Section 65A of the Copyright Act, 1957, inserted by the Copyright (Amendment) Act, 2012 with effect from 21 June 2012, criminalises the circumvention of "effective technological measures" applied for the purpose of protecting any of the rights conferred by the Act. The provision marks India's domestic implementation of Article 11 of the WIPO Copyright Treaty, 1996 (WCT) and Article 18 of the WIPO Performances and Phonograms Treaty, 1996 (WPPT). It sits alongside Section 65B (rights management information) as the digital-environment limb of the criminal scheme of offences and penalties. Together, the two sections recognise that the digital age threatens copyright less by physical reproduction and more by the bypassing of access-control and copy-control technologies.
For the judiciary aspirant, Section 65A is one of the few Indian copyright provisions where comparative law is essential to a complete answer. Its drafting borrows visibly from §1201 of the United States Digital Millennium Copyright Act, 1998 (DMCA) and Article 6 of the European InfoSoc Directive 2001/29/EC, but it parts company with both on the question of trafficking offences. The Indian provision is narrower than the DMCA and the InfoSoc Directive on the supply side; it punishes circumvention itself, but does not separately criminalise the manufacture or distribution of circumvention devices.
Statutory anchor — the text of Section 65A
Section 65A criminalises the circumvention of an effective technological measure applied for the purpose of protecting any of the rights conferred by the Act, with the intention of infringing such rights. The punishment is imprisonment which may extend to two years and fine. A proviso lists the carve-outs: nothing in the section shall prevent a person from doing any of seven specified categories of acts, including necessary measures for non-infringing uses, encryption research, lawful investigation, security testing of computer systems, identification of the technological measure for the purpose of disabling access, identification of the technological measure for measuring or analysing the flow of information, or any lawful purpose.
"Any person who circumvents an effective technological measure applied for the purpose of protecting any of the rights conferred by this Act, with the intention of infringing such rights, shall be punishable with imprisonment which may extend to two years and shall also be liable to fine." — Section 65A(1), Copyright Act, 1957
Three ingredients control the offence. First, the existence of an "effective technological measure" — the section uses the WCT formulation. Second, the act of circumvention — the bypassing, removal or disabling of the measure. Third, the mental element — the intention of infringing rights conferred by the Act. The section requires specific intent, not negligence; the prosecution must prove that the accused circumvented the measure with the deliberate object of defeating copyright. This is the doctrinal counterpart to the "knowingly" requirement of Section 63, which the aspirant should distinguish carefully.
The WCT and WPPT — the international anchor
The international anchor for Section 65A is Article 11 of the WIPO Copyright Treaty, 1996, which obliges contracting parties to provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures used by authors in connection with the exercise of their rights under the Treaty or under the Berne Convention. Article 18 of the WPPT extends the same obligation in respect of performers and phonogram producers. India acceded to the WCT and WPPT on 25 December 2018 — six and a half years after Section 65A came into force; the 2012 Amendment was passed in legislative anticipation of accession, and by the time accession occurred, Indian law was already broadly compliant.
The choice of "effective technological measure" tracks WCT language. The Copyright Rules, 2013 (notified under the post-2012 Act) do not exhaustively define "effective", but international and comparative practice treats a measure as effective when, in the normal course of its operation, it controls access to a work or restricts acts in respect of works which are not authorised by the right-holder. Encryption, password access, region coding on physical media, digital rights management overlays, hardware dongles and trusted-platform-module checks are all potentially "effective" if they perform the functional role of controlling access or copying.
Comparative law — DMCA §1201 and InfoSoc Directive Article 6
Section 1201 of the United States Digital Millennium Copyright Act, 1998 was the first significant national implementation of WCT Article 11. The DMCA criminalises both circumvention itself (§1201(a)(1)) and trafficking in circumvention technologies (§1201(a)(2) and §1201(b)). It distinguishes between access controls and copy controls, and authorises triennial rule-making by the Librarian of Congress to add classes of works to a list of permitted circumvention. The trafficking offence — sometimes called the "anti-trafficking" provision — is the centrepiece of the US scheme and the source of much of its controversy, including the prosecution in United States v. Elcom Ltd. (2002) and the civil suits in Universal City Studios v. Reimerdes (2000) involving the DeCSS DVD-decryption code.
