Indian cyber law miles behind the realities of social media

Need to amend Information Technology Act, 2000 to put it in sync with the requirement of times

Pavan Duggal

Advocate, Supreme Court of India


Social media is creating a new kind of space and as it creates history, one of the biggest challenges today is to look at the various legal, policy and regulatory issues around social media. Most people on social media often do not have an idea of the legal consequences governing what you do on the network. Most have no clue that whatever they put out on social media is going to remain there forever.

The massive success of social media has attracted cyber criminals and various kinds of cyber crimes are happening with increasing frequency on social media networks, whether it be identity theft, cyber stalking, cyber harassment or cyber defamation.

Indian cyber law deals with social media in a distinct light.

The Indian Information Technology Act, 2000 has come up with a new distinct category known as “intermediary”. An intermediary with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes. All social media websites are qualified as intermediaries under the Act.

The liability of intermediaries for third party is detailed in Chapter XII of the Act. Under Section 79 of the Act, intermediaries are as a principle not made liable for third party data, information or communication link made available by them, provided they comply with certain mandatory conditions, including complying with the Act, and rules and regulations made there under. Social media websites as intermediaries are duty bound to exercise due diligence while discharging their obligations under the Act. Further, due diligence has been defined under the Information Technology Rules, 2011 which ask these service providers to have terms which they inform the users that they shall not publish, upload, transmit any content which is violative of the law.

The Indian government notified the Information Technology Rules, 2011, exactly a year ago. These rules include the Information Technology (intermediary guidelines) Rules, 2011, which mandate social media websites as intermediaries to have detailed terms and conditions, rules and regulations and privacy policies in place so as to ensure compliance with the law. In particular, rule 3 of the said rules categorically mandates that social media websites shall inform the users of its computer resource not to host, display, upload, modify, publish, transmit, update or share any information that is grossly harmful, harassing, blasphemous, defamatory, obscene, pornographic, paedophilic, libellous, invasive of another's privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever. A perusal of the aforesaid parameters shows that these are very vast parameters, which are capable of all kinds of subjective interpretations. Of particular relevance is also the fact that once the social media websites get any complaint from an affected party about such unwarranted content or if they are so notified by the government, they are duty bound to act within 36 hours. In case they don’t act within 36 hours, they are exposed to legal liability, both civil and criminal, under the Information Te­chnology Act, 2000.

The last few months has seen a lot of hectic activity in India in the context of legal issues around social media. Last year, the statement by the Union minister Kapil Sibal pertaining to pre-moderation of social media generated a lot of flak. A couple of litigations have been filed against some social media service providers, which are subjudice at the time of writing.

In the context of social media legal issues in India, a couple of principles emerge in a crystal clear manner. The first principle is that any sovereign government of a sovereign nation has got sovereign powers to make legislations, regulations and rules for its nation, including for social media. The second principle is that if any social media website is operating in a territory or in a nation or its services are impacting computers located there, it will have to comply with the law of that land, irrespective of whether it is actually incorporated therein or not. The third principle is that since social media websites are intermediaries, they will have to comply with the parameters of Section 79 of the Information Technology Act, 2000 under all circumstances. The fourth principle is that if the Indian cyber law determines due diligence in a particular manner, till such time the law is not repealed, amended or modified, all social media websites have to comply with the said law.

I think there is an inherent problem if you're going in the direction of over regulation of social media. India has to realise that the Arab Spring revolution had some learning for countries. If you try to stifle social media and stifle freedom of speech and expression therein, the chances of social media having a tremendous impact upon political and social institutions of the country cannot be ruled out.

Instead, social media players need to be made clearer of what could be examples of online defamation or online harassment.

I believe Indian cyber law is miles behind the reality of social media and there is need for amending the Information Technology Act, 2000 to bring it in sync with the requirements of present times.

The approach towards more regulation of social media has to give way to more balanced realisation that first allows us put our house in order. Let's look at our own Information Technology Act, 2000, that was last amended in 2008. There is sea of change in technology since then. The said law is not at all well equipped to deal with the several nuances pertaining to social media, social media crimes, mobile security, mobile privacy, data protection, and more importantly, cloud computing. The ball lies in the court of the Indian government.

(The author is Asia’s leading cyber law authority. He can be reached at


  • Common test will safeguard sanctity and bring accountability to medical profession

    Recalling its order of 2013, the Supreme Court paved the way for the all-India common entrance test, the national eligibility-cum-entrance test (NEET)


Stay informed on our latest news!


Amita Sharma

Political rhetoric makes for counter poetry

Poetic flourishes flavour politics. Ghalib and Hafez flowed profusely to ...

Zehra Naqvi

Watch your words, for they can kill

You must’ve heard the ph­rase ‘if looks could kill’. Ever ...

Dharmendra Khandal

Biodiversity day has come and gone. Yet again

Every year on May 22, world celebrates international biodiversity day. ...


William D. Green

Chairman & CEO, Accenture