Introduction – The Act, The Rules, and The Amendment
In 2021, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Intermediary Rules“) were notified in furtherance of the Central Government’s power to make rules pertaining to the following provisions of the Information Technology Act, 2000 (“IT Act“):
- Section 69A which deals with the Central Government’s power to issue directions for blocking of public access of any information through any computer resource; and
- Section 79(2) which details the conditions for an intermediary to be exempt from liability in certain cases.
The Ministry of Electronics and Information Technology (“MeitY“) has recently, on October 22, 2025, notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2025 (“Amendment“), to amend Rule 3(1)(b) of the IT Intermediary Rules.
The Rule that has been amended, i.e. Rule 3 of the IT Intermediary Rules, details the due diligence to be observed by an intermediary while discharging its duties under the IT Act, in particular, to fall within the exemption from liability for any third party information, data or communication link made available or hosted by them. This ‘safe-harbour’ provision that has been provided to intermediaries, a definition that includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes, is contingent on the intermediary complying with the provisions of Section 79 of the IT Act as well as undertaking the due diligence requirements listed in Rule 3 of the IT Intermediary Rules while discharging their duties. This includes removing or disabling access to information deemed as unlawful, upon receiving ‘actual knowledge’ no later than thirty-six (36) hours from receipt of that knowledge – knowledge which could come either in the form of a court order or upon being notified by the Government or its agency.
Issues of the Past
In the past, several platforms have received government notices directing them to remove or disable access to specific content. These takedown notices, issued under IT Intermediary Rules, require swift compliance and leave limited room for platforms to question the basis of the request. Several reports indicate that various state agencies and police departments have routed hundreds of takedown requests under Section 79(3) of the IT Act through the government’s Sahyog Portal[1], a dedicated portal for online content takedown. According to an Indian Express investigation, 130 (one hundred and thirty) takedown orders were issued via this portal between October 2024 and April 2025, directed at platforms including Google, YouTube, Amazon, Apple and Microsoft[2]. Interestingly, the Software Freedom Law Center (“SFLC“) reported an even higher number – that 179 (one hundred and seventy-nine) such requests were sent to intermediaries in 2024-25[3].
It is pertinent to mention the litigation brought by X Corp in India, wherein X challenged multiple government takedown notices, arguing that these notices were arbitrary and lacked proper notice to affected users. In its decision, the Karnataka High Court dismissed X Corp’s petition and upheld the government’s power to issue takedown notices under Rule 3(1)(d) of the IT Intermediary Rules. Regarding X’s challenge made to the Sahyog Portal, the Court said that the portal is not an instrument of censorship but a facilitation mechanism intended to streamline communication between authorized agencies and intermediaries.
This case highlights how under the earlier framework, takedown notices were issued frequently, with relatively limited transparency regarding the reasoning and notice to affected users. Intermediaries and by extension, users, often had limited capacity to contest orders or understand the underlying legal basis for content removal.
What does the Amendment Change?
Under the original Rule 3(1)(d) of the IT Intermediary Rules, intermediaries, whose computer resources the information is stored, hosted or published, were required to remove or disable access to content within 36 (thirty six) hours of receiving a notice from the appropriate government authority or a court order under Rule 3(1)(d) of the IT Intermediary Rules.
This meant that any authorized officer could issue a takedown notice, often without clear reasoning, and intermediaries were compelled to act promptly or risk losing their ‘safe harbour’ protection under Section 79 of the IT Act. From the SFLC report mentioned above, it is evident that majority of the takedown notices were issued by police officers, including Superintendents of Police.
Under the amended regime, only senior officers: (i) at least of the rank of Joint Secretary or an office equivalent in rank or if an officer a such rank is not appointed, a Director or an officer equivalent in rank, to the Government of India or to the State Government, as the case may be; or (ii) Deputy Inspector General (DIG) or above in police administration, will have the power to issue such notices. This marks a clear departure from the earlier position, where relatively junior officials could issue notices to platforms to remove content.
Additionally, each takedown notice must now be a detailed and reasoned intimation ‘clearly specifying the legal basis and statutory provision invoked, the nature of the unlawful act, and the specific uniform resource locator (“URL“), identifier or other electronic location of the information, data or communication link required to be removed or disabled’. This aims to ensure that intermediaries are provided with legally grounded and precise directions.
Furthermore, all such notices will be subject to periodic review, on a monthly basis by a senior officer of at least Secretary rank of the concerned government agency. This review will be to ensure that the intimations comply with principles of legality, necessity, and proportionality.
Interestingly, the Amendment also broadens the scope of Rule 3(1)(d) of the IT Intermediary Rules to include intermediaries that not only store, host or publish the information in contention, but also those that display or transmit it. As for the timelines, the Amendment reaffirms that intermediaries must act on valid takedown notices or court orders within 36 (thirty-six) hours, failing which they risk losing safe harbour protection under Section 79 of the IT Act.
A Hopeful Conclusion
This Amendment to the IT Intermediary Rules signifies a long overdue attempt to bring structure and transparency to India’s online content regulation regime. The Amendment will likely make the process of content takedown more structured as the intermediaries will receive detailed notices listing the URLs, identifiers and electronic locations of the information, data or communication link to be removed or disabled. Furthermore, arbitrary or excessive orders should also be deterred by the requirement of a legal basis, senior level approval and periodic review.
The government’s recognition and acknowledgement of past opacity in takedown practices by introducing rank-based authorization, mandatory reasoning and specificity in the takedown notice is laudable, but the real test will lie in implementation of the Amendment. It remains to be seen whether these changes truly promote accountability or simply repackage the same control mechanisms with additional procedural layers.
[1] https://sahyog.mha.gov.in/
[2] https://indianexpress.com/article/express-exclusive/130-censorship-orders-issued-via-homes-sahyog-portal-in-5-months-9957698/
[3] https://sflc.in/content-takedown-through-the-sahyog-portal/
English
Chinese (Simplified)
Japanese