Introduction

The Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013 (commonly known as the POSH Act) was enacted to ensure a safe, secure, and dignified working environment for women in India. Its primary purpose is to prevent and address cases of sexual harassment at workplaces while establishing a clear redressal mechanism through the Internal Committee (IC) or Local Committee (LC).

One of the most sensitive aspects under the Act is the need to balance confidentiality with cooperation in legal investigations. While the law demands strict confidentiality to protect the dignity and privacy of all parties involved, employers and IC members may also face situations where they are required to share information with law enforcement agencies. Striking this balance is crucial to uphold fairness, prevent victim shaming, and ensure justice.

Confidentiality Obligations under the POSH Act

Section 16 of the POSH Act

Section 16 explicitly mandates that the identity of the complainant, respondent, and witnesses, along with details of the inquiry proceedings and recommendations, must not be published, communicated, or disclosed to the public, media, or any third party. The purpose is to safeguard the victim’s dignity and prevent social stigma or retaliation that often follows disclosure.

Who is Bound by Confidentiality?

1. Employer – Responsible for ensuring that workplace-level information is not leaked. Any public disclosure by HR, management, or senior officials can lead to liability.
2. Internal Committee (IC) Members – Since they directly handle complaints, they are under the strictest duty to maintain confidentiality during and after the inquiry.
3. Complainant (Aggrieved Woman) – Although primarily protected, the complainant is also expected to maintain discretion to avoid influencing the inquiry or externalizing proceedings prematurely.
4. Respondent (Accused) – The alleged harasser must also respect confidentiality to prevent defamation or intimidation of the complainant and witnesses.
5. Witnesses – Individuals providing evidence are bound to secrecy to maintain the integrity of proceedings and prevent tampering.

Consequences of Breach

A breach of confidentiality under Section 16 carries serious repercussions:

• Monetary Penalties: Employers or individuals may face fines as prescribed by service rules or company policies.
• Employment Consequences: Employees who breach confidentiality may be subjected to disciplinary actions including suspension or termination.
• Legal Consequences: Courts have recognized breaches as actionable, and it may invite contempt or defamation proceedings.
• Impact on Inquiry Integrity: Disclosure can cause intimidation of witnesses, bias the inquiry process, or force complainants to withdraw complaints due to external pressure.

When Police Involvement Becomes Necessary

Criminal Nature of Sexual Harassment Cases

The POSH Act, 2013 was enacted as a civil legislation with the primary objective of preventing sexual harassment in the workplace, ensuring redressal through the Internal Committee (IC), and creating safe work environments. However, certain acts of sexual harassment may not remain within the civil framework alone, as they often overlap with criminal offences under the Indian Penal Code (IPC). For instance, while inappropriate remarks or minor misconduct may be addressed internally, more serious forms of harassment—like physical assault, stalking, or sexual advances by force—require the intervention of criminal law.

Relevant IPC Provisions

Several provisions of the IPC come into play when the misconduct escalates to criminality:

• Section 354 IPC – Assault or use of criminal force against a woman with intent to outrage her modesty.
• Section 354A IPC – Defines sexual harassment as a criminal offence and prescribes punishment for physical contact, unwelcome advances, demand for sexual favors, showing pornography, or making sexually colored remarks.
• Section 354D IPC – Criminalizes stalking, which may overlap with harassment in professional or workplace contexts.
• Section 509 IPC – Punishment for words, gestures, or acts intended to insult the modesty of a woman.
• Section 376 IPC – In extreme cases where sexual assault or rape occurs, POSH provisions must give way to criminal investigation under rape laws.

Circumstances Requiring FIR

While the IC is empowered to conduct an internal inquiry, there are circumstances where filing a First Information Report (FIR) becomes mandatory:

• When the complainant herself requests criminal action in addition to the IC inquiry.
• When the alleged misconduct falls squarely under a cognizable offence (e.g., physical assault, attempted rape, stalking).
• When the IC, after preliminary findings, concludes that the complaint discloses a prima facie case under IPC.
• When the employer or IC is duty-bound under law to report, especially in cases of serious offences like sexual assault.

Thus, the civil inquiry under POSH does not preclude criminal action. Instead, both processes can run in parallel—internal redressal through POSH, and penal consequences through criminal law.

Dilemma: Confidentiality vs. Legal Duty

The Conflict

The POSH Act under Section 16 imposes strict confidentiality on all proceedings—parties, witnesses, IC members, and employers are prohibited from disclosing details of the complaint, inquiry, or findings. At the same time, the Code of Criminal Procedure (CrPC) obliges reporting and cooperation with police authorities when a cognizable offence is disclosed.

This creates a practical and legal conflict:

• On one hand, maintaining confidentiality is vital to protect the complainant’s dignity and ensure a safe reporting environment.
• On the other hand, withholding information in cases of criminal conduct may amount to obstruction of justice or dereliction of legal duty.

Judicial Observations and Evolving Practices

Indian courts have, on multiple occasions, recognized this tension between confidentiality and legal obligations. Some key points include:Courts have emphasized that POSH confidentiality cannot override criminal law. If the offence falls within IPC provisions, police must be informed.

• At the same time, the identity of the complainant must be protected under Section 228A IPC, which criminalizes disclosure of the identity of sexual assault victims.
• Judicial practice is evolving toward a balanced approach—employers and ICs are expected to share necessary information with police while ensuring minimal disclosure and safeguarding sensitive details.
• In some cases, High Courts have observed that parallel proceedings (IC inquiry and criminal investigation) can coexist, and one does not negate the other.

Emerging Best Practices

• Employers should frame policies that clearly distinguish between cases fit for internal resolution and those requiring mandatory police reporting.
• ICs must adopt a measured disclosure approach—providing only what is necessary to aid investigation while shielding unnecessary exposure of sensitive details.
• Close consultation with legal counsel is advisable whenever such a conflict arises, to ensure both compliance with POSH confidentiality and adherence to CrPC obligations.

Procedure for Employers and ICs During Police Cooperation

When an Internal Committee (IC) or employer is faced with a police investigation in a case of workplace sexual harassment, a fine balance must be maintained between confidentiality obligations under the POSH Act and the statutory duty to assist law enforcement. The procedure involves the following key considerations:

How to Share Information Lawfully

• The POSH Act (Section 16) restricts disclosure of complaint details to preserve privacy. However, when police require information under the Criminal Procedure Code (CrPC), employers and ICs are legally bound to cooperate.
• Information must be shared only through official written requests from police authorities. This ensures a lawful basis for disclosure.
• Employers should ideally keep a record of all disclosures to show compliance and prevent misuse of information.

Role of Complainant’s Consent

• While law permits police to act without complainant’s approval in certain cases (cognizable offences), ICs and employers are encouraged to obtain written consent from the aggrieved woman before disclosing sensitive documents like the complaint or inquiry report.
• This not only respects the survivor’s autonomy but also safeguards the employer from future allegations of breach of trust.

Providing Documents Without Disclosing Beyond Necessity

• Only the documents explicitly asked for by police should be shared—such as the written complaint, witness statements, and IC findings.
• Employers and ICs should avoid voluntary sharing of internal communications, informal discussions, or confidential deliberations.
• Sensitive data (names, addresses of witnesses, etc.) should be masked or shared in-camera if possible, to reduce risks of victim-blaming or retaliation.

Maintaining Internal Confidentiality During External Cooperation

• Even while assisting police, confidentiality within the organization must remain intact.
• IC members, HR personnel, and management must refrain from informal disclosures to staff, media, or third parties.
• Communication should be centralized through the employer or IC Presiding Officer, ensuring controlled flow of information.
• Awareness sessions should be conducted within the organization to assure employees that confidentiality is being respected, even when external legal processes are ongoing.

Judicial Interpretation & Case Law

Indian courts have played a crucial role in clarifying the tension between confidentiality under POSH and the duty to cooperate with criminal investigations. Several rulings provide guidance:

Global Health Pvt. Ltd. v. Local Complaints Committee (Delhi HC, 2017)

• The court stressed that confidentiality is a statutory mandate under Section 16.
• However, disclosure of documents to appropriate legal authorities does not amount to breach if done in good faith and legal necessity.

Saurabh Kumar Mallick v. Comptroller & Auditor General of India (Delhi HC, 2008)

• Though pre-POSH Act, this case emphasized that workplace sexual harassment is both a disciplinary matter and a criminal offence.
• Employers must not shield perpetrators under the garb of internal confidentiality when the law requires reporting.

Union of India (various HC references)

• Courts have often observed that confidentiality should not become an obstacle in the administration of justice.
• The survivor’s dignity and privacy must be protected, but criminal law obligations under IPC and CrPC prevail where serious offences are alleged.

Guidelines Emerging from Judiciary

• Minimal disclosure principle – share only what is necessary with investigating agencies.
• Good faith protection – disclosures made under compulsion of law are not punishable breaches of confidentiality.
• Victim-centric approach – courts consistently stress balancing police cooperation with survivor’s privacy, ensuring the latter is not compromised unnecessarily.

