India started its journey in Cyber Law with Information Technology Act 2000. The Act originated as a draft in 1998, became a Bill in 1999 and an act on 17th October 2000. Naavi entered the world of Cyber Law with the Draft E commerce Act 1998 and has evolved along with the ITA 2000.
In 2008, a major amendment brought in Section 43A and the concept of Personal Data Protection into the ITA 2000 framework.
In 2023, DPDPA 2023 took over the responsibilities under Section 43A and introduced an entirely new law for “Personal Information Governance”.
In the near future we will have another major change coming up in the form of regulation of AI.
In this journey, the concept of Intermediaries has also evolved from 2000 to 2023 from a “Network Service Provider” to “Data Fiduciary/Data Processor”.
The Intermediary Guidelines which surfaced under Section 79 as a safe harbor provision also evolved into a complete Code by itself regulating a very large part of the industry.
In 2021, the codification of the Intermediary Guidelines was structured in the form of Digital Media Rules. This raised a huge opposition from the industry and is under continuous challenge in the Courts leading upto the current stage where Delhi High Court is sitting on a dispute between Meta (WhatsApp, FaceBook and Instagram) and the Union of India.
FDPPI has filed an intervention petition in this case the next hearing of which is due on July 14/15.
We shall have a complete review of the evolution of the Intermediary Guidelines to refresh ourselves, through a series of articles.
The reference material for this at present is
a) The last order of Delhi High Court posting the next hearing to July 14/15
c) The notice of MeitY for public comments dated 21st April 2026
d) Intermediary Guidelines with Consolidated proposed amendments
I request other observers of ITA 2000 to correct me if there are any inaccuracies.
….Continued
Naavi







