Analyzing the Threat to Organizational Cybersecurity by the ‘Work From Home’ Policy in India

by Roshni Mulchandani

I. Introduction

With the COVID-19 pandemic shutting down offices and forcing organizations to adopt a “Work from Home” policy for its employees,  data security concerns have increased significantly.[1] Even though such policies have brought in greater workplace flexibility, they have also brought in a newfound opportunity for threat actors.[2] With remote access systems allowing individuals to log into devices from anywhere, an easy and vulnerable point entry is available for hackers to access organizational trade secrets, jeopardising cybersecurity. This has created a safety concern for companies who are reeling from such threats and finding it hard to maintain organizational cybersecurity with the limited safety network.[3]This has also created a bigger onus on companies to protect the safety of confidential client data that they hold.[4] In such a case, running its operations with a loose hold on security measures becomes a highly risky path to trod upon.[5]

By allowing “Work from Home” policies, Indian organizations assume the role of “Intermediaries”[6] under the Information Technology Act (2000) and therefore become duty bound to protect the data of their clients.[7] Even though India does not have a dedicated law on cybersecurity or a specialized law on privacy,[8] it must undertake all procedures to revamp its cybersecurity mechanisms to safeguard against data threats in such unprecedented times.

Continue reading “Analyzing the Threat to Organizational Cybersecurity by the ‘Work From Home’ Policy in India”

Artificial (Un)Intelligence: Automated Tools and Intermediary Liability

By Shivani Kabra

The exponential increase of user generated content on online platforms has eventuated in a proliferate system of digital piracy and unlawful content. These instances raise questions of attaching secondary liability to the platforms hosting such materials. Predominantly, online platforms act as intermediaries for facilitating user interaction and user generated content. Recent legislative developments in India regarding intermediary’s liability require intermediaries to take proactive steps towards regulating the digital space. Intermediaries are now obligated to employ automated technology-based tools for enforcing third party rights by detecting illegal/unlawful content. As a result, the tools facilitate the creation of a parallel legal system that necessitate specific socio- fiscal costs for the society at large. A deeper examination of these costs is required to determine the efficacy of the legislative developments enabling their enactment.

Continue reading “Artificial (Un)Intelligence: Automated Tools and Intermediary Liability”


By Shravya Devaraj & Akshay Luhadia

In February 2021, the Ministry of Electronics and Information Technology released the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021[1] (‘the Rules’) under Section 87 read with Section 79(2) of the Information Technology Act. The Rules intend to exert extensive Government control over content circulated online.[2] The Rules apply to social media intermediaries, significant social media intermediaries, original curated content platforms in addition to digital media platforms.[3]

The objective of the Rules is to increase the liability of intermediaries for the information circulated on their platform.[4]The Rules ensure swift action is taken against any unlawful or infringing information made available on these intermediaries.[5] Multiple groups, including civil society, policy organisations, think tanks and news organisations, have criticised the rules to be repressive.[6]

As Whatsapp files its lawsuit against the Indian government for mandatorily enforcing the IT Rules,[7] the aim of this article is to trace these guidelines to countries that have previously tried to implement similar measures and the consequences thereof. To regulate content on the internet, many nations have introduced snippets of these rules in different jurisdictions.[8] Nevertheless, India seems to have consolidated these practices in its recent Act.[9] Thus, this article, has analysed similar regulations that have been passed in foreign jurisdictions, the objectives they sought to establish, why they failed and lessons to learn from them.