The ministry of electronics and IT has sent a letter to X (formerly Twitter), the social media website owned by Elon Musk on, pointing out failures in moderating AI-generated content on its platform. The ministry highlighted concerns that the Grok and other services of xAI have been used to generate and distribute obscene or non-consensual images, particularly targeting the dignity and privacy of women. Through the letter, the government has also sought a report on the actions taken by the company, and the immediate removal of illegal materials. The government has also asked X to enforce the required AI guardrails, and submit a detailed Action Taken Report not later than 72 hours or risk losing its statutory immunity from legal liability. Failure to comply with these directives “may result in strict legal consequences against your platform, its responsible officers and the users on the platform who violate the law, without any further notice”.
Read full ‘warning’ letter to X (Twitter)
To,The Chief Compliance Officer, X Corp., (formerly Twitter), India OperationsSubject: Failure to observe statutory due diligence obligations under the Information Technology Act, 2000 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and seeking an Action Taken Report towards immediate compliance for prevention of hosting, generation, publication, transmission, sharing or uploading of obscene, nude, indecent and sexually explicit content through the misuse of Al-based services like ‘Grok’ and xAl’s other services.It has been reported and represented from time to time, including through public discourse and representations from various parliamentary stakeholders that certain categories of content circulating on your platform may not be in compliance with applicable laws relating to decency and obscenity. It has especially been observed that the service namely “Grok Al” developed by you and integrated and made available on the X platform, is being misused by users to create fake accounts to host, generate, publish or share obscene images or videos of women in a derogatory or vulgar manner in order to indecently denigrate them. Importantly, this is not limited to creation of fake accounts but also targets women who host or publish their images or videos, through prompts, image manipulation and synthetic outputs. Such conduct reflects a serious failure of platform-level safeguards and enforcement mechanisms, and amounts to gross misuse of artificial intelligence technologies in violation of applicable laws.2. In this context, and without prejudice to action taken or being taken by authorised agencies under applicable laws, the Ministry of Electronics and Information Technology (“Ministry”/ “MeitY”) is of the view that the regulatory provisions under the Information Technology Act, 2000(“IT Act”) and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Rules, 2021) are not being adequately adhered to by your platform, particularly in relation to obscene, indecent, vulgar, pomographic, paedophilic, or otherwise unlawful or harmful content which are potentially violative of extant laws.3. The aforesaid acts and omissions are viewed with grave concern, as they have the effect of violating the dignity, privacy and safety of women and children, normalising sexual harassment and exploitation in digital spaces, and undermining the statutory due diligence framework applicable to intermediaries operating in India.4. Attention is invited to the Advisory issued by MeitY on 29.12.2025, particularly paragraph 9 thereof, wherein all intermediaries have been unequivocally advised to undertake an immediate review of their internal compliance frameworks, content moderation practices and user enforcement mechanisms, and to ensure strict and continuous adherence to the provisions of the IT Act and the IT Rules, 2021.5. X, being a significant social media intermediary, is hereby reminded that compliance with the IT Act and the IT Rules, 2021 is not optional, and that the statutory exemptions under section 79 of the IT Act are conditional upon strict observance of due diligence obligations, including but not limited to Rules 3 and 4 of the IT Rules, 2021:• Rule 4(9): obligation to provide additional information which may include any clarifications and Action Taken Reports as may be sought by the Ministry.• Rule 4(1)(a): appointment and effective functioning of a Chief Compliance Officer, who shall be responsible and liable for ensuring compliance with the Act and the Rules;• Rules 3(1Kb) and 3(1(d): obligation to prevent hosting, publication, transmission or sharing of unlawful content by making reasonable efforts and to remove or disable access expeditiously to any such information that is obscene, pornographic, paedophilic, harmful to women and child, or otherwise unlawful, and strictly within the prescribed timelines upon receipt of actual knowledge, through court orders or reasoned intimation from the Appropriate Government or its authorised agency;• Rule 3(1Xi): obligation to furnish information and extend assistance lawfully sought by the Government or its authorised agencies, strictly within the timelines specified, for the purposes of verification of identity, or for the prevention, detection, investigation, or prosecution, of offences under any law for the time being in force; and• Rule 3(2), Rule 4(4): obligation to deploy accessible reporting and grievance redressal systems under Rule 3(2), while additionally deploying technology-based measures under Rule 4(4), including automated tools or other mechanisms, to proactively prevent the dissemination of such obscene, vulgar and indecent content and ensure timely compliance with removal requirements.• Rule 3(2)(b): obligation to remove or disable access to any content which is prima facie in the nature of material depicting an individual in any sexual act or conduct, or any impersonation thereof, within twenty-four hours of receipt of a complaint from the affected individual or any person on such individual’s behalf.6. It is reiterated that hosting, generation, publication, transmission, sharing, or uploading of obscene, nude, indecent, sexually explicit, vulgar, pedophilic content or any content that is invasive of another’s privacy including bodily privacy or otherwise unlawful, including through Al-enabled systems and tools, attracts serious penal consequences under multiple statutes, including: sections 66E, 67, 67A and 67B of the IT Act; relevant provisions of the Bharatiya Nyaya Sanita, 2023 (“BNS”);• the Indecent Representation of Women (Prohibition) Act, 1986;• the Protection of Children from Sexual Offences Act, 2012;• the Young Persons (Harmful Publications) Act, 1956;• section 85 of the IT Act: Offences by companies in contravention of the IT Act and the rules thereunder including the IT Rules, 2021; and• other applicable laws for the time being in force.7. Further, attention is specifically drawn to section 33 of the Bharatiya Nagarik Suraksha Sanhita, 2023 (BNSS), which imposes a mandatory statutory obligation to report certain offences to the appropriate authorities. This includes offences involving organised crime that includes cyber-crime, as defined under section 111 of the BNS. Any failure to report such offences, despite knowledge or reasonable suspicion, may independently attract penal action under the BNSS.8. Accordingly, you are advised to strictly desist from the hosting, displaying, uploading, publication, transmission, storage, sharing of any content on your platform that is obscene, pornographic, vulgar, indecent, sexually explicit, paedophilic, or otherwise prohibited under any law for the time being in force in any manner whatsoever. Failure to observe such due diligence obligations shall result in the loss of the exemption from liability under section 79 of the IT Act, and you shall also be liable for consequential action as provided under any law including the IT Act and BNS.9. Therefore, in exercise of the powers of the Central Government under the IT Act and the IT Rules, 2021, X is hereby directed to:(a) immediately undertake a comprehensive technical, procedural and governance-level review of the Al-based application “Grok”, including its prompt-processing, output-generation (responses generated using Large Language Models (LLMs)), image-handling and safety guardrails, so as to ensure that the application does not generate, promote or facilitate content which contains nudity, sexualisation, sexually explicit or otherwise unlawful content in any form whatsoever;(b) forthwith enforce its user terms of service, acceptable use policies and Al usage restrictions, including strong deterrent measures such as suspension, termination and other enforcement actions against violating users and accounts;(c) remove or disable access, without delay, to all content already generated or disseminated in violation of applicable laws, in strict compliance with the timelines prescribed under the IT Rules, 2021, without vitiating the evidence in any manner;(d) submit a detailed Action Taken Report (ATR) to this Ministry, including covering the above aspects, at the earliest and in any case not later than seventy-two (72) hours from the date of issuance of this letter, inter alia, covering:• specific technical and organisational measures adopted or proposed in relation to the Grok application;• the role and oversight exercised by the Chief Compliance Officer;• actions taken against offending content, users and accounts; and mechanisms put in place to ensure compliance with the mandatory reporting requirement under section 33 of the BNSS; and(e) ensure ongoing, demonstrable and auditable compliance with all due diligence-obligations under the IT Act and the IT Rules, 2021, failing which appropriate action may be initiated, including the loss of the exemption from liability under section 79 of the IT Act, and consequential action as provided under any law including the IT Act and the BNS.10. It is reiterated that non-compliance with the above requirements shall be viewed seriously and may result in strict legal consequences against your platform, its responsible officers and the users on the platform who violate the law, without any further notice, under the IT Act, the IT Rules, the BNSS, the BNS and other applicable laws.11. This issues with the approval of the Competent Authority in the Ministry, without prejudice to any other action that may be taken by the Government or law enforcement agencies under any law for the time being in force.Yours faithfully,(Ajit Kumar)Joint Secretary, Cyber Laws, MeitY
