Topics In Demand
Notification
New

No notification found.

MEITY: Release of an FAQ on the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
MEITY: Release of an FAQ on the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021

November 2, 2021

345

0

On November 1st, 2021, the Ministry of Electronics and Information Technology (“MEITY”) released a set of Frequently Asked Questions (“FAQs”) on the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ("Rules"). We had previously provided an overview of these Rules here.

The FAQs are restricted to Part II of the Rules which seek to define the obligations considered as "due diligence" expected from intermediaries for them to avail of the "safe harbour" under Section 79 of the Information Technology Act of 2000. This Part also imposes additional requirements on entities qualifying as significant "social media intermediaries" ("SMIs").

Some key highlights of the FAQs are as follows:

  • They try to narrow the definition of an SMI by discussing some indicative features to clarify the phrase "enables online interaction". These features include enabling users to: (i) engage in socialising or social networking (ii) increase their reach and following (iii) interact with unknown persons (iv) make content go viral by sharing.
  • They also clarify that intermediaries will not be treated as an SMI if their primary purpose to enable commercial or B2B transactions, provide internet access or provide specific services, such as "search engine services, search-engine services, e-mail service or online storage service, etc.". This is not an exhaustive list.
  • They attempt to clarify expectations in relation to takedown requests from an appropriate government/approved agency by stating that these should contain: (i) the platform-specific identified URL(s) (ii) the law being administered by that government body and the specific legal clause being violated (iii) justification and evidence and (iv) other relevant information (e.g., time stamps for videos).
  • They attempt to circumscribe the kinds of data to be retained by intermediaries about users at the time of account registration by stating that this should cover "mainly the location, time and date stamp of the user to understand when and where the account was created". 
  • They clarify that, while significant SMIs cannot appoint the same person to serve as the Chief Compliance Officer and the nodal contact person, they can appoint the same person to concurrently be the latter and the Resident Grievance Officer ("RGO"). Further, a parent SSMI can have the same set of officers across products and services. 
  • They also clarify which content-related actions taken by a significant SMI when "acting on its own accord" need to be notified to users under rule 4(8). These are: taking down content that is prohibited under any law and (ii) taking down content in accordance with their grievance redressal mechanism on the advice of their RGO.  
  • They clarify that MEITY can only call for additional information from SSMIs that pertains to their grievance redressal mechanism or what the Miinistry can seek under the IT Act for implementing Part II of these Rules and that this would typically exclude "any commercially sensitive, trade secret or otherwise confidential information".

Notably, the FAQs are also intended to be an "evolving" document. This suggests that they may be updated from time to time as and when issues with the implementation and interpretation of the Intermediary Rules 2021 arise. This is a generally practical and flexible approach and allows for guidance on the Rules to be updated as and when needed. 

However, as MEITY also clarifies on Page 1, the FAQs are not a binding legal document. They cannot prevail over or go beyond what is in the Rules and cannot be used to restrict or modify the application of the letter of law in those Rules. This is necessary to remember when considering reliance on the FAQs.  

NASSCOM has been engaging with MEITY on different aspects of the Intermediary Rules 2021 since they were notified in February 2021. One concern raised in these engagements is the need for MEITY to release a Standard Operating Procedure (SOP) to clarify how authorised agencies may be appointed by Appropriate Governments under Rule 3(1)(d). 

MEITY has now indicated that such a SOP is currently being developed (see here) and is likely to be released soon. We are following these developments closely and will keep issuing updates as and when necessary. Should you have any questions in relation to the FAQs or NASSCOM's engagement on issues pertaining to these Rules, please reach out to varun@nasscom.in or apurva@nasscom.in


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


images
Varun Sen Bahl
Manager - Public Policy

Reach out to me for all things about data regulation, cybersecurity policy, and internet governance.

© Copyright nasscom. All Rights Reserved.