Section 66, 66C, 66D of the IT Act: the three provisions that drive 80% of our cyber-crime defense work
Identity theft, computer-related fraud, and impersonation — the prosecutorial spine of the IT Act 2000 (as amended 2008). What attracts each section, what defences hold, and the bail position in Gujarat.
Why these three
Across our consultations, roughly four in five active matters cite one or more of Sections 66, 66C and 66D of the Information Technology Act 2000 (as amended 2008). They are the operational sections — the ones the Gujarat Cyber Cell uses in FIRs.
Section 66 — Computer-related offences
Punishment: up to 3 years imprisonment, fine up to ₹5 lakh. Attracts when an act referred to in Section 43 (unauthorised access, downloading, contamination) is done dishonestly or fraudulently. Mens rea is the contested ground.
Section 66C — Identity theft
Punishment: up to 3 years, fine up to ₹1 lakh. Fraudulent or dishonest use of any unique identifier of another — password, digital signature, electronic signature, biometric, KYC. This is the section most often pleaded in SIM-swap and UPI-fraud cases.
Section 66D — Cheating by personation using computer resource
Punishment: up to 3 years, fine up to ₹1 lakh. The provision most used in the new generation of 'digital arrest' and customer-care impersonation scams. Cognizable, but bailable.
Bail posture in Gujarat
Sections 66, 66C and 66D are all bailable. We typically secure bail within 24–48 hours at the Magistrate level on a surety. Where 420 IPC is added (which is non-bailable in practice for higher amounts), the matter escalates to Sessions — prepare accordingly.
The defence that consistently works
Absence of dishonest intent. The IT Act sections turn on mens rea. Forensic capture showing a third party operated the device, or a malware infection footprint, has won acquittals in multiple matters we've handled.