Redefining Intermediary Liability: The 2026 Amendments to India’s IT Rules and the Rise of ‘Synthetically Generated Information’

The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026 (“Amendment”) marks a significant evolution in India’s digital regulatory landscape by introducing the concept of ‘synthetically generated information’ and expanding the compliance obligations of intermediaries. In an era defined by rapid content dissemination across platforms, the Amendment seeks to address regulatory gaps concerning Artificial Intelligence related content, and “Deepfakes” while recalibrating the balance between platform accountability and operational feasibility. These changes not only broaden the scope of intermediary responsibility but also signal a more assertive approach by the State in governing digital information flows and ensuring traceability, transparency, and due diligence within the ecosystem. The Amendment has come into force on 20 February 2026 and some of the key changes it brings forth are as follows:

1. Introduction of ‘Synthetically generated Information’

The Amendment introduces the newly defined term, ‘synthetically generated information’ (“SGI”) which refers to audio, visual or audio-visual information, which is artificially or algorithmically created, generated, modified or altered using a computer resource¹. The information must be created in a manner, which makes it appear to be real, authentic or true and depicts or portrays any individual or event in a manner that is or is likely to be perceived as indistinguishable from a natural person or real-world event.

To distinguish good faith changes of audio, visual or audio-visual work carried out by professionals in their ordinary course of work from SGI, the definition includes a proviso. This proviso clarifies that any information arising from routine or good-faith editing, formatting, preparation or similar activities shall not be deemed SGI, provided such alterations do not materially alter, distort, or misrepresent the substance, nor result in the creation or generation of any false document. Further, the proviso expressly excludes alterations made solely to enhance accessibility, clarity, quality, translation, description or discoverability from the scope of SGI².

Additionally, the definition of “audio, visual or audio-visual information” has been defined to mean any audio, image, photograph, graphic, video, moving visual recording, sound recording or any other audio, visual or audio-visual content, with or without accompanying audio, whether created, generated, modified or altered through any computer resource³ i.e. any work generated using artificial intelligence.

2. Obligations on intermediaries

1. Periodic Disclosures: An intermediary shall inform its users, at least once every three months, through its rules and regulations, privacy policy, user agreement, or any other appropriate means of the following:
   1. the right of the intermediary to terminate or suspend access or usage rights of the user violating intermediary’s rules, regulations, user agreement or privacy policy;
   2. the liability of a user in being penalised or punished under applicable law in the case of creation, generation, modification, alteration, hosting, displaying, uploading, publishing, transmitting, storing, updating, sharing or otherwise disseminating of information in contravention of any law; and
   3. the reporting of the user by the intermediary to the appropriate authorities in case of commission of a violation relating to an offence under any law for the time being in force, such as the Bharatiya Nagarik Suraksha Sanhita, 2023 (46 of 2023) or the Protection of Children from Sexual Offences Act, 2012 (32 of 2012).

Further, the intermediary is also liable to inform its users that any use of its computer resources to create, generate, modify, alter, publish, transmit, share or disseminate SGI in violation of applicable law may attract penalties or punishment under the law in force.

2. Due Diligence: Intermediaries offering computer resources that enable the creation or dissemination of SGI must deploy reasonable and appropriate technical measures, including automated tools, to prevent users from generating or sharing unlawful content. This includes content that is obscene, pornographic, paedophilic, or violates another person’s privacy; creates false documents or electronic records; facilitates the development or procurement of explosives, arms or ammunition; or deceptively misrepresents a person or real-world event (such as deepfakes)⁴.

3. Mandatory labelling: Any intermediary which enables creation, generation, displaying or publishing of any SGI on its computer resource shall require users to declare whether such information is SGI. The intermediary must deploy tools to verify the accuracy of such declaration, and an appropriate and prominent label or notice must be added to the display of such SGI⁵. The SGI shall be embedded with a permanent metadata or other technical mechanism, to identify the computer resource of the intermediary used to create, generate, modify or alter SGI. Neither the label nor the permanent metadata shall be removable.

In the event that the material is SGI and the intermediary wilfully allows such restricted material, it shall be deemed to have failed to exercise due diligence under the Amendment.

4. Reduced takedown timelines: If any information is stored or published which is prohibited under any law, it shall be removed or disabled by intermediary upon receipt of court order or being notified by appropriate government. The timeline for takedown by the intermediary has been reduced from thirty-six hours to three hours⁶, increasing the obligations on intermediaries to act in a more proactive manner. If the complaint pertains to removal of information, it shall be resolved within a total of thirty-six hours instead of seventy-two hours⁷ and if the intermediary must take it down, then within two hours instead of twenty-four hours⁸.

3. Impact on users in case of non-compliance⁹

1. Non-compliance of rules and regulations, privacy policy or user agreement can lead to termination or suspension of user’s access to the computer source immediately or it would lead to removal or disablement to access non-compliant information, or both, subject to the nature and severity of the violation.

2. If any user creates, publishes or disseminates information which is in contravention to any applicable law for time being in force, penalty or punishment must be enforced against such a user.

3. In cases where the violation constitutes a cognizable offence requiring mandatory reporting, the intermediary may be obligated to report such conduct to the appropriate authorities in accordance with applicable law. This includes offences under statutes such as the Bharatiya Nagarik Suraksha Sanhita, 2023 and the Protection of Children from Sexual Offences Act, 2012, among others.

4. Conclusion

The 2026 Amendment signal a clear regulatory pivot toward enhanced accountability in the digital ecosystem, with “syndicated information” emerging as a key area of oversight. As enforcement tightens, intermediaries will be compelled to adopt more robust, proactive compliance mechanisms to navigate increasing legal and operational risk. As enforcement intensifies, these provisions are poised to redefine the legal landscape for intermediaries, setting a precedent that could reverberate across global regulatory regimes.

The information contained in this document is not legal advice or legal opinion. The contents recorded in the said document are for informational purposes only and should not be used for commercial purposes. Acuity Law LLP disclaims all liability to any person for any loss or damage caused by errors or omissions, whether arising from negligence, accident, or any other cause. 

1. Rule 2 (1) (wa), Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ↩︎
2. Id ↩︎
3. Rule 2 (1) (ca), Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ↩︎
4. Rule 3 (3) (i), Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ↩︎
5. Rule 3 (3) (ii), Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ↩︎
6. Rule 3 (1) (d), Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ↩︎
7. Rule 3 (2) (a) (i), Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ↩︎
8. Rule 3 (2) (b), Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ↩︎
9. Rule 3 (1) (c), Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ↩︎