Introduction — Object, Background, UNCITRAL Model Law

The Information Technology Act, 2000 (Act 21 of 2000) is India's foundational cyber-law. It did not spring from a domestic policy vacuum: it is the Indian enactment of an international template, the UNCITRAL Model Law on Electronic Commerce, 1996, which the United Nations General Assembly commended to member States by Resolution 51/162 of 30 January 1997. To read the Act intelligently, an aspirant must grasp three threads at once — the object the Act pursues (legal recognition of electronic transactions), the background against which it was drafted (a paper-bound legal order colliding with electronic commerce), and the Model Law architecture (functional equivalence, technology neutrality, non-discrimination) that supplies the Act's deep grammar. This introduction sets out all three and shows how courts have read the statute's purposive core.

What the Act Is: Act 21 of 2000 in a Sentence

The Information Technology Act, 2000 is a Central enactment, numbered Act 21 of 2000, which received the assent of the President on 9 June 2000 and was brought into force on 17 October 2000. It was India's first dedicated statute to confer legal recognition on transactions carried out by means of electronic data interchange and other means of electronic communication, commonly described as "electronic commerce". Before the Act, an Indian court asked to enforce a contract concluded by email, or to treat a digitally stored ledger as a record, had no statutory peg on which to hang recognition: the Indian Evidence Act, 1872, the Indian Penal Code, 1860, and the law of contract were all framed around paper, ink and physical signatures. The Act's primary work, therefore, was translation — taking concepts the law already trusted (a signature, an original, a record, a writing) and supplying electronic equivalents that the law could equally trust.

The Act is not merely an e-commerce statute. As enacted it carried four limbs: (i) legal recognition of electronic records and digital signatures; (ii) a framework for electronic governance, permitting filing, issue and retention of records by Government in electronic form (see our chapter on electronic governance); (iii) a regulatory regime for Certifying Authorities issuing digital signature certificates (see Certifying Authorities); and (iv) consequential amendments to the Penal Code, the Evidence Act, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934. The cyber-offence and intermediary-liability dimensions for which the Act is now best known were substantially deepened only later, by the Information Technology (Amendment) Act, 2008.

The Object: Reading the Preamble

The preamble (long title) to the Act is the surest guide to its object, and the judiciary treats it as such. It declares the Act to be one "to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as 'electronic commerce', which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend" the Indian Penal Code, the Indian Evidence Act, the Bankers' Books Evidence Act and the Reserve Bank of India Act.

Three distinct objects are visible. First, legal recognition of electronic transactions — the private-law objective that animates the chapters on electronic records and signatures. Second, facilitation of e-governance — enabling citizens to deal with the State electronically. Third, harmonisation of allied statutes — so that the Evidence Act could admit electronic records and the Penal Code could punish electronic wrongs. Crucially, the preamble does not announce a criminal-law mission; the Act's centre of gravity at enactment was facilitative, not punitive. The preamble also recites that the General Assembly of the United Nations had, by Resolution 51/162 dated 30 January 1997, adopted the Model Law on Electronic Commerce and recommended that all States give favourable consideration to it — an unusually explicit statutory acknowledgment of an international source, which becomes a legitimate aid to construction.

The UNCITRAL Model Law on Electronic Commerce, 1996

The United Nations Commission on International Trade Law (UNCITRAL), the UN's core legal body for the harmonisation of international trade law, adopted the Model Law on Electronic Commerce in 1996. A "model law" is not a treaty; it imposes no obligation. It is a legislative template that States may adopt, adapt or ignore, designed to remove the patchwork of incompatible national rules that throttle cross-border electronic trade. By Resolution 51/162 of 30 January 1997, the General Assembly commended the Model Law to all States, recommending that they give it favourable consideration when enacting or revising their laws "in view of the need for uniformity of the law applicable to alternatives to paper-based methods of communication and storage of information".

India was among the early adopters. The IT Act, 2000 follows the Model Law's structure closely: its provisions on legal recognition of electronic records, on writing, signature and original requirements, and on attribution, acknowledgment and despatch of electronic records track the Model Law almost article-for-article (compare our chapter on attribution, acknowledgment and despatch). Because the Act is the domestic transposition of an international instrument, the Model Law and its accompanying UNCITRAL Guide to Enactment are legitimate external aids to interpretation where the Act is ambiguous — a settled principle of statutory construction when Parliament legislates to give effect to an international text.

The Model Law's Three Foundational Principles

The Model Law rests on three principles that quietly govern the whole of the IT Act, and which examiners love to test because they explain why particular sections read as they do.

Non-discrimination. Information is not to be denied legal effect, validity or enforceability solely on the ground that it is in electronic form. This is the negative guarantee: electronic-ness is never, by itself, a disqualification. It is reflected in Section 4 of the Act, which provides that where law requires information to be in writing, that requirement is satisfied by an electronic record accessible for subsequent reference.

