Internal Security·Legal Reforms
Cyber Security Architecture — Legal Reforms
Constitution VerifiedUPSC Verified
Version 1Updated 7 Mar 2026
| Entry | Year | Description | Impact |
|---|---|---|---|
| Information Technology (Amendment) Act, 2008 | 2008 | This amendment significantly updated the original IT Act, 2000, to address emerging cyber threats and technological advancements. It introduced new definitions, enhanced penalties for cyber crimes, and strengthened provisions related to data protection and critical infrastructure. Key additions included Section 43A (compensation for failure to protect data), Section 66A (punishment for sending offensive messages, later struck down), and crucial sections related to 'protected systems' (Section 70) and 'critical information infrastructure' (Section 70A). | The 2008 amendment provided a more robust legal framework for cyber security in India. It empowered the government to declare certain computer resources as 'protected systems' and laid the groundwork for the establishment of NCIIPC. It also increased the focus on data protection, paving the way for future data privacy legislation. From a cyber security architecture perspective, it provided the legal teeth for mandating security practices and prosecuting cyber criminals, thereby strengthening the 'enforcement' and 'legal framework' pillars of the national architecture. |