New Indian IT Rules address some concerns, but retain teeth

01st May 2011
New Indian IT Rules address some concerns, but retain teeth

An IndiaTechOnline special ...   First  with an analysis of the new Indian IT Rules that affect what you do on the Web.

By Anand Parthasararthy

Less than a month after the time limit  it set for the public to comment on the changes it proposed to the Information Technology Act, the Indian government has put in place, new rules, arming itself with the powers to regulate web content which it deems to be harmful or dangerous under a wide spectrum of situations. But it has also toned down some of the more controversial parts of the draft, removed the provocative inclusion of blogs and bloggers in its ambit and recognized the possibility that transgressions could be unknowing or the result of automatic, that is non human, editorial selection. The most  discussed  of the 3  new sets of  rules – the Information Technology (Intermediaries guidelines) Rules, 2011 -- seek to re-define the responsibility of the “Intermediary” in the creation of web content. Such intermediaries – like cyber café owners, web hosting agencies and Net service providers – are responsible for what their “users” do. The inclusion of “bloggers” under the term user -- which caused wide spread outrage -- has been dropped in the final rules. But the term itself has now been widened to include “any person who access or avail any computer resource of intermediary for the purpose of hosting, publishing, sharing, transacting, displaying or uploading information or views and includes other persons jointly participating in using the computer resource of an intermediary…” which means in practical terms, any one who uploads any content, since “publishing” could be interpreted to include blogging.
Another change between draft and notified rule is a sentence that recognizes that publication of material deemed harmful may be unintentional or indeed beyond the practical control of the intermediary: “The intermediary shall not knowingly host or publish any information..specified in sub-rule (2) which lists all the subjects prohibited. It also excludes “transient” information involving “no exercise of any human editorial control, for onward transmission or communication to another computer resource”.  This will go a long way to  prevent  misuse of government's powers in cases of inadvertent publication of inflammatory or  proscribed material -- a scenario that is all to common where any reader can often append a comment  to an existing   posting  and go unnoticed due  to the sheer number of such comments.

It also sets a time limit of 36 hours for intermediaries to take down material that has been deemed to be contravening the Rules. However the categories of information deemed unacceptable remains almost unchanged from the draft, though many experts had pointed to the very wide ambit and susceptibility of misuse of categories like “threatens.. friendly relations with foreign states” or “is insulting any other
nation.” These provisions have now gone into the rules, in essence retaining government’s powers to impose a gag under circumstances that could flow from a farily wide  or subjective  interpretation of these terms.

A new section that was never offered in the draft relates to the obligation of intermediaries to “provide information or
any such assistance to Government Agencies who are lawfully authorised for investigative, protective, cyber security activity. The information or any such assistance shall be provided for the purpose of verification of identity, or for prevention, detection, investigation, prosecution, cyber security incidents and punishment of offences under any law for the time being in force”. This would appear to be a provision to force service providers to reveal customer’s confidential details if it is felt a crime has been committed and could well be a way to lend legal teeth to dealing with providers offering secure information transmission systems that are not amenable to interception.  Remember Blackberry!
The Rules for Intermediaries as finally notified seem to address some of the main  concerns of Net rights activists and show  a new awareness of the technological realities of the Internet, but in its core features – legalising the right of the government to restrict untrammelled ‘ free speech’ on the Internet – they are pretty much what they were meant to be.  However the  flurry of media stories in the last few days, seem largely to have been a case of ' rush to print' after a New York Times story of April 28  http://www.nytimes.com/2011/04/28/technology/28internet.html?partner=rss&emc=rss  and  reveal almost no efforts to see how the new rules differ from or  have been subtly evolved  from the first published draf, possibly in response to public feedback  

In any case, Indian users of the Internet who number over 100 million have to adjust to the new reality.  Other new rules deal with  Electronic  Serrvice Delivery; sensitive personal information and guidelines for cybercafes. The  new Information Technology Rules, 2011 as published in:
THE GAZETTE OF INDIA, EXTRAORDINARY, Part II, Section 3, Sub-section (i) of dated the 11Th April 2011
http://www.mit.gov.in/sites/upload_files/dit/files/RNUS_CyberLaw_15411.pdf  
May 2 2011