← Back to All Questions

What constitutes hacking under Indian cyber laws? Which section penalizes it?

Posted by jobseeker Lavanya Bhardwaj | Approved
Answers (1)

Introduction
In the age of digitization and information technology, cybercrimes have become increasingly prevalent. Among various forms of cyber offenses, hacking is one of the most significant and widely recognized crimes. Indian law addresses hacking primarily under the Information Technology Act, 2000, along with relevant provisions of the Indian Penal Code (IPC). Understanding what constitutes hacking, how it is penalized, and the legal framework surrounding it is crucial in today’s context.
Meaning and Definition of HackinG
Hacking generally refers to unauthorized access to or manipulation of computer systems, networks, or data. The motive behind hacking can vary—from stealing data, damaging systems, disrupting services, or even for ethical testing in the case of white-hat hackers.

Under Indian cyber law, hacking is not explicitly defined by the word "hacking" after the 2008 amendment, but it is conceptually covered under Section 43 and Section 66 of the Information Technology Act, 2000 (IT Act).
Legal Provisions under the IT Act, 2000

1. Section 43 – Penalty and Compensation for Damage to Computer, Computer System, etc.

Although Section 43 does not use the term "hacking" directly, it deals with unauthorized access and damage to computer systems, which forms the basis of hacking-related offenses.
According to Section 43, if any person without the permission of the owner or any other person who is in charge of a computer, computer system, or computer network:

Accesses or secures access to such computer system or network,

Downloads, copies, or extracts any data, information, or database,

Introduces or causes to be introduced any computer contaminant or virus,

Damages or disrupts any system, network, data, or database,
Denies access to any person authorized to access a computer,
Disrupts any service,
Assists others in doing any of the above acts,
Then such a person is liable to pay compensation to the affected person. This is a civil liability.
Example:
If a person installs malware in a system to extract confidential data without permission, even if no financial loss occurs, they are liable under Section 43.
2. Section 66 – Computer-Related Offences (Criminal Liability for Hacking)
This section is the primary penal provision for what is traditionally known as “hacking.”

Section 66:
"If any person, dishonestly or fraudulently, does any act referred to in Section 43, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees, or with both."
Important points:
Dishonestly (as defined in Section 24 of IPC): With intent to cause wrongful gain or loss.
Fraudulently (as per Section 25 of IPC): With intent to defraud.
Hence, Section 66 criminalizes the acts listed in Section 43 only when they are done with dishonest or fraudulent intent.
Example:
If someone gains access to a bank’s server and alters customer data to divert funds to their account, it will be an offense under Section 66.

Answered by jobseeker Tisha gautam | Approved

Please login to submit an answer.

Quick Contact
Copyright ©2025 Lawvs.com | All Rights Reserved