Implications of The Information Technology (Intermediary Guidelines & Digital Media Ethics Code) Rules, 2021

 

On 25th February 2021, the Ministry of Electronics and Information Technology released the notification of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 in supersession of the Information Technology (Intermediaries Guidelines) Rules, 2011.

What does the law say?

The new rules have differentiated between the ‘social media intermediary’ and ‘significant social media intermediary.’ Significant social media intermediaries are the ones with more than 5 million users and they have to observe additional due diligence according to the new rules.

Observance of due diligence entails that such intermediaries have to publish their rules and regulations, privacy policy and user agreement for access or usage of its computer resource by any person on its website or mobile-based application or both.

The users must be informed about the prohibited content. Also, such prohibited information must not be hosted, stored or published by the intermediary if the same has been confirmed by the court of competent jurisdiction or the appropriate government or its agency. If such information is hosted, stored or published then the intermediary should disable or remove access to the same within 36 hours from being notified. Such information and associated records must also be preserved for 180 days or even longer if required by the court or government agencies for investigation purposes.

Intermediaries must also help with the investigation and prosecution of any offence committed under any law or for cybersecurity incidents within 72 hours of the receipt of a lawful order. The name and contact details of the Grievance Officer and mechanism for complaint must also be published. The complaint should be acknowledged within 24 hours and resolved within 15 days from the date of its receipt.

Access to any form of sexual content must be disabled or removed within 24 hours from the receipt of the complaint.

Significant social media intermediary also has to appoint an Indian resident as ‘Chief Compliance Officer’ who will act as a nodal contact person for 24*7 coordination with investigation agencies, a ‘Resident Grievance Officer’ and publish a ‘monthly compliance report.’

The most controversial rule to be followed is that intermediaries providing messaging services have to enable the identification of ‘the Ist originator of the information.’ If he/she is located outside India, then the Ist originator within India shall be considered as the Ist originator of the information. Significant social media intermediaries must also deploy automated tools to identify prohibited information, the access to which has been previously disabled or removed.

The step taken by the government is welcomed as there was growing concern over the content on the ‘Social Media and the ‘over-the-top (OTT) platforms such as Amazon Prime, Netflix, Disney Hotstar, etc.

How the ‘Social Media Giants’ reacted?

The 3-month deadline for the intermediaries to comply with the rules ended on 25th May 2021. On 26th May, the Government issued a letter to all the significant social media intermediaries, asking about the status of compliance by the said intermediaries.

In lieu of the compliance, WhatsApp filed a suit against the Government of India in the Delhi High Court, contesting Rule 4(2) of the IT Rules, 2021 by relying on the Supreme Court’s judgement of Justice K S Puttaswamy v. Union of India. WhatsApp spokesperson said that “Requiring messaging apps to 'trace' chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people's right to privacy.” In response, the Ministry of Electronics and Information Technology clarified in a press release that “Such Requirements are only in case when the message is required for Prevention, Investigation or Punishment of Very Serious Offences related to the sovereignty and integrity of India, the security of the State, friendly relations with foreign states, or public order, or of incitement to an offence relating to the above or in relation with rape, sexually explicit material or child sexual abuse material.”

As far as other significant social media intermediaries are concerned, Facebook has confirmed that they “aim to comply with the provisions of the IT rules, even as they continue to discuss a few of the issues which need more engagement with the government.” Twitter has not yet given any comment.

What is the matter of concern?

A lot of debate is around the issue of encryption as it is the most important component of safe and secure digital connectivity. The activists of Internet Freedom have termed the new rules as ‘draconian and invasive.’

That’s why the matter of consideration should be if traceability requirements can be achieved without weakening the encryption system and without violating our privacy, safety and security.      

Case Citation: Justice K S Puttaswamy v. Union of India [2017 (124) ALR 877]

By: Nandini Dwivedi

   (Legal Intern, WCSF) 

To keep yourself updated with our news & blogs, don’t forget to “SUBSCRIBE” us!!

To know more, please visit: https://www.worldcybersecurities.com/