If the government takes any action against an individual or an entity, there should be due process. If the government wants to ban a website, it should clearly state why it is doing so, and what provisions of the law make it possible. And the owners of that website should have a right of appeal.
If you plough through all the citizen-friendly sounding stuff that this team is supposed to do, you will hit upon this clause: “For carrying out its functions prescribed in section 70 (B) of the Act, CERT-IN may seek information and give directions for compliance to the service providers, intermediaries, data centres, body corporate and any other person, as may be necessary.” This innocuous body can order your service provider to cough up any data it wants. And what level of officer can do this? Any officer of CERT-IN, not below the rank of Deputy Secretary to the Government of India. Again, the defence is that this clause only relates to cyber security. The rules empowering CERT-IN are drafted by the organisation itself. Talk of giving yourself powers because you are making the rules!