The new regulations that deal with social media, news websites and video streaming services have set off a debate on individual privacy, freedom of speech and governmental control. WhatsApp and Twitter have challenged them, and a legal scrutiny is under way. The most contentious points are the requirements that social media companies identify the first originator of a message, put in place a complaints mechanism, and the provision of punishment if they fail to comply with the rules. WhatsApp says the rule on the first originator is against the principles of open internet access because it would require it to break the end-to-end encryption of messages. The central government claims the rules empower the common citizen against online abuse and trolling, and weed out objectionable content. Going beyond the legal jargon and competing claims, let's understand the key points:
What are these rules for?
Unlike traditional mass media (newspapers, radio, television, cinema, etc.), social and digital media and video streaming services do not have a well-defined code of conduct or complaints mechanism. And that is where the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, come. These rules were notified on February 25, 2021, with a three-month deadline for compliance. Broadly speaking, these rules mandate due diligence and grievance redress by social media companies, a code of ethics and grievance redress and oversight mechanism for digital media, furnishing of information, and general guidelines for web-streaming services.
How will the social media companies be affected?
Among other things, social media companies should have a mechanism where any user can file complaints about objectionable content. The complaint must be acknowledged within 24 hours and disposed of within 15 days. Social media companies should publish a compliance report every month, mentioning the details of complaints and action taken, and the number of specific links or parts of information that they have removed or disabled.
What about end-to-end encryption?
Social media companies having more than 50 lakh users must identify the first originator of a particular message if required by a court order or competent authority.
What happens if they don't comply?
If social media companies do not comply with these rules, the provisions of sub-section (1) of section 79 of the Information Technology Act, 2000, shall not be applicable to them. (The sub-section states that social media companies shall not be liable for any third-party information, data or communication link hosted by them.) They can also be criminally prosecuted.
What is the social media companies' argument?
WhatsApp, which has 53 crore users in India, says the requirement on the first originator "fundamentally undermines people's right to privacy". "Requiring messaging apps to “trace” chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption," a spokesperson said.
According to WhatsApp, end-to-end encryption was designed to help ensure that nobody other than the person you are talking to can know that you sent a particular message. This is the exact opposite of traceability, which would reveal who sent what to whom. Traceability would not be effective in finding the originator of a particular message because people commonly see content on websites or social media platforms and then copy and paste it into chats. It would also be impossible to understand the context of how it was originally shared. Such massive data collection also makes messaging platforms inherently less secure by opening up more avenues for hacking, according to WhatsApp.