Module 3

Consumer Protection Act (CPA), 1986

Definition
A law to protect consumer interests, prevent unfair trade practices, and establish consumer
councils and courts for dispute resolution.

Objectives
1. Protect Consumer Rights – Safety, information, choice, redressal, and education.
2. Consumer Grievance Redressal – Three-tier consumer court system (district, state, national).
3. Prevent Unfair Trade Practices – Curb fraudulent and unethical business practices.
4. Address Defective Goods & Services – Provide legal mechanisms for consumer compensation.
5. Promote Consumer Awareness – Educate consumers on rights and responsibilities.

Key Features
6. Consumer Rights Protection – Enforces fundamental rights like safety, information, choice,
and redressal.
7. Consumer Courts – Three-tier system: NCDRC (National), SCDRC (State), and DCDRC
(District).
8. Simplified Legal Process – Easy and accessible complaint filing system for consumers.
 Consumer Rights

Consumer Rights (As per Consumer Protection Act, 1986)

1. Right to Safety – Protection from hazardous products/services.
2. Right to Information – Accurate product details (quality, price, expiry, etc.).
3. Right to Choose – Access to a variety of products/services at fair prices.
4. Right to Be Heard – Right to express grievances & seek redressal.
5. Right to Redressal – Compensation or product replacement for defects.
6. Right to Consumer Education – Awareness about rights & legal protections.

Consumer Responsibilities
7. Be Quality Conscious – Check ISI, Agmark, Hallmark, etc. for quality assurance.
8. Beware of Misleading Ads – Verify product claims before purchase.
9. Compare Before Buying – Check price, durability, and after-sales service.
10. Collect Proof of Purchase – Preserve bills, invoices, and warranty cards.
11. Know Your Rights – Exercise consumer rights when buying goods/services.
12. File Genuine Complaints – Avoid false claims; seek redressal for real issues.
13. Use Products Responsibly – Avoid misuse, ensuring sustainability & minimal
waste.
How to File a Consumer Complaint?
• Must be filed within 2 years of purchase/service.
• Mention issue details, request exchange, replacement, or compensation.
• Attach relevant receipts and bills to the complaint.
• Send the complaint via email, post, fax, or hand delivery (keep
acknowledgment).
• Can be written in any language (no lawyer required).
• Keep records of all sent and received documents.

Important Terms & Concepts

• Consumer – Buys/uses goods or services.
• Goods – Movable property, including food.
• Services – Banking, insurance, entertainment, etc.
• Deficiency – Defect in goods/services.
• Unfair Trade Practices – Misleading ads, misrepresentation, etc.
Three-Tier Consumer Dispute System
• District Forum – Complaints up to ₹20 lakh.
• State Commission – ₹20 lakh to ₹1 crore.
• National Commission – Above ₹1 crore.
• Consumer Complaints
Consumer Complaints: Key Points
Misleading & False Claims
• False warranty or guarantee of goods/services.
• Promise to replace, repair, or maintain goods until a specific result is achieved.
• Misleading price representation in the market.
Types of Consumer Complaints
1. Defective Goods – Faults in quality, quantity, potency, purity, or standard of goods.
2. Deficient Services – Poor quality or failure to meet promised service standards.
3. False Bargain Price – Advertisement of goods/services at a bargain price without actual intent to sell at that
price.
4. Non-Compliance with Standards – Selling goods that do not meet prescribed safety/performance standards.
Who Can File a Complaint?
• The consumer who purchased or agreed to purchase goods/services.
• A recognized consumer association (even if the consumer is not a member).
• Multiple consumers with the same grievance (with district forum permission).
• State or Central Government on behalf of consumers.
Where to File a Complaint?
• District Forum – Up to ₹20 lakhs.
• State Commission – ₹20 lakhs to ₹1 crore.
• National Commission (New Delhi) – Above ₹1 crore.
Procedure to File a Complaint
1. Send notice to the opposite party.
2. Draft the consumer complaint in the required format.
3. Get the complaint affidavit notarized.
4. Submit the complaint with the court fee and get a reference number.
5. Attend the admission hearing to check case acceptance.
6. Court issues a notice to the opposite party, requiring a reply within 30 days.
7. If the complaint involves a product defect, the forum may send it for laboratory testing.
Consumer Protection Act
Time Limitation for Complaints & Appeals
• Consumer complaints must be filed within 2 years from the date the
cause of action arises.
• Appeals must be filed within 30 days from the receipt of the court’s
order.
• Hearings continue until the matter is decided.
• Complaints should be made within 90 days of the incident.

Consumer Protection Councils

• Purpose: Advise & assist consumers in enforcing rights.
• Levels:
• Central Council (National Level).
• State Councils (Multiple, at the State Level).
• Functions:
• Investigate and publicize consumer issues.
• Promote consumer education.
• Protect consumers from exploitation.
• Advise the government on policies.
• Nature: Advisory, with a significant impact on policymaking.
Central Consumer Protection Council
• Composition (Max 150 members):
• Chairman: Minister in charge of Consumer Affairs (Central Govt.).
• Vice-Chairman: Minister of State/Deputy Minister (if not holding independent charge).
• Member-Secretary: Secretary in charge of Consumer Affairs (Central Govt.).
• Members:
• Minister in charge of Consumer Affairs (States).
• 8 Members of Parliament (5 from Lok Sabha, 3 from Rajya Sabha).
• Secretary of National Commission for Scheduled Castes & Tribes.
• Up to 20 representatives from Central Govt. departments & autonomous bodies.
• At least 35 consumer organizations/consumers.
• At least 10 representatives of women.
• Up to 20 representatives of farmers, trade & industry.
Vacancy & Term
• Members can resign in writing to the Chairman.
• Vacancies filled by Central Govt. from the same category.
• Term: 3 years.

State Consumer Protection Council

• Meetings: Minimum 2 meetings per year, scheduled by the Chairperson.
• Objective: Advises on promotion & protection of consumer rights in the State.

District Consumer Protection Council

• Established by: State Government for each district.
• Nature: Advisory council.
• Chairperson: District Collector.
• Meetings: Minimum 2 meetings per year, scheduled by the Chairperson.
 Consumer Dispute Redressal Mechanism
Objective of District Council
• Advises on the promotion and protection of consumer rights within the district.
Consumer Dispute Redressal Commission (CDRC) (2019)

• Established at three levels: District, State, and National.

Three-Tier Consumer Dispute Redressal System

1. District Forum
• Set up by the State Government (more than one per district if needed).
• Composition:
• President: District Judge (or qualified equivalent).
• Two members (one must be a woman).
• Jurisdiction: Claims up to ₹20 lakhs.
• Tenure: 5 years or up to 65 years, whichever is earlier.

2. State Commission
• Set up by the State Government.
• Composition:
• President: High Court Judge (or qualified equivalent).
• Two members (one must be a woman).
• Jurisdiction: Claims above ₹20 lakhs but up to ₹1 crore.
• Also hears appeals from District Forums.
• Tenure: 5 years or up to 65 years, whichever is earlier.

3. National Commission
• Set up by the Central Government.
• Composition:
• President: Supreme Court Judge (or qualified equivalent).
• Jurisdiction: Claims above ₹1 crore.
Appeals Process
• District Forum → State Commission (within 30 days).
• State Commission → National Commission (within 30 days).
• National Commission → Supreme Court (within 30 days).
National Commission Composition & Tenure
• Four members with expertise in economics, law, commerce, accountancy,
industry, public affairs, or administration (one must be a woman).
• Term: 5 years or up to 70 years of age, whichever is earlier.
Jurisdiction of National Commission
• Complaints where the value of goods/services & compensation exceeds ₹1 crore.
• Appeals against orders of the State Commission.
• Review of State Commission’s decisions in cases of jurisdictional errors or
irregularities.

Who Can File a Complaint?

• Consumer directly affected by goods/services.
• Recognized consumer association, even if the affected consumer is not a
member.
• Group of consumers with the same interest (with District Forum’s permission).
• Central or State Government.
Complaint Handling Process
• Opposite party must respond within 30 days (extendable by 15 days).
• If the opposite party admits allegations, the case is decided based on available
records.
• If allegations are denied, dispute resolution involves:
• Goods testing by an accredited laboratory (report within 45 days).
Limitation for Filing Complaints
• Complaints must be filed within 2 years from the date of cause of action.
• Delayed complaints may be accepted if justified with valid reasons.
Powers & Remedies of Consumer Redressal Agencies
1. Remove defects in goods/services.
2. Replace defective goods.
3. Refund the price paid by the consumer.
4. Compensation for loss/injury due to negligence.
5. Discontinue unfair/restrictive trade practices.
6. Ban hazardous goods from sale.
7. Withdraw hazardous goods from the market.
8. Award legal costs to parties.
Appeals Process
• District Forum → State Commission.
• State Commission → National Commission.
• National Commission → Supreme Court.
• Appeals must be filed within 30 days (extension allowed for valid reasons).
Appeals & Penalties under Consumer Protection Law
• Appeals Process:
• District Forum → State Commission
• State Commission → National Commission
• National Commission → Supreme Court
• Appeals must be filed within 30 days (extension allowed for valid reasons).
• Orders become final if no appeal is filed.
Penalties:
• Non-compliance with orders → 1-3 years imprisonment and/or ₹2,000 - ₹10,000 fine.
Cyber Law Overview
• Definition: Cyber law governs digital technology, internet, networks, data storage, and
electronic devices.
• Scope: Covers computers, smartphones, ATMs, drones, medical devices, gaming consoles,
CCTV, Bitcoin wallets, etc.

Need for Cyber Law

• Cybercrimes evolve with technology (hacking, identity theft, cyber terrorism).
• Transition from paper-based to digital transactions.
• Ensures a secure legal framework for e-commerce and online activities.
• Addresses moral, civil, and criminal cyber offenses.

Cyber Laws in India

• IT Act, 2000 (Effective Oct 17, 2000) → Legal framework for e-commerce, cybersecurity, and
digital signatures.
• Key Regulations:
• IT (Certifying Authorities) Rules, 2000 → Defines certification of digital signatures.
• IT (Security Procedure) Rules, 2004 → Ensures security of digital records.
• IT Amendment Act, 2008 → Strengthened data protection, cybercrime penalties,
intermediary liabilities.
• IT Rules 2021 → Regulates social media, OTT platforms, and digital news media.
 Evolution of Cyber Law in India & IT Act, 2000
Certifying Authorities & Regulations
• Certifying Authorities: Issue digital certificates for authenticating e-records & transactions.
• IT (Certifying Authority) Regulations, 2001: Enforced on July 9, 2001, defining standards &
procedures for secure digital certifications.
• IT (Use of Electronic Records & Digital Signatures) Rules, 2004: Legal framework for e-filing
documents & issuing digital licenses.
• IT (Security Procedure) Rules, 2004: Enforced on Oct 29, 2004, outlining measures for securing
digital signatures & e-records.
Genesis of IT Act, 2000
• Drafted in July 1998, introduced in Parliament on Dec 16, 1999.
• Revised for e-commerce & WTO compliance.
• Passed on May 13, 2000, enacted on Oct 17, 2000.
Objectives & Provisions
• Recognizes electronic records & digital signatures.
• Facilitates e-commerce & cybersecurity enforcement.
• Defines cybercrimes & penalties.
IT Amendment Act, 2008 (Effective Oct 17, 2009)
• Enhanced Security: Addressed identity theft, child pornography, cyber terrorism.
• Data Protection: Strengthened user privacy & data security.
• Intermediary Liability: Defined guidelines for online platforms.
IT Rules 2021 (Recent Developments)
• Social Media Regulation: Mandatory grievance redressal & content takedown.
• Digital Media Oversight: Ethical regulation of news media & OTT platforms.
• Cybersecurity Measures: Stronger data protection & breach penalties.
 Information Technology Act, 2000
Implementation & Importance
• Passed by Parliament, signed by the President on May 9, 2000, and came into effect
on October 17, 2000.
• Applies to all individuals, irrespective of nationality or location.
• Provides legal recognition to electronic records and digital transactions.
• Establishes electronic signatures as legally valid.
• Mandates consumer consent for data collection/use.
• Enables individuals to seek compensation for data misuse.
• Criminalizes cybercrimes like hacking and virus spreading.
• Establishes the Cyber Appellate Tribunal for appeals against Adjudicating Officers'
orders.
• Safeguards critical infrastructure, including communication networks and power grids.
Objectives of IT Act 2000
• Facilitate electronic government services and digital transactions.
• Impose penalties for cybercrimes like data theft and cyberstalking.
• Regulate cyber activities and electronic commerce.
• Promote IT sector growth, innovation, and entrepreneurship.
Key Features
• Implemented by the Central Government for e-commerce regulation and cybercrime
penalties.
• Defines intermediary roles & responsibilities and conditions for liability exemption.
IT Act 2000 and Its Amendments
CERT-In (Indian Computer Emergency Response Team)
• Nodal agency responsible for cybersecurity and cyber incident response.
Key Amendments
1. Amendment of 2008
1. Modified Section 66A to penalize offensive electronic messages.
2. Lack of clarity led to misuse; later struck down.
2. Amendment Bill 2015
1. Aimed at safeguarding fundamental rights.
2. Section 66A declared unconstitutional (violated Article 19).
Digital Signature & E-Governance (IT Act 2000)
• Digital Signature – Legally recognized for secure online transactions.
• Electronic Governance – Facilitates digital records, online documentation,
and government approvals.
Key Sections
• Section 4 – Legal recognition of electronic records.
• Section 5 – Digital signatures hold the same status as handwritten
signatures.
• Section 6 – Encourages e-records and digital transactions in governance.
• Section 7 – Allows retention of electronic records for legal compliance.
 Cybercrime:

