The story so far: The Union government formally outlined a proposed version of the Digital India Act, 2023 — the legislative framework expected to replace the Information Technology (IT) Act, 2000 — in Bengaluru on Thursday.
According to Minister of State for Electronics and Information Technology Rajeev Chandrasekhar, the new legislative framework will reconsider the concept of safe harbour — the principle that so-called ‘intermediaries’ on the internet are not responsible for what third parties post on their website, as well as aspects like Artificial Intelligence (AI), deepfakes, cybercrime, competition issues among internet platforms, and data protection.
The Digital India Act (DIA) will be a four-pronged legislation, out of which a draft Digital Personal Data Protection Bill was put out by the government last year. The other prongs are the DIA rules, the National Data Governance Policy, and amendments to the Indian Penal Code.
Why do we need the Digital India Act?
India today has 850 million internet users, compared to 5.5 million users in 2000. According to the central government, India is the world’s largest “digitally connected democracy”. The internet is largely governed by the IT Act, 2000, which, according to the government, was created for the nascent internet ecosystem in pre-digital India. A lack of provisions on user rights, and trust and safety, among other challenges, limit the IT Act and are why an updated version of the Act is needed.
Over the years, an evolving internet has also meant evolving, sophisticated forms of cybercrimes like doxxing, cyber stalking, and online trolling and the 23-year-old IT Act is not well-equipped to deal with these. The internet has also evolved from being a source of information to also being a platform for disinformation and fake news.
Lack of data and privacy protection are also shortcomings of the current laws that regulate the internet and cyberspace in India, giving rise to the need for an overhaul.
Digital India Goals 2026
Global Standard Cyber Laws
Global standard cyber laws, proposed under the Digital India Act, 2023, are aimed at helping India reach the target of a $1 trillion digital economy.
What are the aims of the DIA?
The Digital India Act, 2023 aims to achieve the following goals:
Evolvable digital law: Form evolvable rules that are consistent with the changing trends in technologies and can be updated according to the needs of the country’s digital infrastructure.
Adjudicatory mechanism: Offer an easily accessible adjudicatory mechanism for online civil and criminal offences. This mechanism should be able to deliver timely remedies to citizens, resolve cyber disputes, and enforce the rule of law on the internet.
Principles and rules-based approach: The DIA will provide a legislative framework keeping overarching governing principles in mind to ensure compliance.
Key components of the DIA
Open internet: According to the central government, open internet should have — choice, competition, online diversity, fair market access, ease of doing business as well as ease of compliance for startups. These characteristics prevent the concentration of power and gatekeeping.
Online safety and trust: The Act will focus on safeguarding users against cyber threats— like revenge porn, defamation, and cyberbullying—on the internet as well as the dark web. It aims to push for digital rights like the Right to be Forgotten and the Right to Digital Inheritance, protect minors and their data from age-gating addictive technology, and moderate fake news on social media platforms.
The proposed version also asks for Know Your Customer (KYC) requirements for users of privacy-invading devices like spy camera glasses and other wearable technology.
Monetisation rules for platform-generated as well as user-generated content may also undergo an overhaul to bring it in line with the DIA.
Accountable internet: The Act aims to make internet users and activities more accountable by introducing legal mechanisms for redressal of complaints, upholding constitutional rights in cyber spaces, algorithmic transparency and periodic risk assessments, and disclosure norms for data collected by intermediaries.
Mr. Chandrasekhar declined to detail a timeline to introduce the Digital India Act, 2023 in Parliament. But, before this happens, the government wants to go through a comparative study of relevant global laws and create a draft Bill in consultation with experts, general public, industry, media, academia, student community, internet governance forums and consumer forums. This will be followed by a draft Cabinet note before the final version of the Bill is released.