MeitY's proposals turn online companies into censors and undermine encryption.
Last week, the Indian government proposed sweeping changes to the legal protections for "intermediaries", which affect every internet company today. Intermediary liability protections have been fundamental to the growth of the internet as an open and secure medium of communication and commerce. Legal provisions such as Section 79 of the Information Technology Act in India (under which these new rules are proposed), Europe's E-Commerce Directive, or Section 230 of the US’ Communications Decency Act ensure that companies generally have no obligations to actively censor and limited liability for illegal activities and postings of their users, until they know about it. In India, the landmark Shreya Singhal judgment had clarified in 2015 that companies would only be expected to remove content when directed by a court order to do so.
According to Mozilla, the new rules proposed by the Ministry of Electronics and Information Technology (MeitY) are blunt and disproportionate solutions to the problem of harmful content online. The rules propose that all intermediaries, ranging from social media and e-commerce platforms to internet service providers, be required to proactively remove "unlawful" user content, or else face liability for content on their platform. They also propose a sharp blow to end-to-end encryption technologies, used to secure most popular messaging, banking, and e-commerce apps today, by requiring services to make available information about the creators or senders of content to government agencies for surveillance purposes.
Mozilla recognises that harmful content online – from hate speech and misinformation to terrorist content – undermines the overall health of the internet and stifles its empowering potential. However, the regulation of speech online necessarily calls into play numerous fundamental rights and freedoms guaranteed by the Indian constitution (freedom of speech, right to privacy, due process, etc), as well as crucial technical considerations. This is a delicate and critical balance and not one that should be approached with hurried policy proposals.
Mozilla’s five main concerns are summarised here, and they will be further detailed in an official filing to MeitY: