India Panel Proposes KYC for Social Media Platforms | #cybercrime | #infosec

Download a copy of the report here.

The Committee on the Empowerment of Women tabled its Fourth Report (2025-26) on “Cyber Crimes and Cyber Safety of Women” in both Houses on March 23, 2026, with recommendations spanning mandatory identity verification, a new comprehensive cybercrime law, and stronger intermediary accountability. The report examines submissions from the Ministry of Home Affairs (MHA), the Ministry of Electronics and Information Technology (MeitY), Google, Meta, and X.

Why it matters: The recommendations, if implemented, would fundamentally shift how intermediary liability works in India. Mandatory Know Your Customer (KYC) would move platforms from passive intermediaries to active identity verifiers, and raises questions about anonymity as a safety tool for the very women the report seeks to protect.

Here are the key recommendations made in the report:

KYC and identity verification

• Introduce mandatory KYC-based identity verification across all social media, dating, and gaming platforms to curb fake profiles, impersonation, and anonymous harassment. MHA and MeitY to implement this jointly.
• Introduce age-appropriate regulations and calibrated usage limits on social media platforms to protect children and adolescents.
• Mandate safety-by-design standards to protect the mental well-being of young users.
• Google, Meta, and X did not publicly oppose the KYC recommendation; instead, they outlined existing voluntary verification and content moderation mechanisms in their submissions.

Intermediary accountability and Sahyog

• The Sahyog portal has issued 199 notices covering 1,412 URLs, of which intermediaries have taken down 940. No intermediary has faced action for non-compliance despite safe harbour loss under Section 79(3)(b) of the IT Act being the primary enforcement mechanism. MediaNama has previously covered how Sahyog works.
• I4C has separately forwarded 1,41,206 URLs to intermediaries for removal as of June 2025.
• Strengthen Sahyog by ensuring uniform Standard Operating Procedures (SOPs) for all intermediaries on content removal, metadata sharing, cooperation with law enforcement, and emergency response protocols.
• Set up a Central Compliance Review Board jointly operated by MeitY and MHA to evaluate platform-wise adherence to deadlines. Persistent non-compliance should attract penalties, loss of safe harbour, and, in extreme cases, blocking orders.
• Strengthen Grievance Appellate Committees (GACs) with simplified filing and transparent reporting on gender-based harm appeals. Of 4,016 appeals received between 2023 and 2025, GACs disposed of 2,043 and rejected 1,682 as outside their purview.

Comprehensive cybercrime law

• Initiate a structured and time-bound examination towards a comprehensive and gender-sensitive cybercrime legislation consolidating the Information Technology (IT) Act 2000, Bharatiya Nyaya Sanhita (BNS) 2023, Protection of Children from Sexual Offences (POCSO) Act 2012, and IT Rules 2021 into a single framework.
• The current fragmented structure results in overlapping mandates, interpretational ambiguities, and procedural delays.
• The new law should consolidate offences, clearly define intermediary liabilities, statutorily mandate victim support, and provide a uniform investigative framework.

AI and deepfakes

• MeitY advisories from December 2023, March 2024, and September 2024 direct intermediaries to embed permanent metadata identifiers in AI-generated content, including deepfakes. The committee recommends statutory backing for this.
• Mandate the deployment of AI-driven detection tools and transparent reporting on platforms’ women’s safety measures.
• The committee asked MeitY whether it plans to mandate AI-based cyberbullying detection modules on all platforms, similar to what exists for Child Sexual Abuse Material (CSAM). MeitY responded that the matter is better handled by MHA.

International cooperation

• Leverage the UN Convention against Cybercrime, which the UN General Assembly adopted and will open for signatures in 2026, to establish fast-track cross-border assistance protocols for crimes against women.
• Negotiate bilateral or multilateral rapid-response agreements with countries hosting major digital platforms or data centres.
• Establish 24×7 cyber liaison officers in key Indian missions abroad.
• Mutual Legal Assistance Treaty (MLAT) mechanisms currently take several months. Foreign platforms respond only through formal diplomatic channels, prolonging victim distress.

Law enforcement and forensics

• Develop a National Cyber Capacity-Building Framework with uniform training standards for police, prosecutors, and judicial officers.
• Rapidly establish additional regional forensic units and mobile cyber forensic vans. The National Cyber Forensic Laboratory (NCFL) in Delhi has handled over 12,000 forensic cases, and the volume of cases will worsen delays further.
• Create fast-track courts for cybercrimes against women with judges trained in digital evidence.
• Mandate same-day registration of complaints involving Non-Consensual Intimate Imagery (NCII), deepfakes, stalking, impersonation, and CSAM irrespective of territorial jurisdiction.

Other recommendations

• Create an Indian equivalent of StopNCII.org that enables women to hash and register intimate images for automatic blocking across platforms. MHA said it will examine this in consultation with stakeholders. X already partners with StopNCII globally.
• Establish a Cyber Survivor Compensation Fund for victims of sextortion, identity theft, online blackmail, and the circulation of private images, modelled on existing victim compensation schemes under criminal law.
• Establish a Unified National Cyber Coordination Grid that integrates MeitY, MHA, the Department of Telecommunications (DoT), the Indian Computer Emergency Response Team (CERT-In), state police, and intermediaries for real-time coordination on cases involving women’s safety. Some inter-agency communication currently happens through informal WhatsApp groups with no traceability or accountability.

Also read: