Ministry: 
Communication and IT
  • Sep 13, 2019

The Government had notified four sets of Rules under the Information Technology Act, 2000 on April 11, 2011. A copy of the Rules as notified and the PRS Rules and Regulations Review can be downloaded here.

Key Features of the Rules

  • Four sets of Rules have been introduced under the Information Technology Act, 2000, as amended by the Information Technology (Amendment) Act, 2008.
  • The Security Practices Rules require entities holding sensitive personal information of users to maintain certain specified security standards.
  • The Intermediary Guidelines Rules prohibit content of specific nature on the internet. An intermediary, such as a website host, is required to block such content.
  • The Cyber Café Rules require cyber cafés to register with a registration agency and maintain a log of identity of users and their internet usage.
  • Under the Electronic Service Delivery Rules the government can specify certain services, such as applications, certificates, licenses etc, to be delivered electronically.

Issues and Analysis

  • The Security Practices Rules require sensitive personal information to be disclosed to government agencies. The safeguards against such disclosure differ from those under other laws. Also, these Rules may be superseded by an agreement.
  • The Intermediary Guidelines Rules that allow blocking of content on the internet may violate the right to free speech. These Rules differ from the requirements governing content of other media like newspapers and television.
  • The Cyber Café Rules may have negative implications for privacy and personal safety of the users.

Read the complete analysis here