On 30th March, 2026, the Ministry of Electronics and Information Technology (“MeitY”) released the IT Rules (Second Draft Amendments), 2026 (“Draft Amendments”). While purportedly issued to strengthen compliance, it introduces sweeping changes that would diminish the freedom of speech and expression under Article 19(1)(a) of the Constitution, and undermine established legal frameworks. SFLC.in calls for the complete and immediate withdrawal of these Draft Amendments.
You can submit your comments on the Draft Amendments in a rule-wise manner (.DOCX or .PDF format) via email to: itrules.consultation@meity.gov.in. The deadline is 14th April, 2026.
Rules 3(1)(g) and 3(1)(h) now state that data retention requirements under the IT Rules are without prejudice to any other data retention obligations, such as under the Digital Personal Data Protection Act, 2023 (DPDPA).
This could have a diluting effect on the rights of users under the DPDPA, including the Right to Erasure, as the IT Rules require user data to be preserved for at least 180 days (extendable) after purpose limitation has been served, regardless of whether consent exists for the same. No legal object has been mentioned for such a data retention mandate on intermediaries.
Rule 3(4) is newly inserted and requires that intermediaries comply with and give effect to any clarification, advisory, order, direction, standard operating procedure, code of practice or guideline issued by MeitY. The rule also states that such compliance is mandatory for platforms to receive safe harbour from intermediary liability under Section 79 of the IT Act, 2000. Multiple problems arise from this rule.
Firstly, clarifications, advisories, SoPs, and guidelines are non-binding in nature and do not form part of “law” under Article 19(2) of the Constitution. By mandating compliance with non-binding executive directions, the Draft Amendments go beyond the bounds of permitted delegated legislation. Section 87(3) of the IT Act, 2000 requires that all rules be laid before Parliament, ensuring legislative oversight. The Draft Amendments bypass this safeguard, thereby being ultra vires the parent Act and arbitrary. Advisories such as the one on AI Models, LLMs, and Gen AI would be binding, if issued after the Rules come into force.
Secondly, Rule 3(4) results in a “collateral censorship” effect on free speech rights of users. As held by the Supreme Court in Shreya Singhal v. Union of India, Section 79 is a statutory protection offered to intermediaries, not a conditional privilege that can be withdrawn by executive discretion. If platforms are compelled to obey every executive direction issued at the threat of open-ended liability for user generated content, they will rationally prioritise risk avoidance and compliance, which could result in over-monitoring and preventive over-censorship. To reduce the risk of losing safe harbour and facing civil and criminal liability, platforms would remove and censor lawful speech, particularly those that are critical of the government or related interests. In a country like India where press freedom and free speech rights face systematic erosion, such a rule could be used to silence critical voices and takedown lawful content, a pattern we already observe under existing rules. The result is a chilling effect on digital expression and the shrinking of available spaces for democratic participation.
Thirdly, Rule 3(4) is a reiteration of previous attempts to regulate content outside of the permitted procedure and scope. The 2023 Fact Check Unit (“FCU”) Amendments required intermediaries to comply with the decisions of the FCU on fake government-related news. The amendments were struck down as “unconstitutional” by the Bombay High Court in 2024, and an appeal is currently pending before the Supreme Court. Interestingly, the FCU Amendments were narrower in scope when compared to the Draft Amendments, as it applied to only one type of content. Similarly, the 2023 Broadcasting Bill attempted to regulate news content creators, including OTT platforms, under a strict regulatory framework, but concerted efforts from activists, civil society and the broader public resulted in its quiet withdrawal.
Fourthly, the rule requires that such executive actions must be issued in writing with the scope, applicability, compliance requirements, and legal basis specified. However, there is no requirement for public consultation or notice. Some of the most controversial directions issued recently, like Sanchar Saathi pre-installation and the SIM-binding directive, were done so without any public consultation or notice, and citizens were made aware of their ill-effects only due to diligent reporting and concerned content creators. These public accountability mechanisms are now sought to be regulated and controlled by MeitY through the Draft Amendments.
Rule 8(1) now has a newly-inserted proviso that applies Part III of the IT Rules to news and current affairs content hosted by intermediaries and even non-publisher users (previously only limited to “online paper, news portal, news aggregator, news agency”). Worryingly, the definition of “news and current affairs content” under Rule 2(1)(ta), if applied to non-publisher users, would result in virtually all public interest commentary being regulated. Under this rule, each and every person who disseminates content on news and current affairs, expresses their opinions on recent developments (be it political events, election coverage, policy updates, or local and regional public interest issues), and even those that provide eyewitness accounts of sensitive incidents like communal riots would face an increased threat of content removal and systematic clampdown on their free speech rights. Furthermore, this rule will operate in addition to existing blocking mechanisms under Section 69A and through the Sahyog Portal, both of which have been used to censor lawful speech previously. If in force, the rule would result in a flagrant violation of Article 19 of the Constitution, which is part of the “Golden Triangle,” the bedrock of our Fundamental Rights.
Rules 14(2) and 14(5) now expand the scope of the Inter-Departmental Committee (“IDC”) to consider “matters” beyond complaints, including those referred by MeitY. This broadening of scope is extremely problematic as it bypasses the judicial process. There are multiple challenges to Part III of the IT Rules pending before the Delhi High Court. To include not only grievances and complaints, but also the broad ambit of “matters” including user generated news and current affairs content is a way to circumvent such proceedings.
Broadly, these Draft Amendments represent yet another subversion of existing procedures and constitutional safeguards through opaque, arbitrary, and unchecked delegated legislation. It must be noted that the IT Rules themselves are in excess of permitted delegated legislation as they diminish rights and liabilities under the parent Act and create new substantive obligations not contemplated by the parent Act. If the Draft Amendments come into force, such excess would permeate further, resulting in opaque and arbitrary executive actions that are not communicated to the public, unprecedented amounts of digital censorship of critical voices on online platforms, and an oppressive chilling effect that stifles the free speech of citizens online.
For the above reasons, SFLC.in calls for the complete and immediate withdrawal of these Draft Amendments, and we will be submitting detailed comments recommending the same.
We urge you to express your comments on the Draft Amendments in a rule wise manner via email to itrules.consultation@meity.gov.in in .DOCX or .PDF format by 14th April, 2026!
