wordpress blog stats
Connect with us

Hi, what are you looking for?

India’s CyberCafe Rules Finalized; Foundation For Harassment

It’s about time all restaurants and cafes in India got rid of their public WiFi connections – forget having to keep a register where they ask you to write a few personal details and sign, to let you use their complimentary Internet connection: under a final set of rules on CyberCafe regulations, they’ll have to register as a Cybercafe with a “Registration Agency”, maintain detailed logs, and compulsorily put up a board asking you not to surf pornography. All because, under the IT Act, a “Cyber Cafe means any facility from where access to the Internet is offered by any person on the ordinary course of business to the members of the public”.


Under these rules, all “CyberCafe’s” will have to:

– Identification: Keep a scan or a photocopy of an identification document duly authenticated by the user and authorised representative of cyber cafe for a year, and “may be photographed using a web camera for establishing the identity of the user”; the web camera photograph then has to be authenticated by a the user and an authorised representative of the cyber cafe, logged and maintained for a year. Under the draft rules, this wasn’t mandatory, and was only to be used when a user was not able to satisfactorily establish his/her identity, but under the final rules, it is.

– Logs: The Cyber Cafe has to maintain a log of users with the following details – Name, Address, Gender, Contact Number, Type and detail of identification document, Date, Computer terminal identification, Log in Time, Log out Time – and prepare a monthly report of the log register showing datewise details on usage of computers. Apart from maintaining logs, the Cyber Cafe owner has to “submit a hard and soft copy of the same to the person or agency as directed by the registration agency by the 5th day of next month.” The Cyber Cafe owner also has to maintain a history of websites accessed, and logs of a proxy server installed at cybercafes. Talk about wasting paper and adding unnecessary processes by asking for these submissions. Isn’t maintaining internal logs for a year enough, so that they’re available when requested, instead of mandating that cybercafes submit all this data to the government? Who ensures that someone in the government doesn’t misuse this data? What about privacy?

Advertisement. Scroll to continue reading.

– Pornography and ‘obscene information’: An addition to the Cyber Cafe rules is that all computers have to be equipped with the “commercially available safety or filtering software so as to the avoid, as far as possible, access to the websites relating to pornography including child pornography or obscene information.” I’m sorry, but if I call someone an ass, can’t that be interpreted as ‘obscene’, and will this very page where I’ve used the word ass (oops, there I go again) be deemed obscene by a filtering software? What’s next? Will the Indian government mandate that YouTube has ‘bleeps’ whenever words like fuck or bitch are used in a video? Walk in any crowded market in Delhi, and you’ll hear a lot worse. How is ‘obscene information’ defined, and who defines it?

The other part is that “Cyber Cafe’s are mandated to display a board, clearly visible to the users, prohibiting them from viewing pornographic sites as well as copying or downloading information which is prohibited under the law.” Which restaurant which gives users Internet access will want to do this?

– Illegal activity: This is epic: “Cyber Cafe shall take sufficient precautions to ensure that their computer resource are not utilised for any illegal activity.” How in the world is a Cyber Cafe owner going to take precautions to ensure that nothing illegal is done using their computer resource (which would include routing of traffic, so all usage)? Do they expect anyone managing Cyber Cafe to know what each user is doing? What about privacy?

One positive change in the rules is that of inspection. In the earlier rules, an office not below the rank of Police Officer was authorized to inspect the Cyber Cafe and network; in the changed rules, an officer of the registration agency will be authorized. This means that the harassment of Cyber Cafe owners/managers would probably not be done by a police officer.

Imagine a restaurant with WiFi, say, the Market Cafe in Khan Market, Delhi, having to conform to these rules. Or imagine us wanting to give WiFi access at a conference – will we need to register as a Cyber Cafe? It just won’t happen. As with most other rules, these rules will probably not be enforced, but the problem is in the exceptional cases, when they are used in order to harass establishments. Most of us reading this think that it can’t happen to us, but the fact is that it can. I’ve heard a case of bizarre requests being made of a website owner because of something he published and later retracted, as long as four years after the retraction.

The provisions in the law need to be more liberal in order to prevent its misuse by lawmakers, and in our opinion, these CyberCafe guidelines have created the foundation for further harassment.

Advertisement. Scroll to continue reading.

Note: this comes at a time when the Electronic Frontier Foundation has made a call to action for an Open Wireless Movement.

Download IT Rules: Final (Page 15), Draft

How India’s Draft Cybercafe Rules Could Strangle Public Internet Access

Written By

Founder @ MediaNama. TED Fellow. Asia21 Fellow @ Asia Society. Co-founder SaveTheInternet.in and Internet Freedom Foundation. Advisory board @ CyberBRICS

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.


Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.


This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.


It is widely argued that the PDP Bill report seeks to discard the intermediary status of social media platforms but that may not be...


Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