Laying the foundation for a future-ready digital India (GS Paper 3, Science and Technology)
Context:
- The Ministry of Electronics and IT is organising consultations on the proposed “Digital India Bill” to build conceptual alignment on a new law that will replace India’s 23-year-old Information Technology (IT) Act.
Details:
- The goal is to upgrade the current legal regime to tackle emerging challenges such as user harm, competition and misinformation in the digital space.
- The first draft of the Bill should be out by the end of June. Changes being proposed include a categorisation of digital intermediaries into distinct classes such as e-commerce players, social media companies, and search engines to place different responsibilities and liabilities on each kind.
Definition of Intermediary:
- The current IT Act defines an “intermediary” to include any entity between a user and the Internet, and the IT Rules sub-classify intermediaries into three main categories:
- Social Media Intermediaries (SMIs)
- Significant Social Media Intermediaries (SSMIs)
- the recently notified, “Online Gaming Intermediaries”.
- SMIs are platforms that facilitate communication and sharing of information between users, and SMIs that have a very large user base (above a specified threshold) are designated as SSMIs.
- However, the definition of SMIs is so broad that it can encompass a variety of services such as video communications, matrimonial websites, email and even online comment sections on websites.
Need for proportionate regulation:
- The rules lay down stringent obligations for most intermediaries, such as a 72-hour timeline for responding to law enforcement asks and resolving ‘content take down’ requests. Unfortunately, ISPs, websites, e-commerce platforms, and cloud services are all treated similarly.
- Consider platforms such as Microsoft Teams or customer management solutions such as Zoho. By virtue of being licensed, these intermediaries have a closed user base and present a lower risk of harm from information going viral.
- Treating these intermediaries like conventional social media platforms not only adds to their cost of doing business but also exposes them to greater liability without meaningfully reducing risks presented by the Internet.
Rules in EU & Australia:
- The European Union’s Digital Services Act is probably one of the most developed frameworks for us to consider. It introduces some exemptions and creates three tiers of intermediaries, hosting services, online platforms and “very large online platforms”, with increasing legal obligations.
- Australia has created an eight-fold classification system, with separate industry-drafted codes governing categories such as social media platforms and search engines.
- Intermediaries are required to conduct risk assessments, based on the potential for exposure to harmful content such as child sexual abuse material (CSAM) or terrorism.
Focus areas for India:
Classification Framework:
- While product-specific classification could improve accountability and safety online, such an approach may not be future-proof.
- As technology evolves, there is need for classification framework that creates a few defined categories, requires intermediaries to undertake risk assessments and uses that information to bucket them into relevant categories.
- As far as possible, the goal should also be to minimise obligations on intermediaries and ensure that regulatory asks are proportionate to ability and size.
Roadmap for classification:
- One way to do this would be to exempt micro and small enterprises, and caching and conduit services from any major obligations, and clearly distinguish communication from other forms of intermediaries (such as search engines and online-marketplaces).
- Given the lower risks, the obligations placed on intermediaries that are not communication services should be lesser, but they could still be required to appoint a grievance officer, cooperate with law enforcement, identify advertising, and take down problematic content within reasonable timelines.
- Intermediaries that offer communication services could be asked to undertake risk assessments based on the number of their active users, risk of harm and potential for virality of harmful content.
- The largest communication services (platforms such as Twitter) could then be required to adhere to special obligations such as appointing India-based officers and setting up in-house grievance appellate mechanisms with independent external stakeholders to increase confidence in the grievance process.
- Alternative approaches to curbing virality, such as circuit breakers to slow down content, could also be considered.
Way Forward:
- For the proposed approach to be effective, metrics for risk assessment and appropriate thresholds would have to be defined and reviewed on a periodic basis in consultation with industry.
- Overall, such a framework could help establish accountability and online safety, while reducing legal obligations for a large number of intermediaries.
- In doing so, it could help create a regulatory environment that helps achieve the government’s policy goal of creating a safer Internet ecosystem, while also allowing businesses to thrive.