On 10th February, 2026, the Ministry of Electronics and Information Technology published the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026 (“2026 SGI Rules”), which amend the IT Rules, 2021. The Amendment was passed after a set of Draft Amendments on 22nd October, 2025, to further strengthen the due diligence framework for intermediaries, particularly in relation to synthetically generated information (“SGI”) and associated online harms. The government flagged certain challenges the amendment wants to tackle, including deepfakes, misinformation, and other unlawful content capable of misleading users and causing user harms, violating privacy, or threatening national integrity.
SFLC.in’s initial statement on the Amendment is as follows. While we agree that the harms emanating from SGI need to be dealt with, the Amendment creates separate challenges which need to be addressed as well.
We welcome the following additions of the 2026 SGI Rules:
- The exemption of good-faith use from the ambit of SGI, and the exemption of pure text and text-based use from the ambit of SGI, liable to enforcement action only as ‘information’ as under the IT Act, 2000. Only audio, visual, and audio/visual information is to be regulated as SGI.
- The carving out of lawful SGI and unlawful SGI, tailoring penalties and punitive actions only to unlawful SGI, and strictly defining the categories of SGI that are unlawful.
- Inclusion of ‘technical feasibility’ as the ceiling for measuring adequacy of measures deployed by intermediaries for both provenance information embedding/watermarking as well as detecting SGI, in line with global standards.
- Enhanced due diligence obligations, including mandated quarterly notices and stricter grievance redressal timelines, and shorter compliance timelines for grave violations such as CSEAM and NCII.
Our primary concerns, however, revolve around:
- The sharing of violating user info with the complainant, without prescribed procedure, which violates privacy rights and raises further questions and concerns about potential linking of ID proofs with user accounts and the creation of user registry.
- Implied inclusion of AI generation and creation tools within the ambit of intermediaries, which blurs distinction between SaaS and intermediaries, and dilutes the latter.
- Shortened compliance timelines for general violations and grievance redressal, regardless of the nature of the violation, which eliminates human review and leads to a chilling effect and over-monitoring and over-censorship over free speech.
- The retention of the requirement on intermediaries to ensure permanence of watermark/label with no prescribed standards, which is technically infeasible and increases the compliance burden on intermediaries and could work against the object of the Rules.
- The retention of ‘deemed failure’ standard, resulting in disproportionately high penalty of loss of safe harbour upon mere awareness, which as we observed in our comments, is likely to lead to overmonitoring and overcensorship. In light of the same, technical feasibility standards must be prescribed, and more transparency is needed.
Our detailed statement can be found below:
