New Laws for Internet in India.

They affect almost everything you do on the Internet.

In the first weeks of Feb, the Govt ordered Twitter to ban accounts of some critics of the government. Twitter refused, arguing for freedom of speech. The govt threatened to jail Twitter's employees in India.

So to make sure no platform or publisher ever defies the government's orders again, a new IT Act was announced on the 25th of Feb. The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.

And these rules affect almost all of the internet you use today: social media platforms? check. Digital news media? check. OTT platforms like Netflix? check.

But what do they mean? Here’s a 5-min explainer.

Some Context: The last time these Intermediary Rules were updated was back in 2011. But this one is so different from its predecessor that it's been called “anti-democratic”, “unconstitutional”. And “A wolf in watchdog’s clothing”. And that these rules “take Away Our Digital Rights.

Rules On Social Media Intermediaries.

Who are “Social media intermediaries”? All social and messaging platforms. From WhatsApp and Telegram to Facebook and Twitter. (and let’s call them SMIs for short)

Why “intermediaries”? Because, for example, Twitter doesn’t write every tweet itself. It's just a medium where you share your thoughts with others. And recognising a social platform as an intermediary is important. Because if someone tweets something unlawful, Twitter isn’t held responsible, the person who tweeted is. This is called immunity. And without this immunity, social platforms would simply not exist.

According to the new IT Rules, this part of intermediaries is administered by The Ministry of Electronics and Information Technology or MeitY.

And here’s everything that has changed:

New classification. Intermediaries with over 50 lakh (5 Million) registered Indian users are now called Significant SMI (or SSMI for short). They have extra-strict regulations to deal with. But government can require *any intermediary* to comply with the rules imposed on an SSMI if there’s “a material risk of harm”.

Policy reminders, every year: All intermediaries will have to email *all* users — at least once every year — that doing anything against their rules will result in deletion of his/her account or that post or both. So, be ready for lots of spam.

New Grievance redressal mechanism. All intermediaries will have to appoint a Grievance Redressal team. This includes:

  • a Chief Compliance Officer who will ensure the rules from IT Act, 2001 are being followed.

  • A Nodal person of contact for “24x7 coordination” with law enforcement authorities.

  • And a Resident Grievance Officer who will have to acknowledge complaints within 24hrs and resolve them within 15 days.

But Grievance officers of only SSMIs will have to provide reasons for any decision they make. And before they can take down any content, they will have to inform the user who posted it. And give him/her a chance to dispute claims.

Some other rules include that Grievance Redressal Officers should reside in India and all SSMIs should have a physical contact address in India. The officers’ details and the physical address should be published “prominently” on the SSMI’s website.

Data stored for longer. All Intermediaries will have to store your data for 180 days after deletion for investigative purposes. Even if you delete your account.

Volunteer Verification. All SSMIs will have to give you an option to verify your account through an ID card like Aadhar. These platforms will also have to display a mark that shows which accounts are verified and which aren’t. And although this is totally optional right now, this may be turned into a compulsory thing. (Remember how Aadhar started as totally optional and then became necessary to buy even a SIM card?) If that happens with this verification, anonymity is dead and these platforms will have your ID information and who knows what they can do with it.

And also: This verification doesn't necessarily mean you’ll get the blue check on any platform. This mark of verification might be different.

RIP End-to-end encryption. End-to-end encryption means when you talk to someone through WhatsApp, WhatsApp can’t read what messages you send, thereby guaranteeing privacy. But these rules will force WhatsApp (an SSMI) to make a way to find what message you’re sending to find who first started sharing a message.

The rules clarify, though, that this tracing-who-created-the-message order can only be required by a court or any competent authority. And it also says the SSMI should not disclose the message’s content, only who first created the message. But IFF says:

However, the Information Technology Decryption Rules contain powers to make demands for the message content. Used together, the government will break any type of end-to-end encryption to gain knowledge of who sent what message and also get to know its contents. 

AI Moderation. SSMIs will also have to make tech to identify people and content which are unlawful and should be removed.

Penalty. If the intermediaries fail to follow the rules, they will lose immunity and more consequences like potential criminal prosecution.

Rules On Digital News Media and OTTs.

The 2011 Rules did not regulate Digital News Media and OTT Platforms like Netflix. But the new rules do. And unlike the social media part, this one is administered by The Ministry Of Information and Broadcasting or MI&B.

So who’re “digital news publishers”? Well, anyone who “publishes” news. No matter how big or small. And because news means “newly received content and analysis" about recent events,” these rules apply to everyone who shares news. And this slightly indicates common people like you and me are also included.

So, here’s what the rules have in store for them:

Code of ethics.

  • Digital News Media have to comply with Norms of Journalistic Conduct of the Press Council of India and Programme Code and ensure that anything prohibited under any law is not published.

  • And, OTTs have to classify their content based on who can watch. That is, classify as ‘U,’ ‘U/A 7+,’ ‘U/A 13+,’ ‘U/A 16+,’ and ‘A.’ And they have to ensure there’s a functional age verification system to stop minors from watching restricted content.

3-Tier Grievance Redressal Mechanism. This mechanism is like the Judiciary for OTT platforms. Like the 3-tiers of courts. You go to the District Court, if unsatisfied, you go to the High Court and finally, the Supreme Court. But the biggest difference here is that it’s operated by the government — the Executives — and not the Judiciary. With each level the governmental control increases. And ultimately, it’s the government’s decision that matters.

  • Level 1: A resident grievance officer, who has to take a decision within 15 days.

  • Level 2: Self-regulating body of publishers whose head should be a retired SC or HC judge or an independent eminent person from relevant industries like media and broadcasting. Importantly, this body should be registered by MI&B and should have the power to censor, require an apology or reclassify age restriction ratings on all members.

  • Level 3: This is where the Central government takes charge. An “Inter-Departmental Committee” with representatives from MI&B, Ministry of Women and Child Development, Ministry of Law and Justice, MeitY, and others. And the head of this committee should be the Joint Secretary of MI&B. Ultimately, they have the power to delete or modify content on any OTT

And finally, the MI&B also has some emergency blocking powers, which means it can block *any* content immediately, when “no delay is acceptable.”

That’s it. I hope you liked it. Click the heart button at the end to let me know if you did. Thanks for reading.

(PS — Will your followers like reading this piece? Share it on Twitter or WhatsApp.)


I’ve made every effort to make sure this piece is factually correct. But if there’s something I get wrong, I’ll update it here and tweet it out.