India’s new social media rules revealed on February 25 should come as no surprise, given the lessons the country learnt from the Capitol Hill incidents in the United States and the Bharatiya Janata Party (BJP)-led National Democratic Alliance (NDA) government’s recent confrontation with Twitter over removal of ‘objectionable’ content on the farmer protests.
First and foremost, the rules quash the growing fear that the tech companies may have become more powerful than governments — a justifiable concern arising from social media’s arbitrary and uneven policing of content for many years, and especially so in the recent run-up to the ratification of the US presidential race. So it’s nobody’s case that social media should be allowed any more powers than they already exercise.
The rules also represent an emphatic assertion of government — not just the one in power today. The central government had already won its battle with Twitter, forcing the microblogging service to rein in its own liberal interpretations of free speech. It could presumably have quashed any disobedience from any other platform.
Still, the government had to lay down the law, and establish its authority without fear of further challenges. To that extent, India’s new social media rules are strong and robust, and might be a template for adoption by many other countries.
Besides setting stern terms — and speedier timelines — for social media’s response to government’s requests for content or account takedown, or for information, the rules lay out a burdensome grievance redress mechanism in which the government is the final arbiter. Consequently, it is hard to see any social media platform booting anybody from government off their platforms, unlike the treatment they meted out to former US President Donald Trump.
The rules have a few gaps — some appear deliberate and some likely to be plugged later. Even though the rules are sprinkled with the term ‘court order’, they do not lay out any path for judicial redress. They simply permit courts to exercise power similar to what government enjoys in policing social media. The deliberate lack of judicial oversight to oversee potential executive abuse is glaring, but not surprising because it is insufficient even in the Information Technology Act of 2000.
This gap could leave users at the wrong end of both social media platforms, as well as government, with no recourse for justice. It is also not clear if the government could, say, tell a social media platform to permanently suspend an individual or entity for any reason for what it might consider repeat offenses.
A rule that requires social media sites to identify the “first originator” of any content is not new. It has been expressed often by IT minister Ravi Shankar Prasad but gets statutory status now. It raises curiosity because it is singularly aimed at one platform — WhatsApp.
WhatsApp uses so-called end-to-end encryption, which means only the sender and the recipient can read a message between the two. Over the past several years, many governments around the world — notably the US, the United Kingdom and Australia — have wrangled with Facebook and Apple over providing law enforcement a ‘backdoor’ that would let them access private messages when investigating, say, terrorism or child sex exploitation. Neither company has relented. Apple has stood its ground on device encryption, while Facebook has pledged to further strengthen end-to-end encryption.
India’s stand is nuanced. It does not seek to break encryption and demand access to the content of private messages. That is because it does not seek private messages, only controversial ones that trigger unrest. It can access the content of these messages from a million sources. Instead, what it demands is that platforms identify the original author of a message on Indian soil. Under the rules, if the “first originator” of any content is outside the country, the person forwarding it first in India would be deemed the “first originator”.
Contrary to perceptions, data on the “first originator” is not really tied to end-to-end encryption. Information about the “first originator” is part of what is known as metadata, which consists of anything including time and location. In debates WhatsApp obfuscates it with encryption because it is hard to reject access to such metadata. But revealing the “first originator” also poses several risks. Any concession it grants to India could be demanded by other countries.
It will be interesting to see how far India would go in pressing WhatsApp to comply with the new rule, and whether or not Facebook chief Mark Zuckerberg would make any concessions in order to safeguard its biggest market.