India’s telecommunications regulator has rolled out rules designed to protect the country’s critical infrastructure networks from cyberthreats, but experts warn that the new guidelines have inadequate safeguards for users’ fundamental privacy rights.