INTRODUCTION On February 25, 2021, the Ministry of Electronics and Information Technology and the Ministry of Information and Broadcasting (MIB) notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (Intermediary Rules 2021) under Section 87 of the Information Technology Act, 2000 (IT Act). The objective of the Intermediary Rules 2021, which
INTRODUCTION
On February 25, 2021, the Ministry of Electronics and
Information Technology and the Ministry of Information and
Broadcasting (MIB) notified the Information
Technology (Intermediary Guidelines and Digital Media Ethics Code)
Rules, 2021 (Intermediary Rules 2021) under
Section 87 of the Information Technology Act, 2000 (IT
Act). The objective of the Intermediary Rules 2021, which
supersede the Information Technology (Intermediaries Guidelines)
Rules 2011, is to establish a harmonious, soft-touch oversight
mechanism in relation to social media platforms as well as digital
media and OTT platforms etc.
The Intermediary Rules 2021 are divided into three parts –
Part I deals with defining all the terms used
therein; Part II deals with the due diligence
requirements which must be followed by a social media intermediary
(SMI) and a significant social media intermediary
(SSMI) and Part III deals with
the code of ethics and procedure and safeguard in relation to
digital media.
Section 2(w) of the IT Act defines intermediary as
“intermediary”, with respect to any particular electronic
records, means any person who on behalf of another person receives,
stores or transmits that record or provides any service with
respect to that record and includes telecom service providers,
network service providers, internet service providers, web-hosting
service providers, search engines, online payment sites,
online-auction sites, online-market places and cyber cafes. The
Intermediary Rules 2021 introduce the concept of a “SMI”
and define it to mean “an intermediary which primarily or
solely enables online interaction between two or more users and
allows them to create, upload, share, disseminate, modify or access
information using its services. Based on the number of users
on the social media platform, intermediaries have been divided into
“SMI” and “SSMI” (number of registered
users in India should be above 50 lakhs as notified by the Central
Government).
SMI
Under the Intermediary Rules 2021, there are certain due
diligence requirements that have to be observed by
SMI while discharging their duties, which includes
the following:
- Publish: To publish a Privacy Policy, User
Agreement, and Rules and Regulation for usage of its website or app
or both informing the user (i) to not host, display, upload,
modify, publish, transmit, store, update or share any information
that belongs to other person, or infringes on any Intellectual
Property Law, or is obscene, harmful to a child, is pornographic,
encourages gambling, threatens the sovereignty and unity of India
etc.; (ii) the access to the website/app can be terminated if they
are not in compliance with these policies; (iii) any changes in
these policies. - Remove: It shall remove any objectionable
content, within 36 hours that it has stored, hosted, or published
on its servers, once it gains actual knowledge, in the form of a
court order or such notification by the appropriate government. The
information of any user who has withdrawn or cancelled his
registration or the objectionable content should be stored in
servers for 180 days or more (if court or government permits) - Protect: It shall protect the data following
reasonable security procedures and practices as laid down in
Information Technology (Reasonable Security Practices and
Procedures and Sensitive Personal Information) Rules, 2011. - Access: It shall provide information under its
control or possession to the government agency within 72 hours,
after being in receipt of order and not install any kind of
technical configuration to its computer resource, altering the
normal course of its operation, in order to by-pass the law. - Report: It shall report any cyber security
incident and share the same with Indian Computer Emergency Response
Team, in accordance with (The Indian Computer Emergency Response
Team and Manner of Performing Functions and Duties) Rules,
2013. - Grievances: It shall prominently publish on
its website/app the contact details of the Grievance Redressal
Officer (GRO) and mechanism to lodge the complaint against any
content on the website/app. The GRO shall acknowledge the receipt
of such complaint within 24 hours and dispose-off the same within
15 days from receipt. However, if the complaint is regarding
content which shows any kind of nudity prima facie, then the GRO
must take down such content within 24 hours of being in receipt of
such complaint. Further, the GRO must acknowledge and receive any
order, notice or direction by the appropriate government, any
competent authority, or a court of competent jurisdiction.
SSMI
Under the Intermediary Rules 2021, there are certain due
diligence requirements that have to be observed by SSMI while
discharging their duties, which include the following:
- Appoint: It shall appoint a Chief Compliance
Officer for compliance with IT Act and corresponding rules, a 24/7
Nodal Contact Person for assisting the law enforcement agencies
& for complying with their orders and requisitions, and a
Resident Grievance Officer (RGO) for dealing with
complaints lodged by any person with respect to any content on the
website/app. - First Originator: It shall enable
identification of first originator of the information, in case of
messaging platforms, which would require chats to be backed up to
encrypted cloud server, rather than providing end-to-end encryption
to its users. - Ownership of content: It shall clearly mark
any information as being advertised, marketed, sponsored, owned or
exclusively controlled, if such intermediary is deriving direct
financial benefit by advertising information on someone else’s
behalf, to which it owns a copyright, or has an exclusive license,
or in relation with which it has entered into any contract that
directly or indirectly restricts the publication or transmission of
that information through any means other than those provided
through the computer resource of such SSMI. - Physical Address: It shall have a physical
contact address in India published on its website, mobile
application, or both for the purposes of receiving the
communication addressed to it. - Removal of Information: In case, a user’s
access to the website or app has been revoked, or any other content
that has been uploaded by the user has been removed, it shall
inform the user prior to such removal about why the action is being
taken, and on what grounds is the action being taken. However, it
shall also provide the user an opportunity to contest this claim of
removal and the user’s request to re-upload the content.
However, this should be done within reasonable time. The RGO shall
oversee this process. It can be asked to furnish any additional
information as deemed fit by the MIB. - Objectionable contents: It shall employ
technology-based measures to identify and remove information that
depicts any sexually explicit content or any identical information
which has already been removed by it. It shall display a notice to
the user who is attempting to access such information that it has
identified such information as objectionable. The measures taken by
the SSMI must be proportional and have regard to the interests of
free speech and privacy of the individual. The SSMI must further
review periodically the technology-based measures to ensure there
is no propensity of bias and discrimination in such measures. - Complaints: It shall implement an appropriate
mechanism for the receipt and processing of complaints which shall
enable the complainant to track the status of such complaint by
providing a unique ticket number. It should endeavour to provide
the complainant with reasons for any action taken or not taken
pursuant to the complaint. - Voluntary verification: It shall enable users
to voluntarily verify their accounts by using any appropriate
mechanism and provide such users with a demonstrable and visible
mark of verification, which shall be visible to all users of the
service. - Safe harbour: If it fails to adhere or follow
the Intermediary Rules 2021, they would not be able to claim
protection under Section 79(1) of IT Act, which is safe harbour
provision for intermediaries. - Compliance Reports: It must publish compliance
reports every month containing the details in respect of the
complaints which were received and the action taken on those
complaints, and the number of links or information removed while
using proactive monitoring through automated tools.
CODE OF ETHICS AND PROCEDURE AND SAFEGUARDS IN RELATION TO
DIGITAL MEDIA
The Intermediary Rules 2021 prescribe a code of ethics for
online news, OTT platforms and digital media. It also provides for
self-classification of content for OTT platforms into five
age-based categories – U (Universal), U/A 7+, U/A 13+, U/A 16+, and
A (Adult). Platforms will be required to implement parental locks
for content classified as U/A 13+ or higher, and reliable age
verification mechanisms for content classified as “A”.
The OTT platform shall prominently display the classification
rating specific to each content or programme together with a
content descriptor informing the user about the nature of the
content and advising on viewer description (if applicable) at the
beginning of every programme enabling the user to make an informed
decision, prior to watching the programme. Publishers of news on
digital media would be required to observe Norms of Journalistic
Conduct of the Press Council of India and the Programme Code under
the Cable Television Networks Regulation Act thereby providing a
level playing field between the offline (Print, TV) and digital
media. Lastly, a three-level grievance redressal mechanism has been
established under the Intermediary Guidelines with three levels of
self-regulation, i.e., self-regulation by the publishers;
self-regulation by the self-regulating bodies of the publishers;
and an oversight mechanism.
