Reading time : 8 minutes


In the present time, the world at large has become completely dependent on the digital media. Technology has managed to infiltrate our lives so deeply that we rely on it for a task as small as switching on a light. Not so long ago the main task of a cell phone was to make and receive calls, but now it has achieved to replace virtually every function for which we were once dependent on other devices. In this digital world we have the whole world within the reach of our fingertips. Where it has made our life all the more simple and exciting on one side, on the other the dependence on the virtual world opens us to high dangers and places us face to face with the risk of abuse.

Ever since the COVID-19 pandemic has hit the world, especially, majority of the world’s population has been forced to change their traditional operations and adapt to digital ways of working. When the whole world was still coming to terms with the COVID-19 situation, India had to handle a new issue of concern named the ‘Bois Locker Room’ on the social media. On the 4th of May, 2020 it was brought to light that a group of boys, mostly between the ages 13-18, were hosting a virtual group with the above name on Instagram, the sole purpose for which was sharing and exchanging explicit photographs of minor girls belonging from the school circuits. It was discovered that the group was also being used to post shaming comments.

This makes us question the extent of liability social media platforms. Later the Delhi Commission for Women (hereinafter, ‘DCW’) took suo moto cognizance of this issue and they issued a notice to Instagram and the Delhi Police seeking a reply on the matter.[1] According to the DCW since the group involved several members from different school circuits participating in illegal activities, it was pertinent to get the response of the intermediary/ social media platform about the actions taken. Later an interim petition was filed against Instagram alleging that the social media platform had not taken constructive actions even after identifying the user accounts engaging in such illegal activities. Even though the intermediary entertain and facilitate the information exchange, it is important to understand that their power to control and regulate information is limited.

The Supreme Court in Shreya Singhal vs. Union of India[2] struck down Section 66A of the Information Technology Act, 2000 (hereinafter, IT Act) as it violated the fundamental right to speech and expression[3], thereby changing the legal responsibility of intermediaries. Section 66A sets the punishment for sending offensive messages via any form of communication service. The court also declared that intermediaries are ‘exempted’ from liability where they are merely facilitators providing ‘safe harbour protection’. However, in Google India Pvt. Ltd. vs. Vishakha Industries and Anr.[4] The court observed that the intermediary could not hide behind this exemption where they had actual knowledge of unlawful activities and did not take any action.

Therefore, if the recently notified information technology rules, i.e. Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, were applied to the ‘Bois Locker Room’ issue, the whole situation could have been handle in a much better manner.


The Ministry of Electronics and Information Technology (hereinafter, the MEITY) along with the Ministry of Information and Broadcasting (hereinafter, the MIB) notified the Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (hereinafter, the 2021 Rules or the Rules) on 25th February 2021. The rules have been issued by the rule-making power conferred to the government under sections 69A and 79, referred to in Section 87(2)(zg) and Section 79(2) of the IT Act, and they supersede the Information Technology (Intermediaries Guidelines) Rules, 2011 (hereinafter, the 2011 Rules).

The process of amending the 2011 Rules began in 2018, when MEITY had proposed the Information Technology [Intermediaries Guidelines (Amendment) Rules] 2018 (hereinafter, the 2018 draft rules), for consultation, after the Parliament called attention on the issue of “Misuse of Social Media platforms and spreading of fake News”.[5] The 2018 draft rules focused only on regulating the intermediaries under the scope of Section 2(w) of the IT Act.

According to the Allocation of Business (AoB) Rules, 1961, the power of regulating cyber law matters and the administration of IT Act and other IT laws was under the MEITY, and the regulation of traditional media, i.e. television, radio and print media, was under the control of the MIB. Later, in November 2020 the President amended the AoB Rules to bring Digital/Online Media within the ambit of MIB, which comprises of ‘Films and Audio-Visual programmes made available by online content providers’ and ‘News and current affairs content on online platforms’.[6]

Since then, the MEITY and the MIB agreed to notify the Over-The-Top (OTT) Regulation and Code of Ethics for Digital Media along with the 2021 Rules without consulting the relevant stakeholders, with the intention of “social media accountability against its misuse and abuse” and the facility for a “robust grievance redressal mechanism” for “digital media and OTT”.[7]

One of the common factor between the 2018 draft rules and the 2021 Rules is the traceability of originators of information on the internet. This was also the issue in the petition filed in the Madras High Court in 2018, where the petitioners sought to link the Aadhaar Card with the social media accounts to identify the users in case of illegal activities.[8] The Hon’ble High Court was of the opinion that the Aadhaar could not be linked to the social media accounts relying of the Puttaswamy- II Judgment.[9] Subsequently, the court went on to look into the matter of traceability of originators of information on end-to-end encrypted (E2EE) platforms like WhatsApp, and the case was moved to the Supreme Court.[10] The matter is currently pending in the Supreme Court.

  • THE 2021 RULES

The 2021 Rules have been divided in three parts. Part I mainly lays down terms of definition, Part II deals with regulation of intermediaries and the grievance mechanism to be adopted by them, these provisions are under the administration of the MEITY, and finally, Part III, under the administration of the MIB deals with digital news media and OTT platforms. Given below is an analysis of major due diligence requirements to be carried out by intermediaries, social media intermediaries and significant social media intermediaries.

Part- II: Due Diligence by an Intermediary

It is the duty of an intermediary, including social media intermediary and significant social media intermediary, to display on its website, mobile based application or both the rules and regulations, privacy policy and user agreement for access or usage of its computer resource by any person, and they should notify the user of its computer resource not to host, display, upload, modify, publish, transmit, store, update or share any information that infringes copyright, contains vulgar, unethical or objectionable content, could inspire various offences or is contrary to the laws of  India.[11] Where the user is compliant, the intermediary has the right to terminate the access or usage rights of the defaulting user instantly or it could remove the non-compliant content or both, if need be.[12]

If the intermediary receives ‘actual knowledge’ in form of a court order or by notification from the Appropriate Government of information that is prohibited by law in connection to the “interest of the sovereignty and integrity of India; security of the State; friendly relations with foreign States; public order; decency or morality; in relation to contempt of court; defamation; incitement to an offence relating to the above”, should remove or disable access to such content within thirty-six hours from the receipt of the actual knowledge.[13]

The intermediary should also establish a grievance redressal mechanism and appoint a Grievance Officer for the same. The intermediary should publish the name and contact details of the grievance officer, and publish the mechanism by which a user or a victim can make a complaint. The grievance officer is required to acknowledge the complaint with twenty-four hours and dispose of the same within fifteen days from the date of receipt.[14]

There is a separate requirement put in place to curb the non-consensual spread of content which exposes the private area of any person, includes an image of a person in full or partial nudity or portrays such person in any sexual act or conduct or contains an impersonation, including artificially morphed images, and where such content is shared with the intention to harass, intimidate, threaten or abuse an individual. The intermediary, within twenty-four hours from the receipt of the complaint, has to remove it. The intermediary should also formulate a mechanism for receiving complaints of such nature, where the individual can provide the details or communication link.[15]

Additional Due Diligence by Intermediaries

Significant Social Media Intermediaries are required to appoint the following personnel as per Rule 4:

  1. Chief Compliance Officer- The intermediary has to appoint the chief compliance officer, who has to be a ‘key managerial personnel’ or a senior employee of the company and a resident in India, who will responsible to ensure the compliance of the company with the IT Act and the rules thereunder, and shall be liable in any proceedings relating to any relevant third-party information made available or hosted by that intermediary where he fails to ensure that such intermediary observes due diligence.
  2. Nodal Contact Person- The intermediary should appoint a nodal contact person, who is an employee of the company but not the chief compliance officer and is a resident of India. The nodal contact person should in contact with law enforcement officer 24×7 to ensure compliance to their orders.
  3. Resident Grievance Officer- The person appointed as the resident grievance officer is responsible to ensure that the intermediary is complying with the due diligence requirements given the Rules.

Significant Social Media intermediaries must publish compliance reports every month, comprising the details of the complaints which they received, the action taken and the number of links or information removed while using proactive monitoring through automated tools.[16]

An intermediary which offers services which facilitate messaging should enable the identification of the first originator of the information, where it is required by a judicial order or an order given by the Competent Authority under section 69 of the IT Act.[17]

The Significant social media intermediaries are also required to adopt technology based measures such as automated tools or other mechanisms for proactively identifying information that portrays:

  1. any act or simulation in any form depicting rape, child sexual abuse or conduct, whether explicit or implicit, or
  2. any information which is exactly identical in content to information that has previously been removed,

and also display the a notice to any user who is trying to access such information.[18]

Any intermediary who fails to comply with the required due diligence and the Rule, is not entitled to safe harbour protection under Section 79 under IT Act.[19]

Part- III: Code of Ethics, Procedure and Safeguards in Relation to Digital Media

The rules formulated under this Part apply two classification of entities: i. Publishers of news and current affairs content; and ii. Publishers of online curated content.[20] These entities are required to follow the Code of Ethics laid down in the Appendix annexed to the Rules, and for the purpose of observance and adherence of the Code of Ethics and grievance mechanism there is a three-tier structure:[21]

  1. Level I – Self-regulation by the publishers;
  2. Level II – Self-regulation by the self-regulating bodies of the publishers;
  3. Level III – Oversight mechanism by the Central Government

Any person who has a grievance with respect to the content published by a publisher, may give their complaint and the publisher has to acknowledge the grievance within twenty-four hours of it being furnished. The publisher must address the complaint and give a decision within fifteen days from its registration. Where, the grievance has not been given a decision even after fifteen days, it will be proceeded to the self-regulating body at level two of the three-tier grievance redressal mechanism.[22]

Self-Regulating Mechanism – Level I [23]

The publisher is at the first level of self-regulating mechanism, who shall establish a grievance redressal mechanism and shall appoint a Grievance Officer, who is based in India with the responsibility of grievance redressal. The name and contact details of the Grievance Officer must be displayed at an appropriate place. The publisher has to make sure that the officer gives a decision and communicates the same, within 15 days.

Self-Regulating Mechanism – Level II[24]

The publishers or their association must constitute one or more self-regulating bodies which is of independent nature. This body is headed by a retired judge of the High Court or Supreme Court or any other “independent eminent person” belonging to the field media, broadcasting, entertainment, child rights, human rights or any such related field, and consists of maximum six members all belonging to mentioned fields.

The duty of the self-regulatory body is to certify that the publishers follow the Code of Ethics, provide guidance on the same, address grievances which remain unresolved and hear appeals filed by the complainants against the decision provided by the publishers. The body has the power to deliver guidance to the publishers, “warning, censuring, admonishing or reprimanding” them or compelling them to issue an apology, warning card or a disclaimer from the publisher. The self-regulatory body also has the power to instruct the publisher of online curated content to reclassify the ratings of content, make appropriate alterations in the ‘age classification’ and access control measures, and transfer content to the Ministry for consideration.

Oversight Mechanism – Level III[25]

The final level of grievance redressal is constituted by the MIB, which will ensure the publisher’s adherence to the Code of Ethics. The MIB shall appoint the Authorised Officer, who is not below the rank of a Joint Secretary to the Central Government. The Ministry will establish an Inter-Departmental Committee for hearing grievances, issue orders, directions, appropriate guidance and advisories to publishers.

The Inter-Departmental Committee is composed of representatives from several other ministries and domain experts. Grievances with respect to the violation of the Code of Ethics, and any complaint arising out of the decisions taken at the Level I or II, will be heard by this Committee, and such complaint should be made in writing. [26]

The MIB can assign the grievances to the Inter-Departmental Committee constituted under it and also issue guidance and advisories to publishers. The Inter-Departmental Committee too has the authority to make recommendations to the MIB which warn, censure, admonish or reprimand an entity.


Since the notification of the 2021 Rules, there have been numerous petition filed throughout India. A few cases that have been filed are of the nature where the petitioner takes the protection offered by the Rules, although majority of them question the constitutionality of the Rules and plead to declare them ultra vires of the IT Act.

The case filed by Bennett Coleman Co. Ltd.,[27] urged the Hon’ble Delhi High Court to restrict instant messaging platforms like WhatsApp, Telegram, etc. from sharing and forwarding their e-newspaper, without their permission as it amounts to the infringement of their copyright. The petitioner is the publisher of several newspapers in different languages in India, some of the notable newspaper under their banner are The Economic Times, Navbharat Times, Maharastra Times and The Times of India, and has exclusive ownership of the copyright in its literary work published in its newspapers. The Petitioner had extended its content in the digitised form through e-papers, which were available on its website to its consumers who have the paid subscription of the e-newspaper and can easily access any newspaper from the Times Group.

The Petitioner is aggrieved that its e-newspapers are being circulated in an unauthorised and illegal manner by the users of intermediaries whose primary service is facilitating messaging and also making these e-newspaper available for free download, and in doing so defeating the entire purpose of the subscription setup. The High Court agreed with the claims of the Petitioner and identified a prima facie case of copyright infringement. It also granted an interim injunction, restricting the instant messaging applications from distributing the petitioner’s e-papers on their platform. The case is still pending in the High Court and listed for hearing on August 18, 2021. However, if a case is made out that the defendants have failed to perform the required Due Diligence as per the 2021 Rules, they will not be eligible to seek the ‘safe harbour protection’ and thereby holding them liable on the failure of taking down the infringing content.

In ‘X’ vs. Union of India and Ors.,[28] the petitioner’s photographs and images that she had uploaded on her ‘private account’ on Instagram and Facebook were taken without her knowledge or consent and unlawfully posted on a pornographic website by an unknown entity. Even though the petitioner had approached multiple authorities before approaching the Hon’ble Delhi High Court, there was no action taken, which caused the views on the images to multiple significantly and also increased the spread of the said images on numerous websites and platforms.  The Court after having heard the case, issued direction for the intermediaries “to endeavour to employ pro-active monitoring by using automated tools, to identify and remove or disable access to any content which is ‘exactly identical’ to the subject matter of the case”.[29]

The writ petition filed by The Wire on the 6th March 2021[30] is the beginning of the string of cases filed to quash the 2021 Rules and protect them from the provisions of the Rules. Quint Digital Media Ltd., also filed a petition ten days later, stating that Part III of the IT Rules violates Articles 14, 19(1)(a), 19(1)(g) and 21 of the Indian Constitution. The Delhi High Court issued a notice to the Central Government, who then asked for additional time to file a reply. Three more petitions were filed in the Delhi High Court, and all the pending petitions filed for interim relief while the Central Government was set to file its response. The Court rejected all pleas to grant interim relief.

The decision on whether the recently notified Rules are constitutional or not is yet to be decided as all the cases questioning the same are still pending in their respective High Courts.


The internet is a dangerous place and without proper regulation it could unleash endless chaos and mayhem in the society. Any legislation or regulation that is introduced to the public has to pass a very important test under the scrutiny of the public eye. The laws that are legislated is to control chaos and irregularities that may exist, but of those very laws end up creating more confusion and injustice it beats the purpose of its legislation. Where the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 has many advantages and the ability to protect the people from the evils of internets and social media, it also rises numerous queries on its effect on the fundamental rights, and only the judicial authorities can adjudge on this matter.

[1] Nilashish Chaudhary, “’Bois Locker Room’ : Delhi Commission For Women Takes Suo Moto Notice; Writes To Instagram, Delhi Police”, LiveLaw, available at: < > (last visited on July 18, 2021)

[2] AIR2015SC1523

[3] The Constitution of India, art. 19 (1)(a). All citizens shall have the right to freedom of speech and expression.

[4] AIR2020SC350

[5] The Draft Information Technology [Intermediaries Guidelines (Amendment) Rules], 2018- < >

[6] The Wire Staff, “Online News Portals, Streaming Services Brought Under Ministry of Information and Broadcasting”, The Wire, available at: < > (last visited on July 18, 2021)

[7] PIB Delhi, “Government notifies Information Technology (Intermediary Guidelines and Digital Media Ethics

Code) Rules 2021”, available at: < > (last visited on July 18, 2021)

[8] Antony Clement Rubin v. Union of India & Others, W. P. 20774/2018.

[9] K.S. Puttaswamy v. Union of India (Aadhaar-5 Judge), (2019) 1 SCC 1.

[10] Facebook Inc. v. Union of India, T.P. (C) No. 001943–001946/2019.

[11] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 3 (1) (a) & (b).

[12] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 3 (1) (c).

[13] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 3 (1) (d).

[14] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 3 (2) (a).

[15] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 3 (2) (b).

[16] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 4 (1) (d).

[17] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 4 (2).

[18] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 4 (4).

[19] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 7.

[20] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 8.

[21] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 9.

[22] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 10.

[23] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 11.

[24] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 12.

[25] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 13.

[26] Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021, Rule 14.

[27] Bennett Coleman Co. Ltd. vs. WhatsApp Inc. & Ors., CS (COMM) 232/2021.

[28] 280(2021)DLT57

[29] Id. at para 90 (iv)

[30] “The Writ Petition filed by Foundation for Independent Journalism”, LiveLaw, available at: < >

Author: Umme Ruman, VIT School of Law

Editor: Kanishka VaishSenior Editor, LexLife India.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s