When India passed the Information Technology (IT) Act in 2000, a 9.6 kbps connection used to cost Rs 15,000 and state-owned VSNL was the only internet service provider. Today, India has median download speeds of 39.94 Mbps for mobile and 52.53 Mbps for broadband, and provides Internet access at an average cost of just Rs 14 per GB. In 2000, the internet penetration stood at 0.5 percent of India’s population. Today, almost 50 percent of India is online.
The internet is now the primary means that fuels innovation, commerce, communication, education, and entertainment. These services are facilitated by intermediaries, which have “shortened the distance” between users, and made markets and societies work more efficiently.
In 2000, no one knew what Facebook or Google would look like, let alone the coming of AI-powered Large Language Models (LLM) like ChatGPT. Laws created during the dawn of digitisation could not anticipate its pinnacle that we witness today.
It is now evident that the intermediary landscape is diverse and ever evolving, and laws that regulate them need to reflect the same. For the Digital India Act (DIA) to be futuristic and meet India’s global ambitions, it will need to classify internet-based companies making it easier to not only regulate them, but also strengthen them.
The Need For Classification
A lack of classification of the various internet services and functions leads to bad regulation and outcomes. Indian internet entities need to be properly classified so that they can evolve under the right regulatory frameworks to become global champions.
Indian law defined intermediaries in 2008, when the IT Act was amended but ended up covering a range of services from telecom service providers to cyber cafes to online payment sites under one umbrella term. When it comes to regulating a slew of intermediaries, present and emerging, a one-size-fits-all approach does not work. This is because they are different from one another in technical as well as service functions, and therefore need to be regulated differently.
During two public consultations on the DIA, the Union Ministry of Electronics and Information Technology (MeitY) has presented that it will establish a criteria for classification of intermediaries.
Which classification approach would work best for a law that seeks to make the internet open, safe, trusted, and accountable for Indian users? How can this be achieved while preserving the internet infrastructure and enabling business and innovation in India?
A combination of three models could help solve the classification conundrum.
Classification Based On Technical Functions
The Internet is composed of several layers, through which information passes when it travels from one computer to another. The OSI model, developed by the International Standards Organisation (ISO), places it in seven layers, with the “Physical Layer”, at one end and the “Application Layer”, at the other.
The TCP/IP model is similar, but more widely implemented and classifies the stack into four layers. Different engineering protocols apply at different layers of the internet but all the layers function collaboratively to make the internet work.
The availability, reliability, and speed of the internet, thus, depends upon effective functioning of these layers. Intermediaries operate across this internet stack and their underlying technologies and business models consequently differ. Recently, amicus briefs filed before the US Supreme Court in Gonzalez v. Google cautioned that uninformed laws can “cripple the technologies, operations, or investments that support a robust, free, and open Internet”.
In India there is a tendency to regulate intermediaries from a social media lens. But all intermediaries cannot be regulated in the same manner. For instance, internet infrastructure companies that work on the network layer, such as CDN (Content Delivery Network) providers, do not have control over content being posted on the websites they host. If the law imposes blanket obligations, it will threaten the efficiency and resiliency of the Internet.
The European Union’s Digital Services Act classifies intermediaries, based on their role on the stack, into three broad categories. Mere conduit services provide access to a network, caching involves temporary storage for the purpose of transmission, and hosting services engage in storing user-information. The legal classification of intermediaries in the DIA should also find its underpinning in the technical classification of the Internet.
Nature Of Services And User Harm
The OECD, WTO and IMF have provided guidance that digital platforms can be classified based on services offered by them. The impact of different services also depends upon use-cases and network effects, two key considerations that cannot be ignored.
Consider two communication services – a meetings platform like Zoom and a personal messaging service like WhatsApp. While both are communication platforms, the former has business or economic risks, the latter has social or democratic risks. The potential for harms is vastly different and therefore, the impact must be assessed differently.
UK’s Online Safety Bill has taken a risks-based approach where regulated entities self-assess their risks and implement proportionate mitigation measures. Australia has taken a co-regulatory approach, where the industry develops a code of practice, in consultation with the Commissioner which is made binding through legislation. India is already looking at regulating some intermediaries such as online gaming platforms through Self-Regulatory Bodies, a model which can be used for other intermediaries as well.
Network effects are based on the number of users an intermediary has. Naturally, large intermediaries pose a heightened risk of harm to users. At present, India’s IT Rules, 2021 categorise social media intermediaries with more than five million users as “significant intermediaries”. They have to exercise additional due diligence.
Network effects could make the current threshold redundant soon. The DIA needs to prescribe a formula for categorisation of significant intermediaries based on an impact analysis, like the EU’s threshold of categorising intermediaries with user-base greater than 10 percent of EU’s population as “very large”.
New And Emerging Technologies
The coming of LLMs also pose a fresh challenge to how intermediaries are classified. It has been argued that users approach the internet through intermediaries like search engines and web directories that help structure information and lead users to them. However, LLMs are now scraping the web using AI engines making search engines redundant. Big technology companies have already recognised this. Hence, Microsoft’s Edge now offers a version of ChatGPT while Google has Bard.
Not only does this change affect how information will be accessed but will also start changing how information on the internet is structured and monetised. A combination of these three aspects – access, structure, and monetisation – will impact intermediaries so profoundly that it will need a fresh classification both at the technical and services level.
Creating a separate classification for them in the DIA offers India an opportunity to not only catch up, but also lead the world in shaping the Internet of the future.
Shachi Solanki is the Deputy Chief of Operations with DeepStrat, a New Delhi-based think tank and strategic consultancy. This is the third article in a four-part series on the proposed path-breaking Digital India Act. Views are personal, and do not represent the stand of this publication.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
