The Union government on Thursday formally outlined the Digital India Act, 2023 which is a broad overhaul of the decades-old Information Technology Act, 2000. Rajeev Chandrasekhar, Minister of State for Electronics and Information Technology, announced the changes in a presentation in Bengaluru.
The government is reconsidering a key aspect of cyberspace — ‘safe harbour’, which is the principle that so-called ‘intermediaries’ on the internet are not responsible for what third parties post on their website. This is the principle that allows social media platforms to avoid liability for posts made by users.
Safe harbour has been reined in in recent years by regulations like the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, which require platforms to take down posts when ordered to do so by the government, or when required by law.
From the 2000s onward, Mr. Chandrasekhar said, platforms for which safe harbour was applied as a concept “have now morphed into multiple types of participants and platforms on the internet, functionally very different from each other, and requiring different types of guardrails and regulatory requirements.”
Explained | The amendments to the IT Rules, 2021
Mr. Chandrasekhar also signalled that social media platforms’ own moderation policies may now take a backseat to constitutional protections for freedom of expression. “Fundamental speech rights cannot be violated by any platform,” the Minister said, “but there is certainly a case that can be made that weaponisation of disinformation is not the same as free speech, and that needs to be addressed.”
An October 2022 amendment to the IT Rules, 2021 says that platforms must respect users’ free speech rights. Three Grievance Appellate Committees have now been established to take up content complaints by social media users. Since the appellate committee portal’s launch on March 1, seventeen appeals have already been filed, according to the website’s dashboard.
A slew of such digital legislation is now likely to be subsumed into the Digital India Act, the Minister indicated.
The Minister highlighted other aspects that the Digital India Act would cover, such as Artificial Intelligence (AI), deepfakes, cybercrime, competition issues among internet platforms, and data protection. The government put out a draft Digital Personal Data Protection Bill last year, and Mr. Chandrasekhar said that it would be one of the four prongs of the Digital India Act, with the National Data Governance Policy and amendments to the Indian Penal Code being others, along with rules formulated under the Digital India Act.
Explained | The danger of deepfakes
Mr. Chandrasekhar said that the new law would seek to address “new complex forms of user harms” that have emerged in the years since the IT Act’s enactment, such as catfishing, doxxing, trolling, and phishing.
A new “adjudicatory mechanism” for criminal and civil offences committed online would come into place, Mr. Chandrasekhar said. An amendment to the Companies Act, 2002 may also be required, he said in his presentation.
The government will hold multiple rounds of consultations with the public and industry stakeholders to arrive first at the principles for this Act, and subsequently to iron out a draft that will be put out by the Ministry, Mr. Chandrasekhar said, pointing out that “the internet and the tech ecosystem in general has evolved significantly since 2000, when the IT Act first came into being.”
The Minister declined to provide a timeline for when the draft would be introduced in Parliament. “We want to make sure that [the Bill] is extensively consulted, that anybody who has any misgivings” or with inputs would be consulted, he said. “We will criss-cross the country and do this consultation. If it takes another five months, so be it,” he added.