NIXI’s justification for 2 domains per person? National Security

In December 2021, NIXI published an undated notice stating that if any entity wants to register for more than two [dot]in domains, they'll have to seek written permission from the NIXI CEO. In our RTI request, NIXI responded stating that the notice was issued for "national security".

15 February, 2022
5 min read


Remember NIXI’s two domain per person policy? The National Internet Exchange of India (NIXI) is the nodal authority for [dot]in domains in India. In December 2021, NIXI published an undated notice stating that if any entity wants to register for more than two of India’s Country Code Top Level Domain (ccTLD) - [dot]in domains, they'll have to seek written permission from the NIXI CEO. In our RTI request on this notice, NIXI responded with an incomplete response stating that the notice was issued for "national security". Go figure.


NIXI is a government not-for-profit organization, established in 2003 under section 8 of the Companies Act 2013. One of its key tasks is to set up domestic Network Operation Centers (NOCs) among Indian Internet Service Providers (ISPs) to enable routing domestic interest traffic within the country instead of re-routing via NOCs abroad. It results in reduced-bandwidth charges for the ISPs and also provides better quality of service due to reduced latency.

NIXI has been authorized as the .IN Registry by the Government of India, since January 2005. The .IN domain names are available to anyone on a first-come-first-served basis. However, in an undated notice published on its website in December 2021, NIXI said that in case an individual registrant submits a request for registering more than two ccTLDs or if a registered accredited company requests for more than a hundred ccTLDs, then a written approval of the CEO, NIXI is required.

We asked they refused

After the NIXI order was brought to our notice, we filed an RTI request with them seeking further clarifications and demanding transparency on how the permission would be granted for more than two [dot]in domains.

We requested the following information from NIXI:

Request 1: Please provide information regarding the legislation or the power under which the policy change to seek permission for domain registration after two successful registrations have been notified.

NIXI’s response:

“The new policy is as per the powers available with the Registry under Registry-Registrar Agreement. (Clause no 9.19).”

Clause 9.19 of the Registry-Registrar Accreditation Agreement states

“9.19 Amendments: This Agreement may be amended only by a written agreement signed by authorized representatives of both parties. Notwithstanding anything mentioned here above, .IN Registry at its discretion may post/publish new or amended Policies and/or Advisories on at the Registry Website from time to time and the Registrar accepts that by virtue of their publication on such a website the Registrar shall deemed to have notice of such new or amended Policies and/or Advisories.”

It defies legal understanding as to how a contractual agreement can empower NIXI’s exercise such powers. Clearly, Clause 9.19 can reserve such powers, however, it cannot by itself create it.

Request 2: Please provide information on whether any legal opinion was sought from the Ministry of Law or any other Ministry for the change in policy.

NIXI’s response: “Above decision is taken with respect to National Security.”

Request 3: Please provide information with regard to whether any meetings were conducted to discuss the change in policy. If yes, please provide a list of individuals/ organizations who were a part of those meetings as well as the minutes of the meetings.

NIXI’s response: [no response given]

Request 4: Please provide information with regard to whether any third party consultations were sought for the change in policy. If yes, please provide information with regard to the basis on which these third parties were selected.

NIXI’s response: [no response given]

Request 5: Please provide a copy of all documents related to the queries herein specifically any legal opinions, minutes of meetings and reports related to the change in policy.

NIXI’s response: [no response given]

NIXI refused to provide a response to our request numbers 3, 4 and 5 which is against the letter and spirit of the RTI Act, 2005.

Illegal response

The decision of the PIO, NIXI to decline information without giving proper justification under the RTI, Act 2005 is also in contravention of the Central Information Commission’s decision in CIC/OK/A/2006/00163 dated July 7, 2006. In this case, the CIC held that:

“Through this Order, the Commission now wants to send the message loud and clear that quoting provisions of Section 8 of the RTI Act ad libitum to deny the information requested for, by CPIOs/Appellate Authorities without giving any justification or grounds as to how these provisions are applicable is simply unacceptable and amounts to malafide denial of legitimate information attracting penalties under section 20(1) of the Act.”

Further, the Hon’ble High Court at Delhi, in its judgment in Deputy Commissioner of Police v/s D K Sharma [W. P. (C) 12428/2009 & CM APPL 12874/2009], dated 15-12-2010 held that:

“6. This Court is inclined to concur with the view expressed by the CIC that in W.P. (Civil) 12428/2009 order to deny the information under the RTI Act the authority concerned would have to show a justification with reference to one of the specific clauses under Section 8 (1) of the RTI Act.”

Further, S.8(2) of the RTI Act provides that

“Notwithstanding anything in the Official Secrets Act, 1923 nor any of the exemptions permissible in accordance with sub-section (1), a public authority may allow access to information, if public interest in disclosure outweighs the harm to the protected interests.”

Since our request for information was aimed at furthering public interests and increased transparency in decision making, we requested the legal basis of the order, any legal opinion sought, consultations received or requested and minutes of meetings in which such decision was taken. However, declining access to such information indicates a lack of transparency on part of PIO, NIXI.


The reasons to mandate written approval of CEO, NIXI has not been stated in the original notice published on its website. Further, in response to our RTI request, the PIO has merely stated that [the] “above decision is taken with respect to National Security.” Repeating “national security” as a mantra to defeat transparency, even when not probably emerging from the topic of policy formation, is a growing tendency in decision making.

Further, the PIO has declined our request for access to documentation of the meetings in which such a decision was taken. There is also a lack of clarity on the grounds on which the approval request may be granted or denied. The notice merely mentions that “approval of CEO, NIXI will be provided within 24 hours of submission of the request irrespective of weekly off/ holiday.”

In absence of a written procedure developed without consultation with stakeholders in a non-transparent way indicates public disinterest on part of NIXI. Further, attempts to thwart information sought through right to information requests harms the spirit of the RTI Act, 2005. We have filed a first appeal against the response received to seek clarifications and to further transparency in public interests.

Important documents:

  1. NIXI’s undated notice on bulk booking. (link)
  2. IFF’s RTI request with NIXI dated Jan 13, 2022. (link)
  3. NIXI’s response to our RTI request dated February 10, 2022. (link)

The post was drafted by Gyan Tripathi, a fourth-year law student from Symbiosis International (Deemed University), Pune, and reviewed by IFF staffer Rohin Garg.

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

No place for tech: How digital interventions in NREGA are undermining rural social security

Mandatory digital ‘solutions’ introduced in the NREGA scheme by union and state governments, like Aadhaar-based payments, mobile monitoring apps, facial authentication and surveillance tools, are impinging on workers’ statutory rights and poking holes in the rural social security net.

8 min read

Into IT Standing Committee’s review of action taken by MeitY following its recommendations on citizen data security and privacy

This post breaks down the 55th report of the Standing Committee on Communications and IT, in which the Committee assesses the extent to which its recommendations on citizen data security and privacy were accepted and acted upon by the Ministry of Electronics and IT.

11 min read

Statement: Reportedly, IT Ministry looks to block Proton Mail on request of Tamil Nadu

Reportedly, the E2EE email service Proton Mail has received communication from MeitY regarding a potential block under S.69-A IT Act, at the request of the TN police over a hoax bomb threat sent to private schools in Chennai. 

1 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!