Amber Sinha is a contributing editor at Tech Policy Press.

The internet in India is often celebrated for its scale and diversity. Yet, beneath the veneer of Digital India lies a complex, often invisible, infrastructure of control. For over a decade, civil society and technical researchers have attempted to map the contours of Indian internet censorship. Two significant bodies of work— foundational research by Kushagra Singh, Gurshabad Grover, and Varun Bansal, and the more recent, granular analysis by Karan Saini in “Poisoned Wells: Examining the scale of DNS Censorship in India”—now provide us with a detailed view of this architecture.

Together, these studies suggest that the Indian state’s censorship apparatus is not a centralized “Great Firewall” in the Chinese mold. Instead, it is a decentralized, technically inconsistent, and profoundly opaque system that delegates enforcement to private Internet Service Providers (ISPs). By hijacking the Domain Name System (DNS), the very phonebook of the internet, the Indian state has created a regime of censorship that is pervasive and largely unaccountable.

The scale of DNS manipulation

Saini’s report advances the technical understanding of how the Indian state’s censorship is implemented. While earlier studies focused on the existence of blocks, Saini’s work quantifies the methodology and magnitude.

The report finds systemic reliance on DNS manipulation. When a user enters a URL, the DNS translates that human-readable address into an IP address. Saini’s data demonstrates that Indian ISPs are systematically “poisoning” this process. Instead of returning the correct IP address for a blocked site, ISPs return incorrect records—often pointing to local landing pages that inform the user the site is blocked by government order, or simply failing to resolve the request entirely.

Analyzing over 5,000 domains across major ISPs (including Reliance Jio, Airtel, and BSNL), the study reveals significant variation in implementation. Blocking is not uniform, but occurs across a spectrum of techniques. Some ISPs use DNS injection, where the ISP’s middlebox intercepts a DNS query and injects a fake response before the legitimate response arrives. Others employ packet dropping — where network devices discard data packets from forbidden IP addresses mimicking connection timeouts or outages. The scale and diversity of affected domains—thousands across diverse categories ranging from political speech to file-sharing—suggest that these practices have become a standard administrative tool rather than an exceptional measure.

Building on earlier research

Saini’s work extends earlier research by Grover, Bansal, and Singh, including “How India Censors the Web” and “CensorWatch: On the Implementation of Online Censorship in India.” These studies were the first to document the “heterogeneity of implementation,” showing that a website blocked on a broadband connection in Mumbai might be perfectly accessible on a mobile network in Bangalore.

This variation was not a bug; it was a feature of the Indian regulatory landscape. Because the Department of Telecommunications (DoT) issues blocking orders to hundreds of ISPs without specifying the technical method of blocking, each ISP interprets and implements these orders differently.

While the earlier “CensorWatch” research highlighted the use of SNI (Server Name Indication) blocking and HTTP header inspection, Saini’s research demonstrates that DNS hijacking has become the preferred, low-cost method. If Grover et al. found that the “censor” in India is actually a thousand different ISPs, Saini identifies the specific methods they are using to fulfill their mandates.

Both bodies of research also highlight limited transparency. Under Section 69A of the Information Technology Act and the 2009 Blocking Rules, the process for issuing blocking orders is shrouded in confidentiality. Saini’s report reinforces the argument by Grover et al. that this legal opacity is compounded by technical obfuscation. When an ISP hijacks a DNS query, the user is often left with a timeout error rather than a clear notice of government action. This “silent blocking” complicates efforts to distinguish between a technical glitch and state-mandated censorship.

Decentralized authoritarianism

The research suggests that India’s approach differs from the models seen in most other countries, including both liberal democracies and traditional autocracies. This “Indian model”, if it may be called so, is characterized by three distinct attributes: delegated enforcement, technical inconsistency, and the absence of a centralized blacklist.

Most authoritarian regimes like China or Iran utilize a centralized gateway—a choke point through which all international traffic must pass. This allows for uniform, state-controlled filtering at the backbone level. In contrast, India’s model is one of delegated enforcement. The state issues secret orders, and the burden of execution falls on private entities. As Saini and Grover both show, this transforms private ISPs into the state’s deputized censors, where the technical infrastructure of a private company is weaponized against its own customers, often without a clear legal contract or any public accountability.

In most countries, censorship is more predictable and consistent. If a site is blocked in Turkey or Russia, it is generally blocked nationwide. The Indian Internet, on the other hand, is a fragmented reality. This inconsistency serves as a hedge against legal challenges; it is difficult to litigate a block when the evidence of that block varies from one street corner to the next. This distributed nature makes the censorship regime more resilient to centralized bypass tools and harder for international monitors to quantify.

In addition, unlike many democracies that maintain some judicial or parliamentary oversight over internet shutdowns or blocks, the Indian system is uniquely insulated. The 2009 Blocking Rules contain a confidentiality clause that prevents ISPs from sharing the blocking orders they receive. Saini’s report on DNS hijacking shows how this legal secrecy is mirrored in the technical realm. By returning incorrect DNS results, ISPs provide the state with plausible deniability. The user cannot prove they are being censored, and the ISP cannot admit they are censoring without violating the law.

Reclaiming DNS

Taken together, these findings present a sobering challenge to the future of the open internet in India. The “poisoning” of the DNS is not merely a technical annoyance; it is a governance concern. Altering DNS responses affects a foundational layer of internet infrastructure, with dangerous implications for transparency and user trust.

Emerging technologies such as encrypted SNI and DNS-over-HTTPS (DoH) may alter the battle lines, making state-mandated DNS hijacking more difficult and increasing user privacy. However, technical solutions alone cannot fix a systemic policy failure. The Indian model of censorship thrives on the lack of a public, searchable database of blocked domains and the absence of judicial review for blocking orders. Absent a transparent, reasoned, and uniform regulatory process, the Indian internet will likely remain an opaque, fragmented and heavily censored landscape.