Privacy Protector or Destroyer: Decoding Intermediary Guideline 2021
This article on Privacy Protector or Destroyer: Decoding Intermediary Guideline 2021 by Ankit Gupta reviews Intermediary Guideline 2021 in light of Privacy. “If freedom of speech is taken away, then dumb and silent we may be led, like sheep to the slaughter.” ― George Washington Introduction The Government of India’s Ministry of Electronics and Information Technology (MietY), on 25th… Read More »
This article on Privacy Protector or Destroyer: Decoding Intermediary Guideline 2021 by Ankit Gupta reviews Intermediary Guideline 2021 in light of Privacy.
“If freedom of speech is taken away, then dumb and silent we may be led, like sheep to the slaughter.” ― George Washington
The Government of India’s Ministry of Electronics and Information Technology (MietY), on 25th February 2021, introduced the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021(hereinafter referred as ‘Rules’). However, since the announcement of the introduction of Rules, it has been widely debated in the public forum and received widespread criticism from national as well as international media organizations.
Even International organizations such as United Nations also denounced the proposed rules by saying that they are contrary to India’s commitment to adopt the global standards on right to privacy along with freedom of expression and opinion. While the government of India strived to rebuff the flank by clarifying that these rules are framed with an explicit objective of empowering ordinary users of social media, many believe that the proposed rule will significantly damage digital freedom of speech. In the given context, it is pertinent to analyze the spirit of the proposed rules, impact on the people. The present article is a small effort to achieve the aforesaid objective.
The necessity of new Intermediary Guideline
Before analyzing the provision of these rules, it’s imperative to comprehend the circumstances, which led to the induction of these rules. The availability of smartphones and the internet, available at meagre cost, has accelerated the development and growth of domestic and international social media companies in India, which further benefitted from the presence of a large user base in the country.
According to an estimate by MeitY, WhatsApp has over 53 crores users wherein YouTube has over 44.8 crores users in India. Another Social Media giant, Facebook has around 41 crores while its subsidiary, Instagram has 21 crores users. The presence of users in these social media companies offers an opportunity to the user to propagate his/her view on diverse areas such as, but not limited to, social/political and religious matters to his/her ‘followers’ or the public at large.
Online freedom of speech and expression has become a non-alienable, part of the user propagating his/her view. The same prerogative has, time and again, recognized and affirmed by various adjudication body, across the country.
The Apex Court, while delivering landmark judgment in the online free speech jurisprudence, in the Shreya Singhal’s case, struck down the Section 66A of the Information Technology Act, 2000 and held that “the ‘mere discussion or even advocacy of a particular cause howsoever unpopular is at the heart’ of the right”.
The view on online freedom of speech in this judgment was again reaffirmed, when The Apex Court while hearing the petition in relation to communication blockade in Jammu & Kashmir, after the abrogation of Article 370, held that “the freedom of speech and expression and the freedom to practice any profession or carry on any trade, business or occupation over the medium of internet enjoys constitutional protection under Article 19(1)(a) and Article 19(1)(g).” (Page 29). Therefore, it is widely construed that the courts in India absolutely support online freedom of speech and expression. However, contrary to the popular view on its benefit, the rise of social media also gave birth to innumerable online criminal activity.
Cyber trolling, cyberbullying, cyberstalking, online threat of murder, rape or sexual harassment, to name a few acts, has become common news of everyday. While the general public at large is the biggest victim of these offences, even prominent figure from a different section of society such as journalism, political or film and women, in particular, has become the easiest target of such malice trend.
The courts in India, on different occasions, have taken a stern approach while dealing with the matter of offence of online threat. The first case related to the posting of obscene matter on the internet is Suhas Katti v. Tamil Nadu wherein the court, within the 7 months of filing FIR, convicted the accused with rigorous imprisonment for 2 years and a fine of Rs.4000/.
Further, In Majeesh K. Mathew v. State of Kerala (Page 7), the Kerala High Court, on the one hand, acknowledged the strength of social media in connecting and interacting with friends and groups, on the other hand, the hon’ble court cautioned that it can be subjected to gross abuse. The court, further declared that the act of throwing online muck and abuse to a woman would amount to gross sexual harassment and fall within cyberbullying, cyber-sexism or cyber-misogyny.
The court of courts i.e., Supreme Court also seems to take on the practice of trolling on social media. The court even asked the Government to formulate strict regulations for entire social media while naming out Facebook and WhatsApp. The court instructed the government to ensure the protection of online privacy, state sovereignty and reputation of an individual.
Therefore, in the given context, it has been imperative to introduce a regulation policy which aims to curb not only earlier discussed offence but also calls for the adoption of greater diligence by social media intermediary thereby making ‘virtual space’ a safe place to debate, discuss and exercise the freedom as enunciated in Article 19(1)(a).
Significant changes introduced by Intermediary Guidelines
The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, enhance the mechanism of due diligence of an intermediary while discharging its duties. The Rules commence with making the distinction of social media intermediary from the Significant Social media intermediary where the Significant Social media intermediary have a threshold number, as prescribed by the central government, of the user in India.
Among many types, some examples of such information can be dubbed as information which belongs to other people, defamatory, pornographic, and harmful to the child, infringe other’s Intellectual Property Right and undermine security or sovereignty of India.
The intermediary also has to, upon receiving an order by a court or being notified by the Appropriate Government or its agency in relation to any information; remove that information within the permissible limit of thirty-six hours from the receipt of order or notification. For the purpose of investigation, the intermediary, vide Rule 3(1)(g), also has to preserve the removed information and associated records for a period of 180 days. Further, the intermediary has to, within seventy-two hours of the receipt of an order, provide information to the Government investigative agency for the purposes of verification, prevention, detection, investigation or prosecution of an offense.
Rule 3(2) make it mandatory for an intermediary to publish the name of the Grievance Officer and his contact details on the website and further it calls for the formulation of a complaint redressal mechanism by which a victim may make a complaint of any act which violate the provisions of this rule. The rule also requires an intermediary to act promptly and remove/ disable access to such content within twenty-four hours from the receipt of a complaint substantially related to exposure of private area of such individual or full or partial nudity or shows or depicts any sexual act or conduct of such individual or artificially morphed images of such individual.
The cornerstone provision of the IT Rules, 2021 is Rule 4 which is enforceable only on significant social media intermediaries. Rule 4(1) prescribe that a significant social media intermediary i.e., an intermediary having more than 5 million registered users has to appoint a Chief Compliance Officer and a nodal contact person, both resident of India, to ensure compliance with the Act and rules and for 24×7 coordination with law enforcement agencies and officers, respectively. The rule also requires an intermediary to publish a monthly compliance report mentioning the details of complaints received, action taken and the number of specific information that the intermediary has removed or disabled.
Another vexed provision of the present rules is 4(2) which requires a significant social media intermediary to disclose the identification of the first originator of the information. The rules further make it clear that whenever the first originator of any information is located outside the territory of India then the first originator of that information within the territory of India shall be construed as the first originator of the information. The Rules offer a, non-extendable, three-month period to significant Social Media Intermediary to comply with the provision of the rules.
The debate of Privacy vs Autocracy
Due to growing technological advancement and availability of morphing tools, Digital privacy, which was acknowledged as a fundamental right( Page 539) by the Hon’ble Supreme Court in landmark Justice Puttaswamy v. Union of India case , has become a major concern. It is worth mentioning  (Page 57-58) case, in which the judgment of Delhi High can be considered as a defining moment in intermediary liability. In the instant case, the hon’ble court scrutinized the requirements for an entity to claim as an intermediary and free itself from liability and firmly held that an intermediary actively participating in the trade may not enjoy the protection under Section 79.
Therefore, it is justifiable to expect adoption more diligence from social media intermediaries and play a pro-active role to prevent crime while reporting any such incident to appropriate authority and it was the need of the hour to introduce necessary amendments to these guidelines which makes the intermediary’s application safe to use and offer a prompt redressal of complaint.
The appointment of Grievance Officer, vide this rule, is an effort to fill the void, on the matter of complaint registration and redressal, between the user and social media intermediary as in many cases, the whole objective of removing disturbing content from the intermediary’s platform becomes ineffectual due to ordinate delay in present ‘report’ system wherein the only mass reporting of content pushes intermediary to take expedite action. The appointment of such an officer will enable the user to reach such authority directly and bring notice about any prohibited content who, by the authority of law, is liable to take action (either remove or keep such content in the platform) within a stipulated time.
Similarly, the newly created post of Nodal Officer will act as a one-stop interface between social media intermediary and the investigative agency which allow the quicker investigation in subjudice matter. Nonetheless, the provision such as revealing the first originator of the information, requires further deliberation, as an order of revealing the first originator of the information in even trivial matter can adversely hamper virtual privacy. There is a need to put in place a transparency mechanism which mandates any matter having an order of the revelation of the identity of the first originator should pass through a committee of former judges having the power to dispose of the matter by way of either allowing or rejecting any such demand, in an expedited manner.
While the newly formulated rules look promising as it aims to take down the menace of 21st-century crime i.e., digital crime, simultaneously, utmost importance to the protection to user’s privacy in digital space also needs to be ensured. While, the home-grown app Koo and Social Media giant such as Facebook, Google has decided to adhere with new rules, WhatsApp has adopted legal route to challenge the legality of these rules claiming that proposed rules are unconstitutional and violative to people’s right of privacy.
In a separate matter, a petition has been filed before the Delhi High court against Twitter to ensure compliance. In the backdrop of the unfolding scenario, only time will decide, who will be better protect an individual’s digital privacy, government or corporates?
Author: Ankit Gupta
WRIT PETITION (CIVIL) NO. 1164 OF 2019
 C No. 4680 of 2004
Bail Appl..No. 3833 of 2018
 WRIT PETITION (CIVIL) NO 494 OF 2012
 CS (COMM) 344/2018, I.As. 19124/2014, 20912/2014, 23749/2014 & 9106/2015