top of page

Information Technology Act 2000 Section 66C

IT Act Section 66C addresses identity theft and fraudulent use of electronic identity information.

Section 66C of the Information Technology Act, 2000 deals with the offence of identity theft in the digital environment. It criminalises the fraudulent or dishonest use of another person's electronic identity information, such as passwords, digital signatures, or other unique identifiers. This section is crucial in today's digital age where identity theft can lead to financial loss, privacy breaches, and misuse of personal data.

The provision impacts individuals, businesses, and law enforcement by providing a legal framework to deter and punish identity theft. It helps protect users' digital identities and supports secure electronic transactions and communications.

Information Technology Act Section 66C – Exact Provision

This section criminalises the misuse of electronic identity features belonging to another person. It covers acts done dishonestly or fraudulently, such as using someone else's password or digital signature without permission. The punishment includes imprisonment and fines, reflecting the seriousness of identity theft in digital transactions.

  • Targets fraudulent use of electronic identity features.

  • Includes passwords, digital signatures, and unique identifiers.

  • Applies to dishonest or fraudulent acts.

  • Prescribes imprisonment up to three years and fines.

  • Protects personal and financial digital identity.

Explanation of Information Technology Act Section 66C

This section prohibits the dishonest or fraudulent use of another person's electronic identity information.

  • States that misuse of electronic signatures, passwords, or unique IDs is an offence.

  • Applies to individuals, hackers, intermediaries, and service providers.

  • Triggered when someone uses another's electronic identity without consent.

  • Legal criteria include fraudulent or dishonest intent.

  • Allows lawful use only by the rightful owner or authorised persons.

  • Prohibits unauthorised access or impersonation using electronic identity.

Purpose and Rationale of IT Act Section 66C

The section aims to safeguard digital identities and prevent crimes related to identity theft. It ensures trust in electronic transactions by protecting users from fraudulent impersonation.

  • Protects users in the digital ecosystem.

  • Prevents cybercrimes involving identity theft.

  • Ensures secure electronic transactions.

  • Regulates online behaviour to deter fraud.

When IT Act Section 66C Applies

This section applies when someone fraudulently uses another's electronic identity information, causing harm or potential loss.

  • When unauthorised use of passwords or digital signatures occurs.

  • Invoked by affected individuals or law enforcement agencies.

  • Requires evidence of fraudulent or dishonest use.

  • Relevant to digital data, computer systems, and networks.

  • Exceptions include authorised use or consent by the owner.

Legal Effect of IT Act Section 66C

Section 66C creates criminal liability for identity theft in the digital space. It restricts unauthorised use of electronic identity features and imposes penalties to deter such offences. The section complements Indian Penal Code provisions on cheating and forgery by addressing digital identity misuse specifically.

  • Creates criminal offences for identity theft.

  • Penalties include imprisonment and fines.

  • Impacts individuals, companies, and platforms handling digital identities.

Nature of Offence or Liability under IT Act Section 66C

The offence under Section 66C is criminal and cognizable. It involves dishonest or fraudulent use of electronic identity features. Arrest can be made without a warrant due to the cognizable nature of the offence.

  • Criminal liability for identity theft.

  • Cognizable offence allowing police investigation without magistrate approval.

  • Arrest without warrant permitted.

Stage of Proceedings Where IT Act Section 66C Applies

This section is relevant throughout the criminal justice process, from investigation to appeal.

  • Investigation includes collection of digital evidence like logs and metadata.

  • Filing of complaint by the victim or police.

  • Trial in appropriate court for offence adjudication.

  • Appeal against conviction or acquittal possible.

Penalties and Consequences under IT Act Section 66C

Penalties include imprisonment up to three years and fines up to one lakh rupees. Companies or intermediaries may face liability if negligent in protecting user identity information. Compensation to victims may also be sought.

  • Imprisonment up to three years.

  • Fine up to one lakh rupees.

  • Corporate and intermediary liability for negligence.

  • Possible compensation for victims.

Example of IT Act Section 66C in Practical Use

X receives a phishing email and unknowingly shares their password. Y uses X's password to access X's bank account and transfers money fraudulently. Under Section 66C, Y is liable for identity theft and can be prosecuted for unauthorised use of X's electronic identity.

  • Demonstrates protection against password misuse.

  • Highlights importance of digital identity security.

Historical Background of IT Act Section 66C

The IT Act was introduced in 2000 to address emerging digital challenges like e-commerce and cybercrime. Section 66C was added to criminalise identity theft in the electronic context. The 2008 Amendment Act strengthened provisions to keep pace with evolving cyber threats.

  • Introduced to regulate electronic transactions and cyber offences.

  • Amended in 2008 to enhance cybercrime provisions.

  • Evolution reflects growing importance of digital identity protection.

Modern Relevance of IT Act Section 66C

In 2026, identity theft remains a major cybersecurity concern. With widespread online payments and digital identities, Section 66C is vital for protecting users. Social media misuse and fintech growth increase enforcement challenges, making this section crucial for online safety.

  • Supports digital evidence admissibility.

  • Enhances online safety and trust.

  • Addresses enforcement challenges in cybercrime.

