Dispute resolution mechanism under the IT Act, 2000

The Information Technology Act, 2000 establishes quasi-judicial bodies, such as adjudicating
officials, to resolve disputes (offences of a civil nature as well as criminal offences). The
adjudicating officer has the jurisdiction to award compensation as a civil remedy as well as
impose fines for violating the Act, giving them civil and criminal court-like powers. The
Cyber Appellate Tribunal is the first level of appeal, with a Chairperson and any additional
members appointed by the Central Government. A second appeal may be lodged with a High
Court having jurisdiction within 60 days after the Cyber Appellate Tribunal’s ruling has been
communicated.
The adjudicating officer
The Central Government appoints an “Adjudicating Officer” (AO) with the authority to make
decisions. The secretary of each state’s department of information technology is designated as
the AO for that state by default, according to the Ministry of Electronics and Information
Technology (“MeitY”). The AO is a quasi-judicial entity since it has the ability to:
1. Order investigation, i.e. hold an inquiry into a breach of the IT Act, 2000 based on the
evidence presented to it; and
2. Adjudicate, i.e. determine the amount of compensation or punishment to be awarded
in the event of a violation.
The adjudication process as provided by the IT Act, 2000
The adjudication process as provided by the Information Technology Act, 2000 has been
discussed in pointers hereunder:
1. Filing of the complaint to the AO.
2. Notice to the necessary parties containing the date and time of the first hearing is
issued by the AO.
 3. On the date provided in the notice, the AO explains alleged contraventions to the
party against whom allegations are made. The three possible instances that can take
place subsequent to this are provided below:
1. The person against whom the allegation is made pleads guilty, or
2. The person against whom the allegation is made shows cause why an inquiry should
not be held against him/her, or
3. The person against whom the allegation is made fails to appear. In that case, the AO
proceeds with the inquiry in absence of such a person.
If the situation in point (a) happens, then the consequence will be the imposition of penalty or
awarding of compensation as per the provisions of the IT Act, 2000, by the AO.
If the circumstance provided in point (b) unfolds itself, the outcomes are:
1. The AO decides on the basis of submission of parties and/or preliminary investigation
in order to determine whether there is sufficient cause to order an inquiry or not. The
AO will fix another date for production of documents or evidence and then finally
pass an order on the basis of the evidence presented.
2. The AO dismisses the complaint on finding no sufficient cause to proceed with it.
The AO has jurisdiction over cases in which the claim for compensation or harm is less than
INR 5 crore. The AO has the authority to order an investigation into a complaint at any time
after receiving it. An officer from the Office of the Controller of Certifying Authorities, or
(CERT-In), or a Deputy Superintendent of Police conducts the inquiry.
Cyber Appellate Tribunal
Sub-clause (1) Section 58 of the IT Act, 2000 states that the Cyber Appellate Tribunal is not
bound by the Code of Civil Procedure, 1908, but rather by the principles of natural justice,
and the Cyber Appellate Tribunal has the authority to regulate its own procedure, including
the location of its hearings, subject to the other provisions of this Act and any rules.
Clause (2) Section 58 provides that the Cyber Appellate Tribunal shall have the same powers
as a civil court under the Code of Civil Procedure, 1908, when trying a case, for the purposes
of carrying out its tasks under this Act:
1. Having any person summoned and compelled to appear, as well as questioning him
under oath;
2. Requiring documents or other electronic records to be discovered and produced;
3. Receiving evidence on affidavit;
4. Appointing commissions to examine witnesses or documents;
5. Reconsidering its decisions;
6. Dismissing an application due to default or making an ex parte decision;
7. Any additional matter that the court may deem necessary.
Clause (3) Section 58 provides that any proceeding before the Cyber Appellate Tribunal is to
be treated as a judicial proceeding for the purposes of Sections 193 and 228 of the Indian
Penal Code, 1860, and the Cyber Appellate Tribunal is treated as a civil court for the purposes
of Section 195 and Chapter XXVI of the Code of Criminal Procedure, 1973.
High court
According to Section 62 of the IT Act, 2000, a person aggrieved by the decision or order of
the Cyber Appellate Tribunal, may file an appeal with the high court within sixty days of
receiving notification of the Tribunal’s decision or order on any question of fact or law
arising out of such order. If the high court is satisfied that the appellant was prohibited from
filing the appeal within the prescribed time frame due to adequate reason, the high court may
allow it to be filed within an extended sixty-day period.

The ineffective dispute resolution mechanism of cyber laws in India

Although the framework of the dispute resolution mechanism of cyber law, as discussed
previously, appears to be promising in principle, it has not shown to be effective in practice.
There is very little coverage of a cyber dispute, and no statistics on the number of cases
adjudicated by police or the tribunal are accessible. The possible lacunas feeding on the
resolution mechanism have been presented below:

1. The AOs are vested with humongous powers. They have the authority to rule on any
law, rule, regulation, or instruction made under the IT Act of 2000. At the same time,
there are several AOs dealing with identical challenges. As a result, there are opposing
viewpoints on the same subject. For example, in Rajendra Prasad Yadav v. ICICI
Bank (2011), the AO concluded that because the bank constituted a corporate
body, Section 43 of the IT Act did not apply to it. AOs in other states, on the other
hand, have reached different conclusions. Section 43 has been used against
corporations in a number of situations. This might make it difficult for an organization
to comply with the IT Act, 2000 since it may need to take into account the opinions of
various AOs in order to operate across India.
2. To get adjudication orders issued under the IT Act, 2000, one must seek through state
government websites that are difficult to browse. This issue is also not reported in
prominent legal databases. Adjudication orders should be stored in a central database
so that officers and other stakeholders would be able to resort to these adjudication
orders when dealing with IT Act, 2000 infractions. It will also allow companies to
keep track of cyber-conflicts.
3. By virtue of an old MeitY Order from 2003, the secretaries of state departments of
information technology were supposed to be AOs. In addition to completing their
responsibilities as AOs, they are responsible for the administration of their department
and are actively involved in the co-working of the government of the state they are
appointed in. The dual nature of their employment is incredibly taxing. Given the
rising number of cyber-crimes in the country, it is necessary to restructure the system
for appointing AOs.
4. The capacity of AOs has to be increased. The United Kingdom’s Crown Prosecution
Service has formulated the ‘Cybercrime-prosecution guidance’ which lays down
major types of cybercrime, such as hacking and social media-related offences, and
therefore serves as a guideline for deciding on cybercrime cases. In India, similar
guidance should be formulated and implemented to ensure better complaint
management.
5. There is no guiding document on the cyber investigation or cyber forensics in the
Indian regulatory environment. The “Examiner of Electronic Evidence” was formed
by the Information Technology (Amendment) Act of 2008. This organization offers
professional advice on electronic evidence. Various forensic science laboratories have
been appointed as examiners by the MeitY. These labs are well-versed in the field of
cyber-investigation. The 2003 Holding of Enquiry Rules, on the other hand, have not
been amended since the 2008 amending legislation. The regulations must be changed
to allow AOs to require such examiners to look into the issues before them in a better
and efficient way. To better equip the police and other investigative authorities to
handle such instances, rules or principles on cybercrime investigation should be
established.
6. The TDSAT is solely made up of a chairperson and two additional members, as
provided by the TRAI Act, 1997. Because telecom and information technology are
two distinct areas, deciding between them necessitates a different set of skills. To
deliberate on matters relevant to the issue, the TDSAT must strengthen itself and
 include specialists with expertise in information technology. Cyber appeals should be
decided by a different bench for effective solutions to cyber challenges.
Conclusion
Given the high number of cyber-attacks in the country, it is imperative that the present
dispute resolution structure under the IT Act, 2000 be strengthened. By requiring cyber
violators to pay damages and compensation, the dispute resolution structure can serve as a
strong deterrence. It may also be used as a venue for victims to file complaints and seek
redress. It has failed to produce the desired outcome in its current state. The IT Act’s
authorities are responsible for a wide range of concerns, including cybersecurity,
intermediary responsibility, data privacy, and cyber offences. As a result, these authorities
must be well-equipped to carry out their broad powers.
The government has emphasized its Digital India plan, which is expected to help India
achieve its aim of being a $5 trillion economy by 2025. In addition, India has a big internet
user base of 650 million people. Given India’s push for digital transformation, it’s critical to
give the Act some teeth, particularly in terms of its dispute resolution mechanism. This will
guarantee that online conflicts are efficiently managed and resolved. The general public, as
well as stakeholders, will have more faith in the regulatory structure as a result of this.
Dispute Resolution under the IT Act
The Information Technology (IT) Act, 2000, provides a legal framework for the resolution of
disputes arising from electronic transactions and activities. Here are the key provisions and
mechanisms for dispute resolution under the IT Act:
Adjudicating Officers (Section 46)
 The IT Act authorizes the appointment of adjudicating officers to handle disputes
involving contraventions of the Act.
 Adjudicating officers are typically officers not below the rank of a Director to the
Government of India or an equivalent officer of a State Government.
 They have the power to impose penalties and compensation for damage to computer
systems, data, or software caused by unauthorized access or hacking.
Cyber Appellate Tribunal (Sections 48-58)
 Establishment: The IT Act provides for the establishment of the Cyber Appellate
Tribunal (now merged with the Telecom Disputes Settlement and Appellate Tribunal
or TDSAT) to hear appeals against the orders of the adjudicating officers.
 Jurisdiction: The Tribunal has jurisdiction to hear and dispose of appeals from the
orders of adjudicating officers and is empowered to issue directions, orders, or
awards.
 Composition: The Tribunal consists of one Chairperson and other members as
appointed by the government. The Chairperson is typically a person who is, or has
been, a Judge of the Supreme Court or a High Court.
 Procedure: The procedure of the Tribunal is more informal compared to traditional
courts and is aimed at expeditious disposal of cases.
Penalties and Compensation (Sections 43-45)
 Section 43: Provides for penalties for damage to computer systems, including
unauthorized access, data theft, spreading of viruses, and denial of service attacks.
The adjudicating officer can levy penalties for such acts.
 Section 44: Imposes penalties for failure to furnish information, return, or answer to
the Controller or the Certifying Authorities as required under the Act.
 Section 45: Provides for the adjudication of compensation for failure to protect data,
unauthorized access, and other contraventions of the Act.
Offences and Punishments (Sections 65-78)
 Section 65: Deals with tampering with computer source documents, prescribing
imprisonment or fines.
 Section 66: Addresses hacking with computer systems, with provisions for
imprisonment and fines.
 Section 67: Penalizes the publishing or transmission of obscene material in electronic
form, with stringent penalties.
 Sections 68-78: Cover various other offenses, including breach of confidentiality,
privacy, cyber terrorism, and identity theft, providing a comprehensive framework for
addressing cybercrimes.
Role of the Police and Investigating Agencies
 The IT Act empowers police officers not below the rank of an Inspector to investigate
any contravention of the Act.
 They have the authority to enter any public place, search and arrest individuals
without a warrant, and seize computers, computer systems, or data involved in the
contravention.
Alternative Dispute Resolution (ADR)
 Although not explicitly detailed in the IT Act, ADR mechanisms like mediation and
arbitration can be used to resolve disputes involving electronic transactions. Parties
can agree to settle their disputes through ADR methods, providing a faster and often
more amicable resolution process.

The IT Act, 2000, establishes a detailed framework for dispute resolution in the realm of
electronic transactions and cyber activities. It includes mechanisms for adjudication, appeals,
penalties, and compensation, ensuring that disputes are addressed efficiently and effectively.
The involvement of specialized officers, the establishment of the Cyber Appellate Tribunal,
and provisions for penalties and compensation form the backbone of this dispute resolution
framework. Additionally, the potential for alternative dispute resolution provides flexibility
and speed in resolving conflicts in the digital domain.
Online Defamation
Online defamation refers to the act of publishing false statements about an individual or
entity on the internet that can harm their reputation. Defamation can occur through various
online platforms, including social media, blogs, forums, and websites. In India, online
defamation is addressed through a combination of traditional defamation laws and specific
provisions under the Information Technology (IT) Act, 2000.
Types of Cyber Defamation
Cyber defamation encompasses a range of harmful behaviours that occur online, tarnishing
reputations and causing emotional distress. Understanding the various types can help
individuals recognise and address these issues more effectively.
Slander and Libel
Slander involves making false spoken statements about someone, while libel involves false
written or printed statements. Both forms can damage reputations, with libel often occurring
on social media, blogs and forums.
Cyberbullying
This includes online behaviours intended to harass or harm someone emotionally.
Cyberbullies may spread rumours, post hurtful comments or engage in other harmful
activities.
Revenge Porn
Sharing explicit images or videos of someone without their consent to harm their reputation is
considered revenge porn. This act can have severe emotional and legal consequences.
False Reviews
Posting fake comments or testimonials online to damage someone’s reputation or promote a
competitor’s business is a deceptive practice that undermines trust in online reviews.
Impersonation
Creating fake online profiles to spread false or damaging information about someone is a
form of impersonation. This can lead to confusion and harm the victim’s reputation.
Hate Speech
While not always legally classified as defamation, hate speech involves making derogatory
and false statements about individuals or groups based on their characteristics. It can lead to
reputational harm and incite hatred.
False Allegations
Making false accusations against someone online, such as falsely accusing them of a crime,
can seriously damage their reputation and lead to legal consequences.
Doxing
Publicly revealing someone’s private information, like their address or phone number, with
the intent to harass or harm them is known as doxing. This invasion of privacy can have
serious personal and professional repercussions.
Stalking and Harassment
Repeatedly harassing someone online through messages, comments or threats can damage
their reputation and cause emotional distress. Persistent online harassment is a form of cyber
defamation.

