top of page

Information Technology Act 2000 Section 72

IT Act Section 72 protects confidentiality of information shared in electronic form and penalizes unlawful disclosure.

Section 72 of the Information Technology Act, 2000 safeguards the confidentiality of information shared electronically. It prohibits any person who has secured access to electronic data from disclosing it without consent. This section is vital in today's digital world where sensitive data is frequently transmitted online.

It impacts users, businesses, and law enforcement by ensuring privacy and trust in electronic communications. Breach of confidentiality can lead to legal consequences, promoting responsible handling of digital information.

Information Technology Act Section 72 – Exact Provision

This section makes it a punishable offence to disclose electronic information accessed under lawful authority without permission. The law balances the need for authorized access with protection against misuse of sensitive data.

  • Protects confidentiality of electronic information.

  • Applies to persons with lawful access under the IT Act.

  • Penalizes unauthorized disclosure.

  • Imprisonment up to two years or fine up to one lakh rupees.

  • Ensures trust in electronic communications and records.

Explanation of Information Technology Act Section 72

This section prohibits unauthorized disclosure of electronic information accessed lawfully under the IT Act.

  • States that information accessed under legal powers must remain confidential.

  • Applies to government officials, intermediaries, and others with authorized access.

  • Triggered when confidential data is shared without consent.

  • Legal criteria require access under the Act and unauthorized disclosure.

  • Allows lawful use but prohibits misuse or sharing of sensitive data.

Purpose and Rationale of IT Act Section 72

The section aims to protect privacy and confidentiality in electronic communications. It prevents misuse of sensitive information accessed during official duties or under legal authority.

  • Protects users' privacy in the digital ecosystem.

  • Prevents unauthorized disclosure of confidential data.

  • Ensures secure handling of electronic records.

  • Promotes trust in electronic transactions and communications.

When IT Act Section 72 Applies

This section applies when a person with lawful access to electronic information discloses it without consent.

  • When electronic data is accessed under the IT Act or related rules.

  • When unauthorized sharing or disclosure occurs.

  • Invoked by affected individuals or authorities.

  • Requires proof of access and unauthorized disclosure.

  • Exceptions include disclosures permitted by law or consent.

Legal Effect of IT Act Section 72

Section 72 creates a legal obligation to maintain confidentiality of electronic information accessed under the Act. Violation results in criminal penalties including imprisonment and fines. It restricts unauthorized sharing of data, protecting individuals and organizations.

This section complements other laws like the Indian Penal Code for data protection and privacy. It strengthens the legal framework against cyber misuse and builds confidence in digital systems.

  • Creates duty of confidentiality for authorized persons.

  • Penalties include imprisonment up to two years and fines.

  • Supports privacy and data protection in electronic communications.

Nature of Offence or Liability under IT Act Section 72

The offence under Section 72 is criminal in nature. It is cognizable and non-bailable, emphasizing the seriousness of unauthorized disclosure. Arrest may require a warrant depending on circumstances.

  • Criminal liability for unauthorized disclosure.

  • Cognizable and non-bailable offence.

  • Arrest generally requires warrant.

  • Focus on protecting confidentiality and privacy.

Stage of Proceedings Where IT Act Section 72 Applies

This section is relevant from investigation to trial stages. Digital evidence like electronic records and access logs are crucial. Complaints can be filed by affected parties or authorities.

  • Investigation involves gathering digital data and logs.

  • Filing of complaint by victim or authorized agency.

  • Trial based on evidence of unauthorized disclosure.

  • Appeal possible against conviction or acquittal.

Penalties and Consequences under IT Act Section 72

Violators face imprisonment up to two years, fines up to one lakh rupees, or both. Corporate entities can be held liable if responsible. Intermediaries must ensure confidentiality to avoid penalties. Compensation claims may arise from affected parties.

  • Imprisonment up to two years.

  • Fine up to one lakh rupees.

  • Corporate and intermediary liability possible.

  • Compensation claims by victims.

Example of IT Act Section 72 in Practical Use

X is an employee of a government agency who accesses confidential electronic records under lawful authority. Without consent, X shares sensitive personal data with a third party. This unauthorized disclosure violates Section 72, exposing X to criminal prosecution and penalties.

This example shows how the section protects privacy and deters misuse of electronic information by insiders.

  • Unauthorized sharing of confidential data is punishable.

  • Ensures accountability for persons with access to sensitive information.

Historical Background of IT Act Section 72

The IT Act, 2000 was introduced to regulate electronic commerce, digital signatures, and cybercrime. Section 72 was included to address privacy concerns arising from electronic data access. The 2008 Amendment strengthened provisions related to data protection and confidentiality.

  • Introduced to regulate electronic data privacy.

  • Amended in 2008 to enhance data protection.

  • Evolved with growing digital transactions and cyber threats.

Modern Relevance of IT Act Section 72

In 2026, cybersecurity and data privacy are paramount. Section 72 remains crucial for protecting electronic information amid rising cyber threats. It supports secure online payments, fintech, and digital identity systems. Social media and intermediaries must comply to safeguard user data.

  • Protects digital evidence and confidential data.

  • Ensures online safety and privacy.

  • Addresses enforcement challenges in cybercrime.

Related Sections

  • IT Act Section 43 – Penalty for unauthorised access and data theft.

  • IT Act Section 66 – Computer-related offences.

  • IT Act Section 72A – Punishment for breach of confidentiality and privacy.

  • IPC Section 420 – Cheating, relevant for online fraud.

  • Evidence Act Section 65B – Admissibility of electronic evidence.

