The Ministry of Electronics and Information Technology (MeitY), Government of India published the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“Intermediary and Digital Media Code”) on February 25, 2021. The Intermediary and Digital Media Code will supersede the Information Technology (Intermediary) Guidelines, 2011 which earlier regulated online and digital intermediaries. The Intermediary and Digital Media Code has been divided into 3 (three) parts, with Part II, containing due diligence by intermediaries, being regulated by MeitY, and Part III, containing ethics and safeguard mechanism for digital media, being regulated by the Ministry of Information and Broadcasting, Government of India. In this article, we summarise Part II of the Intermediary and Digital Media Code.
Due Diligence Requirements for Intermediaries
Part II of the Intermediary and Digital Media Code regulates intermediaries and provides for due diligence requirements and a grievance redressal mechanism. Under Rule 3 of the Intermediary and Digital Media Code, intermediaries are required to adhere to certain guidelines such as publication of privacy policies and user agreements, ensuring that any information does not infringe any patents, or violates the integrity and privacy of any person. Rule 3(1)(c) gives the right to intermediaries to terminate user access in case of non-compliance with regulations, privacy policy, or the user agreement. Under Rule 3(1)(d), the intermediary is required to disable access or remove any information or content which is in relation to contempt of court, may harm the integrity or sovereignty of India or its friendly relations with foreign states, at the earliest but not later than 36 (thirty-six) hours. Further, the intermediary is also required to inform its users at least once a year of the rules, regulations in the privacy policy, or the user agreement and any changes thereof. Intermediaries are also required to preserve data on user registration and any takedowns for a period of 180 (one hundred and eighty) days or a longer period as may be prescribed.
Grievance Redressal
Further, the Intermediary and Digital Media Code also prescribe a grievance redressal mechanism under Rule 3(2). The intermediary is required to publish the name of the Grievance Officer and his contact details including the mechanism by which a user or a victim may make a complaint in regard to violation of any rules or provisions. The Grievance Officer is defined as “an officer appointed by the intermediary or the publisher, as the case may be, for the purposes of these rules.” The Grievance Officer shall (a) acknowledge the complaint within 24 (twenty-four) hours and dispose off such a complaint within 15 (fifteen) days from the date of its receipt; and (b) receive and acknowledge any competent order, notice or direction issued by a competent authority.
Additional Due Diligence by Significant Social Media Intermediary
A significant social media intermediary has been defined as “a social media intermediary having a number of registered users in India above such a threshold as notified by the Central Government”. Significant social media intermediaries are obligated to provide a physical Indian contact address to receive communications and are required a chief compliance officer to ensure adherence with the Information Technology Act, 2000 and the Intermediary and Digital Media Code. Moreover, significant social media intermediaries, who are involved in the messaging segment, are also required to trace the first originator of information if provided a direction to do so and if such first originator is based outside of India, the details of the first originator within the territory of India should be provided. Under Rule 4(4) of the Intermediary and Digital Media Code, the significant social media intermediary is required to deploy technology-based measures, including automated tools to identify information that depicts any obscenity, provided that such measures deployed have due regard to free speech and privacy considerations. Moreover, the intermediary shall also have appropriate human oversight measures over automated tools and include a periodic review of automated tools. The Intermediary and Digital Media Code also provide for a governance mechanism under Rule 4(8). Rule 4(8) provides that where an intermediary disables access to any data, the originator of that data should be provided with details and reasoning of such disabling and also an opportunity to dispute such a decision and reinstate the content.
BlockSuits Comments
Intermediaries, specifically social media intermediaries have been brought under regulatory dispute globally. In the United States, Section 230 of the Communication Decency Act shields social media intermediaries from any obscene or defamatory content posted on their platforms. However, the recent debate around the law’s expulsion suggests that legislators are looking to introduce rigid laws in regard to the regulation of online content and information. Recently, the Australian Government had introduced the News Media and Digital Platforms Mandatory Bargaining Code Bill, 2020, which required big technology companies to compensate news media companies for using their content. A direct implication of the introduction of such a law was that Facebook disabled access to all news content within Australia and afterwards re-negotiated with the Government of Australia to reinstate the display of news stories. The revamped intermediary regulations in India provides for a more oversight approach, specifically on significant social media intermediary, which are also regulated as significant data fiduciaries under clauses 27 and 28 of the Personal Data Protection Bill, 2019.
Authored by Shivani Agarwal, Founder and Samaksh Khanna, Co-founder.
Commentaires