Above: It is time the social media companies exercise due diligence so that they are not held liable in case their platforms are misused/Photo: Anil Shakya
Citing privacy issues, the companies have opposed certain amendments proposed by the centre to tackle fake news. But such news is commercially beneficial for the intermediaries
By Na Vijayashankar
Amendments proposed by the government for a notification issued in 2011 under Section 79 of the Information Technology Act, 2000, have attracted stiff opposition of the industry led by WhatsApp. A coalition of 31 civil society and technology experts has also submitted a joint letter to the Ministry of Electronics and Information Technology stating that the proposed amendments “would erode digital security and undermine the exercise of human rights globally”. Section 79 exempts intermediaries from liability in certain instances and states that they will not be liable for any third party information, data or communication link made available by them.
The committee has raised the following objections:
- Implementation of traceability of messaging would weaken the encryption of platforms such as WhatsApp and undermine digital security and user privacy.
- The guidelines would “empower the government to request for information and assistance” and erode human rights globally.
It has also advised the government that as the model code of conduct for elections is operational, the government should withdraw the amendments. The government appears confused about whether it is violating the model code of conduct of the Election Commission.
It has to be stated, however, that the objections raised by the industry are not based on sound technical or legal grounds and deserve to be rejected outright. Also, in view of the forthcoming elections, the government should go ahead and issue the notification.
Legally speaking, the notification does not amend Section 79 of ITA 2000. It is an administrative guideline that suggests some guidelines for “due diligence”. Due diligence is the available defence for the intermediary so that it is not held liable for misuse of its platform provided that there is no abetment, negligence and violation of law.
The amendment was required as the earlier notification of 2011 did not have social media companies as its focus for defining due diligence. It appears that these companies are firing their objections on the shoulders of privacy and freedom of expression, and are actually trying to prevent the government from curbing the spread of fake news.
The reasons given by the consortium to oppose the notification include the inability of the intermediaries to identify “unlawful acts” and inability to remove the objectionable content expeditiously when notified.
We must recognise that “fake news” is commercially beneficial to the intermediaries and there is a vested interest in the generation and spread of it. There is, therefore, no commitment to eliminate fake news and opposition is mounted only because of this commercial self-interest. If this tendency is not checked, trust in social media will be lost and Facebook, Twitter and WhatsApp will become part of “E-Yellow Journalism”.
It is time social media companies show greater responsibility for the good of society and support the war against fake news. The first step in this direction is to stop the false propaganda against the proposed amendments. The guidelines prescribe that intermediaries initiate measures to preserve the “traceability” of messages by capturing and preserving the message originating information. This does not require decryption of the body of the message in services like WhatsApp.
Technically, the metadata of a message has always been part of the message header and the current requirement is not new. Earlier, message headers were recording the message byte size and it is expected that this would now be replaced by a “Message Hash Value”. This has no impact on privacy and digital security as alleged by these companies. In fact, some of the intermediaries are at present implementing additional technical measures to hide the originating information by issuing proxy IP address to its users. Though this is justified under “privacy”, it is an open assistance to criminals to protect them from being detected by law enforcement agencies when a crime occurs. This actually makes such intermediaries “accomplices” in crime.
If the logic of the expert group that collection of metadata compromises privacy is accepted, then there can be objection for keeping log records of any activity, either on the internet or on the computer. This cannot be accepted and the rights of law enforcement are recognised even in privacy laws.
In the recent Pulwama attack, it was observed that “virtual SIMs” were used by terrorists. These issuers are “intermediaries” who provided the service to the law-breakers to hide their identity while committing crimes. Thus, there is a need to make them accountable.
Another objection raised by the intermediaries is that “the guidelines are too vague and it is not possible for the tech company to know what is unlawful”. Ignorance of law can’t be used as an excuse to avoid the constitutional duty to assist the government of the day in maintaining law and order.
The responsibility to comply with law extends not only to ITA, 2000 to which Section 79 and this notification belongs, but also other laws like the IPC or the Companies Act, besides the Constitution itself and the companies need to equip themselves to know the law.
Yet another objection raised is about the requirement that an intermediary should remove content which has been ordered to be removed by a court or a competent authority, immediately and not later than 24 hours. It must be noted that the order to remove would be for a specific identified content. The responsibility of the intermediary is only to remove public access to it. This it will be able to do instantly while preserving it as evidence when required. As there is no need for the company to conduct any internal inquiry or audit before the content is removed, the time limit of 24 hours is more than sufficient.
Recently, Facebook introduced a system of registering the identity of users who want to place advertisements related to election campaigns in India to comply with the election law. This could be the beginning of a new trend in social media and lead to the creation of a trusted social media platform. This can gradually reduce the menace of fake news. Another solution could be the adoption of a self-regulatory framework by the industry with a mechanism to implement voluntary compliance.
Thus, the objections raised against the amendments to the intermediary guidelines under Section 79 of ITA, 2000 needs to be rejected and the government should go ahead with its release immediately to protect the integrity of the social media platform.
—The writer is a cyber law and techno-legal information security consultant based in Bengaluru. The views expressed are personal