Headlines of the Day
MeitY’s draft IT rules risk stretching safe harbour
The latest draft amendments to the Information Technology Intermediary Guidelines and Digital Media Ethics Code Rules, 2021, proposed by the Ministry of Electronics and Information Technology (MeitY), seek to reverse that logic by giving legal teeth to advisories, clarifications, and standard operating procedures, and by widening the regulatory lens to pull user-generated news and current affairs content formally within the ambit of oversight. Both moves represent a significant stretch in legislative intent and in the design of India’s digital regulatory framework.
At the heart of the proposal lies a simple but far-reaching move: compliance with MeitY’s “clarifications, advisories, directions, standard operating procedures, codes of practice and guidelines” is proposed to be written into the due diligence obligations of intermediaries under section 79 of the IT Act. Section 79 is the safe harbour provision—the shield that protects platforms from liability for user-generated content, so long as they meet certain conditions. By tying safe harbour directly to compliance with executive instruments that are not, strictly speaking, law, the draft creates a pathway through which non-binding guidance can effectively acquire the force of enforceable obligation. Non-compliance would no longer be a matter of policy disagreement or timing; it would carry a defined legal cost in the form of potential loss of immunity.
This raises at least two structural concerns. First, it blurs the boundary between statute-backed rules and executive advisories. The IT Act empowers the government to frame rules within defined limits through subordinate legislation, but it does not contemplate an open-ended power to convert every form of executive communication into a quasi‑legislative instrument simply by inserting a cross-reference into the Rules. If such a shift in the architecture of online regulation is considered necessary, it ought to be debated and anchored in an Act of Parliament, not introduced indirectly through an expansion of rule-making. Second, embedding advisories into due diligence duties injects ambiguity into the system. Advisories, by their nature, tend to be frequent, context-specific, and sometimes experimental. Making them a condition for safe harbour means platforms will constantly operate under uncertainty about which communication carries what legal weight, and how quickly they must comply to avoid jeopardising their status.
The government’s stated justification is speed and effectiveness. MeitY has described the proposed amendments as “clarificatory and procedural,” intended to improve legal certainty, strengthen enforceability of ministry directions, and ensure effective oversight of intermediary-hosted content, especially news and current affairs. The underlying concern is real: deepfakes, disinformation, and harmful content can spread rapidly, and the existing processes for takedown and enforcement can feel slow or fragmented. However, the means chosen—expanding executive discretion by making advisories binding through the backdoor—are questionable when weighed against constitutional principles and the long-term health of the regulatory ecosystem. Faster response mechanisms, clearer and more narrowly tailored statutory rules, and better institutional coordination between agencies can achieve many of the same objectives without conflating guidance with law.
Equally significant is the expansion of what counts as “regulated content” under this framework. The IT Rules, 2021, already brought online publishers of news and current affairs and curated digital media within a structured code and grievance system. The new draft goes further by formally extending oversight to user-generated news and current affairs content, effectively moving individual creators—bloggers, YouTubers, podcasters, professionals posting analysis or commentary on social platforms—closer to the category of publishers in terms of regulatory expectation. In principle, this widens the field of regulation from organised digital newsrooms to ordinary users engaging in public discourse. Even in the absence of explicit new censorship powers, the effect can be substantial: platforms, wary of the heightened risk of losing safe harbour, are likely to “over-comply” by taking down content earlier, faster, and more broadly than strictly required.
The chilling effect on speech is the predictable by-product. Users, especially those dealing with politically or socially sensitive issues, will have strong incentives to self‑censor long before any formal notice arrives. This is not an abstract concern. The recently withdrawn Broadcasting Services (Regulation) Bill, 2024, was criticised for attempting to bring independent online creators under a licensing or pre-certification regime, prompting pushback from creators and technology companies over fears of overreach. That draft was formally shelved amid recognition that existing frameworks already confer substantial regulatory and enforcement powers. The present MeitY draft, while different in legal form, appears to revive some of the same impulses through another route: by tightening intermediary obligations and indirectly shaping what users can say through the lever of safe harbour.
It is important to underline that India’s current digital toolkit is not empty. The IT Rules, 2021, and their 2022 amendments already provide for content takedown in specified grounds, traceability obligations for significant social media intermediaries, grievance redressal mechanisms, and oversight structures for digital news and OTT content in cases involving sovereignty, security, public order, and other sensitive categories. Adding further layers that expand the scope of the parent statute, without commensurate safeguards or legislative debate, risks creating legal vulnerability for the framework itself. It also leaves platforms and users navigating a shifting landscape of compliance dictated by executive interpretation rather than by clearly stated law.
Advisories are tools of guidance, not instruments of governance. They derive their relevance from administrative urgency, not from the deliberative authority of Parliament, and the Information Technology Act does not envisage a regime in which informal executive communications quietly harden into binding obligations.
MeitY has opened the draft amendments for public consultation until mid‑April, with submissions to be received in a 15‑day window. That narrow window is nonetheless an opportunity for calibrated course correction. The regulatory task ahead is not to abandon intervention—digital risks are real and evolving—but to ensure that interventions remain rooted in statute, proportionate to the harms they seek to address, and respectful of constitutional boundaries on speech and executive power. Conflating advisories with law and extending quasi‑publisher obligations to ordinary users pulls in the opposite direction. If India’s goal is a resilient, rights‑respecting digital public sphere, this is precisely the moment to insist that urgency cannot be allowed to trump legality.
CT Bureau










You must be logged in to post a comment Login