No Need to Add Provision for Intermediaries to Respect Fundamental Rights, Says CUTS on IT Rules Amendments

Media Nama, August 03, 2022

In its submissions amid consultations on the amendments to India’s IT Rules 2021, the think tank questioned the GAC and raised other compliance issues

Revising certain existing provisions of the Information Technology Rules and Information Technology Act, conducting a Regulatory Impact Assessment of the Rules, and advocacy for more transparency under the Rules are some of the chief suggestions made by Consumer Unity & Trust Society (CUTS) in their comments on the proposed amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.

The comments were submitted last month during the public consultation undertaken by the Ministry of Electronics and Information Technology on the proposed amendments. Below we have summarised the content of CUTS’ submission, which has been viewed by MediaNama.

Why it matters? On June 6th, the IT Ministry released the set of amendments proposed to the IT Rules 2021 for public consultation. The changes have include controversial provisions of instituting a Grievance Appellate Committee (GAC) which could involve a government official having oversight over content moderations decisions undertaken by social media platforms, making intermediaries respecting fundamental rights of users, ensuring their compliance to their terms and conditions, and so on. For context, experts and industry bodies of tech companies have raised worries of possible over-censorship of online speech through these rules, greater compliance burdens on intermediaries, the legality of the proposed changes, and more during consultation meetings as well as in comments (to link AIC submission copy) submitted on the provisions.  CUTS’ comments provided further clarity into what stakeholders are asking to change in the amendments and the alternatives possible therein.

Requirement to respect free speech unnecessary

“The Rights of citizens under the Indian Constitution are protected naturally and citizens can also seek remedies under Article 32 and 226 respectively. Thus, the intention of including them in these rules isn’t clear. We do not think that there is any need to mention this in the rules. This might end up making the compliance requirements too broad and thus impact businesses negatively,” the submission said.
However it added that in case the provision is still retained there would be more explanation required in terms of its scope and the action that may be taken in contravention of it.

Define what ‘compliance’ could mean under the IT Act

In its submission, CUTS recommends that the government define what ‘compliance’ could mean under the parent Information Technology Act of the Rules (i.e., where the rules draw their legitimacy from).  According to it, a lack of definition of the term could lead to more uncertainty as well as compliance delay or non-compliance on behalf of the intermediaries. Thus, it says the term should be defined under the Act.

Grade compliance requirements by size, business of intermediary

On similar lines of compliance, the submission proposes that the amendments implement a ‘graded approach’ to imposing compliance requirements on intermediaries. It recommends the following approaches for carrying out such grading:

“For the entirety of digital businesses, a model of scale-based regulation can be utilised on grounds of Reserve Bank of India’s Framework for Scale Based Regulation for Non-Banking Financial Companies (SBR-NBFC). The SBR-NBFC comprises four layers based on their size, activity and perceived riskiness Similarly, in the global context, Brazil adopts a one-size-does-not-fit-all approach and distinguishes actors in order to place liability. The most noticeable distinction is to categories intermediaries into financial, internet, etc intermediaries. The internet intermediaries are then divided on the basis of interest, firstly, content producers who are publishers of content and secondly, infrastructure providers who are not expected to detect or remove potentially illegal material.”

How should the proposed GAC function?

Making the GAC multi-stakeholder: CUTS has recommended making the GAC multi-stakeholder to ensure its independence. Thus, it recommends making provisions for the representation technologists, constitutional experts, members of judiciary and consumer rights organisations in its membership. “This would be necessary to centre the voice of aggrieved consumers and to protect the sovereignty of the GAC by ensuring diverse and essential viewpoints from relevant stakeholders,” the submission adds.

Making the grievance redressal process accessible: CUTS has recommended an online dispute resolution mechanism and central, state, and district wise centres of the GAC to ensure that it remains accessible to people across the country, remain multi-lingual, etc. It gives the example of the National Consumer Disputes Redressal Commission as well, as a quasi-judicial committee whose model the GAC could follow.

Provision for feedback on grievance redressal: Institution of a feedback mechanism for the GAC has also been suggested by CUTS.

Other changes CUTS wants around the existing Rules

Conducting a Regulatory Impact Assessment (RIA) of the Rules:

CUTS has recommended conducting a ‘Regulatory Impact Assessment’ of the IT Rules 2021. According to it, this would evaluate the ‘positive and negative effects’ of the rules and ‘ways to achieve intended aims with least cost’.

CUTS further suggests using data publicly disclosed by intermediaries on their content moderation practices, in compliance with IT-Rules’ requirement for periodic compliance reports, to conduct such an impact assessment.

Require public orders for tracing first originator:

“There is currently a lack of provisions in the IT Act and these rules which require mandatory judicial oversight in the executive order for such identification. The IT rules provide that such orders should be passed by a competent authority under Section 69 of the IT Act. This does not offer adequate procedural safeguards against arbitrary executive discretion. As the orders for identification of originators are not available in public domain, thus leading to a lack in transparency and accountability. Thus, any orders that are passed for identification of originator must be reasoned orders available periodically in public domain in line with the principles of legality, necessity and proportionality,” CUTS said.

Employ alternative to provision of levying criminal liability on compliance officers:

“We recommend an overhaul of the criminalising provisions for intermediaries especially for minor economic offences and non-compliances which impose personal employee liability. In order to do so the government can explore the Civil liability framework for intermediaries. Each case should be evaluated on a subjective basis on merit, and before such evaluation, no imprisonment of an employee or ascertaining of liability should be done,” CUTS has recommended.

This news item can also be viewed at: