On 10 January, the Internet Society Delhi Chapter and CCAOI jointly organised an interactive webinar on the draft Information Technology [Intermediary Guidelines (Amendment) Rules] 2018 (“the draft Intermediary Rules”) to improve understanding of it and to encourage members and other Indian stakeholders to submit their comments to the Ministry of Electronics and Information Technology (MeitY) during their public comment period. The draft Intermediary Rules seeks to modify Section 79(2)(c) of the Information Technology Act, 2000 (the IT Act). Section 79 of the IT Act introduces obligations for intermediaries to meet to gain exemption from liability over the third-party information that they “receive, store, transmit, or provide any service with respect to.” These proposed changes were developed by MeitY to try to address misinformation and harmful content on social media, which have been connected with lynching and other recent violent acts of vigilantism.
The session was moderated by Subhashish Panigrahi, chapter development manager for Asia-Pacific at the Internet Society, and Amrita Choudhury, treasurer of the Internet Society Delhi Chapter and director of the CCAOI.
The changes to the IT Act proposed in the draft Intermediary Rules would require intermediaries to provide monthly notification to users on content they should not share; ensure that the originator of unlawful content is traceable; deploy automated tools for proactively identifying and disabling unlawful information or content; and obligate intermediaries with over 5,000,000 users to set up office in India and appoint a nodal officer (for coordination with law enforcement agencies).
An “intermediary” under the IT Act includes any person or entity who on behalf of another receives, stores, or transmits a message or provides any service with respect to a message. Under the IT Act, intermediaries include ISPs, cybercafés, online companies, social media, etc. Looking at the broad definition of intermediaries, some argue that the proposed changes to the IT Act would be difficult for many intermediaries to comply with. Other concerns include whether the draft Intermediary Rules have the capacity to affect the fundamental rights of free speech and privacy or may erode the safe harbor protection for intermediaries which Section 79 of the IT Act provides.
During the interactive webinar organized by the Delhi Chapter and CCAOI:
- Shashank Misra, Senior Associate at Shardul Amarchand Mangaldas & Co, gave an introduction to the draft Intermediary Rules, the definition of intermediaries under the IT Act, and obligations for intermediaries. He presented an overview of the draft Intermediary Rules, categorizing the amendments under five broad themes, and reiterated the importance of commenting on the draft now before it becomes a law.
- Nehaa Chaudhari, Public Policy Lead at Ikigai Law, highlighted the draft Intermediary Rules’ lack of clarity on oversight mechanisms for the state and central government. She called attention to the lack of safeguards on take down requests under Section 5 of the draft Intermediary Rules. She also questioned the introduction of some obligations as part of “delegated legislation,” instead arguing that these should be proposed under new legislation. (In India, delegated legislation occurs when an executive authority is given the power to make laws to implement a primary legislation.) The Intermediary Rules are a form of delegated legislation to implement the IT Act. She also questioned the necessity of some of the proposed suggestions, such as the monthly user notification by all intermediaries, and whether it achieves its objective.
- Arjun Sinha, a tech lawyer, argued that the government needs to adopt a graded approach for requesting for information or assistance from online platforms, rather than adopting a 72-hour timeline. Using this approach, different grades would be based on the importance of the information requested. He also questioned the metrics used to calculate the 5,000,000 users, including how the government would independently verify the number and ensure compliance.
- Gurshabad Grover, Policy Officer at CIS India, highlighted that the draft rules may exceed the scope of what is allowed to be “delegated legislation.” In addition, he argued that the draft rule 3.9, which asks for deploying automated tools for “proactively identifying and removing or disabling public access to unlawful information or content,” is technically impossible for some intermediaries to implement.
- Paul Brooks, Chair of Internet Australia, an Internet Society Chapter, shared the Australian chapter’s experience and lessons learned during their own advocacy on Australian regulations and policies that could impact Internet security. In 2018, the Chapter engaged in an advocacy campaign to inform lawmakers and the public on the issues that could arise from proposed legislation on encryption. During their campaign, Internet Australia’s activities included holding a public workshop, making submissions on draft legislation, and conducting interviews with media outlets about the legislation.
- Subhashish Panigrahi emphasized the Internet Society’s commitment to support Indian chapters in making their submissions on the draft Intermediary Rules. He also gave an overview of the work done by the Internet Society on encryption, such as the Encryption Policy Brief. He encouraged participants to visit the Internet Society’s encryption issues page for more resources.
With nearly fifty people attending the webinar, there were various questions raised by the participants, which were responded to by the experts. Based on interest, another discussion may be held just after the submission deadline so that counter comments can be submitted.
All are encouraged to submit their comments on the draft guidelines by 31 January to:
- gccyberlaw[at]meity[dot]gov[dot]in
- pkumar[at]meity[dot]gov[dot]in
- dhawal[at]gov[dot]in