The Internet is one of the most powerful instruments of the 21st century for increasing transparency in access to information, and for facilitating active citizen participation in building democratic societies. As such, facilitating access to the internet for all individuals, with as little restriction to online content as possible, should be a priority for all States. The hon'ble Supreme Court in a suo-moto writ petition (Prajwala, vs Union Of India)1 had observed that the Government of India may frame necessary guidelines to eliminate child pornography, rape and gangrape imageries, videos and sites in content hosting platforms and other applications and further directed the Ministry of Electronics and Information Technology to apprise the timeline in respect of completing the process of notifying the new rules.
Brief about the IT Act and the Rules
The IT Act, 20002 was formed to provide legal recognition to electronic transaction popularly referred to as Electronic Commerce based on model law on electronic commerce adopted by United Nations Commission on International Trade Law (UNCITRAL). Section 793 of the Act provided for limited exemption from liability to any network service provider (defined as Intermediary) for any third-party information or data available if the intermediary proves that the offence or contravention was committed without its knowledge or that it had exercised all due diligence to prevent the commission of such offence or contravention. Section 694 authorizes GoI to intercept , monitor, encrypt and decrypt and block data at its discretion. The Ministry of Electronics and Technology (MIET) and Ministry of Information and Broadcasting (MIB), on 25.02.2021 notified the IT Rules and Digital Ethics Code, 2021.
In respect of Over-the-Top Platforms or curated content, the government in its press release has expressed the view that there have been widespread concerns about the issues relating to digital content both on digital media and OTT Platforms or certifications. However, since then, MEIT and the MIB decided to notify the OTT Regulation and Code of Ethics for Digital Media along with the Intermediary Guidelines, 2021, without any consultation with the relevant stakeholders. This is in contravention of the Government of India's Pre-Legislative Consultation Policy5 which prescribes that the department/ministry must release the draft legislation in public domain, the key provisions to be explained in simpler language etc. for at least a minimum period of 30 days.
Additional Due Diligence
There is additional due diligence for significant social media intermediaries under the New Rules which consist of:
- Need to appoint Chief Compliance Officer, a Nodal Contact Person and a Resident Grievance Officer, all of whom should be resident in India
- Need to publish a monthly compliance report mentioning the details of complaints received and action taken on the complaints as well as details of contents removed proactively
- Significant social media intermediaries providing services primarily in the nature of messaging shall enable identification of the first originator of the information which shall be required only for the purposes of prevention, detection, investigation, prosecution or punishment of an offence related to sovereignty and integrity of India, the security of the state, friendly relations with foreign states, or public order; Or of incitement to an offence relating to the above or in relation with rape, sexually explicit material or child sexual abuse material punishable with imprisonment for a term of not less than five years
- An intermediary upon receiving actual knowledge in the form of an order by a court or being notified by the appropriate government or its agencies through authorized officer should not host or publish any information which is prohibited under any law in relation to the interest of the sovereignty and integrity of India, public order, friendly relations with foreign countries etc.
Issue of Traceability
While the Intermediaries Rules clarify that traceability order may only be passed for serious offences, some categories are open-ended. For instance, "public order" grounds are relatively broad in operation and can give rise to many demands. The Intermediaries Rules also clarify that in doing so, the significant social media intermediary shall not be required to disclose the contents of any electronic message, any other information related to the first originator, or any information related to its other users. However, the Information Technology Decryption Rules contain powers to make demands for the message content. If used together, the government will break any type of end-to-end encryption to gain knowledge of who sent what message and also get to know its contents. Also, this specific requirement will break existing protocols for the deployment of end-to-end encryption that has been built through rigorous cybersecurity testing over the years! Significant social media intermediaries are now also required to develop and deploy technology-based measures. These include automated tools or other mechanisms to proactively identify information that depicts any act or simulation in any form depicting rape, child sexual abuse or conduct.6
The Justice Shrikrishna Committee Report on data protection had criticized the government for mandating low encryption standards in licence agreements with telecom service provides. This author thinks that consultation from technical experts should have been taken to understand encryption standards and its importance. The issue of traceability of originators of information on messaging platforms is also the subject of litigation before the Supreme Court7 . This case originated as a PIL before the Madras High Court seeking linking of Aadhaar with social media accounts. However, during the course of hearings before the Madras High Court, the focus shifted to traceability of originators of information on end-to-end encrypted platforms such as WhatsApp, and the case was later transferred to the Supreme Court.
Section 69A of the IT Act, 2000, allows the central government to block public access to an intermediary "in the interest of sovereignty and integrity of India, defence of India, security of the state, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognisable offence relating to above".
Everyone is aware that recently twitter accounts were blocked. A total of 250 tweets/accounts were withheld, but now all of them have been restored. This was, however, not the first time such a step was taken under Section 69A. In February 2019, Jio users were reportedly unable to use sites like Indian Kanoon, Reddit and Telegram, all of which were blocked on government orders under the same section. 59 Chinese apps, including TikTok, UC Browser and Cam Scanner, were blocked under this section after the deadly Galwan clash between Indian and Chinese troops in Ladakh. There is still to go in this domain of law, as the society is progressing. The law needs to be stringent however, the tenets of constitution including rights to privacy cannot lose its meaning.
1 PIL 138 of 2015.
2 Information Technology Act of
3 Exemption from liability of intermediary in certain cases
4 Power to issue directions for interception or monitoring or decryption of any information through any computer resource
5 It is issued by Ministry of Law and Justice. It is a process which supports many of the legitimate and growing expectation for transparent and better informed govt. The process tends to resolve contentions and complex policies and the areas where Govt is seeking policy to build consensus.
6 For instance, the Delhi Police has sought for it to be used at least once in a criminal investigations entirely unconnected to rape or child sexual conduct.
7 In Antony Clement Rubin v. Union of India (T.C. Civil No.189 of 2020).
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.