India’s new rules for social media platforms

Do you know what is India’s new rules for social media platforms like Facebook, WhatsApp, and others?

Here I will explain India’s new rules for Facebook, WhatsApp and other social media platforms.

The Indian government has come up with a new set of rules and regulations to control social media platforms, messaging services, OTT platforms and news portals.

These regulations are called the Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules, 2021 (Rules).

These Rules would require compliance even by foreign tech-giants operating in India like WhatsApp, Facebook, Twitter, Netflix, Amazon etc.

The growth of digital media in India has largely been fuelled by a moderate regulatory framework in India up to now.

However, given the growing concerns around the information and content available over social media and OTT platforms, domestic and foreign, detailed regulations for digital media from the govt were imminent.

For social media platforms like Twitter, Facebook etc, the principles concentrate on issues like fake news, fake user accounts and monitoring of illegal content by platforms.

Greater compliances are placed on social media platforms with a larger user base. A key provision specific to messaging services is that the requirement to spot the originator of messages just in case of mischief.

Significant social media intermediaries — more on behaviour than stats

Social media platforms with a minimum of 50 lakh registered users are classified as significant social media intermediaries and are subject to maximum compliances.

However, the govt may require the other social media platform to also suits rules applicable to significant social media intermediaries if services of such platform create a material risk to the sovereignty or integrity of India.

While the particular implementation of this remains to be seen, at this juncture it appears that purely as a result of user behaviour, even smaller social media platforms may be brought under the ambit of stricter compliances under the principles.

If you’re doing business in India, you wish to be established in India

All significant social media intermediaries are required to appoint:

  • a Chief Compliance Officer
  • a Nodal Contact Person
  • and, a Resident Grievance Officer

Each of the above is required to be Indian residents.

The Rules also necessitate significant social media intermediaries to have a physical contact address in India.

This mandatory physical presence in India will have significant implications for foreign players in terms of setting up infrastructure and deployment of resources and taxation.

However, the absence of a registration or a compulsory licensing framework for digital media businesses will hopefully still garner interest from foreign players to line up operations in India.

Active monitoring of harmful content — shifting the responsibility to ‘intermediaries’

In a departure from the previously applicable Information Technology (Intermediary Guidelines) Rules, 2011 (2011 Rules), significant social media intermediaries are now required to endeavour to deploy technology-based measures, including automated tools to spot information that depicts rape, child sexual assault or conduct, or information that has previously been removed.

The rules also require maintenance of appropriate human oversight, and periodic review of automated tools. Such active monitoring by intermediaries dilutes the safe harbour protection that was available to intermediaries under the 2011 Rules.

Verification of users — security or risk to privacy?

Significant social media intermediaries are to supply a mechanism for verification of user accounts, e.g. through mobile numbers.

Verified users are to be identified by a demonstrable mark like a tick or dot. Though such verification by users is voluntary, it’s going to still be a setback for user privacy.

A platform’s use of private information provided by users is subject to the platform’s privacy policy, to which users typically haven’t any option but to consent.

User information provided for verification will simply become a part of the info under the privacy policy that platforms are entitled to gather and use.

Identification of ‘first originator’ of data

Messaging services (with quite 50 lakh users) are going to be required to enable identification of the primary originator of data if required by a writ or an order of the govt under Section 69 of the IT Act.

Such identification of a user brings into question the end-to-end encryption offered by services like WhatsApp, Telegram, Signal, etc.; and whether identifying a user because the “first originator” of mischievous information accurately is practically possible for a platform.


Comment below what is your opinion on these new rules 2021?

Also read:

Facebook Ads after new iOS 14 version

Leave a Comment