Partly Free
A Obstacles to Access 12 25
B Limits on Content 25 35
C Violations of User Rights 20 40
Last Year's Score & Status
59 100 Partly Free
Scores are based on a scale of 0 (least free) to 100 (most free). See the research methodology and report acknowledgements.

header1 Key Developments, June 1, 2017 - May 31, 2018

  • There was a staggering increase in the number of local internet shutdowns and new rules regulating connectivity restrictions were announced in August 2017 (see Restrictions on Connectivity).
  • Misinformation, rumors, and fake news online incited real-world violence and played a role in the May 2018 Karnataka state elections (see Media, Diversity, and Content Manipulation).
  • The Supreme Court recognized privacy as a fundamental right in August 2017, while also ruling in September 2018, following the reporting period, that the government’s controversial biometric Aadhaar project is constitutional (see Surveillance, Privacy, and Anonymity).
  • The Srikrishna committee was formed in August 2017 to develop a data protection framework, which was later published in July 2018 (see Surveillance, Privacy, and Anonymity).
  • The Telecom Regulatory Authority of India proposed new net neutrality rules in November 2017, which were later passed after the coverage period in July 2018 (see Media, Diversity, and Content Manipulation).

header2 Introduction

Internet freedom declined in 2018 due to a staggering uptick in local internet shutdowns and the proliferation of misinformation and fake news across social media. In a positive development, the Supreme Court ruled in August 2017 that privacy is a fundamental right. However, a new data protection framework released after the coverage period elicited controversy from civil society and tech companies.

The number of internet subscribers and rate of internet penetration increased during the reporting period, as India consolidated its position as the world’s second largest internet consumer base after China. Both governmental and nongovernmental entities made efforts to bridge the digital divide between urban and rural areas.

Major restrictions on connectivity occurred during the reporting period, as the number of network shutdowns increased substantially. From January to mid-August 2018, local authorities ordered service providers to temporarily shut down internet access in at least 96 reported incidents in 19 states.1 In August 2017, the Department of Telecommunications of the Central Government issued new broad rules under the Telegraph Act to regulate the temporary suspension of telecom services.2 Certain ISPs also blocked the Russian social network VKontakte in September 2017.

The spread of misinformation, rumors, and fake news on social media led to real-world violence. At least 20 people have been killed due to child abduction rumors in the country.3 WhatsApp was also used to spread misinformation surrounding the May 2018 Karnataka state elections.4 The government has indicated that it is looking into regulating social media platforms ahead of the 2019 general elections.

Data protection and privacy remain important and timely issues in India, especially with recent reports of security breaches to the government’s controversial biometric Aadhaar project. The Supreme Court held in August 2017 that privacy is a fundamental right under the Indian Constitution. In July 2018, the Srikrishna committee released a draft privacy bill “Personal Data Protection Bill, 2018,”5 which will be reviewed by the cabinet and parliament. Also following the reporting period, in September 2018, the Supreme Court ruled that Aadhaar was constitutional but set limits on the program’s use.6

A Obstacles to Access

Internet penetration in India continued to increase in 2018 with mobile penetration playing a significant role. Inadequate infrastructure remains a significant obstacle to access, especially in rural areas; however, various governmental and nongovernmental efforts to improve access nationwide are underway. The reporting period saw a major increase in the number of information and communication technology (ICT) shutdowns ordered by local authorities.

Availability and Ease of Access

Internet access and speeds improved during the reporting period. India continues to have the second largest number of internet subscribers in the world after China, having overtaken the United States in 2016.1 Official statistics recorded almost 430 million subscribers in March 2018,2 though only 21.24 million had fixed-line internet connections.3 There were an estimated 348.13 million internet users in urban India and 145.83 million in rural India in March 2018.4

Internet penetration remains low, reaching 38 percent in March 2018,5 up from 32.86 percent in March 2017.6 Mobile penetration was much higher, almost reaching 92 percent by September 2017,7 up from 82 percent the previous year.8 However, the net addition in telephone subscribers has been reducing consistently over the last year, from adding over 77 million subscribers between October-December 2016 to a net reduction of about four million subscribers between July-September 2017.9 The Broadband Commission in 2017 ranked India 78 out of 196 countries in terms of mobile broadband penetration,10 up from 156 out of 179 countries the previous year.11

While India’s average connection speed was one of the lowest in Asia,12 it is catching up to the global average documented at 7.2 Mbps in the first quarter of 2017 according to Akamai.13 The share of broadband subscribers has significantly increased from 57.33 percent in September 201614 to almost 76 percent in September 2017.15 Despite overall growth, India has a relatively low adoption rate for high-speed broadband (faster than 10 Mbps), at just 19 percent,16 though this rate grew by 285 percent during the course of 2016.17 The minimum speed required to qualify as broadband in India has been 512 Kbps since 2012,18 though the Telecom Regulatory Authority of India (TRAI) has recommended raising the threshold to 2 Mbps.19

The 2016 Global Information Technology Report by the World Economic Forum and INSEAD ranked India in eighth place out of 139 countries for affordable internet access.20 It was previously in first place,21 and per minute cellular and fixed broadband tariffs are still among the lowest in the world.22 While the cheapest internet plans might seem extremely affordable with respect to the average monthly income, India has significant income disparities and a high level of economic inequality.23

India ranked 66 out of 137 countries for infrastructure in 2017, according to the World Economic Forum’s Global Competitiveness Index.24 Though up from 68 the previous year,25 the results suggest poor infrastructure is still an obstacle to access. India ranked a low 88 for electricity supply26 and 110 for technological readiness, the capacity of a country to fully leverage ICTs in daily activities.27 Only 27 percent of all Indian schools had a computer in 2016.28 That increased to nearly 80 percent at the secondary level and above,29 but less than half were connected to the internet.30 A household survey of 14- to 18-year-olds, conducted by ASER Centre, in 28 districts across 24 states showed that almost 59 percent of youths had never used a computer and about 64 percent of them had never accessed the internet.31

Public and private sector initiatives to improve access are underway. The government is developing free public Wi-Fi zones in major cities.32 In January 2017, the Maharashtra government activated 500 Wi-Fi hotspots across the city of Mumbai,33 though further expansion fell short, and they were only free until August 2017.34 In 2016, the public sector company RailTel launched a project, with technical support from Google, to provide free Wi-Fi at train stations,35 connecting 100 by the end of 2016.36 The company now plans to provide free Wi-Fi at all 8,500 railway stations across India for INR 700 million by March 2019 by using fiber-optic cables laid down along railway tracks.37 The government also plans to provide 750,000 Wi-Fi hotspots across rural India by the end of 2018. However, India’s Computer Emergency Response Team (CERT-In) has issued a “high” category warning against the use of free Wi-Fi hotspots due to their vulnerability to security breaches.38

The government’s Digital India Programme, launched in 2014,39 was expected to be implemented by 2018,40 but now expected in 2019. 41 In the 2018 Union Budget, the financial allocation for Digital India has been doubled from 2017.42 It aims to connect India’s gram panchayats, institutions of self-government in rural areas, via fiber-optic cables,43 ensuring universal broadband access with accompanying e-literacy programs. Internet-connected common service centers (CSCs) aim to cover all 250,000 gram panchayats;44 as of February 2018, 280,000 had been established, with 10 million people working in these CSCs.45 The program proposes to use satellites, balloons, or drones to push faster digital connections to remote parts of the country,46 as well as multiple system operators such as cable TV services, which already have last-mile connectivity.47

Such initiatives have taken on new significance over the past couple of years, which saw a major push to digitize financial transactions. The government demonetized currency notes in the denominations of INR 500 and INR 1000 (US$7.5 and $15) in November 2016; the notes made up over 85 percent of the total currency in circulation.48 A Digi Dhan Abhiyan program was designed to promote digital payments to more than 10 million people living in rural areas,49 reaching 2.5 million by the end of 2016.50 The Ministry of Electronics and Information Technology (MeitY) also announced an alliance with Google to raise awareness of digital security surrounding payments.51 However, according to a recent report, use of digital platforms for financial transactions has remained limited with only 44 percent of urban internet users and 16 percent of rural internet users using the internet for financial transactions or e-commerce activities.52 According to the same report, even the use of CSCs in rural areas remains quite low in absence of surrounding critical infrastructure such as reliable electricity supply and quality cellular connectivity.53

Language remains a barrier to access. With 22 official languages, only about 12 percent of the population of India speaks English,54 yet more than half the content available online is in English,55 and over 100 languages were unrepresented online in 2013.56 Projects to encourage local language usage are underway. In 2014, the National Internet Exchange of India (NIXI), which operates and manages Indian domain names, launched the Dot Bharat domain for local language URLs.57 By April 2017, the number of local language users in India had overtaken the number who rely on English.58 One study showed that nearly 70 percent of Indian internet users consider local language content to be more reliable than English content.59 In April 2017, Google partnered with a local business federation to develop content in Indic languages.60

Studies have shown that economic and social conditions result in barriers to internet access for women, and only 30 percent of Indian internet users were female in 2017.61 According to a UNICEF report published in December 2017, internet in India remains a “male preserve.”62 Internet usage was lower among rural women, though it grew at a faster pace (14 percent) than the growth in users amongst urban women (nine percent).63 Internet Saathi, a partnership between Google and Tata Trusts to promote digital literacy among rural women, was active in 110,000 villages across ten states by December 2017, training about 400-500 participants a week. 64 So far, around 12,000 participants have been trained under the program.65 The initiative has been expanded to Tamil Nadu and plans to eventually cover 300,000 villages across India.66

Restrictions on Connectivity

The government does not routinely block the protocols or tools that allow for instant, person-to-person communication. However, the country currently leads the world in the number of shutdowns,67 and new broad rules regulating shutdowns were instituted in August 2017. In September 2017, Russian social network VKontakte was blocked in India by certain ISPs, allegedly for promoting the “Blue Whale Game,” which was a series of tasks that incited suicide among players of the game68 (see Blocking and Filtering).

Local authorities around India have restricted ICT connectivity and usage during times of perceived unrest since at least 2010.69 The frequency, geographic distribution, and duration of these shutdowns have increased significantly in the past four years. Authorities ordered providers to restrict local mobile phone, SMS, wireless, or occasionally fixed-line internet service in at least 70 reported incidents in 2017 across 19 states, and in 96 reported incidents from January to mid-August 2018 across 14 states, which lasted for hours, weeks, or even months at a stretch.70 Except for October 2017, there were instances of internet shutdowns in every month of the coverage period of this report. Shutdowns affected both mobile and fixed-line connections, most of which were implemented, according to government officials, only as precautionary measures.71

With at least 36 documented incidents in 2018, Jammu and Kashmir experiences more internet shutdowns compared to the rest of the country. A few shutdowns affecting Jammu and Kashmir include:

  • In June 2017, mobile internet services were suspended in the Kashmir Valley for about seven days to, according to authorities, prevent violence and the spread of rumors following the killing of a militant commander by security forces.72
  • In July 2017, Jammu and Kashmir police ordered all ISPs and mobile operators in the Kashmir Valley to suspend mobile and fixed-line broadband internet services for three and four days respectively as a precautionary measure for the anniversary of the death of militant commander Burhan Wani, who was killed in July 2016 by security forces, causing widespread protests.73 Even when mobile internet services were restored, only 2G services were permitted to function.74 The day after services were restored, they were suspended once more for a few hours in the Valley following calls by separatist leaders to launch a “Kashmir awareness” campaign.75 Further, mobile internet and broadband services were suspended as a precautionary measure in the Jammu region (which has a majority Hindu population) at the same time following an attack on pilgrims to a Hindu shrine in South Kashmir.76 Mobile and broadband services were suspended on at least three more occasions in July as precautionary measures following the killings of civilians and alleged militants by security forces.77
  • In August 2017, mobile internet and broadband services across the Kashmir Valley were suspended on seven occasions for one to three days, each time as a precautionary measure to prevent, according to the administration, rumormongering or violence. One of these incidences included suspension of mobile networks as well as mobile and broadband internet on India’s Independence Day.78
  • In January 2018, both mobile and fixed-line broadband internet services were suspended for a few days in the Kashmir Valley on four separate occasions, including on the eve of India’s Republic Day, on which cellular services were also suspended.79 In another instance, mobile internet services were suspended across four districts in Kashmir while speeds in the rest were reduced to 128 Kbps.80

Shutdowns were implemented in more than 10 other states, including Maharashtra,81 Bihar,82 West Bengal,83 Uttar Pradesh,84 and Haryana.85 Rajasthan saw at least 19 such incidents in 2017 and 27 from January to mid-August 2018.86 In Rajasthan, the internet was blocked as a precaution on multiple occasions to prevent the spread of rumors or an outbreak of violence following clashes between various community87 and religious groups,88 including an instance in which some Hindu organizations announced a rally in support of Shambhu Raigar, who murdered a Muslim man over “Love Jihad”89 and filmed the murder on his phone.90 On New Year’s Eve in 2017, mobile internet services, bulk SMS, and social media platforms such as Facebook, Twitter, and WhatsApp were suspended in Bundi for three days to prevent any occurrence of communal violence.91

Local authorities have also shut off the internet to prevent cheating around exams. For example, in February 2018, internet services were suspended around exam centers across Rajasthan.92

Authorities have justified these orders under Section 144 of the Code of Criminal Procedure (1973), which permits broad state action to curb any violation of law and order.93 The Gujarat High Court upheld the use of this general law to order shutdowns in September 2015.94 The Supreme Court has yet to consider the matter substantively and refused a petition challenging it in early 2016.95

Other laws used to justify shutdowns lack specificity. Section 69A of the Information Technology (IT) Act, which permits the central government to order website blocks (see Limits on Content), has been considered to apply to blocking of service. Section 5 of the Indian Telegraph Act, which allows state and central authorities to order that any message not be transmitted in public emergencies, has also been cited in support of service disruptions.96

In August 2017, the Department of Telecommunications of the Central Government issued new rules under the Telegraph Act to regulate the temporary suspension of telecom services.97 The broad rules authorize national or state-level officials to issue temporary suspension orders to shut down telecommunications services in times of public emergency or threats to public safety.98

The government does not exert much control over the internet infrastructure. Thirteen submarine cables connect India to the global internet;99 ten are consortium owned, while the others are private.100 There are gateways to the international internet in Chennai, Mumbai,101 and Agartala in Tripura, which facilitate connectivity in northeastern states.102 There are at least five landing stations where the cables meet the mainland in Mumbai, and three in Chennai; Digha, Kochi, and Tuticorin also have one cable landing station each.103 BSNL, the state-owned telecom operator, owns two of them; the rest are privately owned. Major telecom operators Bharti Airtel and Tata Communications own three stations each.104 These cable landing stations imposed hefty fees on ISPs until regulators mandated a reduction in 2013.105 Tata Communications and Airtel challenged that reduction in the Madras High Court. A single judge dismissed it, and an appeal is pending. The judgment will be released after all arguments are heard.106

Over 80 percent of telecommunications towers are privately owned.107 As of 2015, market share was split between Indus Towers, a joint venture between Bharti Infratel, Vodafone, and Idea Cellular (31 percent); BSNL (18 percent); Reliance Infratel (12 percent); and Bharti Infratel (10 percent).108

ICT Market

There are 156 operational ISPs in India.109 While there is no monopoly, the top 10 ISPs control over 98 percent of the market.110 Thanks to inaugural and sustained promotional plans, Reliance Jio made massive gains to achieve the highest ISP market share of over 32 percent by September 2017,111 up from four percent in September 2016.112 Bharti Airtel had the second largest market share with almost 22 percent, followed by Vodafone (16 percent), Idea (nine percent), and state-owned BSNL (eight percent).113 There are 12 mobile operators,114 with Bharti Airtel controlling almost 24 percent of the market, followed by Vodafone (18 percent), Idea (16 percent), and Reliance Jio (12 percent).115

A universal license framework, for which guidelines were published in November 2014,116 reduced legal and regulatory obstacles by combining mobile phone and ISP licenses. Licensees pay a high one-time entry fee, a performance bank guarantee,117 and annual license fees adjusted for revenue.118

By 2017, the Cybercafe Association of India (CCAOI) said that over 70 percent of cybercafes had closed in the past year.119 In 2011, the Indian government introduced rules under Section 79 of the IT Act requiring cybercafes to obtain a government-issued ID number in addition to a license, as well as to register and monitor customers.120 Critics said the rules were “poorly framed.”121 Penalties for noncompliance are unclear and enforcement has reportedly been patchy. Common service centers are exempt and operate under separate guidelines.122

Regulatory Bodies

The Ministry of Electronics and Information Technology (MeitY) formulates policy relating to information technology, electronics, and the internet.123 The Department of Telecommunications (DoT), under the Ministry of Communications, manages the overall development of the telecommunications sector, licenses internet and mobile service providers, and also manages spectrum allocation.124

Internet protocol (IP) addresses are regulated by the Indian Registry for Internet Names and Numbers (IRINN).125 Since 2005, the registry has functioned as an autonomous body within the nonprofit National Internet Exchange of India.126

The Telecom Regulatory Authority of India (TRAI), an independent regulator, was created in 1997 to regulate the telecommunications, broadcast, and cable TV sectors.127 The Telecom Regulatory Authority of India Act (TRAI Act) mandates transparency in the exercise of its operations, which includes monitoring licensing terms, compliance, and service quality.128 Its reports are published online, usually preceded by a multistakeholder consultation.129 An amendment to the TRAI Act in 2000 established a three-member Telecommunications Dispute Settlement and Appellate Tribunal chaired by a former senior judge.130

There are some reservations about TRAI’s independence.131 Appointment and salary decisions for members remain in the hands of the central government. The TRAI Act initially barred members who had previously held central or state government office, but 2014 amendments diluted that prohibition, allowing them to join the regulator two years after resigning from office or earlier with government permission. Members may undertake commercial employment, though not with telecom service providers.132 TRAI opinions, however, are generally perceived as free of official influence.133 In 2016, it was involved in framing net neutrality regulations prohibiting discriminatory tariffs for data services.134 It has also recommended a reduction in charges levied for use of cable landing stations135 and pitched for lower taxes on telecom services.136

B Limits on Content

Content blocking targeting pornography, terrorism, and copyright continued to affect legitimate political and social information during the coverage period, and some content removal by private companies caused controversy. The digital media landscape remained lively and citizens continued to use digital tools to mobilize around important social issues. In a troubling trend, misinformation and fake news proliferated across WhatsApp during the 2018 Karnataka state elections and also led to real-world violence toward the end of the reporting period.

Blocking and Filtering

Legitimate political and social information was blocked by court or government orders during the reporting period. Since some of those orders are not made public, the exact impact is hard to assess. Russian social networking platform VKontakte was also restricted, as were several social media platforms during internet shutdowns.