The Intermediary Rules 2021 classify its subjects into two
categories namely (i) Publishers of news and current affairs
content; and (ii) Publishers of online curated content. The
publisher has to give an acknowledgment of the grievance to the
complainant, within a period of 24 hours; address the grievance and
convey its decision to the complainant within 15 days. If the
grievance remains unaddressed even after 15 days, it will be
escalated to the self-regulating body at level two, a
self-regulatory body registered with MIB. The self-regulatory body
is supposed to ensure that the publishers adhere to the Code of
Ethics, provide guidance on the same to them, address grievances
which remain unresolved with the publishers and hear appeals which
are filed by the complainants against the decision given by the
publishers. The body also has the power to issue guidance or
advisories to the publishers, ‘warning, censuring, admonishing
or reprimanding’ them or requiring an apology, warning card or
a disclaimer from the publisher. The self-regulatory body can
further direct the publisher of online curated content to
reclassify the ratings of content, make modifications in the age
classification and access control measures, and refer content to
the MIB for consideration.
The final level comprises an Oversight Mechanism which is
constituted by the MIB, to ensure adherence to the Code of Ethics
by the publishers. The MIB has to designate an officer as the
“Authorized Officer, who shall have the power to initiate the
procedure for deletion, blocking or modification of information by
the publisher, and for blocking of information in case of an
’emergency’. The Oversight Mechanism shall establish an
Inter-Departmental Committee for hearing grievances, shall refer
grievances to the said committee and shall issue guidance,
advisories, and directions to publishers. The Inter-Departmental
Committee has the onus of hearing complaints in relation to
grievances received from Level I or Level II and the ones which are
referred to it by the MIB.
ANALYSIS AND CONCLUSION
The Intermediary Rules 2021 prescribe additional requirements
for the intermediaries. While the publication of Compliance Reports
is a positive step that would ensure transparency and enhance the
efficiency of content moderation techniques, publishing the reports
monthly may create problems for such intermediaries. Apart from
providing the Privacy Policy, User Agreement, and Rules and
Regulation for its website/app, the intermediary would need to
annually inform the users that they need to adhere to these
policies to continue gaining access and also keep them informed
about any changes in these policies. This will create unnecessary
hassle not only for the intermediaries but also for the users to
act upon whenever such information is sent to them.
The intermediary can store on its servers, the information of
the user, who has registered on the website or app for 180 days,
even after such user has withdrawn or cancelled his registration.
The time-period for storing information for investigative purposes
has been increased to 180 days from 90 days. It shall provide
information under its control or possession to the government
agency within 72 hours, after being in receipt of order. Earlier
there was no prescribed time limit to provide the information.
These steps would go a long way to ensure the safety and privacy
measures that were the primary purposes.
Prominently publishing on its website/app the contact details of
the GRO and mechanism to lodge the complaint against any content on
the website/app and the timelines surrounding it would benefit the
users. And the GRO would have to act in a timely manner to adhere
to the strict timelines.
Significant social media intermediaries have to provide an
explanation to the users, in respect of removal of content. The
rule also mandates that the entity should give an opportunity to an
aggrieved user to dispute the action taken by the intermediary and
the decision in this respect must be taken within a reasonable
period of time. Although this requirement is burdensome for social
media companies, it is a much needed one. There have been many
instances when social media companies inadvertently or otherwise,
ended up blocking harmless content. This requirement will bring
more transparency and will ensure private players give due
consideration to the rights of users while filtering content.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
Social Media Rules 2021: Transforming Social Media – Media, Telecoms, IT, Entertainment Source link Social Media Rules 2021: Transforming Social Media – Media, Telecoms, IT, Entertainment
Leave a Comment
Your email address will not be published. Required fields are marked with *