Rs 99 for a Child Abuse Video.
Instagram Ran the Ad.
Now India Is Summoning Meta.
A BBC Eye investigation, published July 3, 2026, found that Instagram’s own advertising system had approved and displayed paid ads pointing users toward child sexual abuse material. Reporters built a test account in India, followed ten women posting ordinary lifestyle content, and within days were being served ads using search terms like “rape video” and “child video” that linked to Telegram channels selling the material for as little as Rs 99 — about a dollar.
Within hours of the report, India’s Ministry of Electronics and Information Technology (MeitY) moved. Union IT Minister Ashwini Vaishnaw directed his officials to summon Meta’s executives “in person” and demand a formal explanation — the government’s second enforcement action against the company in a single week, after a July 1 notice ordering WhatsApp to pause its new usernames feature over fraud concerns.
Meta told the BBC the material was a “horrific crime” and that it had disabled the flagged ads, suspended the accounts behind them, and blocked the linked URLs — but only after BBC journalists contacted the company directly. Instagram’s automated review had initially told the BBC one of the reported ads “does not go against our community standards.”
- Rs 99 (~$1) price Telegram channels charged for videos linked from paid Instagram ads flagged by the BBC — BBC Eye investigation, July 3, 2026
- 30 unique ads promoting child sexual abuse material served to a single BBC test account in under two weeks — BBC Eye investigation, July 3, 2026
- 2nd MeitY enforcement action against Meta in a single week, after a July 1 notice pausing WhatsApp's usernames feature — ANI · Medianama, July 2026
- 500M+ WhatsApp users in India, Meta's single largest national market, and the audience regulators are protecting — Bloomberg, June 24, 2026
The investigation, reported by BBC correspondent Divya Arya, was methodical rather than accidental. Reporters created a test Instagram account in India and followed ten women whose posts — food, weather, everyday life — used suggestive language and imagery, then watched what the recommendation and ad system surfaced next. Within a week, the account was being served ads for adult video calls and explicit content between adults. Days later, the ads escalated: children with adults in sexually suggestive situations, some ads specifying the ages of the people depicted, all linking out to Telegram channels.
Over the course of the test, the account was served roughly 30 unique ads promoting child sexual abuse material, some repeated across multiple accounts, alongside about 20 further ads for explicit adult content. The ads used search terms including “rape video” and “child video” and pointed to Telegram channels where the material was offered for as little as Rs 99. When the BBC reported one ad through Instagram’s own in-app tool, the platform responded 24 hours later that its review team had found the ad “does not go against our community standards.” It was only once BBC journalists approached Meta directly, on the record, that the company disabled a number of the ads, suspended the accounts running them, and blocked the associated Telegram links.

India’s response was fast and public. Union IT Minister Ashwini Vaishnaw directed MeitY officials to summon Meta and seek a detailed explanation of how the ads were approved, what corrective action the company had taken, and what safeguards it plans going forward. An IT ministry official put it directly to reporters.
“We have taken note of the reports that have alleged that there was inaction from Meta, despite being made aware of ads that contained CSAM, offensive and illegal search words. We have sought an explanation from them and asked their executives to appear in person.”
— IT ministry official, quoted by Bloomberg and Onmanorama, July 3–4, 2026
The CSAM summons did not arrive in isolation. Two days earlier, on July 1, 2026, MeitY had issued a formal notice ordering WhatsApp to pause the rollout of a new usernames feature — letting users message contacts without sharing a phone number — warning it “may materially increase the incidence of online fraud, phishing, digital arrest scams and impersonation attacks.” MeitY Secretary S Krishnan separately told reporters that “usernames are another dimension of cybercrimes,” and the ministry went on to question similar features at Signal, Telegram, and Zoho’s Arattai.
Central Government has issued notice to Meta regarding roll-out of the 'usernames' feature on WhatsApp in India. The notice reads, '...It is felt that the feature may materially increase the incidence of online fraud, phishing, digital arrest scams and impersonation attacks...'
