The IT Rules expanded scope and potential places of application were examined in the first part. The second part examines two special mentions relevant to SMI’s scope. Further, building upon previously highlighted issues within the IT Rules, light shall be shed on the dilemma of registered users.
Special Mentions concerning SMI’s Scope
First Special Mention – While the digital players listed above are important, there is another service provider which is, currently, potentially speaking the most relevant. It’s due to its relevance that it deserves a special mention. I am referring to Search Engines, essentially the forefront of the internet a common man uses. To the best of my knowledge, it is the only unusual applicant under the definition of SMI that has challenged their treatment. A single Delhi High Court bench on 20th April 2021 issued directions to Google, under the authority of the IT Rules 2021 while treating them as an SMI. The direction is considerably important as it sets a precedent of treating search engines as SMI’s and thus putting them under the purview of the IT Rules, 2021. On 2nd June 2021, Google challenged this direction, arguing that they are “aggregators”, and not SMI’s. Google has also claimed that they only categorize content, not publish it. However, Google too allows public discussion in its listing, such as reviewing movies, places etc. online. The Court’s decision in this matter might display the executive’s attitude towards other unexpected SMIs.
Second Special Mention – The government of India on 26th May 2021 had written to Apple in regards to Apple’s iMessage’s compliance with the IT Rules, 2021. This letter was however withdrawn on the 15th of July 2021, the reason being that iMessage is not an SMI due to it not “primarily or solely” being a messaging service provider enabling communication between users. The government reached this conclusion due to the app not being standalone, as it is exclusive to Apple and the fact that it cannot be downloaded on any other devices. A senior government official also rhetorically speaking dismissed the fears of gaming and food delivery platforms being SMI. However, the senior government official’s claims have already been criticized and argued against by senior industry executives. This decision has also been said to be “discriminatory” and is expected to affect consumer choices in favour of Apple, as it effectively makes them the only major E2EE provider in India. However, it must be noted that no clear communication has been granted to all the other potential applicants under the IT Rules, 2021.
From the above examples and cases, it is visible that the IT Rules 2021 are far more powerful than thought. On the face of it, one might even assume that the IT Rules will be going beyond the scope of the term SMI via the term “online interaction” if they do confirm the inclusions of the services listed above. According to legal experts, email, search engines etc. were excluded from the purview of SMI’s via an earlier iteration. Doing the same would be a good move, and would also align the IT Rules, 2021 with the Personal Data Protection Bill, 2019.
The Ministry of Electronics and Information Technology recently published the ‘Frequently Asked Questions on The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (hereinafter referred to as FAQs). While the FAQs do attempt to solve the vague definition of SMIs, by clarifying that intermediaries whose main aim is to enable commercial transactions, such as Search Engines, e-mails, are beyond the scope of SMIs, they fail to do so comprehensively. This is because the mentioned clarification FAQ is preceded by the word “typically” (FAQ 12), indicating that the exclusion of commercial transactions related intermediaries is not absolute, and is still at the mercy of the IT Rule’s executioners. The same statement is backed by Google’s inclusion as an SMI, despite the FAQs (above mentioned “First Special Mention”). Moreover, CAM, a leading law firm in the country, in their blog post analyzing the FAQ’s also noted the fact that despite their well-welcomed attempt to clarify the scope of SMI’s, they fail to specify a clear test that allows us to determine what entails as “primarily” enabling online interaction.
The Dilemma of Registered Users
Moving on to the second issue, there currently exists a glaring void of clarity behind the term “registered users” (hereinafter referred to as RU). As mentioned above, according to Rule 2 (v) “Significant Social Media Intermediaries” is differentiated from the usual “Social Media Intermediaries” via a set threshold of RU’s, which is decided by the government. The current threshold is at 50 lakhs registered users. One must realize the significance of the term “registered users”, as it is this very term that draws the distinction between SMI’s and SSMI’s. In accordance with its significance, and the general norm, “registered users” should have been defined under Rule 2, i.e. “Definitions”. However, the same has not been done, leading to an aura of mystery on the exact technicalities of the term causing confusion, uncertainty and worries. The worries are justified, as SSMI’s have to practice “additional due diligence” along with the usual “due diligence” followed by an SMI.
The lack of an official definition, coupled with the tin-eared government has led to the rising of several burning questions. One of them is the exact process and methodology of counting the registered users of an SMI. The urgent need for clarification cannot be overemphasized, as there are different categories of users based on time and activity such as daily active users (DAU), weekly active users (WAU) and monthly active users (MAU). According to the previously mentioned FAQs released by MEITY, RU’s will be counted in the form of users who have created an account with the SSMI. Not only does this fail to provide a clear definition, but this description also leads to its own set of problems. Often users go dormant and never open their accounts due to a plethora of reasons. Deletion of accounts is the exception to the norm. A single individual holding multiple accounts is not surprising today, and in fact, might even be considered to be something very natural. Will the accounts be treated as a single individual or as different RU’s? A solution to this would be verifying the true identities of users, which would in most probability amount to an invasion of privacy. It would also be a humungous next-to-impossible plan to implement.
Further, while traversing the alternative path of counting the total RU’s of a platform lays the greatest enemy to the definition of “registered users”, which is artificially inflated registered users counts, also known as “bots”. By the ninth month of 2020, Facebook alone had taken down about 4.5 billion bot accounts, which is roughly equal the 60% of the entire world’s population. While technology and SMI’s are taking giant leaps in regulating them, fake accounts and bots are still very real.
A possible differentiation between free accounts and paid accounts also exists in this equation of confusion. The culmination of these factors might create a deceptive mirage instead of displaying an accurate count of “registered users”.
Conclusion
To conclude, while the IT Rules, 2021 might be well intended; their execution alongside the accompanying lack of clarity is a serious cause of concern. More interaction between the government and intermediaries is needed. Along with this, it is essential that the Rules should display the will of the citizen’s of India. The “Rules”, would have a greater effect if they were an “Act” or even a “Provision”, signifying the parliamentary participation in them and thereby symbolizing the burning spirit of India’s flame of democracy and constitutionality.
Author(s) Name: Kabir Singh (OP Jindal Global University, Sonipat)
