top of page

Information Technology Act 2000 Section 35

IT Act Section 35 empowers the Controller to grant or refuse digital signature certificates, ensuring secure electronic authentication.

Section 35 of the Information Technology Act, 2000, deals with the powers of the Controller regarding digital signature certificates. It authorises the Controller to grant, suspend, or revoke such certificates to ensure secure and reliable electronic authentication. This section plays a vital role in maintaining trust in digital transactions and securing electronic communications.

In today's digital world, where electronic signatures and online authentication are widespread, Section 35 ensures that certificates are issued and managed properly. It impacts users, businesses, and law enforcement by providing a legal framework for digital identity verification and preventing misuse of digital signatures.

Information Technology Act Section 35 – Exact Provision

This section empowers the Controller to demand necessary information before issuing a digital signature certificate. It also allows suspension or revocation of certificates if required. This ensures that only valid and trustworthy certificates are active, maintaining the integrity of digital signatures.

  • Controller can request prescribed documents before issuing certificates.

  • Authority to suspend or revoke certificates with written reasons.

  • Ensures trustworthiness of digital signature certificates.

  • Supports secure electronic authentication.

  • Protects against misuse of digital signatures.

Explanation of Information Technology Act Section 35

This section defines the Controller’s authority over digital signature certificates.

  • The Controller must verify information before issuing certificates.

  • Applies to the Controller of Certifying Authorities (CCA).

  • Triggered when a certificate is requested, suspended, or revoked.

  • Legal criteria include prescribed documents and valid reasons for suspension or revocation.

  • Allows issuance, suspension, or cancellation of certificates.

  • Prohibits misuse by enabling revocation of compromised certificates.

Purpose and Rationale of IT Act Section 35

Section 35 aims to maintain the reliability of digital signature certificates by empowering the Controller to regulate their issuance and validity.

  • Protects users by ensuring certificates are issued after proper verification.

  • Prevents cyber fraud through suspension or revocation of certificates.

  • Supports secure electronic transactions and communications.

  • Regulates digital signature providers to uphold trust.

When IT Act Section 35 Applies

This section applies whenever a digital signature certificate is issued, suspended, or revoked by the Controller.

  • During application for a digital signature certificate.

  • If the Controller suspects misuse or invalidity.

  • When a certificate needs to be cancelled or suspended.

  • Invoked by the Controller of Certifying Authorities.

  • Requires evidence such as prescribed documents and valid reasons.

  • Relevant to digital authentication and electronic records.

  • Exceptions include certificates issued by other authorised entities under the Act.

Legal Effect of IT Act Section 35

Section 35 creates the Controller’s legal authority to regulate digital signature certificates, affecting rights and liabilities of certificate holders and issuers. It restricts the use of invalid or compromised certificates and imposes penalties for misuse under related provisions.

The section interacts with other IT Act provisions on digital signatures and electronic authentication. It supports enforcement by enabling revocation of certificates that threaten security.

  • Grants Controller power to issue, suspend, or revoke certificates.

  • Restricts use of invalid digital signatures.

  • Supports prosecution of misuse under IT Act and IPC.

Nature of Offence or Liability under IT Act Section 35

Section 35 primarily imposes regulatory compliance obligations on the Controller and certifying authorities. It does not create a direct offence but enables actions to prevent misuse of digital signature certificates.

The section supports criminal liability under other IT Act provisions if misuse occurs. It is non-cognizable regarding certificate management but may lead to cognizable offences if fraud is detected.

  • Regulatory compliance for certificate issuance.

  • Supports criminal liability for misuse under related sections.

  • Non-cognizable for certificate suspension or revocation.

  • No arrest without warrant related to certificate management.

Stage of Proceedings Where IT Act Section 35 Applies

Section 35 is relevant during the administrative and investigative stages of digital signature certificate management.

  • Investigation of certificate validity or misuse.

  • Collection of documents and information for issuance.

  • Filing complaints regarding certificate misuse.

  • Trial for offences involving digital signatures.

  • Appeal against suspension or revocation decisions.

Penalties and Consequences under IT Act Section 35

While Section 35 itself does not prescribe penalties, it enables actions that prevent misuse of digital signature certificates. Misuse or fraudulent use of certificates may attract penalties under other IT Act sections.

Corporate entities and intermediaries must comply with certificate regulations to avoid legal consequences. Compensation claims may arise from damages caused by invalid certificates.

  • Suspension or revocation of certificates by Controller.

  • Penalties under related IT Act provisions for misuse.

  • Corporate liability for failing to maintain certificate integrity.

  • Possible compensation for affected parties.

Example of IT Act Section 35 in Practical Use

Mr. X applies for a digital signature certificate to sign electronic contracts. The Controller requests prescribed documents to verify his identity. Later, if the Controller discovers that Mr. X’s certificate was compromised, they suspend the certificate with written reasons. This prevents fraudulent use of Mr. X’s digital signature, protecting businesses relying on electronic authentication.

  • Ensures only verified individuals receive certificates.

  • Prevents misuse by timely suspension or revocation.

Historical Background of IT Act Section 35

The IT Act, 2000 was introduced to regulate electronic commerce and digital signatures. Section 35 was crafted to empower the Controller to manage digital signature certificates effectively.

The IT Amendment Act, 2008 enhanced provisions related to digital signatures and certifying authorities. Over time, interpretation has evolved to address emerging cybersecurity challenges.

  • Introduced to regulate digital signature issuance.

  • Amended in 2008 for stronger control mechanisms.

  • Evolved with technological advancements in digital security.

Modern Relevance of IT Act Section 35

In 2026, cybersecurity and digital identity are critical. Section 35 remains vital for ensuring trust in digital transactions, especially with increased online payments and fintech growth.

It supports enforcement of digital signature integrity amid social media and intermediary reforms, safeguarding digital evidence and online safety.

  • Ensures validity of digital evidence.

  • Supports online safety through certificate management.

  • Addresses enforcement challenges in digital authentication.

Related Sections

  • IT Act Section 34 – Functions of Controller of Certifying Authorities.

  • IT Act Section 36 – Duties of Certifying Authorities.

  • IT Act Section 39 – Suspension and revocation of digital signature certificates.

  • IT Act Section 43 – Penalty for unauthorised access and data theft.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • IPC Section 463 – Forgery, relevant for digital signature misuse.

Case References under IT Act Section 35

  1. No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 35

  • Section: 35

  • Title: Controller’s Power on Digital Signature Certificates

  • Category: Digital Signature Regulation

  • Applies To: Controller of Certifying Authorities, certificate applicants

  • Stage: Certificate issuance, suspension, revocation

  • Legal Effect: Grants Controller authority to regulate certificates

  • Penalties: Suspension/revocation of certificates; misuse penalised under other sections

Conclusion on IT Act Section 35

Section 35 is a cornerstone provision that empowers the Controller to maintain the integrity of digital signature certificates. By requiring prescribed information and enabling suspension or revocation, it protects the digital ecosystem from fraudulent electronic authentication.

This section supports trust in electronic transactions, benefiting individuals, businesses, and law enforcement. Its regulatory framework is essential for secure digital communication and preventing cybercrime related to digital signatures.

FAQs on IT Act Section 35

What authority does the Controller have under Section 35?

The Controller can request necessary documents before issuing digital signature certificates and has the power to suspend or revoke certificates with written reasons.

Who does Section 35 apply to?

It applies primarily to the Controller of Certifying Authorities and individuals or entities seeking digital signature certificates.

Can a digital signature certificate be revoked under this section?

Yes, the Controller may suspend or revoke any digital signature certificate for valid reasons recorded in writing.

Does Section 35 impose penalties for misuse?

Section 35 itself does not prescribe penalties but supports actions that prevent misuse; penalties arise under other related IT Act provisions.

Why is Section 35 important in digital transactions?

It ensures that digital signature certificates are issued and managed securely, maintaining trust and preventing fraud in electronic communications.

Related Sections

Is Ninja H2 Street Legal In India

Ninja H2 is not street legal in India due to strict regulations on imports and emissions.

Negotiable Instruments Act 1881 Section 7

Negotiable Instruments Act, 1881 Section 7 defines the term 'holder' and explains who qualifies as a holder of a negotiable instrument.

CrPC Section 68

CrPC Section 68 details the procedure for issuing summons to witnesses to appear in court for testimony.

Income Tax Act 1961 Section 194B

Section 194B of the Income Tax Act 1961 mandates TDS on winnings from lottery and crossword puzzles in India.

Companies Act 2013 Section 145

Companies Act 2013 Section 145 governs the power of the Central Government to make rules related to company accounts and audit.

Evidence Act 1872 Section 38

Evidence Act 1872 Section 38 defines the admissibility of statements made by persons who cannot be called as witnesses.

Companies Act 2013 Section 466

Companies Act 2013 Section 466 details the procedure for winding up under the Companies Act, 1956, as repealed and saved.

Is Car Net Legal In India

CarNet is legal in India with regulations on data privacy and vehicle tracking under IT and motor vehicle laws.

Negotiable Instruments Act 1881 Section 110

Negotiable Instruments Act, 1881 Section 110 defines the term 'holder in due course' and its significance under the Act.

Companies Act 2013 Section 272

Companies Act 2013 Section 272 defines key terms used throughout the Act, essential for corporate legal clarity and compliance.

Income Tax Act 1961 Section 144

Section 144 of the Income Tax Act 1961 allows the tax officer to estimate income when accurate details are not provided or records are inadequate.

CrPC Section 432

CrPC Section 432 details the procedure for revision of judgments by High Courts in criminal cases.

Income Tax Act 1961 Section 48

Income Tax Act Section 48 explains the method to compute capital gains on transfer of capital assets in India.

Companies Act 2013 Section 165

Companies Act 2013 Section 165 governs disqualification of directors to ensure effective corporate governance.

CrPC Section 146

CrPC Section 146 details the procedure for handling unlawful assembly and dispersal by magistrates.

Income Tax Act 1961 Section 200

Section 200 of the Income Tax Act 1961 outlines the procedure for tax deduction at source and related responsibilities in India.

Is Infidelity Legal In India

Infidelity is not a criminal offense in India but can have legal consequences in divorce and maintenance cases.

Is Marjuna Legal In India

Marijuana is illegal in India except for limited medical and scientific use under strict regulation.

IPC Section 305

IPC Section 305 addresses abetment of suicide by a child or insane person, outlining punishment and legal scope.

Information Technology Act 2000 Section 44

IT Act Section 44 empowers the central government to intercept, monitor, or decrypt digital information for security and public order.

Companies Act 2013 Section 143

Companies Act 2013 Section 143 details the powers and duties of auditors in India, ensuring audit quality and accountability.

Is Blanket Euthanasia Legal In India

Blanket euthanasia is not legal in India; only passive euthanasia under strict conditions is allowed.

Evidence Act 1872 Section 142

Evidence Act 1872 Section 142 defines the term 'document' and its scope for admissibility in legal proceedings.

IPC Section 138

IPC Section 138 addresses dishonour of cheque for insufficiency of funds, penalizing the drawer for bounced cheques.

Income Tax Act 1961 Section 245BD

Income Tax Act, 1961 Section 245BD governs the procedure for refund of excess tax deducted at source (TDS).

Is It Legal To Buy Human Bones In India

Buying human bones in India is generally illegal except for specific scientific or medical purposes with proper permissions.

Companies Act 2013 Section 293

Companies Act 2013 Section 293 governs restrictions on board powers for certain transactions requiring shareholder approval.

bottom of page