Legal Framework for Defamation in India

1. Indian Penal Code (IPC), 1860:
 o Section 499: Defines defamation as any spoken or written words, or visible
representations, made with the intention to harm or with knowledge or
reasonable belief that such statements will harm the reputation of a person. It
includes both libel (written defamation) and slander (spoken defamation).
o Section 500: Provides the punishment for defamation, which can be simple
imprisonment for a term that may extend to two years, or with a fine, or both.
2. Information Technology (IT) Act, 2000:
o Section 66A: Previously dealt with sending offensive messages through
communication services, but was struck down by the Supreme Court in 2015
in the case of Shreya Singhal v. Union of India as it was deemed
unconstitutional and vague.
o Section 69A: Empowers the government to block access to any information or
content on the internet in the interest of sovereignty, integrity, defense of
India, security of the state, friendly relations with foreign states, or public
order.
o Section 79: Provides for the exemption from liability of intermediaries (such
as social media platforms) for any third-party information, data, or
communication link hosted by them, provided they follow due diligence and
do not knowingly host harmful content.
Remedies and Legal Actions
1. Civil Remedies:
o Injunctions: Victims of online defamation can seek a court injunction to
prevent further dissemination of defamatory content.
o Damages: Individuals can file civil suits claiming monetary compensation for
the harm caused to their reputation.
2. Criminal Remedies:
o Filing a Complaint: A criminal complaint can be lodged with the police or a
magistrate. The accused, if found guilty, can face imprisonment, fines, or both
under Section 500 of the IPC.
3. Intermediary Liability:
o Under the IT Act, intermediaries are required to follow due diligence and must
take down defamatory content upon receiving actual knowledge of such
content or upon receiving a court order. Failure to comply can result in the
intermediary losing its safe harbor protection and becoming liable for the
defamatory content.
Jurisdiction and Challenges
1. Jurisdiction:
o Online defamation cases can be complex due to the borderless nature of the
internet. Courts in India can claim jurisdiction if the defamatory content is
accessible within India, even if the content was created or uploaded outside
India.
2. Challenges:
o Anonymity: Identifying the perpetrator of online defamation can be difficult
due to the anonymity provided by the internet.
o Speed of Dissemination: Defamatory content can spread rapidly online,
making it challenging to control or remove once it has been published.
o Free Speech vs. Defamation: Balancing the right to freedom of speech and
expression with the need to protect individuals from defamatory statements is
a constant legal challenge.
Online defamation is a serious issue that can significantly impact an individual's or entity's
reputation. The legal framework in India provides both civil and criminal remedies to address
defamation, including provisions under the IPC and the IT Act. However, the dynamic nature
of the internet poses unique challenges in terms of jurisdiction, enforcement, and balancing
fundamental rights. Effective legal recourse often requires a combination of legal action,
intermediary regulation, and awareness of digital rights and responsibilities.

Problems and issues in Cyber Defamation

Cyber defamation poses several challenges due to the nature of online communication and
the anonymity it affords. One major issue is identifying the perpetrator who intended to harm
someone’s reputation or the third party who read the defamatory content.
This challenge is amplified on platforms like blogs where authors can choose to remain
anonymous, making it difficult to ascertain their identity. Additionally, comments on blogs or
news articles often lack real names or verifiable information, further complicating the
identification process.
On social media platforms like Facebook, defamatory content can quickly spread to a wide
audience, making it challenging to contain the damage caused to the victim’s reputation.
Furthermore, the sheer volume of content on the internet makes it difficult to monitor and
address instances of cyber defamation effectively.
Forms of Defamatory Publications Admissible by Courts in India
In India, courts consider electronic records, including those printed on paper or recorded in
optical or magnetic media, as documents admissible in court under Sections 65A and 65B of
the Indian Evidence Act.
This includes online chats and electronic mails, which can be presented as evidence in
defamation cases. These provisions help courts in evaluating electronic evidence to determine
the truthfulness of defamatory publications and hold accountable those responsible for
damaging someone’s reputation through online mediums.

The Controversial Section 66A of IT Act, 2000

Object of Section 66A
Section 66A of the IT Act, 2000, does not specifically deal with online defamation. However,
it makes the sending of offensive material for the object of harming someone’s reputation or
for criminal intimidation a punishable offence. According to it, if a person uses a computer
resource or device to circulate content which is menacing and offensive, or information
which he/she knows to be false but still sends it across the internet for some ulterior motive,
or sends an email with an aim to deceive the recipient about its origin, he/she shall be
punishable with imprisonment which may extend to three years, along with fine.
Controversy
In Shreya Singhal v. Union of India, two girls from Maharashtra filed the first petition against
this Section in Thane Police following their arrest due to their comments on a post talking
about a lockdown due to Shiv Sena chief Bal Thackeray’s funeral. Their arrest invoked
widespread anger and debate as to how the Cyber Law was being used in the nation. More
such arrests kept on happening, including arrest due to forwarding caricatures on Mamata
Banerjee on Facebook.
Issue
The wording of the section mentions spreading false content for “causing annoyance,
inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill
will”. The scope of this section is very wide. It strives to include any and everything under
the Sun. Every serious opinion dissenting shall be liable to fall prey to it. It was contended
that most of the terms in the section were not defined in the Act and posed a serious threat to
freedom of speech and expression.
Striking down of the Section
In Shreya Singhal v. Union of India, the Supreme Court held the section invalid and struck it
down for being ambiguous and open-ended in 2015. They made a note of the wide scope of
the section and agreed that it posed a threat and went beyond acting as a “reasonable
restriction” to the freedom of speech and expression.
Where to lodge a complaint
Cybercrimes such as online defamation can be filed with the Cyber Crime Investigation Cell,
which is a branch of the Criminal Investigation Department. These Cells have branches
across various cities such as New Delhi, Tamil Nadu, Gurgaon, Pune, etc. They deal with all
the crimes whose subject matter is related to crimes in cyberspace and offences related to the
computer, computer resources, internet, etc. Before filing an online defamation claim, the
complainant must note that these crimes are taken seriously and put their reputation at stake
as well. The burden of proof lies on the complainant and if they are not able to establish the
offence, the respondent can file a counter-suit for defamation and damages thereto.

Cyber Defamation Cases

Kalandi Charan Lenka vs State of Odisha
In this case, the victim received indecent texts on her mobile device, followed by offensive
messages to her father’s phone from an unidentified number. These messages caused
significant mental distress to the victim.
Additionally, her character was defamed through written letters sent to her father in 2015 and
2016, containing sexual remarks. Furthermore, a false Facebook account was created in her
name, posting modified naked photos, with the intention of offending her modesty.
Rajiv Dinesh Gadkari vs Smt. Nilangi Rajiv Gadkari
After the appellant requested a consent divorce, the respondent’s wife was harassed with
filthy images and text posted on the appellant’s website. She filed a defamation case under
the IT Act, leading to the offence being recorded against him. The respondent sought
restitution of items and maintenance of Rs. 75,000 per month.
The appellant created obscene content for her profiles on various websites, including posting
photos taken during her visit to Hawaii Island. She had to alert web hosting companies to
remove the content.
In the case of SMC Pneumatics(India) Pvt. Ltd. V. Jogesh Kwatra , a disgruntled employee
sent the rest of his employers as well as the company’s subsidiaries all over the world
obscene, defamatory, offensive and derogatory emails with an intention of hampering the
company’s and the Managing Director’s reputation. An injunction was issued by the Delhi
High Court against the employee refraining him from further engaging in physical and cyber
defamation both.
In the Suhas Katti v. Tamil Nadu, the accused spread obscene, vulgar, and defamatory
content about a divorcee in a Yahoo message group. He also sent derogatory emails to her
asking for information from a fake account. She received annoying phone calls due to his
posting of the message, and she lodged a complaint against him. The accused was held guilty
of offences under Section 469. 509 IPC and Section 67 of the IT Act, 2000,
In another case, Tata Sons v. Turtle International, the Delhi High Court reiterated the
meaning of the word “publication” in the context of defamation and held that it embraces all
mediums, including the Internet. Just because publication on the internet varies due to its
mass reach in a short span of time does not alter that it is, after all, a medium of
communication. Injunctions for cybercrimes ought to be granted immediately because of its
characteristics such as its easy accessibility and a self-publishing nature, which might cause
greater harm to the victim. Hence, the laws governing crimes that happen over the net shall
be properly defined and distinguished owing to its different nature as a medium.
More recently, in Swami Ramdev & Anr. v. Facebook Inc. & Ors., Justice Pratibha Singh
gave an order to remove all defamatory content against Baba Ramdev which has been
uploaded from a computer or computer resource in India. The decision was given without any
territorial limit, and if as asked wasn’t heeded to, then Indian Courts would have international
jurisdiction to pass injunctions. Facebook filed an appeal against this decision in the Delhi
High Court, stating that even though they knew who the author of the content was, they were
not liable to be made a party to the suit. Also, this content had not shown any strong or
irreparable loss to the image of Baba Ramdev. They also contended that it interferes with the
immunity granted to them in other jurisdictions.