Mentoassociates.com – Legal Articles

In 2015, the Supreme Court of India delivered a watershed judgment that forever altered the trajectory of Indian internet law. The case, Shreya Singhal v. Union of India, struck down Section 66A of the Information Technology Act, 2000, and fortified the right to freedom of expression in the digital age.

This ruling is more than a milestone—it’s a constitutional compass guiding the future of online speech, content regulation, and intermediary responsibilities in India.

Background: Section 66A of the IT Act

Section 66A criminalized sending messages via electronic means that were:

• “Grossly offensive” or “menacing”,
• “False” with the intent to cause annoyance or inconvenience,
• Likely to cause “enmity, hatred or ill will”.

The law was vague and overbroad. It allowed arrests for harmless social media posts and memes. Citizens, students, and activists were detained for expressing opinions that displeased public authorities or influential individuals.

The Supreme Court’s Verdict

In a resounding affirmation of constitutional rights, the Supreme Court ruled that:

Section 66A is unconstitutional as it violates Article 19(1)(a) of the Constitution—the right to freedom of speech and expression.

The Court held:

• The terms used in Section 66A were undefined and subjective, leading to arbitrary arrests.
• The section had a chilling effect on legitimate expression.
• Restrictions on free speech must fall within the reasonable restrictions under Article 19(2)—which Section 66A failed to satisfy.

Clarification on Intermediary Liability (Section 79)

One of the key takeaways from the judgment was its interpretation of Section 79 of the IT Act:

Intermediaries (such as social media platforms) are not required to act on user complaints alone. They are only obligated to remove content after a court order or a government directive.

This clarification protects intermediaries from being forced into private censorship while ensuring that unlawful content can still be taken down through proper legal channels.

Constitutional Principles Reaffirmed

1. Vagueness invalidates law: Laws that use vague terms like “grossly offensive” cannot be enforced fairly.
2. Freedom of expression includes online speech: Digital speech enjoys the same constitutional protections as offline speech.
3. No prior restraint without legal backing: Takedown of content requires clear legal procedures.

Lasting Impact

• Section 66A was declared null and void, ending its misuse.
• Strengthened protections for digital dissent, satire, parody, and criticism.
• Provided legal clarity on intermediary obligations under Rule 3 of the IT Rules and Section 79.
• Cited frequently in cases involving online defamation, free speech, and content moderation.

A Word of Caution: The Ghost of 66A

Despite the ruling, multiple reports show that Section 66A continues to be invoked in FIRs and chargesheets. In response, the Supreme Court in 2022 reiterated that police and trial courts must not apply the repealed section.

The battle for digital rights, therefore, is not just legal—it is institutional, procedural, and ongoing.

Conclusion

The Shreya Singhal decision remains a constitutional bulwark against overreach in digital regulation. It empowered citizens, restrained the executive, and clarified the obligations of intermediaries in an age of rapid digital communication.

It reminds us that free speech is not a luxury of democracy—it is its foundation.

Written by Mento Isac, Advocate & Founder – Mento Associates
Advising on tech law, online defamation, and digital compliance across jurisdictions.
Bengaluru, India
mentoissac@mentoassociates.com | www.mentoassociates.com

In an era where billions of posts, tweets, and videos are uploaded daily, the question of who is accountable for online content becomes critically important. Section 79 of the Information Technology Act, 2000, provides a legal backbone for internet platforms operating in India—balancing freedom of expression, technological innovation, and accountability.

But how far does this “safe harbor” go? Let’s break it down.

What is Section 79?

Section 79 of the IT Act, 2000, grants conditional immunity to online platforms—called intermediaries—from liability for user-generated content.

Key Provision:

“An intermediary shall not be liable for any third-party information, data, or communication link made available or hosted by him…”

Provided that:

• The intermediary does not initiate, select the receiver of, or modify the transmission.
• It observes due diligence and complies with the Intermediary Guidelines, 2021.
• It acts promptly upon receiving actual knowledge of illegal content, by court order or government direction.

Who Qualifies as an Intermediary?

Under the IT Act:

• Social media platforms (e.g., Facebook, Twitter/X, Instagram)
• Messaging services (e.g., WhatsApp, Telegram)
• E-commerce platforms (e.g., Amazon, Flipkart)
• ISPs, cloud providers, blogging platforms are all treated as intermediaries.

Rule 3 of the IT Rules, 2021: Due Diligence Framework

Rule 3 is the backbone of intermediary due diligence under Indian cyber law. It mandates that intermediary:

1. Publish Terms of Use clearly prohibiting content that is defamatory, obscene, infringing, hateful, or a threat to public order or national security.
2. Remove unlawful content within 36 hours of receiving:
   • A court order, or
   • An official government notification.
3. Preserve removed content and related data for 180 days.
4. Appoint a Grievance Officer in India, who must:
   • Acknowledge complaints within 24 hours.
   • Resolve them within 15 days.
5. Assist law enforcement by providing required information within 72 hours when lawfully requested.
6. Ensure secure user authentication practices.

Significant Social Media Intermediaries (SSMIs)—with over 5 million users—must also:

• Appoint a Chief Compliance Officer and other key officers based in India.
• Enable user verification features.
• Publish monthly transparency reports.
• Enable tracing the originator of unlawful messages (Rule 4).

Failure to comply with Rule 3 revokes the immunity under Section 79.

Landmark Judicial Interpretations

Shreya Singhal v. Union of India (2015) – Supreme Court

• Struck down Section 66A of the IT Act.
• Clarified that “actual knowledge” under Section 79 arises only upon a court order or official notice—not mere user complaints.

MySpace Inc. v. Super Cassettes Industries Ltd. (2017) – Delhi High Court

• Intermediaries must act expeditiously once they have knowledge of infringing content.
• No obligation to proactively monitor all uploads.

Google India Pvt. Ltd. v. Visaka Industries Ltd. (2020) – Supreme Court

• Platforms cannot claim Section 79 protection if they knowingly fail to act or participate in unlawful dissemination.

Practical Implications

For Platforms:

• Maintain robust takedown mechanisms, legal SOPs, and audit trails.
• Avoid editorial control over user content.
• Respond promptly to official takedown orders.

For Victims of Online Harm:

• File a complaint under Rule 3(2) to the intermediary’s Grievance Officer.
• If unresolved, seek a court order or government notice to enforce content takedown under Rule 3(1)(d).
• Combine with civil or criminal remedies depending on the nature of the harm.

Conclusion

Section 79, read with Rule 3, offers a balanced liability framework in India’s evolving digital landscape. Intermediaries are protected—but only if they are diligent. For affected individuals, Rule 3 creates a formal avenue for redress and makes platforms more responsive and accountable.

As Indian courts continue to develop this jurisprudence, staying legally compliant—and digitally vigilant—is key.

Written by Mento Isac, Advocate & Founder – Mento Associates
Specializing in tech law, online defamation, and corporate litigation.

? mentoissac@mentoassociates.com | ? www.mentoassociates.com

In today’s hyperconnected world, reputations are built—and sometimes destroyed—online. A single tweet, Facebook post, or LinkedIn comment can go viral within hours, leading to serious reputational and financial damage. But what does Indian law say about defamation in the digital space?

What Is Cyber/Online Defamation?

Online defamation, also known as cyber defamation, occurs when defamatory content is published on the internet with the intent to harm someone’s reputation. This includes:

• Social media posts
• Blog articles or comments
• WhatsApp forwards
• YouTube videos or comments
• Online reviews

The impact is swift, far-reaching, and often permanent.

Legal Framework in India

1. Bharatiya Nyaya Sanhita (BNS), 2023

• The BNS replaces the Indian Penal Code from 1 July 2024.
• Section 356 of BNS corresponds to the old Section 499 IPC and defines criminal defamation, including imputation through words, signs, or visible representations.
• Section 357 replaces IPC Section 500 and prescribes punishment up to 2 years imprisonment, fine, or both for criminal defamation.

2. Information Technology Act, 2000

• Although Section 66A was struck down in Shreya Singhal v. Union of India (2015), platforms and intermediaries are still regulated under Section 79, which provides safe harbor if they act promptly on valid takedown requests.

3. Civil Remedies

• Victims may also file civil defamation suits seeking monetary damages and injunctions to restrain or remove defamatory content.

Criminal Prosecution for Online Defamation

Criminal defamation under BNS Sections 356 and 357 remains a powerful remedy for reputational harm—even when it occurs online.

Section 356 BNS – Definition of Defamation

Defamation includes any imputation made by words, signs, or visible representations intended (or likely) to harm a person’s reputation. The ten exceptions from the IPC continue under BNS—truth, public good, fair comment, etc.

Section 357 BNS – Punishment

“Whoever defames another shall be punished with simple imprisonment up to two years, or with fine, or both.”

How to File a Criminal Complaint

1. File a complaint before a Magistrate.
2. Court examines the complainant’s statement and supporting evidence.
3. If a prima facie case is made out, summons are issued.
4. Trial follows under criminal procedure, with burden of proof on the complainant.

Key Case Law

• Subramanian Swamy v. Union of India (2016): Upheld the constitutionality of criminal defamation, affirming the right to reputation as part of Article 21.
• M. J. Akbar v. Priya Ramani (2021): Recognized truth and public good as valid defenses in sensitive, reputationally charged contexts.

Civil Prosecution for Online Defamation

Civil defamation suits focus on damages and content takedown, offering a vital remedy for both individuals and businesses.

Legal Basis

Civil defamation is a tort—a wrongful act leading to reputational harm. The plaintiff must prove:

• A defamatory statement,
• Publication to third parties,
• Actual or presumed harm to their reputation.

Intent is not essential in civil law; even negligent publication may suffice.

Remedies

1. Injunctions (temporary or permanent) to restrain further publication or remove content.
2. Monetary damages for harm and emotional distress.
3. Mandatory injunctions to compel platforms to take down defamatory content.

Case Law on Mandatory Injunction and Takedown Orders

One of the most impactful decisions in this domain is:

Siddharth Vashisht v. Google India Pvt Ltd & Ors., Delhi High Court, 2022

In this case, the court found that once content is judicially declared defamatory, platforms must:

• Remove not only the specific URLs but also mirror and identical content,
• Proactively prevent re-uploads,
• Act under the “actual knowledge” doctrine, making them liable upon court direction or legal notice.

Filing a Civil Suit

• Civil defamation suits must be filed in the District Civil Court having territorial and pecuniary jurisdiction.
• Karnataka High Court does not have original civil jurisdiction, unlike High Courts in Delhi, Bombay, Calcutta, and Madras.
• Plaintiffs in Karnataka must first approach the City Civil Court or District Court, based on where the defendant resides or where the defamatory act occurred.
• A legal notice is often—but not legally—required before filing.
• Courts may grant interim injunctions if urgency and reputational harm are convincingly shown.

Other Important Judgments

• Tata Sons Ltd. v. Greenpeace (2011) – Even satire may be restrained if it damages corporate reputation unfairly.
• Indian Express v. Jagmohan (1985) – Balanced freedom of the press with the right to reputation.

Practical Advice

• Preserve evidence: Screenshots, URLs, and metadata are crucial.
• Act swiftly: Delay can reduce the likelihood of getting interim relief.
• Engage legal help early: Often, a strategic legal notice or mediation can prevent long litigation.

Final Thoughts

Online defamation is no longer a grey area. With clear statutory backing under the Bharatiya Nyaya Sanhita, the IT Act, and strong judicial precedent, victims today have a well-developed legal toolkit. Whether you’re a professional, business owner, or public figure, knowing your remedies can make all the difference in protecting your digital dignity.

Written by Mento Isac, Advocate & Founder – Mento Associates
Advising on digital law, dispute resolution, and corporate litigation across India.

? mentoissac@mentoassociates.com | ? www.mentoassociates.com

The era of digitization gave birth to entirely new markets which deal with the collection, organization, and processing of personal information, whether directly or as critical component of business. The outburst of Covid-19 and the lock-down has led to several challenges in various sectors regarding data privacy and protection; hence protection of data and privacy plays a much important role now, as there are several loopholes in which data can be breached and its security is at major risk.

Section 2 (o) of Information Technology Act,2000 defines “data” which means a representation of information, knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalized manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts, magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.

Data protection is the process of safeguarding important information from corruption, compromise or loss. Through the landmark judgment of Justice K.S Puttaswamy vs Union of India (AIR 2017 SC 4161), the Hon’ble Supreme Court held right to privacy is declared as a fundamental right under Article 21 of Indian Constitution. This judgment made general public realize that their data is intrinsic, important and therefore worthy of protection.

At present India does not have specific legislation in regard to data protections and privacy, although a Personal Data Protection Bill, 2019 was introduced in Lok sabha. There are many ambiguities as to the implementation of this bill, but there are some important enactments which focuses and governs privacy protection and personal data
• Information Technology Act, 2000.
• The Right to Information Act,2005
• Information Technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021

Section 43A of the IT Act 2000 provides that whenever a corporate body possesses or deals with any sensitive personal data or information, and is negligent in maintaining a reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, then such body corporate shall be liable to pay damages to the persons so affected.

Section 72A of the IT Act 2000 provides that any person (including an intermediary) who, while providing services under the terms of a lawful contract, has secured access to any material containing personal information about another person, with the intent of causing or knowing that he is likely to cause wrongful loss or wrongful gain discloses, without the consent of the person concerned, or in breach of a lawful contract, such material to any other person, shall be punished with imprisonment for a term which may extend to three years, or with fine which may extend to five lakh rupees, or with both.

Section 8 (1)(j) of Right to Information Act – This section provides that the authorities are under no obligation to provide information to citizens regarding inter alia information which relates to personal information, the disclosure of which has no relationship to any public activity or interest, or which would cause unwarranted invasion of the privacy of the individual unless the Central Public Information Officer or the State Public Information Officer or the appellate authority, as the case may be, is satisfied that the larger public interest justifies the disclosure of such information.

The Information technology (Guidelines for intermediaries and digital media ethics code) Rules, 2021 have been passed under sections 69A(2), 79(2)(c) and 87 of the Information Technology Act, 2000. Rule 4(2) provides that a significant social media intermediary providing services primarily in the nature of messaging shall enable the identification of the first originator of the information on its computer resource as may be required by a judicial order passed by a court of competent jurisdiction or an order passed under section 69 by the Competent Authority as per the Information Technology (Procedure and Safeguards for interception, monitoring and decryption of information) Rules, 2009. This rule is clearly a major threat to the privacy of the users and this was challenged by Whatsapp in Delhi High Court to quash a new government rule which is against right to privacy.

CONCLUSION:
India has gone more digital in this covid-19 pandemic era, than ever before. In this digital era, data is a valuable resource that needs to be protected and regulated. Right to privacy cannot be exercised effectively unless data is protected through a legal regime; therefore implementation of personal data protection bill becomes very important.

Authored by

RAMYA C N
Associate

The internet is an oft praised platform with plenty of opportunities for people to explore options, and more importantly, voice their opinions. It is the platform where anybody who wants to express an opinion about anything may do so- your age, sex, nationality, country of residence, etc, are irrelevant. All you really need is a social networking website, a registered ID, a workable internet connection, and obviously, a mode to carry out the task (be it the old fashioned net cafe desktops, or even just cell phones given technologies recent ascent).

While much of these opinions are awe-inspiring, exhilarating even, certain others may find these opinions offensive- maybe even frightening. Take for instance, the arrest of the two users in Maharashtra who questioned the Bandh following the death of Bal Thackeray, former leader of the Shiv Sena. The state home minister R.R. Patil, at that point, announced a high level probe into the matter. He said the police targeted the girls because of the ambiguity in the Information Technology (IT) Act, 2000.

Of recent events is the highlight of Jaya Vindhyala, a PUCL activist who allegedly posted derogatory comments on her Facebook ‘timeline’ on Chirala legislator, Amanchi Krishna Mohan and the Tamil Nadu Governor, K Rosaiah. Subsequently, Amanchi Mohan filed a complaint and the police invoked provisions of Section 66A of the IT Act, and Section 120 B of the IPC (Criminal Conspiracy). Jaya Vindhyala was arrested on the 12th of May, 2013.

Section 66A of the Information Technology Act deals with punishment for sending offensive messages through communication service, which cause annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or ill will. For the purpose of this section, “electronic mail message” and “electronic mail” cover messages or information transmitted or received on a computer, computer resource, and communication device and include attachments whether in text, images, audio, video or any other electronic records which may be transmitted via messages. The real question, however, is what constituted electronic messages to be offensive or menacing? Going by the English language, it would depend from person to person; a subjectively skewed outlook with its own threats of ambiguity overriding liberty.

What’s worrisome about the case of Vindhyalaya is that she had been opposing the local legislator on several issues and brought out a fact- finding committees report accusing the legislator of malpractices.

India is a Democratic country which holds dear its constitutionally prescribed Fundamental Rights of which Article 19(1) (a) epitomizes the freedom of speech and expression. Are people no longer permitted to voice their opinions, be it via paper medium, or even the internet? The internet has a far greater reach than most paper medium would- what with users constantly overusing the infamous search engines of Google and Bing and posting whatever thoughts flow through the innards of their brains on public forums, like Facebook and Twitter, sparking off heated debates. Yet, several times, as has been observed, the ambit of this right is required to be contained.

The phraseology of Section 66A of the IT Act is wide and vague; incapable of being judged on objective standards, thus far susceptible to reckless abuse. Earlier in the year, as per the Centre’s January 9th Advisory, “State governments are advised that as regard to arrest of any person in complaint registered under section 66A of the Information Technology Act, the concerned police officer of a police station may not arrest any person until she/he has obtained prior approval of such arrest from an officer, not below the rank of Inspector General of Police (IGP) in metropolitan cities or of an officer not below the rank of Deputy Commissioner of Police (DCP) or Superintendent of Police (SP) at district level, as the case may be.”

Justices B.S. Chauhan and Dipak Misra, comprising the Apex Court vacation bench, on the 16th of May 2013 refused to pass an order for a blanket ban on arresting persons for posting objectionable comments on website. In lieu with the Centre’s January 9 advisory, the Supreme Court reiterated that no person should be arrested for posting “objectionable comments” on social networking platforms without taking prior permission from senior police officials. The order was passed based on an interim application which sought the release of Smt. Jaya Vindhyala. This application was filed by Shreya Singhal (CRL.MP nos. 11600 & 11601/2013) in a writ petition [Article 32] in Shreya Singhal v. Union of India [WP (Crl) 167/2012]..

Authored By-
Janhavi R I
II Year
BBA/LLB
Symbiosis Law School, Pune

The Public Gambling Act, 1867 prohibits offline gambling. Betting as such is illegal business conducted in India. Hence online betting is also not legal.
Definition of Gambling
According to List II Entry 34 of the Constitution of India-
“‘gambling’ includes any activity or undertaking whose determination is controlled or influenced by chance or accident and any activity or undertaking which is entered into or undertaken with consciousness of the risk of winning or losing (eg, prize competitions, a wagering contract) … where there is no actual transfer of goods but only payment or receipt of the difference according to the market price, which varies from the contract price.”
In short Gambling is an activity where chance decides the result more than the skill. Hence cricket betting is also a gambling and hence illegal. No bank will support such a financial activity Horse racing is the only legalized gambling sport in India.
Though there are no specific laws which prohibit internet cricket betting/predictions, a wider interpretation of the existing provisions of the IT Act, 2000 will certainly prohibit the same.
Section 67 of the Information Technology Act 2000 is extracted below
Section 67: Publishing of information which is obscene in electronic form:

Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees.

Quoted below is the rule 3 of the Information Technology (Intermediaries guidelines) Rules, 2011.

Due diligence to he observed by intermediary — The intermediary shall observe following due diligence while discharging his duties, namely: —
(1) The intermediary shall publish the rules and regulations, privacy policy and user agreement for access-or usage of the intermediary’s computer resource by any person.
(2) Such rules and regulations, terms and conditions or user agreement shall inform the users of computer resource not to host, display, upload, modify, publish, transmit, update or share any information that —
(a) belongs to another person and to which the user does not have any right to;
(b) is grossly harmful, harassing, blasphemous defamatory, obscene, pornographic, paedophilic, libellous, invasive of another’s privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever;
(c) harm minors in any way;
(d) infringes any patent, trademark, copyright or other proprietary rights;
(e) violates any law for the time being in force;
(f) deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;
(g) impersonate another person;

Hence an Internet Service Provider can definitely block a gambling site based on the above guidelines. A broad interpretation of the above provision will certainly make online cricket betting an offence and hence illegal.

Information Technology Act 2000 enlists various cyber offences and their punishments. The Acts gives serious punishment for tampering with computer source documents. Whoever intentionally conceals, destroys or alters any computer source code is liable for punishment with imprisonment up to 3 years or with fine which may extend up to Rs.2 lakh or with both. 

The Act views hacking with utmost seriousness. Whoever with intension to cause a wrongful damage to the public or any person destroys, deletes or alters any information residing in a computer resource commit hacking. Whoever commits hacking shall be punished with imprisonment up to 3 years or with fine which may extend upto Rs.2 lakh or with both.

  Whoever publishes information which is obscene in electronic form shall be punished with imprisonment which may extend to 5 years and with fine which may extend to Rs.1 lakh.  In the event of a second conviction for a similar offence, then imprisonment may extend to 10 years and with fine which may extend to Rs.2 lakhs.

  A certifying authority or any employee of such authority who fails to comply with an order of the controller may be punished with   imprisonment for a term not exceeding 3 years and also with fine not exceeding Rs.2 lakhs or both.

 If the subscriber or any person in-charge of any computer resource fails to assist any agency of the government when ordered to intercept any information transmitted through any computer resource, he may be punished with imprisonment for a term which may extend to 7 years. Similarly any person who secures access or attends to secure access, to a protected system will be punished with imprisonment for a term which may extend to 10 years and also be liable to fine.

Whoever makes any misrepresentation to or suppresses any material fact from the controller or the Certifying Authority for obtaining any license or Digital Signature Certificate, may be punished with imprisonment which may extend to 2 years or with fine which may extend to 1 lakh or with both.

Whoever knowingly creates, publishes or otherwise makes available a Digital Signature Certificate for any fraudulent or unlawful purpose shall be punished with imprisonment for a term which may extend to 2 years or with fine which may extend to 1 lakh or with both. The Information Technology Act also applies to an offence or contravention committed outside India by any person if the act or conduct constituting the offence or contravention involves a computer, computer system or computer network located in India.

 Any computer, computer system, floppies, compact discs, tape drives or any other accessories related thereto, in respect of which any provision of the Information Technology Act, rules, orders or regulations made there under has been or is been contravened, shall be liable to confiscation.