SOCIAL MEDIA & PRIVACY

Introduction

Part II of the Information Technology Rules 2021 (hereinafter referred to as the ‘IT rules 2021’) lays down the due diligence and grievance redressal methods to be undertaken by these intermediaries. Within this arises concern of breach in end-to-end encryption that intermediaries guarantee to their users. End-to-end encryption is also legally recognized and protected under Section 84A of the IT Act, 2000.

Requiring messaging services to enable the identification of the first originator of information on its platform may adversely affect the privacy of individuals

With the rising data privacy concerns, these encryptions have been ensured by and strengthened on various platforms like WhatsApp and Facebook Messenger. Rule 4, sub-rule (2) of IT Rules, 2021 directs “significant social media intermediaries” to have a mechanism in their interface that would allow identification of the “first originator” of certain messages (information) which have the capability of “disrupting public order”, and even those that are against the sovereignty and integrity of the country or defamatory in nature. Such information can then be provided on a request made through a judicial order passed by a competent court or through an order passed under Section 69 of the IT Act, 2000. One of the problems with authorizing the Government to access the information regarding “first-originator” of a message is, the breach of end-to-end encryption. For a message in order to trace a message, decryption is a prerequisite, and allowing such decryption violates the encryption policy of platforms like WhatsApp, Signal, and Messenger. Enabling traceability in any manner which is compatible, has been previously dismissed on account of being susceptible to spoofing which means providing unauthorized access to outsiders or even the government itself. This raises severe concerns regarding user-privacy and their sharing of content on such platforms after the implementation of the IT Rules, 2021. Provision is that it is visibly conflicting to its parent legislation, the IT Act 2000. Section 84A of the IT Act, 2000 empowers the government to provide encryption methods which mean that it helps “secure” the use of electronic medium. Contrary to this, the IT Rules, 2021, through Rule 4(2), provide for the weakening of such encryption, violating the purpose laid down in the IT Act, 2000. Thus, such handicapping of encryption which is guaranteed by intermediaries is indeed problematic and hence raises legislative concerns.

Conclusion

Therefore, the country has an obligation to ensure that its laws and policies do not flagrantly violate the freedoms enshrined in ICCPR. However, certain provisions of the new IT Rules purport to create an ecosystem where the right to exercise freedom of speech in the digital space, a freedom guaranteed under ICCPR, would be seriously jeopardized.

BY

Mansi S Bhavsar

5th Year B.A. LLB

Dr. D. Y. PATIL LAW COLLEGE, Pune

Leave a Reply

Your email address will not be published. Required fields are marked *