The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 was notified by the Ministry of Electronics and Information Technology in February, 2021. The Rules provides three months timeline to social media intermediaries in order to comply with the New IT Rules thereby making all social media platforms to comply with the new Rules by May 26, 2021.


The Rules provides the due diligence to be followed by an intermediary (including social media intermediary) while discharging its duties, Grievance Redressal Mechanism  and Digital Media Code of Ethics..



  • Prominently publish on its website (or mobile based application or both), the rules and regulations, privacy policy and user agreement for access or usage of its computer resource by any person;
  • Through rules and regulations, privacy policy or user agreement of the intermediary, ensure to inform the user of its computer resource not to host, display, upload, modify, publish, transmit, store, update or share any information that belongs to any other person; is defamatory, obscene, pornographic, paedophilic, invasive of another’s privacy; is harmful to child; infringes any patent, trademark, copyright or other proprietary rights; impersonates another person; threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign States, or public order; contains software virus or any other computer code, file or program designed to interrupt, destroy or limit the functionality of any computer resource; is patently false and untrue, and is written or published in any form, with the intent to mislead or harass a person, entity or agency for financial gain or to cause any injury to any person.
  • Periodically inform its users (at least once every year), the consequences of non-compliance with rules and regulations, privacy policy or user agreement for access or usage of the computer resource of such intermediary such as termination of the access or usage rights of the users to the computer resource immediately or remove non-compliant information or both.
  • Prohibit to host, store or publish any unlawful information, which is against any law for the time being in force in relation to the interest of the sovereignty and integrity of India.
  • Periodically (at least once in a year) inform its users of its rules and regulations, privacy policy or user agreement or any change in the rules and regulations, privacy policy or user agreement.
  • In case any information is collected from a user for registration on the computer resource, it shall retain his information for a period of one hundred and eighty days after any cancellation or withdrawal of his registration.
  • Provide information under its control or possession as soon as possible, but not later than seventy two hours of the receipt of an order to the Government agency which is lawfully authorised for investigative or protective or cyber security activities, for the purposes of verification of identity, or for the prevention, detection, investigation, or prosecution, of offences.
  • Ensure not to deploy or install or modify technical configuration of computer resource or become party to any act that may change or has the potential to change the normal course of operation of the computer resource than what it is supposed to perform thereby circumventing any law for the time being in force.
  • Report cyber security incidents and share related information with the Indian Computer Emergency Response Team in accordance with the policies and procedures as mentioned in the Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013.


Grievance redressal mechanism of intermediary

  • The intermediary must ensure to prominently publish on its website, mobile based application, the name of the Grievance Officer and his contact details as well as mechanism by which a user or a victim may make complaint against violation of the provisions of this rule or any other matters pertaining to the computer resources made available by it.
  • The intermediary shall, within twenty-four hours from the receipt of a complaint made by an individual or any person on his behalf in relation to any content which is prima facie in the nature of any material which exposes the private area of such individual, shows such individual in full or partial nudity or shows or depicts such individual in any sexual act or conduct, or is in the nature of impersonation in an electronic form, including artificially morphed images of such individual, take all reasonable and practicable measures to remove or disable access to such content which is hosted, stored, published or transmitted by it.


Additional due diligence to be observed by significant social media intermediary

  • A significant social media intermediary shall, within three months from the date of notification must observe the following additional due diligence while discharging its duties:

(i) appoint a Chief Compliance Officer who shall be responsible for ensuring compliance with the Act;

(ii) appoint a nodal contact person for 24×7 coordination with law enforcement agencies and officers to ensure compliance to their orders or requisitions made in accordance with the provisions of law or rules made thereunder.

Note: “nodal contact person” means the employee of a significant social media intermediary, other than the Chief Compliance Officer, who is resident in India.

(iii) appoint a Resident Grievance Officer, who shall, subject to clause (b), be responsible for the functions referred in Grievance redressal mechanism of intermediary.

(iv) publish periodic compliance report every month mentioning the details of complaints received and action taken thereon, and the number of specific communication links or parts of information that the intermediary has removed or disabled access to in pursuance of any proactive monitoring conducted by using automated tools.

  • A significant social media intermediary providing services primarily in the nature of messaging shall enable the identification of the first originator of the information on its computer resource as may be required by a judicial order passed by a court of competent jurisdiction.
  • A significant social media intermediary that provides any service with respect to an information or transmits that information on behalf of another person on its computer resource for direct financial benefit in a manner that increases its visibility or to which it owns a copyright, or has an exclusive license, shall make that information clearly identifiable to its users as being advertised, marketed, sponsored, owned, or exclusively controlled.
  • A significant social media intermediary shall endeavour to deploy technology-based measures, to proactively identify information that depicts any act or simulation in any form depicting rape, child sexual abuse or conduct, whether explicit or implicit, or any information which is exactly identical in content to information that has previously been removed or access to which has been disabled on the computer resource of such intermediary and shall display a notice to any user attempting to access such information stating that such information has been identified by the intermediary.
  • The significant social media intermediary shall have a physical contact address in India published on its website, mobile based application or both, for the purposes of receiving the communication addressed to it.
  • Implement an appropriate mechanism for the receipt of complaints and grievances in relation to the violation of provisions.
  • Enable users who register for their services from India, or use their services in India, to voluntarily verify their accounts by using any appropriate mechanism, including the active Indian mobile number of such users, and where any user voluntarily verifies their account, such user shall be provided with a demonstrable and visible mark of verification, which shall be visible to all users of the service.


Additional due diligence to be observed by an intermediary in relation to news and current affairs content

A clear and concise statement informing publishers of news and current affairs content shall be published by an intermediary shall publish, on an appropriate place on its website, mobile based application or both, in addition to the common terms of service for all users, such publishers shall furnish the details of their user accounts on the services of such intermediary to the Ministry.



Applicability: Apply to the following persons or entities, namely:—

(a) publishers of news and current affairs content;

(b) publishers of online curated content.


Furnishing and processing of grievance

  • Any person having a grievance regarding content published by a publisher in relation to the Code of Ethics may furnish his grievance on the grievance mechanism.
  • The publisher shall generate and issue an acknowledgement of the grievance for the benefit of the complainant within twenty-four hours of it being furnished for information and record.


Self-Regulating mechanism at Level I

  • A publisher shall—

(a) establish a grievance redressal mechanism and shall appoint a Grievance Officer based in India, who shall be responsible for the redressal of grievances received by him;

(b) display the contact details related to its grievance redressal mechanism and the name and contact details of its Grievance Officer at an appropriate place on its website or interface, as the case may be;

(c) ensure that the Grievance Officer takes a decision on every grievance received by it within fifteen days, and communicate the same to the complainant within the specified time:

(d) be a member of a self-regulating body as referred to in Rule 12 and abide by its terms and conditions.

  • Online curated content shall be classified by the publisher of such content into the categories referred to in the Schedule, having regard to the context, theme, tone, impact and target audience of such content, with the relevant rating for such categories based on an assessment of the relevant content descriptors.
  • Every publisher of online curated content shall display the rating of any online curated content and an explanation of the relevant content descriptors, prominently to its users at an appropriate place, as the case may be, in a manner that ensures that such users are aware of this information before accessing such content.


Furnishing of information

  • A publisher of news and current affairs content and a publisher of online curated content operating in the territory of India, shall inform the Ministry (within a period of thirty days from publication of Rules) about the details of its entity by furnishing information along with such documents as may be specified, for the purpose of enabling communication and coordination.
  • The publisher of news and current affairs content and the publisher of online curated content shall publish periodic compliance report every month mentioning the details of grievances received and action taken thereon.


Read the Rules HERE

Must Watch

SCC Blog Guidelines

Justice BV Nagarathna

call recording evidence in court



  • […] The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 are the most recent Rules in relation to this subject. Under the IT Act, an intermediary is not liable for the third-party information that it holds or transmits.  However, to claim such exemption, it must adhere to the due diligence requirements under the IT Act and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. Each significant social media intermediary is required to establish a grievance redressal mechanism. The new IT rules have come up with several due diligence that has to be followed by the social media intermediaries like facebook, whatsapp, snapchat etc. Out of which few will be discussed below: […]

  • […] Prasad also claimed the takedown via DMCA notice violated Indian law. Specifically, the Technology Minister claimed Twitter violated local law by failing to provide him with prior notice before locking him out of his account. The law cited was Rule 4(8) of the Information Technology Rules 2021. […]

Join the discussion

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.