This article is written by Sahaja from NALSAR University of Law, Hyderabad. This article deals with some of the important rules and guidelines mentioned in the Information Technology Rules, 2021, and the grievance redressal mechanism stated under the same. 

Introduction

The Ministry of Electronics and Information Technology (MeitY) introduced new rules under the Information Technology Act, 2000, to monitor social media and digital media platforms. These new rules are called The Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules, 2021. These guidelines serve two main and important purposes:

• To increase accountability of social media platforms to prevent their misuse and abuse
• To empower users of social media by establishing a three-tier redressal mechanism for efficient grievance resolution. 

Before dealing with the aforementioned purposes, the article first gives an insight into the historical background of how the rules came into existence. 

Historical background of OTT Regulation and the Intermediary Guidelines Rules

Prior to the introduction of these guidelines there did not exist a legal framework for digital media in India. The Ministry of Information Broadcasting (MIB) had no control over online content and the courts used the IT Act to regulate cases and decisions relating to online content. OTT (Over The Top- any streaming service that delivers content over the internet for example Hotstar, Netflix) players made several attempts to develop a transparent regulation for digital content. 

In 2005, the MIB claimed not to have authority over online control and stated that it was not seeking any guidelines or a regulatory framework. A Public Interest Litigation was filed in 2018 by an NGO which demanded separate guidelines to regulate online content. This was dismissed by the Delhi High Court saying that the MIB opined that online platforms did not require any kind of license to display content nor did they require any regulatory framework. The Ministry of Electronics and Information Technology (“MeitY”) also stated that it does not regulate internet content and that certain sections of the IT Act would be applicable. The court had further stated that Section 69, 66A, and 67B of the IT Act would be applicable and that no power for regulation would be available. It was held that the IT Act housed sufficient guidelines to take action concerning the online content. 

In October 2020, the Supreme Court issued a notice through a PIL to the Centre via which the demand for an autonomous regulatory system for online content was put forth. Several OTT platforms like Hotstar, Netflix, and Prime were adopting self-regulatory guidelines to guide content providers to cater to the needs and interests of customers.  

As mentioned previously, the Central Government can issue directives to limit public access to any information online under Section 69A of the IT Act. The IT (Intermediary Guidelines) Rules, 2011 establish a due diligence framework for intermediaries to follow when hosting or publishing material on any of their computer resources. The guidelines may also apply to over-the-top (OTT) platforms.

The transition from cable television to OTT platforms for entertainment has become increasingly common in the post-COVID-19 era. Due to this, there has been a greater demand for a definitive framework that would serve the purpose of regulating intermediaries and online content. After years of debating on this, the Ministry of Electronics and Information Technology notified new rules under the IT Act called The Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules, 2021. Under the new laws, OTT platforms would be referred to as “publishers of online curated content.” OTT platforms, online news, and digital media businesses would be required to adhere to a Code of Ethics.

Public consultation for the guidelines

In 2018, MeitY prepared the draft Information Technology (Intermediary Guidelines) Rules. A Government open house was held on 5th January 2019 to discuss the rules. Time was given till 28th January for counter comments. Comments on the proposed amendments were also invited early in 2019. As a result, the government issued the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 on February 25th of this year. The Information Technology (Intermediaries Guidelines) Rules of 2011 have been replaced by the 2021 Rules. The previous set of rules applied only to intermediaries. The new Rules also expanded the scope of intermediary oversight by bringing online news content and over-the-top (“OTT”) platforms within its jurisdiction.

When considering the scope and type of the proposed framework for regulating social media and digital media platforms in India, the Government of India looked at models used in other countries such as Singapore, Australia, the European Union, and the United Kingdom.

Due diligence requirements by intermediaries

Intermediaries under this act must obey the aspect of due diligence. The intermediaries must exercise due diligence which has been laid down under these rules. The Rules replace the Old Intermediary Guidelines’ obligations (such as the requirement to prominently disclose the terms of service, privacy policy, and user agreement) with the following new ones :

• The intermediaries must inform the users of any changes to the terms of use or privacy policy and the consequences of the non-compliance, regularly, at least once a year. The user must be forbidden from hosting, displaying, uploading, altering, publishing, sending, storing, updating, or distributing any content that is in violation of societal norms, immoral, defamatory to the general public, or misleads the general public, according to the policy.
• The rules prescribe a takedown procedure: An order can be notified by any Court or agency that the intermediary should not publish any unlawful information under Section 79(3)(b) of the IT Act. Within 36 hours of receiving such an order or instruction, the intermediaries must remove or disable access to unlawful content, and they may also voluntarily remove any prohibited information. The Safe Harbour Protection will not be diluted by complying with takedown requests or voluntarily removing information.
• In addition to the requirement under the Old Intermediary Guidelines to appoint a grievance officer and publish their name and contact information, the Rules require an intermediary to establish a grievance redressal mechanism, acknowledge receipt of user complaints within 24 hours, and resolve disputes within 15 days.
• Within 24 hours after receiving a complaint, the intermediary must take all necessary actions to prevent access to non-consensual and sexually explicit material.
• Intermediaries must maintain information and user registration records for 180 days:

1. after removing or disabling access to any unlawful information based on actual knowledge or on a voluntary basis, or upon receiving any grievances received by it, and

2. in case of a user cancelling registration. 

• Information or assistance must be provided to authorized government agencies within 72 hours from the receipt of the order for verification of identity, prevention, detection, investigation, or prosecution of unlawful offences or for cybersecurity incidents. 
• In addition to these compliances, any intermediary which transmits News and Current Affairs (defined in Part B below) content on behalf of publishers, such as an entity aggregating and displaying news and current Affairs created by publishers on its platform, must comply with the following additional requirements:

1. A clear statement must be published on the intermediaries website or mobile app that the user must furnish details of their accounts to the MIB.

2. A demonstrable mark must be provided to all users which is visible to share info with the MIB. 

Due diligence requirements for significant social media intermediaries

The Rules establish a subset of intermediaries known as a “substantial social media intermediary” (SSMI), which is defined as a social media intermediary with at least 50 lakh (5 million) registered users. The term “social media intermediary” (SMI) has been described as an intermediate that allows two or more people to produce, upload, share, disseminate, alter, or access content using its services.

The SSMIs are subject to other rules and guidelines to which they owe diligence. These additional obligations are:

• As Chief Compliance Officer (CCO), Grievance Redressal Officer (GRO), and the SSMI’s primary point of contact, each SSMI must appoint one Indian resident employee. The CCO must be a senior employee or key managerial personnel from among these. In order to receive communications, the SSMI must have a physical contact address in India.
• If a court or competent authority issues an order under section 69 of the IT Act, SSMIs that provide messaging services must be able to identify the first originator of the information. It must give an electronic copy of the information relevant to the first originator to the court or government authority.
• SSMIs shall make every effort to use automated technologies to detect and remove illegal content (anything depicting rape or child sexual abuse in any form). It must do so while balancing the use of such tools against the interests of its users, particularly their fundamental rights guaranteed under the Constitution. 
• Monthly compliance reports must be published, which indicate the number of complaints received, action taken against the complaint, information removed, or access disabled for information. 
• If an SSMI provides services or transmits information on behalf of another person for direct financial gain, or targets the receiver of the information, it must explicitly identify that the information is being marketed, sponsored, or solely targeted to the recipient.
• If an SSMI voluntarily removes or disables access to unlawful content, it must:

(i) notify the user who created, uploaded, shared, disseminated, or modified the content;   

(ii) provide the user with a reasonable opportunity to contest the action and request reinstatement; and 

(iii) ensure that the grievance officer oversees the dispute resolution process.

• If the MeitY determines that an intermediary’s services constitute  ‘material risk of damage,’ it can issue an order compelling that intermediary (which is not an SSMI) to comply with the foregoing additional due diligence standards applicable to SSMIs.

Grievance redressal mechanism

Under Rule 10 of the Information Technology Rules, 2021, a framework for the grievance redressal mechanism has been established. This mechanism is a three-tier system. This model is suitable for Indian-based publications. It’s unclear whether this model will apply to publishers who don’t have a physical presence in the country. The first level is self-regulation by the publisher, the second is the creation of a self-regulating body and the third is an oversight by the Government. 

1st tier – grievance redressal

The Publisher’s grievance redressal procedure is included at this level. According to Rule 11 of the new IT Rules, 2021, an applicable body shall select a Grievance Redressal Officer who must address the grievance within 15 days. The officer in question would also be the point of contact for complaints on the Code of Ethics.

2nd tier – Self-regulatory body

Rule 12 of the guidelines states that one or more self-regulating bodies consisting of publishers/ industry experts which would be headed by a retired judge of the Supreme Court/ High Court and registered with the MIB must be established. The Ministry of Information and Broadcasting must register these bodies. This committee shall oversee the publisher’s adherence to the Code of Ethics, resolve concerns that the publisher has not resolved within 15 days, and hear complaints filed by complainants.

3rd tier – Oversight mechanism 

An Oversight Mechanism has been established to guarantee that the publishers follow the Code of Ethics. An Inter-Departmental Committee is formed to hear issues under this process. The committee shall be led by the Authorized Officer, who will hear and investigate complaints or grievances received from Level I/ Level II or MIB.

Conclusion

The Intermediary Guidelines are essentially an attempt to create a soft-touch, self-regulatory architecture for digital media platforms operating in India and a three-tier grievance redressal procedure. The new laws are designed to create a self-regulatory framework for internet intermediaries, social media platforms, streaming services, and digital media companies.

Compliance with the Intermediary Guidelines, on the other hand, is expected to be a difficult assignment for social media and digital media platforms, and it is also being challenged as an attempt to limit freedom of speech and expression. To address the challenges of protecting and safeguarding the rights of victims of social media abuse vs individual freedom of expression, a delicate balance would be required.

References

• https://www.mondaq.com/india/social-media/1063198/the-information-technology-intermediary-guidelines-and-digital-media-ethics-code-rules-2021-impact-on-digital-media- 
• https://www.telestream.net/video/solutions/what-is-ott.htm
• Justice for Rights Foundation Vs. Union of India WPC no. 11164/2018 
• https://www.mondaq.com/india/social-media/1074450/brief-note-on-the-information-technology-intermediary-guidelines-and-digital-media-ethics-code-rules-2021 

---

LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join: