Section 67C of the Information Technology Act mandates that intermediaries—including ISPs, social media platforms, and data centres—must preserve and retain information as specified by the Central Government. In an investigation, the availability of historical logs and records is often the only way to link a digital act to a physical person. This section ensures that intermediaries do not delete critical evidence before authorities have a chance to request it through proper legal channels.\n
\n\nThe Requirement for Data Retention\n
\nThe government prescribes the specific types of information that must be kept, the duration of the retention, and the format in which it must be stored. This typically includes user registration details, login timestamps, IP addresses, and transaction records. For an intermediary, failing to maintain these records is not just a policy lapse; it is a criminal offence that can lead to a prison term of up to three years and a fine.\n
\n\nBalancing Compliance and Data Costs\n
\nMaintaining massive volumes of log data for long periods can be a significant technical and financial challenge. However, the cost of non-compliance is far higher. Intermediaries must implement managed security solutions that automate log rotation and archival while ensuring that nothing is permanently purged before the mandatory retention window has closed. This requires a clear understanding of the government mandates and a scalable storage architecture.\n
\n\nData Retention during Investigations\n
\nWhen an incident occurs, Section 67C acts as a safeguard. If an intermediary is notified of an investigation, they must lock down all relevant records to prevent automated deletion processes from wiping the trail. This "preservation notice" is a critical tool for law enforcement. If you are an intermediary unsure of your specific obligations under the latest guidelines, our cyber security consulting team can audit your retention policies for legal alignment.\n
\n\nIntermediary Liability and Evidence Chains\n
\nA break in the data retention chain can compromise a criminal case or a civil suit. If an intermediary cannot produce the required logs during a trial, it can lead to allegations of negligence or active obstruction of justice. Ensuring the integrity of these logs—using hashing and secure backups—is as important as the act of storage itself. The data must be verifiable and ready for forensic extraction if required by a court order.\n
\n\nVerify Your Compliance Infrastructure\n
\nDoes your organization meet the current data retention standards? If you are managing user data in India, you are subject to the strict requirements of Section 67C. Don't wait for an audit or a subpoena to discover a gap in your archives. Contact our compliance team for a review of your data preservation and retention strategy.\n