Privacy vs. Public Safety: New IT Rules

Personal data is being collected at an alarming rate by an ever-increasing number of electronic devices. Consumers are willing to give up their personal information in exchange for convenience or social interaction. Because these data collection devices are so prevalent, one has to wonder how aware the general public is of the data collected by these devices and how concerned they are about the use of their personal information.

Cell phones, smartphones, tablets, and laptops collect personal data through voice, text, email, video, photo, and application[1]. These devices are not the only means by which information about individuals is gathered. Surveillance cameras, traffic cameras, point-of-purchase systems, loyalty cards, and GPS locators in vehicles are just a few of the other ways data about people’s movements, purchases, and routines is collected. The growing Internet of Things (IoT) provides more devices for collecting personal information about consumers.

Companies use data obtained through their own devices to focus their marketing efforts to people who most closely match targeted consumers, or sell the data to other commercial companies looking for new clients in some situations. The terms of this data use are usually spelled out in a business privacy policy that is distributed to customers at numerous touchpoints. During early interactions, most websites will give links to privacy rules on their home pages and will seek user authorization for the use and resale of customer data. Many of these privacy policies are written by attorneys in legalese designed to protect the firm, and they may be difficult to comprehend for the typical consumer. In criminal investigations, law enforcement has also emerged as a possible recipient of stored data obtained through electronic gadgets. Despite the fact that the data was not acquired or intended for this purpose, technological gadgets are constantly, and sometimes inadvertently, gathering data about their users. As part of an investigation, law enforcement officers investigating possible criminal conduct may request access to these devices. Because many of the devices are password-protected, the owners are the only ones who can open them. In some of those cases in name of security the law enforcement agencies take the access of consumer data too.

Debate of privacy vs public safety with consideration to new IT rules:

We have various forms of technology in today’s society which could be used for many different purposes. There are many theories that the government monitors our use of technology to collect information and track suspicious activity about citizens. While it can infringe personal privacy, it offers citizens greater security. Meanwhile in the last few years a debate between privacy and public safety has come up. What are the laws that guide privacy and how much privacy must be given to a person. At the same time it is interesting to note that due to fake information, cyber frauds, terrorist activities etc. public safety is on the line. Can the govt. use personal information of individuals to tackle the situation? Here comes the main point the debate between both of these.

The govt. recently introduced new IT rules which mostly covers social media platforms and OTT platforms. The new Rules were enacted in accordance with Sections 69A (2), 79(2)(c), and 87 of the Information Technology Act of 2000. The previously enacted Information Technology (Intermediary Guidelines) Rules 2011 have been superseded by these new rules[2].

The Rules intend to provide a strong complaint mechanism for users of social media and over-the-top (OTT) platforms to address their complaints.

They place a special emphasis on protecting women and children from sexual assaults on social media. The rules emphasise the importance of online content publishers and social media intermediaries adhering to the country’s Constitution and domestic laws. With these rules, India joins other international regimes that have provisions for digital media regulation, as well as providing a comprehensive mechanism for digital media consumers’ protection.

Background of these rules:

Social media platforms have given their users the ability to exercise their right to free speech and expression. However, there is a negative side effect of social media proliferation, such as the spread of fake news, the sharing of morphed images, child abuse, revenge porn, and so on. In the case of Prajwala v. Union of India the Supreme Court, in an order dated 11 December 2018, directed the Union to develop necessary guidelines to eliminate child pornography, morphed and explicit images from online platforms. And the govt. decided to form a 10-member committee consisting of secretaries from various major departments such as the Ministry of Home Affairs, Legal Affairs, and Electronics and Information Technology, as well as the CEO of MyGov and the Chairperson of the Press Council of India. After analysing some of the greatest international regulatory mechanisms in this industry, this committee was founded to bring certain laws and regulations for online platforms.

CURRENT RULES AND REGULATIONS RELATED TO DIGITAL PLATFORM:

 Under this the Section 43A of the Information and Technology Act of 2000 offers “compensation for corporate entities’ failure to protect data.”[3] Other sections 66A and 67B provide for “imprisonment and fines for publishing or transmitting material depicting children in sexually explicit acts, as well as for any information that is grossly offensive and threatening through any computer resource that causes irritation, inconvenience, dangers and obstructions, or threat to anyone.”[4] Aside from these acts, “Section 69 has granted the authority to impose reasonable restrictions on this right and intercept, decrypt, or monitor Internet traffic or electronic data whenever there is a threat to national security, national integrity, the security of the state, or friendly relations with other countries, or in the interest of public order and decency, or to prevent incitement to the commission[5].  Finally, Sections 72 and 72A provide for “punishment for disclosure of information in violation of a lawful contract, as well as penalty for breach of confidentiality and privacy of a person[6].”Prior to the release of the revised guidelines in 2021, internet content was not covered by the Cinematography Act of 1952. OTT platforms, on the other hand, had a self-regulatory agreement with the Internet & Mobile Association of India (IAMAI). The Press Council of India and the Cable Television Network (Rules), 1994-95 do not apply to online media outlets.

Prior to the publication of the revised guidelines in 2021, internet content was not covered by the Cinematography Act of 1952. OTT platforms, on the other hand, had a self-regulatory agreement with the Internet & Mobile Association of India (IAMAI). The Press Council of India and the Cable Television Network (Rules), 1994-95 do not apply to online media organisations. As a result, new laws were enacted to govern all digital platforms in order to empower “ordinary users of digital platforms to seek redress for their grievances and demand accountability in the event of infringement of their rights.”[7]

There are three sections to the rules:

All definitions are in the first section. Second, establish norms and regulations for intermediaries, as well as a framework for an appropriate redressal mechanism. The third section goes into the “Code of Ethics” and “Procedure and Safeguards Concerning Digital Media” in great depth. The government has described the Grievance Redressal Structure in detail and prescribed a three-tiered self-regulatory mechanism for OTT platforms in this section.

To begin with, the term “intermediary” refers to “businesses or organisations that bring together or facilitate information between third parties over the internet.”[8] Intermediary companies must abide by all rules, according to the Act. They must follow the rules and establish a Grievance Redress Mechanism in accordance with the guidelines. In this case, the legislation has made intermediaries both accountable and liable for ensuring the safety and dignity of Internet users, particularly women. These businesses must remove any improper or obscene materials uploaded online within 24 hours of receiving a complaint under this guideline. Furthermore, these intermediaries are now required to remove Unlawful Content within 36 hours of obtaining any orders from the court or the government, which the government or court considers anti-national and hurts national sentiments.

Second one is, There were some basic guidelines established for each and every digital platform. Now, for Significant Social Media Intermediary, there are some additional sets of rules. These intermediaries must establish a three-tiered redress system. To begin, they must choose a CHIEF COMPLIANCE OFFICER, who will be in charge of “ensuring compliance with the Act and Rules.” A NODAL CONTACT PERSON will be in charge of the second layer, which will coordinate and deal with the legal departments and agencies. Finally, there will be a RESIDENT GRIEVANCE OFFICER who will be in charge of carrying out all of the duties imposed by the Act, as well as receiving and resolving all complaints within 15 days of receipt.

 The government’s other key shift is the “identifying of the first creator of the message or material.” The government has urged the intermediaries to reveal the names of users who have published content that is anti-national and may spread violence, according to the administration. However, according to the existing regulations of some of the largest social media platforms, such as WhatsApp, end-to-end encryption offers users with privacy by ensuring that no third party can access their chats and messages. Even WhatsApp is unable to view or contact the content creator. As a result, this rule is likely to cause friction between the government and big tech companies.

The code of ethics for online journalism, digital media, and OTT platforms has been established:

The act requires OTT services to categorise their content into “five age-based categories” (Universal, U/A 7+, U/A 13+, U/A 16+, and Adult/18+), according to the new standards. The platforms must also provide the parental lock function and an age verification mechanism for 18+ content, in addition to the age-based categorization. The publishers of online news channels must now register under the “Journalistic Conduct of the Press Council of India and the Programme Code under the Cable Television Networks Regulation Act” as well as the “Journalistic Conduct of the Press Council of India.[9]

The Act also establishes a three-tiered self-regulatory grievance redressal system for OTT platforms and digital news. On the first level, the publishers will handle the grievances, appointing a GRIEVANCE REDRESSAL OFFICER who will be responsible for resolving the complaint within 15 days of receiving it. Then, on the second level, there would be a self-regulating body, which may be more than one and would be led by a retired Supreme Court/High Court judge or any other notable person. There must be no more than six people in the body. The Ministry of Information and Broadcasting must register this organisation .Finally, a Government-created and-controlled Oversight Mechanism will be in charge (Ministry of Information and Broadcasting). “It will issue a charter for self-regulatory entities, which will include Codes of Practice. It will form an Inter-Departmental Committee to hear complaints.[10]”.

As a result, these were all of the government’s rules and regulations regarding digital and OTT platforms. The government has also said that if any corporation or intermediary fails to comply with any of the Act’s regulations, they would not be eligible for the benefits of Section 79 of the IT Act, 2000, and legal action may be taken against them.

After the analysis of the act let’s see some of its advantages and disadvantages:

Advantages:

Even with certain measures for users provided under the IT Act, 2000, India, which has millions of active users in the digital world, needs a proper legislative framework for data protection. And because of this gap in the cyber judicial system, many offences on social media platforms have the potential to provoke violence in society.

As a result, in order to meet the current demand, these guidelines will serve as a temporary regulation for these platforms and will regulate them. The following are some of the most significant benefits of this act:

Content that has been categorised

With the adoption of this new act, unsuitable information and fake news will be filtered and identified, allowing them to be removed from online platforms and making the digital realm a safer place for everyone.

Online content classification by age

This is the most significant move done under this act, and it will serve as a signal for users, assisting them in classifying their information. It will also keep the kids from watching content that isn’t suitable for them.[11]

Mechanisms of Accountability and Redress

According to the new guidelines, even intermediaries will be held liable for the content they publish on their platforms. Furthermore, by establishing an appropriate Redressal Mechanism, users are given the ability to make a complaint and seek redress from the intermediaries.

Disadvantages

These rules provide a variety of useful and practical ways for regulating online platforms. However, a number of legal experts, academics, and other individuals have raised concerns about the Act. The following are some of the Act’s concerns:

Consultations that aren’t up to par:

Legal experts said that there was insufficient thought before these laws were enacted because there was essentially no engagement from professionals in the field of digital platforms. When the document was released to the public in 2018 by the Government of Electronics and Information Technology for public feedback, the ministry received only 181 responses. They claim that the ministry did not offer or disseminate any notification or information about the presented draught, which is why there were so few comments and critiques. As a result, this act only expresses the government’s viewpoint, not the public.

Restraints on Freedom of Expression

This statute gives the government the authority to require intermediaries to remove or take down any post or content that the government deems unsuitable and could jeopardise the nation’s peace and security. This provision may obstruct and limit users’ freedom of expression. Because it is up to the government to decide which content is appropriate, they appear to meet the criteria for an unsuitable post. This clause may also stifle free speech on social media platforms.[12]

Concerns about privacy:

Article 21, which guarantees everyone the right to life, now includes the right to privacy. However, due to a provision in the legislation (identification of the material source), privacy concerns may be raised once more. Because there’s a potential this provision may be utilised to punish unjust behaviour. And it has the potential to cause big issues for people.

