Amendments to the IT Rules, 2021 | 31 Oct 2022

For Prelims: Amendments to the Information Technology Rules 2021, Article 14, Article 19, Article 21.

For Mains: Amendments to the Information Technology Rules 2021, Government Policies & Interventions.

Why in News?

Recently, government notified amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021.

  • These are aimed at making internet-open, safe & trusted and accountable, for the digital nagriks of the country.

What are the Key Amendments to IT Rules, 2021?

  • New Guidelines for Social Media Intermediaries:
    • Currently, intermediaries are only required to inform users about not uploading certain categories of harmful/unlawful content. These amendments impose a legal obligation on intermediaries to take reasonable efforts to prevent users from uploading such content. The new provision will ensure that the intermediary’s obligation is not a mere formality.
      • The amendment requires intermediaries to respect the rights guaranteed to users under the Articles 14, 19 and 21 of the Indian Constitution, therefore, including a reasonable expectation of due diligence, privacy and transparency.
    • For effective communication of the rules and regulations of the intermediary, it is important that the communication is done in regional Indian languages as well.
  • Amendments to the Rule 3:
    • The grounds in subclause 1 of rule 3 (rule 3(1)(b)(ii)) have been rationalized by removing the words ‘defamatory’ and ‘libellous’.
      • Whether any content is defamatory or libellous will be determined through judicial review.
    • Some of the content categories in subclause 1 of rule 3 (rule 3(1)(b)) have been rephrased to deal particularly with misinformation, and content that could incite violence between different religious/caste groups.
  • Establishment of Grievance Appellate Committee(s):
    • Grievance Appellate Committee(s) will be established to allow users to appeal against the inaction of, or decisions taken by intermediaries on user complaints.
      • However, users will always have the right to approach courts for any remedy.

What are the Key IT Rules, 2021?

  • Mandates Social Media to Exercise Greater Diligence:
    • Broadly, the IT Rules (2021) mandate social media platforms to exercise greater diligence with respect to the content on their platforms.
  • Establish a Grievance Officer:
    • They are required to establish a grievance redressal mechanism and remove unlawful and unfitting content within stipulated time frames.
      • The grievance officer of the platform’s redressal mechanism is responsible for receiving and resolving complaints of the users.
  • Ensuring Online Safety and Dignity of Users:
    • Intermediaries shall remove or disable access withing 24 hours of receipt of complaints of contents that exposes the private areas of individuals, show such individuals in full or partial nudity or in sexual act or is in the nature of impersonation including morphed images etc.
  • Educating Users about the Privacy Policies:
    • The privacy policies of the social media platforms must ensure that users are educated about not circulating copyrighted material and anything that can be construed as defamatory, racially or ethnically objectionable, paedophilic, threatening the unity, integrity, defence, security or sovereignty of India or friendly relations with foreign states, or violative of any contemporary law.

UPSC Civil Services Examination, Previous Year Question

Q. In India, it is legally mandatory for which of the following to report on cyber security incidents?


  1. Service providers
  2. Data centres
  3. Body corporate

Select the correct answer using the code given below:

(a) 1 only
(b) 1 and 2 only
(c) 3 only
(d) 1, 2 and 3

Ans: D

  • According to section 70B of the Information Technology Act, 2000 (IT Act), the Union Government by notification should appoint an agency named Indian Computer Emergency Response Team (CERTIn) to serve as the national agency for incident response.
  • The Union Government under section 70B of the IT Act, 2000 established and notified rules of CERT-In in 2014. According to Rule 12(1)(a), it is mandatory for service providers, intermediaries, data centers and corporate bodies to report cyber security incidences to CERT-In within a reasonable time of occurrence of the incident. Hence, 1, 2 and 3 are correct.
  • Therefore, option D is the correct answer.

Source: PIB