In December 2019, Prime Minister Narendra Modi assured industrialists at a meeting of the Associated Chambers of Commerce and Industry of India, or ASSOCHAM, that his government would decriminalise corporate offences. He promised businesses an environment in which they could make bold decisions and invest fearlessly. Months later, the Modi government introduced changes to the Companies Act, 2013, which removed imprisonment as a penalty for due diligence violations and reduced most of them to civil penalties. The government acknowledged that these were sufficient to keep the companies under check.
However, such a conciliatory sentiment has evaded the burgeoning digital economy. The new Information Technology (IT) Rules, notified in February this year, mandate social media platforms with more than 50 lakh users to appoint a compliance officer. This person will be responsible for civil and criminal liabilities in case the platform fails to follow the new rules. Platforms are concerned that, although the new rules are designed to initiate swift action, they do so by using coercive measures that instil fear in them.
A critical difference between the imposition of civil and criminal penalties lies in the degree of surety with which one can proceed against the accused. While the former may be imposed directly in case of wrongdoing, the latter demands a high degree of proof of wrongdoing – including malicious intent. Since criminal penalties curtail the right to life and liberty, the incriminating evidence should be such that establishes, beyond reasonable doubt, that the accused cannot be given the benefit-of-doubt. For example, in murder cases, the bar to establish the accused’s guilt is high. The accused is presumed innocent unless the prosecution can prove that s/he had the intention to kill and the knowledge that his/her actions could cause death. In cases of criminal negligence, such as using the phone while driving, the prosecution has to prove that the accused acted in a manner that was obviously risky, with the knowledge that it was so, and that it was not a mere mistake or accident.
Prima facie, the ambiguity inherent in the IT Rules raises doubts about how such a threshold of proof will be met. In our assessment, they require platforms to make objective determinations over matters that are subjective. For example, the rules require digital platforms to prohibit their users from posting content that is “defamatory’ or “obscene”. They must also remove content that, in the eyes of the government, is indecent or immoral. However, when it comes to free speech, content that is acceptable to someone may prompt strong objections from others. The legislature has not yet developed nuanced standards to make such complex determinations – even though it seems to be the need of the hour. The lack of clarity has spilled over into courts, which do not proffer any universal formula to regulate speech in various media.
In this context, it is surprising that the new rules not only force social media platforms to exercise judgements on censorship, but also potentially implicate their employees in criminal proceedings. The constitutionally enshrined right to free speech of users is the principal reason why companies err on the side of caution. Now, digital platforms will be less inclined to resist requests made in bad faith and take the safer route of censoring content, rather than attempt to strike a delicate balance that preserves individual liberties.
Experiences show that they may further shy away from doing so because they could attract unwanted attention from authorities for broadcasting views that are unpalatable to some users. In August 2020, Twitter removed senior advocate Prashant Bhushan’s tweets criticising the Chief Justice of India, even though there was no court order to do so. Similarly, in November 2019, Twitter permanently suspended the account of Sanjay Hegde, another senior advocate, because he had allegedly retweeted some posts. In both instances, a furore broke out on social media over the propriety of the lawyers’ actions. For platforms that cannot match the size and scale of Twitter, the temptation to censor content might be greater because they have limited content moderation abilities, due to smaller budgets.
Building trust in digital ecosystems
The IT Rules also give the impression of creating a head-hunting provision, where the compliance officer, who must be an Indian resident employee of a company, may be tried in criminal proceedings. This is confusing from a legal standpoint.
First, the rules aim to hold a single employee personally liable for collective decisions of a platform — taken after consulting multiple departments including policy, advertising, communication, and content moderation, among others.
Second, only under rare circumstances should the employees be held liable for the acts of the company. A comparable example is under common law, where individuals in control of a company are immune from the corporate’s actions unless they have acted fraudulently and dishonestly.
Third, there must be evidence to show that the compliance officer had the primary liability and was directly responsible for the platform’s activities that led to the alleged harm. In order to prosecute the officer, one must prove that there was a deliberate criminal intention to violate due-diligence requirements. Irrespective of the method of proving or disproving the liabilities, what is certain is a series of legal uncertainties that create an atmosphere of fear and harassment.
A similar issue had come up last year when the Modi government had proposed to imprison Corporate Social Responsibility (CSR) heads of companies for failing to meet CSR norms. After much pushback from the industry, the government decided against enforcing the provision.
Admittedly, one of the hardest questions plaguing internet governance today is this: how do governments worldwide make platforms more accountable without damaging digital markets with burdensome regulations? An important first step to achieve this is to create a trust-based digital ecosystem. The threat of using criminal penalties on platforms will only achieve the opposite effect. Instead, going by the spirit of Prime Minister Modi’s December 2019 ASSOCHAM speech, the government must decriminalise offences and use civil penalties. Such a step will factor in the State’s concerns without jeopardising the growth of platforms — the two key pillars of any trust-based digital ecosystem.
The authors work at Koan Advisory Group, a technology policy consulting firm. Views are personal.
This article is part of ThePrint-Koan Advisory series that analyses emerging policies, laws and regulations in India’s technology sector. Read all the articles here.