Best Practices for Employers and Internal Committees (ICs)

1. Drafting Internal Policies on Confidentiality: Employers must create comprehensive internal policies that clearly outline how confidentiality will be maintained in cases of sexual harassment. These policies should specify:
   • The scope of confidentiality under Section 16 of the POSH Act.
   • Who has authorized access to investigation-related documents.
   • The manner in which records, digital files, and witness statements will be secured.
   • Consequences of breaching confidentiality by employees or committee members.
     Policies should also integrate data protection principles, ensuring that sensitive information is not mishandled.
2. Training Internal Committee (IC) Members: IC members play a critical role in balancing justice with confidentiality. Regular training sessions should cover:
   • Legal obligations under the POSH Act and IPC.
   • Procedures for evidence collection, record-keeping, and cooperation with police.
   • Sensitization on trauma-informed approaches to avoid secondary victimization of the complainant.
   • Ethical standards of handling sensitive digital communication like emails, messages, and recordings.
3. Documentation Safeguards: Employers should adopt a system of secure documentation and record-keeping:
   • Use of encrypted storage for digital files.
   • Restricting access only to IC members and authorized HR/legal personnel.
   • Maintaining detailed logs of who accessed documents and for what purpose.
   • Clear retention and disposal policy for case records, ensuring they are destroyed after the legally prescribed period.
4. Coordinating with Law Enforcement Responsibly: When FIRs are registered and police involvement becomes inevitable, employers and ICs must:
   • Share information only to the extent required by law.
   • Seek the complainant’s consent wherever possible before handing over sensitive documents, unless mandated otherwise.
   • Provide certified copies of relevant documents without disclosing unrelated internal deliberations.
   • Designate a single point of contact (SPOC) within the organization to liaise with law enforcement to prevent confusion and over-disclosure.

Challenges in Practice

1. Media Involvement and Leaks: High-profile cases often attract media attention. Any leak of internal findings or complainant details can harm both the investigation and reputations involved. Organizations must therefore:
   • Impose strict non-disclosure obligations on all parties.
   • Avoid public statements except those legally mandated.
   • Create a media-handling protocol to respond factually without breaching confidentiality.
2. Employee Fear of Retaliation: Many employees hesitate to report harassment due to fear of professional backlash. Challenges include:
   • Complainants fearing career stagnation or termination.
   • Witnesses avoiding cooperation due to peer pressure.
     Employers must establish whistleblower protections, assure non-retaliation policies, and demonstrate accountability by taking strict action against retaliatory conduct.
3. Handling Sensitive Digital Evidence: With harassment often occurring through digital platforms, ICs face unique challenges:
   • Managing and verifying authenticity of emails, chats, or recordings.
   • Protecting complainant’s digital privacy while sharing necessary evidence with authorities.
   • Ensuring that forensic copies are preserved when required by courts or police.
     Best practices include use of secure IT protocols, hiring digital forensic experts when necessary, and keeping digital evidence sealed until officially required.

Practical Examples

1. Banking & Corporate Sector Cases

• Example: In several large banks, Internal Committees (ICs) have faced cases where senior executives were accused of harassment. Due to high public visibility, confidentiality became critical. In one instance, an employee complaint led to both IC proceedings and a parallel FIR under Sections 354A and 509 IPC. The IC maintained confidentiality by restricting access to witness statements, while only providing required documents to the police. This ensured compliance with Section 16 of the POSH Act while cooperating with criminal investigations.
• Learning: Corporates should build clear SOPs where HR, legal, and IC members coordinate on how much information can be shared externally while safeguarding employee identities.

2. Universities & Academic Institutions

• Example: Universities often deal with cases involving students and faculty. In one case at a reputed university, a female student accused a professor of harassment. The IC conducted its inquiry confidentially but when the student approached the police, the FIR required documentary support. The IC provided its report only after redacting sensitive details and ensured no names were leaked to the press.
• Learning: Academic institutions should create student-sensitive redaction protocols, ensuring that vulnerable complainants are protected from further trauma.

3. Public Sector Undertakings (PSUs)

• Example: In government-owned undertakings, sexual harassment cases are more complex due to bureaucratic layers. A PSU employee’s complaint was forwarded to the IC and simultaneously reached the vigilance department. The IC had to carefully balance between disciplinary action under service rules and cooperation with criminal investigation under IPC. Media interest in the case risked breaching confidentiality, and the employer was warned by the court for premature disclosures.
• Learning: PSUs must train their ICs in dual compliance—following both service conduct rules and POSH Act requirements, while maintaining strict control over information flow.

Conclusion

Balancing confidentiality under Section 16 of the POSH Act with the legal obligation to cooperate with police investigations is one of the most sensitive challenges faced by employers and ICs. On one hand, confidentiality ensures trust in the system, prevents workplace stigma, and protects witnesses. On the other, non-cooperation with law enforcement in cases involving IPC provisions like Sections 354, 354A, and 509 may result in obstruction of justice.

The right balance can be achieved through:

1. Internal Policies & Training – Clear guidelines on confidentiality, redaction methods, and limits of disclosure.
2. Complainant-Centric Approach – Respecting the victim’s consent and autonomy in deciding the course of criminal proceedings.
3. Controlled Information Sharing – Sharing only the essential parts of IC reports and documents with police while ensuring anonymity in internal communications.
4. Judicially Guided Practices – Following court precedents that emphasize both confidentiality and due process in evidence-sharing.

Ultimately, POSH compliance must not be seen in isolation but as part of a broader workplace safety and legal risk management framework. Protecting confidentiality while ensuring accountability strengthens the credibility of organizations, safeguards employees, and upholds the integrity of justice.