All You Need to Know about the Section 66A of the IT Act & Cyber Security Policy

Posted on: Sep 21, 2022 | 3 mins | Written by: HDFC ERGO Team

All You Need to Know about the Section 66A of the IT Act & Cyber Security Policy

Information Technology is a legal framework for electronic identification through records and digital signatures. While businesses are spotting space, people are contending new concepts of cybersecurity and impacting our daily lives with digital things. The legal framework is how cybercrime is identified, treated, and penalized. Section 66A of the Information Technology Act commenced in the year 2000, which laid down cybercrime communication and made it a punishable crime to use a computer device.

What is Section 66A, IT Act?

Section 66A was created to evaluate illegal activity conducted by people through electronic devices. The activity is penalized for such actions, which are communicated through a computer device and subjected to a criminal offence under the act. Fifteen years ago, the act was created, and the Apex court of India decided to apply it and rule under the Public Interest Litigation (PIL). The act sparks the light on India's legal framework and agreement to evolve cybersecurity across the nation. Any person who linked with his/ her digital device was found to be criminal activity under the act:

● A person who shared offensive media

● A person who shares false content information or creates inconvenience, or hindering, puts them in danger, injuring, hate, or ill will.

● They created content with dishonesty about the source message.

If any person or group of people is found with such offences, they will treat under criminal charges and receive three years of custody and a fine

Why was Section 66A IT Act Repealed?

Section 66A of the IT Act was created with respectable intentions but not demonstrated as effective and real. The act faced challenges as the initial challenge was the act was defined with several key descriptions like grossly offensive, whereas the act linked with intended laws, and doesn’t lay down as grossly violent. Such terms are exposed to clarifications and are rooted in them. The following terms are:

1. Lapping Indian Penal Code (IPC) 1860:

Different criminal offences are intimidated, distressing, or other such cases. The sections are met with IPC, 1860. At the same time, the laws are different and liable to punishment for seemingly similar offences.

Section 66A Information Technology Act directed three years in detainment, whereas IPC 1860 coordinated a two-year detainment for a similar crime. This might be difficult in executing and decrypting the law the nation over.

2. Identifying culprits and victims:

The law didn't refer to a few basics - how could it characterize the culprits and victims? Does the law anticipated to be applied between two individuals' communication, or might it be utilized for the devastating majority to many, several to one, and one to several thoughts?

3. Misused across the nation:

After almost 15 years of sanction, the law was misused by a few aspects across the nation. The specific PIL that prompted the act’s removal was forced by the discipline condemned to two young women in Maharashtra who communicated their disappointment on social media against the local government when they announced a one-day shutdown on a political leader's demise.

Which Law Replaced Section 66A IT Act?

After the act was eliminated, no new acts were created and parallelly replaced it. Well, the legal framework surrounds cybercrime in India. The IPC, 1860, and the Companies Rules, 2014, occupied work with the Companies Act 2013 and used instructions to order regulations in cases that manage cybercrime.

How are Businesses Protected against Cybercrimes?

Medium-sized organizations (SMBs) believe in online protection that manages their financial plan. Tragically, organizations are focused on cybercrime. Presently, 43% of cyberattacks target independent corporations. Convicts know corporations use security systems, but small corporations are often susceptible. Here are some of the safety measures to be taken by businesses;

● Employee training:

Workers who are unskilled in security performance are massive weaknesses. It's a basic technique to prepare the employee to perceive advanced training and indications of cybercrime, how to keep risk low, and a framework set up for revealing indications of attacks.

● Keep software updated:

SMBs get excessively occupied to ensure the product is updated and possibly, however, outdated software found to be weak security defects. Software concentrates on the latest programming and focuses on those organizations that target adopting the new features.

● Password policies:

password is a vital part of the software and should never be recycled and timely updated. Easy passwords are easily tracked by hackers, and they crack them. In 2012, a password expert found a program that works with eight characters and should be complicated and make it better.

● Outsource cybersecurity:

Resources you can assume and feel overcome at the prospect of managing cybersecurity issues. Many organizations choose to put in network safety since they don't figure it out. However, doing this could destroy you. So it is a good idea to opt for a Cybersecurity policy for the sake of the business.

● System security plan (SSP):

The SSP summarizes all security practices that keep information secure. The SSP distinguishes frameworks like programming, safety efforts, preparing strategies and software. This record refinement how to restrict access to approved clients and employees to pursue secure procedures and answers because of a security break. It keeps things from becoming, following up the cracks, planning, and getting things done. Well, the IT staff is proficient in this matter, aside from cash by keeping the matter in-house, if not, employing a consultant is better. A solemnly composed SSP could wind up setting you back in the end. Moreover, Section 66A has detached nearly half a decade, and now, businesses understand the meaning of cybercrime; hence, they're protecting their intangible assets with cybersecurity policy. The Indian businessmen create smart software with IT paired and add up cyber security insurance plans that widely secure their cookies, malware, software codes, and other forms with the consequences.

FAQs

1. Usually, which companies can opt for a cyber security policy?

There is no industry specification for a cyber security policy. All companies from any industry can opt for the same.

2. Does cyber security insurance allow hiring a lawyer for post-cyberattacks?

It depends on the type of policy and the type of attack. However, for more details, you need to check with your insurer. Insurance terms and conditions are specific. However, policies are different from one another and have different compensation processes and hiring fees as per professionals. After the incident, the policies were pursued with wordings and to know the rest for cyber insurance coverage, the insured things included in the policy.

Conclusion

The Information Act of 2000 offered a legal framework and identification by electronic medium and digital signs and aided in legal validation by enforceable contracts. The mentioned section sanctions arrest the criminal in their subjective discretion and violence for instigating misappropriation, inconvenience, etc. So, section 66A is liable to treat the accused with criminal charges and provision to receive three years in jail and a fine.

Disclaimer: The above information is for illustrative purposes only. For more details, please refer to policy wordings and prospectus before concluding the sales.

Avoid Phishing Scams with the Help of 10 Easy Methods

How to Protect Yourself as the Threat of Scam Apps Grows?

UPI Payment Fraud: Here are Safety Measures to Protect Your Money

What to do if You’ve been Scammed Online?

3 Ways Your SIM Card Can Be Hacked (And How to Protect It)