Insights

Synthetically Generated Information encompasses AI generated content

Introduction

Advances in artificial intelligence (“AI”) and machine learning technologies have enabled the generation of synthetic audio, visual, and audio-visual content at scale. Growing concerns around deepfakes, impersonation, and misinformation have prompted regulatory intervention to address the associated risks. In response, the Ministry of Electronics and Information Technology (“MeitY”) notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026 (“Amendment Rules”) on 10th February 2026, amending the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Rules”), with effect from 20th February 2026. The Amendment Rules are among the first of many regulatory changes in India to directly address AI generated content and mark a shift from reactive content moderation to a proactive, technology-enabled compliance framework for intermediaries.

Summary of the Amendment Rules

The Amendment Rules introduce two new definitions into the IT Rules, 2021. First, “Audio, visual or audio-visual information” is defined under Rule 2(1)(ca) to cover any audio, image, video, or related content. Second, “Synthetically generated information” (“SGI”) is defined under Rule 2(1)(wa) as audio, visual, or audio-visual content artificially or algorithmically created, generated, modified, or altered using a computer resource, in a manner that such information appears to be real, authentic or true, and depicts or portrays any individual or event in a manner that is, or is likely to be perceived as, indistinguishable from a natural person or real-world event. The definition therefore operates on two cumulative limbs: the content must both appear real, authentic or true, and depict or portray an individual or event indistinguishably from reality. The following are expressly excluded from the definition of SGI: (a) routine or good-faith editing, formatting, enhancement, technical correction, colour adjustment, noise reduction, transcription, or compression that does not materially alter, distort, or misrepresent the substance, context, or meaning of the underlying content; (b) routine or good-faith creation, preparation, formatting, presentation, or design of documents, presentations, PDF files, educational or training materials, or research outputs, including illustrative, hypothetical, draft, template-based, or conceptual content, provided such creation does not result in the generation of any false document or false electronic record; and (c) use of computer resources solely to improve accessibility, clarity, quality, translation, description, searchability, or discoverability, without generating, altering, or manipulating any material part of the underlying content. Text-only AI outputs also fall outside the SGI definition, though general due diligence obligations under Rules 3 and 4 continue to apply independently.

The Amendment Rules further revise existing timelines. Takedown upon a court order or government intimation is reduced from 36 hours to 3 hours. Grievance resolution is reduced from 15 days to 7 days. Takedown of unlawful content pursuant to a grievance relating to prohibited information is reduced from 72 hours to 36 hours. Removal of nudity, morphed imagery, or non-consensual intimate content is reduced from 24 hours to 2 hours. Furthermore, mandatory user advisories must now be issued every three months, increased from once a year. A dedicated SGI due diligence framework is introduced through new provisions across the Amendment Rules constituting a comprehensive regulatory architecture for the governance of SGI.

Obligations under the Amendment Rules

  • General Obligations Applicable to all Intermediaries: All intermediaries must issue quarterly user advisories informing users of consequences of non-compliance, exposure to legal penalties, and the intermediary’s obligation to mandatorily report certain offences including under the Protection of Children from Sexual Offences Act, 2012 (“POCSO”). This obligation previously required only annual communication. Intermediaries enabling or facilitating the creation or dissemination of SGI must additionally: warn users of legal consequences of creating unlawful SGI; deploy technical measures under Rule 3(3) to prevent prohibited categories of SGI, including child sexual abuse material, non-consensual intimate imagery, false documents, and deceptive impersonation; ensure permitted SGI carries prominent labels and embedded metadata; and maintain anti-tampering safeguards. For visual SGI, labels must be prominently visible; for audio SGI, a prefixed audio disclosure is required. Metadata must include a unique identifier traceable to the platform or computer resource used to generate the content, to the extent technically feasible.
  • Specific Obligations for Significant Social Media Intermediaries: Significant social media intermediaries (“SSMIs”) had no SGI specific obligations under the IT Rules, 2021 prior to the Amendment Rules. Rule 4(1A) now requires SSMIs to obtain user declarations regarding whether content is SGI before publication; independently verify those declarations through technical measures; and ensure confirmed SGI is prominently labelled. Separately, in Rule 4(4), the earlier “endeavour to deploy” standard for proactive identification of content depicting rape or child sexual abuse (or duplicated previously removed content) has been replaced with a mandatory obligation to “deploy appropriate” technical measures, shifting SSMIs to a strict compliance standard. Knowingly permitting unlawful SGI is deemed a failure of due diligence, directly threatening safe harbour protection under Section 79 of the Information Technology Act, 2000 (“IT Act”).

