When India’s Information Technology Act 2000 was first promulgated, it conferred a ‘conditional, safe harbor’ upon ‘intermediaries‘, which include social media platforms, instant messaging portals, and entities acting as conduits connecting users. These benefited digital players, who were now exempt from liability for third-party information action after meeting specific diligence criteria. However, these obligations have become harsher after being updated by the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021, also known as Intermediary Rules.
The proposed amendments to the rules ‘ prioritize interests of digital India’ by placing a grievance appellate committee (GAC) at its center, setting new accountability standards for social media companies, and mandating that they respect the constitutional rights of Indian citizens. This committee would serve as a government authority to field appeals against the intermediary’s grievance Redressal process. Unlike a statutory regulator, this authority would report to a Union ministry and comprise a chairperson and members appointed by the government. Proponents of social media regulation have welcomed these diligence requirements as a step toward increasing accountability and introducing government monitoring mechanisms. However, these rules contradict earlier expectations that social media platforms and intermediaries must adopt a non-interventionist approach to enjoy safe harbor protection.
The safe harbor of the IT Act 2000 was conditional. First, it was conferred only upon those intermediaries whose function was limited to providing access to a communication system. Second, the intermediary did not participate in transmitting information by initiating or modifying the transmission contents and selecting recipients. But the new Intermediary Rules expect players to adhere to several onerous obligations to demonstrate compliance and retain their safe harbor, failing which they will be punished under applicable laws. It would be remiss not to mention that the Supreme Court, in its landmark judgment, Shreya Singhal v. Union of India, had held that intermediaries would only be obligated to take down content from their platform upon receiving an order from a court or government authority. Similarly, actual knowledge would only be attributed to an intermediary when a court order or government notification appraises the intermediary of unlawful content on its platform.
The creation of GAC appears to fill a distinct void in the lack of a government authority to direct intermediaries to take down content in line with the Supreme Court’s Diktat. However, this raises significant concerns regarding its independence. Social media platforms are worried that the government’s influence over GAC might lead to selective suppression for curbing dissent. Concerns include the absence of a precise appeal mechanism to challenge the decisions of the committee. Moreover, as opposed to other statutory authorities like the Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority (IRDAI), or Reserve Bank of India (RBI), which were set up by an act of Parliament, this ‘committee’ is set up with rules—via powers conferred upon the government—rather than by the legislature. Accordingly, the GAC cannot be the final judge of a grievance with a social media platform, for this would, in the absence of an appeal mechanism, leave only constitutional courts to be approached for recourse. While the courts must continue to be the final arbiter of what content should be taken down, this intermediary appeal mechanism is unlikely to reduce the burden of matters that go to court by offering a slow and convoluted solution to both users and social media platforms. The mechanism contemplates that a grievance by a user would first be referred to the platform, then to this appellate committee (which cannot be considered a quasi-judicial authority), and then, inevitably, to the courts.
The non-interventionist approach
In providing an intermediate authority to handle user grievances, policymakers have overturned the more straightforward approach of mandating intermediaries to adopt a zero-intervention stance (eliminating discrimination and selective suppression of free speech by intermediaries). This would have enabled intermediaries to remain mere ‘conduits’ who cannot manipulate content and maintain end-to-end encryption. The approach is based on proactive reporting of fake news, threats of violence or other content that contravenes law by impacted users rather than the platforms, leaving it to enthusiastic police enforcement and judicial machinery to intervene and mete out punishment. Concerns of large volumes of active users in India over allowing government surveillance of private communication on messaging platforms, and large volumes of worrying complaints, have made this approach sound in policy but not in practice. It is also largely dependent on the assumption that intermediaries would cooperate with the government, agnostic to personal data privacy laws, to improve access and surveillance over its users. Last, the efficacy of this approach in stopping the spread of malicious content is based on three assumptions being correct: first, that users will promptly report malicious content, second, that authorities will expeditiously determine if the content is malicious and direct its takedown, and third, that a large number of users will not appeal complaints frivolously to overwhelm the volumes referred to an appellate grievance committee.
On the other end of the policy, the spectrum would be an approach that mandates self-regulation, but sets well-defined and unambiguous parameters. This states that the only discretion, that intermediaries have is merely to determine if the content meets the eligibility of being taken down once brought to their notice. However, even with this approach, knowledge of an intermediary must meet the touchstone of actual knowledge, lest there be a misplaced expectation that an intermediary—a private entity—engages in self-surveillance on content posted by users.
