The Ministry of Electronics and Information Technology (“Meity”), on June 06, 2022 proposed amendments (“Proposed Amendment”) to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Rules”). The Proposed Amendment sought to address the gaps and infirmities in the IT Rules vis-a-vis the Big Tech Platforms after public consultation and comments.
Subsequently, Meity has notified the amendments to the IT Rules on 28 October 2022 by way of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2022 (“Amended Rules”). The Amendments will come into effect from date of notification. The Amended rules seek to introduce a wide range of compliances and obligations for intermediary platforms which include, inter alia, quick timelines for resolution of grievances, acting as a protector of fundamental rights, creation of ‘Grievance Appellate Committee’ to decide appeals arising from decisions of an intermediary’s Grievance Officer.
Meity has provided certain principles which form the basis for Amendment Rules which include creation of open, safe and trusted internet for all Indian internet users. As per Meity, online intermediaries providing services in India shall never contravene the constitution of India and other laws and rules.
Publication and enforcement of rules and regulations, privacy policy and user agreement
Rule 3 (1) (a) of the IT Rules provides for obligation of the Intermediary to publish on its website/app the rules and regulations, privacy policy and user agreement for access or usage of their computer resource. Rule 3(1) (a) now requires intermediaries to ‘ensure compliance’ of provisions this clause. Intermediaries now have the option to publish such policies in few other widely spoken local languages in India (to be chosen from the languages specified in the Eighth Schedule to the Constitution).
Rule 3 (1) (b) requires such regulations and policies to inform the user to not host, publish, modify any information which belongs to another person, defamatory, violates any law etc. The Amended Rules now require intermediaries to take ‘reasonable efforts’ to ensure compliance of the same and cause users not to host, display, upload, modify, publish, transmit or share any information that violates IT Rules. Thus, the Amended Rules require intermediaries to enforce the rule 3(1)(b) while also making intermediaries accountable for the same.
Rule 3 (1) (f) requires intermediary to periodically, and at least once a year, inform its users in English or any language specified in the Eighth Schedule to the Constitution, of its rules and regulations, privacy policy or user agreement or any changes made to them.
Accessibility of services and respecting rights under Constitution of India
The Amended Rules add Rule 3(1)(m) and Rule 3(1)(n) in the IT Rules. Rules 3 (1) (m) states that the intermediary shall take all reasonable measures to ensure accessibility of its services to users along with reasonable expectation of due diligence, privacy and transparency.
Rule 3 (n) of Amended Rules require intermediaries to respect the rights accorded to citizens under the Constitution of India under Article 14, 19, 21.
Change in Grievance Redressal Mechanism of the Intermediary
The Amended Rules have reduced the timeline for resolution of certain user complaints from 15 days to 72 hours. The complaints in the nature of request for removal of information or communication link relating to a vast variety of legal issues including privacy, obscenity, misinformation, impersonations, etc. will now have to be resolved expeditiously within 72 hours of such reporting by user. However, other complaints can be addressed within 15 days. The intermediary shall acknowledge complaints by user within 24 hours of receipt.
Creation of Grievance Appellate Committee
The Amended Rules provide for creation of ‘one or more’ appellate bodies called ‘Grievance Appellate Committee’ under rule 3(3) of the IT Rules. Users will have the option to appeal against the grievance redressal process of the intermediaries before this new appellate body. The Committee will endeavor to address the user’s appeal within a period of 30 days. Intermediaries are required to comply with the orders of this committee and publish the reports of compliance on their respective websites. This is made necessary because currently there is no appellate mechanism provided by intermediaries nor is there any credible self-regulatory mechanism in place.
The Amended Rules seek to promote usage of vernacular languages since user agreements such as Terms of Service, Privacy Policy may now be published by intermediaries in other widely spoken languages (to be chosen from languages specified under VIII schedule to the Constitution of India).The reference to publish user agreements in a language of user’s choice, under the amended Rule 3(1)(a), will now require intermediaries to be extra careful to ensure consistency between the original language of the user agreements and local languages. Further the inclusion of “reasonable efforts” under Rule 3(1) (b) is also vague and needs more clarity.
The reduction in timeline with respect to grievance redressal may be logistically challenging for the Intermediaries and only time will tell whether compliance with such strict timelines will be possible or not considering the complexity of issues and number of complaints received. We observe that the Grievance Officer appointed by intermediaries will now have to sit on hot seat with abilities to ‘decide’ on addressing the grievance. Considering that they have been obligated to ‘respect constitutional rights’, they may now have to follow principles of natural justice which will put their job akin to judges who are trained in adjudicating such issues on principles of justice. The Creation of Grievance Appellate Committee could be seen as an instance of excessive delegation since it has been vested with adjudicatory powers similar to a court or tribunal.
The Amended Rules have brought in several changes and they would require intermediaries to comply with several compliances and obligations including policies, processes to meet the timelines. There are many ambiguities which has to be addressed in the Amended Rules, before the intermediary or its grievance officer are put to risk for non-compliance and the risk of losing their “safe harbour” available under the Information Technology Act, 2000.