Definition – Any criminal activity involving computers, networks, or the internet.

• Primary Impact – Financial loss, data theft, system damage, or spreading malware.
Cybercrime Offenses
• Unauthorized Access – Blocking legitimate users from accessing systems.
• Aiding Illegal Activity – Assisting others in breaking the law using technology.
• Fraudulent Billing – Charging for services not used.
• Data Tampering – Modifying or deleting information to cause harm.
• Code Theft – Stealing or altering software code.
IT Act 2000: Key Sections
Section 66
• Punishes fraudulent/dishonest cyber activities.
• Penalty – Up to 3 years imprisonment, ₹5 lakh fine, or both.
Section 66A (Repealed in 2015)
• Criminalizes sending offensive, false, or misleading messages via digital platforms.
• Penalty – Up to 3 years imprisonment and a fine.
Section 66B
• Punishes receiving stolen digital resources knowingly.
• Penalty – Up to 3 years imprisonment, ₹1 lakh fine, or both.
Section 67A
• Deals with publishing or transmitting sexually explicit content online.
• 1st Offense – Up to 5 years imprisonment, ₹10 lakh fine.
• Repeat Offense – Up to 7 years imprisonment, ₹10 lakh fine.
Cybercrime Types
• Hacking – Unauthorized access to systems.
• Malware Attacks – Spreading viruses, ransomware, worms, or
spyware.
• Identity Theft – Stealing personal data for fraud.
• Credit Card Fraud – Gaining unauthorized financial details.
• Cyberextortion – Demanding ransom via threats.
• Cryptojacking – Using someone’s device to mine cryptocurrency.
• Cyberespionage – Stealing confidential corporate/government data.
• Software Piracy – Illegal copying/distribution of software.
• Exit Scams – Dark web fraud where criminals steal digital funds.
Cybercrime Classifications
1. Against Individuals – Email spoofing, spamming, identity theft.
2. Against Property – Credit card fraud, data theft, cyber vandalism.
3. Against Organizations – Hacking, DoS attacks, malware deployment.
4. Against Society – Cyberterrorism, forgery, illegal content distribution.
Classification of Cyber Crimes
1. Cyber Crimes Against Individuals
• Email Spoofing – Forging sender addresses to deceive recipients into clicking
malicious links or sharing data.
• Spamming – Sending bulk unsolicited messages, often spreading malware or
phishing scams.
2. Cyber Crimes Against Property
• Credit Card Fraud – Unauthorized access to banking details.
• Intellectual Property Theft – Copying or distributing copyrighted material illegally.
• Internet Time Theft – Unauthorized use of another person’s internet.
• Cyber Vandalism – Defacing or damaging online content.
3. Cyber Crimes Against Organisations
• Unauthorized Access & Data Theft – Hacking corporate networks for sensitive
data.
• Denial of Service (DoS) Attacks – Overloading servers to disrupt services.
• Virus & Malware Attacks – Installing malicious software to steal or destroy data.
4. Cyber Crimes Against Society
• Forgery – Creating fake digital documents, currency, or certificates.
• Cyber Terrorism – Using digital attacks to disrupt national security.
• Web Jacking for Propaganda – Hijacking websites to spread misinformation.
Cyber Crimes Against Organisations
1. Unauthorized Access & Data Theft
• Hacking into systems to steal sensitive company data.
• Stolen data is often sold or used for blackmail.
2. Denial of Service (DoS) Attacks
• Overloading a company’s servers to block access for legitimate
users.
• Disrupts operations, leading to financial and reputational damage.
3. Virus & Malware Attacks
• Malicious software used to damage systems or steal data.
• Includes ransomware, encrypting files and demanding payment for
access.
Cyber Crimes Against Individuals
1. Cyber Defamation
• Spreading false statements online to harm a person's reputation.
• Happens via social media, emails, or websites.
2. Cyber Stalking
• Harassment or intimidation through digital means.
• Includes unwanted messages, tracking, and creating fear.
3. Phishing
• Deceptive emails or websites trick users into sharing confidential data.
• Common method for stealing passwords, credit card details, etc.
Cyber Crimes Against Property
1. Credit Card Fraud
• Unauthorized access to credit card details for illegal purchases.
• Often done via phishing, skimming, or data breaches.
2. Intellectual Property Theft
• Illegal use or distribution of copyrighted material and trade secrets.
• Includes software piracy, trademark violations, and copyright infringement.
3. Internet Time Theft
• Using someone’s internet without permission.
• Often occurs in workplaces, leading to company losses.
4. Cyber Vandalism
• Defacing or damaging websites, social media accounts, or digital content.
• Can include deleting data, corrupting files, or posting offensive content.
Cyber Crimes Against Organisations
1. Unauthorized Access & Data Theft
• Hacking into systems to steal sensitive company data.
• Stolen data is often sold or used for blackmail.
2. Denial of Service (DoS) Attacks
• Overloading a company’s servers to block access for
legitimate users.
• Disrupts operations, leading to financial and reputational
damage.
3. Virus & Malware Attacks
• Malicious software used to damage systems or steal data.
• Includes ransomware, encrypting files and demanding
payment for access.
 Classification of Cyber Criminals

• Hackers: Skilled individuals who infiltrate systems; white-

hats enhance security, while black-hats engage in
malicious activities.
• Phishers: Deceive individuals into revealing sensitive
information.
• Cyber Terrorists: Use the internet to instill fear and
target national security.
• Cyber Vandals: Deface websites, spread malware, and
disrupt services without financial or political motives.
• Hacktivists: Use cyber tactics to promote political or
social causes.
Types of Cyber Attacks
1. Salami Attacks
• Small financial thefts over time, exploiting accounting system loopholes.
• Often goes unnoticed due to minor impact per transaction.
2. Web Jacking
• Attackers hijack websites, redirecting them to malicious sites.
• Can cause data breaches, malware distribution, or extortion.
Cyber Crimes Against Society
1. Forgery
• Creation of fake documents (currency, certificates, official forms).
• Uses digital tools to produce high-quality counterfeits, causing financial loss.
2. Cyber Terrorism
• Digital attacks on governments, organizations, or infrastructure.
• Aims to instill fear, spread propaganda, and disrupt stability.
3. Web Jacking for Propaganda
• Hijacking popular websites to spread misinformation or influence opinions.
• Used to manipulate political views or create public panic.
Cyber Crime Prevention
As cyber threats grow, individuals, businesses, and
governments must implement proactive security measures.
Key Prevention Strategies:
• Regular Monitoring & Upgrades: Continuously update
security systems to counter evolving cyber threats.
• Proactive Measures: Strengthen security protocols to
prevent unauthorized access and data breaches.
• Modern Technologies: Adopt AI and machine learning (ML)
for advanced threat detection.
• Cybersecurity Essentials: Use firewalls, antivirus software,
and intrusion detection systems.
• User Awareness: Educate individuals on phishing, social
engineering, and safe online practices.
Cybersecurity Measures
1. Multifactor Authentication (MFA)
• Requires users to provide two or more verification methods
(e.g., password + access code).
• Enhances security by adding extra layers of authentication.
2. Virtual Private Networks (VPNs)
• Encrypts online activity to enhance privacy and security.
• Protects against phishing scams by masking IP addresses
and locations.
3. Email Security Solutions
• Email encryption: Secures email content from interception.
• Spam filters: Blocks malicious and unwanted emails.
• Antivirus software: Detects and removes harmful email
attachments.
4. Password Managers
• Securely store multiple login credentials in an encrypted
database.
• Popular tools: 1Password, KeePass, LastPass, iCloud Keychain.
5. Security Awareness Training
• Educates users on identifying and preventing cyber threats.
• Includes phishing simulations and computer-based training.
6. Data Backup & Recovery
• Creates copies of critical data to prevent loss from cyber-attacks.
• Ensures fast recovery in case of ransomware or breaches.
7. AI & ML Cyber Crime Protection
• Uses AI/ML to analyze threats, detect vulnerabilities, and
respond in real-time.
• Helps prevent fraud, cyber-attacks, and unauthorized access.