The Centre for Internet and Society
http://editors.cis-india.org
These are the search results for the query, showing results 71 to 84.
Statutory Motion Against Intermediary Guidelines Rules
http://editors.cis-india.org/internet-governance/blog/statutory-motion-against-intermediary-guidelines-rules
<b>Rajya Sabha MP, Shri P. Rajeev has moved a motion that the much-criticised Intermediary Guidelines Rules be annulled. </b>
<h2>Motion to Annul Intermediary Guidelines Rules</h2>
<p>A <a href="http://164.100.47.5/newsite/bulletin2/Bull_No.aspx?number=49472">motion to annul</a> the <a href="http://cis-india.org/internet-governance/resources/intermediary-guidelines-rules">Intermediary Guidelines Rules</a> was moved on March 23, 2012, by <a href="http://india.gov.in/govt/rajyasabhampbiodata.php?mpcode=2106">Shri P. Rajeeve</a>, CPI(M) MP in the Rajya Sabha from Thrissur, Kerala.</p>
<p>The motion reads:</p>
<p>"That this House resolves that the Information Technology (Intermediaries Guidelines) Rules, 2011 issued under clause (zg) of sub-section (2) of Section 87 read with sub-section (2) of Section 79 of the Information Technology Act, 2000 published in the Gazette of India dated the 13th April, 2011 vide Notification No. G.S.R 314(E) and laid on the Table of the House on the 12th August, 2011, be annuled; and</p>
<p>That this House recommends to Lok Sabha that Lok Sabha do concur on this Motion."</p>
<p>This isn't the first time that Mr. Rajeeve is raising his voice against the Intermediary Guidelines Rules. Indeed, even when the Rules were just in draft stage, he along with the MPs Kumar Deepak Das, Rajeev Chandrashekar, and Mahendra Mohan drew Parliamentarians' <a href="http://rajeev.in/pages/..%5CNews%5Ccensorship_Blogs%5CBloggers_Internet.html">attention to the rules</a>. Yet, the government did not heed the MPs' concern, nor the concern of all the civil society organizations that wrote in to them concerned about human rights implications of the new laws. On September 6, 2011, Lok Sabha MP <a href="http://editors.cis-india.org/internet-governance/blog/164.100.47.132/debatestext/15/VIII/0609.pdf">Jayant Choudhary gave notice</a> (under Rule 377 of the Lok Sabha Rules) that the Intermediary Guidelines Rules as well as the Reasonable Security Practices Rules need to be reviewed. Yet, the government has not even addressed those concerns, and indeed has cracked down even harder on online freedom of speech since then.</p>
<h2>Fundamental Problems with Intermediary Guidelines Rules</h2>
<p>The fundamental problems with the Rules, which deal with objectionable material online:</p>
<h3>Shifting blame.</h3>
<p>It makes the 'intermediary', including ISPs like BSNL and Airtel responsible for objectionable content that their users have put up.</p>
<h3>No chance to defend.</h3>
<p>There is no need to inform users before this content is removed. So, even material put up by a political party can be removed based on <em>anyone's</em> complaint, without telling that party. This was done against a site called *CartoonsAgainstCorruption.com". This goes against Article 19(1)(a).</p>
<h3>Lack of transparency</h3>
<p>No information is required to be provided that content has been removed. It's a black-box system, with no one, not even the government, knowing that content has been removed following a request. So even the government does not know how many sites have been removed after these Rules have come into effect.</p>
<h3>No differentiation between intermediaries.</h3>
<p>A one-size-fits-all system is followed where an e-mail provider is equated with an online newspaper, which is equated with a video upload site, which is equated with a search engine. This is like equating the post-office and a book publisher as being equivalent for, say, defamatory speech. This is violative of Article 14 of the Constitution, which requires that unequals be treated unequally by the law.</p>
<h3>No proportionality.</h3>
<p>A DNS provider (i.e., the person who gives you your web address) is an intermediary who can be asked to 'disable access' to a website on the basis of a single page, even though the rest of the site has nothing objectionable.</p>
<h3>Vague and unconstitutional requirements.</h3>
<p>Disparaging speech, as long as it isn't defamatory, is not criminalised in India, and can't be because the Constitution does not allow for it. Content about gambling in print is not unlawful, but now all Internet intermediaries are required to remove any content that promotes gambling.</p>
<h3>Allows private censorship.</h3>
<p>The Rules do not draw a distinction between arbitrary actions of an intermediary and take-downs subsequent to a request.</p>
<h3>Presumption of illegality.</h3>
<p>The Rules are based on the presumption that all complaints (and resultant mandatory taking down of the content) are correct, and that the incorrectness of the take-downs can be disputed in court (if they ever discover that it has been removed). This is contrary to the presumption of validity of speech used by Indian courts, and is akin to prior restraint on speech. Courts have held that for content such as defamation, prior restraints cannot be put on speech, and that civil and criminal action can only be taken post-speech.</p>
<h3>Government censorship, not 'self-regulation'.</h3>
<p>The government says these are industry best-practices in existing terms of service agreements. But the Rules require all intermediaries to include the government-prescribed terms in an agreement, no matter what services they provide. It is one thing for a company to choose the terms of its terms of service agreement, and completely another for the government to dictate those terms of service.</p>
<h2>Problems Noted Early</h2>
<p>We have noted in the past the problems with the Rules, including when the Rules were still in draft form:</p>
<ul>
<li>
<p><a href="http://cis-india.org/internet-governance/blog/intermediary-due-diligence">CIS Para-wise Comments on Intermediary Due Diligence Rules, 2011</a> </p>
</li>
<li>
<p><a href="http://www.outlookindia.com/article.aspx?279712">E-Books Are Easier To Ban Than Books</a></p>
</li>
<li>
<p><a href="http://kafila.org/2012/01/11/invisible-censorship-how-the-government-censors-without-being-seen-pranesh-prakash/">Invisible Censorship: How the Government Censors Without Being Seen</a></p>
</li>
<li>
<p><a href="http://india.blogs.nytimes.com/2011/12/07/chilling-impact-of-indias-april-internet-rules/">'Chilling' Impact of India's April Internet Rules</a></p>
</li>
<li>
<p><a href="http://www.tehelka.com/story_main51.asp?filename=Op280112proscons.asp">The Quixotic Fight To Clean Up The Web</a></p>
</li>
<li>
<p><a href="http://cis-india.org/internet-governance/online-pre-censorship-harmful-impractical">Online Pre-censorship is Harmful and Impractical</a></p>
</li>
<li>
<p><a href="http://www.indianexpress.com/story-print/787789/">Killing the Internet Softly With Its Rules</a></p>
</li>
</ul>
<p>Other organizations like the Software Freedom Law Centre also sent in <a href="http://softwarefreedom.in/index.php?option=com_content&view=article&id=78&Itemid=79">scathing comments on the law</a>, noting that they are unconstitutional.</p>
<p>We are very glad that Shri Rajeeve has moved this motion, and we hope that it gets adopted in the Lok Sabha as well, and that the Rules get defeated.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/statutory-motion-against-intermediary-guidelines-rules'>http://editors.cis-india.org/internet-governance/blog/statutory-motion-against-intermediary-guidelines-rules</a>
</p>
No publisherpraneshIT ActParliamentFreedom of Speech and ExpressionInternet GovernanceIntermediary LiabilityCensorship2012-04-03T09:35:41ZBlog EntryHow India Makes E-books Easier to Ban than Books (And How We Can Change That)
http://editors.cis-india.org/internet-governance/blog/india-ebooks-easier-to-ban-than-books
<b>Without getting into questions of what should and should not be unlawful speech, Pranesh Prakash chooses to take a look at how Indian law promotes arbitrary removal and blocking of websites, website content, and online services, and how it makes it much easier than getting offline printed speech removed.</b>
<h2>E-Books Are Easier To Ban Than Books, And Safer</h2>
<p>Contrary to what Mr. Sibal's recent hand-wringing at objectionable online material might suggest, under Indian laws currently in force it is far easier to remove material from the Web, by many degrees of magnitude, than it is to ever get them removed from a bookstore or an art gallery. To get something from a bookstore or an art gallery one needs to collect a mob, organize collective outrage and threats of violence, and finally convince either the government or a magistrate that the material is illegal, thereby allowing the police to seize the books or stop the painting from being displayed. The fact of removal of the material will be noted in various records, whether in government records, court records, police records or in newspapers of record. By contrast, to remove something from the Web, one needs to send an e-mail complaining about it to any of the string of 'intermediaries' that handle the content: the site itself, the web host for the site, the telecom companies that deliver the site to your computer/mobile, the web address (domain name) provider, the service used to share the link, etc. Under the <a href="http://editors.cis-india.org/internet-governance/resources/intermediary-guidelines-rules">'Intermediary Guidelines Rules'</a> that have been in operation since 11th April 2011, all such companies are required to 'disable access' to the complained-about content within thirty-six hours of the complaint. It is really that simple.</p>
<p>"That's ridiculous," you think, "surely he must be exaggerating." Think again. A researcher working with us at the Centre for Internet and Society tried it out, several times, with many different intermediaries and always with frivolous and flawed complaints, and was successful <a class="external-link" href="http://www.cis-india.org/news/chilling-impact-of-indias-april-internet-rules"> six out of seven times </a>. Thus it is easier to prevent Flipkart or Amazon from selling Rushdie's Midnight's Children than it is to prevent a physical bookstore from doing so: today Indira Gandhi wouldn't need to win a lawsuit in London against the publishers to remove a single line as she did then; she would merely have to send a complaint to online booksellers and get the book removed. It is easier to block Vinay Rai's Akbari.in (just as CartoonsAgainstCorruption.com was recently blocked) than it is to prevent its print publication. Best of all for complainants: there is no penalty for frivolous complaints such as those sent by us, nor are any records kept of who's removed what. Such great powers of censorship without any penalties for their abuse are a sure-fire way of ensuring a race towards greater intolerance, with the Internet — that republic of opinions and expressions — being a casualty.</p>
<h2>E-Book Bans Cannot Be Challenged</h2>
<p>In response to some of the objections raised, the Cyberlaw Division of the Department of Information Technology, ever the dutiful guardian of free speech, noted that if you have a problem with access to your content being 'disabled', you could always <a href="http://www.pib.nic.in/newsite/erelease.aspx?relid=72066">approach a court</a> and get that ban reversed. Unfortunately, the Cyberlaw Division of the Department of Information Technology forgot to take into account that you can't contest a ban/block/removal if you don't know about it. While they require all intermediaries to disable access to the content within thirty-six hours, they forgot to mandate the intermediary to tell you that the content is being removed. Whoops. They forgot to require the intermediary to give public notice that content has been removed following a complaint from person ABC or corporation XYZ on such-and-such grounds. Whoops, again.</p>
<p>So while records are kept, along with reasons, of book bans, there are no such records required to be kept of e-book bans.</p>
<h2>E-Book Censors Are Faceless</h2>
<p>Vinay Rai is a brave man. He is being attacked by fellow journalists who believe he's disgracing the professional upholders of free-speech, and being courted by television channels who believe that he should be encouraged to discuss matters that are sub judice. He is viewed by some as a man who's playing politics in courts on behalf of unnamed politicians and bureaucrats, while others view him as being bereft of common-sense for believing that companies should be legally liable for not having been clairvoyant and removing material he found objectionable, though he has never complained to them about it, and has only provided that material to the court in a sealed envelope. I choose, instead, to view him as a scrupulous and brave man. He has a face, and a name, and is willing to openly fight for what he believes in. However, there are possibly thousands of unscrupulous Vinay Rais out there, who know the law better than he does, and who make use not of the court system but of the Intermediary Guidelines Rules, firmly assured by those Rules that their censorship activities will never be known, will never be challenged by Facebook and Google lawyers, and will never be traced back to them.</p>
<h2>Challenging Invisible Censorship</h2>
<p>Dear reader, you may have noticed that this is a bit like a trial involving Free Speech in which Free Speech is presumed guilty upon complaint, is not even told what the charges against it are, has not been given a chance to prove its innocence, and has no right to meet its accusers nor to question them. Yet, the Cyberlaw Division of the Department of Information Technology continues to issue press releases defending these Rules as fair and just, instead of being simultaneously Orwellian and Kafkaesque. These Rules are delegated legislation passed by the Department of Information Technology under <a href="http://editors.cis-india.org/internet-governance/resources/section-79-information-technology-act">s.79 of the Information Technology Act</a>. The Rules were laid before Parliament during the 2011 Monsoon session. We at CIS believe that these Rules are *ultra vires* the IT Act as well as the Constitution of India, not only with respect to what is now (newly) proscribed online (which in itself is enough to make it unconstitutional), but how that which is purportedly unlawful is to be removed. We have prepared an alternative that we believe is far more just and in accordance with our constitutional principles, taking on best practices from Canada, the EU, Chile, and Brazil, while still allowing for expeditious removal of unlawful material. We hope that the DIT will consider adopting some of the ideas embodied in our draft proposal.</p>
<p>As Parliament passed the IT Act in the midst of din, without any debate, it is easy to be skeptical and wonder whether Rules made under the IT Act will be debated. However, I remain hopeful that Parliament will not only exercise its power wisely, but will perform its solemn duty — borne out of each MP's oath to uphold our Constitution — by rejecting these Rules.</p>
<p>Photo credit: <a href="https://secure.flickr.com/photos/grandgrrl/5240360344/">Lynn Gardner</a>, under CC-BY-NC-SA 2.0 licence*</p>
<p><a class="external-link" href="http://www.outlookindia.com/article.aspx?279712">This was reproduced in Outlook Magazine</a> on 27 January 2012</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/india-ebooks-easier-to-ban-than-books'>http://editors.cis-india.org/internet-governance/blog/india-ebooks-easier-to-ban-than-books</a>
</p>
No publisherpraneshObscenityFreedom of Speech and ExpressionInternet GovernanceFeaturedIntermediary LiabilityCensorship2012-02-21T11:50:56ZBlog EntryInvisible Censorship: How the Government Censors Without Being Seen
http://editors.cis-india.org/internet-governance/invisible-censorship
<b>The Indian government wants to censor the Internet without being seen to be censoring the Internet. This article by Pranesh Prakash shows how the government has been able to achieve this through the Information Technology Act and the Intermediary Guidelines Rules it passed in April 2011. It now wants methods of censorship that leave even fewer traces, which is why Mr. Kapil Sibal, Union Minister for Communications and Information Technology talks of Internet 'self-regulation', and has brought about an amendment of the Copyright Act that requires instant removal of content.</b>
<h2>Power of the Internet and Freedom of Expression</h2>
<p>The Internet, as anyone who has ever experienced the wonder of going online would know, is a very different communications platform from any that has existed before. It is the one medium where anybody can directly share their thoughts with billions of other people in an instant. People who would never have any chance of being published in a newspaper now have the opportunity to have a blog and provide their thoughts to the world. This also means that thoughts that many newspapers would decide not to publish can be published online since the Web does not, and more importantly cannot, have any editors to filter content. For many dictatorships, the right of people to freely express their thoughts is something that must be heavily regulated. Unfortunately, we are now faced with the situation where some democratic countries are also trying to do so by censoring the Internet.</p>
<h2>Intermediary Guidelines Rules</h2>
<p>In India, the new <a class="external-link" href="http://www.mit.gov.in/sites/upload_files/dit/files/GSR314E_10511%281%29.pdf">'Intermediary Guidelines' Rules</a> and the <a class="external-link" href="http://mit.gov.in/sites/upload_files/dit/files/GSR315E_10511%281%29.pdf">Cyber Cafe Rules</a> that have been in effect since April 2011 give not only the government, but all citizens of India, great powers to censor the Internet. These rules, which were made by the Department of Information Technology and not by the Parliament, require that all intermediaries remove content that is 'disparaging', 'relating to... gambling', 'harm minors in any way', to which the user 'does not have rights'. When was the last time you checked wither you had 'rights' to a joke before forwarding it? Did you share a Twitter message containing the term "#IdiotKapilSibal", as thousands of people did a few days ago? Well, that is 'disparaging', and Twitter is required by the new law to block all such content. The government of Sikkim can run advertisements for its PlayWin lottery in newspapers, but under the new law it cannot do so online. As you can see, through these ridiculous examples, the Intermediary Guidelines are very badly thought-out and their drafting is even worse. Worst of all, they are unconstitutional, as they put limits on freedom of speech that contravene <a class="external-link" href="http://lawmin.nic.in/coi/coiason29july08.pdf">Article 19(1)(a) and 19(2) of the Constitution</a>, and do so in a manner that lacks any semblance of due process and fairness.</p>
<h2>Excessive Censoring by Internet Companies</h2>
<p>We, at the Centre for Internet and Society in Bangalore, decided to test the censorship powers of the new rules by sending frivolous complaints to a number of intermediaries. Six out of seven intermediaries removed content, including search results listings, on the basis of the most ridiculous complaints. The people whose content was removed were not told, nor was the general public informed that the content was removed. If we hadn't kept track, it would be as though that content never existed. Such censorship existed during Stalin's rule in the Soviet Union. Not even during the Emergency has such censorship ever existed in India. Yet, not only was what the Internet companies did legal under the Intermediary Guideline Rules, but if they had not, they could have been punished for content put up by someone else. That is like punishing the post office for the harmful letters that people may send over post.</p>
<h2>Government Has Powers to Censor and Already Censors<br /></h2>
<p>Currently, the government can either block content by using section 69A of the Information Technology Act (which can be revealed using RTI), or it has to send requests to the Internet companies to get content removed. Google has released statistics of government request for content removal as part of its Transparency Report. While Mr. Sibal uses the examples of communally sensitive material as a reason to force censorship of the Internet, out of the 358 items requested to be removed from January 2011 to June 2011 from Google service by the Indian government (including state governments), only 8 were for hate speech and only 1 was for national security. Instead, 255 items (71 per cent of all requests) were asked to be removed for 'government criticism'. Google, despite the government in India not having the powers to ban government criticism due to the Constitution, complied in 51 per cent of all requests. That means they removed many instances of government criticism as well.</p>
<h2>'Self-Regulation': Undetectable Censorship</h2>
<p>Mr. Sibal's more recent efforts at forcing major Internet companies such as Indiatimes, Facebook, Google, Yahoo, and Microsoft, to 'self-regulate' reveals a desire to gain ever greater powers to bypass the IT Act when censoring Internet content that is 'objectionable' (to the government). Mr. Sibal also wants to avoid embarrassing statistics such as that revealed by Google's Transparency Report. He wants Internet companies to 'self-regulate' user-uploaded content, so that the government would never have to send these requests for removal in the first place, nor block sites officially using the IT Act. If the government was indeed sincere about its motives, it would not be talking about 'transparency' and 'dialogue' only after it was exposed in the press that the Department of Information Technology was holding secret talks with Internet companies. Given the clandestine manner in which it sought to bring about these new censorship measures, the motives of the government are suspect. Yet, both Mr. Sibal and Mr. Sachin Pilot have been insisting that the government has no plans of Internet censorship, and Mr. Pilot has made that statement officially in the Lok Sabha. This, thus seems to be an instance of censoring without censorship.</p>
<h2>Backdoor Censorship through Copyright Act</h2>
<p>Further, since the government cannot bring about censorship laws in a straightforward manner, they are trying to do so surreptitiously, through the back door. Mr. Sibal's latest proposed amendment to the Copyright Act, which is before the Rajya Sabha right now, has a provision called section 52(1)(c) by which anyone can send a notice complaining about infringement of his copyright. The Internet company will have to remove the content immediately without question, even if the notice is false or malicious. The sender of false or malicious notices is not penalized. But the Internet company will be penalized if it doesn't remove the content that has been complained about. The complaint need not even be shown to be true before the content is removed. Indeed, anyone can complain about any content, without even having to show that they own the rights to that content. The government seems to be keen to have the power to remove content from the Internet without following any 'due process' or fair procedure. Indeed, it not only wants to give itself this power, but it is keen on giving all individuals this power. <br /><br />It's ultimate effect will be the death of the Internet as we know it. Bid adieu to it while there is still time.</p>
<p><a href="http://editors.cis-india.org/internet-governance/invisible-censorship.pdf" class="internal-link" title="Invisible Censorship (Marathi version)">The article was translated to Marathi and featured in Lokmat</a></p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/invisible-censorship'>http://editors.cis-india.org/internet-governance/invisible-censorship</a>
</p>
No publisherpraneshIT ActGoogleAccess to KnowledgeSocial mediaFreedom of Speech and ExpressionIntellectual Property RightsIntermediary LiabilityFeaturedInternet GovernanceCensorship2012-01-04T08:59:14ZBlog EntryPress Coverage of Online Censorship Row
http://editors.cis-india.org/internet-governance/blog/press-coverage-online-censorship
<b>We are maintaining a rolling blog with press references to the row created by the proposal by the Union Minister for Communications and Information Technology to pre-screen user-generated Internet content.</b>
<h2>Monday, December 5, 2011</h2>
<p><a href="http://india.blogs.nytimes.com/2011/12/05/india-asks-google-facebook-others-to-screen-user-content/?pagemode=print">India Asks Google, Facebook to Screen Content</a> | Heather Timmons (New York Times, India Ink)</p>
<h2>Tuesday, December 6, 2011</h2>
<p><a href="http://www.thehindu.com/news/national/article2690084.ece">Sibal warns social websites over objectionable content</a> | Sandeep Joshi (The Hindu)</p>
<p><a class="external-link" href="http://www.thehindu.com/news/national/article2691781.ece">Hate speech must be blocked, says Sibal</a> | Praveen Swami & Sujay Mehdudia (The Hindu)</p>
<p><a class="external-link" href="http://www.thehindu.com/news/national/article2692821.ece">Won't remove material just because it's controversial: Google</a> | (Press Trust of India)</p>
<p><a class="external-link" href="http://india.blogs.nytimes.com/2011/12/06/any-normal-human-being-would-be-offended/">Any Normal Human Being Would Be Offended </a>| Heather Timmons (New York Times, India Ink)</p>
<p><a class="external-link" href="http://www.thehindu.com/news/national/article2692047.ece">After Sibal, Omar too feels some online content inflammatory </a>| (Press Trust of India)</p>
<p><a class="external-link" href="http://www.reuters.com/article/2011/12/06/us-india-internet-idUSTRE7B50CV20111206">Online uproar as India seeks social media screening</a> | Devidutta Tripathy and Anurag Kotoky (Reuters)</p>
<p><a class="external-link" href="http://articles.economictimes.indiatimes.com/2011-12-06/news/30481824_1_kapil-sibal-objectionable-content-twitter">Kapil Sibal for content screening: Facebook, Twitter full of posts against censorship</a> | (IANS)</p>
<p><a class="external-link" href="http://www.pcworld.com/businesscenter/article/245548/india_may_overstep_its_own_laws_in_demanding_content_filtering.html">India May Overstep Its Own Laws in Demanding Content Filtering</a> | John Ribeiro (IDG)</p>
<p><a class="external-link" href="http://articles.timesofindia.indiatimes.com/2011-12-06/internet/30481147_1_shashi-tharoor-objectionable-content-bjp-mp">Kapil Sibal warns websites: Mixed response from MPs</a> | (Press Trust of India)</p>
<p><a class="external-link" href="http://www.youtube.com/watch?v=WJp8HOPzc7k">Websites must clean up content, says Sibal </a>| (NewsX)</p>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/tech/news/internet/Kapil-Sibal-warns-websites-Google-says-wont-remove-material-just-because-its-controversial/articleshow/11008985.cms">Kapil Sibal warns websites; Google says won't remove material just because it's controversial </a>| Press Trust of India</p>
<p><a class="external-link" href="http://www.livemint.com/2011/12/06155955/Views--Censorship-by-any-othe.html?h=A1">Censorship By Any Other Name...</a> | Yamini Lohia (Mint)</p>
<p><a class="external-link" href="http://articles.timesofindia.indiatimes.com/2011-12-06/internet/30481193_1_facebook-and-google-facebook-users-facebook-page">Kapil Sibal: We have to take care of sensibility of our people</a> | Associated Press</p>
<p><a class="external-link" href="http://articles.timesofindia.indiatimes.com/2011-12-06/india/30481473_1_digvijaya-singh-websites-content">Kapil Sibal gets backing of Digvijaya Singh over social media screening</a> | Press Trust of India</p>
<p><a class="external-link" href="http://www.hindustantimes.com/News-Feed/newdelhi/Sibal-gets-what-he-set-out-to-censor/Article1-778388.aspx">Sibal Gets What He Set Out To Censor </a>| (Hindustan Times, Agencies)</p>
<p><a class="external-link" href="http://newstonight.net/content/objectionable-matter-will-be-removed-censorship-not-picture-yet-kapil-sibal">Objectionable Matter Will Be Removed, Censorship Not in Picture Yet: Kapil Sibal</a> | Amar Kapadia (News Tonight)</p>
<h2>Wednesday, December 7, 2011</h2>
<p><a class="external-link" href="http://indiatoday.intoday.in/story/kapil-sibal-for-monitoring-offensive-content-on-internet/1/163107.html">Kapil Sibal Doesn't Understand the Internet</a> | Shivam Vij (India Today)</p>
<p><a class="external-link" href="http://india.blogs.nytimes.com/2011/12/07/chilling-impact-of-indias-april-internet-rules/">'Chilling' Impact of India's April Internet Rules</a> | Heather Timmons (New York Times, India Ink)</p>
<p><a class="external-link" href="http://www.business-standard.com/india/news/screening-not-censorship-says-sibal/457797/">Screening, not censorship, says Sibal</a> | (Business Standard)</p>
<p><a class="external-link" href="http://www.livemint.com/2011/12/07202955/Chandni-Chowk-to-China.html">Chandni Chowk to China</a> | Salil Tripathi (Mint)</p>
<p><a class="external-link" href="http://www.livemint.com/2011/12/07131308/Views--Kapil-Sibal-vs-the-int.html">Kapil Sibal vs the internet</a> | Sandipan Deb (Mint)</p>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/tech/news/internet/No-need-for-censorship-of-internet-Cyber-law-experts/articleshow/11014990.cms">No Need for Censorship of the Internet: Cyber Law Experts</a> | (Times News Network)</p>
<p><a class="external-link" href="http://www.thehindu.com/news/national/article2695832.ece">Protest with flowers for Sibal</a> | (The Hindu)</p>
<p><a class="external-link" href="http://www.dnaindia.com/india/report_kapil-sibal-cannot-screen-this-report_1622435">Kapil Sibal cannot screen this report</a> | Team DNA, Blessy Chettiar & Renuka Rao (Daily News and Analysis)</p>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/india/Kapil-Sibal-warns-websites-but-experts-say-prescreening-of-user-content-not-practical/articleshow/11019481.cms">Kapil Sibal warns websites, but experts say prescreening of user content not practical </a>| (Reuters)</p>
<p><a class="external-link" href="http://newstonight.net/content/sibal-s-remarks-brought-disgust">Sibal's Remarks Brought Disgust</a> | Hitesh Mehta (News Tonight)</p>
<p><a class="external-link" href="http://www.thehindu.com/news/national/article2695884.ece">BJP backs mechanism to curb objectionable content on websites</a> | (The Hindu)</p>
<p><a class="external-link" href="http://economictimes.indiatimes.com/news/politics/nation/move-to-regulate-networking-sites-should-be-discussed-in-parliament-bjp/articleshow/11023284.cms">Move to regulate networking sites should be discussed in Parliament: BJP</a> | (Press Trust of India)</p>
<p><a class="external-link" href="http://www.dailypioneer.com/pioneer-news/top-story/26016-sibal-under-attack-in-cyberspace.html">Sibal under attack in cyberspace</a> | (Press Trust of India)</p>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/tech/news/internet/Google-Govt-wanted-358-items-removed/articleshow/11021470.cms">Kapil Sibal's web censorship: Indian govt wanted 358 items removed, says Google</a> | (Press Trust of India)</p>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/india/Kapil-Sibal-gets-BJP-support-but-with-rider/articleshow/11020128.cms">Kapil Sibal gets BJP support but with rider</a> | (Indo-Asian News Service)</p>
<p><a class="external-link" href="http://www.hindustantimes.com/India-news/NewDelhi/Sibal-s-way-of-regulating-web-not-okay-says-BJP/Article1-779221.aspx">Sibal's way of regulating web not okay, says BJP</a> | (Indo-Asian News Service)</p>
<p><a class="external-link" href="http://blogs.hindustantimes.com/just-faith/?p=1034">Censorship in Blasphemy's Clothings</a> | Gautam Chikermane (Hindustan Times, Just Faith)</p>
<p><a class="external-link" href="http://www.computerworld.com/s/article/9222500/India_wants_Google_Facebook_to_screen_content">India wants Google, Facebook to screen content</a> | Sharon Gaudin (Computer World)</p>
<p><a class="external-link" href="http://www.zdnetasia.com/blogs/should-we-be-taming-social-media-62303153.htm">Should we be taming social media?</a> | Swati Prasad (ZDNet, Inside India)</p>
<p><a class="external-link" href="http://www.dnaindia.com/bangalore/report_kapil-sibal-gets-lampooned-for-views-on-web-control_1622491">Kapil Sibal gets lampooned for views on Web control</a> | (Daily News and Analysis)</p>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/life-style/people/We-dont-need-no-limitation/articleshow/11020244.cms">'We don't need no limitation'</a> | Asha Prakash (Times of India)</p>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/tech/news/internet/Five-reasons-why-India-cant-censor-the-internet/articleshow/11018172.cms">Five reasons why India can't censor the internet</a> | Prasanto K. Roy (Indo-Asian News Service)</p>
<p><a class="external-link" href="http://www.indianexpress.com/news/we-are-the-web/884753/">We Are the Web</a> | (Indian Express)</p>
<h2>Thursday, December 8, 2011</h2>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/india/Kapil-Sibal-under-attack-in-cyberspace/articleshow/11029319.cms">Kapil Sibal under attack in cyberspace</a>, (Press Trust of India)</p>
<p><a class="external-link" href="http://www.indianexpress.com/news/speak-up-for-freedom/885132/">Speak Up for Freedom </a>| Pranesh Prakash (Indian Express)</p>
<p><a class="external-link" href="http://india.blogs.nytimes.com/2011/12/08/newswallah-censorship/">Newswallah: Censorship</a> | Neha Thirani (New York Times, India Ink)</p>
<p><a class="external-link" href="http://www.ndtv.com/article/india/no-question-of-censoring-internet-says-sachin-pilot-156281">No Question of Censoring the Internet, Says Sachin Pilot </a>| (NDTV)</p>
<p><a class="external-link" href="http://www.economist.com/blogs/babbage/2011/12/web-censorship-india">Mind Your Netiquette, or We'll Mind it for You</a> | A.A.K. (The Economist)</p>
<p><a class="external-link" href="http://timesofindia.indiatimes.com/india/Take-Parliaments-view-to-regulate-social-networking-sites-BJP-tells-govt/articleshow/11025858.cms">Take Parliament's view to regulate social networking sites, BJP tells govt</a> | (Times News Network)</p>
<p><a class="external-link" href="http://www.thehindu.com/news/national/article2696027.ece">India wanted 358 items removed</a> | Priscilla Jebaraj (The Hindu)</p>
<p><a class="external-link" href="http://www.barandbench.com/brief/2/1891/indian-government-v-social-networking-sites-expert-views">Indian Government v Social Networking sites: Expert Views</a> | (Bar & Bench News Network)</p>
<p><a class="external-link" href="http://business-standard.com/india/news/can-government-muzzle-websites/457909/">Can Government Muzzle Websites?</a> | Priyanka Joshi & Piyali Mandal (Business Standard)</p>
<p><a class="external-link" href="http://economictimes.indiatimes.com/news/international-business/us-concerned-over-internet-curbs-sidesteps-india-move/articleshow/11029532.cms">US concerned over internet curbs, sidesteps India move</a> | (Indo-Asian News Service)</p>
<p><a class="external-link" href="http://www.rediff.com/business/slide-show/slide-show-1-why-internet-companies-are-upset-with-kapil-sibal/20111208.htm">Why Internet Companies Are Upset with Kapil Sibal</a> | (Rediff)</p>
<p><a class="external-link" href="http://www.siliconindia.com/shownews/Why_Censor_Facebook_When_You_Dont_Censor_Sunny_Leone-nid-99931-cid-1.html">Why Censor Facebook When You Don't Censor Sunny Leone?</a> | (Indo-Asian News Service)</p>
<p><a class="external-link" href="http://www.thehindu.com/news/national/article2697432.ece">Online content issue: Talks with India on, says U.S.</a> | (Press Trust of India)</p>
<p><a class="external-link" href="http://www.google.com/hostednews/afp/article/ALeqM5h0BfQkpJMZISTc3fjs3VgH7orciw?docId=CNG.8dc3992299cb598cecde0fffb1db8bcd.1c1">US calls for Internet freedom amid India plan</a> | Agence France-Presse</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/press-coverage-online-censorship'>http://editors.cis-india.org/internet-governance/blog/press-coverage-online-censorship</a>
</p>
No publisherpraneshIT ActLinksFreedom of Speech and ExpressionInternet GovernanceFacebookIntermediary LiabilityCensorship2011-12-08T11:31:30ZBlog EntryOnline Pre-Censorship is Harmful and Impractical
http://editors.cis-india.org/internet-governance/online-pre-censorship-harmful-impractical
<b>The Union Minister for Communications and Information Technology, Mr. Kapil Sibal wants Internet intermediaries to pre-censor content uploaded by their users. Pranesh Prakash takes issue with this and explains why this is a problem, even if the government's heart is in the right place. Further, he points out that now is the time to take action on the draconian IT Rules which are before the Parliament.</b>
<p>Mr. Sibal is a knowledgeable lawyer, and according to a senior lawyer friend of his with whom I spoke yesterday, greatly committed to ideals of freedom of speech. He would not lightly propose regulations that contravene Article 19(1)(a) [freedom of speech and expression] of our Constitution. Yet his recent proposals regarding controlling online speech seem unreasonable. My conclusion is that the minister has not properly grasped the way the Web works, is frustrated because of the arrogance of companies like Facebook, Google, Yahoo and Microsoft. And while he has his heart in the right place, his lack of knowledge of the Internet is leading him astray. The more important concern is the<a class="external-link" href="http://www.mit.gov.in/sites/upload_files/dit/files/RNUS_CyberLaw_15411.pdf"> IT Rules</a> that have been in force since April 2011.</p>
<h3>Background <br /></h3>
<p>The New York Times scooped a story on Monday revealing that Mr. Sibal and the <a class="external-link" href="http://www.mit.gov.in/">MCIT</a> had been <a class="external-link" href="http://india.blogs.nytimes.com/2011/12/05/india-asks-google-facebook-others-to-screen-user-content/?scp=2&sq=kapil%20sibal&st=cse">in touch with Facebook, Google, Yahoo, and Microsoft</a>, asking them to set up a system whereby they would manually filter user-generated content before it is published, to ensure that objectionable speech does not get published. Specifically, he mentioned content that hurt people's religious sentiments and content that Member of Parliament Shashi Tharoor described as <a class="external-link" href="http://zeenews.india.com/news/nation/i-am-against-web-censorship-shashi-tharoor_745587.html">'vile' and capable of inciting riots as being problems</a>. Lastly, Mr. Sibal defended this as not being "censorship" by the government, but "supervision" of user-generated content by the companies themselves.</p>
<h3>Concerns <br /></h3>
<p>One need not give lectures on the benefits of free speech, and Mr. Sibal is clear that he does not wish to impinge upon it. So one need not point out that freedom of speech means nothing if not the freedom to offend (as long as no harm is caused). There can, of course, be reasonable limitations on freedom of speech as provided in Article 19 of the <a class="external-link" href="http://www2.ohchr.org/english/law/ccpr.htm">ICCPR</a> and in Article 19(2) of our Constitution. My problem lies elsewhere.</p>
<h3>Secrecy <br /></h3>
<p>It is unfortunate that the New York Times has to be given credit for Mr. Sibal addressing a press conference on this issue (and he admitted as much). What he is proposing is not enforcement of existing rules and regulations, but of a new restriction on online speech. This should have, in a democracy, been put out for wide-ranging public consultations first.</p>
<h3>Making intermediaries responsible <br /></h3>
<p>The more fundamental disagreement is that over how the question of what should not be published should be decided, and how that decision should be and how that should be carried out, and who can be held liable for unlawful speech. I believe that "to make the intermediary liable for the user violating that code would, I think, not serve the larger interests of the market." Mr. Sibal said that in May this year <a class="external-link" href="http://online.wsj.com/article/SB10001424052702304563104576355223687825048.html">in an interview with the Wall Street Journal</a>. The intermediaries (that is, all persons and companies who transmit or host content on behalf of a third party), are but messengers just like a post office and do not exercise editorial control, unlike a newspaper. (By all means prosecute Facebook, Google, Yahoo, and Microsoft whenever they have created unlawful content, have exercised editorial control over unlawful content, have incited and encouraged unlawful activities, or know after a court order or the like that they are hosting illegal content and still do not remove it.)
Newspapers have editors who can take responsibility for content published in the newspaper. They can afford to, because the number of articles in a newspaper is limited. YouTube, which has 48 hours of videos uploaded every minutes, cannot. One wag suggested that Mr. Sibal was not suggesting a means of censorship, but of employment generation and social welfare for censors and editors. To try and extend editorial duties to these 'intermediaries' by executive order or through 'forceful suggestions' to these companies cannot happen without amending s.79 of the Information Technology Act which ensures they are not to be held liable for their user's content: the users are.
Internet speech has, to my knowledge, and to date, has never caused a riot in India. It is when it is translated into inflammatory speeches on the ground with megaphones that offensive speech, whether in books or on the Internet, actually become harmful, and those should be targeted instead. And the same laws that apply to offline speech already apply online. If such speech is inciting violence then the police can be contacted and a magistrate can take action. Indeed, Internet companies like Facebook, Google, etc., exercise self-regulation already (excessively and wrongly, I feel sometimes). Any person can flag any content on YouTube or Facebook as violating the site's terms of use. Indeed, even images of breast-feeding mothers have been removed from Facebook on the basis of such complaints. So it is mistaken to think that there is no self-regulation. In two recent cases, the High Courts of Bombay (<a href="http://editors.cis-india.org/internet-governance/janhit-manch-v-union-of-india" class="internal-link" title="Janhit Manch & Ors. v. The Union of India"><em>Janhit Manch v. Union of India</em></a>) and Madras (<em>R. Karthikeyan v. Union of India</em>) refused to direct the government and intermediaries to police online content, saying that places an excessive burden on freedom of speech.</p>
<h3>IT Rules, 2011 <br /></h3>
<p>In this regard, the IT Rules published in April 2011 are great offenders. While speech that is 'disparaging' (while not being defamatory) is not prohibited by any statute, yet intermediaries are required not to carry 'disparaging' speech, or speech to which the user has no right (how is this to be judged? do you have rights to the last joke that you forwarded?), or speech that promotes gambling (as the government of Sikkim does through the PlayWin lottery), and a myriad other kinds of speech that are not prohibited in print or on TV. Who is to judge whether something is 'disparaging'? The intermediary itself, on pain of being liable for prosecution if it is found have made the wrong decision. And any person may send a notice to an intermediary to 'disable' content, which has to be done within 36 hours if the intermediary doesn't want to be held liable. Worst of all, there is no requirement to inform the user whose content it is, nor to inform the public that the content is being removed. It just disappears, into a memory hole. It does not require a paranoid conspiracy theorist to see this as a grave threat to freedom of speech.
Many human rights activists and lawyers have made a very strong case that the IT Rules on Intermediary Due Diligence are unconstitutional. Parliament still has an opportunity to reject these rules until the end of the 2012 budget session. Parliamentarians must act now to uphold their oaths to the Constitution.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/online-pre-censorship-harmful-impractical'>http://editors.cis-india.org/internet-governance/online-pre-censorship-harmful-impractical</a>
</p>
No publisherpraneshIT ActObscenityFreedom of Speech and ExpressionPublic AccountabilityYouTubeSocial mediaInternet GovernanceFeaturedIntermediary LiabilityCensorshipSocial Networking2011-12-12T17:00:50ZBlog EntryDon't Shoot the Messenger: Speech on Intermediary Liability at 22nd SCCR of WIPO
http://editors.cis-india.org/a2k/blogs/intermediary-liability-wipo-speech
<b>This is a speech made by Pranesh Prakash at an side-event co-organized by the World Intellectual Property Organization and the Internet Society on intermediary liability, to coincide with the release of Prof. Lillian Edwards's WIPO-commissioned report on 'Role and Responsibility of the Internet Intermediaries in the Field of Copyright'.</b>
<p>Good afternoon. I've been asked to provide a user's perspective to the question of intermediary liability. "In what cases should an Internet intermediary—a messenger—be held liable for the doings of a third party?" is the broad question. I believe that in answering that question we can be guided by two simple principles: As long as intermediaries don't exercise direct editorial control, they should not be held liable; and as long as they don't instigate or encourage the illegal activity, they should not be held liable. In all other cases, attacking Internet intermediaries generally a sign of 'shooting the messenger'.
General intermediary liability and intermediary liability for copyright infringement share a common philosophical foundation, and so I will talk about general intermediary liability first.</p>
<p>While going about holding intermediaries liable, we must remember that what is at stake here is the fact that intermediaries are a necessary component of ensuring freedom of speech and self-expression on the World Wide Web. In this regard, we must keep in mind the joint declaration issued by <a href="http://www.cidh.oas.org/relatoria/showarticle.asp?artID=848&lID=1">four freedom of expression rapporteurs under the aegis of the Organization of American States on June 1, 2011</a>:</p>
<blockquote>
<p>Intermediary Liability</p>
<p>a. No one who simply provides technical Internet services such as providing access, or searching for, or transmission or caching of information, should be liable for content generated by others, which is disseminated using those services, as long as they do not specifically intervene in that content or refuse to obey a court order to remove that content, where they have the capacity to do so (‘mere conduit principle’).</p>
<p>b. Consideration should be given to insulating fully other intermediaries, including those mentioned in the preamble, from liability for content generated by others under the same conditions as in paragraph 2(a). At a minimum, intermediaries should not be required to monitor user-generated content and should not be subject to extra-judicial content takedown rules which fail to provide sufficient protection for freedom of expression (which is the case with many of the ‘notice and takedown’ rules currently being applied).</p>
</blockquote>
<p>It is useful to keep in mind what the kind of liability we affix on offline intermediaries: Would we hold a library responsible for unlawful material that a user has placed on its shelves without its encouragement?</p>
<p>Ensuring a balanced system of intermediary liability is also very important in preserving the forms of innovations we have seen online. Ensuring that intermediaries aren't always held liable for what third parties do is an essential component of encouraging new models of participation, such as Wikipedia. While Wikipedia has community-set standards with regard to copyright, obscenity, and other such issues, holding the Wikimedia Foundation (which has only around 30-40 people) itself responsible for what millions of users write on Wikipedia will hamper such new models of peer-production. This point, unfortunately, has not prevented the Wikimedia Foundation being sued a great number of times in India, a large percentage of which take the form of SLAPP ('strategic lawsuit against public participation') cases, since if the real intention had been to remove the offending content, editing Wikipedia is an easy enough way of achieving that.</p>
<p>While searching for these balanced solutions, we need to look beyond Europe, and look at how countries like Chile, Brazil, India and others are looking at these issues. Unfortunately, this being Geneva, most of the people I see represented in this room are from the developed world as are the examples we are discussing (France and Spain).</p>
<p>In India, for instance, the Internet Service Providers Association made it clear in 2006 (when there was an outcry over censorship of blogging platforms) that they do not want to be responsible for deciding whether something about which they have received a complaint is unlawful or not.</p>
<p>With respect to copyright and the Internet, while the Internet allows for copyright infringement to be conducted more easily, it also allows for copyright infringement to be spotted more easily. Earlier, if someone copied, it would be difficult to find out. Now that is not so. So, that balance is already ingrained, and while many in the industry focus on the fact of easier infringement and thus ask for increased legal protection, such increase in legal protection is not required since the same technological factors that enable increased infringement also enable increased ability to know about that infringement.</p>
<p>On the Internet, intermediaries sometimes engage in primary infringement due to the very nature of digital technology. In the digital sphere, everything is a copy. Thus, whenever you're working on a computer, copies of the copyrighted that show up on your screen are automatically copied to your computer's RAM. Whenever you download anything from the Internet, copies of it are created en route to your computer. (That is the main reason that exceptions in the copyright laws of most countries that allow you to re-sell a book you own don't apply to electronic books.) In such a case, intermediaries must be specially protected. </p>
<p>Additionally, online activities that we take for granted, for instance search technologies, violate the copyright law of most countries. For online search technology to be reasonably fast (instead of taking hours for each search), the searching has to be done on a copies (cache) of actual websites instead of the actual websites. For image searching, it would be unreasonable to expect search companies to take licences for all the images they allow you to search through. Yet, not doing so might violate the copyright laws of many countries. No one, or so one would think, would argue that search engines should be made illegal, but in some countries copyright law is being used to attack intermediaries.</p>
<p>As noted above, intermediaries are a necessary part of online free speech. Current methods of regulating copyright infringement by users via intermediaries online may well fall afoul of internationally accepted standards of human rights. Frank La Rue, the UN Special Rapporteur on Freedom of Opinion and Expression in <a href="http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf">his recent report to the UN Human Rights Council</a> stated:</p>
<blockquote>
<p>While blocking and filtering measures deny access to certain content on the Internet, States have also taken measures to cut off access to the Internet entirely. </p>
<p>The Special Rapporteur is deeply concerned by discussions regarding a centralized “on/off” control over Internet traffic. In addition, he is alarmed by proposals to disconnect users from Internet access if they violate intellectual property rights. This also includes legislation based on the concept of “graduated response”, which imposes a series of penalties on copyright infringers that could lead to suspension of Internet service, such as the so-called “three-strikes law” in France and the Digital Economy Act 2010 of the United Kingdom.</p>
<p>Beyond the national level, the Anti-Counterfeiting Trade Agreement (ACTA) has been proposed as a multilateral agreement to establish international standards on intellectual property rights enforcement. While the provisions to disconnect individuals from Internet access for violating the treaty have been removed from the final text of December 2010, the Special Rapporteur remains watchful about the treaty’s eventual implications for intermediary liability and the right to freedom of expression.</p>
</blockquote>
<p>With respect to graduated response, there is very little that one can add to Prof. Edwards's presentation. I would like to add one further suggestion that Prof. Ed Felten originally put forward as a 'modest proposal': Corporations which make or facilitate three wrongful accusations should face the same penalty as the users who are accused thrice.
The recent US strategy of seizing websites even before trial has been sufficiently criticised, so I shall not spend my time on it.</p>
<p>I still have not seen any good evidence as to why for other kinds of primary or secondary liability incurred by online intermediaries the procedure for offline copyright infringement should not apply, since they are usually crafted taking into account principles of natural justice.</p>
<p>The only 'international' and slightly troublesome issue that a resolution is needed to is that of problems relating to different jurisdiction’s laws applying on a single global network. However, this question is much larger one that of copyright and a copyright-specific solution cannot be found. Thus WIPO is not the right forum for the redress of that problem.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/a2k/blogs/intermediary-liability-wipo-speech'>http://editors.cis-india.org/a2k/blogs/intermediary-liability-wipo-speech</a>
</p>
No publisherpraneshIntermediary LiabilityIntellectual Property RightsCopyrightAccess to Knowledge2012-06-01T15:01:08ZBlog EntryKilling the Internet Softly with Its Rules
http://editors.cis-india.org/internet-governance/blog/killing-the-internet-oped
<b>While regulation of the Internet is a necessity, the Department of IT, through recent Rules under the IT Act, is guilty of over-regulation. This over-regulation is not only a bad idea, but is unconstitutional, and gravely endangers freedom of speech and privacy online.</b>
<div class="visualClear"><br /><span class="Apple-style-span">A slightly modified version of this blog entry was published as </span><a class="external-link" href="http://www.indianexpress.com/story-print/787789/">an op-ed in the Indian Express on May 9, 2011</a><span class="Apple-style-span">.</span></div>
<h2>Over-regulation of the Internet<br /></h2>
<div class="visualClear"> </div>
<p>Regulation of the Internet, as with
regulation of any medium of speech and commerce, is a balancing act.
