By Law Community (I) Team
The last decade has witnessed unprecedented boom of social media intermediaries (SMIs). India has one of the largest user base for major SMIs like WhatsApp, Facebook, Instagram etc. Given the expanding reach of SMIs in personal as well as business relations space, codified guidelines to regulate such SMIs, OTT platforms, digital news apps, digital video sharing apps and other digital content platforms, was inevitable.
In supersession of the Information Technology (Intermediaries Guidelines) Rules, 2011, amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (IT Rules 2021) was notified by the Ministry of Electronics and IT (MeitY) with the main objective of making SMIs responsible for ensuring a user friendly, accessible, secure, and reliable internet.
The IT Rules 2021 defines SMI as an intermediary which primarily or solely enables online interaction between two or more users and allows them to create, upload, share, disseminate, modify or access information using its services. Whereas, ‘significant social media intermediary’ (SSMI) means a SMI having number of registered users in India above such threshold as notified by the Central Government of India. The present threshold to be considered a SSMI is fifty lakh registered users in India.
Due diligence on the part of intermediaries: A SMI is exempted from liability under the Information Technology Act, 2000 (the Act) for any third-party information that it holds or transmits. However, to claim such exemption, it must adhere to the due diligence requirements under the IT Act and the IT Rules 2021 viz a) specifying, in service agreements, the categories of content that users are not allowed to upload or share, b)taking down content within 36 hours of receiving a court or government order, c)assisting law enforcement agencies, d)retaining blocked content and associated records for 90 days, and e) providing a grievance redressal mechanism for users and affected persons, and designating a grievance officer.
Grievance Redressal mechanism under the IT Rules 2021: The grievance redressal mechanism mandated under the IT Rules 2021 is very user centric and safeguards them to the most. It provides for three tier grievance redressal mechanism – two tiers of self-regulation- Tier I being the intermediary, Tier II being a self-regulatory body, and Tier III level being the oversight mechanism under the Ministry of Information & Broadcasting.
Under Tier I, every intermediary shall appoint a ‘Grievance Officer’, whose name and contact details are to be prominently publish on its website, mobile based application or both. The Grievance Office needs to acknowledge such complaints within 24 hours and resolve them within 15 days of receipt of such complaint.
The self-regulating mechanism, under Tier II will be one or more self-regulatory bodies of publishers, being an independent body constituted by publishers or their associations headed by a retired judge of the Supreme Court, a High Court, or an independent eminent person from the field of media, broadcasting, entertainment, child rights, human rights or such other relevant field, and have other members, not exceeding six, being experts from the field of media, broadcasting, entertainment, child rights, human rights and such other relevant fields. The main objective of the self-regulating body will be to a) oversee and ensure the alignment and adherence by the publisher to the Code of Ethics (b) provide guidance to publishers on various aspects of the Code of Ethics (c) address grievances which have not been resolved by publishers within the specified period of 15 days (d) hear appeals filed by the complainant against the decision of publishers (e) issue such guidance or advisories.
Under Tier III’s oversight mechanism, the MeitY shall facilitate the adherence to the Code of Ethics by publishers and self-regulating bodies. It shall a) publish a charter for self-regulating bodies, including Codes of Practices for such bodies, b) establish an Inter-Departmental Committee for hearing grievances, c) refer to the Inter-Departmental Committee grievances arising out of the decision of the self-regulating body, d) issue appropriate guidance and advisories to publishers, e) issue orders and directions to the publishers for maintenance and adherence to the Code of Ethics.
Additional Due Diligence: A SSMI is required to designate the following individuals, all of whom must be an employee of the SSMI and reside in India (i) a ‘chief compliance officer’ for monitoring compliance with the Act and IT Rules 2021; (ii) a ‘nodal person’ for 24×7 coordination with law enforcement agencies and officers; and (iii) a ‘resident grievance officer’ .
Under the IT Rules 2021, SSMIs are required to publish periodic compliance report every month mentioning the details of complaints received and action taken thereof and the number of specific communication links or parts of information that the intermediary has removed or disabled access to in pursuance of any proactive monitoring conducted by using automated tools or any other relevant information as may be specified.
The IT Rules 2021 mandates that SSMI shall have a physical contact address in India, published on its website, mobile based application, or both, as the case may be, for the purposes of receiving the communication addressed to it.
Identifying the initial originator of information: SSMI that provide services of messaging shall enable identification of the first originator of the information that is required only for the purposes of prevention, detection, investigation, prosecution or punishment of an offence related to sovereignty and integrity of India, the security of the State, friendly relations with foreign States, or public order or of incitement to an offence relating to the above or in relation with rape, sexually explicit material or child sexual abuse material punishable with imprisonment for a term of not less than 5 years. They need not disclose the contents of any message or any other information to the first originator.
Technology-based measures: The IT Rules 2021 provides that SSMIs try to implement technology-based measures to find (i) content depicting child sexual abuse and rape, or (ii) information that is the same as the information previously restricted in accordance with a court or government ruling. Such safeguards must take into account users’ rights to free speech and privacy, be subject to human scrutiny, and be evaluated on a regular basis.