidence Act 1872 Section 136 empowers courts to exclude evidence if its probative value is outweighed by unfair prejudice or delay.

IPC Section 136

IPC Section 136 mandates the attendance of witnesses in court to ensure justice through truthful testimony.

Evidence Act 1872 Section 28

Evidence Act 1872 Section 28 defines the rule against hearsay, restricting secondhand statements to ensure reliable evidence in court.

CrPC Section 151

CrPC Section 151 empowers police to arrest without warrant to prevent a cognizable offence from occurring.

IPC Section 422

IPC Section 422 defines wrongful restraint, covering unlawful obstruction of a person's movement and its legal implications.

IPC Section 215

IPC Section 215 defines the offence of concealing a document or electronic record to cause damage or injury.

IPC Section 305

IPC Section 305 addresses abetment of suicide by a child or insane person, outlining punishment and legal scope.

IPC Section 177

IPC Section 177 defines punishment for knowingly disobeying an order lawfully promulgated by a public servant.

IPC Section 387

IPC Section 387 defines extortion by putting a person in fear of death or grievous hurt to obtain property.

Evidence Act 1872 Section 93

Evidence Act 1872 Section 93 governs the exclusion of evidence obtained illegally or unfairly, ensuring justice and fairness in trials.

Evidence Act 1872 Section 88

Evidence Act 1872 Section 88 protects official communications from being disclosed without authority, ensuring confidentiality in public service.

CrPC Section 251

CrPC Section 251 covers the procedure for issuing summons to accused persons in summons cases, ensuring proper notice before trial.

IPC Section 459

IPC Section 459 defines house-trespass in a building used as a human dwelling or for custody of property, focusing on unlawful entry.

Evidence Act 1872 Section 125

Evidence Act 1872 Section 125 defines the admissibility of confessions made to police officers, protecting against coerced evidence.

Consumer Protection Act 2019 Section 2(27)

Consumer Protection Act 2019 Section 2(27) defines unfair contract terms protecting consumers from exploitative agreements.

Evidence Act 1872 Section 157

Evidence Act 1872 Section 157 defines the term 'confession' and its significance in legal proceedings.

CrPC Section 483

CrPC Section 483 outlines the procedure for issuing summons to accused persons in criminal cases.

CrPC Section 454

CrPC Section 454 defines the offence of lurking house-trespass or house-breaking in order to commit an offence punishable with imprisonment.

Consumer Protection Act 2019 Section 102

Consumer Protection Act 2019 Section 102 outlines penalties for false or misleading advertisements to protect consumers.

CrPC Section 325

CrPC Section 325 details punishment for voluntarily causing grievous hurt, outlining legal consequences and procedural aspects.

CrPC Section 97

CrPC Section 97 empowers police to seize property connected to a cognizable offence to aid investigation and prevent misuse.

CPC Section 116

CPC Section 116 details the procedure for examination of witnesses in civil trials, ensuring fair evidence recording.

CPC Section 82

CPC Section 82 details the procedure for arresting a judgment-debtor to enforce a decree.

Information Technology Act 2000 Section 32

IT Act Section 32 mandates secure electronic records and digital signatures for legal recognition in electronic transactions.

Contract Act 1872 Section 39

Contract Act 1872 Section 39 explains the effect of refusal to perform promise wholly or in part.

CPC Section 85

CPC Section 85 details the procedure for filing written statements when the defendant is absent or evading service.

Consumer Protection Act 2019 Section 2(13)

Consumer Protection Act 2019 Section 2(13) defines 'defect' in goods, crucial for consumer rights and product liability claims.

bottom of page