The Ministry of Electronics & IT (MeitY) has kicked off the public consultations on a Draft Information Technology (Intermediary Guidelines) Rules 2018 which will replace the rules notified under the same law in 2011. The proposed rules are aimed at increasing traceability of social media activity in a bid to curb the spread of fake news.
However the proposed regulatory framework has spurred protests around social media from privacy advocates and opposition parties as another alleged attempt of the Government at snooping citizens and turning India into a surveillance state.
However, government officials denied having any intention to impose censorship through the proposed amendments and have invited suggestions to meet the goal of removing objectionable content from the internet and trace miscreants. Such suggestions must be sent by January 15, 2019.
“This is not an effort to curb freedom of speech or censorship. If you … have a society where social media is liable to be misused by terrorists and bad elements, some amount of compromise to the extent of being able to trace the source of such messages, that is the effort in these guidelines,” Ministry of Electronics and IT, Joint Secretary, Gopalakrishnan S said while speaking to Business Today.
The Government proposed this regulatory framework just after a few days after it had expanded its surveillance powers. On December 20 the Ministry of Home Affairs authorized 10 government agencies including intelligence and tax watchdogs, to intercept and monitor any digital information.
WHAT ARE THE NEW PROVISIONS?
Companies such as WhatsApp have insisted that it will not be possible to break its end-to-end encryption without compromising a user’s privacy Government’s proposed amendments to rules under Section 79 of the IT Act reportedly make it mandatory for online platforms to “proactively” deploy technology to enable access to content seen as “unlawful.” And that the measures include breaking encryption so that the origin of messages can be traced.
The draft amendments will require companies to not only trace and report the origin of messages within 72 hours of receiving a complaint from law enforcement agencies but may also have to “disable access” within a day to content deemed defamatory or against national security and other clauses under Article 19 (2) of the Indian Constitution.
The social media platforms will also be required to have a registered entity in India under the Companies Act, have a permanent registered office in India with physical address, appoint a nodal officer in the country to deal with law enforcement agencies and send communication to users once a month about their privacy policies.
Besides, the draft rules put the onus on social media giants to “take all reasonable measures” to protect individual privacy as required under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules of 2011.
DRAFT RULES IN LINE WITH RECENT SUPREME COURT ORDERS
The Supreme Court has been very voicing its concerns over irresponsible content on social media over the last few months. However, a close look at the draft Information Technology (Intermediaries Guidelines) Amendment Rules, 2018, shows that the proposed changes are largely in line with developments on this front in cases before the Supreme Court in recent months.
|SUPREME COURT ORDERS||DRAFT RULES|
|SC in July 17, 2018 judgment in Tehseen S. Poonawalla case: It shall be the duty of the Central government as well as State governments to take steps to curb and stop dissemination of irresponsible and explosive messages, videos and other material on various social media platforms which have a tendency to incite mob violence and lynching of any kind. The police shall cause to register an FIR…[Guidelines under Para 40 (x)]||Draft rule 3 (5) of the Information Technology (Intermediaries Guidelines) Amendment Rules, 2018 proposes social media intermediaries to provide information/assistance when required by “lawful order” by any government agency for reasons of State security, cyber security, investigation, detection, prosecution or prevention of offences. These offences may include mob violence, lynching, online sexual abuse, etc. The “originator of the information” needs to be traced to register an FIR.|
|SC order on November 28 in Re: Prajwala Letter notes that Solicitor General informs the court that “certain actions are required to be taken by intermediaries”:
a. Set up proactive monitoring tools for auto-deletion of unlawful content by deploying artificial intelligence based tool
b. Set up a 24X7 mechanism for dealing with requisitions of law enforcement agencies, prompt disposal of requisitions and appointment of India-based contact officer and escalation officers.
|Draft rule 3(9) says the intermediary shall deploy technology based automated tools or appropriate mechanisms, with appropriate controls, for proactively identifying and removing or disabling public access to unlawful information or contents.
Draft rule 3 (7) (iii) proposes intermediaries to “appoint in India, a nodal person of contact and alternate senior designated functionary, for 24X7 coordination with law enforcement agencies and officers to ensure compliance to their orders/requisitions made in accordance with provisions of law or rules.
|October 22 SC order in the Prajwala case records that government has prepared an SOP for taking action by the security/law enforcement agencies under Section 79(3)(b) of the Information Technology Act||Draft rule 3 (8) proposes that when an intermediary receives actual knowledge in the form of a court order or is notified by a government agency under Section 79(3)(b) of the Information Technology Act, it shall remove or disable access to unlawful acts.|
ISSUES WITH THE RULES
The concerns of the Indian Government considering the increase in number of crimes involving social media in the past couple of years are legitimate. But controlling such social media platforms whose user base are in crores is surely going to be like a technical nightmare for them. It is impossible to proactively monitor content because of the sheer volume of information on the internet. China is the first country that comes to our mind when we discuss regulation of the internet in general and social media in particular because every social media site that wants to operate in China has to give access to the government to their databases if needed. In a democratic country such as India, how much it is going to be accepted is the question.
Another question that will inevitably need to be answered has to do with the freedom of expression. There is freedom of speech, and then you have the freedom to express your thoughts. Of course, it should always come with restrictions but only if anyone’s social media activity goes beyond such restrictions then only regulations should come into the picture.