Article 6 of the European Union InfoSoc Directive 2001/29/EC takes a similar approach. It requires Member States to provide adequate legal protection against the circumvention of effective technological measures and against the manufacture, import, distribution, sale, rental, advertising for sale or rental, or possession for commercial purposes of devices, products or components which are promoted, advertised or marketed for the purpose of circumvention. Member States have implemented Article 6 in different ways — the United Kingdom in Section 296 to 296ZF of the Copyright, Designs and Patents Act 1988 as amended by the Copyright and Related Rights Regulations 2003; Germany in §§95a–95d of the Urheberrechtsgesetz.
The Indian Section 65A is narrower. It criminalises the act of circumvention but does not separately punish the manufacture or distribution of circumvention devices. Sub-section (2) is a savings clause — it preserves the application of the Information Technology Act, 2000 to the same conduct, and operates alongside the rights regime developed under performers' rights and broadcast reproduction rights, leaving open the possibility that supplying tools may be reached through provisions like Section 66 of the IT Act in appropriate cases. The legislative choice to omit a trafficking offence is sometimes attributed to the recommendations of the Standing Committee on the 2010 Copyright Bill, which was concerned about chilling effects on legitimate research and reverse engineering.
Two years and fine. Seven savings clauses. Specific intent.
Topic-tagged MCQs from previous-year papers and original mocks — calibrated to actual exam difficulty.
Take the IPR mock →The seven savings — exceptions in the proviso
Sub-section (2) of Section 65A is the exceptions limb. Nothing in sub-section (1) shall prevent any person from: (a) doing anything referred to therein for a purpose not expressly prohibited by the Act, provided that such person, if facilitated by another person, maintains a complete record of such other person, including his name, address and all relevant particulars necessary to identify him and the purpose for which he has been facilitated; (b) doing anything necessary to conduct encryption research using a lawfully obtained encrypted copy; (c) conducting any lawful investigation; (d) doing anything necessary for the purpose of testing the security of a computer system or a computer network with the authorisation of its owner; (e) operating any technological measure intended for identification or surveillance of a user; or (f) taking measures necessary in the interest of national security.
The carve-outs are functionally similar to the DMCA's permitted-circumvention triennial classes, but they are framed in the statute itself rather than in subordinate rules, and they do not require periodic renewal. Encryption research, security testing, investigation by law-enforcement, and acts in the interest of national security are all non-criminal under Section 65A even if they involve circumvention. The carve-out for non-infringing uses (clause (a)) is potentially the most significant — it preserves the ability of a person to circumvent a technological measure where the underlying use is itself non-infringing under Section 52 fair dealing.
The record-keeping requirement in clause (a) is operationally important: the person who avails himself of the non-infringing-use exception, and is facilitated in doing so by a third person, must maintain a complete record of that third person, including identification particulars and purpose. The provision contemplates that some users will not have the technical capacity to circumvent themselves and will rely on intermediaries — a consultant, a colleague, a service provider; the record-keeping requirement is a proportionality measure that prevents the exception from becoming a back door for indiscriminate circumvention.
Effective technological measure — defining the boundary
The Indian Act does not define "effective technological measure". The Copyright Rules, 2013 are silent on the operational definition. Indian courts will, on a future challenge, likely turn to comparative jurisprudence for guidance. The CJEU in Nintendo Co. Ltd. v. PC Box Srl (Case C-355/12) read Article 6 of the InfoSoc Directive functionally — a measure is technological if it is a technology, device or component designed, in the normal course of its operation, to prevent or restrict acts not authorised by the right-holder. The US Court of Appeals for the Federal Circuit in Chamberlain Group v. Skylink Technologies (2004) read the DMCA's effectiveness test narrowly, holding that the technological measure must protect against access reasonably linked to copyright infringement; protection of mere market segmentation, without a copyright nexus, was outside §1201.
The functional test is therefore: does the measure, in the normal course of its operation, restrict acts in respect of the underlying work that the Act treats as exclusive to the right-holder? If yes, the measure is "effective" within Section 65A. If the measure protects mere commercial segmentation (region coding for unrelated reasons, anti-competition lockouts, manufacturer warranty enforcement) without a copyright nexus, the answer should be no. The interaction with the bundle of exclusive rights under Section 14 is therefore decisive — the technological measure must protect a Section 14 right.
Reverse engineering and software interoperability
One of the recurring concerns in the comparative literature is whether Section 65A frustrates the legitimate reverse engineering of computer software for interoperability — a use traditionally protected at common law and under Section 52(1)(ab) of the Copyright Act (observation, study and testing of the functioning of a computer programme to determine the ideas and principles which underlie any elements of the programme while performing such acts necessary for the use of the programme). The clause (a) saving — for purposes not expressly prohibited by the Act — preserves the legitimacy of reverse engineering covered by Section 52(1)(ab). A programmer who circumvents a technological measure with the object of studying the underlying programme for interoperability purposes does not, in principle, attract Section 65A liability.
The position is reinforced by the Section 52(1)(ad) saving for the making of copies of a computer programme to obtain information essential for operating inter-operability of an independently created computer programme with other programmes. Reverse engineering for interoperability is an internationally recognised non-infringing use, going back to the EU Software Directive (originally 91/250/EEC, now 2009/24/EC) and to US cases like Sega Enterprises v. Accolade (1992) and Sony Computer Entertainment v. Connectix (2000). Section 65A is not intended to overrule these uses.
Section 65A and Section 63 — overlap and distinction
Section 65A overlaps with the general infringement offence under Section 51 read with Section 63 but is conceptually distinct. Section 63 punishes the act of infringement itself — making, distributing, importing, performing or communicating an infringing copy. Section 65A punishes the bypassing of the technological gatekeeper. The same factual pattern can attract both: the user who bypasses encryption and then makes infringing copies commits two offences. The dual-track liability is deliberate; the legislature intended to attack the digital-piracy chain at both the access-control stage and the reproduction stage.
The penalty under Section 65A — imprisonment up to two years and fine — is lower than the maximum under Section 63 (three years). The legislative judgment is that bare circumvention, where infringement does not also follow, is less serious than completed infringement. Where both occur, the prosecutor will typically frame the charge under Section 63 as the principal offence, with Section 65A as the alternative or additional charge.
Civil remedies and injunctions
Although Section 65A is framed as a criminal provision, the broader civil remedy regime under Section 55 — injunction, damages, account of profits — extends to circumvention conduct insofar as it infringes a right conferred by the Act. A right-holder whose technological measure has been bypassed can therefore (a) prosecute under Section 65A, (b) sue civilly under Section 55, and (c) where the bypassing has facilitated the importation of infringing copies, invoke Section 53 border measures at the customs frontier. The remedies are cumulative.
Indian High Courts have begun to grant dynamic injunctions in copyright matters that implicitly reach Section 65A conduct: a dynamic injunction restrains the operation of mirror sites that frequently host circumvention tools and decryption keys. The Delhi High Court's Star India Pvt. Ltd. v. Various John Does line and the Bombay High Court's UTV Software Communications v. 1337x.to line have substantively expanded the reach of civil injunctions into the same territory that Section 65A governs criminally.
Sony v. Universal — the policy backdrop
The intellectual backdrop to Section 65A is the long-running policy debate that began with Sony Corporation of America v. Universal City Studios, 464 US 417 (1984), the United States Supreme Court's Betamax decision. Sony held that the manufacture and sale of video-tape recorders was not contributorily infringing because the device was capable of substantial non-infringing use (time-shifting). The doctrinal residue of Sony — that gatekeeping technology should not be criminalised when it has substantial non-infringing uses — informs the structure of Section 65A's exceptions. The clause (a) saving for non-infringing uses is the Indian doctrinal echo of the Sony rule.
Exam angle and pitfalls
Three recurring exam patterns emerge. First, identify the international anchor — WCT Article 11 and WPPT Article 18 — and explain that India acceded in December 2018 after enacting Section 65A in 2012. Second, distinguish Section 65A from the DMCA §1201 and InfoSoc Directive Article 6 — the Indian provision lacks a separate trafficking offence. Third, work through the seven exceptions in sub-section (2), giving the practical category for each (encryption research, security testing, lawful investigation, national security, identification, non-infringing use, surveillance).
The most common error is to treat Section 65A as a strict-liability offence. It is not. Specific intent — "with the intention of infringing such rights" — is required. The second error is to forget the proviso saving for non-infringing uses; circumvention for a Section 52 purpose is not criminal. The third error is to treat the manufacture or distribution of circumvention devices as automatically criminal under Section 65A; the Indian section reaches only the act of circumvention itself, with the IT Act left as a residual pathway under sub-section (2). For the integrated answer pattern, read Section 65A together with Section 65B on rights management information and the broader scheme of Copyright Act notes, since the two sections are designed to operate as a digital-environment pair.
Information Technology Act overlay and intermediary liability
Sub-section (2) of Section 65A preserves the application of the Information Technology Act, 2000. The interface is significant. Section 66 of the IT Act criminalises computer-related offences with intent to cause wrongful loss or damage — punishment of up to three years and fine. Section 43 lists civil liability for unauthorised access, downloading and damage. Where a person manufactures or distributes circumvention software, the Section 43 / Section 66 pathway can be invoked even though Section 65A itself stops at the act of circumvention. The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 add a layer of due-diligence obligations on intermediaries that host circumvention content, with takedown obligations on actual knowledge.
Intermediary liability for facilitation of circumvention has not been squarely tested in Indian courts under Section 65A, but the analogous reasoning in the search-engine and platform cases — including the Madras High Court's order in Super Cassettes Industries Ltd. v. MySpace on the contours of Section 79 of the IT Act — is likely to inform the eventual treatment. The conditional safe harbour in Section 79 will be available to intermediaries that comply with the takedown regime and exercise due diligence. The Bombay High Court in the MySpace v. Super Cassettes Industries appeal further refined the position by linking knowledge to specific URL-level notices rather than general awareness of infringing content. The relevant standards of subsisting copyright are addressed in the discussion of subject matter of copyright, and the analytical sequence — work, ownership, technological measure, circumvention — must be applied in that order.
Procedural questions — cognisability, bail and trial forum
Section 65A prescribes imprisonment which may extend to two years. Read with Part II of the First Schedule to the Code of Criminal Procedure, 1973, the offence is non-cognisable and bailable — the maximum sentence is less than three years. The contrast with Section 63 — which the Supreme Court in M/s Knit Pro International v. State of NCT of Delhi (2022) 10 SCC 221 held to be cognisable and non-bailable on the basis of the "three years and upwards" band — is sharp. A complainant under Section 65A must therefore proceed by private complaint to a Magistrate under Section 200 of the Code; police investigation is not available without an order under Section 155(2) of the Code.
Trial forum is governed by Section 70 of the Copyright Act. No court inferior to that of a Metropolitan Magistrate or Judicial Magistrate of the first class shall try any offence under the Act. Section 65A trials therefore take place at that level, with appeals lying to the Sessions Court and the High Court. The procedural mismatch — non-cognisable and bailable, but tried at first-class magistrate level — reflects the legislative judgment that circumvention is technically demanding to investigate and warrants a magistrate of seniority despite the lower sentence. Limitation under Section 468 of the Code of Criminal Procedure, 1973 is two years for offences punishable with imprisonment exceeding one year but not exceeding three years, with the result that the complainant has two years from the date of the offence to set the criminal law in motion.