The Centre has asked Meta to pause WhatsApp's username rollout in India just a day after the feature was announced. The government has sought an explanation within three days, citing concerns over impersonation, identity fraud, data sharing across Meta apps and compliance requirements.
Two Meta products, two separate MeitY actions, four days apart. Read together, they describe a regulator that has stopped treating Meta’s product decisions as routine and started treating them as things the government gets to question before they ship.
Modi Government Tightens Scrutiny: After WhatsApp & Telegram, Now Instagram...! IT Minister has directed MeitY officials to SUMMON Meta over Instagram ads allegedly promoting child sexual abuse material in India. MeitY will seek an explanation from Meta over the issue.
Meta’s public position moved in two stages. Before the BBC named the company for comment, Instagram’s automated review process cleared the flagged ad as compliant. After the BBC sought an on-the-record response, Meta reversed course: it called child exploitation “a horrific crime,” said it had disabled several ads, suspended the accounts posting them, removed additional violating content, and blocked the linked URLs.
A Meta spokesperson said the company has a “zero-tolerance policy” for soliciting or sharing CSAM, including in ads, and that it uses “a combination of artificial intelligence, automated detection systems, specialist review teams, and partnerships with organisations such as the National Center for Missing & Exploited Children (NCMEC)” to find and remove it. The company’s own qualifier is the one regulators keep returning to: “no system is perfect, and our review process may not detect all policy violations.”
“Because they are not responsibly guiding and controlling it and it is just pursuing the goals of revenue and clicks, it will create these outcomes. The company has dramatically underinvested in keeping people safe.”
Brian Boland, former Facebook VP of Partnerships (2011–2020) — to the BBC
Boland’s point is the one that separates this episode from a routine content-moderation failure. The ads at issue were not user posts that slipped past a review queue — they were paid placements that passed through Instagram’s ad-approval pipeline, the same system built to review content before it is monetized and shown at scale. Meta was not just slow to remove the material. Its own system approved it first.

India does not lack law here; it lacks a track record of applying it to platforms at scale. Publishing or transmitting material depicting children in sexually explicit acts is a standalone criminal offense under Section 67B of the Information Technology Act, 2000 — up to five years’ imprisonment and a fine of up to Rs 10 lakh on a first conviction, rising to seven years on a repeat conviction; the offense is cognizable and non-bailable. Separately, Section 19 of the POCSO Act requires anyone with knowledge of such material, including platforms, to report it to local police or the Special Juvenile Police Unit.
A September 2024 Supreme Court ruling closed a gap platforms had relied on. In what is now referred to as the “Just Rights” judgment, the Court held that an intermediary cannot claim to have discharged its POCSO Section 19 reporting duty by routing reports solely through its NCMEC arrangement — and that a platform cannot claim safe harbor under Section 79 of the IT Act unless it also meets its domestic due-diligence obligations, including reporting CSAM to Indian authorities directly. Meta’s standard defense — that it reports to NCMEC — no longer settles the question of whether it has met its obligations under Indian law.
India’s amended IT Rules, notified February 10 and effective February 20, 2026, carved out a separate, faster takedown clock for the most sensitive content categories — non-consensual deepfake nudity and child sexual abuse material — requiring intermediaries to act within two hours of a valid notice, down from the general 24-to-72-hour window that applies to other unlawful content.
The amendment also requires platforms hosting AI-generated audio-visual content to embed provenance metadata and use automated technical measures to prevent the generation or circulation of CSAM in the first place — not just remove it after the fact.
This is not the government’s first pass at the platforms on this exact issue. In October 2023, MeitY sent notices to X, YouTube, and Telegram warning them to remove CSAM from their services. What is new in July 2026 is the target — Meta’s own paid advertising infrastructure, not user-generated content — and the fact that Meta may have been paid to run the ads in question.
Retired Supreme Court Justice Madan Lokur went further than the government’s own statement, telling the BBC that the Court itself should intervene without waiting for a petition.
“Making money by participating in a criminal activity is deeply concerning. This is a serious enough issue for the Supreme Court of India to take suo moto cognisance and get the government to act against any social media platform. The platform cannot, cannot shirk its responsibility.”
Justice Madan Lokur (Ret.), Supreme Court of India — to the BBC, July 2026
Not every reaction has been aimed at Meta. The Internet Freedom Foundation, an Indian digital-rights group that has pushed back on government platform orders before, questioned the legal basis of the separate WhatsApp usernames notice issued that same week — arguing it had “no clear basis in law” and amounted to “an attempt by the executive to decide what a company may build and ship, which no statute permits.” The distinction matters for reading this story accurately: the government’s CSAM summons rests on an alleged due-diligence failure with a specific statutory basis in the IT Act and POCSO; the WhatsApp usernames notice, issued in the same week by the same ministry, has already drawn skepticism over how far that authority actually extends.
India is not the first jurisdiction pressing Meta on child safety, and it will not be the last. The European Commission opened formal Digital Services Act proceedings against Meta over the protection of minors on Facebook and Instagram in May 2024, and in 2026 issued a preliminary finding that Meta had breached the DSA by failing to keep children under 13 off the platforms — the Commission estimates 10–12% of EU children under 13 may still be using them. The DSA allows fines of up to 6% of a company’s global annual revenue; against Meta’s roughly $201 billion in 2025 revenue, that ceiling works out to about $12,060,000,000.
In the UK, Ofcom has been running its own pressure campaign under the Online Safety Act, writing to Meta, Snap, Roblox, TikTok, and YouTube to demand proof of genuine child-protection commitments; Meta and Snap have since agreed to new anti-grooming measures, and Ofcom has laid out a five-point plan that keeps enforcement power in reserve. None of this is abstract at scale: the National Center for Missing & Exploited Children received 21.3 million CyberTipline reports in 2025 covering more than 61.8 million images, videos, and files tied to suspected child sexual exploitation — including a 156% jump in online-enticement reports and more than 182,000 reports involving generative-AI-produced CSAM.
Telegram, the destination for the ads the BBC found, says it removed more than 274,000 groups and channels linked to child sexual abuse content in 2026 — though the BBC noted that at least one flagged channel remained reachable after being reported. The pattern across every jurisdiction is the same: platforms point to enforcement volume as proof of effort, and regulators point to what still gets through as proof it isn’t enough. Instagram’s ad-approval system approving CSAM-linked ads in the first place is, in that sense, the sharpest version yet of an argument regulators in Brussels, London, and now New Delhi have all been making independently.
A BBC test account in India was served roughly 30 ads promoting child sexual abuse material, some linking to Telegram channels selling videos for Rs 99. Instagram’s own ad-review system approved those ads before anyone reported them. India’s IT Ministry, acting on Minister Ashwini Vaishnaw’s directive, summoned Meta’s executives within hours of the report — the second action against the company that week, after a July 1 order pausing WhatsApp’s usernames feature. Meta calls the material a “horrific crime” and says its systems aren’t perfect. A retired Supreme Court justice says the Court shouldn’t wait to find out. No date for the Meta–MeitY meeting has been made public, and whether it ends in a formal notice, a fine, or a written explanation is still an open question — one that will be decided under an IT Rules framework India tightened just months before the BBC found the ads that triggered it.
Tier 1: Bloomberg’s original report, ANI’s wire coverage (the closest available record of the Indian government’s own account, since no PIB press release had been published on this specific summons at the time of writing), and the European Commission and Ofcom’s own enforcement records. Tier 2: Business Standard, Medianama, The Tribune, Onmanorama, The South First, Newslaundry, and The Register. Tier 3: StartupTalky and legal analyses of India’s IT Rules. This story reports the fact of the government’s enforcement action and Meta’s public statements only — it does not reproduce, describe, or link to any of the advertising or content at issue. No date for the Meta-MeitY meeting had been made public at the time of publication; whether the summons results in a formal notice, a penalty, or a documented explanation was not yet known.

