An MHA order last week authorised 10 government agencies to scan data on computers. This was followed by the Modi government’s proposal to amend the Information Technology rules for social media platforms like WhatsApp, Facebook and Twitter to “proactively identify, remove or disable access to unlawful information or content” in order to curb fake news online.
ThePrint asks: MHA snoop order & bid to amend IT rules: China-like clampdown or tracking unlawful content?
Surveillance unites governments that are otherwise divergent
Mishi Choudhary
Technology lawyer and managing partner, Mishi Choudhary & Associates
The desire to control is universal and shared by all political parties. Technological developments now offer unparalleled ability to control and watch. Surveillance unites governments that are otherwise divergent and may adhere to different political philosophies.
A population that is conscious of being watched quickly turns into a fearful, compliant one monitoring and checking their own behaviours. The mere existence of mass surveillance programmes is sufficient to stifle dissent.
For many years, India prided itself over China and celebrated its constitutional and democratic values. However, when you believe all of the world’s problems can be solved through machines, civil liberties and rights become a major obstacle. Steam-rolling over the Constitution becomes necessary.
Multiple Indian legislations, including the Indian Telegraph Act and Rules, Information Technology Act and Rules and the Code of Criminal Procedure, contain explicit provisions that allow central and state governments to intercept and monitor the nation’s communication networks. We need an overhaul of this opaque surveillance regime that is run solely by the executive arm of the government.
The Intermediary Liability rules are just another way to execute censorship by proxy. We have seen this before in 2011 when Kapil Sibal tried to do the same. Such regulations have almost always created more problems than they have solved.
Companies need a predictable regulatory environment to thrive and citizens need a state of affairs where their rights are not threatened.
I think the problem of disinformation can be solved by other measures and not via this route.
Don’t shoot the messenger, but find the source of fake news
Prasanto K. Roy
Tech writer and policy consultant
New Delhi wants WhatsApp to break encryption, trace specified messages, and report their origin. BlackBerry lost that battle in 2013 after two years of pushback.
There is reason. Forwarded fake news on WhatsApp kills, and law enforcement agencies need to know who created and first sent a message that ultimately resulted in lynchings or attacks.
But this is thin ice. First, forcing WhatsApp to break encryption breaks their product USP. There is a reason so many people in politics, government and law enforcement use WhatsApp messaging and calls. Breaking encryption would trigger similar demands from a dozen regimes with dodgy human rights.
Two, we don’t know what safeguards will prevent citizens at large, critics, journalists, RTI activists, or minority members, from being targeted. For seven years, Section 66A was used to harass dissenters, political rivals and citizens on social media (and still is sometimes, three years after being struck down).
Three, why isn’t there a crackdown on fake news where the source is known, or where major influencers are spreading it? Most fake news in 2019 India will emerge from political parties’ IT and SM cells or supporters. Digital forensics can track down images and video. Underfunded startups are doing this; a state-funded digital forensic lab could easily aim for tracing 1 per cent of the fake news out there—enough to have an impact on the rest.
How can we be sure that the amended IT Act won’t be used by authorities to gag dissent?
Osama Manzar
Founder, Digital Empowerment Foundation
The government’s proposed amendment to rules under Section 79 of the Information Technology Act comes in the wake of rising violence, attributed largely to misinformation and fake messages, on social media.
A slew of measures have been suggested in the proposed amendment that will introduce traceability on online platforms and require intermediaries to respond government queries with 72 hours, among other things. These new rules, the government claims, aim to track—and take action against—‘unlawful content’ online.
However, without clearly and objectively defining what is ‘unlawful’, the amendment will potentially allow the government to target groups and individuals arbitrarily, on mere suspicion or even possibly in vengeance. This would be a gross violation of the freedom of expression guaranteed by the Constitution under Article 19. In the past, we have seen young girls being arrested for an innocent social media post on the charges of “offensive content” (Section 66A of the IT Act) and cartoonists and satirists put behind bars on charges of sedition (Section 124A). So how can we be sure that this proposed amendment won’t be used by the authorities against journalists, activists and other civil society members to gag dissent in our democracy?
All eyes now on govt to see how they balance sovereign interests and personal privacy
Pavan Duggal
Advocate, Supreme Court and expert in cyberlaw
India is seeing a renewed debate on the powers of the government. The Government authorised 10 agencies to intercept data under Section 69 of the Information Technology Act, 2000. In the post-privacy judgment era, such an action is bound to be viewed with a lot of suspicion and anxiety.
The Centre proposing amendments to the Information Technology (Intermediary Guidelines) Rules, 2011 has further sought to consolidate the powers of asking information from an intermediary. The proposed amendments apart from being vague and broad, do not have adequate checks and balances in place. They are not only going to strengthen the hands of the government, but could also potentially be misused. There is a need to revisit the ambit and scope of powers under Section 69 of the Information Technology Act, 2000.
All eyes are now on the government to see how they balance sovereign interests and personal privacy.
No concrete steps taken by either NDA or UPA to enact laws for surveillance reform
Amber Sinha
Senior Programme Manager, Centre for Internet and Society
The MHA order which gives 10 government agencies the power to intercept, monitor and decrypt ‘any information’ generated, transmitted, received, or stored in any computer, reaffirms the sorry state of communication surveillance law in India. This is reflected in the lack of judicial review, minimal legislative oversight and no regard for the principles of necessity, proportionality, user notification and transparency.
Despite detailed recommendations by the Committee of Experts led by Justice AP Shah back in 2013, there have been no concrete steps taken by either the current NDA government or the previous UPA government to enact laws for surveillance reform. The draft bill by the committee led by Justice Srikrishna does refer to the principles of necessity and proportionality, but stops short of recommending an overhaul of the surveillance regime. This notification is but merely the logical next step in the existing framework for communications surveillance.
On the other hand, the draft amendments to the IT Act regulations seek to address the problem of ‘unlawful content’ and seem to stem largely from concerns about the use of platforms like Facebook and WhatsApp to spread disinformation and impact electoral processes in India. To that extent, these steps are misguided and betray a failure to engage with the actual problem. Already, the powers of content moderation exercised by online platforms suffer from problems of transparency and accountability. The draft regulations will only serve to compound this problem while unreasonably expecting the platforms to exercise powers which should require judicial determination.
Our national security does not need to clash with our right to privacy
Kazim Rizvi
Digital policy expert and founding director, The Dialogue
The MHA order granting unfettered data access to government agencies could pose a risk to our privacy, and therefore, must pass the test of constitutionality.
Post the Puttaswamy judgment, which said privacy is a fundamental right, and the Aadhaar judgment that struck down Section 33(2), it is clear that mere bureaucratic approvals for access to citizen’s data do not constitute due process of law. In light of this order and data localisation move, we need a system in place that tasks the functions of agencies, has appropriate judicial safeguards in place and parliamentary oversight for the execution of their orders. Our national security does not need to clash with our right to privacy, and through appropriate structures and surveillance reforms, it is possible to achieve both.
We do welcome the government’s intent to curb fake news on social media, however, the steps that have been suggested in the notifications may not be the best way to do it. Breaking encryption, traceability of information, longer data retention, and taking down of posts pro-actively – all this may impact our freedom of speech on the internet.
We need due process of law for the disclosure of data with judicial safeguards, defined procedures, checks and balances in place to make data fiduciaries more accountable.
By Fatima Khan, journalist at ThePrint. You can follow her on twitter @khanthefatima.