Drafting precision and the meaning of "circumvent"
The Act does not define "circumvent". Comparative practice — the DMCA, the InfoSoc Directive and the WCT preparatory documents — treats circumvention as the act of avoiding, bypassing, removing, deactivating or otherwise impairing a technological measure without the authority of the right-holder. The act may be physical (extracting a hardware dongle, removing a region-locking chip), software-based (running a decryption utility against an encrypted file), procedural (entering credentials obtained without authorisation), or social-engineering based (deceiving an authorised user into handing over keys). All of these fall within the natural meaning of "circumvent". The Indian aspirant should remember that Section 65A is technology-neutral; the section does not list or exclude particular techniques.
Authorisation is a complete answer. A person who circumvents a measure under licence from the right-holder, or under a lawful court order, is not a circumventer in the prohibited sense. Implied authorisation should be treated cautiously — the safer course for the aspirant is to assume that authorisation must be express or arise by clear necessary implication, particularly given that the offence is constituted by specific intent to infringe.
Frequently asked questions
What is an 'effective technological measure' under Section 65A?
Section 65A does not statutorily define the expression. Comparative jurisprudence treats a measure as effective when, in the normal course of its operation, it controls access to a work or restricts acts in respect of the work that are not authorised by the right-holder. Encryption, password access, region coding, digital rights management, hardware dongles and trusted-platform-module checks all qualify if they perform that functional role. The CJEU in Nintendo v. PC Box and the US Federal Circuit in Chamberlain v. Skylink read the test functionally, requiring a copyright nexus.
Does Section 65A punish making or distributing circumvention tools?
No, not directly. Section 65A criminalises the act of circumvention itself, with imprisonment up to two years and fine. Unlike DMCA §1201 and InfoSoc Directive Article 6, the Indian provision does not contain a separate trafficking offence reaching the manufacture or distribution of circumvention devices. Sub-section (2) preserves the application of the Information Technology Act, 2000 to such conduct, so supply of tools may be reached through the IT Act. The omission was a deliberate legislative choice influenced by Standing Committee concerns about chilling research.
Is reverse engineering for interoperability still legal after Section 65A?
Yes. Section 65A's clause (a) saving exempts circumvention for purposes not expressly prohibited by the Act. Section 52(1)(ab) and Section 52(1)(ad) recognise observation, study, testing and interoperability-related copying of computer programmes as non-infringing. A programmer who circumvents a technological measure to study a programme for interoperability purposes therefore acts within the saving. The position aligns with the EU Software Directive and US cases like Sega v. Accolade and Sony v. Connectix, which have long recognised reverse engineering for interoperability as legitimate.
When did India accede to the WCT and WPPT?
India deposited instruments of accession to the WIPO Copyright Treaty, 1996 and the WIPO Performances and Phonograms Treaty, 1996 on 25 December 2018. The treaties entered into force in respect of India on 25 March 2019. Section 65A and Section 65B had been inserted by the 2012 Amendment in legislative anticipation of accession, and by the time accession occurred Indian law was already broadly compliant with the digital agenda obligations of the two WIPO Internet Treaties.
Can the same act attract both Section 63 and Section 65A?
Yes. The two sections punish different conduct — Section 63 punishes infringement of copyright itself, while Section 65A punishes the bypassing of the technological measure that protects copyright. A user who decrypts an encrypted file and then makes and distributes infringing copies commits both offences. The prosecutor typically frames the charge under Section 63 as the principal offence with Section 65A as additional or alternative. The maximum punishment under Section 63 is three years, while Section 65A carries up to two years.