Much has been written and spoken about the new Information Technology (Intermediaries Guidelines and Digital Media Ethic Code) Rules, 2021. Through this article we unravel the scope and ambit of these Rules and the lacunae in them.

 The Central Government vide notification dated February 25th, 2021 enacted the Information Technology (Intermediaries Guidelines and Digital Media Ethic Code) Rules, 2021 (hereinafter referred to as the "2021 Rules"). These 2021 Rules have been passed in supersession to the Information Technology (Intermediaries Guidelines) Rules 20111.

The 2021 Rules dynamically change the technology regulation space. Vide the new Rules, several duties and guidelines have been casted upon the- "Intermediaries" which are entities that store or transmit data on behalf of other persons without any input. Thus, the Intermediaries comprise of internet or telecom service providers; online marketplaces, and social media platforms. Amongst the guidelines the primary focus is on due diligence by Intermediaries. The due diligence encompasses within its scope the duties of the Intermediaries such as: Informing the users about rules and regulations, privacy policy, and terms and conditions for usage of its services; blocking the access to unlawful content within 36 hours upon a Court order or an order from the government; and retaining information of users collected at the time of registration for 180 days after cancellation or withdrawal of registration. 2Further, a provision regarding reporting of cybersecurity incidents has been casted upon the Intermediaries to the Indian Computer Emergency Response Team.

While due-diligence has been emphasised profusely under the 2021 Rules. The other aspects of the Rules include, a three step grievance redressal system, code of ethics to be followed for digital media publishers, blocking content incase of emergency and lastly, the most controversial aspect which is identifying the first originator of information by Intermediaries particularly providing messaging services. The crucial aspect of this is, the Intermediaries providing messaging services use end-to-end encryption for protecting the privacy of their users and providing a free space for communication and expression. However, with identifying the first originator the primary concern pertains to privacy of the users. Another aspect which is of concern is that as per the 2021 Rules, the first originator if is not located in India, then the user who first transmits the same information within India would be deemed to be the first originator. This aspect of the Rules, raises serious threats to the privacy of individuals/users not just in India but also globally. 

The other aspect of these 2021 Rules is the enormous burden casted upon Intermediaries. Furthermore, the Intermediaries have been casted with the obligation to engage compliance officers and grievance redressal officers. While imposing these obligations the economic impact of the due-diligence practices and such officers has not been given due consideration. The Intermediaries have been put under strict regulation and the consequence of non-compliance is the threat of losing their privileges under section 79 of the IT Act. Section 79 of the IT Act, grants immunity to the Intermediaries from any kind of liability for content posted on their platform by any third party. Thus, losing this immunity puts the Intermediaries for risk of prosecution for any content posted on their platform by any user/third party.

The 2021 Rules are facing a heavy backlash from not just the Intermediaries but also citizens fearing their right to privacy being breached along with their right to freedom of speech and expression being curtailed. Whatsapp LLC in their Writ Petition before the Hon'ble Delhi High Court have challenged the vires of Rule 4(2) of the 2021 Rules which pertains to the disclosure of information regarding first originator. Messaging platforms like Whatsapp use end-to-end encryption, thus securing the privacy of its users. In their Writ Petition Whatsapp claims that Rule 4(2) breaches its fundamental functions of securing privacy and that the messages or calls from a sender can only be decrypted by the Recipient of the same. Thus, identifying the first originator would not only amount to breach of privacy but gravely and irrevocably violate the right to freedom of speech and expression guaranteed under Article 19 of the Constitution of India, 1950. While the arguments on behalf of Whatsapp LLC seem sound, the Government of India is relying upon several judgments of the Hon'ble Supreme Court and primarily on K.S. Puttaswamy and Anr. Vs. Union of India3. By virtue of this 9 judge bench judgment of the Hon'ble Apex Court, the right to privacy is not absolute and can be breached by the State in the interest of national security and other reasonable restrictions. Thus, the Government of India, justifies the vires of Rule 4(2) under reasonable restrictions. The Petition of Whatsapp is sub-judice.

While regulating the ever growing social and media forums in a democracy is pivotal, however, given the current scenario and the sensitivity to various kinds of content, the regulatory mechanisms with a scope of strong governmental push-back might hamper not only the creativity and freedom of expression but would inevitably result in an operational nightmare. The balancing act of securing national security and at the same time providing privacy to citizens and individuals along with freedoms of speech and expression is no doubt diaphanous, however, the same shall be the goal of implementation and spirit of the 2021 Rules.



2. Rule 3 (1) (a) and (b) of Information Technology (Intermediaries Guidelines and Digital Media Ethic Code) Rules 2021.

3. (2017)10 SCC 1

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.