Internal Security·Legal Reforms
Basics of Cyber Security — Legal Reforms
Constitution VerifiedUPSC Verified
Version 1Updated 7 Mar 2026
| Entry | Year | Description | Impact |
|---|---|---|---|
| Information Technology (Amendment) Act, 2008 | 2008 | This amendment significantly updated the original IT Act, 2000, to address the evolving cyber threat landscape. It introduced new definitions and expanded the scope of cyber crimes. | Strengthened legal provisions against cyber crimes like data theft, identity theft, and cyber terrorism (Section 66F). Enhanced penalties for various offenses. Introduced the concept of 'reasonable security practices' for data protection (Section 43A) and clarified intermediary liability (Section 79). This amendment made the IT Act more robust and relevant to the contemporary digital environment. |
| Digital Personal Data Protection Act, 2023 | 2023 | While not an amendment to the IT Act, it is a new, comprehensive law that significantly impacts the legal framework for data protection and cyber security in India. | Establishes a robust framework for processing digital personal data, recognizing the right to privacy as a fundamental right. Mandates consent for data processing, outlines obligations for data fiduciaries, and creates the Data Protection Board of India. This Act fundamentally changes how organizations handle personal data, requiring enhanced cyber security measures and accountability, thereby strengthening the overall data governance and cyber security ecosystem in India. |