Functional equivalence. Rather than declaring electronic records to be identical to paper, the Model Law asks what function a paper-based requirement serves — a signature authenticates and signals intent; an "original" guarantees integrity — and then specifies the conditions under which an electronic record performs that same function. The Act's treatment of writing (Section 4), signature (Section 5), retention of records (Section 7) and original-document integrity (Section 7) is built on this method. The aspirant should read these alongside the chapter on secure electronic records and signatures.

Technology neutrality. The law should not lock itself to one technical solution that tomorrow's engineering renders obsolete. As originally enacted, the 2000 Act was, in one respect, not fully neutral: it recognised only the "digital signature", a specific asymmetric-cryptography PKI technique. That tension between an aspiration to neutrality and a technology-specific drafting choice was resolved only by the 2008 amendment, examined below.

The Original Design Choice: Digital Signatures and PKI

The 2000 Act, as first enacted, adopted a single authentication technology. Section 3 provided for authentication of electronic records by affixing a "digital signature" effected through an asymmetric crypto-system and hash function — the mechanics of Public Key Infrastructure (PKI). A subscriber held a private key to sign and the world held the corresponding public key to verify. Trust in the linkage between a public key and a real person was supplied by Certifying Authorities, licensed and supervised by a Controller of Certifying Authorities, who issued Digital Signature Certificates. This entire edifice is unpacked in the chapter on digital and electronic signatures.

The design was rigorous but rigid. By binding statutory recognition to one named technology, Parliament risked the law ageing badly as biometric, OTP-based and other authentication methods matured. This is precisely the kind of technology-specific drafting the Model Law cautions against, and it set up the principal structural reform of 2008.

The 2008 Amendment and the Shift to Electronic Signatures

The Information Technology (Amendment) Act, 2008 — numbered Act 10 of 2009 — received the President's assent on 5 February 2009 and was brought into force on 27 October 2009. It reshaped the Act in several ways, but for the present chapter the decisive change is conceptual: it migrated the statute from a technology-specific "digital signature" to a technology-neutral "electronic signature". A new Section 3A recognised authentication of an electronic record by an electronic signature or authentication technique specified in the Second Schedule, reliable and as may be prescribed — thereby aligning India with the later UNCITRAL Model Law on Electronic Signatures, 2001, which had embraced neutrality precisely because the 1996 instrument's signature provisions were felt to be too tied to PKI. References to "digital signature" across the Act were read to include "electronic signature", with digital signatures surviving as one species within the broader genus.

The 2008 amendment also rebuilt the criminal and regulatory dimensions: it recast Section 66 and inserted offences such as Section 66A (sending offensive messages), Section 66C (identity theft), Section 66E (violation of privacy) and Section 67A; it strengthened intermediary safe-harbour in Section 79; and it introduced Section 69A blocking powers. An aspirant should keep the two layers distinct: the 2000 Act supplies the facilitative skeleton drawn from UNCITRAL, while the 2008 Act adds the neutrality reform and the bulk of the cyber-crime flesh.

Extent, Application and the Excluded Documents

Section 1(2) gives the Act an unusually broad reach: it extends to the whole of India and, subject to Section 75, applies also to any offence or contravention committed outside India by any person. Section 75 makes the extra-territorial reach effective where the offending act involves a computer, computer system or computer network located in India. This is a deliberate response to the borderless character of cyberspace: a server in Mumbai can be attacked from anywhere, and the Act refuses to let geography defeat jurisdiction.

The Act's facilitative provisions do not, however, apply universally. As originally enacted, Section 1(4) excluded a list of instruments from the Act's recognition machinery; after 2008 the exclusions were carried into the First Schedule. The excluded categories are (i) a negotiable instrument (other than a cheque) under the Negotiable Instruments Act, 1881; (ii) a power-of-attorney under the Powers-of-Attorney Act, 1882; (iii) a trust under the Indian Trusts Act, 1882; (iv) a will or other testamentary disposition under the Indian Succession Act, 1925; and (v) any contract for the sale or conveyance of immovable property or any interest in such property. The rationale is caution: instruments that pass title, dispose of property on death, or create fiduciary obligations were thought to demand the deliberative solemnity of paper. The Central Government may, by notification, narrow this list — a power exercised, for example, to permit electronic execution of certain documents.

How Courts Have Read the Act's Purpose

The Act's facilitative object has shaped its judicial reception. In Trimex International FZE Ltd. v. Vedanta Aluminium Ltd. (2010) the Supreme Court held that a binding contract had been concluded through an exchange of emails, and that the absence of a later, formally signed document did not unmake the agreement — a result entirely consonant with the Act's recognition of electronic communication as a valid medium for forming legal relations. The decision illustrates the non-discrimination principle in action: a contract is not denied enforceability merely because it lives in an inbox.

On the evidentiary side, the Act's amendments to the Evidence Act produced the much-litigated certificate regime under Section 65B. In Anvar P.V. v. P.K. Basheer, (2014) 10 SCC 473, a three-Judge Bench held that electronic records produced as secondary evidence are admissible only on compliance with Section 65B, including the certificate under Section 65B(4), overruling the contrary view in State (NCT of Delhi) v. Navjot Sandhu. The case is a reminder that legal recognition of electronic records is conditional, not automatic — the Act recognises electronic evidence but channels it through safeguards designed to guarantee integrity, which is functional equivalence carried into the law of proof. The later three-Judge decision in Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal, (2020) 7 SCC 1, reaffirmed that the Section 65B(4) certificate is a mandatory pre-condition for admitting an electronic record by way of secondary evidence, while clarifying the position where a party is unable to procure the certificate from a person controlling the device. For the introductory student the doctrinal point is constant across these decisions: the Act extends trust to electronic records, but trust is earned through compliance, not presumed from medium.

Early Offence Jurisprudence: Suhas Katti, Avnish Bajaj

Although the Act's punitive teeth were sharpened only in 2008, the original Section 67 (publishing or transmitting obscene material in electronic form) generated India's first cyber-crime conviction. In State of Tamil Nadu v. Suhas Katti (decided by the Egmore Metropolitan Magistrate, Chennai, on 5 November 2004) the accused had posted obscene and defamatory messages about a woman in a Yahoo messaging group using a fake identity. He was convicted under Section 67 of the IT Act together with Sections 469 and 509 of the Penal Code — a landmark demonstration that the new statute could deliver enforceable consequences in the electronic realm.

The intermediary question surfaced in Avnish Bajaj v. State (N.C.T. of Delhi) (Delhi High Court, 2008), the baazee.com matter, where an obscene clip had been listed for sale by a user on a marketplace. The Court found a prima facie case under Section 67 against the company's director in his deemed-liability capacity while declining to proceed on certain Penal Code counts. The case foreshadowed the safe-harbour reforms to Section 79 that the 2008 amendment would soon enact, and is best studied as a bridge between the original facilitative Act and its later intermediary-liability architecture.

Constitutional Limits: Shreya Singhal

No introduction to the Act is complete without Shreya Singhal v. Union of India, (2015) 5 SCC 1, the most consequential constitutional decision on the statute. A two-Judge Bench struck down Section 66A of the Act — the post-2008 provision criminalising the sending of "offensive", "menacing" or "annoying" messages — as violative of Article 19(1)(a) and not saved by the reasonable-restrictions clause in Article 19(2). The Court held the provision unconstitutionally vague and overbroad, incapable of giving fair notice of what speech it forbade.

In the same judgment the Court read down Section 79 and the Intermediary Guidelines, holding that an intermediary loses safe-harbour only upon actual knowledge through a court order or a Government notification, and it upheld the Section 69A blocking power as procedurally safeguarded. Shreya Singhal matters to an introduction because it locates the Act within the constitutional order: the statute facilitates electronic commerce and governance, but its criminal and censorial provisions remain fully subject to fundamental-rights scrutiny. The Act is a creature of ordinary legislation, not a self-justifying code.

The Scheme of the Act: A Map for the Aspirant

It helps to carry a mental map of the Act's chapter scheme. Chapter I deals with preliminary matters — short title, extent, commencement and the all-important definitions in Section 2. Chapter II concerns authentication of electronic records (Sections 3 and 3A). Chapter III provides for legal recognition of electronic records and signatures, the use of electronic records in Government, and the rules of attribution, acknowledgment and despatch (Sections 4 to 13). Chapter IV deals with secure electronic records and secure electronic signatures (Sections 14 to 16). Chapters V to VII establish the regulatory machinery — the Controller and Certifying Authorities, and the duties of subscribers.

The remaining chapters carry the enforcement and remedial apparatus: penalties and adjudication (Chapter IX), the Appellate Tribunal (Chapter X), offences (Chapter XI), the network service provider / intermediary provisions, and miscellaneous matters including the extra-territorial reach already discussed. The two Schedules added by 2008 list the excluded documents and the electronic-signature techniques. For a consolidated entry point to every chapter, see the Information Technology Act notes hub.

Why the Object-and-Background Frame Matters in the Exam

Examiners reach for this topic because it tests conceptual orientation rather than memorised section numbers. A candidate who can explain that the Act is the Indian transposition of the UNCITRAL Model Law, that it rests on non-discrimination, functional equivalence and technology neutrality, and that the 2008 amendment cured the original technology-specific defect, has demonstrated command of the statute's logic. From that frame the individual provisions become predictable: one can derive why Section 4 reads as it does, why Section 1(4)/First Schedule excludes wills and trusts, and why the criminal provisions remained vulnerable to Shreya Singhal-style scrutiny.

Practically, an answer that situates the Act historically — paper-bound law colliding with electronic commerce, the UN's harmonisation response, India's early adoption, the neutrality reform — and then anchors each limb to a case (Trimex for contract formation, Anvar P.V. for evidence, Suhas Katti for the first conviction, Shreya Singhal for constitutional limits) reads as the work of someone who understands the Act as a system. That is the standard this introduction is written to meet, and the foundation the sibling chapters build upon.