Author: Vrinda, National Law School of India University, Bangalore
To the Point
The advent of social media has transformed the way we communicate, enhancing global connectivity with amplifying the voices in democratic nations like India. However, the unchecked spread of misinformation and hate speech threatens national security and leads to the need for regulatory interventions. The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (IT Rules, 2021), framed under the Information Technology Act 2000, aim to regulate social media intermediaries and digital content providers. These rules need proactive content moderation and the traceability of the messages. The content needs to comply with the government directive. Even though these rules are intended to protect the public order and national security, they have sparked a significant debate regarding their compatibility with fundamental rights. The Freedom of speech and expression given under Article 19(1)(a) and the right to privacy given under Article 21 of the Indian Constitution are in contention with these rules. This article examines the IT Rules, 2021 while analysing their alignment with the legal principles and the judicial precedents, and the balance between individual liberties and state interest.
Abstract
This article critically evaluates the constitutional validity of the IT Rules, 2021, while focusing on their impact on the freedom of speech in Article 19(1)(a) and the privacy under Article 21 of the Indian Constitution. The article argues that while the state has a legitimate interest in regulating social media to combat the problem of misinformation, hate speech and national security threats but the current system suffers from the issue of vagueness and lack of procedural fairness. It will examine the constitutional provision, judicial precedent, and comparative regulatory models to contend that the IT rules require judicial scrutiny so that it can align with the principle of proportionality, legality and democratic accountability. A balanced approach is essential to safeguard the fundamental rights while also addressing the concerns of the digital ecosystem. This approach requires independent oversight and clear definitions.
Use of Legal Jargon
The IT Rules of 2021 impose strict obligations on the “social media intermediaries” defined in section 2(1)(w) of the Information Technology Act, 2000 as entities that facilitate online communication. Rule 4 requires “significant social media intermediaries” to appoint a Chief Compliance Officer, a Nodal Contact Person, and a Resident Grievance Officer to ensure accountability for the content hosted on their platforms. The significant social media intermediaries are all these platforms which have over 5 million registered users. Furthermore, these intermediaries must enable traceability of the “originator” of the information. If any order is given by the government or the judiciary, then they have to remove the content within 36 hours of such order. They also need to publish monthly compliance reports. These provisions raise the concern of ultra vires because they arguably exceed the delegated rule-making power under section 79 of the IT Act. This section provides a safe harbour to the intermediaries contingent upon due diligence.
The traceability of the originator significantly impairs the end-to-end encryption and also conflicts with the right to privacy under Article 21. The doctrine of proportionality, which is an important principle of constitutional law, requires that restrictions on the fundamental rights be necessary, reasonable and narrowly tailored. The definition of “unlawful content” is very broad within the IT rules, and it raises the arbitrary enforcement, which violates the principle of legality. Additionally, the obligation on social media intermediaries for proactive monitoring also creates a chilling effect because it may discourage free expression due to the fear of censorship. Furthermore, these rules also lack the procedural safeguards such a prior judicial oversight, which make them vulnerable to executive abuse and misuse under the pretext of national security.
The Proof
The constitutional validity of the IT Rules, 2021 depends on their alignment with the Article 19(2) of the Constitution, which allows reasonable restriction on freedom of speech and expression. The restriction can be allowed to protect the sovereignty and integrity of India, the security of the state, public order, decency, morality, or matters related to contempt of court, defamation or incitement to an offence. The government defends the regulation of the IT Rules by pointing out the widespread dissemination of misinformation, hate speech and the content that threatens national security on social media platforms. For example, during the 2020 Delhi riots, inflammatory posts on platforms like Facebook and WhatsApp fueled communal violence, resulting in 53 deaths and 700 injuries as per the official reports. Similarly, during the 2021 farmers’ protest, the government directed Twitter to suspend over 1,100 accounts and remove any posts considered to incite unrest. These incidents highlight the need for regular oversight to maintain public order.
However, critics have contended that the IT Rules grant excessive discretion to the executive that enables the state to suppress dissent under vague pretext. The requirement of traceability compels the platforms like WhatsApp to identify the originator of a message, compromises user anonymity and undermines encryption protocols. This provision also conflicts with the Puttaswamy judgement which held that privacy restriction must pass the test of legality, legitimate aim, proportionality and the procedural safeguards. Additionally, the lack of judicial oversight in orders for content removal increases the risk of misuse. For example, in 2022 the government ordered the removal of the post that criticises its handling of the Russia-Ukraine conflict by citing “national interest”. They failed to provide a legal justification which raises the concern about overreach.
The empirical data also shows these regulatory challenges. The Ministry of Electronics and Information Technology (MeitY) reported blocking about 140,000 URLs between 2018 and 2023 to combat misinformation, hate speech and terrorism related content. However another study by IFF (Internet Freedom Federation) in 2024 revealed that 65% of takedown requests lack any transparent legal standing with only 10% accompanied by judicial orders. This lack of transparency fosters the idea of censorship which especially affects the journalists and activists. For instance in 2023, twitter was ordered to block posts by a prominent investigative journalist who was exposing government corruption. This incident lead to the accusation of stifling press freedom. The IT Rules requirement for proactive monitoring further shifts the burden of censorship onto private entities which effectively outsource the state function without accountability. This delegation raises significant questions about the state action doctrine which states that private entities that are performing public function must abide by the constitutional norms.
The socio-political context also intensifies the importance of this debate. India, with over 900 million internet users and 600 million social media users as of 2023 is a digital powerhouse. Large platforms like WhatsApp with 530 million users and Twittwer with 250 million users also serve as a primary sources of political discourse. Misinformation campaigns underscored the necessity for regulation. Yet the broad scope of the IT Rules risks stifling legitimate expression. A 2023 survey by Pew Research Centre found that 68% of Indian social media users self-censor their political opinions because of fear of government surveillance which indicates a chilling effect.
Additionally, the perspectives of shareholders also shed light on the complexities of this issue. The Tech companies like WhatsApp and Twitter have challenged the IT Rules in the court. They argued that the traceability and the proactive monitoring requirements undermines the user trust and the platform security. Civil society organizations, such as the Software Freedom Law Centre, also said that the rules impact the marginalised voices disproportionately. This includes the religious minoroties and the caste based activists who rely on the social media for their advocacy. Conversely , the law enforcement agencies argue that traceability is required for combating cyber crimes such as terrorism and child exploitation. These competing interest highlight the challenges of regulating the digital ecosystem that can serves both as a democratic enabler and a potential threat.
Comparative perspective can offer valuable lessons to India in content moderation. The European Union’s Digital Services Act, enacted in 2022 requires content moderation while including independent oversight, appeals mechanisms, and fines for non-compliance, ensuring accountability. In contrast to this Australia’s Online Safety Act, passed in 2021 empowers the regulator to issue takedown notices but it also requires judicial review. This helps in balancing the security with individual rights. However, India’s framework lacks such safeguards which raises constitutional concerns. The IT Rules’ failure to incorporate global best practices increases their vulnerability to judicial scrutiny.
Case Laws
K.S. Puttaswamy v. Union of India (2017): The Supreme Court in this decision recognised the right to privacy as a fundamental right under Article 21. The court mentioned that privacy is linked to individual dignity and autonomy. This judgement established a three-pronged test for restriction on privacy: legality, legitimate aim and proportionality. The traceability required by the IT Rules does not pass this test by compromising encryption without showing necessity or providing a safeguard against misuse.
Shreya Singhal v. Union of India (2015): The court in this case struck down the section 66A of the IT Act, 2000 because of its vague language which impacts the free speech of the individuals. The definition of the unlawful content is also ambiguous. The Proactive monitoring obligations in IT Rules risks similar constitutional issues as they also deter lawful expression because of fears of censorship.
Anuradha Bhasin v. Union of India (2025): The court emphasised that restrictions in the internet access and the communication needs to be proportionate, temporary and also subject to judicial review. The provisions given in the IT Rules allow the government to direct content removal without any prior judicial scrutiny that violates these principles. It undermines the democratic accountability.