  • CrPC Section 91 – Summons for digital records or documents.

Case References under IT Act Section 72

No landmark case directly interprets this section as of 2026.

Key Facts Summary for IT Act Section 72

  • Section: 72

  • Title: Confidentiality of Electronic Information

  • Category: Data privacy and confidentiality

  • Applies To: Persons with lawful access under IT Act

  • Stage: Investigation, trial, appeal

  • Legal Effect: Creates duty of confidentiality, prohibits unauthorized disclosure

  • Penalties: Imprisonment up to 2 years, fine up to ₹1 lakh

Conclusion on IT Act Section 72

Section 72 of the Information Technology Act, 2000 plays a vital role in protecting the confidentiality of electronic information. It ensures that persons with lawful access handle sensitive data responsibly and do not disclose it without consent. This protection is essential in maintaining privacy and trust in digital communications.

As digital transactions and data exchanges increase, Section 72 acts as a deterrent against misuse of electronic information. It complements other cyber laws to build a secure digital environment for users, businesses, and government agencies alike.

FAQs on IT Act Section 72

What type of information does Section 72 protect?

Section 72 protects electronic records, correspondence, information, documents, or other material accessed under lawful authority from unauthorized disclosure.

Who can be held liable under Section 72?

Any person who has secured access to electronic information under the IT Act and discloses it without consent can be held liable under Section 72.

What are the penalties for violating Section 72?

Violations can lead to imprisonment up to two years, a fine up to one lakh rupees, or both, depending on the severity of the unauthorized disclosure.

Does Section 72 apply to intermediaries?

Yes, intermediaries with lawful access to electronic information must maintain confidentiality and can be liable for unauthorized disclosures.

Are there exceptions to the confidentiality rule under Section 72?

Yes, disclosures permitted by other laws or made with the consent of the concerned person are exceptions under Section 72.

Related Sections

CrPC Section 315

CrPC Section 315 defines the offence of concealing a birth and its legal consequences under Indian law.

Consumer Protection Act 2019 Section 64

Consumer Protection Act 2019 Section 64 details the power of the Central Government to make rules for effective implementation of the Act.

IPC Section 368

IPC Section 368 defines the offence of causing grievous hurt by act endangering life or personal safety of others.

IPC Section 502

IPC Section 502 defines the offence of using a false document for the purpose of cheating or dishonesty.

Companies Act 2013 Section 12

Companies Act 2013 Section 12 governs the registered office of a company and its official address requirements.

IPC Section 179

IPC Section 179 defines the punishment for public servants who unlawfully disobey lawfully issued government orders.

CPC Section 127

CPC Section 127 allows courts to grant temporary injunctions to prevent harm during civil suits.

IPC Section 286

IPC Section 286 penalizes negligent conduct with respect to explosive substances causing danger to human life or property.

Consumer Protection Act 2019 Section 2(5)

Consumer Protection Act 2019 Section 2(5) defines 'defect' in goods, crucial for consumer rights and dispute resolution.

Evidence Act 1872 Section 22

Evidence Act 1872 Section 22 defines the admissibility of admissions made by parties, crucial for establishing facts in civil and criminal cases.

CrPC Section 147

CrPC Section 147 defines the offence of rioting and its legal consequences under Indian law.

Evidence Act 1872 Section 122

Evidence Act 1872 Section 122 defines the term 'confession' and its significance in criminal trials.

Consumer Protection Act 2019 Section 99

Consumer Protection Act 2019 Section 99 details the powers of the Central Consumer Protection Authority to conduct investigations into unfair trade practices.

CrPC Section 303

CrPC Section 303 mandates enhanced punishment for repeat offenders convicted of murder or culpable homicide not amounting to murder.

Companies Act 2013 Section 160

Companies Act 2013 Section 160 governs the procedure for nomination of directors by members in Indian companies.

Consumer Protection Act 2019 Section 101

Consumer Protection Act 2019 Section 101 details penalties for false or misleading advertisements, safeguarding consumer interests.

IPC Section 263A

IPC Section 263A addresses the offence of causing miscarriage without a woman's consent, protecting bodily autonomy and health.

IPC Section 9

IPC Section 9 defines punishment for abetment of offence punishable with death or life imprisonment.

Companies Act 2013 Section 3

Companies Act 2013 Section 3 defines the formation and incorporation of companies under Indian law.

CPC Section 121

CPC Section 121 details the procedure for setting aside an ex parte decree in civil suits.

Evidence Act 1872 Section 33

Evidence Act 1872 Section 33 covers the relevancy of facts showing the existence of any state of mind, including intention, knowledge, and good faith.

Consumer Protection Act 2019 Section 2(36)

Consumer Protection Act 2019 Section 2(36) defines 'defect' in goods, crucial for consumer rights and product liability claims.

CrPC Section 282

CrPC Section 282 empowers courts to impose fines for false or vexatious complaints to prevent misuse of legal process.

Companies Act 2013 Section 200

Companies Act 2013 Section 200 governs the power to call for information, inspect books, and conduct inquiries by the Registrar.

Evidence Act 1872 Section 121

Evidence Act 1872 Section 121 defines when oral admissions are relevant, detailing their use in proving facts in civil and criminal cases.

IPC Section 171F

IPC Section 171F penalizes bribery by public servants to influence their official duties, ensuring integrity in public administration.

Information Technology Act 2000 Section 25

IT Act Section 25 addresses penalties for failure to protect sensitive personal data or information under the IT Act, 2000.

bottom of page