SOCIAL MEDIA REGULATION
18th February, 2023 POLITY AND GOVERNANCE
Copyright infringement not intended
- The Union government is planning to set up a network of fact-checkers for online content and has asked several social media giants to submit inputs.
- The government has asked Social media companies to provide suggestions on criteria that should be followed to determine who a “trusted” fact-checker can be.
- The proposed network will function as a self-regulatory body and flag “misinformation” on the internet that is not related to the government.
- In a closed-door meeting, the Ministry of Electronics and IT asked the social media companies to submit their inputs in the next few days. The meeting was called to discuss the ministry’s recent proposal on regulating fake news on the internet.
- Some stakeholders at the meeting suggested that the fact-checking network should collate a list of all the links that they deem to be fake news and share that with the government periodically, which will then issue orders to block those links.
- Some stakeholders requested the government that when a network of fact-checkers is decided upon, it is best for them to publicly release their methodology on how they classify a piece of content as misinformation.
- When this network will be established, it will only have the agency to flag misinformation that is not related to the government.
- It’s the Press Information Bureau’s fact-checking unit that will flag “misinformation” related to the Centre, as per the draft Information Technology Rules, 2021.
About Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
- The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, was notified by the Central government in February 2021, relates to digital news publishers, including websites, portals and YouTube news channels, and Over The Top (OTT) platforms, which stream online contents such as web series and films.
- It is jointly administered by the Ministry of Electronics and IT, and the Ministry of Information and Broadcasting.
- The Rules provide for a code of ethics to be followed by digital news publishers and OTT platforms; A three-tier grievance redress mechanism, which includes:
- Self-regulation by publishers at the first level
- Self-regulation by Self-regulating bodies of the publishers
- An oversight mechanism by the Central government
Key Features of the Rules
- Social media intermediaries, with registered users in India above a notified threshold, have been classified as significant social media intermediaries.
- They are required to appoint certain personnel for compliance, identification of the first originator of the information on its platform, and identify certain types of content.
- They need to appoint a Nodal Contact Person for 24x7 coordination with law enforcement agencies. Such a person shall be a resident of India.
- Appoint a Resident Grievance Officer who shall perform the functions mentioned under the Grievance Redressal Mechanism. Such a person shall be a resident of India.
- Publish a monthly compliance report mentioning the details of complaints received and action taken on the complaints.
- The Rules prescribe a framework for the regulation of content by online publishers of news and current affairs content and audio-visual content.
- A 3-tier Grievance Redressal Mechanism: Social media intermediaries shall appoint a Grievance Officer to deal with complaints and share the name and contact details of such officers.
- The grievance officer shall acknowledge the complaint within twenty-four hours and resolve it within 15 days from its receipt.
- Ensuring Online Safety and Dignity of Users, Especially Women Users: Intermediaries shall remove or disable access within 24 hours of receipt of complaints of contents that expose the privacy of individuals.
- Such a complaint can be filed either by the individual or by any other person on his/her behalf.
- Voluntary User Verification Mechanism: Users who wish to verify their accounts voluntarily shall be provided with an appropriate mechanism to verify their accounts and provided with a demonstrable and visible mark of verification.
- Giving Users An Opportunity to Be Heard: Users must be provided with an adequate and reasonable opportunity to dispute the action taken by the intermediary.
- Removal of Unlawful Information: An intermediary upon receiving actual knowledge should not host or publish any information which is prohibited under any law concerning the interest of the sovereignty and integrity of India, public order, friendly relations with foreign countries etc.
- This Code of Ethics prescribes the guidelines to be followed by OTT platforms and online news and digital media entities.
- Self-Classification of Content: The OTT platforms would be required to self-classify the content into five age-based categories; U (Universal), U/A 7+, U/A 13+, U/A 16+, and A (Adult).
- Intermediaries include telecom service providers, internet service providers, search engines, online marketplaces, payment sites, cyber cafes, messaging services, and social media sites. While many intermediaries are mere storage providers, where they are unaware of the content being transmitted or stored on their platform, other intermediaries may be aware of the user-generated content on their platform. This raises the question that to what extent intermediaries should be held liable for the user-generated content on their platform.
- There are growing concerns around the misuse of these platforms for the proliferation of illegal or harmful content such as child sex abuse material, content provoking terrorism, misinformation, hate speech, and voter manipulation.
- Some platforms have been self-regulating the publication of such content. However, this has raised concerns about arbitrary actions taken by these platforms which could affect freedom of speech and expression.
- Certain grounds for restricting content may affect freedom of speech, some of these restrictions are subjective and overbroad, and may adversely affect the freedom of speech and expression of users of intermediary platforms.
- The 2021 Rules do not restrict the extent or type of information that may be sought. For example, the information sought may be personal data of individuals such as details about their interactions with others. Such powers, without adequate safeguards, may adversely affect the privacy of individuals.
- The Rules require significant social media intermediaries, to enable the identification of the first originator of information within India.
- Identifying the first originator of information on a messaging platform will require the service provider to permanently store certain additional information:
- The Rules also do not specify any timeline in terms of how far back in time the messaging service will be required to check for determining the first originator.
- Overall, this requirement will lead to the retention of more personal data by messaging services which goes against the principle of Privacy and Data minimization.
Justice BN Srikrishna's committee report on Privacy and Data Protection
- Processing Personal Data: Processing (collection, recording, analysis, disclosure, etc) of personal data should be done only for “clear, specific and lawful” purposes. Only that data is necessary for such processing to be collected from anyone.
- Purpose Restriction: Only for clear, specific and lawful purposes.
- Only necessary data to be collected.
- Problematic Exceptions: Personal data may be processed by the government if it is considered necessary for any function of Parliament or State Legislature. It includes the provision of services, issuing of licenses, etc. On the face of it, it looks extremely vague and could lead to misuse.
- Allows processing considered ‘necessary’ for the function of central and state govt.
- Allows processing of personal data for prevention of offence and ‘contravention of law’.
- Right to be Forgotten: The committee recommended giving “data principles” (persons whose personal data is being processed) the ‘right to be forgotten’. This means they will be able to restrict or prevent any display of their data once the purpose of disclosing the data has ended, or when the data principal withdraws consent from the disclosure of their data.
- Restriction of disclosure of personal data after the purpose is served, or consent is withdrawn.
- Other rights include confirmation and correction of data held.
- Data Localisation: Personal data will need to be stored on servers located within India, and transfers outside the country will need to be subject to safeguards. Critical personal data, however, will only be processed in India.
- Copy of all personal data to be stored in India. Critical personal data can only be stored on Indian servers.
- Cross-border transfers of data are subject to model contract clauses.
- Explicit Consent: The committee recommended that “sensitive” personal data (such as passwords, financial data, sexual orientation, biometric data, religion or caste) should not be processed unless someone gives explicit consent- which factors in the purpose of processing.
- Sensitive personal data includes passwords, sexual, orientation, and financial data.
- Can only be processed with explicit consent.
- Data Protection Authority: The committee recommended setting up a Data Protection Authority which is supposed to “protect the interest of data principals”, prevent misuse of personal data and ensure compliance with the safeguards and obligations under the data protection framework by corporations, governments or anyone else processing personal data (Data fiduciaries). The Authority shall have the power to inquire into any violations of the data protection regime and can take action against any data fiduciaries responsible for the same.
- Regulatory body to oversee and enforce data protection rights.
- Shall have the power to make inquiries, and take action against data processors.
- Aadhaar Act Amendments: The committee had suggested recommendations to the Aadhaar Act, 2016 to ensure the autonomy of the UIDAI and “bolster data protection”. These include offline verification of Aadhaar numbers and new civil and criminal penalties- through the ability to file complaints will remain with the UIDAI alone.
- Ensure the autonomy of UIDAI and bolster data protection.
- Offline verification of Aadhaar and new penalties.