Related Sections

  • IT Act Section 43 – Penalty for unauthorised access and data theft.

  • IT Act Section 66 – Computer-related offences.

  • IT Act Section 67C – Punishment for identity theft involving biometric data.

  • IPC Section 420 – Cheating, relevant for online fraud.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • CrPC Section 91 – Summons for digital records or documents.

Case References under IT Act Section 66C

No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 66C

  • Section: 66C

  • Title: Identity Theft Offence

  • Category: Cybercrime, Digital Identity

  • Applies To: Individuals, hackers, intermediaries, service providers

  • Stage: Investigation, trial, appeal

  • Legal Effect: Criminal liability for fraudulent use of electronic identity

  • Penalties: Imprisonment up to 3 years, fine up to one lakh rupees

Conclusion on IT Act Section 66C

Section 66C of the IT Act, 2000 plays a critical role in combating identity theft in the digital age. By criminalising the fraudulent use of electronic identity features, it protects individuals and organisations from cyber fraud and misuse.

This provision strengthens trust in electronic transactions and digital communications. It complements other cybercrime laws and supports law enforcement in addressing the growing challenges of identity theft and online impersonation.

FAQs on IT Act Section 66C

What constitutes identity theft under Section 66C?

Identity theft involves the dishonest or fraudulent use of another person's electronic signature, password, or unique identification feature without consent.

Who can be held liable under this section?

Any individual or entity who fraudulently uses another person's electronic identity information can be held liable under Section 66C.

What are the penalties for violating Section 66C?

Penalties include imprisonment for up to three years and a fine which may extend to one lakh rupees.

Does Section 66C apply to companies and intermediaries?

Yes, companies and intermediaries can be held liable if they are negligent in protecting users' electronic identity information.

How does Section 66C protect users?

It deters identity theft by criminalising unauthorised use of electronic identity features, thereby safeguarding users' digital identities and transactions.

Related Sections

IPC Section 433

IPC Section 433 defines punishment for mischief by fire or explosive substance endangering life or property.

CrPC Section 395

CrPC Section 395 defines the offence of dacoity and its legal consequences under Indian law.

IPC Section 324

IPC Section 324 covers voluntarily causing hurt by dangerous weapons or means, defining punishment and legal scope.

Companies Act 2013 Section 33

Companies Act 2013 Section 33 governs the alteration of a company's memorandum of association.

CrPC Section 66

CrPC Section 66 details the procedure for police to seize property related to offences, ensuring lawful custody and protection of evidence.

IPC Section 302

IPC Section 302 defines punishment for murder, outlining legal consequences and scope of this grave offence.

IPC Section 203

IPC Section 203 addresses the offence of intentionally omitting to give information of a known offence to a public servant.

CrPC Section 347

CrPC Section 347 defines the procedure when a Magistrate refuses to take cognizance of an offence.

IPC Section 411

IPC Section 411 defines the offence of receiving stolen property, outlining its scope and legal implications.

IPC Section 204

IPC Section 204 covers the procedure for Magistrate to issue process for appearance or production of documents in a criminal case.

Companies Act 2013 Section 29

Companies Act 2013 Section 29 governs the voting rights of shareholders in company meetings.

Information Technology Act 2000 Section 3

IT Act Section 3 defines the scope and territorial extent of the Information Technology Act, 2000.

IPC Section 354C

IPC Section 354C criminalizes voyeurism, protecting individuals from unauthorized spying or capturing private acts.

IPC Section 41

IPC Section 41 empowers police to arrest without warrant under specific conditions to prevent crime or secure evidence.

CrPC Section 452

CrPC Section 452 deals with the procedure for taking possession of property in cases of house-breaking or wrongful occupation.

Contract Act 1872 Section 71

Contract Act 1872 Section 71 explains responsibility for acts of agents done without authority.

IPC Section 59

IPC Section 59 defines the punishment for public nuisance causing danger to human life, health, or safety.

CPC Section 130

CPC Section 130 empowers courts to order the sale of property to satisfy a decree-holder's claim.

CPC Section 81

CPC Section 81 covers the procedure for transferring suits from one court to another for convenience or justice.

IPC Section 446

IPC Section 446 defines punishment for criminal trespass, covering unlawful entry into property with intent to commit an offence.

CPC Section 151

CPC Section 151 empowers courts to pass orders necessary to prevent abuse of process or to secure ends of justice.

CrPC Section 324

CrPC Section 324 defines the offence of voluntarily causing hurt by dangerous weapons or means and its legal consequences.

IPC Section 35

IPC Section 35 defines the punishment for attempting to commit offences punishable with death or life imprisonment.

IPC Section 365

IPC Section 365 defines the offence of kidnapping or abducting with intent to secretly and wrongfully confine a person.

CPC Section 37

CPC Section 37 details the appeal process against orders from courts of original civil jurisdiction.

CrPC Section 81

CrPC Section 81 details the procedure for releasing a surety when a person is bound by a Magistrate's order.

Companies Act 2013 Section 86

Companies Act 2013 Section 86 governs the appointment and powers of managing directors and managers in Indian companies.

bottom of page