Safe Harbour under the Amendment Rules

Section 79 of the IT Act provides intermediaries with conditional immunity from liability for third party content. Safe harbour applies only where the intermediary observes due diligence under Section 79(2) and is automatically lost, without requiring formal revocation, once the statutory conditions cease to be met. The burden of proving that the offence or contravention was committed without knowledge and that necessary due diligence was conducted rests on the intermediary, as affirmed by the Supreme Court in Google India (P) Ltd. v. Visakha Industries.

Under Section 79(3), safe harbour is lost where an intermediary actively participates in an unlawful act or, upon receiving actual knowledge, fails to expeditiously remove the offending content. In Shreya Singhal v. Union of India, the Supreme Court read down Section 79(3)(b) to require actual knowledge through a court order or government notification before a takedown obligation is triggered. The Amendment Rules now extend this framework to SGI by introducing a suo motu (and  fairly onerous) obligation under Rule 3(1)(cb), requiring intermediaries to act on unlawful SGI without waiting for an external complaint or court order.

The Amendment Rules make two further changes to this framework. First, under Rule 2(1B) they clarify that proactive removal or disabling of access to any information, including SGI, data or communication link by an intermediary in compliance with the Rules does not constitute a violation of Section 79(2), resolving prior uncertainty about whether voluntary action would compromise protected status. Second, for SSMIs, knowingly permitting, promoting, or failing to act upon unlawful SGI is expressly deemed a failure of due diligence under Rule 4(1A), triggering automatic loss of safe harbour. For all intermediaries, non-compliance with the revised timelines and SGI specific obligations results in loss of safe harbour under Rule 7 and potential criminal liability under the IT Act.

In our view, the Amendment Rules require businesses to sincerely focus on compliance and putting in place systems to strengthen internal processes. There will need to be a shift from a ‘tick-the-box’ compliance framework to risk management processes and audit, in order to continue to enjoy the safe harbour benefits.

[1] The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026, No. G.S.R. 120(E), Acts of Parliament, 2026 (India).

[2] Information Technology Act, 2000, § 79(1), No. 21 of 2000 (India).

[3] Information Technology Act, 2000, § 79(2), No. 21 of 2000 (India).

[4] Google India (P) Ltd. v. Visakha Industries and Ors., (2019) MANU/SC/1708/2019 (India).

[5] Information Technology Act, 2000, § 79(3), No. 21 of 2000 (India).

[6] Shreya Singhal v. Union of India, (2015) 5 SCC 1 (India).

[7] Information Technology Act, 2000, § 67, 67A, 67B, No. 21 of 2000 (India).

Back To Top
Search

DISCLAIMER

The Bar Council of India does not permit soliciting work or advertising by advocates in any manner or form. By clicking on "AGREE" below, the user acknowledges and confirms that:

  1. There has been no advertisement, personal communication, solicitation, invitation or inducement of any sort whatsoever from us or any of our members to solicit any work through this website;
  2. The website is a resource solely for the purpose of providing general information about Veritas Legal at the user’s own risk, cost and liability; 
  3. The information provided in this website shall not be construed as legal advice or create any lawyer-client relationship in any manner whatsoever; 
  4. The links provided on this website shall in no way be considered referrals, endorsements or affiliations with the linked entities and Veritas Legal shall not hold responsibility for the content of such links.

The user shall not hold Veritas Legal responsible for any action taken relying upon the content of the website. In cases where the user has any legal issues and requires assistance, he/she/it must seek independent legal advice.

AGREE DISAGREE