This article is written by Mantul Bajpai, Advocate, Bombay High Court. In this article, the author discussed about the ban on tik tok and other Chinese apps. 

Introduction

On 29th June, 2020, the Government of India (“Government”) in an unprecedented action banned 59 applications, mostly Chinese applications such as Tik Tok, Camscanner and UC Browser. The move of the Government has resulted in a cacophony of both cheers and moans across various sections of the country. The Government, through Ministry of Electronics and Information Technology by way of press release dated 29th June, 2020 (“Press Release”) stated that these applications are prejudicial to sovereignty and integrity of India, defence of India, security of state and public order. 

However, the question that the article proposes to examine is whether the action of the Government banning the aforesaid applications can resist the legal challenge? It may be pertinent to notice that as per the press release, the Government has exercised its power vested under Section 69A of the Information and Technology Act, 2000 (“IT Act) to order the ban of the 59 applications, detailed in the Press Release itself. The Government’s power under Section 69A is undisputed provided its done for the right reasons and executed in the right manner. However, it is the author’s view that the Government’s action is legally untenable and the same will not withstand legal scrutiny on account of the following reasons:

No Order in terms of Section 69A of the Information Technology, Act, 2020

In terms of Section 69A of IT Act, the Government, if satisfied and for the reasons to be recorded in writing, by order, direct any agency of the Government or intermediary to block for access by the public or cause to be blocked for access by the public any information generated, transmitted, received, stored or hosted in any computer resource, when the same is against the interest of sovereignty and integrity of India, defence of India, security of the State etc. However, the action taken by the Government was disclosed to public through a Press Release and the order, if any, in terms of Section 69A of the IT Act is not made available. In the absence of detailed order by the Government, the action to ban the 59 applications is void ab inito and is likely to be set aside as the same is not in conformity with the requirement under Section 69A of the IT Act.   

Procedure as laid under Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules 2009 not followed

Section 69A (2) of the IT Act provides that the procedure and safeguards subject to which such blocking for access by the public may be carried out, shall be such as may be prescribed. Accordingly, Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules 2009 (“Blocking Rules”) were formulated and brought into force on 27th October, 2009. Rule 5 of the Blocking Rules provide that the power to block lies with the Designated Officer appointed in terms of the Blocking Rules and can be exercised upon request from Nodal Officer or a Competent Court. Admittedly, there is no order of the Competent Court. Assuming the request was made by the Nodal officer, Rule 7 and Rule 8 of the Blocking Rules provide that upon receipt of such request, a hearing before the Committee is scheduled, which considers whether or not it is necessary to block such information. It is only when the Committee finds that there is such a necessity, a blocking order is made. Upon perusal of Rule 8, it is evident that the intermediary as well as the originator, if identified must be heard before such a blocking order can be passed.  It is apparent that only after these procedural safeguards are met that blocking orders are made. However, the action of the Government by banning the 59 applications in question is in complete violation of the principles of natural justice and the provisions of Blocking Rules. 

Rule 9 of the Blocking Rules provides for blocking of information in cases of emergency where delay caused would be fatal and blocking may take place without any opportunity of hearing. While the press note does not refer to the specific rule under which the government has initiated action, it appears that the Government in exercise of power under Rule 9 (Blocking of information in cases of emergency) has given the interim direction to block the 59 applications. In such an event event, the Designated Officer shall then, not later than 48 hours of the issue of the interim direction, bring the request before the Committee referred to in Rule 7, and only on the recommendation of the Committee, is the Secretary, Department of Information Technology to pass the final order. However, resorting to Rule 9 cannot be justified when the security concerns and inadequacies of the banned application were known to the Government since a long time.

The Supreme Court, while deciding the constitutional validity of the Section 69A and the Blocking Rules in the judgment of Shreya Singhal vs. Union of India observed that Section 69A is a narrowly drawn provision with several safeguards. The Supreme Court while cnisdering the Blocking Rules went on to observe as follows:

“…The Rules further provide for a hearing before the Committee set up – which Committee then looks into whether or not it is necessary to block such information. It is only when the Committee finds that there is such a necessity that a blocking order is made. It is also clear from an examination of Rule 8 that it is not merely the intermediary who may be heard. If the “person” i.e. the originator is identified he is also to be heard before a blocking order is passed. 

However, the actions taken by Government of banning the 59 applications and the directions in this regard (detailed in the press release) are not in conformity with the rule of law, the framework under the provisions of the IT Act and the rules framed thereunder as well as the judgement of the Supreme Court in the matter of Shreya Singhal vs. Union of India. The process as per the Blocking Rules which includes giving notice, scheduling a hearing and providing a reasoned order for blocking is wholly absent as far as the present action of the Government is concerned.

Test of “satisfaction” as provided under Section 69A not met

As per the Press Release, the material placed before the Government for its satisfaction, which is a condition precedent for taking actions under Section 69A are the (1) complaints received from various sources to the Ministry of Electronics and Information Technology; (2) the recommendations made by the Indian Cyber Crime Coordination Centre, Ministry of Home Affairs;  (3) the representations raising concerns from citizens regarding security of data and risk to privacy relating to operation of certain applications; and (4) the representations received from public by the Computer Emergency Response Team (CERT-IN) regarding security of data and breach of privacy. However, the press release fails to provide any facts/ grounds as to how the Government has arrived at the satisfaction in terms of the material available before taking action under Section 69A of the Information Technology Act, 2020. 

The act of the Government is the largest instance of the web censorship in terms of the people impacted in the country and the hence, the government is duty bound to give adequate details and reasoning behind the such action and protect its citizens right to know.

Need for robust Data Protection Laws

The whole controversy is a useful reminder that in future, source of opulence and conflict will be informational in nature and hence, the strong data protection law is the need of the moment.  While other countries are enacting special legislations for protection of their data, the Government in India is threatening, imposing and revoking bans on foreign data companies when less intrusive measures can be opted for. In fact, a comprehensive legislation for protection of data namely, Personal Data Protection Bill, 2019 (“Personal Data Bill”) is currently under the scrutiny of the Joint Parliamentary Committee. The Personal Data Bill is one of the rare laws aiming at extra-territorial enforcement. The provisions of the Personal Data Bill, applies to not only data collection and processing within India but also to the processing of personal data by data fiduciaries or data processors not present within the territory of India i.e. by overseas entities. In other words, all foreign data companies offering services to Indian citizens would have to specifically submit to the proposed Indian data protection law.

Conclusion

The Government, imposing a blanket ban on the 59 applications by giving common grounds and reasoning without considering the individual case for restricting the use of each application has directly contravened the provisions of Section 69A of the Information and Technology Act, 2002. Moral or nationalist arguments in response to the restriction imposed cannot stand legal scrutiny in a court of law. Such actions in future, even if aimed at gaining political mileage must be designed to sustain legal challenge.

LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join: