top of page

Information Technology Act 2000 Section 35

IT Act Section 35 empowers the Controller to grant or refuse digital signature certificates, ensuring secure electronic authentication.

Section 35 of the Information Technology Act, 2000, deals with the powers of the Controller regarding digital signature certificates. It authorises the Controller to grant, suspend, or revoke such certificates to ensure secure and reliable electronic authentication. This section plays a vital role in maintaining trust in digital transactions and securing electronic communications.

In today's digital world, where electronic signatures and online authentication are widespread, Section 35 ensures that certificates are issued and managed properly. It impacts users, businesses, and law enforcement by providing a legal framework for digital identity verification and preventing misuse of digital signatures.

Information Technology Act Section 35 – Exact Provision

This section empowers the Controller to demand necessary information before issuing a digital signature certificate. It also allows suspension or revocation of certificates if required. This ensures that only valid and trustworthy certificates are active, maintaining the integrity of digital signatures.

  • Controller can request prescribed documents before issuing certificates.

  • Authority to suspend or revoke certificates with written reasons.

  • Ensures trustworthiness of digital signature certificates.

  • Supports secure electronic authentication.

  • Protects against misuse of digital signatures.

Explanation of Information Technology Act Section 35

This section defines the Controller’s authority over digital signature certificates.

  • The Controller must verify information before issuing certificates.

  • Applies to the Controller of Certifying Authorities (CCA).

  • Triggered when a certificate is requested, suspended, or revoked.

  • Legal criteria include prescribed documents and valid reasons for suspension or revocation.

  • Allows issuance, suspension, or cancellation of certificates.

  • Prohibits misuse by enabling revocation of compromised certificates.

Purpose and Rationale of IT Act Section 35

Section 35 aims to maintain the reliability of digital signature certificates by empowering the Controller to regulate their issuance and validity.

  • Protects users by ensuring certificates are issued after proper verification.

  • Prevents cyber fraud through suspension or revocation of certificates.

  • Supports secure electronic transactions and communications.

  • Regulates digital signature providers to uphold trust.

When IT Act Section 35 Applies

This section applies whenever a digital signature certificate is issued, suspended, or revoked by the Controller.

  • During application for a digital signature certificate.

  • If the Controller suspects misuse or invalidity.

  • When a certificate needs to be cancelled or suspended.

  • Invoked by the Controller of Certifying Authorities.

  • Requires evidence such as prescribed documents and valid reasons.

  • Relevant to digital authentication and electronic records.

  • Exceptions include certificates issued by other authorised entities under the Act.

Legal Effect of IT Act Section 35

Section 35 creates the Controller’s legal authority to regulate digital signature certificates, affecting rights and liabilities of certificate holders and issuers. It restricts the use of invalid or compromised certificates and imposes penalties for misuse under related provisions.

The section interacts with other IT Act provisions on digital signatures and electronic authentication. It supports enforcement by enabling revocation of certificates that threaten security.

  • Grants Controller power to issue, suspend, or revoke certificates.

  • Restricts use of invalid digital signatures.

  • Supports prosecution of misuse under IT Act and IPC.

Nature of Offence or Liability under IT Act Section 35

Section 35 primarily imposes regulatory compliance obligations on the Controller and certifying authorities. It does not create a direct offence but enables actions to prevent misuse of digital signature certificates.

The section supports criminal liability under other IT Act provisions if misuse occurs. It is non-cognizable regarding certificate management but may lead to cognizable offences if fraud is detected.

  • Regulatory compliance for certificate issuance.

  • Supports criminal liability for misuse under related sections.

  • Non-cognizable for certificate suspension or revocation.

  • No arrest without warrant related to certificate management.

Stage of Proceedings Where IT Act Section 35 Applies

Section 35 is relevant during the administrative and investigative stages of digital signature certificate management.

  • Investigation of certificate validity or misuse.

  • Collection of documents and information for issuance.

  • Filing complaints regarding certificate misuse.

  • Trial for offences involving digital signatures.

  • Appeal against suspension or revocation decisions.

Penalties and Consequences under IT Act Section 35

While Section 35 itself does not prescribe penalties, it enables actions that prevent misuse of digital signature certificates. Misuse or fraudulent use of certificates may attract penalties under other IT Act sections.

Corporate entities and intermediaries must comply with certificate regulations to avoid legal consequences. Compensation claims may arise from damages caused by invalid certificates.

  • Suspension or revocation of certificates by Controller.

  • Penalties under related IT Act provisions for misuse.

  • Corporate liability for failing to maintain certificate integrity.

  • Possible compensation for affected parties.

Example of IT Act Section 35 in Practical Use

Mr. X applies for a digital signature certificate to sign electronic contracts. The Controller requests prescribed documents to verify his identity. Later, if the Controller discovers that Mr. X’s certificate was compromised, they suspend the certificate with written reasons. This prevents fraudulent use of Mr. X’s digital signature, protecting businesses relying on electronic authentication.

  • Ensures only verified individuals receive certificates.

  • Prevents misuse by timely suspension or revocation.

Historical Background of IT Act Section 35

The IT Act, 2000 was introduced to regulate electronic commerce and digital signatures. Section 35 was crafted to empower the Controller to manage digital signature certificates effectively.

The IT Amendment Act, 2008 enhanced provisions related to digital signatures and certifying authorities. Over time, interpretation has evolved to address emerging cybersecurity challenges.

  • Introduced to regulate digital signature issuance.

  • Amended in 2008 for stronger control mechanisms.

  • Evolved with technological advancements in digital security.

Modern Relevance of IT Act Section 35

In 2026, cybersecurity and digital identity are critical. Section 35 remains vital for ensuring trust in digital transactions, especially with increased online payments and fintech growth.

It supports enforcement of digital signature integrity amid social media and intermediary reforms, safeguarding digital evidence and online safety.

  • Ensures validity of digital evidence.

  • Supports online safety through certificate management.

  • Addresses enforcement challenges in digital authentication.

Related Sections

  • IT Act Section 34 – Functions of Controller of Certifying Authorities.

  • IT Act Section 36 – Duties of Certifying Authorities.

  • IT Act Section 39 – Suspension and revocation of digital signature certificates.

  • IT Act Section 43 – Penalty for unauthorised access and data theft.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • IPC Section 463 – Forgery, relevant for digital signature misuse.

Case References under IT Act Section 35

  1. No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 35

  • Section: 35

  • Title: Controller’s Power on Digital Signature Certificates

  • Category: Digital Signature Regulation

  • Applies To: Controller of Certifying Authorities, certificate applicants

  • Stage: Certificate issuance, suspension, revocation

  • Legal Effect: Grants Controller authority to regulate certificates

  • Penalties: Suspension/revocation of certificates; misuse penalised under other sections

Conclusion on IT Act Section 35

Section 35 is a cornerstone provision that empowers the Controller to maintain the integrity of digital signature certificates. By requiring prescribed information and enabling suspension or revocation, it protects the digital ecosystem from fraudulent electronic authentication.

This section supports trust in electronic transactions, benefiting individuals, businesses, and law enforcement. Its regulatory framework is essential for secure digital communication and preventing cybercrime related to digital signatures.

FAQs on IT Act Section 35

What authority does the Controller have under Section 35?

The Controller can request necessary documents before issuing digital signature certificates and has the power to suspend or revoke certificates with written reasons.

Who does Section 35 apply to?

It applies primarily to the Controller of Certifying Authorities and individuals or entities seeking digital signature certificates.

Can a digital signature certificate be revoked under this section?

Yes, the Controller may suspend or revoke any digital signature certificate for valid reasons recorded in writing.

Does Section 35 impose penalties for misuse?

Section 35 itself does not prescribe penalties but supports actions that prevent misuse; penalties arise under other related IT Act provisions.

Why is Section 35 important in digital transactions?

It ensures that digital signature certificates are issued and managed securely, maintaining trust and preventing fraud in electronic communications.

Related Sections

Information Technology Act 2000 Section 67

IT Act Section 67 prohibits publishing or transmitting obscene material online, addressing cyber obscenity and protecting public morality.

CrPC Section 429

CrPC Section 429 details the procedure for trial of offences related to mischief by fire or explosive substances.

Income Tax Act 1961 Section 297

Income Tax Act Section 297 governs the procedure for recovery of tax dues from defaulters under the Act.

Negotiable Instruments Act 1881 Section 59

Negotiable Instruments Act, 1881 Section 59 defines the liability of the acceptor of a bill of exchange upon dishonour by non-acceptance.

Is Letterhead Islegal Document In India

Understand if a letterhead is a legal document in India and its role in official communications and legal matters.

IPC Section 286

IPC Section 286 penalizes negligent conduct with respect to explosive substances causing danger to human life or property.

Income Tax Act 1961 Section 20

Income Tax Act, 1961 Section 20 defines 'previous year' for income tax computation and assessment purposes.

Consumer Protection Act 2019 Section 2(20)

Consumer Protection Act 2019 Section 2(20) defines 'defect' in goods or services, crucial for consumer rights and dispute resolution.

Is Uplay Legal In India

Uplay is legal to use in India, but some content and features may have restrictions due to regional laws and licensing.

IPC Section 94

IPC Section 94 covers acts done in good faith for the benefit of a person unable to consent, protecting such acts from legal liability.

Is Jeetwin Legal In India

Discover the legal status of Jeetwin in India, including regulations, enforcement, and common misconceptions about online gaming platforms.

Is Parkour Legal In India

Parkour is legal in India with no specific laws banning it, but safety and public space rules apply.

Is Morphine Legal In India

Morphine is legal in India for medical use under strict regulations and licensing requirements.

Income Tax Act 1961 Section 278C

Income Tax Act, 1961 Section 278C details penalties for failure to comply with tax authorities' summons or directions.

IPC Section 492

IPC Section 492 defines the offence of receiving stolen property, outlining its scope and punishment.

Negotiable Instruments Act 1881 Section 79

Negotiable Instruments Act, 1881 Section 79 defines the liability of partners for negotiable instruments signed in the firm's name.

Is It Legal To Break Icloud Lock In India

Breaking iCloud lock is illegal in India and can lead to serious legal consequences under IT and cyber laws.

Is It Legal To Have Foreign Coins In India

Holding foreign coins in India is generally legal, but using them as currency is restricted under Indian law.

Income Tax Act 1961 Section 269UA

Income Tax Act Section 269UA prohibits cash transactions above Rs. 2 lakh to curb black money and promote digital payments.

CrPC Section 437A

CrPC Section 437A details the procedure for granting bail to accused during trial for offences punishable with imprisonment up to seven years.

Evidence Act 1872 Section 75

Evidence Act 1872 Section 75 deals with the presumption of ownership of documents, aiding proof of possession and control in legal proceedings.

Income Tax Act 1961 Section 285A

Income Tax Act, 1961 Section 285A mandates furnishing of annual information returns by specified persons to ensure tax compliance.

Is It Legal To Hit Someone In India

Hitting someone in India is illegal and punishable under Indian law except in self-defense within reasonable limits.

Is Powervu Legal In India

Understand the legality of Powervu in India, including its use, restrictions, and enforcement under Indian law.

Companies Act 2013 Section 425

Companies Act 2013 Section 425 governs offences by companies and their liability under Indian corporate law.

CPC Section 106

CPC Section 106 covers the procedure for transfer of suits by the High Court to ensure proper jurisdiction and convenience.

Contract Act 1872 Section 60

Contract Act 1872 Section 60 explains the liability of sureties in guarantee contracts and their rights against the principal debtor.

bottom of page