More on resorting to such kind of implied censorship, I feel the Government should direct platforms like Twitter and Facebook to check more with harassment caused through their platforms and make them liable for any ignorance.
But in India, where the definition of offending someone changes almost on a daily basis, the issue will be that definitions of such restrictions will also be interpreted differently. Every now and then we read about different cases of defamation or even sedition that has been slapped on people for their posts on social media.
Other than introducing a law like Section 66A , the Government should maybe aim at introducing a specific law which will have the right effect of balancing free speech with reasonable restrictions on people. Though, I do agree that applying such specific law on a vast number of online users would be difficult and possibly impractical but specific users can be bought to book under the same
The Information Technology [Intermediaries Guidelines (Amendment)] Rules 2018 has inserted a new rule 3(5), introducing traceability on online platforms which includes breaking their encryption in order to retain information including messages on WhatsApp. This will serve a huge blow to Whatsapp like companies who run on user privacy policies.
The Government had also issued a notice to WhatsApp in July 2018, warning it against ‘abetting’ fake news and being a ‘mute spectator’ through its end-to-end encryption technology and that such could potentially invite legal action.
WHAT CONTENT IS TO BE REGULATED?
The Government has not given a clear demarcation as to what speech stands “unlawful”. Without a clear understanding of what speech is ‘unlawful’, the amendment enables agencies to target groups and individuals based on mere suspicion. While Article 19(2) lays down reasonable restrictions on free speech, the understanding of what is to be construed as “fake news” within the free speech jurisprudence yet to be cleared.
If the aim of the Government is to eliminate out fake news, it is imperative on their part to first define what stands as “fake news”, rather than just going ahead and censoring speech. Large-scale implementation of such a decision is directly opposed to democratic practice. According to a Deccan Herald report, couple of PILs have already been filed at the Supreme Court.
WHO SHOULD REGULATE ONLINE CONTENT?
Along with defining the kind of content the government intends to regulate, they also should specifically clarify that who should regulate such content? Before the proposed amendment is given effect, there is a need to determine whether permitting government agencies to examine content is more desirable than self-regulation by intermediaries themselves.
PRIVACY RELATED ISSUES
The relationship between privacy and free speech cannot be overstated. In the absence of privacy, each component of free speech – conceptualization, expression and dissemination – all of which is integral to the exchange of ideas is compromised.
Also, the question is no longer of legality alone, but of intrusion and the right to one’s personal space. To ensure confidentiality of any accidentally obtained information is a mere moral responsibility under the current law.
While rules under the IT Act does contain a few safeguards against such intrusion, but they are neither adequate nor independent, because the Act itself relies on the ordinary Criminal Procedure for its enforcement. To protect fundamental liberties such as privacy, the need of the hour is the implementation of the Data Protection Act, and not ad- hoc amendments to the existing law.
DATA INTRUSION IN THE ABSENCE OF DATA PROTECTION
Earlier this year, an expert committee was set up under the chairmanship of Justice (Retd.) B.N. Srikrishna which formulated the Draft Data Protection Bill.
The Bill addresses the crucial issues of data retention and purpose limitation, but it is yet to receive parliamentary approval. With the Data Protection Bill yet to be tabled, it makes little sense to change an existing regulation. Maybe with the 2019 elections coming soon, the Government wants to curb circulation of any video which may give rise to any political unrest and that is why they have decided to introduce these rules.
Further, according to the draft, the purpose for which the data is demanded is to trace the individual or group from which the ‘unlawful’ content originated. This gives an authority to the State to demand any content, even private chats which it deems “unlawful” to be handed over.
Not only would this expose all user data before the State before the legality of any particular content is debated but will also affect the business of Whatsapp like platforms largely (user privacy being their USP).
IS IT THE START OF A TUSSLE BETWEEN THE GOVERNMENT AND SOCIAL MEDIA COMPANIES?
Chances are that the proposed amendments to the intermediary guidelines under the Information Technology Act may increase the rift between the government and social media companies over removal of content and traceability of messages. It’s also likely to be challenged in court.
The government has justified the amendments by arguing that companies such as WhatsApp have been declining requests to trace the origin of messages that may spark communal tension or lead to violence such as lynching. However, end-to end encrypted platforms such as WhatsApp can still refuse to build technology that will trace messages or say that it doesn’t have the technology to break the encryption selectively.
FREEDOM TO ASSEMBLE AND MINORITY RIGHTS
Online platforms such as WhatsApp groups chats provide a safe place for people to virtually assemble at one place and express their thoughts and feelings, facilitating the freedom to assemble and associate, a constitutional guarantee under Article 19(1)(c) of the Constitution. The proposed amendment could undermine this right to the citizens of India.
This could also impact minority groups, for whom social media can be a safe harbour enabling the assertion of their identity. You can take the very recent example of the all India strike carried out by Dalit groups in response to the SC judgment imposing preconditions on the arrests of public servants under the SC/ST Atrocities Act, 1989. Despite having any one as leader of the protest, such marches were still federated, and strung together using WhatsApp. Undermining end-to-end encryption, however, can lead to further marginalization of such groups through intrusion into their personal space.
Comments/suggestions will be accepted till 15th January.
Image source: here