Become a Certified Cyber Law Practitioner (CCLP)

• Evolution of Cyber Law in India – IT Act, 2000 and Amendment Act, 2008 (key changes).
• Intellectual Property Law – Patent, Trade Marks, Copyright, ADR/ODR (online dispute resolution) in brief.
• Electronic Governance: legal recognition of e-records & e-signatures; IT (Electronic Service Delivery) Rules, 2011 (service delivery, digital certificates, timelines).

• PKI architecture; Controller of Certifying Authorities / Root CA, CA audit & Certification Practice Statement.

• Certifying Authorities: issuance workflow for DSC / e-sign; repository & revocation.

• Suspension & revocation; duties of subscribers; liability for compromised private keys.

• Validity of electronic & email contracts; hashing & time-stamping for integrity.

• Sec. 43/43A (compensation, reasonable security practices); vicarious liability of companies (Sec. 85).

• Adjudicating Officer: powers, factors, procedure; appeal routes.

• Compounding of offences under IT Act – what is compoundable, authority & process (with specimen order format).

• Civil contraventions vs criminal prosecution; jurisdiction; extra-territorial reach (Sec. 75); confiscation (Sec. 76).

• Detailed map of Secs. 65, 66, 66C, 66D, 66E, 66F, etc.; tampering with source code; identity theft; personation; cyber-terrorism.

• Mens rea & evidentiary standards; attempt/abetment; corporate/manager liability.

• Search, seizure & arrest under IT Act (Sec. 80) and interplay with BNSS search powers.

• Appellate mechanisms (Adjudication → Tribunal/Court).

• Thematic jurisprudence on cyber-terrorism and aggravated harms.

• Sec. 69 (interception/monitoring/decryption): procedure & safeguards; oversight.

• Sec. 69A and Website Blocking Rules, 2009 – standard vs emergency blocking; review committee.

• Sec. 69B – monitoring & collection of traffic data; lawful network monitoring.

• Sec. 67C – preservation by intermediaries; log-retention expectations (incl. CERT-In directions overview).

• Encryption & decryption assistance; data retention versus privacy; proportionality tests.

• Investigation workflows & requisitions; coordination with service providers.

• Constitutional scrutiny and leading cases on surveillance & blocking.

• Government powers & recent amendments; roles of CERT-In and NCIIPC.

• Intermediary Guidelines & Digital Media Ethics Code, 2021:

  • Safe-harbour (Sec. 79); due-diligence; first-originator traceability (SSMIs).

  • Compliance officers (Chief Compliance Officer, Nodal Contact, Resident Grievance Officer).

  • Grievance redressal timelines; transparency reports.

  • Publishers/OTT 3-tier ethics mechanism.

• IS Audit; Reasonable Security Practices & Procedures (mapping to ISO/IS standards) and Sensitive Personal Data (SPD).

• Practical: compliance checklist & takedown/grievance SOP; notable intermediary liability cases (incl. Shreya Singhal).

• Notice, consent & lawful uses; children’s data; data breach notification; cross-border transfers.

• Data Fiduciary obligations; Significant Data Fiduciary triggers (DPO/governance obligations).

• Role & powers of DPBI; penalties & enforcement mechanics.

• Interplay with sectoral laws and legacy SPDPI Rules.

• Comparative notes: GDPR/CCPA (rights, DPIAs, assessments) for context.

• Mapping of erstwhile IPC cyber offences to BNS; expansion to online identity theft/cheating & organized cybercrime.

• Mens rea & sentencing trends; aggravations; corporate criminal liability under BNS.

• Coordination with IT Act offences to avoid double jeopardy.

• e-FIR, electronic summons, e-trial; authenticated electronic processes.

• Search & seizure: on-site triage, mirror imaging, sealing, hash-capture; presence of independent witnesses; documentation.

• Mandatory forensic examination (where applicable) & timelines for filing.

• International cooperation: MLAT requests & Letters Rogatory (practical pitfalls, timelines).

• Preservation requests to platforms; mutual assistance routing via MHA & MEA.

• Electronic record as primary evidence; standards for authenticity & integrity (hashes, logs, metadata).

• Section 65B/ Section 63(4)(C) BSA certification (template & dos/don’ts); when certificate is/ isn’t necessary.

• Examiner of Electronic Evidence: appointment, role & reliance by courts; expert testimony.

• Best-practice capture (bit-stream, screenshots with metadata, hashing) and preservation orders.

• Leading cases: Anvar P.V. v. P.K. Basheer; allied rulings on Section 63(4)(C) BSA compliance.

• Live demos: disk imaging (RAW/E01/AFF4), mobile imaging (logical/physical), RAM capture.

• Electronic Document Examination: authorship, alteration detection, font/metadata, PDF & doc artefacts.

• Write-blockers, chain of custody, imaging reports (hash values, tool versions).

• Search, Seizure & Triage under BNSS; on-scene checklist and forms.

• Tooling showcase (FTK/EnCase/Autopsy; Cellebrite/ ProDiscover/ Magnet AXIOM) and reporting for courts.

• Court admissibility & jurisprudence on forensic methods.

• Cloud forensics (provider logs: AWS CloudTrail, Azure, Google Cloud); VM snapshots; tenancy issues.

• CSAM detection & lawful handling; obligations under Sec. 67B; coordination with designated reporting portals.

• Deepfake & synthetic media authentication; audio-video forensics; damaged media recovery.

• Live display of forensic tools; Live demo of search, seizure and triage flows; preservation of volatile data.

• Threat Intelligence lifecycles; dark-web artefacts; crypto-tracing basics.

• OSINT techniques (archival, WHOIS, passive DNS, Wayback captures) with 65B-compliant capture SOPs.

• Legal sanctity & admissibility of OSINT/SM outputs; preservation requests; notice & production.

• Cross-border platform cooperation; when to escalate via MLAT; per-platform policy nuances.

• Case studies of collection of evidence using SM/dark-web.

t

• CDR/IPDR requisitions; tower dumps; cell-site mapping; correlation with app/server logs.

• Network capture (PCAP/NetFlow) & lawful acquisition.

• Lawful use of analytics in evidence collection & court presentation; demonstratives & expert affidavits.

• Case law on lawful surveillance & proportionality in bulk analysis.

• CERT-In Directions (2022): 6-hour incident reporting, 180-day log retention, clock sync (NTP), KYC for certain services, data localisation for logs.

• RBI Cyber Security Framework for Banks; NBFC/UCB circulars; payment ecosystem (PSOs/UPI) security.

• SEBI Cyber Security & Resilience circulars for MIIs and intermediaries.

• IRDAI information/cybersecurity guidelines for insurers; PFRDA expectations; NABARD guidance for RRBs/co-ops.

• NFTs/crypto, fintech & RegTech compliance; cross-border jurisdiction & conflict-of-laws issues.

• Landmark cases: Shreya Singhal; Anvar P.V.; Arjun Panditrao Khotkar (65B); intermediary & blocking jurisprudence; privacy (Puttaswamy).

• Cyber Appellate Tribunal – processes & powers; appeals from Adjudication.

• Budapest Convention (and India’s position), 24×7 network, UN initiatives.

• Interpol cooperation & India’s National Central Bureau (NCB); MLAT mechanics and practical timelines.

• Capstone: mock hearing/trial—end-to-end file (investigation → Section 63(4)(C) BSA certification → expert evidence → arguments).