Too little regulation and you ensure that criminal activities are
carried on with impunity; too much regulation and you curb the
utility of the medium. This is especially so with the Internet, as
it has managed to be the impressively vibrant space it is due to a
careful choice in most countries of eschewing over-regulation.
India, however, seems to be taking a different turn with a three sets
of new rules under the Information Technology Act.</p>
<p>These rules deal with the liability of
intermediaries (i.e., a large, inclusive, group of entities and
individuals, that transmit and allow access to third-party content),
the safeguards that cybercafes need to follow if they are not to be
held liable for their users' activities, and the practices that
intermediaries need to follow to ensure security and privacy of
customer data.</p>
<h3>Effect of not following the rules</h3>
<p>By not observing any of the provisions
of these Rules, the intermediary opens itself up for liability for
actions of its users. Thus, if a third-party defames someone, then
the intermediary can be held liable if he/she/it does not follow the
stringent requirements of the Rules.</p>
<p>The problem, however is that, many of
the provisions of the Rules have no rational nexus with the due
diligence to be observed by the intermediary to absolve itself from
liability.</p>
<h3>What does the Act require?</h3>
<p>Section 79 of the IT Act states that
intermediaries are generally not liable for third party information,
data, or communication link made available or hosted. It qualifies
that by stating that they are not liable if they follow certain
precautions (basically, to show that they are <em>real</em>
intermediaries). They observe 'due diligence' and don't exercise an
editorial role; they don't help or induce commission of the unlawful
act; and upon receiving 'actual knowledge', or on being duly notified
by the appropriate authority, the intermediary takes steps towards
some kind of action.</p>
<p>So, rules were needed to clarify what
'due diligence' involves (i.e., to state that no active monitoring is
required of ISPs), what 'actual knowledge' means, and to clarify what
happens in happens in case of conflicts between this provision and
other parts of IT Act and other Acts.</p>
<h3>Impact on freedom of speech and privacy</h3>
<p>However, that is not what the rules do.
The rules instead propose standard terms of service to be notified
by all intermediaries. This means everyone from Airtel to Hotmail to
Facebook to Rediff Blogs to Youtube to organizations and people that
allow others to post comments on their website. What kinds of terms
of service? It will require intermediaries to bar users from
engaging in speech that is disparaging', It doesn't cover only
intermediaries that are public-facing. So this means that your
forwarding a joke via e-mail, which "belongs to another person
and to which the user does not have any right" will be deemed to
be in violation of the new rules. While gambling (such as betting on
horses) isn’t banned in India and casino gambling is legal in Goa,
for example, under these Rules, all speech ‘promoting gambling’
is prohibited.</p>
<p>The rules are very onerous on
intermediaries, since they require them to act within 36 hours to
disable access to any information that they receive a complaint
about. Any 'affected person' can complain. Intermediaries will now
play the role that judges have traditionally played. Any affected
person can bring forth a complaint about issues as diverse as
defamation, blasphemy, trademark infringement, threatening of
integrity of India, 'disparaging speech', or the blanket 'in
violation of any law'. It is not made mandatory to give the actual
violator an opportunity to be heard, thus violating the cardinal
principle of natural justice of 'hearing the other party' before
denying them a fundamental right. Many parts of the Internet are in
fact public spaces and constitute an online public sphere. A law
requiring private parties to curb speech in such a public sphere is
unconstitutional insofar as it doesn't fall within Art.19(2) of the
Constitution.</p>
<p>Since intermediaries would lose
protection from the law if they don't take down content, they have no
incentives to uphold freedom of speech of their users. They instead
have been provided incentives to take down all content about which
they receive complaints without bothering to apply their minds and
coming to an actual conclusion that the content violates the rules.</p>
<h3>Cybercafe rules</h3>
<p>The cybercafe rules require all
cybercafe customers be identified with supporting documents, their
photographs taken, all their website visit history logged, and these
logs maintained for a year. Compare this to the usage of public
pay-phones. Anyone can use a pay-phone without their details being
logged. Indeed, such logging allows for cybercafe owners to
blackmail their users if they find some embarrassing websites in the
history logs—which could be anything from medical diseases to
sexual orientation to the fact that you're a whistleblower.</p>
<p>The cybercafe rules also require that
all of them install "commercially available safety or filtering
software" to prevent access to pornography. In two cases along
these lines in the Madras High Court (<em>Karthikeyan R.</em> v. <em>Union
of India</em>) and the Bombay High Court (<em>Janhit Manch </em>v.
<em>Union of India</em>), the High Courts refused to direct the
government to take proactive steps to curb access to Internet
pornography stating that such matters require case-by-case analysis
to be constitutionally valid under Art.19(1)(a) [Right to freedom of
speech and expression].</p>
<p>Such software tends to be very
ineffective—non-pornographic websites also get wrongly filtered,
and not all pornographic websites get filtered—and the High Courts
were right in being wary of any blanket ban. They preferred for
individual cases to be registered. If the worry is that our children
are getting corrupted, it is up to parents to provide supervision,
and not for the government to insist that software do the parenting
instead.</p>
<p>Given that all of these were pointed
out by both civil society organizations, news media, and industry
bodies, when the draft rules were released, it smacks of governmental
high-handedness that almost none of the changes suggested by the
public have been incorporated in the final rules.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/killing-the-internet-oped'>http://editors.cis-india.org/internet-governance/blog/killing-the-internet-oped</a>
</p>
No publisherpraneshIT ActInternet GovernanceIntermediary Liability2011-08-20T12:51:42ZBlog EntryRebuttal of DIT's Misleading Statements on New Internet Rules
http://editors.cis-india.org/internet-governance/blog/rebuttal-dit-press-release-intermediaries
<b>The press statement issued on May 11 by the Department of Information Technology (DIT) on the furore over the newly-issued rules on 'intermediary due diligence' is misleading and is, in places, plainly false. We are presenting a point-by-point rebuttal of the DIT's claims.</b>
<p>In its <a class="external-link" href="http://pib.nic.in/newsite/erelease.aspx?relid=72066">press release on Wednesday, May 11, 2011</a>, the DIT stated:
<blockquote>The
attention of Government has been drawn to news items in a section of
media on certain aspects of the Rules notified under Section 79
pertaining to liability of intermediaries under the Information
Technology Act, 2000. These items have raised two broad issues. One is
that words used in Rules for objectionable content are broad and could
be interpreted subjectively. Secondly, there is an apprehension that the
Rules enable the Government to regulate content in a highly subjective
and possibly arbitrary manner. <br /></blockquote>
<p>There are actually more issues than merely "subjective interpretation" and "arbitrary governmental regulation".</p>
<ul><li style="list-style-type: disc;">The
Indian Constitution limits how much the government can regulate
citizens’ fundamental right to freedom of speech and expression. Any
measure afoul of the constitution is invalid. </li><li style="list-style-type: disc;">Several
portions of the rules are beyond the limited powers that Parliament had
granted the Department of IT to create interpretive rules under the
Information Technology Act. Parliament directed the Government to merely
define what “due diligence” requirements an intermediary would have to
follow in order to claim the qualified protection against liability that
Section 79 of the Information Technology Act provides; these current
rules have gone dangerously far beyond that, by framing rules that
insist that intermediaries, without investigation, has to remove content within 36-hours of receipt of a
complaint, keep records of a users' details and provide them to
law enforcement officials.</li></ul>
<p>The Department of Information Technology (DIT), Ministry of
Communications & IT has clarified that the Intermediaries Guidelines
Rules, 2011 prescribe that due diligence need to be observed by the
Intermediaries to enjoy exemption from liability for hosting any third
party information under Section 79 of the Information Technology Act,
2000. These due diligence practices are the best practices followed
internationally by well-known mega corporations operating on the
Internet. The terms specified in the Rules are in accordance with the
terms used by most of the Intermediaries as part of their existing
practices, policies and terms of service which they have published on
their website.</p>
<ol><li>We are not aware of any country that actually goes to the extent of
deciding what Internet-wide ‘best practices’ are and actually converting
those ‘best practices’ into law by prescribing a universal terms of
service that all Internet services, websites, and products should enforce.</li><li>The Rules require all intermediaries to include the
government-prescribed terms in an agreement, no matter what services
they provide. It is one thing for a company to choose the terms of its
terms of service agreement, and completely another for the government to
dictate those terms of service. As long as the terms of service of an
intermediary are not unlawful or bring up issues of users’ rights (such
as the right to privacy), there is no reason for the government to jump
in and dictate what the terms of service should or should not be.</li><li>The DIT has not offered any proof to back up its assertion that 'most'
intermediaries already have such terms. Google, a ‘mega corporation’
which is an intermediary, <a class="external-link" href="http://www.google.com/accounts/TOS?hl=en">does not have such an overarching policy</a>. Indiatimes, another ‘mega
corporation’ intermediary, <a class="external-link" href="http://www.indiatimes.com/policyterms/1555176.cms">does not either</a>. Just because <a class="external-link" href="http://www.rediff.com/termsofuse.html">a
company like Rediff</a> and <a class="external-link" href="http://us.blizzard.com/en-us/company/legal/wow_tou.html">
Blizzard's World of Warcraft</a> have some of those terms does not mean a) that they should have all of those terms, nor that b) everyone else should as well.<br /><br />In
attempting to take different terms of service from different Internet
services and products—the very fact of which indicate the differing
needs felt across varying online communities—the Department has put in
place a one-size-fits-all approach. How can this be possible on the Internet, when we wouldn't regulate the post-office and a book publisher under the same rules of liability for, say, defamatory speech.</li><li>There is also a significant difference between the effect of those
terms of service and that of these Rules. An intermediary-framed terms of service
suggest that the intermediary <em>may</em> investigate and boot someone off a service for violation, while the Rules insist that
the intermediary simply has to mandatorily remove content, keep records of users' details and provide them to law enforcement officials,
else be subject to crippling legal liability.</li></ol>
<p>So
to equate the effect of these Rules to merely following ‘existing
practices’ is plainly wrong. An intermediary—like the CIS website—should have the freedom to choose not to have terms of service
agreements. We now don’t.“In case any issue arises concerning the interpretation of the terms
used by the Intermediary, which is not agreed to by the user or affected
person, the same can only be adjudicated by a Court of Law. The
Government or any of its agencies have no power to intervene or even
interpret. DIT has reiterated that there is no intention of the
Government to acquire regulatory jurisdiction over content under these
Rules. It has categorically said that these rules do not provide for any
regulation or control of content by the Government.”</p>
<p>The
Rules are based on the presumption that all complaints (and resultant
mandatory taking down of the content) are correct, and that the
incorrectness of the take-downs can be disputed in court. Why not just
invert that, and presume that all complaints need to be proven first, and the correctness of the complaints (instead of the take-downs) be disputed in court? </p>
<p>Indeed,
the courts have insisted that presumption of validity is the only
constitutional way of dealing with speech. (See, for instance, <em>Karthikeyan R. v. Union
of India</em>, a 2010 Madras High Court judgment.)</p>
<p>Further,
only constitutional courts (namely High Courts and the Supreme Court)
can go into the question of the validity of a law. Other courts have to
apply the law, even if it the judge believes it is constitutionally
invalid. So, most courts will be forced to apply this law of highly
questionable constitutionality until a High Court or the Supreme Court
strikes it down.</p>
<p>What
the Department has in fact done is to explicitly open up the floodgates
for increased liability claims and litigation - which runs exactly
counter to the purpose behind the amendment of Section 79 by Parliament
in 2008.</p>
<blockquote>“The
Government adopted a very transparent process for formulation of the
Rules under the Information Technology Act. The draft Rules were
published on the Department of Information Technology website for
comments and were widely covered by the media. None of the Industry
Associations and other stakeholders objected to the formulation which is
now being cited in some section of media.”<br /></blockquote>
<p>This is a blatant lie.</p>
<p>Civil
society voices, including <a href="http://editors.cis-india.org/internet-governance/blog/2011/02/25/intermediary-due-diligence" class="external-link">CIS</a>, <a class="external-link" href="http://www.softwarefreedom.in/index.php?option=com_idoblog&task=viewpost&id=86&Itemid=70">Software Freedom Law Centre</a>, and
individual experts (such as the lawyer and published author <a class="external-link" href="http://www.iltb.net/2011/02/draft-rules-on-intermediary-liability-released-by-the-ministry-of-it/">Apar Gupta</a>)
sent in comments. Companies <a class="external-link" href="http://online.wsj.com/article/SB10001424052748704681904576314652996232860.html?mod=WSJINDIA_hps_LEFTTopWhatNews">such as Google</a>, <a class="external-link" href="http://e2enetworks.com/2011/05/13/e2e-networks-response-to-draft-rules-for-intermediary-guidelines/">E2E Networks</a>, and others had apparently
raised concerns as well. The press has published many a cautionary note, including editorials, op-ed and articles in <a class="external-link" href="http://www.thehindu.com/opinion/lead/article1487299.ece">the</a> <a class="external-link" href="http://www.thehindu.com/opinion/editorial/article1515144.ece">Hindu</a>, <a class="external-link" href="http://www.thehoot.org/web/home/story.php?sectionId=6&mod=1&pg=1&valid=true&storyid=5163">the Hoot</a>, Medianama.com, and Kafila.com, well before the new rules were notified. We at CIS even received a 'read notification'
from the email account of the Group Coordinator of the DIT’s Cyber Laws
Division—Dr. Gulshan Rai—on Thursday, March 3, 2011 at 12:04 PM (we had
sent the mail to Dr. Rai on Monday, February 28, 2011). We never
received any acknowledgement, though, not even after we made an express
request for acknowledgement (and an offer to meet them in person to
explain our concerns) on Tuesday, April 5, 2011 in an e-mail sent to Mr.
Prafulla Kumar and Dr. Gulshan Rai of DIT.</p>
<p>The
process can hardly be called 'transparent' when the replies received
from 'industry associations and other stakeholders' have not been made
public by the DIT. Those comments which are public all indicate that
serious concerns were raised as to the constitutionality of the Rules.</p>
<p>The Government has been forward looking to create a conducive
environment for the Internet medium to catapult itself onto a different
plane with the evolution of the Internet. The Government remains fully
committed to freedom of speech and expression and the citizen’s rights
in this regard.</p>
<p><span id="internal-source-marker_0.8528041979429147">The DIT has limited this statement to the rules on intermediary due
diligence, and has not spoken about the controversial new rules that
stifle cybercafes, and restrict users' privacy and freedom to receive
information.<br /></span></p>
<p><span id="internal-source-marker_0.8528041979429147"></span>If
the government is serious about creating a conducive environment for
innovation, privacy and free expression on the Internet, then it wouldn’t be
passing Rules that curb down on them, and it definitely will not be
doing so in such a non-transparent fashion.</p></p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/rebuttal-dit-press-release-intermediaries'>http://editors.cis-india.org/internet-governance/blog/rebuttal-dit-press-release-intermediaries</a>
</p>
No publisherpraneshFreedom of Speech and ExpressionIT ActFeaturedIntermediary Liability2012-07-11T13:18:04ZBlog EntryCIS Para-wise Comments on Intermediary Due Diligence Rules, 2011
http://editors.cis-india.org/internet-governance/blog/intermediary-due-diligence
<b>On February 7th 2011, the Department of Information Technology, MCIT published draft rules on its website (The Information Technology (Due diligence observed by intermediaries guidelines) Rules, 2011) in exercise of the powers conferred by Section 87(2)(zg), read with Section 79(2) of the Information Technology Act, 2000. Comments were invited from the public before February 25th 2011. Accordingly, Privacy India and Centre for Internet and Society, Bangalore have prepared the following para-wise comments for the Ministry’s consideration.</b>
<h2>A. General Objections</h2>
<p>A number of the provisions under these Rules have no nexus with their parent provision, namely s.79(2). Section 79(1) provides for exemption from liability for intermediaries. Section 79(2) thereupon states:</p>
<blockquote></blockquote>
<blockquote>
<p>79. Intermediaries not to be liable in certain cases—</p>
<blockquote>
<p>(2) The provisions of sub-section (1) shall apply if—</p>
<blockquote>
<blockquote></blockquote>
</blockquote>
<blockquote>
<p>(a) the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored or hasted; or</p>
<p>(b) the intermediary does not—</p>
<blockquote>
<p>(i) initiate the transmission,</p>
<p>(ii) select the receiver of the transmission, and</p>
<p>(iii) select or modify the information contained in the transmission;</p>
</blockquote>
<blockquote>
<blockquote></blockquote>
</blockquote>
<p>(c) the intermediary observes due diligence while discharging his duties under this Act and also observes such other guidelines as the Central Government may prescribe in this behalf.</p>
</blockquote>
</blockquote>
</blockquote>
<blockquote></blockquote>
<p> </p>
<p>Therefore, by not observing any of the provisions of the Rules, the intermediary opens itself up for liability for actions of its users. However, many of the provisions of the Rules have no rational nexus with due diligence to be observed by the intermediary to absolve itself from liability.</p>
<h2>B. Specific Objections</h2>
<h3>Rule 2(b), (c), and (k)</h3>
<blockquote></blockquote>
<blockquote></blockquote>
<blockquote>
<p>(b) “Blog” means a type of website, usually maintained by an individual with regular entries of commentary, descriptions of events, or other material such as graphics or video. Usually blog is a shared on-line journal where users can post diary entries about their personal experiences and hobbies;</p>
</blockquote>
<blockquote></blockquote>
<blockquote>
<p>(c) “Blogger” means a person who keeps and updates a blog;</p>
</blockquote>
<blockquote>
<p>(k) “User” means any person including blogger who uses any computer resource for the purpose of sharing information, views or otherwise and includes other persons jointly participating in using the computer resource of intermediary</p>
</blockquote>
<blockquote></blockquote>
<h3><strong>Comments</strong></h3>
<p> It is unclear why it is necessary to specifically target bloggers as users, leaving out other users such as blog commenters, social network users, microbloggers, podcasters, etc. It makes the rules technologically non-neutral.</p>
<h3><strong>Recommendation</strong></h3>
<p>We recommend that these 3 sub-rules be deleted.</p>
<h3> Rule 3(2)</h3>
<blockquote></blockquote>
<blockquote>
<p>3. <strong>Due Diligence observed by intermediary</strong>.— The intermediary shall observe following due diligence while discharging its duties.</p>
<blockquote>
<p>(2) The intermediary shall notify users of computer resource not to use, display, upload, modify, publish, transmit, update, share or store any information that : —</p>
<blockquote>
<p>(a) belongs to another person;</p>
<p>(b) is harmful, threatening, abusive, harassing, blasphemous, objectionable, defamatory, vulgar, obscene, pornographic, paedophilic, libellous, invasive of another’s privacy, hateful, or racially, ethnically or otherwise objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever;</p>
<p>(c) harm minors in any way;</p>
<p>(d) infringes any patent, trademark, copyright or other proprietary rights;</p>
<p>(e) violates any law for the time being in force;</p>
<p>(f) discloses sensitive personal information of other person or to which the user does not have any right to;</p>
<p>(g) causes annoyance or inconvenience or deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;</p>
<p>(h) impersonate another person;</p>
<p>(i) contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer resource;</p>
<p>(j) threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign states, or or public order or causes incitement to the commission of any cognizable offence or prevents investigation of any offence or is insulting any other nation.</p>
</blockquote>
</blockquote>
</blockquote>
<blockquote>
<blockquote></blockquote>
</blockquote>
<h3><strong>Comments</strong></h3>
<p>Firstly, such ‘standard’ terms of use [1] might make sense for one intermediary, but not for all. For instance, an intermediary such as site with user-generated content (e.g., Wikipedia) would need different terms of use from an intermediary such as an e-mail provider (e.g., Hotmail), because the kind of liability they accrue are different. This is similar to how the liability that a newspaper publisher accrues is different from that accrued by the post office. However, forcing standard terms of use negates this difference. Thus, these are impractical.</p>
<p>Secondly, read with the legal obligation of the intermediary to remove such information (contained in rule 3(3)), they vest an extraordinary power of censorship in the hands of the intermediary, which could easily lead to the stifling of the constitutionally guaranteed freedom of speech online. Analogous restrictions do not exist in other fields, e.g., against the press in India or against courier companies, and there is no justification to impose them on content posted online. Taken together, these provisions make it impossible to publish critical views about anything without the risk of being summarily censored.</p>
<p>Thirdly, while it is possible to apply Indian law to intermediaries, it is impracticable to require all intermediaries (whether in India or not) to have in their terms of use India-specific clauses such as rule 3(2)(j). Instead, it is better to merely require them to ask their users to follow all relevant laws.</p>
<p>Individual instances of how these rules are overly broad are contained in an appendix to this submission.</p>
<h3><strong>Recommendation</strong></h3>
<p>We strongly recommend the deletion of this sub-rule, except clause (e).</p>
<h3>Rule 3(3)</h3>
<blockquote>
<p>(3) The intermediary shall not itself host or publish or edit or store any information or shall not initiate the transmission, select the receiver of transmission, and select or modify the information contained in the transmission as specified in sub-rule (2).</p>
</blockquote>
<h3><strong>Comments</strong></h3>
<p>This sub-rule is ultra vires s.79 of the IT Act, which does not require intermediaries not to “host or publish or edit or store any information”. If fact, s.79(2) merely states that by violating the provisions of s.79(2), the intermediary loses the protection of s.79(1). It does not however make it unlawful to violate s.79(2), as rule 3(3) does. This makes rule 3(3) ultra vires the Act.</p>
<h3><strong>Recommendation</strong></h3>
<p>This sub-rule should be deleted.</p>
<h3><strong>Rule 3(4)</strong></h3>
<blockquote>
<p>(4) The intermediary upon obtaining actual knowledge by itself or been brought to actual knowledge by an authority mandated under the law for the time being in force in writing or through email signed with electronic signature about any such information as mentioned in sub-rule (2) above, shall act expeditiously to work with user or owner of such information to remove access to such information that is claimed to be infringing or to be the subject of infringing activity. Further the intermediary shall inform the police about such information and preserve the records for 90 days</p>
</blockquote>
<h3><strong>Comments</strong></h3>
<p>This rule is also ultra vires s.69A of the IT Act as well as the Constitution of India. Section 69A states all the grounds on which an intermediary may be required to restrict access to information [2]. It does not allow for expansion of those grounds, because it has been carefully worded to maintains its constitutional validity vis-a-vis Articles 19(1)(a) and 19(2) of the Constitution of India. The rules framed under s.69A prescribe an elaborate procedure before such censorship may be ordered. The rules under s.69A will be rendered nugatory if any person could get content removed or blocked under s.79(2).<strong><br /></strong></p>
<p>This rule requires an intermediary to immediately take steps to remove access to information merely upon receiving a written request from “any authority mandated under the law”. Thus, for example, any authority can easily immunize itself from criticism on the internet by simply sending a written notice to the intermediary concerned. This is directly contrary to, and completely subverts the legislative intent expressed in Section 69B which lays down an elaborate procedure to be followed before any information can be lawfully blocked.</p>
<p>If any person is aggrieved by information posted online, they may seek their remedies—including the relief of injunction—from courts of law, under generally applicable civil and criminal law. Inserting a rule such as this one would take away the powers of the judiciary in India to define the line dividing permissible and impermissible speech, and vest it instead in the whims of each intermediary. This can only have a chilling effect on debates in the public domain (of which the Internet is a part) which is the foundation of any democracy.</p>
<h3><strong>Recommendation</strong></h3>
<p>This rule should modified so that an intermediary is obliged to take steps towards removal of content only when (a) backed by an order from a court or (b) a direction issued following the procedure prescribed by the rules framed under Section 69A.</p>
<h3>Rule 3(5) & (7) & (8) & (10)</h3>
<blockquote></blockquote>
<blockquote>
<p>(5) The Intermediary shall inform its users that in case of non-compliance with terms of use of the services and privacy policy provided by the Intermediary, the Intermediary has the right to immediately terminate the access rights of the users to the site of Intermediary;</p>
<p>(7) The intermediary shall not disclose sensitive personal information;</p>
<p>(8) Disclosure of information by intermediary to any third party shall require prior permission or consent from the provider of such information, who has provided such information under lawful contract or otherwise;</p>
<p>(10) The information collected by the intermediary shall be used for the purpose for which it has been collected.</p>
</blockquote>
<blockquote></blockquote>
<h3><strong>Comments</strong></h3>
<p>These sub-rules have no nexus with intermediary liability or non-liability under s.79(2). For instance, it is unreasonable to say that an intermediary may be held liable for the actions of its users if it does not inform its users about its right to terminate access by the user to its services. Furthermore, not all intermediaries need be websites, as sub-rule 5 assumes. An intermediary can even be an “internet service provider” or a “cyber cafe” or a “telecom service provider”, as per rule 2(j) read with s.2(1)(w) of the IT Act.</p>
<p>The requirements under sub-rules (7), (8), and (10) are rightfully the domain of s.43A and the rules made thereunder, and not s.79(2) nor these rules.</p>
<h3><strong>Recommendation</strong></h3>
<p>These sub-rules should be deleted, and sub-rules (7), (8), and (10) may placed instead in the rules made under s.43A.</p>
<h3>Rule 3(9)</h3>
<blockquote>
<p>(9) Intermediary shall provide information to government agencies who are lawfully authorised for investigative, protective, cyber security or intelligence activity. The information shall be provided for the purpose of verification of identity, or for prevention, detection, investigation, prosecution, cyber security incidents and punishment of offences under any law for the time being in force, on a written request stating clearly the purpose of seeking such information.</p>
</blockquote>
<h3><strong>Comments</strong></h3>
<p>This provision is ultra vires ss.69 and 69B. Rules have already been issued under ss.69 and 69B which stipulate the mechanism and procedure to be followed by the government for interception, monitoring or decrypting information in the hands of intermediaries. Thus under the Interception Rules 2009 framed under Section 69, permission must first be obtained from a “competent authority” before an intermediary can be directed to provide access to its records and facilities. The current rule completely removes the safeguards contained in s.69 and its rules, and would make intermediaries answerable to virtually any request from any government agency. This is contrary to the legislative intent expressed in Section 69.</p>
<h3><strong>Recommendation</strong></h3>
<p>We recommend this sub-rule be deleted.</p>
<h3><strong>Rule 3(12)</strong></h3>
<blockquote>
<p>(12) The intermediary shall report cyber security incidents and also share cyber security incidents related information with the Indian Computer Emergency Response Team.</p>
</blockquote>
<h3><strong>Comments</strong></h3>
<p>The rules relating to how and when the Indian Computer Emergency Response Team may request for information from intermediaries is rightfully the subject matter of s.70B(5) [3] and the rules made thereunder by virtue of the rule making power granted by s.87(2)(yd). The subject matter of rule 3(12) is not liability of intermediaries for third-party actions, hence there is no nexus between the rule-making power, and the rule.</p>
<h3><strong>Recommendations</strong></h3>
<p>We recommend that this sub-rule be deleted.</p>
<h3>Rule 3(14)</h3>
<blockquote>
<p>(14) The intermediary shall publish on its website the designated agent to receive notification of claimed infringements.</p>
</blockquote>
<h3><strong>Comments</strong></h3>
<p>It is unclear what “infringements” are being referred to in this sub-rule. Neither s.79 nor these rules provide for “infringements”. The same reasoning applied for rule 3(4) would also apply here. It would be better to require the intermediary to publish on its website a method of providing judicial notice.</p>
<h3><strong>Recommendations</strong></h3>
<p>Delete, and replace with a requirement for the intermediary to publish on its website a method of providing judicial notice.<strong><br /></strong></p>
<h2>Footnotes <br /></h2>
<ol><li>
<p>For instance, the Section B(1) of the World of Warcraft Code of Conduct “When engaging in Chat, you may not: (i) Transmit or post any content or language which, in the sole and absolute discretion of Blizzard, is deemed to be offensive, including without limitation content or language that is unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, hateful, sexually explicit, or racially, ethnically or otherwise objectionable.</p>
</li><li>
<p>It is only “in the interest of sovereignty and integrity of India. defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above” that intermediaries may be issued directions to block access to information.</p>
</li><li>
<p>70B(5) sates that the The manner of performing functions and duties of the agency referred to in sub-section (1) shall be such as may be prescribed.</p>
</li></ol>
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/intermediary-due-diligence'>http://editors.cis-india.org/internet-governance/blog/intermediary-due-diligence</a>
</p>
No publisherpraneshFreedom of Speech and ExpressionIT ActIntermediary Liability2012-07-11T10:27:26ZBlog EntryNew Release of IPR Chapter of India-EU Free Trade Agreement
http://editors.cis-india.org/a2k/blogs/july-2010-ipr-india-eu-fta
<b>A draft of the IPR chapter of the EU-India FTA, made publicly available now for the first time, provides insight into India's response in July 2010 to several EU proposals on intellectual property protection and enforcement.</b>
<p>A draft of the IPR chapter of the EU-India FTA, made <a href="http://editors.cis-india.org/a2k/upload/india-eu-fta-ipr-july-2010/at_download/file" class="external-link">publicly available for the first time</a> (PDF, 296Kb), provides insight into India's response in July 2010 to several EU proposals on intellectual property protection and enforcement.
The consolidated draft which was prepared to serve as the basis of talks that took place from July 12-14, 2010, in New Delhi, reveals parties' negotiating stances in response to preliminary positions put forth earlier (see <a class="external-link" href="http://www.bilaterals.org/spip.php?article17290">IPR Chapter May draft</a>).</p>
<p>In particular, this draft reflects India's rejection of many EU proposals that would require India to:</p>
<ul><li>exceed its obligations under the WTO's Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS), e.g by providing data exclusivity for pharmaceutical products; <br /></li><li>impose radical enforcement provisions, such as liability of intermediary service providers, border measures for goods in transit, and raised norms for damages and injunctions; or <br /></li><li>require legislative change, e.g., on data protection, and to accommodate the full EU demands on geographical indicators. <br /></li></ul>
<p>
A chart compiled by CIS comparing proposed language by India and the EU in several provisions with TRIPS can be found <a href="http://editors.cis-india.org/a2k/india-eu-fta-chart.pdf" class="internal-link" title="New Release of IPR Chapter">here</a> (PDF, 402 Kb).</p>
<p>Sources close to the negotiations have also confirmed that during the July talks India reiterated its refusal to go beyond TRIPS, and its refusal to discuss issues that require changes to Indian law. India appears to have also reiterated that it could not finalise FTA copyright provisions before passage of the Copyright Amendment Bill in the Indian Parliament.</p>
<p>
It is hard to assess the current state of the negotiations on IP or to measure the outcomes of subsequently held talks without access to recent drafts, a public record of deliberations, or the schedule of full and intersessional rounds taking place. However, from press and other statements attributed to the European Commission and Indian officials after the December 2010 EU-India Summit in Brussels, it appears that:</p>
<ul><li>
both parties plan to conclude the FTA, the biggest ever for the EU, by Spring 2011; <br /></li><li>the EU has not relaxed its pursuit of at least some "TRIPS plus" provisions such as data protection for pharmaceuticals <br /></li><li>a mutually agreed solution to India's WTO case against the EU over the seizure of generic medicines may be round the corner. Its impact on the FTA is open to speculation. <br /></li></ul>
<p>Because the India-EU FTA is likely to set a new precedent for future trade agreements between developed and developing countries, and with enormous stakes for patients across the globe, India and the EU need to get it right and ensure no provision runs counter to the interests of millions of citizens.</p>
<p>For further information about the text, contact Malini Aisola <malini.aisola@gmail.com> or Pranesh Prakash <pranesh@cis-india.org></p>
<p>
For more details visit <a href='http://editors.cis-india.org/a2k/blogs/july-2010-ipr-india-eu-fta'>http://editors.cis-india.org/a2k/blogs/july-2010-ipr-india-eu-fta</a>
</p>
No publisherpraneshAccess to MedicineIntellectual Property RightsIntermediary LiabilityAccess to Knowledge2011-09-22T12:34:05ZBlog EntryProblems Remain with Standing Committee's Report on Copyright Amendments
http://editors.cis-india.org/a2k/blogs/sc-report-on-amendments
<b>The Rajya Sabha Standing Committee on Human Resource Development (under which ministry copyright falls) recently tabled their report on the Copyright (Amendment) Bill, 2010 before Parliament. There is much to be applauded in the report, including the progressive stand that the Committee has taken on the issue of providing access by persons with disabilities. This post, however, will concern itself with highlighting some of the problems with that report, along with some very important considerations that got missed out of the entire amendment debate.</b>
<h2 id="internal-source-marker_0.7517305351026772">Fair Dealings and Intermediary Liability</h2>
<p>The
amendments make a number of changes to s.52(1) of the Act, including to
the fair dealing provisions under s.52(1)(a), and introduction of two
new sub-sections (s.52(1)(b) and (c)) with s.52(1)(c) introducing a
modicum of protection for intermediaries involved in "transient and
incidental storage for the purpose of providing electronic links, access
or integration" (but only if the copyright holder has not expressed any
objections, and if the intermediary believes it to be non-infringing).
The provision allows the intermediary to ask the person complaining
against it to provide a court order within 14 days, since the
intermediary is in no position to determine the judicial question of
whether the copyright holder holds copyright and if the third party has
violated that copyright. However this provision was opposed tooth and
nail by the copyright holders' associations that dominated the
representations, while intermediaries and consumers remained woefully
under-represented before the Standing Committee.</p>
<p>Predictably,
the Standing Committee dealt a blow against intermediaries and
consumers by asking the government to review the "viability of the
duration of 14 days... by way of balancing the views of the stakeholders
as well as the legal requirement in the matter". They recommended a
relatively minor change of changing the phrase "transient and
incidental" to "transient or incidental". By doing this, they failed to
address the concerns raised by Yahoo India, Google India, and also
failed to acknowledge the submissions made by 22 civil society
organizations (available here:
http://cis-india.org/advocacy/ipr/upload/copyright-bill-submission).</p>
<p> </p>
<h2>Technological Protection Measures and Rights Management Information Provision</h2>
<p>The
amendments aim to bring about two new criminal provisions, and seek to
make circumvention of technological protection measures (digital locks)
and alteration of rights management information (which are embedded into
digital files and signals) illegal.</p>
<p>The Standing Committee heard a number of organizations on technological protection measures, which <a href="http://editors.cis-india.org/a2k/blogs/tpm-copyright-amendment">we had argued</a>
are harmful as they a) cannot distinguish between fair dealing and
infringement, and b) are harmful even if a legal right to circumvent for
fair dealings is provided because the technological means to circumvent
doesn't necessarily exist. (Imagine a law that says that breaking a
lock using lock-breaking implements isn't a crime if it is done to enter
into your own house. Such a law doesn't help you if you can't get your
hands on the lock-breaking implements in the first place.) The Indian
Broadcasting Federation, the Business Software Alliance, and the Motion
Picture Association (which represents six studios, all American), the
Indian Music Industry, and the Indian Performing Right Society Limited
all felt that this provision did not go far enough. The Motion Picture
Association, for instance, wants not just controls over that which
copyright covers</p>
<p>Yahoo
India and Google India on the other hand thought that provision went
too far. Google made it clear that they thought having criminal
repercussions for circumvention was clearly disproportionate. Thus, a
clearer split is established between old media companies; the old media
companies clutching on to straws that they feel will save them from
adapting their business practices to the digital environment, and online
companies that understand the digital environment better having a
markedly different idea.</p>
<p>Currently
section 65B (read with the definition of "Rights Management
Information" in section 2(xa)) of the proposed amendments ensures that
Rights Management Information cannot be used to spy on users. The Indian
Reprographic Rights Organization however believes that this is wrong:
it believes that copyright owners should have the ability to track users
without their consent. Yahoo India, on the other hand, believes that
this is a harmful provision, and state that "the imposition of criminal
and monetary liability could adversely affect consumers", and cites the
instance of difficulties that would be faced by "entities engaged in
creating copies of any copyright material into a format specially
designed for persons suffering from disability" because of the language
of the provision that requires knowledge instead of intention. The
committee responds to this by summing up with a tautology, stating:</p>
<blockquote>
<p>The
Committee is of the view that the parties responsible for distribution
or broadcasting or communication to the public through authorized
licence from the author or rights holder and who do not remove any
rights management information deliberately for making unauthorized
copies need not worry about this provision as long as their act is as
per the framework of this provision.</p>
</blockquote>
<h2><br /></h2>
<h2>Implications of Standing Committee's Report Unclear</h2>
<p>Many of the comments made by the Standing Committee are unclear. On compulsory licensing, the committee states:</p>
<blockquote>The
Committee also takes note of the proposed amendments in section 31 A
relating to compulsory licence in unpublished Indian works. The
provision of compulsory licence for orphaned works available under this
section is proposed to be extended to published works as well. Like in
the case of section 31, extension of applicability to all foreign works
(including film, DVDs, etc.) could be violative of Berne Convention and
TRIPS Agreement and seem to fall short of the minimum obligations
imposed by such instruments. The Committee is of the view that future
implication of proposed amendment in Section 31A vis-à-vis India's
commitment to international agreement needs to be free from any
ambiguity so as to prevent any negative fallout.<br /></blockquote>
<p>However,
the usage of the phrase "could be violative" leaves it unclear whether
the Standing Committee believes the proposed amendments to be violative
of the TRIPS Agreement or not. All that the Standing Committee says is
that the provision needs to be unambiguous, and that TRIPS compliance
must be ensured. That word of caution does not directly rebut the
government's contention that the proposed amendment is TRIPS-compliant.</p>
<p>Similarly,
the Committee's views on increase of copyright term for cinematograph
films is unclear. While commenting on the clause that introduces the
term increase (as part of the proposal to include the principal director
as an author of the film along with the producer), the Committee
states:</p>
<blockquote>It,
therefore, recommends that the proposal to include principal director
as author of the film along with producer may be dropped altogether.<br /></blockquote>
<p>While
this presumably means that the proposal to increase term is also being
rejected, that is not made clear by the Committee's comments.</p>
<h2><br /></h2>
<h2>Increased Copyright Duration, Expansive Moral Rights and Other Negative Changes</h2>
<p>In
the submission of CIS and twenty-one other civil society organizations
to the Standing Committee, we highlighted all of the below concerns.
However, our submission was not tabled before the Standing Committee
for reasons unknown to us.</p>
<ul><li><strong>WCT
and WPPT compliance</strong>: India has not signed either of these two treaties,
which impose TRIPS-plus copyright protection, but without any
corresponding increase in fair dealing / fair use rights. Given that
the Standing Committee has recommended against some aspects of WCT
compliance (such as the move to change "hire" to "commercial rental")
and that without such changes India cannot be a signatory to the WCT, it
is unclear why other forms of WCT compliance (such as TPMs) should be
implemented.</li><li><strong>Increase
in duration of copyright</strong>: The duration of copyright of photographs and
video recordings is sought to be increased. The term of copyright for photographs is being increased from sixty years from creation to sixty years from death of the photographer. This will
significantly reduce the public domain, which India has been arguing for
internationally, especially through its push for the Development Agenda at the World Intellectual Property Organization.<br /></li><li><strong>Moral
rights</strong>: Changes have been made to author’s moral rights (and
performer’s moral rights have been introduced) but these have been made
without requisite safeguards.</li><li><strong>Version
recordings</strong>: The amendments make cover version much more difficult to
produce, and while the Standing Committee has addressed the concerns of
some in the music industry, it hasn't addressed the concerns of artists
and consumers.</li></ul>
<h2><br /></h2>
<h2>Criminal Provisions, Government Works, and Other Missed Opportunities</h2>
<p>The
following important changes should have been made by the government,
but haven't. While on some issues the Standing Committee has gone
beyond the proposed amendments, it hasn't touched upon any of the
following, which we believe are very important changes that are required
to be made.</p>
<ul><li><strong>Criminal
provisions</strong>: Our law still criminalises individual, non-commercial
copyright infringement. This has now been extended to the proposal for
circumvention of Technological Protection Measures and removal of Rights
Management Information also.</li><li><strong>Government
works:</strong> Taxpayers are still not free to use works that were paid for by
them. This goes against the direction that India has elected to march
towards with the Right to Information Act. A simple amendment of
s.52(1)(q) would suffice. The amended subsection would except "the
reproduction, communication to the public, or publication of any
government work" as being non-infringing uses.</li><li><strong>Copyright
terms</strong>: The duration of all copyrights are above the minimum required by
our international obligations, thus decreasing the public domain which
is crucial for all scientific and cultural progress.</li><li><strong>Educational exceptions</strong>: The exceptions for education still do not fully embrace distance and digital education.</li><li><strong>Communication
to the public</strong>: No clear definition is given of what constitute a
‘public’, and no distinction is drawn between commercial and
non-commercial ‘public’ communication.</li><li><strong>Internet
intermediaries</strong>: More protections are required to be granted to Internet
intermediaries to ensure that non-market based peer-production projects
such as Wikipedia, and other forms of social media and grassroots
innovation are not stifled.</li><li><strong>Fair
dealing and fair use</strong>: We would benefit greatly if, apart from the
specific exceptions provided for in the Act, more general guidelines
were also provided as to what do not constitute infringement. This would
not take away from the existing exceptions.</li></ul>
<p>
For more details visit <a href='http://editors.cis-india.org/a2k/blogs/sc-report-on-amendments'>http://editors.cis-india.org/a2k/blogs/sc-report-on-amendments</a>
</p>
No publisherpraneshAccess to KnowledgeCopyrightIntellectual Property RightsIntermediary LiabilityTechnological Protection Measures2011-09-06T07:50:12ZBlog EntryA Guide to Key IPR Provisions of the Proposed India-European Union Free Trade Agreement
http://editors.cis-india.org/a2k/blogs/a-guide-to-the-proposed-india-european-union-free-trade-agreement
<b>The Centre for Internet and Society presents a guide for policymakers and other stakeholders to the latest draft of the India-European Union Free Trade Agreement, which likely will be concluded by the end of the year and may hold serious ramifications for Indian businesses and consumers. </b>
<div class="visualClear">In its ongoing negotiation for a FTA with the EU, a process that began in 2007 and is expected to end sometime this year, India has won several signicant IP-related concessions. But there remain several IP issues critical to the maintenance of its developing economy, including its robust entrepreneurial environment, that India should contest further before ratifying the treaty. This guide covers the FTA's IP provisions that are within the scope of CIS' policy agenda and on which India has negotiated favorable language, as well as those provisions that it should re-negotiate or oppose.</div>
<div class="visualClear"> </div>
<div class="visualClear">Download the guide <a title="A Guide to the Proposed India-European Union FTA" class="internal-link" href="http://www.cis-india.org/a2k/publications/CIS%20Open%20Data%20Case%20Studies%20Proposal.pdf">here</a>, and please feel free to comment below.</div>
<div class="visualClear"> </div>
<div class="visualClear">You may also download a <a title="India-EU FTA TRIPS Comparison Chart" class="internal-link" href="http://www.cis-india.org/advocacy/ipr/upload/India-EU_FTA_Chart.odt">chart</a> comparing the language proposed by India and the EU respectively with that included in the WTO's Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS).</div>
<div class="visualClear"> </div>
<div class="visualClear">Following is a summary of CIS' findings:</div>
<div class="visualClear"> </div>
<div class="visualClear">
<div class="visualClear">
<ul><li>India has become a de facto leader of developing countries at the WTO, and an India-EU FTA seems likely to provide a model for FTAs between developed and developing states well into the future.</li><li>The EU has proposed articles on reproduction, communication, and broadcasting rights which could seriously undermine India's authority to regulate the use of works under copyright as currently provided for in the Berne Convention, as well as narrowing exceptions and limitations to rights under copyright.</li><li>The EU asserts that copyright includes "copyright in computer programs and in databases," without indicating whether such copyright exceeds that provided for in the Berne Convention. Moreover, by asserting that copyright "includes copyright in computer programs and in databases," the EU has left open the door for the extension of copyright to non-original databases.</li><li>India should explicitly obligate the EU to promote and encourage technology transfer -- an obligation compatible with and derived from TRIPS -- as well as propose a clear definition of technology transfer.</li><li>The EU has demanded India's accession to the WIPO Internet Treaties, the merits of which are currently under debate as India moves towards amending its Copyright Act, as well as several other international treaties that India either does not explicitly enforce or to which it is not a contracting party.</li><li>In general, the EU's provisions would extend terms of protection for material under copyright, within certain constraints, further endangering India's consumer-friendly copyright regime.</li><li>An agreement to establish arrangements between national organizations charged with collecting and distributing royalty payments may obligate such organizations in India collect royalty payments for EU rights holders on the same basis as they do for Indian rights holders, and vice versa in the EU, but more heavily burden India.</li><li>The EU has proposed a series of radical provisions on the enforcement of IPRs that are tailored almost exclusively to serve the interests of rights holders, at the expense of providing safety mechanisms for those accused of infringing or enabling infringers. </li><li>The EU has proposed, under cover of protecting intermediate service providers from liability for infringement by their users, to increase and/or place the burden on such providers of policing user activity.</li></ul>
</div>
</div>
<p>
For more details visit <a href='http://editors.cis-india.org/a2k/blogs/a-guide-to-the-proposed-india-european-union-free-trade-agreement'>http://editors.cis-india.org/a2k/blogs/a-guide-to-the-proposed-india-european-union-free-trade-agreement</a>
</p>
No publishergloverDevelopmentConsumer RightsCopyrightAccess to KnowledgeDiscussionEconomicsAnalysisTechnological Protection MeasuresIntermediary LiabilityinnovationIntellectual Property RightsPatentsPublications2011-08-30T13:06:03ZBlog EntryPrimer on the New IT Act
http://editors.cis-india.org/internet-governance/blog/primer-it-act
<b>With this draft information bulletin, we briefly discuss some of the problems with the Information Technology Act, and invite your comments.</b>
<p align="justify">The latest amendments to
the Information Technology Act 2000, passed in December 2008 by the
Lok Sabha, and the draft rules framed under it contain several provisions
that can be abused and misused to infringe seriously on citizens'
fundamental rights and basic civil liberties. We have already <a href="http://editors.cis-india.org/internet-governance/it-act/short-note-on-amendment-act-2008" class="internal-link" title="Short note on IT Amendment Act, 2008">written about some of the problems</a> with this Act earlier. With this information bulletin, drafted by Chennai-based advocate Ananth Padmanabhan, we wish to extend that analysis into the form of a citizens' dialogue highlighting ways in which the Act and the rules under it fail. Thus, we invite your comments, suggestions, and queries, as this is very much a work in progress. We will eventually consolidate this dialogue and follow up with the government on the concerns of its citizens.</p>
<h3 align="justify">Intermediaries
beware</h3>
<p align="justify">Internet service
providers, webhosting service providers, search engines, online
payment sites, online auction sites, online market places, and cyber
cafes are all examples of “intermediaries” under this Act. The
Government can force any of these intermediaries to cooperate with
any interception, monitoring or decryption of data by stating broad
and ambiguous reasons such as the “interest of the sovereignty or
integrity of India”, “defence of India”, “security of the
State”, “friendly relations with foreign States”, “public
order” or for “preventing incitement to” or “investigating”
the commission of offences related to those. This power can be abused
to infringe on the privacy of intermediaries as well as to hamper
their constitutional right to conduct their business without interference.</p>
<p align="justify">If a Google search on
“Osama Bin Laden” throws up an article that claims to have
discovered his place of hiding, the Government of India can issue a
direction authorizing the police to monitor Google’s servers to
find the source of this information. While Google can, of course,
establish that this information cannot be attributed directly to the
organization, making the search unwarranted, that would not help it
much. While section 69 grants the government these wide-ranging
powers, it does not provide for adequate safeguards in the form of having to show due cause or having an in-built right of appeal against a decision by the government. If Google refused
to cooperate under such circumstances, its directors would be liable
to imprisonment of up to seven years.</p>
<h3 align="justify">Pre-censorship<br /></h3>
<p align="justify">The State has been given
unbridled power to block access to websites as long as such blocking
is deemed to be in the interest of sovereignty and integrity of
India, defence of India, security of the State, friendly relations
with foreign States, and other such matters.</p>
<p align="justify">Thus, if a web portal or
blog carries or expresses views critical of the Indo-US nuclear deal,
the government can block access to the website and thus muzzle criticism
of its policies. While some may find that suggestion outlandish, it is very much possible under the Act. Since there is no right to be heard before your website is taken down nor is there an in-built mechanism for the website owner to appeal, the decisions made by the government cannot be questioned unless you are prepared to undertake a costly legal battle. </p>
<p align="justify">Again, if an intermediary (like Blogspot or an ISP like Airtel) refuses to cooperate, its directors may be personally liable to imprisonment for up to a period of seven years. Thus, being personally liable, the intermediaries are rid of any incentive to stand up for the freedom of speech and expression.</p>
<h3 align="justify">We need to monitor your computer: you have a virus<br /></h3>
<p align="justify">The government has been
vested with the power to authorize the monitoring and collection of
traffic data and information generated, transmitted, received or
stored in any computer resource. This provision is much too
widely-worded. </p>
<p align="justify">For instance, if the
government feels that there is a virus on your computer that can
spread to another computer, it can demand access to monitor your
e-mails on the ground that such monitoring enhances “cyber
security” and prevents “the spread of computer contaminants”.</p>
<h3 align="justify">Think before you click "Send"<br /></h3>
<p align="justify">If out of anger you send
an e-mail for the purpose of causing “annoyance” or
“inconvenience”, you may be liable for imprisonment up to three
years along with a fine. While that provision (section 66A(c)) was
meant to combat spam and phishing attacks, it criminalizes much more
than it should.</p>
<h3 align="justify">A new brand of "cyber terrorists" <br /></h3>
<p align="justify">The new offence of “cyber
terrorism” has been introduced, which is so badly worded that it
borders on the ludicrous. If a journalist gains
unauthorized access to a computer where information regarding
corruption by certain members of the judiciary is stored, she becomes
a “cyber terrorist” as the information may be used to cause
contempt of court. There is no precedent for any such definition of cyberterrorism. It is unclear what definition of terrorism the government is going by when even unauthorized access to defamatory material is considered cyberterrorism.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/primer-it-act'>http://editors.cis-india.org/internet-governance/blog/primer-it-act</a>
</p>
No publisherpraneshIT ActDigital GovernancePublic AccountabilityIntermediary LiabilityCensorship2011-08-02T07:41:54ZBlog EntryComments on the Draft Rules under the Information Technology Act
http://editors.cis-india.org/internet-governance/blog/comments-draft-rules
<b>The Centre for Internet and Society commissioned an advocate, Ananth Padmanabhan, to produce a comment on the Draft Rules that have been published by the government under the Information Technology Act. In his comments, Mr. Padmanabhan highlights the problems with each of the rules and presents specific recommendations on how they can be improved. These comments were sent to the Department of Information and Technology.</b>
<h2><em>Comments on the Draft Rules under the Information Technology Act as Amended by the Information Technology (Amendment) Act, 2008</em></h2>
<p><em><strong>Submitted by the Centre for Internet and Society, Bangalore</strong></em></p>
<p><em><strong>Prepared by Ananth Padmanabhan, Advocate in the Madras High Court</strong></em></p>
<h2>Interception, Monitoring and Decryption</h2>
<h3>Section 69</h3>
<p>The section says:</p>
<ol><li>Where the Central Government or a State Government or any of its officer specially authorised by the Central Government or the State Government, as the case may be, in this behalf may, if satisfied that it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence, it may subject to the provisions of sub-section (2), for reasons to be recorded in writing, by order, direct any agency of the appropriate Government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information generated, transmitted, received or stored in any computer resource. </li><li>The procedure and safeguards subject to which such interception or monitoring or decryption may be carried out, shall be such as may be prescribed.</li><li>The subscriber or intermediary or any person in-charge of the computer resource shall, when called upon by any agency referred to in sub-section (1), extend all facilities and technical assistance to-</li></ol>
<p> (a) provide access to or secure access to the computer resource
generating transmitting, receiving or storing such information; or</p>
<p>
(b) intercept, monitor, or decrypt the information, as the case may be; or</p>
(c) provide information stored in computer resource.
<ol><li>The subscriber or intermediary or any person who fails to assist the agency referred to in sub-section (3) shall be punished with imprisonment for a term which may extend to seven years and shall also be liable to fine. <br /></li></ol>
<p><strong><br /></strong></p>
<p><strong>Recommendation #1</strong><br />Section 69(3) should be amended and the following proviso be inserted:</p>
<p class="callout">Provided that only those intermediaries with respect to any information or computer resource that is sought to be monitored, intercepted or decrypted, shall be subject to the obligations contained in this sub-section, who are, in the opinion of the appropriate authority, prima facie in control of such transmission of the information or computer resource. The nexus between the intermediary and the information or the computer resource that is sought to be intercepted, monitored or decrypted should be clearly indicated in the direction referred to in sub-section (1) of this section.</p>
<p><br /><strong>Reasons for the Recommendation </strong><br />In the case of any information or computer resource, there may be more than one intermediary who is associated with such information. This is because “intermediary” is defined in section 2(w) of the amended Act as,</p>
<p class="callout">“with respect to any electronic record means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record, including telecom service providers, network service providers, internet service providers, webhosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes”. </p>
<p><br />The State or Central Government should not be given wide-ranging powers to enforce cooperation on the part of any such intermediary without there being a clear nexus between the information that is sought to be decrypted or monitored by the competent authority, and the control that any particular intermediary may have over such information.</p>
<p>To give an illustration, merely because some information may have been posted on an online portal, the computer resources in the office of the portal should not be monitored unless the portal has some concrete control over the nature of information posted in it. This has to be stipulated in the order of the Central or State Government which authorizes interception of the intermediary. </p>
<p><br /><strong>Recommendation #2</strong><br />Section 69(4) should be repealed.</p>
<p><br /><strong>Reasons for the Recommendation</strong><br />The closest parallels to Section 69 of the Act are the provisions in the Telegraph Rules which were brought in after the decision in PUCL v. Union of India, (1997) 1 SCC 301, famously known as the telephone tapping case.</p>
<p>Section 69(4) fixes tremendous liability on the intermediary for non-cooperation. This is violative of Article 14. Similar provisions in the Indian Penal Code and Code of Criminal Procedure, which demand cooperation from members of the public as regards production of documents, letters etc., and impose punishment for non-cooperation on their part, impose a maximum punishment of one month. It is bewildering why the punishment is 7 years imprisonment for an intermediary, when the only point of distinction between an intermediary under the IT Act and a member of the public under the IPC and CrPC is the difference in the media which contains the information.</p>
<p>Section 69(3) is akin to the duty cast upon members of the public to extend cooperation under Section 39 of the Code of Criminal Procedure by way of providing information as to commission of any offence, or the duty, when a summons is issued by the Court or the police, to produce documents under Sections 91 and 92 of the Code of Criminal Procedure. The maximum punishment for non-cooperation prescribed by the Indian Penal Code for omission to cooperate or wilful breach of summons is only a month under Sections 175 and 176 of the Indian Penal Code. Even the maximum punishment for furnishing false information to the police is only six months under Section 177 of the IPC. When this is the case with production of documents required for the purpose of trial or inquiry, it is wholly arbitrary to impose a punishment of six years in the case of intermediaries who do not extend cooperation for providing access to a computer resource which is merely apprehended as being a threat to national security etc. A mere apprehension, however reasonable it may be, should not be used to pin down a liability of such extreme nature on the intermediary.</p>
<p>This would also amount to a violation of Articles 19(1)(a) as well as 19(1)(g) of the Constitution, not to mention Article 20(3). To give an example, much of the information received from confidential sources by members of the press would be stored in computer resources. By coercing them, through the 7 year imprisonment threat, to allow access to this computer resource and thereby part with this information, the State is directly infringing on their right under Article 19(1)(a). Furthermore, if the “subscriber” is the accused, then section 69(4) goes against Article 20(3) by forcing the accused to bear witness against himself.</p>
<p> </p>
<h3>Draft Rules under Section 69 <br /></h3>
<p><strong>Rule 3</strong><br />Directions for interception or monitoring or decryption of any information generated, transmitted, received or stored in any computer resource under sub- section (2) of section 69 of the Information Technology (Amendment) Act, 2008 (hereinafter referred to as the said Act) shall not be issued except by an order made by the concerned competent authority who is Union Home Secretary in case of Government of India; the Secretary in-charge of Home Department in a State Government or Union Territory as the case may be. In unavoidable circumstances, such order may be made by an officer, not below the rank of a Joint Secretary to the Government of India, who has been duly authorised by the Union Home Secretary or by an officer equivalent to rank of Joint Secretary to Government of India duly authorised by the Secretary in-charge of Home Department in the State Government or Union Territory, as the case may be:</p>
<p>Provided that in emergency cases – <br />(i) in remote areas, where obtaining of prior directions for interception or monitoring or decryption of information is not feasible; or <br />(ii) for operational reasons, where obtaining of prior directions for interception or monitoring or decryption of any information generated, transmitted, received or stored in any computer resource is not feasible;</p>
<p>the required interception or monitoring or decryption of any information generated, transmitted, received or stored in any computer resource shall be carried out with the prior approval of the Head or the second senior most officer of the Security and Law Enforcement Agencies (hereinafter referred to as the said Security Agencies) at the Central Level and the officers authorised in this behalf, not below the rank of Inspector General of Police or an officer of equivalent rank, at the State and Union Territory level. The concerned competent authority, however, shall be informed of such interceptions or monitoring or decryption by the approving authority within three working days and that such interceptions or monitoring or decryption shall be got confirmed by the concerned competent authority within a period of seven working days. If the confirmation from the concerned competent authority is not received within the stipulated seven working days, such interception or monitoring or decryption shall cease and the same information shall not be intercepted or monitored or decrypted thereafter without the prior approval of the concerned competent authority, as the case may be. </p>
<p><br /><strong>Recommendation #3</strong><br />In Rule 3, the following proviso may be inserted:</p>
<p class="callout">“Provided that in the event of cooperation by any intermediary being required for the purpose of interception, monitoring or decryption of such information as is referred to in this Rule, prior permission from a Supervisory Committee headed by a retired Judge of the Supreme Court or the High Courts shall be obtained before seeking to enforce the Order mentioned in this Rule against such intermediary.”</p>
<p><strong><br /></strong></p>
<p><strong>Reasons for the Recommendation </strong><br />Section 69 and the draft rules suffer from absence of essential procedural safeguards. This has come in due to the blanket emulation of the Telegraph Rules. Additional safeguards should have been prescribed to ensure that the intermediary is put to minimum hardship when carrying on the monitoring or being granted access to a computer resource. Those are akin to a raid, in the sense that it can stop an online e-commerce portal from carrying out operations for a day or even more, thus affecting their revenue. It is therefore recommended that in any situation where cooperation from the intermediary is sought, prior judicial approval has to be taken. The Central or State Government cannot be the sole authority in such cases.</p>
<p>Furthermore, since access to the computer resource is required, an executive order should not suffice, and a search warrant or an equivalent which results from a judicial application of the mind (by the Supervisory Committee, for instance) should be required.</p>
<p><br /><strong>Recommendation #4</strong><br />The following should be inserted after the last line in Rule 22:</p>
<p class="callout">The Review Committee shall also have the power to award compensation to the intermediary in cases where the intermediary has suffered loss or damage due to the actions of the competent authority while implementing the order issued under Rule 3.</p>
<p><strong><br /></strong></p>
<p><strong>Reasons for the Recommendation</strong><br />The Review Committee should be given the power to award compensation to the loss suffered by the intermediary in cases where the police use equipment or software for monitoring/decryption that causes damage to the intermediary’s computer resources / networks. The Review Committee should also be given the power to award compensation in the case of monitoring directions which are later found to be frivolous or even worse, borne out of mala fide considerations. These provisions will act as a disincentive against the abuse of power contained in Section 69. </p>
<p> </p>
<h2>Blocking of Access to Information</h2>
<h3>Section 69A</h3>
<p>The section provides for blocking of websites if the government is satisfied that it is in the interests of the purposes enlisted in the section. It also provides for penalty of up to seven years for intermediaries who fail to comply with the directions under this section. <br />The rules under this section describe the procedure which have to be followed barring which the review committee may, after due examination of the procedural defects, order an unblocking of the website.</p>
<p> </p>
<p><strong>Section 69A(3)</strong><br />The intermediary who fails to comply with the direction issued under sub-section (1) shall be punished with an imprisonment for a term which may extend to seven years and also be liable to fine.</p>
<p> </p>
<p><strong>Recommendation #5</strong><br />The penalty for intermediaries must be lessened.</p>
<p> </p>
<p><strong>Reasons for Recommendations </strong><br />The penal provision in this section which prescribes up to seven years imprisonment and a fine on an intermediary who fails to comply with the directions so issued is also excessively harsh. Considering the fact that various mechanisms are available to escape the blocking of websites, the intermediaries must be given enough time and space to administer the block effectively and strict application of the penal provisions must be avoided in bona fide cases.</p>
<p>The criticism about Section 69 and the draft rules in so far as intermediary liability is concerned, will also apply mutatis mutandis to these rules as well as Section 69A.</p>
<p> </p>
<h3>Draft Rules under Section 69A</h3>
<p><strong>Rule 22: Review Committee</strong><br />The Review Committee shall meet at least once in two months and record its findings whether the directions issued under Rule (16) are in accordance with the provisions of sub-section (2) of section 69A of the Act. When the Review Committee is of the opinion that the directions are not in accordance with the provisions referred to above, it may set aside the directions and order for unblocking of said information generated, transmitted, received, stored or hosted in a computer resource for public access.</p>
<p><br /><strong>Recommendation #6</strong><br />A permanent Review Committee should be specially for the purposes of examining procedural lapses. </p>
<p><br /><strong>Reasons for Recommendation </strong><br />Rule 22 provides for a review committee which shall meet a minimum of once in every two months and order for the unblocking of a site of due procedures have not been followed. This would mean that if a site is blocked, there could take up to two months for a procedural lapse to be corrected and it to be unblocked. Even a writ filed against the policing agencies for unfair blocking would probably take around the same time. Also, it could well be the case that the review committee will be overborne by cases and may fall short of time to inquire into each. Therefore, it is recommended that a permanent Review Committee be set up which will monitor procedural lapses and ensure that there is no blocking in the first place before all the due procedural requirements are met. <br /><br /></p>
<h2>Monitoring and Collection of Traffic Data</h2>
<h3>Draft Rules under Section 69B</h3>
<p>The section provides for monitoring of computer networks or resources if the Central Government is satisfied that conditions so mentioned are satisfied.</p>
<p>The rules provide for the manner in which the monitoring will be done, the process by which the directions for the same will be issued and the liabilities of the intermediaries and monitoring officers with respect to confidentiality of the information so monitored.</p>
<p><br /><strong>Grounds for Monitoring </strong><br /><strong>Rule 4</strong><br />The competent authority may issue directions for monitoring and collection of traffic data or information generated, transmitted, received or stored in any computer resource for any or all of the following purposes related to cyber security:<br />(a) forecasting of imminent cyber incidents;<br />(b) monitoring network application with traffic data or information on computer resource;<br />(c) identification and determination of viruses/computer contaminant;<br />(d) tracking cyber security breaches or cyber security incidents;<br />(e) tracking computer resource breaching cyber security or spreading virus/computer contaminants;<br />(f) identifying or tracking of any person who has contravened, or is suspected of having contravened or being likely to contravene cyber security;<br />(g) undertaking forensic of the concerned computer resource as a part of investigation or internal audit of information security practices in the computer resource;<br />(h) accessing a stored information for enforcement of any provisions of the laws relating to cyber security for the time being in force;<br />(i) any other matter relating to cyber security.</p>
