BSNL's CODE of Misconduct. We write to the DOT on the need for immediate action.

We write to the DOT with the help of reports by our communitry members on the need for investigative action on persisting practice of code injections by BSNL.

11 September, 2019
2 min read


  • Background: IFF filed RTIs with BSNL, the DOT on the malicious code injections by BSNL, wrote to the DOT and also submitted an incident report to CERT-In on the issue. We received a response to our BSNL RTI claiming that the code injections contain no malware, but acknowledging the existence of such code injections nonetheless.
  • Need for investigation:  We write to the DOT with the help of reports by our communitry members of persisting code injections by BSNL. We request that necessary investigative action be taken in addressing the matter.


Previously, we informed you of our three pronged approach to the engaging of code injections by BSNL. While we did not recieve a response from the DOT and CERT-In to our complaints, we received responses to the RTIs filed with BSNL and the DOT. However, while the DOT claimed the subject matter did not pertain to them, BSNL sent a response stating that that the there was no malware in the advertisements injected into the code.

We couldn't have done it without our community

The knowledge that BSNL is aware of their own code injections is itself problematic. We wrote to the DOT to highlight that the alteration of code through injections is itself a violation of the principles of net neutrality and license conditions as we have explained in our previous post. Our supportive community members provided us with firsthand reports of tests conducted by them to inspect BSNL services for continuing code injections. One of the reports suggested that certain ad domains redirected to were considered suspicious by Kaspersky Internet Security.

Government needs to take action

We have informed the DOT of previous actions and correspondence conducted by us in attempts to address this issue. But in light of BSNL's response and the continuing practice of code injections, we write to the DOT with two requests:

  1. To carry out an investigation and take action in line with complaints/reports in our previous correspondence.
  2. To direct BSNL to take recourse as we have suggested in our previous complaint dated 17.05.2019 with Ref. No. IFF/2019/110 or necessary measures in addressing the issue of code injections
  • Follow-up to the DOT along with BSNL response (link)

Code injections ruining smooth browsing? Become an IFF member today!

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

Your personal data, their political campaign? Beneficiary politics and the lack of law

As the 2024 elections inch closer, we look into how political parties can access personal data of welfare scheme beneficiaries and other potential voters through indirect and often illicit means, to create voter profiles for targeted campaigning, and what the law has to say about it.

6 min read

Press Release: Civil society organisations express urgent concerns over the integrity of the 2024 general elections to the Lok Sabha

11 civil society organisations wrote to the ECI, highlighting the role of technology in affecting electoral outcomes. The letter includes an urgent appeal to the ECI to uphold the integrity of the upcoming elections and hold political actors and digital platforms accountable to the voters. 

2 min read

IFF Explains: How a vulnerability in a government cloud service could have exposed the sensitive personal data of 2,50,000 Indian citizens

In January 2022, we informed CERT-In about a vulnerability in S3WaaS, a platform developed for hosting government websites, which could expose sensitive personal data of 2,50,000 Indians. The security researcher who identified the vulnerability confirmed its resolution in March 2024.

5 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!