Conclusion:

The debate about privacy and public safety is still going on. Privacy activists believe that they have chosen social activity and convenience over privacy. Others believe that access to private information is necessary for public safety. Not unexpectedly, research has shown that after a national security crisis, the pendulum swings more toward public safety, then gradually returns to the right to privacy as we are removed from the incident. Consumers should be informed of the information collected by the electronic devices they buy and use, as well as how that information may be used. Consumers can only defend their privacy if they are aware of how and when their information is gathered, and if they read and understand privacy policies before agreeing to them. When it comes to giving access to their data, consumers should make an informed decision, which often comes at the cost of convenience. They must also realise that technology companies cannot promise that their personal information will be safe from government entities with subpoena power. This is something that no privacy policy can guarantee.

Technology enterprises are split between maintaining their customers’ privacy and assisting in public safety operations. On the one hand, disclosing consumer data may harm customers’ trust in the company, resulting in a drop in revenue. The general public, on the other hand, may welcome the publication of data that aids in public safety, particularly in the event of national security. Despite the fact that technology businesses are bound by their own privacy agreements with their customers, federal officials are not bound by them and may subpoena information crucial to an investigation. For the time being, the majority of technology companies have chosen to do all possible to protect their customers’ privacy.

These new rules provided both relief and cause for anxiety. Although the rule has provided clarity on most topics, it has also raised concerns about users’ core rights, such as the freedom to voice their opinions and privacy. It will be fascinating to see how the government responds to these concerns.

In the end, both the legislators and the courts will settle the conflict between a right to privacy and a government agency’s right to know. To address the impact technology has on privacy, the legislature will need to carefully create and implement new legislation. On a case-by-case basis, the courts will have to figure out how to strike a balance between the government’s need to know and the public’s perceived right to privacy.


[1] Zaru, D. (2015, April 30). Dilemmas of the Internet age: privacy vs. security

[2] Government notifies Information Technology Rules 2021, https://pib.gov.in/PressReleseDetailm.aspx?PRID=1700749 ,(last visited June 7, 2021).

[3] The Information Technology Act, 2000 (Act 21 of 2000), s. 43A

[4] The Information Technology Act, 2000 (Act 21 of 2000), s. 66A, 67B.

[5] The Information Technology Act, 2000 (Act 21 of 2000), s. 69

[6]  The Information Technology Act, 2000 (Act 21 of 2000), s. 72, 72A

[7] The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.

[8] Advent of Online Intermediaries & Their Under Regulation the Indian Law, Mondaq, Advent Of Online Intermediaries & Their Under Regulation The Indian Law – Media, https://www.mondaq.com/india/it-and-internet/928072/advent-of-online-intermediaries-their-under-regulation-the-indian-law#:~:text=According%20to%20the%20Organization%20for%20Economic%20Cooperation%20and,facilitate%20transactions%20between%20third%20parties%20on%20the%20internet.Telecoms, IT, Entertainment – India (mondaq.com), (last visited june 7, 2021).

[9] THE LEGAL ANALYSIS OF NEW RULES FOR DIGITAL MEDIA AND OTT PLATFORMS,https://lexlife.in/2021/03/30/the-legal-analysis-of-new-rules-for-digital-media-and-ott-platforms/#_ftn4, ( last visited june 7, 2021)

[10] New rules for OTT platforms ineffective to control screening of content, observe SC, India, available at: https://theprint.in/judiciary/new-rules-for-ott-platforms-ineffective-to-control-screening-of-content-observes-sc/616309/ (last visited june 7, 2021).

[11] Govt’s new rules for social media, OTT platforms give it power to take down content,

 http://timesofindia.indiatimes.com/articleshow/81211165.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst (last visited june 7, 2021).

[12] New rules for OTT platforms ineffective to control screening of content, observes SC, https://theprint.in/judiciary/new-rules-for-ott-platforms-ineffective-to-control-screening-of-content-observes-sc/616309/ ( last visited june 7, 2021).


Author: Raghav from B.R. National Law University, Haryana.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s