Draft IT Rule 3(4) could let MeitY bypass Parliament on binding platform rules

A proposed amendment to India's IT Rules would let the Ministry of Electronics and Information Technology (MeitY) issue binding instructions to digital platforms through advisories, circulars, and standard operating procedures, without passing a law through Parliament or obtaining a court order. Legal experts at a MediaNama discussion on April 23 warned this could fundamentally reshape how digital businesses operate in India.

The draft provision, Rule 3(4), ties compliance with MeitY advisories directly to safe harbour protections, the legal shield that prevents platforms from being held liable for third-party content. If an intermediary does not follow a MeitY advisory, it risks losing that protection. In practice, this transforms what is currently non-binding government guidance into a hard compliance requirement.

The legal problem with calling an advisory binding

Rakesh Maheshwari, former Senior Director at MeitY's Cyber Laws Division, drew a clear line between formal directions and advisories. He argued that advisories are, by their nature, non-binding, and that making them enforceable without a statutory basis is "an invalid proposition" from a legal standpoint. Rahil Chatterjee of Ikigai Law went further, saying that any instrument intended to carry the force of law must be issued under Section 87 of the IT Act, the rule-making framework that requires parliamentary oversight. "If it is not issued in that framework, it is advisory," he said.

Chatterjee also warned that the reach of Rule 3(4) goes well beyond social media. Because it applies to all intermediaries, a future advisory could require cloud service providers or e-commerce platforms to meet new obligations, with safe harbour loss as the penalty for non-compliance. He pointed to the government's March 2024 advisory on AI models, which was withdrawn after industry pushback, as a case that illustrates why soft law should stay soft. Under Rule 3(4), that advisory would instead have been binding from the moment it was issued.

Conflict with Supreme Court precedent

Torsha Sarkar of the Centre for Communication Governance at National Law University Delhi said Rule 3(4) may also conflict with the Supreme Court's 2015 ruling in Shreya Singhal v Union of India, which read down Section 79 of the IT Act. That judgment defined "actual knowledge", the trigger for intermediary liability, as receipt of a government notification or court order. Sarkar argued that advisories, clarifications, and SOPs are a different category of government communication, one the court did not envision as a liability trigger. She also noted that Rule 3(4) applies to the full range of obligations in Part II of the IT Rules, not just content takedown, a scope far wider than what Shreya Singhal contemplated.

Beyond the constitutional questions, speakers flagged the practical cost of regulatory unpredictability. Frequent changes to binding rules make it harder for businesses to plan compliance and create legal ambiguity around what speech is protected. Chatterjee put it plainly: "The ever-evolving legal rules are going to be problems for businesses." The overlap between legal uncertainty and speech is direct, platforms unsure of their liability exposure tend to over-remove content to stay safe.

The draft IT Rules are still under public consultation. Whether MeitY revises or retains Rule 3(4) will determine whether advisories remain a tool for guidance or become a parallel lawmaking channel outside parliamentary and judicial oversight.