We’re pleased to bring our readers a 2 part guest post series by Surabhi Pande and Devvrat Joshi, on the recently proposed draft amendments to the IT Rules, 2021 (which were released on 6th June, 2022). The first part of this series focuses on two specific proposed amendments which they argue will severely impact the ability of intermediaries to avail of safe harbour provisions. Surabhi Pande and Devvrat Joshi are both Senior Associates in the Dispute Resolution Team at Saikrishna & Associates. The views of the authors are personal.
The Amendment to the IT Rules, 2021: Part 1 – Locked, Loaded, and Aimed at the Intermediaries
Surabhi Pande and Devvrat Joshi
The Ministry of Electronics and Information Technology (“MEITY”), on 6th June, 2022, issued a press release along with a proposed draft amendment (“Draft Amendment”) to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Rules, 2021”).
The Draft Amendment proposes to introduce certain changes and additions to Part I and Part II of the IT Rules, 2021, which are worrisome to say the least. In February last year, the Central Government issued the IT Rules, 2021 which were immediately challenged (a total of 17 challenges to the IT Rules, 2021 had been filed as on the date of this article, ranging across Kerala High Court, Bombay High Court, Calcutta High Court, Madras High Court, Karnataka High Court, and the Delhi High Court – see Internet Freedom Foundation’s summary here). The majority of these challenges were raised by media houses and media / journalist associations against Part III or provisions falling under Part III of the IT Rules, 2021, viz. the part of the Rules dealing with / governing publishers of online curated content and publishers of news and current affairs content. The Madras and Bombay High Courts have already stayed Rule 9(1) and (3) of the IT Rules, 2021. As of now, the Supreme Court has stayed all further proceedings before the various High Courts challenging the IT Rules, 2021.
It appears that while the hearing on challenge to the IT Rules, 2021 is still pending, the Central Government has now trained its sights on the intermediaries.
What are the proposed amendments?
The Draft Amendment brings about certain changes to only Part I (viz. the definitions) and Part II (dealing with intermediaries and social media intermediaries) of the IT Rules, 2021 and primarily impacts only the intermediaries in terms of their obligations under Rule 3.
Broadly, the proposed amendments are:
1. That all intermediaries shall be obligated to ensure compliance by users of their rules, regulations, privacy policy, user agreement, etc. and shall cause the user to not host, display, publish, upload, transmit, store, update or share information specified under Rule 3(1)(b)(i)-(x).
2. That all intermediaries shall ensure accessibility to its services and maintain reasonable expectations of due diligence, privacy and transparency.
3. That all intermediaries shall respect the rights of citizens guaranteed under the Constitution of India.
4. That all intermediaries shall act on complaints for removal of content falling under Rule 3(1)(b)(i)-(x) within 72 hours of receipt of complaint.
5. That a Grievance Appellate Committee shall be set-up to hear appeals against decisions of the Grievance Redressal Officer under Rule 3(2).
6. That all intermediaries shall have to comply with the decision of the Grievance Appellate Committee.
Why should we be concerned?
While some of the proposed amendments do not adversely harm the intermediaries per se but merely require some clarification, there are two proposed amendments that instantly induce alarm bells and are potentially a direct threat to the very concept of intermediary safe harbour under the Indian jurisprudence. For the sake of convenience and ease of understanding, the present article shall only focus on the proposed amendments to Rule 3(1)(a) and (b). We shall analyze the other proposed amendments in part II of this article published separately.
Under the proposed amendments to Rule 3(1)(a) and (b), the Central Government has essentially mandated intermediaries to ensure and cause the users of their platform / services to comply with their terms and conditions and also with the provisions of Rule 3(1)(b)(i)-(x) of the IT Rules, 2021. Presently, as per the provision of the operating Rule 3(1)(a) and (b) read with Section 79(2)(b) of the Information Technology Act, 2000 (“IT Act”) as well as the decisions of the Supreme Court in Shreya Singhal v. Union of India [2015 5 SCC 1] and the Delhi High Court in Kent RO Systems Ltd. v. Amit Kotak & Ors. [(2017) 240 DLT 3] and in Amway India Enterprises Pvt. Ltd. and Ors. v 1MG Technologies Pvt. Ltd. and Ors [2020 SCC OnLine Del 454 (DB)], an intermediary has to only publish its terms and conditions, privacy policy, user agreement, etc. and inform its users to not publish, host, upload, transmit, share, disseminate, or modify any information that falls under Rule 3(1)(b)(i)-(x). Further, in these decisions it has also been observed that intermediaries deal with voluminous information and hence are not in a position to judge as to which request is legitimate and which is not. It has also been observed, interpreting the statutory provisions under the IT Act, that the intermediaries are not obliged to, of their own, screen information being hosted on their platform to check for compliance and intermediaries are nor vested with suo motu powers to detect and refuse hosting of infringing content.
So, what would be the impact if these proposed amendments were to be notified?
The impact of the proposed amendment to Rule 3(1)(a) and (b) will be that intermediaries will have to put in place mechanisms and measures to ensure and to cause their users to not upload, host, display, modify, share, etc. content that violates the intermediaries’ own terms & conditions and/or falls under Rule 3(1)(b)(i)-(x). To put it in simpler terms – intermediaries will have to start reviewing / screening each content provided by a user before it goes up / gets uploaded so as to ensure that the content is in compliance with their terms & conditions and with the requirements under Rule 3(1)(b)(i)-(x).
It is for this reason that alarm bells should be ringing – Under Section 79 of the IT Act, for an intermediary to avail the safe harbour under Section 79(1) it has to satisfy the requirements under Rule 79(2). Section 79(2) has two parts either of which an intermediary has to comply with to secure the safe harbour protection to itself – 79(2)(a) and (c) or 79(2)(b) and (c). Section 79(2)(c) simply mandates an intermediary to comply with its due diligence obligations under the IT Act, which is basically the obligations laid down under the IT Rules, 2021. Now, 79(2)(a) states that to avail the safe harbour, an intermediary’s functioning should be restricted to providing access to a communication system over which information is made available by third-parties (for e.g., Google search engine). 79(2)(b), on the other hand, states that intermediaries can avail safe harbour so long as they don’t do three things – (1) initiate the transmission of information, (2) select the receiver of the transmission and (3) select or modify the information contained in the transmission.
Evidently, requiring an intermediary to ensure that the content uploaded by its users are not infringing is directly in the teeth of Section 79(2) in as much as an intermediary shall now have to select which content to permit and which to disallow from being uploaded on its service / platform. This creates a catch-22 situation – in order to comply with the proposed amendment, the intermediary will have to violate the Section 79(2) requirement and in turn forfeit its safe harbour under Section 79(1) and in order to retain its safe harbour the intermediary shall have to meet the requirements under Section 79(2) and resultantly fall afoul of the proposed amendments to Rule 3(1)(a) and (b).
The bottom line is that the proposed amendments to Rule 3(1)(a) and (b) directly and adversely impact the ability of intermediaries to avail of the safe harbour under Section 79(1) of the IT Act.
Part 2 of this series can be found here.