ABSTRACT
This research paper focuses on Rule 4(2) of the IT Rules 2021, and how its imposition impacts the fundamental rights of the citizen and the intermediary. It also focuses on the government’s point of view on how imposing rule 4(2) will provide a safe and secure platform and fulfil the objective which is to stop the spread of fake news and also protect the privacy of the individuals using the intermediary. The paper reflects both sides of the coin, carefully examining it through the lens of the Constitution. It is essential to balance regulating online content and safeguarding fundamental rights. Further analysis and legal scrutiny are necessary to ensure that Rule 4(2) aligns with constitutional principles and respects the rights of individuals in the digital realm.
KEYWORDS
End-to-end encryption, Traceability, Constitutional, and Fake news.
INTRODUCTION
Social media has become an inseparable part of the lives of people across the world. A report suggests that there are 4.55 million active social media users around the world in 2021
The Indian government announced the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“the Intermediary Rules”) to regulate social media businesses operating in India. This move caused a rift between the government and these corporations. Social media has brought forth several challenges, though, that courts and governments are finding difficult to deal with. A significant obstacle governments face, particularly law enforcement organisations, is the utilisation of end-to-end encryption (or “E2EE”) technology in communications. Whatsapp and Signal are examples of messaging services platforms that use E2EE to guarantee user privacy and anonymity by preventing unauthorised access to communication.
Additionally, it helps criminals carry out their illegal activities and allows users to evade official monitoring. Law enforcement agencies are concerned about using E2EE communications for illegal activities and disseminating false or misleading information. As a result, they have frequently asked these internet platforms to supply them with information needed for investigations—information that the firms claim they do not have because of E2EE. There is currently conflict in many nations between the government and communication networks.
This research paper mainly focuses on the constitutional aspect of Rule 4(2). It analyses how imposing such a rule is hampering the basic fundamental rights of the citizen. The golden triangle i.e. is Article 14, Article 19 and Article 21 which are considered vital and give life to the rule of law. They are interdependent and cannot be interpreted in isolation. Therefore the paper tries to cover both sides of the coin by analysing it from a citizen’s point of view and understanding the government’s mindset while framing it.
RESEARCH METHODOLOGY
This paper will use a descriptive research methodology, including secondary sources including blog posts, newspaper articles, and acts and notifications from the Ministry of Electronics & Information Technology’s official website.
REVIEW OF LITERATURE
The new Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules (“IT Rules 2021”), released in February 2021 under the Information Technology Act 2000 (“IT Act”), have caused friction between the Central Government and Social Media Intermediaries, According to s. 69 of the IT Act, a major social media intermediary that offers messaging-related services must permit the identification of “the first originator” of a communication in response to a court order or other competent authority’s directive.
The process of converting data into an unintelligible format such that only a special “key” can unlock it and restore it to its original state is known as encryption. E2EE is a way to protect personal messages.
A message delivered from the sender’s device that is encrypted and can only be decrypted by the recipient’s device is protected by E2EE.
The message’s contents are not visible to the middleman. Furthermore, the intermediary has no way of identifying who the original message creator is if the recipient passes the same message to another individual. As a result, E2EE safeguards both the communication content and the sender and recipient’s anonymity.
A message delivered from the sender’s device that is encrypted and can only be decrypted by the recipient’s device is protected by E2EE.
The message’s contents are not visible to the middleman. Furthermore, the intermediary has no way of identifying who the original message creator is if the recipient passes the same message to another individual. As a result, E2EE safeguards both the communication content and the sender and recipient’s anonymity.
A “significant social media intermediary” (or “SSMI”) that offers “services primarily like messaging” is required by Rule 4(2) of the Intermediary Rules to “enable identification of the first originator of information” on its “computer resource.” According to Rule 2(v) of the Intermediary Rules, an SSMI has more registered users than a cap set by the Central Government. The current barrier of five million users has been established.
imposition of Rule 4(2) has directly impacted the golden triangle.
The main contention behind this rule is that it directly hampers their basic fundamental rights.
Article 14
Art. 14 guarantees fair treatment against arbitrary actions of the state. The law must not be arbitrary since arbitrariness and equality are sworn enemies, where equality belongs to the Rule of Law and arbitrariness, belongs to the whims and fancies of the absolute autocracy.
Impugned Rule 4(2) allows for the issuance of orders to identify the first originator of information without judicial oversight. Thereby, there is no ‘guarantee against arbitrary State action’ and gives absolute arbitrary power to the state to act upon its whims and fancies to issue such order against any individual which might include press media persons, opposite party leaders, army personnels and investigative agencies etc.
A classification to be reasonable must pass the twin test laid down by the
Hon’ble Supreme Court of India in the case of State of West Bengal v. Anwar Ali
Sarkar, that includes: [1] the Classification must have an Intelligible Differentia
upon which the things or persons are grouped and others are left out of the
groupand; [2] the Differentia must have a rational relation with the objective
sought to be achieved.
[1] Intelligible Differentia can be interpreted as a difference which shows the
capability of being understood. It differentiates a state or class of persons or objects
from each other based on reasonability. It explains all the factors based on which the classification has been undertook by the authority. The prominent
feature of this doctrine is that classification should not be arbitrary, artificial or
evasive.
In the present case, IT Rules, a classification is made between an SMI and an SSMI. The classification is made based on the number of registered users and the same is decided by the Government of India. This classification lacks intelligible differentia as there is no set guiding formula or principle to calculate the threshold limit of the users. It is based on the whims and fancies of the government and can be changed time and again without any due justification or consideration. Furthermore, these users are most likely to switch to SMI following the implementation of the regulation, and the propagation of bogus news will continue, hence, nullifying the whole premise of rule 4(2).
[2] The differentiation must be reasonable i.e., there must be a rational basis concerning the object which the authorities have in mind. For the justification of the
classification, the circumstances must be of the nature that this classification sub-serves the object sought to be achieved. Additionally, the classification shall be
based on the qualities and characteristics of the objective. In the present case, no rational nexus is established from this classification to the object sought to be achieved. Under Art. 14 of the Constitution every classification made must have justification and be free of arbitrary action.
Furthermore, additional due diligence has been grafted for an SSMI,to put larger
accountability on it when its platform/services are used for transmission of any
content/data that is ultra vires to the security of the state, public order or its sovereignty.
However, only registered users also carry a tendency to create havoc or disorder in society.
Hence, they are left in ambiguity and therefore, the said rule is unreasonable and violative of Art.
14.
Article 19(1)(a)
Art. 19(1)(a), Freedom of Speech and Expression is indispensable in a democracy. However, this freedom guaranteed is not absolute and is subject to restrictions stated in Art. 19(2). Pertinently, the restrictions imposed under Art. 19(2) should be reasonable.
However, in the present case, the test of reasonable restriction is provided under Art. 19(2) of The Constitution is not being fulfilled as rule 4(2) of IT rules 2021 is overbreadth and vague leading to a disproportionate chilling effect on speech. A restriction on speech is “overbroad” when it restricts both the speech that the government can legally restrict but also goes on to restrict speech other speech that is constitutionally protected. The provision has the potential to criminalize lawful speech and will lead to self-censorship.
Therefore, breaking the E2EE would create fear in the minds of journalists, civil society organizations, members of ethnic or religious groups, activists, academicians, and artists and they would not be freely able to express themselves on such platforms.
In the Shreya Singhal Case, the Hon’ble Supreme Court distinguished between discussion, advocacy, and incitement. It held that the first two formed the heart of constitutionally protected speech while inciteful speech may be legally restricted. Simply put, restrictions on speech that restrict inciteful speech are broad enough to go on to restrict discussion and advocacy is unconstitutional.
Therefore, the rule of actual malice should be incorporated on these platforms
and E2EE should only be broken for such individuals instead of a blanket rule on all
the users which would lead to restrictions on their fundamental right to freely express
their opinions and eventually lead to shaking the foundations of democracy.
Vagueness is characterised on two grounds: first, the law must provide a man of reasonable intellect with the opportunity to understand what is banned and what is not; and second, the law must provide precise norms to prevent arbitrariness and discrimination. The concept of vagueness can be used to invalidate legislation when both of these components are missing.
Furthermore, In the present case, the second proviso to Rule 4(2) states that an order cannot be passed if there are ‘other less intrusive means’ effective in identifying the originator of the information. The phrase is vague and is left at the discretion of the government to interpret the same as per their whims and fancies.
Article 19 (1)(g)
Article 19(1)(g), guarantees the Right to practise any profession or to carry on any occupation, trade or business. This right can be reasonably restricted in the interests of the general public as given under Article 19(6), of the Constitution. The term ‘General Public Interest’ under Art. 19(6) refers to the general welfare of the people that guarantees protection. In the case of Municipal Corporation of Ahmedabad v. Jan Mohammed Usman, the Hon’ble Supreme Court observed that the phrase “in the interest of the general public” has a broad meaning that encompasses public order, public health, public security, morals, communal welfare, and the things that are stated in parts IV and IV-A of the Constitution. Rule 4(2) is not in the interest of the general public on the following grounds-
First Trust and Privacy Concerns: End-to-end encryption provides a secure and private communication channel between users. Breaking encryption would erode trust in the platform, leading to users being less likely to use the platform for sensitive or commercially confidential communications. This could result in a reduction in business and trade activity.
Secondly Legal Implications: Intermediaries are protected from liability for the actions of their users under Section 79(2) of the IT Act. Breaking end-to-end encryption could potentially expose intermediaries to legal liability for the actions of their users.
Thirdly it would lead to Competition: Intermediaries that break end-to-end encryption may find themselves at a disadvantage compared to those that maintain strong privacy and security protections for their users. This could result in a loss of market share and a decrease in overall trade.
Fourthly it will impact Innovation: Encryption technologies play an important role in enabling new and innovative business models, particularly in the digital economy. Breaking encryption could stifle innovation and restrict the growth of the digital economy in India.
Section 79 only allows Respondent to prescribe the “due diligence” guidelines that intermediaries must observe to maintain their exemption from liability for third-party content on their respective platforms. However, Impugned Rule 4(2) seeks to impose obligations that fall far outside “due diligence”, as it forces fundamental alterations to Social Media Platforms by breaking end-to-end encryption and changing the fundamental nature of the services.
This would lead to a reduction in the number of users on SSMI and make that intermediary SMI. Furthermore, this leads to not having the burden of complying with rule 4(2) and therefore the purpose of controlling the fake news would not be achieved.
Article 21
In the case of K.S. Puttaswamy v. Union of India, the nine-judge bench of the Hon’ble Supreme Court held that “the Right to Privacy is constitutionally protected in India. The Court reasoned that privacy is an incident of fundamental freedom or liberty guaranteed under Art. 21.” Further, in the case of Ram Jethmalani v. Union of India, it was held that, “right to privacy also requires the state not to make any private information public about an individual which would violate his privacy.”
Moreover, in the case of K.S. Puttaswamy & Anr. v. Union of India & Ors.,
the Hon’ble Supreme Court held that to justify an intrusion into the fundamental right of privacy, the following four requirements must be satisfied: “(i) Legality, which postulates the existence of valid law; (ii) Necessity, defined in terms of a legitimate State aim; and (iii) Proportionality, which ensures a rational nexus between the objects and the means adopted to achieve them.
Firstly it suffers from the vice of illegality, The executive through a subordinate law may only formulate rules that are consistent with the Parent Act. Nothing in § 79 of the IT Act of 2000 shows that the legislature wanted to give MeitY the authority to compel service provider alterations to their technical design or to jeopardise user privacy.
Secondly, Having autonomy and control over our lives, essential elements of freedom in a democracy would be impossible if ongoing surveillance continued. A democratic society can never have the goal of monitoring people’s private lives in this way. Hence, This violates the principle of necessity.
Lastly, In the case of Kerala State Beverages (M&M) Corp. Ltd. v. P.P. Suresh, a minimization principle was laid down and the Hon’ble Supreme Court held that to be proportional, infringement of fundamental rights should be “be through the least restrictive alternatives”.
CONCLUSION
India took a daring step to control social media businesses by enacting the traceability requirement. Even while the government is right to address issues like child pornography and mob lynchings, requiring messaging platforms to implement en masse traceability for an indefinite period is unlikely to pass constitutional muster. Technological solutions can be investigated on the part of the intermediaries, such as using metadata to retrieve originator information or embedding originator information in the message itself with prior user authorization. The above research paper focuses on three main Articles of our constitution which are Articles 14, 19 and 21 the golden triangle. Rule 4(2) of IT Rules 21 directly hampers these basic fundamental rights. Rule 4(2) instructs the intermediaries to break the E2EE and provide the government with the information of the first originator, to curb the menace of Fake news and other problems, but to comply with this provision the government does not realise it directly takes away the basic fundamental rights of the citizens.
It affects Articles 21 and 19 as the right to privacy and free speech is being hampered as the transparency provided to the citizens using such platforms is being removed by breaking E2EE.
E2EE makes the platform a safe and secure platform where individuals can freely express themselves without the fear of being punished. Also in some aspects, the right that is given to every individual related to professing their profession is hampered as they would have to work according to the mechanism that the government wants them to comply with. They would have to break their basic working mechanism which is E2EE. Therefore going against the basis of Article 19(1)(g).
Also, the differentiation between SSMI and SMI is not rationale without any intelligible differentia therefore it goes against the fundamentals of Article 14.
The government and social media intermediaries must collaborate to find a solution that strikes a compromise between privacy and security, given the competing interests at play.
Institute of Law, Nirma University.
Suhani Agarwal