Internet Freedom

India's Draft IT Rules Draw Digital Rights Backlash

April 1, 20265 min readLast updated Apr 15, 2026

By Marcus Weber — CISSP certified, 12 years in cybersecurity journalism

India's Draft IT Rules Draw Digital Rights Backlash

India's Proposed IT Rules Amendment Sparks Free Speech Debate

India's draft amendments to its Information Technology Rules, 2021, are facing significant pushback from civil society. The Internet Freedom Foundation (IFF), a prominent digital rights organization, has publicly condemned the proposals, describing them as "digital authoritarianism" and a "dangerous expansion of executive power over online speech." The group is calling for the immediate withdrawal of the draft and urging Indian citizens to submit comments before the public consultation period closes on April 14, 2026.

The controversy centers on what critics see as a pattern of using rule-making processes to expand government authority over the internet in ways that bypass legislative scrutiny and existing judicial decisions.

What the Proposed Changes Would Do

According to the IFF's analysis, the draft amendments would introduce two major shifts in how online platforms and intermediaries operate in India.

First, the proposals include expanded data retention obligations. Platforms would be required to store user data for longer periods, which critics argue creates broader infrastructure for surveillance. The concern is not just about what governments do with that data today, but about what becomes possible when large stores of personal data are held and accessible.

Second, the amendments would impose sweeping new compliance mandates on intermediaries, the companies that host, transmit, or process online content. These mandates could require platforms to take more aggressive action in monitoring and removing content, potentially at the direction of government authorities, before any independent judicial review takes place.

The IFF argues these changes are designed, in part, to work around existing court orders that have placed limits on executive power over online content in India. If accurate, that framing raises serious rule-of-law concerns beyond the immediate privacy and speech implications.

A Pattern Critics Say Is Accelerating

India has been navigating contentious debates over internet regulation for several years. The 2021 IT Rules themselves were controversial when introduced, drawing criticism for provisions that required platforms to appoint local compliance officers and trace the originators of certain messages. Those rules were challenged in multiple courts.

The current draft amendments appear to extend that regulatory direction further. Digital rights advocates argue that each successive round of rule changes incrementally shifts power toward the executive and away from users, courts, and independent oversight bodies.

The IFF's intervention follows a familiar pattern seen in other democracies grappling with platform regulation: governments argue that tighter rules are necessary to address misinformation, national security threats, or harmful content, while civil liberties groups warn that broadly written powers will inevitably be used to suppress legitimate speech and political dissent.

Neither concern is unfounded. The challenge for any regulatory framework is building in safeguards that address genuine harms without creating tools that can be turned against ordinary users or journalists.

What This Means For You

If you are an internet user in India, these proposed changes are directly relevant to your daily online life, even if the legal language feels abstract.

Expanded data retention means that more of your online activity could be logged and stored for longer periods by the platforms you use. Broader compliance mandates for intermediaries mean that content you post, share, or access could be subject to removal or restriction under rules that may not require a court order first.

For journalists, activists, and ordinary citizens who rely on open access to information and the ability to communicate freely, the stakes are high. The public comment period running until April 14, 2026, represents a formal opportunity to put concerns on the record. Civil society organizations like the IFF typically provide guidance on how to submit effective comments to government consultations.

For users outside India, this story is a useful reminder that platform rules are not uniform globally. The compliance obligations that govern what a service can or must do with your data vary significantly depending on where servers are located, where companies are incorporated, and what local laws require.

Actionable Takeaways

Follow the consultation period. The IFF and similar organizations are tracking the amendment process and publishing analysis. Staying informed is the first step.
Submit a public comment. If you are an Indian resident or citizen, the government's consultation process accepts public submissions. Civil society groups can help you understand how to participate effectively.
Review your platform settings. Regardless of what rules ultimately pass, regularly auditing your privacy settings on major platforms is good practice.
Understand data minimization. Services that collect less data about you retain less data that could ever be subject to government retention requirements. Choosing privacy-respecting tools and services is a long-term strategy, not a reaction to any single law.
Support digital rights organizations. Groups like the IFF do detailed legal and policy analysis that most individuals do not have the time or resources to conduct themselves. Their work benefits everyone who uses the internet.

India's IT Rules debate is far from resolved. With the comment period still open and legal challenges likely to follow if the amendments proceed, this is a story worth watching closely.

// FAQ

What organization is leading the opposition to India's draft IT Rules amendments?

The Internet Freedom Foundation (IFF), a prominent digital rights organization, is leading the opposition and has publicly condemned the proposals as 'digital authoritarianism.' The group is calling for the immediate withdrawal of the draft amendments.

What are the two major changes introduced by the proposed amendments?

The two major changes are expanded data retention obligations requiring platforms to store user data for longer periods, and sweeping new compliance mandates on intermediaries that could require more aggressive content monitoring and removal. Critics argue both changes expand government surveillance and control over online speech.

When is the deadline for public comments on the draft amendments?

The public consultation period closes on April 14, 2026, and the IFF is urging Indian citizens to submit comments before that deadline.

Why do critics argue the amendments raise rule-of-law concerns?

The IFF argues the changes are designed in part to work around existing court orders that have placed limits on executive power over online content in India. This framing suggests the amendments may be attempting to bypass judicial oversight rather than go through proper legislative scrutiny.

How do the proposed amendments relate to India's 2021 IT Rules?

The 2021 IT Rules were already controversial, requiring platforms to appoint local compliance officers and trace message originators, and were challenged in multiple courts. The current draft amendments appear to extend that regulatory direction even further, with critics arguing each successive round of changes incrementally shifts power toward the executive.