IT RULES 2021 AND ITS IMPLICATIONS

Reading time : 5 minutes

The Indian government may design essential rules to remove child pornography, rape and gangrape imageries, videos, and sites in content hosting platforms and other apps, according to the Supreme Court of India in 2018.

The Rajya Sabha’s Ad-hoc committee on social media pornography and its impact on minors and society as a whole delivered its findings in 2020. The study suggested that the source of such information be tracked down. The GOI also brought OTT services under the Information and Broadcasting Ministry’s purview in 2020.

The Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules of 2021 (hereinafter referred to as “the Rules”) were enacted by the Central Government on February 25, 2021, in close collaboration with the Ministry of Electronics and Information Technology, under the powers conferred on it by Sections 69A(2), 79(2)(c) and 87 of the Information Technology Act. These Rules were created in reaction to government misinformation on social media platforms, while still acknowledging the right to criticize and dissent as a necessary component of democracy. It seeks to give users of social media and OTT platforms with a thorough complaint mechanism to resolve their issues, which was previously unavailable.

2021 Draft Information Technology (Intermediaries Guidelines and Digital Media Ethics Code) Rules

There have been several alarming media reports recently (see here and here) regarding proposed laws to control OTT companies that broadcast selected content, such as Netflix, Amazon Prime, and Hotstar. This is particularly alarming in light of the current controversy over the web series Tandav (see here and here), which is the latest in a long line of events involving public outrage over a perceived affront to religious views in response, Union Minister for Information and Broadcasting Prakash Javadekar recently announced that the government is considering guidelines for OTT services.

The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, appear to have evolved from the Draft Intermediaries Rules, 2018 between December 2018 and February 2021.

In the public interest, we are releasing a copy of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 to the public and calling for a public consultation, just as we did with a previous December 2018 version of these Rules and a proposal to amend Section 66A. These amendments will impact the fundamental rights of all Indian internet users.

Regulation of Video Streaming Networks

First of the three major developments we’ll discuss is proxy regulation of OTT and news media platforms. This is clearly unconstitutional in our opinion. The draught IT Rules for 2021 specify a “Code of Ethics and Procedure and Safeguards in Relation to Digital/Online Media” in the Appendix to the Rules, which will apply to “relevant companies.” “Publishers of news and current affairs content”; and “intermediaries which primarily enable the transmission of news and current affairs content”; and “publishers of online curated content”; and “intermediaries which primarily enable the transmission of online curated content” are all “applicable entities” as defined in Rule 7.

Furthermore, the Rules provide a three-tier framework for observing and adhering to the Code, as follows: “Level I – Self-regulation by the applicable entity”; “Level II – Self-regulation by the applicable entities’ self-regulating bodies”; and “Level III – Central Government oversight mechanism.” What exactly does this imply? Most likely, increased censorship and government monitoring.

This monitoring structure is being established without strong legal support, and it will progressively fulfil tasks comparable to those performed by the Ministry of Information and Broadcasting for television regulation. For example, as per Rule 13(4), this now includes censorship capabilities such as apology scrolls, as well as content blocking! All of this is being planned without any legislative support or explicit legislation from parliament.

Any possible regulation in India relating to the OTT video streaming business may be extremely harmful to both individual rights and the national interest. India is no longer a consumer, but rather a creator of unique high-quality video content that employs and entertains people both in India and throughout the world. It competes vigorously with other nations, such as South Korea, and requires an environment that recognizes that traditional cinema or television-based regulation may hurt the industry irreversibly. Any such regulatory approach will almost certainly have a significant impact on individuals’ digital rights, cause economic harm, and impede India’s rising cultural influence through the development of new and contemporary video forms entertainment.

The Mint also published a report titled “17 OTT platforms release self-regulation toolkit” on February 12, 2021, which stated that 17 of India’s largest streaming services have launched a self-regulation toolkit under the aegis of the Internet and Mobile Association of India (IAMAI), pre-empting government plans to issue a code for all over-the-top (OTT) services. This toolkit builds on 15 Indian streaming services and digital enterprises’ adoption of the Self-Regulation Code of Online Curated Content Providers. The Code itself has a number of flaws, including the fact that it encourages self-censorship. More crucially, the code’s self-regulation provisions may converge with the methods outlined in articles 11, 12, and 13, resulting in a drive toward self-censorship as well as significant government supervision.

Criticism

The concept of tracing the original inventor, as established by Rule 5(2), has been met with skepticism. It aids the compliance process in contacting the source of any information via major social media intermediaries that provide message services. This is an attempt to stop the spread of false news and criminal activities through chat apps. Cyber specialists, on the other hand, are afraid that this might lead to the overriding of end-to-end encryption, allowing a surveillance state to be established. This may lead to a massive data leak, which most messaging applications happily boast about. The power to track down the source can also be utilised to prevent or investigate an offence that threatens the state’s sovereignty, dignity, or security. What the Rules overlook is the huge potential for abuse of such a vast and discretionary power.

Members of the media have also emphasized the importance of enforcing the Rule in order to curtail freedom of expression. While the government is overhauling the grievance redress system, the Oversight Body has been granted the right to judge on the appropriateness of media material, which may be regarded as a violation of the Constitution. An inter-ministerial committee of bureaucrats has been given the ability to rule on topics pertaining to free speech and journalistic liberties, which may or may not be beneficial to the same.

IT rules and Digital News Media

Several problems exist when it comes to news media regulation. Because the Information Technology Act of 2000 does not apply to news media, the guidelines do not have the legal authority to govern them. As a result, these Rules have far-reaching authority over the parent Act. Furthermore, these instructions are in violation of section 79 of the IT Act, which offers a “safe harbor” in the form of a liability exemption in certain circumstances. As a result, these recommendations are a covert attempt to control online news media by putting them under the jurisdiction of the Information Technology Act of 2000 rather than going via the proper channels of legislative examination and subsequent legislation.

The ambiguous definition of “publisher of news and current affairs content” may lead to even more arbitrary decisions. Replica e-papers of newspapers are not included in the definition. Will this imply that media outlets such as Caravan magazine, which publishes a monthly magazine and was recently the subject of a social media controversy when its Twitter accounts were blocked, fall within the category of “publishers of news and current affairs content”? This ambiguity in the term would empower the government to act arbitrarily in the exercise of important discretionary powers, including the ability to censor the media at will. Such a definition also benefits established media companies, which may have a print newspaper as a substantial part of their business and therefore be free from these rules. Smaller, independent media outlets, on the other hand, may not have the resources to do so, and must instead rely on the internet to spread information and news. On the basis of an ambiguous definition that lends itself to confusion and uncertainty, this discriminatory approach between online news media and traditional print newspapers and legacy media will place additional responsibilities on the former, potentially suffocating independent online news media.

Furthermore, it is unclear what the objective of compelling major providers of news and current affairs information to alert the government’s Broadcast Seva is. The Press and Registration of Books Act of 1867, for example, mandated registration in order to preserve copies of books and periodicals carrying news produced in India. While this was required in 1867, such regulations have outlived their archival value in the present digital age, with the internet keeping track of news and current events. As a result, the objective and extent of the notification obligation in Rule 16 of the proposed IT Rules, 2021, must be thoroughly reconsidered. It should also be emphasized that, while the administration had intended to execute these changes through legislation that would have to be passed by Parliament, it may now do so through executive fiat, bypassing legislative debate on the subject.

Breaking encryption and ‘Traceability’?

Under sub-rule (2) of Rule 5 of the proposed IT Rules for 2021, it is required for a large social media intermediary offering services primarily in the nature of messaging, such as Whatsapp, Signal, Telegram, and others, to permit the identification of the information’s initial source. This necessitates traceability, which would render end-to-end encryption useless. Previous approaches to provide traceability in a way that is consistent with end-to-end encryption have been demonstrated to be subject to spoofing, where bad actors can alter the origination information to falsely implicate an innocent individual. Furthermore, the communication’s originator has no influence over who forwards the message, how many times it is forwarded, or where it is forwarded.

Several systems (Whatsapp, Signal, Telegram, and others) save little user data for electronic information transmission and utilise end-to-end encryption to give users with trust, security, and privacy. Millions of Indians use them to protect themselves against identity theft, code injection assaults, and other dangers. Encryption is becoming increasingly crucial as more aspects of our life require our personal data being gathered and analysed on a scale never previously conceivable. The Justice Srikrishna Committee on Data Protection has already chastised the government for requiring poor encryption levels in licensing agreements with telecom service providers, claiming “this poses a threat to the safety and security of data principal’s personal data.”

This is being tinkered with without any consideration or involvement of technical experts in an open consultative process, without any data protection law or surveillance reform, by imposing the need of “traceability.”

This requirement for traceability has significant implications for everyday users of online services, and it should be considered in conjunction with the MHA notification, which activates the IT (Procedure and Safeguards for Interception, Monitoring, and Decryption of Information) Rules, 2009, which give the power to direct “decryption.” We lack adequate legislative supervision or judicial review of surveillance, and the current proposed laws, if passed, would constitute a massive extension of the government’s authority over ordinary individuals, frighteningly similar to China’s banning and breaking of user encryption to spy on its population.

