Social Justice & Welfare·Amendments
Cyber Security and Privacy — Amendments
Constitution VerifiedUPSC Verified
Version 1Updated 9 Mar 2026
| Amendment | Year | Description | Impact |
|---|---|---|---|
| Information Technology (Amendment) Act, 2008 | 2008 | This amendment significantly updated the IT Act 2000, introducing more stringent provisions for cybercrime, including new sections for data theft, identity theft, and cyber terrorism. It also introduced Section 43A, which mandates compensation for failure to protect sensitive personal data, and refined intermediary liability under Section 79. It was a crucial step in strengthening India's cyber law India. | Enhanced legal framework for cybercrime, introduced data protection liability for corporate bodies, and clarified the role and responsibilities of online intermediaries. It broadened the scope of cyber security legislation in India. |
| Digital Personal Data Protection Act, 2023 | 2023 | While not an amendment to the IT Act, this Act effectively replaces the data protection provisions previously scattered or implied. It is a comprehensive, standalone law dedicated to the processing of digital personal data. It defines rights of data principals, obligations of data fiduciaries, establishes a Data Protection Board, and sets out penalties for non-compliance, fundamentally reshaping privacy rights India. | Established a robust, consent-based framework for personal data protection, aligned India with global data protection standards (like GDPR in principle), and provided a dedicated institutional mechanism for enforcement. It marks a paradigm shift in India's approach to digital privacy constitutional aspects. |