<p><br /><strong>Rule 6</strong><br />No direction for monitoring and collection of traffic data or information generated, transmitted, received or stored in any computer resource shall be given for purposes other than those specified in Rule (4).</p>
<p><br /><strong>Recommendation #7</strong><br />Clauses (a), (b), (c), and (i) of Rule 4 must be repealed.</p>
<p><br /><strong>Reasons for Recommendations </strong><br />The term “cyber incident” has not been defined, and “cyber security” has been provided a circular definition. Rule 6 clearly states that no direction for monitoring and collection of traffic data or information generated, transmitted, received or stored in any computer resource shall be given for purposes other than those specified in Rule 4. Therefore, it may prima facie appear that the government is trying to lay down clear and strict safeguards when it comes to monitoring at the expense of a citizens' privacy. However, Rule 4(i) allows the government to monitor if it is satisfied that it is “any matter related to cyber security”. This may well play as a ‘catch all’ clause to legalise any kind of monitoring and collection and therefore defeats the purported intention of Rule 6 of safeguarding citizen’s interests against arbitrary and groundless intrusion of privacy. Also, the question of degree of liability of the intermediaries or persons in charge of the computer resources for leak of secret and confidential information remains unanswered. <br /><br /><strong>Rule 24: Disclosure of monitored data </strong><br />Any monitoring or collection of traffic data or information in computer resource by the employee of an intermediary or person in-charge of computer resource or a person duly authorised by the intermediary, undertaken in course of his duty relating to the services provided by that intermediary, shall not be unlawful, if such activities are reasonably necessary for the discharge his duties as per the prevailing industry practices, in connection with :<br />(vi) Accessing or analysing information from a computer resource for the purpose of tracing a computer resource or any person who has contravened, or is suspected of having contravened or being likely to contravene, any provision of the Act that is likely to have an adverse impact on the services provided by the intermediary.</p>
<p><br /><strong>Recommendation #8</strong><br />Safeguards must be introduced with respect to exercise of powers conferred by Rule 24(vi). </p>
<p><br /><strong>Reasons for Recommendations </strong><br />Rule 24(vi) provides for access, collection and monitoring of information from a computer resource for the purposes of tracing another computer resource which has or is likely to contravened provisions of the Act and this is likely to have an adverse impact on the services provided by the intermediary. Analysis of a computer resource may reveal extremely confidential and important data, the compromise of which may cause losses worth millions. Therefore, the burden of proof for such an intrusion of privacy of the computer resource, which is first used to track another computer resource which is likely to contravene the Act, should be heavy. Also, this violation of privacy should be weighed against the benefits accruing to the intermediary. The framing of sub rules under this clearly specifying the same is recommended. </p>
<p><br />The disclosure of sensitive information by a monitoring agency for purposes of ‘general trends’ and ‘general analysis of cyber information’ is uncalled for as it dissipates information among lesser bodies that are not governed by sufficient safeguards and this could result in outright violation of citizen’s privacy.</p>
<p> </p>
<h2>Manner of Functioning of CERT-In</h2>
<h3>Draft Rules under Section 70B(5)</h3>
<p>Section 70B provides for an Indian Computer Emergency Response Team (CERT-In) which shall serve as a national agency for performing duties as prescribed by clause 4 of this section in accordance to the rules as prescribed.<br />The rules provide for CERT-In’s authority, composition of advisory committee, constituency, functions and responsibilities, services, stakeholders, policies and procedures, modus operandi, disclosure of information and measures to deal with non compliance of orders so issued. However, there are a few issues which need to be addressed as under:</p>
<p><br /><strong>Definitions</strong><br />In these Rules, unless the context otherwise requires, “Cyber security incident” means any real or suspected adverse event in relation to cyber security that violates an explicit or implied security policy resulting in unauthorized access, denial of service/ disruption, unauthorized use of a computer resource for processing or storage of information or changes to data, information without authorization.</p>
<p><br /><strong>Recommendation #9</strong><br />The words ‘or implied’’ must be excluded from rule 2(g) which defines ‘cyber security incident’, and the term ‘security policy’ must be qualified to state what security policy is being referred to.</p>
<p><br /><strong>Reasons for Recommendation</strong><br />“Cyber security incident” means any real or suspected adverse event in relation to cyber security that violates an explicit or implied security policy resulting in unauthorized access, denial of service/disruption, unauthorized use of a computer resource for processing or storage of information or changes to data, information without authorization. </p>
<p><br />Thus, the section defines any circumstance where an explicit or implied security policy is contravened as a ‘cyber security incident’. Without clearly stating what the security policy is, an inquiry into its contravention is against an individual’s civil rights. If an individual’s actions are to be restricted for reasons of security, then the restrictions must be expressly defined and such restrictions cannot be said to be implied.</p>
<p><br /><strong>Rule 13(4): Disclosure of Information </strong><br />Save as provided in sub-rules (1), (2), (3) of rule 13, it may be necessary or expedient to so to do, for CERT-In to disclose all relevant information to the stakeholders, in the interest of sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of an offence relating to cognizable offence or enhancing cyber security in the country.</p>
<p><br /><strong>Recommendation #10</strong><br />Burden of necessity for disclosure of information should be made heavier. </p>
<p><br /><strong>Reasons for the Recommendation</strong><br />Rule 13(4) allows the disclosure of information by CERT-In in the interests of ‘enhancing cyber security’. This enhancement however needs to be weighed against the detriment caused to the individual and the burden of proof must be on the CERT-In to show that this was the only way of achieving the required. </p>
<p><br /><strong>Rule 19: Protection for actions taken in Good Faith </strong><br />All actions of CERT-In and its staff acting on behalf of CERT-In are taken in good faith in fulfillment of its mandated roles and functions, in pursuance of the provisions of the Act or any rule, regulations or orders made thereunder. CERT-In and its staff acting on behalf of CERT-In shall not be held responsible for any unintended fallout of their actions.</p>
<p><br /><strong>Recommendation #11</strong><br />CERT-In should be made liable for their negligent action and no presumption of good faith should be as such provided for. </p>
<p><br /><strong>Reasons for the Recommendation </strong><br />Rule 19 provides for the protection of CERT-In members for the actions taken in ‘good faith’. It defines such actions as ‘unintended fallouts’. Clearly, if information has been called for and the same is highly confidential, then this rule bars the remedy for any leak of the same due to the negligence of the CERT-In members. This is clearly not permissible as an agency that calls for delicate information should also be held responsible for mishandling the same, intentionally or negligently. Good faith can be established if the need arises, and no presumption as to good faith needs to be provided.</p>
<p> </p>
<h3>Draft Rules under Section 52</h3>
<p>These rules, entitled the “Cyber Appellate Tribunal (Salary, Allowances and Other Terms and Conditions of Service of Chairperson and Members) Rules, 2009” are meant to prescribe the framework for the independent and smooth functioning of the Cyber Appellate Tribunal. This is so because of the specific functions entrusted to this Appellate Tribunal. Under the IT Act, 2000 as amended by the IT (Amendment) Act, 2008, this Tribunal has the power to entertain appeals against orders passed by the adjudicating officer under Section 47.</p>
<p><br /><strong>Recommendation #12</strong><br />Amend qualifications Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003, to require judicial training and experience.</p>
<p><br /><strong>Reasons for the Recommendation</strong><br />It is submitted that an examination of these rules governing the Appellate Tribunal cannot be made independent of the powers and qualifications of Adjudicating Officers who are the original authority to decide on contravention of provisions in the IT Act dealing with damage to computer system and failure to furnish information. Even as per the Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003, persons who did not possess judicial experience and training, such as those holding the post of Director in the Central Government, were qualified to perform functions under Section 46 and decide whether there has been unauthorized access to a computer system. This involves appreciation of evidence and is not a merely administrative function that could be carried on by any person who has basic knowledge of information technology.</p>
<p>Viewed from this angle, the qualifications of the Cyber Appellate Tribunal members should have been made much tighter as per the new draft rules. The above rules when read with Section 50 of the IT Act, as amended in 2008, do not say anything about the qualification of the technical members apart from the fact that such person shall not be appointed as a Member, unless he is, or has been, in the service of the Central Government or a State Government, and has held the post of Additional Secretary or Joint Secretary or any equivalent post. Though special knowledge of, and professional experience in, information technology, telecommunication, industry, management or consumer affairs, has been prescribed in the Act as a requirement for any technical member.</p>
<p> </p>
<h3>Draft Rules under Section 54</h3>
<p>These Rules do not suffer any defect and provide for a fair and reasonable enquiry in so far as allegations made against the Chairperson or the members of the Cyber Appellate Tribunal are concerned.</p>
<p> </p>
<h2>Penal Provisions</h2>
<h3>Section 66A</h3>
<p>Any person who sends, by means of a computer resource or a communication device,<br /> (a) any information that is grossly offensive or has menacing character; or<br /> (b) any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will, persistently by making use of such computer resource or a communication device,<br /> (c) any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages,<br />shall be punishable with imprisonment for a term which may extend to three years and with fine.<br />Sec. 32 of the 2008 Act inserts Sec. 66A which provides for penal measures for mala fide use of electronic resources to send information detrimental to the receiver. For the section to be attracted the ‘information’ needs to be grossly offensive, menacing, etc. and the sender needs to have known it to be false.</p>
<p>While the intention of the section – to prevent activities such as spam-sending – might be sound and even desirable, there is still a strong argument to be made that words is submitted that the use of words such as ‘annoyance’ and ‘inconvenience’ (in s.66A(c)) are highly problematic. Further, something can be grossly offensive without touching upon any of the conditions laid down in Article 19(2). Without satisfying the conditions of Article 19(2), this provision would be ultra vires the Constitution.</p>
<p><br /><strong>Recommendation #13</strong><br />The section should be amended and words which lead to ambiguity must be excluded.</p>
<p><br /><strong>Reasons for the Recommendation </strong><br />A clearer phrasing as to what exactly could convey ‘ill will’ or cause annoyance in the electronic forms needs to be clarified. It is possible in some electronic forms for the receiver to know the content of the information. In such circumstances, if such a possibility is ignored and annoyance does occur, is the sender still liable? Keeping in mind the complexity of use of electronic modes of transmitting information, it can be said that several such conditions arise which the section has vaguely covered. Therefore, a stricter and more clinical approach is necessary. </p>
<p><br /><strong>Recommendation #14</strong><br />A proviso should be inserted to this section providing for specific exceptions to the offence contained in this section for reasons such as fair comment, truth, criticism of actions of public officials etc. </p>
<p> </p>
<p><strong>Reasons for the Recommendation </strong><br />The major problem with Section 66A lies in clause (c) as per which any electronic mail or electronic mail message sent with the purpose of causing annoyance or inconvenience is covered within the ambit of offensive messages. This does not pay heed to the fact that even a valid and true criticism of the actions of an individual, when brought to his notice, can amount to annoyance. Indeed, it may be brought to his attention with the sole purpose of causing annoyance to him. When interpreting the Information Technology Act, it is to be kept in mind that the offences created under this Act should not go beyond those prescribed in the Indian Penal Code except where there is a wholly new activity or conduct, such as hacking for instance, which is sought to be criminalized.</p>
<p>Offensive messages have been criminalized in the Indian Penal Code subject to the conditions specified in Chapter XXII being present. It is not an offence to verbally insult or annoy someone without anything more being done such as a threat to commit an offence, etc. When this is the case with verbal communications, there is no reason to make an exception for those made through the electronic medium and bring any electronic mail or message sent with the purpose of causing annoyance or inconvenience within the purview of an offensive message.</p>
<p> </p>
<h3>Section 66F</h3>
<p>The definition of cyber-terrorism under this provision is too wide and can cover several activities which are not actually of a “terrorist” character. <br />Section 66F(1)(B) is particularly harsh and goes much beyond acts of “terrorism” to include various other activities within its purview. As per this provision, <br />“[w]hoever knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorised access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons for the security of the State or foreign relations, or any restricted information, data or computer database, with reasons to believe that such information, data or computer database so obtained may be used to cause or is likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality, or in relation to contempt of court, defamation or incitement to an offence, or to the advantage of any foreign nation, group of individuals or otherwise, commits the offence of cyber terrorism.”</p>
<p>This provision suffers from several defects and hence ought to be repealed. </p>
<p><br /><strong>Recommendation #15</strong><br />Section 66F(1)(B) has to be repealed or suitably amended to water down the excessively harsh operation of this provision. The restrictive nature of the information that is unauthorisedly accessed must be confined to those that are restricted on grounds of security of the State or foreign relations. The use to which such information may be put should again be confined to injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, or public order. A mere advantage to a foreign nation cannot render the act of unauthorized access one of cyber-terrorism as long as such advantage is not injurious or harmful in any manner to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, or public order. A mens rea requirement should also be introduced whereby mere knowledge that the information which is unauthorisedly accessed can be put to such uses as given in this provision should not suffice for the unauthorised access to amount to cyber-terrorism. The unauthorised access should be with the intention to put such information to this use. The amended provision would read as follows:</p>
<p class="callout">“[w]hoever knowingly or intentionally penetrates or accesses a computer resource without authorisation or exceeding authorised access, and by means of such conduct obtains access to information, data or computer database that is restricted for reasons for the security of the State or foreign relations, with the intention that such information, data or computer database so obtained may be used to cause injury to the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, or public order, commits the offence of cyber terrorism.”</p>
<p class="callout"> </p>
<p><strong>Reasons for the Recommendation </strong><br />The ambit of this provision goes much beyond information, data or computer database which is restricted only on grounds of security of the State or foreign relations and extends to “any restricted information, data or computer database”. This expression covers any government file which is marked as confidential or saved in a computer used exclusively by the government. It also covers any file saved in a computer exclusively used by a private corporation or enterprise. Even the use to which such information can be put need not be confined to those that cause or are likely to cause injury to the interests of the sovereignty and integrity of India, the security of the State, or friendly relations with foreign States. Information or data which is defamatory, amounting to contempt of court, or against decency / morality, are all covered within the scope of this provision. This goes way beyond the idea of a terrorist activity and poses serious questions. While there is no one globally accepted definition of cyberterrorism, it is tough to conceive of slander as a terrorist activity.</p>
<p>To give an illustration, if a journalist managed to unauthorisedly break into a restricted database, even one owned by a private corporation, and stumbled upon information that is defamatory in character, he would have committed an act of “cyber-terrorism.” Various kinds of information pertaining to corruption in the judiciary may be precluded from being unauthorisedly accessed on the ground that such information may be put to use for committing contempt of court. Any person who gains such access would again qualify as a cyber-terrorist. The factual situations are numerous where this provision can be put to gross misuse with the ulterior motive of muzzling dissent or freezing access to information that may be restricted in nature but nonetheless have a bearing on probity in public life etc. It is therefore imperative that this provision may be toned down as recommended above. <br /><br /></p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/comments-draft-rules'>http://editors.cis-india.org/internet-governance/blog/comments-draft-rules</a>
</p>
No publisherpraneshIT ActEncryptionIntellectual Property RightsIntermediary LiabilityPublicationsCensorship2011-09-21T06:13:42ZBlog Entry