Blocking of websites takes place under Section 69A of the Information Technology Act 2008 (IT Act) and a 2009 subordinate legislation called the Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules (“Blocking Rules”).1 The Blocking Rules empower the central government to direct any agency or intermediary to block access to information when satisfied that it is “necessary or expedient” in the interest of the “sovereignty and integrity of India, defense of India, security of the state, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognizable offence relating to above.”2 Intermediaries failing to comply are punishable with fines and prison terms of up to seven years.3

The Blocking Rules apply to orders issued by government agencies, who must appoint a “nodal officer” to send in requests and demonstrate that they are necessary or expedient under Section 69A.4 These requests are reviewed by a committee, which includes senior representatives of the law, home affairs, and information ministries, and the nodal agency for cybersecurity, the Indian Computer Emergency Response Team (CERT-IN).5 The “designated officer,” who chairs the committee, issues approved orders to service providers; the committee must also notify the source or intermediary hosting the content, who may respond to defend it within 48 hours.6 In emergencies, the Secretary of MeitY may issue blocking orders directly under written instruction from the designated officer, but the content must be unblocked if the review committee does not approve them within 48 hours.7

Indian courts can order content blocks without government approval. The designated officer is required to implement the court order after submitting it to the Secretary of MeitY. Court orders can be challenged in a higher court, but internet users are not consistently notified of their implementation.8

ISPs are not legally required to inform the public of blocks and the Blocking Rules mandate that executive blocking orders be kept confidential.9 In the landmark Shreya Singhal case decided by the Supreme Court in 2015, the petitioners challenged the constitutionality of Section 69A citing opaque procedures among other issues.10 The Supreme Court upheld Section 69A and the Blocking Rules,11 saying safeguards were adequate, narrowly constructed, and constitutional.12 But the court read the Blocking Rules to include both the right to be heard and the right to appeal. Blocking orders must now provide a written explanation, allowing them to be challenged by writ petition, and allow for reasonable efforts to contact the originator of the content for a predecisional hearing.13 However, the rules continue to require that the orders and actions based on them be kept confidential;14 it is difficult to know the extent of compliance with the judgment.

In August 2017, the government reported blocking a total of 735 URLs on social media sites and 596 websites until June 2017 based on various court orders and Section 69A of the Information Technology Act, 2000. The government is said to have blocked objectionable content as per notifications under Section 69A and also on the recommendation of an expert committee for blocking URLs/websites. Some of the content said to be blocked includes social media networking groups and websites engaged in flaring up anti-India sentiments.15 The government also said that in a period from 2016 to November 2017, 1,791 websites/URLs were blocked by ISPs on the order of the Department of Telecommunications and 2,133 websites/URLs were blocked on the order of various courts.16

At least some blocks issued in the past year were disproportionate. In August 2017, access to the website of Maraa, a media and arts collective hosting information on their project titled UR/Unreserved, was blocked. The block came from the Department of Telecommunications. The founder of the website stated that there was nothing controversial about the project, which documented the journeys of 14 artists on trains within India and showcased the country’s diversity.17

Judges sought to improve the framework for blocking content under copyright injunctions in 2016, but broad restrictions continued to be observed in 2017. Since 2011, courts have blocked content relating to copyright violations through broad John Doe orders, which can be issued preemptively and do not name a defendant.18 ISPs have occasionally implemented such orders by blocking entire websites instead of individual URLs, irrespective of whether the websites were hosting pirated material.19 The judiciary has noted that John Doe orders can lead to over blocking,20 and activists have called for greater transparency.21

In August 2017, it was noticed that Internet Archive was blocked in India.22 Conversations between a digital news website and Internet Archive revealed that there was no intimation by the government to Internet Archive as to the reasons for the blocking.23 It was later found that a potential reason was John Doe orders that two media houses obtained from the Madras High Court before the release of their films in July24 and August.25 The orders named Internet Archive along with 2,560 other websites that should be blocked.26 Even after the release of the films, Internet Archive was still not accessible, which raised questions about over blocking of websites through John Doe orders. Although the orders were interim reliefs sought by the parties for a week, the website was blocked beyond the permissible time period.27

In July 2016, a ruling by the Bombay High Court laid down rules for seeking John Doe orders, limiting blocks to URLs, not entire domains, and allowing all affected content to be unblocked after 21 days if a court order is not obtained.28 The Court also dictated an unambiguous block message and suggested the appointment of an independent ombudsman to oversee implementation.29 Observers hailed this as a progressive and nuanced approach.30, Eros International and Another Vs BSNL & Others, Notice of Motion (L) No. 2147 Of 2016 in Suit (L) No. 751 OF 2016 avialble at:…, Balaji Subramanian, “Bombay HC pulls no punches, orders ISP to comply with John Doe,” SpicyIP, August 10, 2016,, Swapnil Mathur, “Kickass torrent storm: In fight against global piracy, India sets the right examples,” Indian Express, August 3, 2016,, Kian Ganz, “The messy battle against online piracy,” LiveMint, August 02, 2016,…, Salman SH, “ISPs block torrents via a John Doe order; lapses in order compliance,” Medianama, August 22, 2016, However, the ruling did not resolve the issue.31 The same month, the Delhi High Court separately ruled that John Doe orders could continue to be used to block websites if more than one page on the site was identified as a potential source of copyright violations. 73 websites were involved in the judgment, not because they were proven to violate copyright, but because the plaintiff had preemptively identified them as possible violators of exclusive broadcast rights to cricket matches dating from 2014.32 Other John Doe orders continued to be issued.33; Swati Deshpande, “Madras HC orders blocking of 830 sites to prevent online piracy of 'A Flying Jatt',” TOI, August 24, 2016,

In September 2017, Russian social network VKontakte was blocked by certain ISPs allegedly for promoting the “Blue Whale Game,” which was a series of tasks that incited suicide among players of the game.34 The High Court in Madras also issued instructions to the government to block related materials following allegations that a person in Madurai, Tamil Nadu, had committed suicide while playing.35 In February 2018, the Minister of Electronics and Information Technology stated that there were adequate measures being taken to deal with the menace of the Blue Whale Game. The minister also stated that the union and state governments were educating the youth on safe practices online.36

The IT Act and the Indian Penal Code prohibit the production and transmission of “obscene material,”37 but there is no specific law against viewing pornography in India, except child pornography, which is prohibited under the IT Act (see Legal Environment).38 Extreme child sexual abuse is blocked based on guidance from INTERPOL,39 but other content restrictions threaten content that has not been found to break the law. The government, at the behest of the Central Bureau of Investigation, ordered blocks on more than 4,694 URLs containing material on child sexual abuse during the reporting period.40 In April 2017, MeitY also issued an order to block child pornography online based on a list maintained by the Internet Watch Foundation in the United Kingdom.41 In the case of Kamlesh Vaswani v. Union of India, the petitioner asked the Supreme Court to direct the government to block all online pornography.42 A judgment had not been issued in mid-2017, but the government has informed the Supreme Court that it is not feasible to block pornography entirely and that doing so would violate the constitution.43

Content Removal

Improvements to the framework for intermediary liability mean that less political and social content is subject to removal than in the past. However, takedowns and private censorship by companies still caused concern during the reporting period.

An interim order by the Supreme Court had implications for content removal by private companies. In late 2016, the court ordered search engines operated by Google, Microsoft, and Yahoo to “auto-block” advertisements offering services to determine the sex of a child before birth, which contravened a 1994 law in an attempt to stop female feticide. The ruling went further than delisting specific content, asking search engines to block results for specific search terms and ordering the creation of a nodal agency to oversee the process.44 Critics fear the ruling would restrict related information and breach the Shreya Singhal v. Union of India judgment.45 In a subsequent order in April 2017, the court also directed the search engines to set up an in-house expert body to monitor and block content that would contravene the law; however, this order was reversed in December 2017, with the court reaffirming its previous directions.46

A 2008 IT Act amendment protected technology companies from legal liability for content posted to their platforms, with reasonable exceptions to prevent criminal acts or privacy violations.47 Intermediary guidelines issued in 2011 under Section 79 of the IT Act required intermediaries to remove access to certain content within 36 hours of a user complaint.48 The government later clarified this rule.49 In Shreya Singhal v. Union of India, the Supreme Court read down Section 79 and the intermediary guidelines, and companies are no longer required to act on user complaints. Court and government takedown orders, furthermore, are only legitimate if they fall within the reasonable restrictions provided for under Article 19(2) of the constitution. Unlawful content beyond the ambit of Article 19(2) cannot be restricted.50

Based on the ruling, Facebook said it would require more formal notifications to restrict content.51 It restricted 1,914 items from July 2017 to December 2017, citing legal requests from the central government and local law enforcement agencies,52 up from 1,228 items from January to June 2017.53 Authorities claimed that the majority of content requested to be removed violated laws on hate speech and defamation of religion and the state.

Content removal based on alleged violations of Facebook’s community standards still attracted controversy. Critics have pointed out that Facebook seems to be blocking criticism of the Indian government, the ruling BJP party, and Hindutva groups propagating right-wing ideology.54 For example, Facebook has, on certain occasions, blocked posts of the popular anonymous political satire page Humans of Hindutva.55 In both June and July 2017, Facebook also blocked the page of the local Kannada newspaper Vartha Bharti. The newspaper’s editor alleged that Facebook was blocking anti-right-wing content, including Vartha Bharti because it reported on topics that were often ignored by mainstream outlets, such as news about Muslims, Dalits, and farmers.56 In September 2017, a user’s personal Facebook page was blocked for 30 days because of a photo of a cash memo featuring the slogan “kamal ka phool humari bhool.” The slogan translates to “we regret voting for the lotus flower,” which is the election symbol of the BJP party.57 In July 2017, Facebook blocked the page of Kashmir-based magazine Kashmir Ink on the grounds of terrorism-related content and also removed the image of the magazine’s cover depicting slain militant Burhan Wani.58

Other international companies reported receiving a high number of requests to remove content from Indian courts or government representatives. Google reported receiving 1,074 content removal requests affecting 3,172 items from July and December 2017. 60 percent of requests came from court orders while 23 percent were from government agencies and law enforcement. The most commonly cited reasons for removal requests were defamation and national security.59

Twitter received 144 requests for content removal from July to December 2017, two of which were court ordered, while 142 were ordered from police or government agencies. Twitter stated that it had complied with three percent of these requests.60 In September 2017, it was reported that the government requested Twitter to block Kashmir-related content and accounts.61 Twitter also blocked the accounts of spiritual leader Gurmeet Ram Rahim Singh Insaan and his group Dera Sacha Sauda following his imprisonment for rape charges.62

Intermediaries can separately be held liable for infringing the Copyright Act 1957,63 under the law and licensing agreements.64 The Shreya Singhal decision has had no impact on the legal framework on intermediary liability for copyright infringement. A 2012 amendment limited liability for intermediaries such as search engines that link users to material copied illegally, but mandated that they disable public access for 21 days within 36 hours of receiving written notice from the copyright holder, pending a court order to remove the link.65 Rules clarifying the amendment in 2013 gave intermediaries power to assess the legitimacy of the notice from the copyright holder and refuse to comply.66 However, critics said the language was vague.67

Media, Diversity, and Content Manipulation

During the reporting period, fake news and doctored videos on WhatsApp incited real-world violence in which over 20 people were killed.68 Misinformation and fake news on WhatsApp were also prevalent around the May 2018 Karnataka state elections. As the country deals with these issues while also gearing up for the 2019 general elections, the government has indicated that it is looking into regulating social media platforms.

Rumors of child kidnappings proliferated across the internet in the spring of 2018 predominantly through WhatsApp groups. Some messages included descriptions of people plotting to kidnap children, while others included altered video clips of abductions.69 For example, in May, one transgender woman was killed in Hyderabad because a WhatsApp message claimed that transgender women were planning to kidnap children.70 In another case, a software engineer was killed after he gave candy to children.

The government has responded to lynchings with at least one internet shutdown71 and a number of arrests, some of which were directly related to WhatsApp content (See Prosecutions and Detentions for Online Activity).72 WhatsApp has also taken action by restricting the number of times a message can be forwarded in the country.73

WhatsApp also played an important role in the May 2018 Karnataka state elections. False content in videos, audio clips, messages, and articles were distributed across the app, some with the intention to rile up Hindu-Muslim tensions.74 For example, right-wing Hindu groups spread a video of a lynching in Guatemala but described it as a Muslim mob attacking a Hindu woman. Another message was a fake BBC preelection poll predicting a massive win for the BJP. At least 50,000 election-related WhatsApp groups were supposedly created by the BJP and Congress parties.

The government has not shied away from discussing regulating and monitoring social media. In the lead-up to the 2019 general elections, the government has announced that it is looking to regulate hate speech and misinformation on social platforms.75 A panel was established by the Election Commission of India to look into Facebook, WhatsApp, and YouTube and to suggest ways to enforce and create regulations to help curb misinformation and fake news on social media. In June 2017, it was reported that the government was working on a social media policy to monitor the spread of antinationalist propaganda and accounts conspiring against India.76

Online media content is diverse and lively. The internet has given voice to people in remote areas, helping them become part of the public discourse. The Delhi-based company Gram Vaani operates a Mobile Vaani initiative, using an interactive voice response (IVR) system to disseminate reports by mobile phone users to different audiences and stakeholders. It enables over 80,000 households across 12 states to create their own media.77

In general, self-censorship is not widespread but instances of threats of violence have resulted in people as well as news outlets removing online content. In September 2017, news outlet Quint took down a video it had published criticizing a popular misogynist song after the reporter received numerous rape threats and the singer encouraged his supporters to troll the outlet.78 In December 2017, the administrator of the political satire Humans of Hindutva took down its Facebook page because right-wing trolls threatened him and his family.79 The administrator reactivated the Facebook page a few months later, claiming that he would not be intimidated by trolls.80

While the internet serves as a tool of empowerment for many Indians, some trends have caused concern, including allegations of politicized content manipulation. Aggressive online commentators who self-identify as Hindu nationalists routinely abuse their opponents. Recent research shows that employees of the ruling BJP party have orchestrated some of the abusive activity, including threats targeting women and journalists, in order to create a hostile online environment for people criticizing the government and its leaders.81

Trolling has appeared to align with the BJP agenda under the BJP administration, but there is limited evidence that government actors are directly involved. Rather, officials’ tacit support of online abuse—evidenced, for example, by the prime minister following known troll accounts on Twitter—contribute to a climate in which people who are perceived to oppose popular discourse face intimidation, even while robust political debate continues in many online forums. Online harassment remained widespread during the reporting period (see Digital Activism and Intimidation and Violence).

Prior to their successful 2014 election, BJP politicians had been accused of paying specialized companies to artificially boost their popularity on social media,82 and some party representatives were reported to have paid citizens to post messages of support.83 Rival parties have likewise been accused of secretly sponsoring online support.84

In July 2018, following the coverage period, India adopted new net neutrality rules that were originally proposed in November 2017 by the Telecom Regulatory Authority of India.85 Some reported that the new rules make India the strongest backer of net neutrality in the world.86 The rules, with only some exceptions, prevent internet providers from interfering with content, including prohibiting blocking, throttling, and zero-rating. Breaking of the rules could result in operators losing their licenses in the country. It was also reported that the government will establish a multistakeholder body to ensure that net neutrality rules are enforced.87

Digital Activism

Digital activism is popular and has resulted in some proven successes on the national scale in the past. During the reporting period, however, there were no widespread changes resulting from the various campaigns and groups using social media.

In August 2016, a video documenting abuse of Dalits in a district of Gujarat launched major protests against discrimination. Dalits are marginalized in the traditional Hindu caste system. With the rise of nationalist politics, vigilante groups characterizing themselves as gau rakshaks (cow protectors) have attacked Dalits and other minorities that consume or handle beef.88 The assailants circulated a video of an attack targeting eight members of a Dalit community who skin cattle for a living as a warning, but protesters used it to ensure national media covered the incident, and subsequently organized demonstrations and a strike using social media and communication apps.89 However, few changes resulted.90

C Violations of User Rights

Several arrests for online speech were reported during the coverage period, including for content distributed on WhatsApp and Facebook. In a positive development, the Supreme Court issued a landmark ruling recognizing privacy as a fundamental right. However, controversies surrounding India’s Aadhaar project continued, and the Supreme Court ruled in September 2018 that the program is constitutional. In August 2017, the government established the Srikrishna committee to develop a data protection and privacy framework, which was released after the coverage period in July 2018.

Legal Environment

The Constitution of India grants citizens the fundamental right to freedom of speech and expression,1 including the right to gather information and exchange thoughts within and outside India.2 Press freedom has been read into the freedom of speech and expression.3 These freedoms are subject to certain restrictions in the interests of state security, friendly relations with foreign states, public order, decency and morality, contempt of court, defamation, incitement to an offense, and the sovereignty and integrity of India. However, these restrictions may only be imposed under a law, not by executive action.4 In August 2017, a landmark Supreme Court ruling recognized privacy as a fundamental right embedded in the right to life, liberty, and freedom of expression (see Surveillance, Privacy, and Anonymity).5

The Indian Penal Code (IPC) criminalizes several kinds of speech and applies to online content. Individuals could be sentenced to two to seven years in prison for speech that is found to be seditious,6 obscene,7 defamatory,8 “promoting enmity between different groups on ground of religion, race, place of birth, residence, language,”9 committing acts “prejudicial to maintenance of harmony,”10 or consisting of statements, rumors, or reports that may cause fear, alarm, disturb public tranquility, or promote enmity or ill will.11 Internet users are also subject to criminal punishment under the Official Secrets Act for wrongful communication of information that may have an adverse effect on the sovereignty and integrity of India.12

The IT Act criminalizes certain online activity such as the creation, transmission, or browsing of child pornography.13 Section 67 bans the publication or transmission of obscene or sexually explicit content in electronic form, and Section 66D punishes the use of computer resources to impersonate someone else to commit fraud.

Section 66A, a particularly problematic provision, was struck down by the Supreme Court in 2015. The provision criminalized information causing "annoyance,” “inconvenience,” or “danger,” among other ill-defined categories and led to several arrests for social media posts from 2012 through early 2015. The court in the Shreya Singhal judgment14 affirmed that freedom of speech online is equal to freedom of speech offline and held that Section 66A went beyond reasonable restrictions on freedom of speech specified in Article 19(2) of the constitution.15 Outstanding prosecutions under the section were dropped,16 but similar complaints continue to be registered under Sections 67, 66D, or the IPC (see Prosecutions and Detentions for Online Activities).

A 2016 Supreme Court judgment upheld laws criminalizing defamation (Sections 499 and 500 of the IPC and Section 119 of the Code of Criminal Procedure) as consistent with the Indian Constitution.17 The sections have been used against online speech in the past.18

Prosecutions and Detentions for Online Activities

More than 20 criminal complaints involving online content were filed during the coverage period, and over a dozen people were detained for sharing content that was considered politically or religiously insulting or misrepresentative. There were also additional cases surrounding the spread of fake news and rumors on social media. However, no convictions were documented in the reporting period. These arrests and cases continued the trend described in 2016; before that, the number of detentions for online activity fell off slightly following the Supreme Court’s Shreya Singhal ruling on the IT Act (see Content Removal).

As fake news, misinformation, and rumors continue to spread on social media, the government has responded in part by arresting ICT users. In February 2018, Junaid Khan, a 21-year-old student, was arrested and detained for at least five months for sedition under the IT Act and IPC Section 124A after a complaint against an “objectionable” message in a WhatsApp group, of which he was the administrator, was made to the police. Khan’s family claimed that he was only the default administrator, after the original admin who shared the content left the group.19

In June 2018, following the coverage period of this report, at least seven people were arrested in the Kozhikode district for spreading false information about the Nipah virus.20 Social media posts and audio messages that were shared or forwarded contained false statements such as who was undergoing treatment and how the Nipah virus could be transferred. The following month, in July 2018, two more people were arrested for spreading false rumors, one of whom was a WhatsApp group administrator. The arrests were in connection to a lynching caused largely by child abduction rumors on WhatsApp.21

Several additional cases regarding online activity prompted detentions, including:

  • In August 2017, Bashir Ahmed, a man from the Doda region of Jammu and Kashmir, was arrested for spreading “anti-national propaganda” on Facebook and WhatsApp.22
  • In September 2017, Maha Laxmi, an active social commentator from Vellore, Tamil Nadu, was arrested for criticizing a judge on Facebook.23
  • In October 2017, D. Sanjeev, a bus conductor with Telangana State Road Transport Corporation (TSRTC), was given a notice by the Telangana Vigilance Wing for posting content criticizing the chief minister and other TSRTC policies.24
  • In October 2017, Debajit Roy and Anupam Tarafdar were arrested in West Bengal for posting about traffic jams on Facebook. The High Court stepped in to say that no charge sheet would be filed against the two men without its permission, but the police were free to investigate the case. The men were released on bail.25
  • In November 2017, Thirumurugan, a 19-year-old engineer, was arrested in Srivilliputhur in Tamil Nadu and charged under Section 67 of the IT Act, 2000 and Section 505 of the Code of Criminal Procedure. A BJP party worker alleged that Thirumurugan had sent abusive messages criticizing the recently introduced Goods and Services Tax and Prime Minister Modi in a private chat on Facebook.26
  • In November 2017, cartoonist G. Bala was arrested for making and sharing a cartoon of the Tamil Nadu chief minister and two other authorities under Section 67 of the IT Act, 2000 and Section 501 of the IPC.27
  • In November 2017, Afghan Soni, a journalist based in Meerut, Uttar Pradesh, was arrested and charged with defamation and computer-related offenses under Section 66 of the IT Act, 2000.28
  • In November 2017, Haryana police arrested, under Sections 67 and 67A of the IT Act, 2000 and Section 292A of the IPC, Mohammad Saqib, a tailor from Uttarakhand, for sharing morphed pictures of Prime Minister Modi on WhatsApp.29
  • In December 2017, five men were arrested in Rajasthan for supporting on social media the man accused of murdering a migrant Muslim man for “love-jihad.”30
  • In February 2018, two men were arrested in Ballia, Uttar Pradesh under Section 67 of the IT Act, 2000 and Section 295 of the IPC for criticizing Prime Minister Modi, UP Chief Minister Yogi Adityanath, and certain Hindu deities on social media.31
  • In February 2018, Kamal, a man from Chennai, was arrested following his post on Facebook with marijuana, which is illegal in India.32 Sasikumar, Kamal’s friend who took the photo, also was arrested.

Surveillance, Privacy, and Anonymity

In August 2017, the Supreme Court recognized privacy as a fundamental right.33 Following the coverage period in July 2018, the Srikrishna committee, established in 2017 to create a data protection framework,34 submitted a draft privacy framework “Personal Data Protection Bill, 2018”35 and a report36 to the Ministry of Electronics and Information Technology. India’s IT minister has stated that he would like consultations on the law,37 and cabinet and parliament will further review the recommendations.38

The 2017 Supreme Court ruling came in the context of Aadhaar, a unique identification project that collects and stores biometric and other data like fingerprints, iris scans, and photos of over one billion Indians. The scheme raises serious concerns regarding data privacy, security, and usage.39 The government uses Aadhaar enrollment for the provision of multiple public services including food stamps and cell phone connection.40 Controversies have also erupted around the relationship between the project and private companies such as Microsoft, Amazon, Facebook, and Google.41 In 2017, it was reported that millions of Aadhaar records had been treated as publicly shareable data by different government departments.42 A national government-administered rural employment scheme was among several initiatives or agencies reported to have accidentally revealed Aadhaar numbers.43 Additional breaches were reported in 2018.44

In September 2018, following the reporting period, the Supreme Court ruled that Aadhaar is constitutional, but set important limits on the program’s use.45 The ruling held that the program is mandatory for government welfare schemes and that Indians must link their Aadhaar number to income tax filings and permanent account numbers. The court also ruled that there were sufficient existing safeguards against security and data breaches. However, Aadhaar numbers cannot be made required for services such as obtaining a SIM card, opening a bank account, and receiving educational grants and admissions. The court also set new data retention requirements and called for the immediate passing of a “robust” data protection law.46 It is unclear how the government and private companies utilizing Aadhaar data will implement the ruling, and what they will do with the Aadhaar data they have on users.

The Personal Data Protection Bill, 2018, submitted to the government by the Srikrishna committee in July 2018, has raised controversy. Civil society and tech companies47 have critiqued the bill on issues48 such as the data localization requirement49 and its ability to facilitate invasive government surveillance.50 The bill also supplies the central government with more powers through a range of provisions, such as creating new criminal liabilities and establishing a Data Protection Authority of India comprised of six government-appointed members, raising issues of independence, transparency, and accountability.51

There is limited opportunity for anonymity on the internet in India. Prepaid and postpaid mobile customers have their identification verified before connections are activated.52 There is a legal requirement to submit identification at cybercafes53 and while subscribing to internet connections. The effective implementation of privacy rights remains a significant issue. Communications surveillance may be conducted under the Telegraph Act,54 as well as the IT Act,55 to protect defense, national security, sovereignty, friendly relations with foreign states, public order, and to prevent incitement to a cognizable offense. Section 69 of the IT Act appears to add another broad category, allowing surveillance for “the investigation of any offence.”56

The home secretary at the central or state level issues interception orders based on procedural safeguards established by the Supreme Court and rules under the Telegraph Act.57 These are reviewed by a committee of government officials of a certain rank, and carried out by intermediaries.58 A similar framework applies to the IT Act.59 Interception orders, which are not reviewed by a court, are limited to 60 days, renewable for up to 180 days.60 In emergencies, phone tapping may take place for up to 72 hours without clearance; records must be destroyed if the home secretary subsequently denies permission.61

Eight separate intelligence bodies are authorized to issue surveillance orders to service providers under these circumstances.62 Around 7,500 to 9,000 telephone interception orders are issued by the central government alone each month, according to a 2014 report citing information revealed in a right to information request.63

Online intermediaries are required by law to “intercept, monitor, or decrypt” or otherwise provide user information to officials.64 The Telegraph Act levies civil penalties or license revocation for noncompliance65 and the IT Act carries a possible seven-year jail term.66 Unlawful interception is punishable by just three years of imprisonment.67

Some improvements to the framework have been made. On January 2, 2014, the government issued “Standard Operating Procedures (SOP) for Lawful Interception and Monitoring of Telecom Service Providers,” which were viewed by journalists but not publicly available.68 The procedures restricted interception to a service provider’s “chief nodal officer,” and mandated that interception orders be in writing.69 Rules issued in 2011 under the IT Act increased protection of personal data handled by companies.70 However, they do not apply to the government; critics say they create a burden on multinational companies, particularly in the context of the outsourcing industry.71

These improvements failed to address the framework’s inconsistencies. In 2012, a government-appointed group of experts said the Telegraph and the IT Acts are inconsistent with regard to “permitted grounds,” “type of interception,” “granularity of information that can be intercepted,” the degree of assistance from service providers, and the “destruction and retention” of “intercepted material.” These differences, it concluded, “have created an unclear regulatory regime that is non-transparent, prone to misuse, and that does not provide remedy for aggrieved individuals.”72

License agreements require service providers to guarantee the designated security agency or licensor remote access to information for monitoring;73 ensure that their equipment contains necessary software and hardware for centralized interception and monitoring; and provide the geographical location, such as the nearest Base Transceiver Station, of any subscriber at a given point in time.74 Under a 2011 Equipment Security Agreement that did not appear on the DoT website, telecom operators were separately told to develop the capacity to pinpoint any customer’s physical location within 50 meters.75 “Customers specified by security agencies” were prioritized for location monitoring, with “all customers, irrespective of whether they are the subject of legal intercept or not,” to be monitored by June 2014.76 The agreement remains effective, though various GSM operators lobbied for the clause to be removed from the license agreement because of compliance issues.77 In 2014, an amendment to licensing conditions mandated government testing for all telecom equipment prior to use, effective in 2015.78 Cybercafe owners are required to photograph their customers, arrange computer screens in plain sight, keep copies of client IDs and their browsing histories for one year, and forward this data to the government each month.79

ISPs setting up cable landing stations are required to install infrastructure for surveillance and keyword scanning of all traffic passing through each gateway.80 The ISP license bars internet providers from deploying bulk encryption; restricts the level of encryption for individuals, groups, or organizations to a key length of 40 bits;81 and mandates prior approval from the DoT or a designated officer to install encryption equipment.82

The government also seeks user information from international web-based platforms. Google reported that the government made 4,508 user data requests and 8,589 requests to access accounts between July and December 2017. Google made disclosures in 58 percent of the cases.83 To Facebook, the government requested access to 17,262 accounts between July and December 2017 and data was produced by Facebook in 53 percent of cases.84 Twitter also reported that the government made 315 account information requests between June and December 2017. Twitter said it produced data in 15 percent of cases.85

Besides retrieving data from intermediaries, the government’s own surveillance equipment is becoming more sophisticated. The Central Monitoring System (CMS) allows government agencies to intercept any online activities directly, including phone calls, text messages, and VoIP communication, using Lawful Intercept and Monitoring (LIM) systems on intermediary premises.86 In May 2016, the Minister for Communications and IT stated that the monitoring centers were already operational in Delhi and Mumbai.87 More centers were due to be rolled out across the country, but no updates were available in mid-2018.

MeitY officials indicated that security agencies could access messaging services such as WhatsApp in 2017, though they are unable to view encrypted content. In response to a question in the Lower House of Parliament, the Minister of State for Information Technology stated that “security agencies are able to intercept these encrypted communication services through the lawful interception facilities provided by the Telecom Service Providers, but they are not able to decrypt some of encrypted intercepted communication to readable format.”88

Law enforcement agencies may proactively monitor social media for signs of wrongdoing, although the legal grounds for doing so is unclear. In March 2017, the Minister of State for Electronics and Information Technology said that “social Networking sites hosted anywhere in the world are monitored by the law enforcement agencies.”89

Intimidation and Violence

Women, journalists, and political activists report frequent trolling and violent threats in response to their online posts.90 In September 2017, journalists across Delhi and the National Capital Region received targeted death threats on WhatsApp. Messages included references to Gauri Lankesh, a journalist who was killed in September 2017 in Bangalore.91

In July 2016, Minister of Women and Child Development Maneka Gandhi invited women facing harassment to report it to her directly by email after a journalist reported that one abusive post appeared to come from a popular singer.92 The government is also developing an app in response to the problem,93 but women continued to be silenced as a result of the harassment in the past year. Gurmehar Kaur, a 20-year-old student of Lady Sri Ram College, New Delhi, was subject to threats of rape and murder after she criticized a hardline right-wing student group in an online video in February 2017.94 She withdrew from a related protest campaign as a result of the harassment.95

Technical Attacks

India remained a frequent target of cyberattacks during the coverage period. The Indian Computer Emergency Response Team (CERT-In) reported over 53,000 cybersecurity incidents in 2017.96 The majority of these, over 29,000, were website defacements, while over 9,000 incidents related to a virus or malicious code and an additional 9,000 incidents occurred for probing or network scanning. CERT-In issues periodic advisories, and the government updates a crisis management plan for central and state governments to respond to cybercrime on an annual basis.97 According to Symantec’s 2018 Internet Security Threat Report, India received the second highest number of targeted attacks in the world between 2015 and 2017.98

In 2016, CERT-In reported a total of 3,347 website hacks during the year.99 Almost 200 central and state government sites were affected, including the site of the Union Ministry of Home Affairs.100 However, attacks to suppress online speech are not known to be widespread; most have economic motives, according to the National Crime Records Bureau.101

On India

See all data, scores & information on this country or territory.

See More
  • Global Freedom Score

    66 100 partly free
  • Internet Freedom Score

    50 100 partly free