Digital intermediary guidelines evoke a wave of litigation in India

Managing IP is part of Legal Benchmarking Limited, 4 Bouverie Street, London, EC4Y 8AX

Copyright © Legal Benchmarking Limited and its affiliated companies 2024

Accessibility | Terms of Use | Privacy Policy | Modern Slavery Statement

Digital intermediary guidelines evoke a wave of litigation in India

Sponsored by

rna-400px.jpg
internet-3116062-1920.jpg

Ranjan Narula of RNA, Technology and IP Attorneys takes a look at the new due diligence mechanism and considers why this has caused a backlash

On February 25 2021, the Indian government notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, which replaced the Information Technology (Intermediaries Guidelines) Rules, 2011.

While the 2011 rules applied only to intermediaries, the new rules have been expanded to cover online news content and over-the-top (OTT) platforms. As per the government, the latest rules are designed to ensure that digital platforms such as social media sites, messaging apps, digital newspapers, and OTTs provide grievance redressal mechanisms to their users.

The social media intermediaries were provided three months, i.e. till May 25 2021, to comply with the rules.

As the deadline for intermediaries to comply with the guidelines was set to expire, a flood of litigation challenging various aspects of the new guidelines has been filed in different courts.

These include the Google search engine claiming they are an ‘aggregator’ and not an ‘intermediary’. Meanwhile, digital newspapers and other digital news platforms have filed a writ to challenge the rules, as they arguably seek to regulate digital news media by imposing a 'code of ethics' and vest the power of interference ultimately with the central government as the chief regulator. News platforms have also argued that the regulation and oversight by the government or its agents cannot be prescribed by the rules when not contemplated by the parent act (in this case, Information Technology Act).

New due diligence rules

The due diligence mechanism by the intermediary, as per the new guidelines, includes:

1. Publishing rules and regulations, privacy policy, and user agreement for access by any person on its website and mobile app and informing them not to host, display, upload, modify, publish, transmit, store, update or share any information that:

  • Belongs to another person and to which the user does not have a right;

  • Is defamatory, obscene, pornographic, invasive of another's privacy, or encourage money laundering or gambling or anything inconsistent with or contrary to the laws in force;

  • Is harmful to the child;

  • Infringes any patent, trademark, copyright or other proprietary rights;

  • Deceives or misleads the addressee about the origin of the message or knowingly and intentionally communicates any information which is false or misleading in nature but may reasonably be perceived as a fact; and

  • Threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign states, or public order. 

2. Remove the offending content upon receiving actual knowledge in the form of a court order or upon being notified by the government or agency envisaged under Section 79 of the IT Act, within 36 hours of the receipt of a court order.

3. Information that has been removed and disabled by the intermediary shall be retained for 180 days or longer, as it may be required by the court or government.

4. The intermediary shall, within 72 hours of the receipt of an order, provide information under its control or possession, or assistance to the government agency for investigation or cybersecurity activities, for the purposes of prevention, detection, investigation or prosecution, of offences under any law.

Significant social media intermediaries

The difference has been carved out between social media intermediaries (SMI) and significant social media intermediaries (SSMI). The SSMI are classified as those with more than a registered user base of 5 million in India. For the first time, the new rules have put an onus on SMI to put in place a grievance redressal mechanism.

Towards this, the intermediary is required to publish (on its website and mobile app), the name of the ‘grievance officer’ and his contact details, as well as a mechanism for lodging the complaint. Strict timelines have been prescribed for grievance redressal:

  • Acknowledgement of complaint within 24 hours and adjudication of the complaint within 15 days; and

  • In case the complaint made is concerning any obscene/nude content, the intermediary is required to bring down the content within 24 hours. 

A higher threshold of compliance requirement is required for SSMI. The rules envisage SSMI to:

  • Appoint a chief compliance officer for ensuring compliance with the IT Act and rules. The officer shall be liable relating to any third-party information, data hosted by that intermediary where he fails to ensure that the intermediary observes due diligence while discharging its duties. The chief compliance officer should be a resident of India;

  • Appoint a nodal officer for coordination with law enforcement agencies, who should be resident in India; and for the

  • Appointment of a resident grievance officer, who should also be resident in India.

Furthermore, they are required to publish monthly compliance reports of the complaints filed and decided. They should also deploy automated tools to (a) proactively identify information that depicts any act or simulation depicting rape, child sexual abuse or conduct; and (b) any information which is identical in content to the information that has previously been removed.

Decryption of communication on demand

In general, national security, protection of law and order, and prevention of sexual crimes are why the government asks message service providers such as WhatsApp to identify the first originator of the information.

The SSMI argue there is no way to predict which message will be the subject of such a tracing order. Therefore, it will need to make changes in its app or platform. The new rules have caused a stir among messaging companies such as WhatsApp, Signal, and others. It seems that the new rules put a significant onus on them to comply with demand to provide information about their users' activity.

It further requires them to change their business model and stated policy that all communication on their platform is end-to-end encrypted. 

Just as the new rules were to come into the force, WhatsApp filed a writ before the Delhi High Court to challenge the rules. WhatsApp has objected to the traceability clause provided under Rule 4(2) that requires social media platforms to locate "the first originator of the information." 

The intermediaries also question the power given to the law enforcement agencies to seek information, and lack of clarity on the words used in the rules ‘sovereignty and integrity of India’, ‘the security of the state’, ‘friendly relations with foreign states’, or ‘public order’ that law enforcement agencies can exploit. Furthermore, in most countries, such orders are backed by a judicial order following due process of law. Thus in some sense, these rules give unfettered powers to the executive to demand decryption 

Working towards a common interest

As a business, no social media intermediary wants its platform to be used for criminal activities, distribute pornographic materials, or instigate violence. However, they are concerned about protecting the user's privacy and aim to provide space where an individual has the right to express himself. Thus, it is essential to define further and clarify the rules so that it does not curtail an individual's freedom, which may have a chilling effect on the use of social media.

In addition, from a technical point of view, it may be challenging to introduce traceability without breaking end-to-end encryption. Thus, all stakeholders should work together to find a solution that protects the interest of consumers and intermediaries and ensures that criminal activities are curtailed. 

 

Ranjan NarulaManaging partner, RNA, Technology and IP AttorneysE: rnarula@rnaip.com

more from across site and ros bottom lb

More from across our site

Lawyers at Finnegan and Fross Zelnick explain why privacy formed a natural extension of their firms’ IP practices and share expansion plans
The news that USPTO director Kathi Vidal is to step down early and WIPO’s aims for a design law treaty were among the biggest IP talking points this week
The firm, which celebrates its 10th anniversary this weekend, has appointed a new head of trademarks and is planning further expansion
Practitioners say they’re receiving more correspondence from opposing parties that could be AI-generated
Sapna Palla, who joins the firm from A&O Shearman, said she was impressed by its work with major life sciences businesses
The court’s decision will have brands and their advisers ‘desperately reviewing’ portfolios and filing strategies, sources predict
Simona Lavagnini discusses the Greek classics, Rudyard Kipling's 'If', and how she dreams of beautiful words
Herbert Smith Freehills and Kramer Levin’s merger won’t be the last transatlantic tie-up if recent history is anything to go by
Betty Chen reveals litigation opportunities and provides an update on plans to double the firm's headcount in San Francisco
David Parrish expects AI to be among the major talking points for a newly formed committee aimed at protecting the interests of London-based IP practitioners, firms, and their clients
Gift this article