WhatsApp LLC v. Union of India (2021): This is the ongoing case before the Delhi High Court. This case challenges the traceability requirement under Rule 4(2) of the IT Rules. WhatsApp argues that it violates privacy and free speech. It contends that breaking encryption would compromise the platform’s security and user trust.
Sakal Papers (P) Ltd. v. Union of India (1962): The Supreme Court held in this case that freedom of speech also includes the right to circulate one’s view and the restriction on this right must be reasonable. The Proactive content moderation mandates in the IT Rules restrict their rights by imposing pre-emptive censorship.
Conclusion
The IT Rules 2021 present a significant yet contentious attempt to regulate the social attempt in India. They aim to navigate the complex balance between free speech, privacy and national security. The government’s goal of curbing misinformation, hate speech, and threats to public order is valid, but the rules contain overly broad provisions and lack necessary procedural safeguards. It raises concerns about the potential overreach by the executive. The transparency requirement infringes on privacy, the proactive monitoring mandates create a chilling effect on expression. The absence of judicial oversight also risks arbitrary enforcement. It is crucial that the judiciary intervenes and ensures that these regulations adhere to the principle of proportionality, legality and fairness as affirmed in the landmark judgement of Puttaswamy and Shreya Singhal.
A reformed regulatory framework is essential, which features independent oversight, a clear definition of lawful content and mandatory judicial review of takedown orders. By drawing from the global best practices, such as the EU’s Digital Services Act, India can develop a balanced approach that protects fundamental rights while addressing the challenges of the digital age. The judiciary must take a proactive role in scrutinising the IT Rules so as to uphold democratic values in an increasingly connected world.
FAQS
What are the IT Rules, 2021 and why are they controversial?
The IT Rules 2021, regulate the social media intermediaries and the digital content in India. These rules mandate the content moderation, traceability and compliance with the orders of the government. These are controversial because of their potential to restrict the freedom of speech and the right to privacy. They contain provisions which are vague and insufficient to safeguard against misuse.
How do the IT Rules impact freedom of speech?
The rules impose proactive content removal and monitoring of the obligation, which has a chilling effect on expression. The ambiguous definition of “unlawful content” can lead to arbitrary enforcement. They violated the Article 19(1)(a) and the principle of legality
Can the government mandate traceability of messages?
The requirement of traceability under Rule 4(2) is currently under judicial scrutiny in the Delhi High Court case of WhatsApp LLC v. Union of India. This undermines the end to end encryption which violates the right to privacy affirmed under K.S. Puttaswamy judgement.
What role does the judiciary play in the evaluation of IT Rules?
The judiciary ensures that regulations comply with the constitutional principles. The judicial precedent, such as Shreya Singhal and Anuradha Bhasin also guides the evaluation of the IT Rules’ validity. These decisions emphasise the principle of proportionality and judicial review.
How can India balance free speech and national security in social media regulations?
A balanced approach is required with a clear definition, independent oversight and judicial review of the restrictions. The regulation must be proportionate while ensuring security without unduly curtailing the fundamental rights.
What is the chilling effect and how do the IT Rules contribute to it?
The Chilling effect refers to the self-censorship which is caused by the fear of legal repercussions. The IT Rules’ proactive monitoring and vague provision deter lawful expression and also undermine free speech.
Why is the judicial oversight critical for content takedown orders?
The judicial oversight ensures that the content removal is lawful, proportionate and transparent. It also helps in preventing executive overreach protecting fundamental rights.
Reference
https://www.thenewsminute.com/atom/inflammatory-content-fb-was-300-delhi-riots-says-internal-report-156878
https://www.eff.org/deeplinks/2021/06/why-indian-courts-should-reject-traceability-obligations
https://www.internetsociety.org/resources/2021/internet-impact-brief-2021-indian-intermediary-guidelines-and-the-internet-experience-in-india/
https://www.impriindia.com/insights/amendments-to-it-rules-2021/