(This is a continuation of the previous article)
Birth of the “Intermediary”
When the Information Technology Act, 2000 came into force on 17 October 2000, the Internet was still in its infancy in India.
The Act introduced the concept of an Intermediary under Section 2(1)(w).
The original definition covered persons who merely received, stored or transmitted electronic records or provided related services.
Typical intermediaries contemplated in 2000 included
-
- Internet Service Providers
- Network Service Providers
- Web Hosting companies
- Search Engines
- Cyber Cafés
- Telecom infrastructure providers
The intermediary was viewed largely as a technical conduit, not as an active participant in online communication.
Under the original Section 79, intermediaries enjoyed absolute immunity for third-party content as long as they functioned purely as passive network pipelines and had no data-modifying role. The scope of defined intermediaries was narrow, focusing primarily on network and internet service providers.
The intermediary escaped liability only if it could prove that the offence occurred
-
- without its knowledge, or
- despite due diligence.
The burden was therefore on the intermediary.
2008 Amendment
Prompted by systemic gaps and high-profile litigations (such as Avnish Bajaj v. State), Section 79 was completely overhauled. It introduced conditional immunity, establishing that safe harbor depends on the intermediary exercising due diligence and acting immediately to remove content upon receiving “actual knowledge” of an unlawful act.
The new Section 79 declared that an intermediary shall not be liable for third-party information provided it
-
- merely provides access,
- does not initiate transmission,
- does not select the receiver,
- does not modify the transmitted information,
- observes due diligence,
- complies with Government directions.
The amendment also expanded the statutory definition of intermediary to expressly include entities such as:
-
- telecom service providers,
- network service providers,
- internet service providers,
- web-hosting providers,
- search engines,
- online payment sites,
- online auction sites,
- online marketplaces,
- cyber cafés.
The philosophy shifted from “liable unless proved innocent” to “immune unless statutory conditions are violated.”
2011 Intermediary Guidelines
The Information Technology (Intermediaries Guidelines) Rules, 2011 were notified under Section 87(2)(zg). They were India’s first comprehensive due diligence rules for intermediaries. They required intermediaries to:
- publish terms of use,
- prohibit specified categories of unlawful content,
- appoint grievance officers,
- remove unlawful information within prescribed timelines after obtaining actual knowledge,
- cooperate with Government agencies.
The prohibited-content list included obscenity, defamation, copyright infringement, hate speech, malware and similar categories.
For the first time, the concept of “due diligence” acquired operational meaning.
Shreya Singhal case
The Supreme Court fundamentally reinterpreted “actual knowledge” under Section 79(3)(b). The court ruled that an intermediary is only obligated to take down content upon receiving a court order or a direct government directive, preventing private citizens from forcing platforms to remove content arbitrarily.
Intermediary Rules of 2021
The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 replaced the 2011 rules. The Government explained that the objective was to increase transparency, accountability and user protection while extending the regulatory framework to digital media and OTT platforms.
These rules introduced a tiered system separating standard intermediaries from Significant Social Media Intermediaries (SSMIs).
Key mandates included appointing India-resident compliance officers, monthly compliance reporting, and tracing the “first originator” of automated/encrypted messages.
The intermediary was no longer viewed as merely a passive conduit.
Instead, different categories of intermediaries acquired different compliance obligations.
New concepts introduced included:
-
- Social Media Intermediary (SMI)
- Significant Social Media Intermediary (SSMI)
- Resident Grievance Officer
- Chief Compliance Officer
- Nodal Contact Officer
- Monthly Compliance Reports
- Traceability requirements for significant messaging platforms
- Automated content detection for specified categories
- Digital Media Code of Ethics
This marked the transition from safe harbour to safe harbour with accountability.
Amendment of 2022
This amendment introduced government-appointed Grievance Appellate Committees (GACs). Users gained a formal state-backed mechanism to appeal an intermediary’s internal content moderation or account suspension decisions, shifting oversight outward from the platforms.
Amendment of 2023
MeitY introduced a framework empowering a central Fact-Checking Unit (FCU) to flag “false or misleading” information concerning the business of the Central Government, directing intermediaries to remove such flagged content to maintain safe harbor.
Major additions included
- Online Gaming Intermediaries,
- Self-Regulatory Bodies,
- Permissible Online Games,
- Online Real Money Games.
The definition of intermediary was effectively enlarged to include gaming platforms with specialised obligations.
Amendment of 2025
Notified to regulate Rule 3(1)(d), this amendment reformed the “actual knowledge” pipeline.
Instead of relying solely on court orders or government notifications in the earlier form, it introduced structured procedures requiring authorised officers, reasoned written intimations, and additional safeguards intended to make takedown decisions more transparent and accountable.
It mandated that executive takedown orders must be written and reasoned, issued by senior personnel (not below Joint Secretary rank), and subjected to a mandatory monthly review by an officer at the Secretary level to ensure proportionality.
Amendment of 2026-1 (Synthetically generated content)
Recognizing the dangers of “Deepfake”, an amendment was introduced for strict liability for Synthetically Generated Information (SGI) or deepfakes. Intermediaries must prominently label AI-generated content, embed non-removable metadata, and dramatically compress response windows—requiring the removal of non-consensual intimate imagery within 2 hours and other prohibited synthetic data within 3 hours.
The intermediary is no longer merely regulating user-generated content. It is now expected to regulate AI-generated content.
Major innovations include:
New statutory concepts
-
- Audio-visual information
- Synthetically Generated Information
- AI-generated content
- Metadata
- Provenance
- Persistent labels
New duties
Intermediaries must
-
- identify synthetic content,
- label AI-generated content,
- preserve provenance,
- deploy technical safeguards,
- verify user declarations,
- prevent unlawful deepfakes,
- use automated detection tools where appropriate.
The Rules also clarify that references to “information” include synthetically generated information and introduce specific due diligence obligations for intermediaries that provide AI generation capabilities.
Structural Progression
The structural progression reveals a clear, permanent shift in the techno-legal architecture:
-
From Passive to Proactive: Intermediaries are no longer viewed as neutral conduits. They are now legally required to deploy algorithmic tools, verification systems, and metadata tagging to police synthetic media.
-
Compression of Compliance Timelines: Turnaround windows for grievance resolution and content blocking have shrunk from the original 72 hours down to urgent 2-to-3-hour operational mandates for high-risk content.
-
Erosion of Safe Harbor Certainty: Safe harbor is no longer a static shield; it functions as an active compliance standard. Any operational failure to uphold the evolving due diligence rules results in an automatic forfeiture of statutory immunity under Section 79, exposing platforms directly to prosecution under applicable penal codes.
The intermediary has therefore evolved into an AI governance participant.
In effect, the intermediary has evolved from a “carrier of information” to a “co-regulator of the digital ecosystem.” While Section 79 continues to provide the legal foundation for safe harbour, the conditions attached to that immunity have expanded substantially, reflecting the increasing expectation that intermediaries actively contribute to maintaining a safe, accountable, and trustworthy online environment.
Proposed Amendment 2026-2
In the amendments proposed now after 21st April 2026 for which public comments were available till May 7, 2026, Government wants the display of notice that a video was synthetically generated to be available through out the duration of the content in a visual display.
This is the amendment which the Government has cited for asking extension of time for its response in the Delhi High Court.
Subsequent to these developments, two more developments have hit the relationship between WhatsApp/Meta and the Government of India.
First was that WhatsApp proposed that it wants to allow users to use a chosen user name like a domain name and the public display of the phone number would be stopped. Government felt that this could hurt the identification of users, allow impersonation and asked WhatsApp to stop the implementation until further orders.
This provision would affect the earlier intermediary guidelines which requires WhatsApp to identify a “Originating user” of a message notified as objectionable by the Government. WhatsApp was contending that this identification was not possible because of “End-to-end Encryption”. FDPPI had in its intervention petition pointed out that this was incorrect since the phone number should be available for disclosure.
Now WhatsApp may even say that it has no means of identifying the phone number and provide only the user name as picked by the user. This would make it even more difficult for the law enforcement to identify the user.
Hence Government has a reason to include in its response this new development.
Yet another change that has happened is that Instagram has been accused of running ads which abuse children. Meta says it has removed the ads now but the controversy about what due diligence is expected of Meta in this regard lingers on. This controversy has impact on the use of “AI” in creating the ads.
Hence Government has a reason to include this also in its response.
It is a reasonable expectation that one or more of the petitioners may sooner or later launch another litigation again claiming that the Intermediary guideline is unconstitutional even after a decision is taken on the current dispute in the Delhi High Court.
Hence it is necessary for the Court to ensure that this does not become a continuing dispute that prevents the Government from proceeding further with its functions of regulation and put an end to the dispute.
More discussions will follow. Viewers can send their ractions.
Naavi