Rule 5(2), inasmuch as it demands changes to the architecture of encrypted platforms in order to enable traceability, is outside the scope of the parent regulation, Section 79 of the IT Act. It’s worth noting that the authority to impose encryption standards and procedures stems from Section 84A of the IT Act, not Section 79, which is a safe harbour clause. Section 84A also gives the Central Government the authority to establish encryption modes and procedures for the purpose of “securing the electronic medium and promoting e-governance and e-commerce.” Any attempts to weaken encryption in order to permit traceability would fall short of the goal of maintaining secure electronic communication.

Is AI being developed to regulate censorship?

Furthermore, the draught IT Rules made it mandatory for a significant social media intermediary (such as WhatsApp, Signal, Twitter, Instagram, or Facebook) to deploy technology-based measures, including automated tools or other mechanisms, to proactively identify information that depicts any act or simulation in any form depicting rape, child sexual abuse, or behavior.

While these automatic techniques are now intended to be used in the case of very offensive content, such as representations of rape or child sexual abuse, the prospect of such a measure is worrisome. When technological modifications are made to systems in a hurry, they experience function creep. The use of automated technologies will be expanded beyond cases of sexual assault and child sexual abuse material, which will be a slippery slope. The Central Bureau of Investigation, for example, ordered social media firms to utilise PhotoDNA, a technology technique for identifying child sexual abuse material, to monitor suspects in normal criminal investigations in 2019. Furthermore, if one reads Rule 5(4) carefully, it states that “or any information that is exactly identical in content to information that has previously been removed or access to which has been disabled on the computer resource of such intermediary under clause (d) of sub-rule (1) of rule 4,” which goes beyond a re-upload requirement.

The development of censorship tools based on artificial intelligence (AI) is fraught with dangers, including the underdeveloped and imperfect nature of AI in its current state-of-the-art. AI “learns” by analyzing large amounts of data, and developing a censorship AI is likely to necessitate social media intermediaries storing and examining large amounts of user-generated content that has nothing to do with the content pursued to be censored.

Furthermore, in the creation of AI, coding biases frequently lead to discrimination, overbreadth, and a lack of accountability and transparency. This is especially concerning because AI is attempting to manage and monitor a user’s basic right to freedom of speech and expression. It’s important to think about whether AI should be permitted to govern citizens’ fundamental rights.

Debate on free speech

Twitter, the social media behemoth, has expressed reservations about the new IT standards, citing worries over free expression. It declared that it would make every effort to follow the law, but only if it was governed by the values of transparency and freedom of speech under the rule of law. On May 31, the Delhi High Court issued a notice to the microblogging site in response to a complaint alleging non-compliance with the new IT laws.

Failure to follow the guidelines might result in the loss of the firms’ “intermediary” status (a safe haven from accountability for the content that its users upload) as well as possible legal consequence or punishment. Since the draught regulations were placed available for public comment and numerous people, industry associations, and organizations reacted, the government maintains that the restrictions are neither arbitrary nor abrupt. The remarks were then thoroughly examined, and an inter-ministerial meeting was conducted before they were finalized.

Conclusion

Because it places a significant emphasis on safeguarding women from the spread of sexual offences on social media, the new legislation has been regarded as progressive, liberal, and contemporary. It emphasizes the significance of social media intermediaries and online service providers complying to the Indian Constitution and domestic regulations, regardless of whether they are providing entertainment or information. It is the first of its type to include social media usage in the Information Technology Act’s legislative framework, and it builds on the previous strategy of instilling a feeling of responsibility toward misuse and harassment by users of social media.

These rules were enacted in response to the government’s recent crackdown on OTT platforms, which have been clamoring for more stringent controls. The Guidelines, contrary to popular belief, were developed with the value of free speech, journalistic, and creative freedoms in mind, according to the government. Regardless of the political consequences, the adoption of these Rules brings India up to speed with foreign digital media regulatory regimes, providing consumers with a more robust and comprehensive level of protection.

In a liberal democracy, regulation plays an essential role. However, in a climate where people are sensitive to content, a legislative framework that allows for heavy government interference might become a logistical nightmare, stifling creativity and freedom of speech.

Any democracy’s foundational premise is freedom of speech and expression. There is no such thing as absolute or unrestrained freedom. Since the establishment of the Constitution, striking the appropriate balance between fundamental rights and determining the rationality of a limitation has been a continual struggle. The discussion has now moved to the digital realm. The ongoing battle between private, tech giants that own a significant amount of Big Data, governments that want to impose reasonable restrictions, and users concerned about data privacy and restrictions on freedom of speech and expression is only going to get more complicated before optimal solutions can be found.

Author: REET SOJATIA, NMIMS SCHOOL OF LAW, INDORE 

Editor: Kanishka VaishSenior Editor, LexLife India.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s