Recently, Mozilla, GitHub, and Cloudflare wrote an open letter to the Indian government on the final draft of web intermediaries rules that will explicate how online platforms will be required to regulate content, before it is presented to the Supreme Court on January 15.

The letter addressed to the country’s IT minister, RS Prasad, also requests the minister to reconsider safety norms laid out in the last draft of rules, as they might promote censorship and increase the burden on a lot of growing companies.

Writing to Ravi Shankar Prasad, Minister of Electronics and Information Technology, the three companies pleaded with him to make sure that proposed amendments to India’s intermediary liability system permits for the web to stay an open, competitive, and empowering place for Indians. 

During the public consultation on amendments that took place last year in January 2019, many of the tech organisations raised grave concerns regarding the potential harm to Indian users and the health of the Indian online ecosystem. According to the letter, the three tech companies say that they have not seen any public evidence which alleviates their previously raised concerns. 

“We understand and respect the need for the internet to be a safe space where big platforms take responsibility. But, the last version of these amendments which are available in the public domain suggests that the rules can lead to automated censorship, which, in turn, will tilt the playing field in favour of big players. This will increase surveillance, and create a fragmentation of the internet in India harming Indian users and failing to empower them,” stated the open letter.

What Is The Government of India Aiming To Do With New Web Intermediaries Rules?

These rules also known as the Information Technology [Intermediaries Guidelines (Amendment) Rules, 2018 are aiming to make changes to regulate tech companies and put more laws to make them accountable for responsible actions. 

Under the amendments, the intermediary has to publish the rules, regulations, privacy policies and user agreement for accessing the intermediary’s computer resources. The laws, privacy policy and the contract shall also notify the users to not host, display, upload, publish, or distribute any information that infringes copyright. It also includes anything that is harassing, pornographic, paedophilic, libellous, invasive of another’s privacy, hateful, racially or ethnically hurtful, involving or promoting money laundering or gambling, or otherwise illegal in general. The intermediary is defined as any web company or service with more than 50 lakh users in India or is mentioned in the list of intermediaries published by the government of India.

The guidelines, which are aimed at prohibiting the alleged misuse of platforms such as Facebook and WhatsApp, will be released on January 15. In the past, we saw the Cambridge Analytica scandal, the Pegasus spyware attack on WhatsApp, and the increasing misuse of social media platforms to spread misinformation which has made governments across the globe, including in India, realise the limitations of current laws in dealing with the misuse of these platforms. As a result, starting with GDPR, we have seen a wide range of regulations being proposed by governments, including the ones on data privacy, cybersecurity, and antitrust. 

What Will Be The Specific Web Intermediaries In India?

According to the draft released in 2018, any online entity with more than five million users will be considered an intermediary. With more than 627 million internet users in the country, it’s not a difficult thing to achieve for any active online business in India.

The rules also define these critical points for these entities to operate in India which are required to: 

• Be a company registered under the Companies Act, 1956 of the Companies Act, 2013
• Set permanent registered office in the country 
• Appointment in India, a nodal executive that can address and take responsibility for any legal issues, and comply with 24×7 coordination with law enforcement agencies.
• Deploy automated tools for identifying and removing or disabling public access to unlawful data or content.
• Remove flagged content within 24 hours and provide user data requested by the government within 72 hours.

Concerns Raised By Tech Companies On India’s Web Intermediaries Rules

According to the letter, the present safe harbour liability protections have been fundamental to the healthy growth of web services in India. They have helped to host platforms to innovate and grow without fear as they must be negatively impacted by a failure to surveil every action of their users. 

On the other hand, imposing the proposals in the new rules would put a tremendous burden on many web intermediaries, particularly for smaller companies and startups. Such organisations would struggle to have the costly filtering critical infrastructure, and other mandates to keep up with the regulations, especially if they accidentally make an error in their content services. 

For example, one of the biggest concerns is the broad definition of intermediary itself, which, according to tech companies, will probably lead to many unintended parties being impacted as a result of the amendments. It includes browsers, operating systems, online repositories of software, data, knowledge systems, software development platforms like Github, and other services like DNS, cybersecurity, and caching services — and none of which are believed to be the targets of this regulation and all likely to face a considerable increase in legal risk. 

The requirement for local legal incorporation of any services with more than 5 million users in India is a primary operational obligation being imposed. This raises fears among international companies, services, and nonprofits being forced to close themselves off to Indian users, while also deterring potential market expansion of new players into India, states the letter. 

According to the signatory companies, the technically infeasible mandate to proactively monitor platforms for all unlawful content would lead to over censorship and an untenable increase in liability, especially for small and medium service providers across the internet. This could also disrupt the careful balance that is prevalent in the existing regulations, which places liability on the malicious actors who engage in illegal activities and only holds organisations accountable for the acts which are they are cognisant about. Also, the short timelines of 24 hours for content takedowns and 72 hours for the sharing of user data will create issues for freedom of expression for tech and social media companies.

Mozilla, GitHub, Cloudflare also said in the letter that they were also concerned about the automated censorship and said the draft bill favours only more prominent players, increases surveillance, and may fragment the internet in India. 

The letter also states, “They need to enable the ‘traceability of the originator’ of content, which would require all intermediaries to surveil their users, undermine encryption, and harm the fundamental right to privacy of Indian users.”

Any such request can be created in writing or through electronic means stating clearly the purpose of getting such information or any such assistance from an intermediary. The intermediary also has to enable to trace out the originator of objectionable information on its platform as may be specified by government agencies which are legally authorised for such solicitations.

“We appeal for increased transparency, and we remain committed to working with you to achieve the broader objective of these amendments while allowing Indians to benefit from a global internet,” the companies stated in the letter. 

The post Why Are Github, Mozilla & Cloudflare Worried About India’s Web Intermediaries Rules? appeared first on Analytics India Magazine.