New IT rules: Social media majors will now have to follow these strict guidelines

The government of India has released The Information Technology (Guidelines For Intermediaries And Digital Media Ethics Code) Rules, 2021 to be followed by the social media companies such as Facebook and Twitter.

According to Ravi Shankar Prasad, Union IT Minister, who spoke to media persons, these focus of the rules is to empower ordinary users of social media for whom fake news and financial fraud are one of the huge challenges.

The idea is to have major social media platforms develop redressal mechanism with "soft touch" oversight from the government, he added.

Facebook has welcomed these guidelines and also thanked the Minister for recognizing the positive contributions of social media to the country. A statement by the spokesperson of Facebook reads, "We have always been clear as a company that we welcome regulations that set guidelines for addressing today’s toughest challenges on the Internet. Facebook is committed to people’s ability to freely and safely express themselves on our platforms. The details of rules like these matter and we will carefully study the new rules that were just published."

The statement also reiterated it's stance as India's ally and said they will continue to work to ensure that the platforms 'play an enabling role in fuelling the exciting digital transformation of India'.

Twitter, however, has declined to comment on the same.

The key rules include the following.

1. An intermediary should inform the users not to host, display, upload, modify, publish, transmit, store, update or share any information that are false, misleading and defamatory in nature.
2. Large social media companies are also now mandated to inform users at least once every year, in case of non-compliance with rules and regulations. They now have the right to terminate the access or usage rights of the users to the computer resource immediately or remove it in case of non-compliance.
3. Appointment of a Chief Compliance Officer is mandatory and he/she will be responsible for ensuring compliance with the Act and rules. This appointment should be made within three months of the implementation of the rules.
4. A nodal person of contact should be appointed for 24x7 coordination with law enforcement agencies and officers to ensure compliance.
5. Intermediary on receiving an order by a court or being notified by a government agency shall not host , store or publish info that is prohibited by any law in relation to interests of sovereignty and integrity of India
6. Where an intermediary collects information from a user for registration , it shall retain that information for a period of 180 days after cancellation or withdrawal of registration
7. Intermediary shall provide info under its control or possession within 72 hours of receipt of a lawful order for prevention , detection, investigation of offences
8. Social media majors should now display the contact details of the grievance officer on its application, web or mobile.
9. Social media majors will now have to disclose the first originator of the message or content that incited violence or affected the integrity or sovereignty of the country.

One of the most concerning is enabling the identification of the originator.

The rules have said that significant social media intermediary must enable the identification of the first originator of the information when required by a judicial order. This is concerning since it would mean breaking the end-to-end encryption offered by services like WhatsApp and Signal.

The think tank Internet Freedom Foundation has pointed out that the rules have introduced the requirement of traceability of the originator of information, which again breaks end-to-end encryption. Many platforms (Whatsapp, Signal etc.) retain minimal user data and use E2E encryption to provide privacy to users.