Pages

Tuesday, March 8, 2011

Indian Government Plans To Regulate Online Content & Blogs - Medianama.com


As a part of the rules being finalized to supplement India’s Information Technology Amendment Act 2008, rules are being included that will indirectly allow the Indian government to control content being published on the Internet. This is hardly surprising: last week, at the CII Content Summit, three government functionaries – Information & Broadcasting (I&B) Minister Ambika Soni, TRAI Chief JS Sarma and I&B Secretary Raghu Menon, had all mentioned concerns about content on the Internet, even as they tried to downplay content regulation:
- Sarma said that “How do you control the Internet? That is baffling and challenging, and it is fraught with issues of freedom and security. Security in terms of physical security and others. This will have to be studied over the course of next few months or the next year or so.”
- Menon pointed towards the UK and issues of pornography, saying that the IPTV Association in the UK is in contact with the ISPs to ensure that the ISPs provide regulated content. People who are concerned about this, they’re approaching the ISPs for what is appropriate or not. This is a subject which is outside the purview of the ministry I work in.”
Menon works in the I&B Ministry, and this modus operandi of dealing with ISPs would be the mandate of the Ministry of Information Technology, which is putting into place these rules for regulating content through ISPs. A few things to note from the rules (download) that have been drafted:
1. Definition of Blogs, Bloggers & Users: This is tricky: blogs do two things – they publish content, and have user generated content in the form of comments. at one level, they are a publisher, and at another, an intermediary. The guidelines however, clearly define a blogger only as a user, and that a blog is  ”a type of website, usually maintained by an individual with regular entries of commentary, descriptions of events, or other material such as graphics or video.” This is generic, and could mean any online publication, including ours, and online publishers would also come under the ambit of the definition of the term ‘users’. What is odd, is that the rules specifically define blogs and bloggers, when there is no apparent reason for doing so.
2. What can they block you for? There’s a problem with how wide the offenses under which you can be blocked, are defined. ISP’s and other intermediaries have to notify users (including online publishers and bloggers) not to use, display, upload, modify, publish, transmit, update, share or store any information that:
- (a) belongs to another person; (d) infringes any patent, trademark, copyright or other proprietary rights;
Our Take: this should be covered under the Copyright Act, not IT Act.
- (b) is harmful, threatening, abusive, harassing, blasphemous, objectionable, defamatory, vulgar, obscene, pornographic, paedophilic, libellous, invasive of another’s privacy, hateful, or racially, ethnically or otherwise objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever; (g) causes annoyance or inconvenience or deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;
Our Take:
 There goes most of the Internet. Using phrases like ‘objectionable’, ‘disparaging’, annoyance and inconvenience, which are highly subjective, the government has given itself the power to block anything they want. Remember that if someone publishes a libelous comment, or a hateful comment, for which an online publisher should be an intermediary, the Government has the power to block the publisher. This post might annoy the government, so there goes MediaNama.
- (j) threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign states, or public order or causes incitement to the commission of any cognisable offence or prevents investigation of any offence or is insulting any other nation.
Our Take: Clearly, a move that seeks to ensure that gives the Indian government has the same powers as a Hosni Mubarak had in Egypt, and was in a position to block access to any site that might be used to organize demonstrations. Again, remember that telecom operators are also intermediaries, so it impacts all mobile connections.
- (f) discloses sensitive personal information of other person or to which the user does not have any right to”
Our take: what happens to social networking sites, which are full of such information (particularly photographs published without explicit consent)? What of whistleblowing blogs or sites – does this give the Indian government, for example, the right to block Wikileaks in India, if they find that details of Swiss Bank account holders has been disclosed?
How they’ll block sites
The government has taken adequate measures to ensure that the process by which a request for blocking of sites goes through several check-points (page 29 onwards of these rules; pdf): Any complaint that has been sent to a Nodal officer can only be forwarded to a Designated Officer after it has the approval of the Chief Secretary of the concerned State or Union territory. Then the request is looked into by a Committee, which has a Designated Officer as its chairperson, and representatives not below the rank of Joint Secretary in the Ministries of Law and Justice, Home Affairs, Information and Broadcasting and the Indian Computer Emergency Response Team. An order can be issued by the Secretary (Department of IT) to intermediaries (ISP), via the designated officer, to block access to the sites.
However, in case of an emergency (page 31 of these rules; pdf), the Designated Officer can expedite the blocking of any site by submitting a specific recommendation to the Secretary, Department of Information Technology, though this will have to be examined by a committee within 48 hours. The other instance is in case a court issues orders blocking of certain information on the web.
So, what does this mean?
It means that given that the Indian government is unable to control content on the Internet, it is giving itself enough powers to control access of its citizens to that content, by controlling the ISPs. The process by which it can block sites is fairly bureaucratic, and it will be difficult for a request from a normal citizen to be entertained. But what is alarming is that the government itself has enough opportunity, given how vague the reasons for blocking are, to block anything it wants to block. While you can hope for some maturity, we’d like to remind you what can go wrong if any entity in that chain of command is incompetent, or has malicious intent: in 2006, following orders to block certain sites, access to all blogs was blocked.


By Nikhil Pahwa at http://www.medianama.com/2011/02/223-indias-draft-blogger-guidelines/



Draft rules proposed by the Indian government for intermediaries such as telecommunications companies, Internet service providers and blogging sites could in effect aid censorship, according to experts. Under the draft rules, intermediaries will have to notify users of their services not to use, display, upload, publish, share or store a variety of content, for which the definition is very vague, and liable to misuse. Content that is prohibited under these guidelines ranges from information that may "harm minors in any way" to content that is "harmful, threatening, abusive." Some of the terms are so vague that to stay on the right side of the law, intermediaries may in effect remove third-party content that is even mildly controversial, said Pavan Duggal, a cyberlaw consultant and advocate in India's Supreme Court.  While the definition of some of the terms like obscenity have been ruled on by India's Supreme Court, some of the other terms do not have a precise legal definition, said Pranesh Prakash, program manager at the Centre for Internet and Society, a research and advocacy group focused on consumer and citizen rights on the Internet. "Would creating a Facebook profile for a minor, for example be considered as harming a minor ?" Duggal said.  The draft rules are secondary legislation framed by the government under the country's Information Technology (Amendment) Act of 2008. Under the IT Act, an intermediary is not liable for any third-party information, data, or communication link made available or hosted by him, if among other things, he has observed due diligence under the draft rules. The new rules will give rise to subjective interpretations, thus giving a lot of discretion to non-judicial authorities in the country to decide whether the intermediary has observed due diligence or not, Duggal said. 
According to the draft rules, an intermediary has to inform users that in case of non-compliance of its terms of use of the services and privacy policy, it has the right to immediately terminate the access rights of the users to its site. After finding out about infringing content, either on its own or through the authorities, the intermediary has to work with the user or owner of the information to remove access to the information.  

Rather than recognizing the diversity of the businesses of intermediaries, the draft rules use a "one-size, fits all" set of rules across a variety of intermediaries including telecom service providers, online payment sites, e-mail service providers, and Web hosting companies, Duggal said.  
An intermediary such as a site with user-generated content, like Wikipedia, would need different terms of use from an intermediary such as an e-mail provider, because the kind of liability they accrue are different, Prakash wrote in his blog.  
he draft rules also add new provisions that appear designed to give the government easier access to content from intermediaries. Intermediaries will be required to provide information to authorized government agencies for investigative, protective, cybersecurity or intelligence activity, according to the rules. 
Information will have to be provided for the purpose of verification of identity, or for prevention, detection, prosecution and punishment of offenses, on a written request stating clearly the purpose of seeking such information, the rules add.  
The IT Act already has specific procedures in this connection for very specific information requirements, but the draft rules have broadened this to a general requirement for intermediaries to provide information, Prakash said. The new rule could in fact be a way of circumventing the earlier laws, he added. 
The draft rules assume significance in the context of recent moves by the Indian government to get Research In Motion to provide access to information on BlackBerry services in India. While providing lawful access to its consumer services like BlackBerry Messenger, RIM has declined to provide access to its corporate service, BlackBerry Enterprise Server, claiming that it does not have access to customers' encryption keys. 
The Indian government has previously also said it would demand lawful access from Google's Gmail and Skype, but has not taken any action so far in this direction. 
The draft rules will require compliance from a number of entities who until now had thought they were outside the ambit of compliance, Duggal said.

Google did not immediately respond to e-mailed requests for its comments on the new rules. Microsoft said that the government should set the policy objectives and provide directional framework, and still allow flexibility to intermediaries to set the data protection measures as they deem fit for different situations and services. 
"We believe that the intermediary should be obliged to take down non-compliant content on being notified of the same as well as terminate access rights for those who use these platforms for dissemination of non-compliant content," Microsoft said in an e-mailed statement. Non-compliance include, but is not limited to, copyrights, it added.
John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address isjohn_ribeiro@idg.com

No comments: