The Ministry of Finance has declared the Indian Customs Electronic Data Interchange Gateway (ICEGATE) portal and its interconnected systems as “protected systems” under the Information Technology Act, 2000.
The notification, issued under Section 70(1) and 70(2) of the Information Technology Act, classifies ICEGATE and its associated computer resources as part of the “Critical Information Infrastructure” of the Central Board of Indirect Taxes and Customs (CBIC), Department of Revenue. Along with ICEGATE, the declaration also covers the Express Cargo Clearance System (ECCS) and the Automation of Central Excise and Service Tax (ACES-GST) portal, including their respective databases and dependent computer resources.
ICEGATE serves as a core digital backbone for customs operations in India, facilitating electronic filing, processing, and exchange of trade and cargo-related information between the customs administration and trade stakeholders. By bringing the portal under the protected systems framework, the government has accorded it a higher level of legal and technical protection against unauthorised access, cyber threats, and misuse.
As per the notification, access to these protected systems will now be strictly regulated. Only designated CBIC employees who are authorised in writing by the Board will be permitted to access the systems. In addition, team members of contractual managed service providers or third-party vendors may be granted need-based access, provided such authorisation is issued in writing by CBIC. Consultants, regulators, government officials, auditors and other stakeholders may also be allowed access, but strictly on a case-to-case basis and subject to written authorisation by the Board.
The declaration as a protected system has important legal implications. Under Section 70 of the IT Act, unauthorised access or attempts to access a protected system can attract stringent penal consequences, including imprisonment and fines. The move is therefore expected to act as a strong deterrent against cyber intrusions and enhance the resilience of critical tax and customs infrastructure.
The notification clarifies that the declaration comes into force with immediate effect from the date of its publication in the Official Gazette. The measure aligns with the government’s broader push to secure critical digital platforms that underpin revenue collection, trade facilitation, and regulatory enforcement.
Officials view the step as timely, given the increasing dependence on electronic systems for customs clearance, GST administration, and inter-agency data exchange. By formally recognising ICEGATE, ECCS and ACES-GST as protected systems, the government has reinforced their strategic importance to India’s fiscal and trade ecosystem while signalling a zero-tolerance approach towards cybersecurity risks in revenue administration.
Notification Details
Notification No. N-24015/9/2025-Computer Cell
Date: 02/01/2025
Read More: IBBI Mandates Electronic Filing of Liquidation Forms Through Board Platform
