India’s digital rights landscape faced a fresh flashpoint in April 2025 when the Karnataka High Court directed the Central government to block Proton Mail, a Switzerland-based end-to-end encrypted email service. The order stemmed from a private petition alleging abusive emails and AI-generated deepfakes sent via Proton Mail addresses, prompting calls to treat the platform as a “safe haven” for harassment.[1] Proton AG swiftly appealed, arguing the direction oversteps judicial bounds and threatens encryption itself, a challenge now before a Division Bench of the same court.[2] This article unpacks the case facts, legal arguments on both sides, the Section 69A blocking framework’s role, and why this litigation tests India’s balance between security, privacy, and proportionality under Article 19(1)(a) of the Constitution of India.
Case Origins: Deepfake Abuse and a Call for Blanket Blocking
The controversy ignited with a writ petition by M Moser Design Associates India Pvt. Ltd., a New Delhi-based firm operating in Bengaluru. The company alleged unknown actors used Proton Mail to bombard its employees, particularly a woman, with obscene, vulgar content, AI deepfake images, and reputational attacks sent to colleagues and clients.[3] Petitioners claimed Proton’s foreign servers and encryption shielded senders from traceability, rendering prior law enforcement requests futile.[4]
On April 29th, 2025, Justice M. Nagaprasanna directed the Ministries of Home Affairs, Electronics and IT (MeitY), and Department of Telecommunications to “block Proton Mail” under Section 69A of the Information Technology Act, 2000 (IT Act), citing risks of obscene content, defamation, and even threats to “national integrity.”[5] The court invoked Rule 10 of the Blocking Rules, 2009 allowing courts to direct blocking and ordered interim URL blocks pending government action.[6] Meanwhile, Proton was asked to expeditiously remove offending addresses upon notice.
This wasn’t Proton’s first brush: 2024 saw Tamil Nadu request a MeitY block after hoax bomb threats via Proton, and Delhi High Court scrutiny in a habeas corpus case where police called it “banned” for “unlawful activities.”[7] Proton countered publicly: services remain accessible in India, with zero-tolerance for illegal use and cooperation via Swiss mutual legal assistance.[8]
Section 69A and Judicial Overreach: The Legal Fault Lines
Section 69A empowers only the Central Government to block access for threats to sovereignty, security, public order, foreign relations, or cognisable offence incitement.[9] The Blocking Rules mandate: designated officer review, Committee hearing (where feasible), reasoned MeitY order, and Review Committee oversight, all confidential under Rule 16. SFLC.in has challenged Rule 16’s confidentiality clause before the Supreme Court as violating Article 14 and principles of natural justice.[10]
Proton has filed an appeal against the judgment of the single judge with the main ground being that courts cannot usurp executive discretion under Section 69A.[11] Key arguments include:
- Jurisdictional Exceedance: Single judges can review government blocks but not initiate them; the order bypasses the statutory chain, rendering safeguards meaningless.[12]
- Misstated Grounds: Equating harassment/deepfakes with “national integrity” threats stretches beyond Section 69A’s exhaustive categories; Shreya Singhal (2015) demands proportionality, legality, necessity, minimal intrusion which a blanket ban fails.[13]
- Factual/Legal Errors: Relies on repealed 2011 Intermediary Guidelines (not 2021 IT Rules); wrongly states Tamil Nadu “blocked” Proton (states can’t issue 69A orders).
- Less Intrusive Options Ignored: Target specific IDs/URLs or seek Swiss metadata via MLAT, not service-wide blackout.
Platforms enjoy safe harbour protection under Section 79(3)(b) if complying “expeditiously,” but foreign encryption limits content access sparking “going dark” fears.[14] Proton stresses: zero-access encryption bars scanning; it provides IP metadata via Swiss law, rejecting direct foreign demands.[15]
Implications: Encryption’s Indian Reckoning
Proton Mail tests India’s encryption stance amid deepfake surges and prior clashes (WhatsApp traceability, Signal scrutiny). Upholding the block precedents service bans for misuse; striking it reinforces targeted enforcement, safe harbours, and privacy rights.[16] Blankets drive shadows, VPNs, Tor while failing victims via untraceable alternatives.
National security merits gravity, yet arbitrariness erodes trust. The Division Bench can mandate: MLAT channels, URL precision, Rule 16 reform. Proton’s fate shapes whether India champions secure comms or joins E2EE skeptics like UK/EU.[17]
Endnotes:
[1] Medianama, “Karnataka High Court Orders Proton Mail Block in India” (29 Apr 2025), https://www.medianama.com/2025/04/223-karnataka-court-orders-encrypted-proton-mail-ban/; Proton, “Proton Mail is not blocked in India” (1 May 2025 update), https://proton.me/blog/india-block-proton-mail.
[2] LiveLaw, “Karnataka HC Issues Notice on Proton Mail’s Appeal” (30 Jun 2025), https://www.livelaw.in/high-court/karnataka-high-court/karnataka-high-court-hearing-appeal-against-central-government-ban-proton.; TechTrace, “Proton challenges Karnataka HC’s blocking order” (30 Jun 2025), https://thetechtrace.substack.com/p/edition-7-proton-challenges-karnataka-hc-blocking-order.
[3] India Today, “Proton Mail faces ban after Karnataka HC order” (29 Apr 2025), https://www.indiatoday.in/technology/news/story/proton-mail-faces-ban-in-india-after-karnataka-hc-order-2716904-2025-04-29.
[4] Medianama, “Karnataka High Court Orders Proton Mail Block in India” (29 Apr 2025), https://www.medianama.com/2025/04/223-karnataka-court-orders-encrypted-proton-mail-ban/.
[5] New Indian Express, “Ban ProtonMail, block offending URLs immediately” (30 Apr 2025), https://www.newindianexpress.com/states/karnataka/2025/Apr/30/ban-protonmail-block-offending-urls-immediately-karnataka-hc-to-ce.
[6] Rule 10, Information Technology (Procedure and Safeguards for Blocking for Access by the Public) Rules, 2009
[7] Scroll.in, “Why a court ban on Proton Mail sparks privacy fears” (27 Jul 2025), https://scroll.in/article/1084862/why-a-court-ban-on-encrypted-email-service-proton-mail-has-sparked-digital-privacy-fears.
[8] Proton, “Proton Mail is not blocked in India” (1 May 2025 update), https://proton.me/blog/india-block-proton-mail.
[9] Information Technology Act, 2000, Section 69A.
[10] SFLC.in, “SFLC.in challenges Rule 16” (2 Mar 2025), https://sflc.in/sflc-in-challenges-rule-16-of-the-blocking-rules-2009-in-the-supreme-court/.
[11] Courtbook.in, “Why Karnataka HC Issued Notice on Proton Appeal” (1 Jul 2025), https://courtbook.in/posts/why-did-karnataka-high-court-issue-notice-on-proton-mails-appeal-against-blocking-order
[12] LiveLaw, “Karnataka HC Issues Notice on Proton Mail’s Appeal” (30 Jun 2025), https://www.livelaw.in/high-court/karnataka-high-court/karnataka-high-court-hearing-appeal-against-central-government-ban-proton.
[13] Shreya Singhal v. Union of India, (2015) 5 SCC 1.
[14] Information Technology Act, 2000, Section 79(3)(b).
[15] LiveLaw, “Karnataka HC Issues Notice on Proton Mail’s Appeal” (30 Jun 2025), https://www.livelaw.in/high-court/karnataka-high-court/karnataka-high-court-hearing-appeal-against-central-government-ban-proton.
[16] The Hacker News, “Indian Court Orders Block of Proton Mail” (29 Apr 2025), https://thehackernews.com/2025/04/indian-court-orders-action-to-block.html.
[17] Business & Human Rights, “Proton Mail ban sparks encryption concerns” (27 Jul 2025), https://www.business-humanrights.org/en/latest-news/proton-mail-ban-in-india-sparks-encryption-privacy-concerns/.
