- Recently, messaging platform WhatsApp has moved the Delhi High Court to challenge the traceability provision in the New IT Rules 2021
- It requires intermediaries to enable identification of the first originator of information on their platforms.
- Rule 4(2) of the Intermediary Rules states that a significant social media intermediary providing services primarily in the nature of messaging shall enable the identification of the first originator of the information on its computer resource as may be required by a judicial order or an order passed by a competent authority under the Information and Technology (IT) Act 2000
- Failure to comply with this requirement would take away the indemnity provided to social media intermediaries under Section 79 of the IT Act
- This breaks end-to-end encryption and impermissibly infringes upon users’ fundamental Rights to privacy and Freedom of speech
- Article 19(1)(a) of the Indian Constitution guarantees the freedom of speech and expression.
- The right to privacy is protected as an intrinsic part of the right to life and personal liberty under Article 21 and as a part of the freedoms guaranteed by Part III of the Constitution (Puttaswamy Judgement 2017)
- States throughout the world have recognised the “important benefits” of end-to-end encryption and the dangers of undermining that security protocol.
- Freedom of Speech and Right to Privacy encourages users to express their ideas and opinions, report unlawful activities, and challenge popular views without fear of reprisal, whereas enabling the identification of the first originator of information in India subverts privacy and discourages free expression of views.
- Such a requirement would put journalists at risk of retaliation for investigating issues that may be unpopular, civil or for discussing certain rights and criticizing or advocating for politicians or policies.
- Clients and attorneys who could become reluctant to share confidential information for fear that the privacy and security of their communications are no longer ensured.
- Traceability would not be effective in finding the originator of a particular message because people commonly see content on websites or social media platforms and then copy and paste them into chats.
- It would also be impossible to understand the context of how it was originally shared.
- It says any intermediary shall not be held legally or otherwise liable for any third party information, data, or communication link made available or hosted on its platform.
- Third party information means any information dealt with by a network service provider in his capacity as an intermediary.
- This protection shall be applicable if the said intermediary does not in any way initiate the transmission of the message in question, select the receiver of the transmitted message and does not modify any information contained in the transmission.
- It is not granted if the intermediary, despite being informed or notified by the government or its agencies, does not immediately disable access to the material under question.
- The intermediary must not tamper with any evidence of these messages or content present on its platform, failing which it loses its protection under the Act.
- End-to-end encryption was designed to help ensure that nobody other than the person you are talking to can know that you sent a particular message. This is the exact opposite of traceability, which would reveal who sent what to whom.
- End-to-end encryption is a system of communication where only the communicating users can read the messages.
- Traceability would force private companies to collect and store who-said-what and who-shared-what for billions of messages sent each day. This will require platforms to collect more data than they need, solely for the purpose of turning it over to law enforcement agencies.
SOURCE: THE HINDU,THE ECONOMIC TIMES,MINT