Professional Documents
Culture Documents
76RR
NDCRTC Team
Activity
2. Does it apply to any person who commits offence outside the India?
94 Sections
13 Chapters
Two Schedules
Structure of Broad Categories
IT Act • E-Commerce
• E-Governance
• Contraventions, Offences
• Penalties, Adjudication
• Cyber-Security
• Responsibility of intermediaries
• Vicarious liability
• IIT Kharagpur Student
• Item 27877408 – DPS Girls
• 292 IPC and 67 IT Act
• CEO Avinash Bajaj
• Tech officer – Sharat Digumati
• IT industry backlash
• Review of IT Act
• 26/11 attack
• Focus from E-commerce to Cyber
Security
• Jurisdiction
• You are a resident of Delhi with your bank account in Delhi. You were cheated by ‘X’ living in
Bangalore in an online fraud.
Delhi or Bangalore?
• You are a resident of Delhi and are travelling from ‘Agra’ to ‘Hyderabad’ by Train. At Jhansi,
you receive a phishing call from X who dupes you to share the OTP. The SMS informing you
that the money is deducted from your account was received by you at Bhopal.
Delhi /Agra/ Jhansi/ Bhopal/ Hyderabad
• ‘Rajesh’ runs a small company with HQ in Mumbai. He also has a branch office in Guwahati.
The website of the company, which is hosted in AWS at Singapore, has been hacked by ‘X’
from Estonia who posted obscene messages.
Mumbai/Guwahati/Singapore/Estonia
Scope and Applicability
Sec 1
1930
It shall extend to the whole of India.
Cybercrime.gov.in
Sec 75
It applies also to any offence or contravention committed outside India by any
person - if it involves a computer, computer system or computer network located in
India.
Section 2 of IT act
IMPORTANT DEFINITIONS
Section 2(i) “computer”
means any electronic, magnetic, optical or other high-speed data processing device
or system which performs logical, arithmetic, and memory functions by
manipulations of electronic, magnetic or optical impulses, and includes all input,
output, processing, storage, computer software or communication facilities which
are connected or related to the computer in a computer system or computer network
Section 2(k) “computer resource”
means computer, computer system, computer network, data, computer data base or
software;
Section 2(t) “electronic record”
means data, record or data generated, image or sound stored, received or sent in an
electronic form or microfilm or computer-generated micro fiche;
Cyber Contraventions
Penalties, Compensation and Adjudication
Chapter IX
Up to 5 Crore : Before IT
Civil Cases Adjudicator of state
Above 5 Crore : District
Civil Courts
Contraventions
and Violations
Cognizable: Cyber Cell or Local
Criminal PS
Cases
Job of a cop
66 D N Cheating by personation
66 E N Violation of privacy
IT Act 2000/2008 – 26 sections
Section Status Remarks
66 F N Cyber Terrorism
“Prima facie, when the ESN is altered, the offence under Section 65 of I.T. Act is attracted
because every service provider has to maintain its own SID code and gives a MIN to each
instrument. The disjunctive word "or" is used by the Legislature between the phrases "when
the computer source code is required to be kept" and the other phrase "maintained by law for
the time being in force" and, therefore, both the situations are different.”
Ransomware attack
Examples of
Changing mobile IMEI number
Offences under
Section 65 Changing of MAC address
• Criminal Prosecution
• Civil Claims -Dishonest [IPC – 24]
- Fraudulently [IPC -25]
Section 43 – Penalty or compensation for damage to
computer or computer system
Introduces or causes to be
introduced computer
contaminant or computer
virus
[patches]…
Section 43 – d, e, f – Electronically / Physically
d) Damages or causes to be damaged a
computer system or data inside
for Failure to • "body corporate" means any company and includes a firm, sole
Protect Data proprietorship or other association of individuals engaged in
commercial or professional activities.
• (c) ICICI Bank has defaulted on multiple counts as enumerated earlier in my Analysis of this
case. Their omissions fall within the ambit of Section 43A of the IT Act. Accordingly, I order
Respondent 1, i.e. ICICI Bank to pay damages to the tune of Rupees 6,00,000 by way of
compensation to the Complainant, within a month of this order, failing which compound
interest of 12 percent compounded monthly will also be chargeable.
• (d) Vodafone i.e. Respondent 3, by not following the reasonable security practices and
procedure and the established guidelines before issuing a duplicate SIM card, has led to the
access of sensitive personal data and information of the Complainant to an unauthorized person
and thereby caused wrongful loss to the Complainant. According to me, this falls within the
ambit of Section 43A of the IT Act. Accordingly, I order Respondent 3, i.e. Vodafone to pay
damages to the tune of Rupees 12,00,000 by way of compensation to the Complainant, within
a month of this order, failing which compound interest of 12 percent compounded monthly will
also be chargeable.
Matters which can be Admitted by the
Adjudicator
Spreading of
Privacy Denial of Source Code
Domain Theft Computer
Breach Service Theft
Contaminant
Computer Stealing of
Identity Theft Data Deletion
Theft database etc.
Telecom Dispute Settlement and Appellate Tribunal
(TDSAT)
Amendment needed……
Authorized officer may enter any public
place and search and arrest without warrant
any person who is reasonably suspected of
having committed or of committing or of
Section 80 being about to commit any offence under this
act.
Power of Police Officers Officer other than a police officer have to take
or send the arrested person before magistrate
& Other Officers to Enter, or officer-in-charge of Police station.
Search etc.
Provisions of CrPC shall, apply in relation to
any entry, search or arrest made under this
section.
Offences by Companies -
Section 85
[Gagan Harsh Sharma And Anr vs The State Of Maharashtra And Anr on 26 October, 2018, Bombay High Court
Case Study
In a case, a FIR was filed against the Owner of a firm. It was alleged that the firm was in the
possession of obscene material, and they were selling and distributing obscene material.
Later he was chargesheeted u/s 292, 294 IPC and 67 IT Act.
He filed an application in Supreme Court seeking quash of proceedings against him u/s 67 IT
act as he has been accused only on the reason that he is the owner of the firm. Supreme court
dropped charges u/s 67 IT Act.
Subsequently, he filed an application in trial court to drop 292 IPC as 67IT act was dropped.
Trial court disagreed. He went back to Supreme court seeking dropping of charges u/s 292
IPC as 67IT act was dropped.
The question for consideration before the Hon'ble Apex Court was whether the
appellant who has been discharged under Section 67 of the IT Act could be proceeded
under Section 292 of the Indian Penal Code.
[Sharat Babu Digumarti vs Govt Of NCT Of Delhi on 14 December 2016, Supreme Court]
Retention of • Law provides for mandatory retention of
data under certain conditions
Electronic
• Section 7 of IT act
record/information
• Section 67C of IT act [penal]
Electronic records shall be retained for a specific period
fulfilling the following requirements:
• If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with
imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or
with both.
Objectionable Posts on
Social Media
Two women were arrested alleged to have
posted objectionable comments on Facebook
regarding the complete shutdown of Mumbai
after the demise of an influential political
leader.
Whoever dishonestly
• receives or retains any stolen computer
resource or communication device
• knowing or having reason to believe
• that the same to be a stolen computer
resource or communication device
The accused were held liable under Section 66C of the Information Technology Act,
2000 and Sections 420, 467, 468, 466, 471, 484 r/w 34 of the Indian Penal Code, 1860.
“The identity theft or account take over - means the phenomenon of filling another person
identity”
Jayanta Kumar Das Vs. State of Odisha, Puri SDJM Court
Reporter Vs Money lending firm. Desihunt.com, fake yahoo id, ip address and hard disk
Section 66D
Cheating by Personation
•Whoever,
• by means of any communication
device or computer resource
• cheats by personation,
Any subscriber may authenticate an electronic record by affixing his digital signature
The authentication of the electronic record shall be effected by the use of asymmetric
crypto system and hash function which envelop and transform the initial electronic
record into another electronic record.
Any person by the use of a public key of the subscriber can verify the electronic record.
The private key and the public key are unique to the subscriber and constitute a
functioning key pair.
Creation of Digital Signature
Rule 4 of Information Technology (Certifying Authorities) Rules, 2000
To sign an electronic record or any other item of information, the signer shall first apply the
hash function in the signer's software; the hash function shall compute a hash result of
standard length which is unique (for all practical purposes) to the electronic record; the
signer's software transforming the hash result into a Digital Signature using signer's private
key; the resulting Digital Signature shall be unique to both electronic record and private key
used to create it; and the Digital Signature and the Digital Signature Certificate shall be
attached to its electronic record and stored or transmitted with its electronic record.
Working Process of a Digital Signature
Rule 4 of Information Technology (Certifying Authorities) Rules, 2000
1. Alice selects a letter to send it to Bob.
2. A hash value of the letter’s contents is
generated by Alice’s computer.
3. This hash value is encrypted with Alice’s
private key to create a digital signature.
4. The letter and the digital signature are sent
to Bob.
5. When Bob opens the file, in order to
identify the signer, Bob decrypt’s the digital
signature using Alice’s public key. This
reveals the hash string of the letter.
6. Bob’s computer then separately calculates
the hash of the letter which was received
and compares the hash it generated to the
decrypted hash in step 5 above. Keep in mind, digital signature is not about
7. Any difference in the hash values means encrypting document, its just like a paper-
there has been a tampering of the file. based signature.
But what if…
• Ram, a sales head of an importing firm XYZ in India, places an order on a firm B in
Argentina. It is important to note that A and B do not identify each other. A sends a
letter with digital signature signed using his private key.
• An employee of the firm in B who received this letter, opened it and wanted to
verify the signature. B tries to open the letter with the public key of sender and
checks for the name of the sender. The name is revealed as Rajneesh claiming to
be the employee of the firm XYZ. The keys are verified and B now delivers to
Rajneesh.
How could this happen?
How to establish the authenticity of identity of the sender. Public-private key only
enables us to verify the signer who he claims to be. But how to ensure the
authenticity of the identity itself?
Digital Signature Certificates PKI
Architecture
Anyone can pretend he/she is the sender.
Controller
of
Central Certifying Certifying
Subscribers
Governmen Authorities Authorities
Use the
t Appoints Gives Give Digital
Digital
Controller license to Signatures to
Signature
(Section 17) Certifying Subscribers
Authorities
(Section 21)
Offences Related to Digital Signatures
Section 71 Penalty for Misrepresentation
• If anyone provides wrong information or withholds any fact from the Controller or the Certifying
Authority for obtaining the license or Electronic Signature Certificate, is liable to be punished with
imprisonment for up to 2 years or fine up to Rs. 1 Lakh or both.
Penalty for publishing Electronic Signature Certificate false in
Section 73 certain particulars
• If any person publishes or gives an Electronic Signature Certificate without the certifying authority
issuing it, subscriber accepting it or that which is revoked or suspended, is liable to be punished with
imprisonment for up to 2 years or fine up to Rs. 1 Lakh or both.
8. Anyone can upload anything from any part of the world !!!!
What resides on Internet
1. Useful information and utility services
6. Pornographic websites
7. Saree challenge
Online harm
1. Copyright
Indiapassport.org Passportsevaindia.com
Online-passportindia.com Indianpassportseva.co.in
Passportindiaportal.in Passportindiaonline.com
Passport.india.in Indianpassportonline.com
Passport.seva.in Indiapassport.ind.in
Applypassport.org Passportsevaindia.in
Field examples
1. State Police – received complaint that 5 sites are hosted from hostile neighboring country
2. 4 pornographic and 1 online gaming
3. State Police wrote to ISP to block same
4. Few ISP’s blocked and few did not…
5. People approached Meity and they in turn asked DOT
6. Police do not have power to do so
7. Court order , Meity or CERT-IN can only block website under 69 A
8. Content hosting platforms can be intimated about illegality of the content through notice so
that they are aware of it and fall in category of liability of intermediary
9. A search engine can not block the third party website. It can only de-index what it has indexed.
• ARTICLE 19:
Protection of certain rights regarding freedom of speech etc:
1. All citizens shall have the right
a) To freedom of speech and expression;
• 2. Nothing in sub clause (a) of clause (1) shall affect the operation of any existing law, or
prevent the State from making any law, in so far as such law imposes reasonable restrictions on
the exercise of the right conferred by the said sub clause in the interests of the sovereignty and
integrity of India, the security of the State, friendly relations with foreign States, public order,
decency or morality or in relation to contempt of court, defamation or incitement to an offence.
Blocking Access on Internet
• 1. Remove or disable the information from the platform where it exists. E.g. facebook or twitter
post
• Remove or deregister the website ( in domain)
• Block the information through ISPs
• Remove or de-index in the search results ( website or url will not show in the search results)
Block the content
• Provisions of IT Act
1. Section 69 A – Powers to issue blocking directions
2. Section 79 – Exemption from intermediary liabilities
3. Section 79 (3)(b) – Intermediaries to loose their immunity if they fail to act swiftly
4. Blocking online news platforms and VoD/OTT platforms
Section 69 A
• Meity and MIB empowered agencies
• Can ask for blocking of the content – Website/ URL/ Social Media account
• Conditions to invoke 69A act
• Defense of India
• Sovereignty and Integrity of India
• Security of State
• Friendly relations with foreign states
• Public order
• Preventing incitement to commit any offence
• Punishment of 7 years for non compliance
69 A Rules
• 1. IT [ Procedure and Safeguards for Blocking Access of Information by Public] Rules 2009
2. Powers of Central Govt are exercised through Meity and MIB
3. Secretary Meity is the competent authority
4. Govt. has notified a designated officer who is competent authority to issue orders
5. Nodal officers nominated from Ministries / Departments and States – 40
6. Their list available on Meity Site
7. Inter-Ministry Committee – JS from CERT, MHA, MIB and DLA
Normal Blocking Process
Court – That has power to give punishment of 7 years and above - CJM
Key aspects of blocking
Directorate of National
Central Bureau of Research and
Revenue Investigation
Investigation Analysis Wing
Intelligence Agency
Directorate of
Signal Intelligence Commissioner of
(in J-K, NE and Police, Delhi
Assam)
8146 Facebook links, 2546 Instagram links, 10264 Twitter links, 4675 YouTube links,
and 3523 links to other social media and internet intermediaries between 2018 and
2022 including 250+ Chinese apps.
Banning of Apps/ Websites/Twitter links
Section 69A
Blocking of Information for Public Access
The government or any officer specially authorized on its behalf (Director, NCCC)
• Can direct any Government agency or intermediary to block for access by the public,
any information generated, transmitted, received, stored or hosted in any computer
resource
• The reasons for this order are to be recorded in writing, and the Government must be
satisfied that this order is necessary:
• In the interest of sovereignty or integrity or defense of India, or
• In the interest of the security of the state , or
• In the interest of friendly relations with foreign States, or
• In the interest of public order, or
• For preventing incitement to the commission of any cognizable offence relating to
the above
• Failure to block attracts up to 7 years of imprisonment and fine.
The IT (Procedure and Safeguards for Blocking for Access of Information by
Public)
• Rule 3 and Rule 5 – Designated officer Rules,
to issue 2009 > Joint Secretary to GoI. DIT shall
directions.
issue order based on request from nodal officer or court. Shall acknowledge the request within 24
hours.
• Rule 4 – Nodal officer in every organization to be nominated and informed to DIT/MeitY.
• Rule 6 – Any person can make a request through the nodal officer to the designated officer for
blocking.
• Rule 7 – committee headed by Designated officer shall look into the complaint.
• Rule 8 - Shall issue a notice to the intermediary to reply/clarifications if any within 48 hours.
Thereon, the committee will submit recommendations to Secretary, DIT for issuance of order.
• Rule 9 - In emergencies, the DO can submit recommendations to Secy, DIT for issuance of
interim orders and which shall be later brought to the committee within 48 hours. Final order is
later issued.
• Rule 10 – In case of court order (certified copy), the DO shall submit to Secy, DIT for issuance of
orders and action.
• Rule 11 – Request from nodal officer has to be disposed within 7 days.
• Rule 13 – Intermediary shall designate at least one person to receive and acknowledge in 2 hours.
• Rule 14 – A review committee once in every 2 months shall review the orders issued.
The Central Government may, to enhance cyber security and
Section 69B
for identification, analysis and prevention of intrusion or
spread of computer contaminant in the country,
Power to authorize to - authorize any agency of the Government to monitor and
monitor and collect
collect traffic data or information generated, transmitted,
traffic data or
received or stored in any computer resource.
information through any
computer resource for The intermediary - shall, provide technical assistance and
cyber security extend all facilities
Punishment - imprisonment for a term which any extend
to three years and shall also be liable to fine.
The IT (Procedure and
safeguard for Monitoring National Cyber Coordination Centre:
and Collecting Traffic To deal with malicious cyber-activities by acting as an
Data or Information) Internet traffic monitoring entity that can fend off
Rules, 2009 domestic or international attacks
The IT (Procedure and safeguard for Monitoring and Collecting
Traffic Data or Information) Rules, 2009
The competent authority may issue directions for monitoring for any or all of the following
purposes related to cyber security namely-
(a) forecasting of imminent cyber incidents.
(b) monitoring network application with traffic data or information on computer resource;
(c) identification and determination of viruses or computer contaminant.
(d) tracking cyber security breaches or cyber security incidents;
(e) tracking computer resource breach cyber security or spreading virus or computer
contaminants;
(f) identifying or tracking of any person who has breached, or is suspected of having
breached or bang likely to breach cyber security;
(g) undertaking forensic of the concerned computer resource as a part of investigation or
internal audit of information security practices in the computer resource.
(h) accessing a stored information for enforcement of any provisions of the laws relating to
cyber security for the time being in force,
(i) any other matter relating to cyber security.
The appropriate Government may,
- declare any computer resource
- which directly or indirectly affects the facility of Critical Information
Infrastructure,
Section 70 - to be a protected system.
• Critical Information Infrastructure means the computer resource,
• the incapacitation or destruction of which,
Protected
• shall have debilitating impact on national security, economy, public
System health or safety.
• The appropriate Government may authorize persons to access the
protected system.
•Unauthorized access – punishment which may extend to ten years/fine
Critical Information
Infrastructures
• UIDAI’s Central Identities Data
Repository facilities
• TETRA Secured Communication
System Network, Delhi
• Long Range Identification and
Tracking (LRIT) system under
the Ministry of Shipping
• ICICI Bank
• HDFC Bank
• NPCI
• Following functions:
– collection, analysis and dissemination of information on cyber incidents;
– forecast and alerts of cyber security incidents;
– emergency measures for handling cyber security incidents;
– coordination of cyber incidents response activities;
– issue guidelines, advisories, vulnerability notes and white papers relating to
information security practices, procedures, prevention, response and reporting of
cyber incidents;
• Failure to provide information to CERT-In by any service provider, intermediaries,
data centers, body corporate or person – imprisonment up to one year / one lakh
• No Court shall take cognizance of any offence under this section, except on a
complaint made by an officer authorized in this behalf by the agency
Any person who,
Section 72 • in pursuant of any of the powers conferred
• has secured access to
• any electronic record, book, register,
Includes
telecom service providers, network service providers,
internet service providers, web-hosting service providers,
search engines, online payment sites, online-auction sites,
online-market places and cyber cafes;
Section 79
Exemption from Liability of Intermediary in certain cases
1) Subject to the provisions of sub-sections (2) and (3), an intermediary shall not be liable for
any third-party information, data, or communication link made available or hosted by him..
2) Sub-Section (1) shall apply only if
(a) the function of the intermediary is limited to providing access to a communication system
over which information made available by third parties is transmitted or temporarily stored or
hosted
(b) the intermediary does not-
Initiate the transmission
Select the receiver of the transmission, and
Select or modify the information contained in the transmission;
(c) The intermediary observes due diligence while discharging his duties under this Act and
also observes such other guidelines as the Central Government may prescribe in this
behalf.
Section 79 - Intermediary shall be liable if….
(3) The provisions of sub-section (1) SHALL NOT APPLY if-
(a) The intermediary has conspired or abetted or aided or induced whether by threats or
promise or otherwise in the commission of the unlawful act ;
(b) upon receiving actual knowledge,
or
on being notified by the appropriate Government or its agency
that any information, data or communication link residing in or connected to a computer
resource controlled by the intermediary
• is being used to commit the unlawful act,
• the intermediary fails to expeditiously remove
• or
• disable access to that material on that resource
• without vitiating the evidence in any manner.
The Information Technology
(Intermediary Guidelines and Digital Media Ethics Code)
Rules, 2021 [as amended in Oct 2022]
Part II - Due Diligence and Grievance Redressal by an Intermediary
Rule 3 - To observe the following:—
a) prominently publish the rules, privacy policy, user agreement
b) Shall make efforts that its user - not to host, display, upload, modify, publish, transmit, store, update or
share any information that,—
(i) belongs to another person and to which the user does not have any right;
(ii) is obscene, invasive of another’s privacy including bodily privacy, insulting or harassing on the
basis of gender, racially or ethnically objectionable, relating or encouraging money laundering or
gambling, or promoting enmity between different groups on the grounds of religion or caste with the
intent to incite violence;
(iii) is harmful to child;
(iv) infringes any patent, trademark, copyright or other proprietary rights;
(v) False in nature or is a misinformation
(vi) impersonates another person;
(vii) threatens the unity, integrity, defense, security or sovereignty of India, friendly relations with
foreign States, or public order, or causes incitement to the commission of any cognizable offence, or
prevents investigation of any offence, or is insulting other nation;
(viii) contains software virus or any other computer code, file or program designed to interrupt, destroy
or limit the functionality of any computer resource;
(ix) violates any law for the time being in force;
Rule 3 Continued…
d) shall remove or disable access upon being notified within 36 hours
g) Preserve evidence of any removed content or a user information of cancelled/withdrawal
content for a period of 180 days or for such longer period as may be required by the court
or by Government agencies who are lawfully authorised. The intermediary shall maintain
user information for a period of 180 days after cancellation/withdrawal of registration.
j) Provide information in not more than 72 hours to LEAs.
Grievance Appellate Committee
[Amended on 28 Oct 2022]
Rule 3A
• Appoint the following officers who are resident in India within 3 months from the
notification of the threshold. (ended on 25th May 2021)
• Chief Compliance Officer – senior managerial person liable in proceedings
• Nodal contact person for 24x7 to liaise with LEAs
• Resident Grievance Officer
• shall enable the identification of the first originator of the information on its computer
resource - as may be required by a judicial order passed by a court of competent
jurisdiction or an order passed under section 69 by the Competent Authority.
• Provided that an order shall only be passed for the purposes of prevention, detection,
investigation, prosecution or punishment of an offence related to the sovereignty and
integrity of India, the security of the State, friendly relations with foreign States, or public
order, or of incitement to an offence relating to the above or in relation with rape, sexually
explicit material or child sexual abuse material, punishable with imprisonment for a term of
not less than five years
• Shall not be required to disclose the contents of any electronic message, any other
information related to the first originator, or any information related to its other users
• The first originator of that information within the territory of India be deemed to be the first
originator.
Other Responsibilities of
Significant Social Media Intermediaries
• Shall enable users from India to voluntarily verify their accounts using
appropriate mechanisms including active Indian Mobile number and this verified
accounts shall be made visible by a mark.
Notification of other Intermediaries
Rule 6
1. The Ministry may by order, for reasons to be recorded in writing, require any
intermediary, which is not a significant social media intermediary, to comply with
all or any of the obligations mentioned under rule 4, if the services of that intermediary
permits the publication or transmission of information in a manner that may create a
material risk of harm to the sovereignty and integrity of India, security of the State,
friendly relations with foreign States or public order.
2. Assessment of material risk of harm shall be made having regard to the nature of
services provided by the intermediary, if they permit
a) Interaction between users
b) Transmission/publication of information would likely result in widespread
dissemination to a significant number of users.
Part III - Code of Ethics and Procedure & Safeguards in relation to
• Rule 8 Digital Media
• Applies to Publishers of news and current affairs content and to online curated content
• Administered by MI&B and applicable to publishers who operate in India (physical
presence)
• Rule 9
• Publisher shall adhere to code of ethics laid down in Appendix annexed to the rules.
• For ensuring observance and adherence to the Code of Ethics by publishers operating in
the territory of India, and for addressing the grievances made in relation to publishers
under this Part, there shall be a three-tier structure as under—
(a) Level I - Self-regulation by the publishers;
(b) Level II – Self-regulation by the self-regulating bodies of the publishers; (headed
by
Retd supreme court judge or high court or an eminent media person)
• Publisher – shall Acknowledge complaint within 24hrs and
resolve within 15 days.
• Self-Regulating Body – appeal by the complainant. Inform
Decision in 15 days.
• Decisions in the form of Warning, guidance,
Grievance Redressal advisories, apologies, requiring disclaimers,
Mechanism under reclassification etc.
Code of Ethics • Can refer content to Ministry for consideration of
oversight mechanism for modification/deletion to
prevent incitement of offences related to public order
or for reasons u/s69A(1) (blocking).
• Oversight Mechanism in M&IB – Prefer appeal/references
over the decision of self-regulating body.
Self-Classification of online curated content
based on themes as mentioned in the Schedule