On April 6, 2023, the Ministry of Electronics and Information Technology (MEITY) notified amendments to the IT Rules in relation to the regulation of online gaming, fake news and grievance redressal.
Background
In January 2023, MEITY had released for public consultation, draft amendments to the IT Rules in relation to online gaming and fake news in India. Based on the concerns raised by the industry, nasscom had submitted feedback to the draft amendments on online gaming on January 25, 2023 and on fake news on February 20, 2023.
1. Amendments related to Online Gaming
The amendments offer a self-regulatory approach for the online gaming industry:
- Online games played for real money that are verified by a Self-Regulatory Body (SRB) may be offered in India. The verification by SRB is intended to weed-out betting and gambling games. Online games that are not deemed permissible may be being blocked in India. Entities enabling access to online real money games must disclose information about its policies and practices to users, and comply with certain due-diligence obligations.
- SRBs will create frameworks to verify online games, that must consider prevention of harm to users.
The online gaming industry in India takes this to be a welcome move. In a consultation organised by MEITY on April 7, 2023, the online gaming industry gave feedback that the formalisation of the online real-money gaming industry (as distinct from the gambling and betting industry), is likely to address the regulatory uncertainty that the industry had been operating under so far. In turn, this is likely to attract huge amounts of foreign investment in this industry in India.
Nasscom highlighted several concerns with the draft rules for line gaming. Six of these have been accepted. Here is a snapshot of the concerns highlighted by nasscom and addressed by the notified amendments is here:
|
S. No.
|
Nasscom’s recommendation
|
Notified Amendments
|
|
a.
|
Definition of online game – we suggested that the meaning of ‘deposit’ and ‘winnings’ under the definition of ‘online game’ be amended to reflect the intention of the government to regulate only real money games. The proposed draft could have been interpreted to include even gamified experiences in e-commerce or other industries which are free-to-play casual games and where the winnings have no value in the real world.
|
The overall idea that the regulation of online real-money games should not be placed at the same footing as other online games that don’t involve any money, has been accepted.
The notified amendments now define ‘online real money games’ as an online game where a user makes a deposit in cash or kind with the expectation of earning winnings on that deposit. It is now clear that the terms ‘in cash or kind’ would be in light of the term ‘real-money’.
|
|
b.
|
Definition of Online gaming intermediary – we suggested that certain types of intermediaries (such as cloud service providers) that only provide the backend storage on servers for online games to be made available by their publishers, should not be included in the definition of an online gaming intermediary.
|
The notified definition of an online gaming intermediary includes those intermediaries that enable the users of its computer resource to access one or more online games. We understand that this would exclude cloud service providers who don’t directly enable the users to access a game, but only provide the server space for the game.
|
|
c.
|
We had raised two concerns with the obligation on an online gaming intermediary to ascertain the registration of the online game from the SRB, before hosting, publishing or advertising it:
i. It is too onerous to comply with, as the SRB may not respond to enquiries about registration. As a suggestion we asked MEITY to mandate SRBs to publish a list of all registered online games on its website.
ii. It can end up being applied to many intermediaries, such as cloud service providers, who have no visibility into what they host.
|
This draft amendment has been removed from the notified amendments to IT Rules.
Instead, the mandate on online gaming intermediaries now is to make reasonable efforts to cause its users to not host, display, upload, modify, publish, transmit, store, update or share any information that is an online game that causes user harm, or is an online real-money game that has not been verified by an SRB.
Given that an online gameplay may be experienced differently by different users, the determination of ‘harm’ can be subjective. User harm is defined broadly to mean any effect which is detrimental to users. This can be compliance challenge for online gaming intermediaries, as there is no uniform understanding on what is ‘detrimental’.
Additionally, the notified amendments mandate:
i. SRBs to publish an updated list of all permissible online real money games that have been verified by the SRB, along with the details of such online games including the validity period, details of suspension or revocation of the verification etc.
ii. Online gaming intermediaries who enable access to permissible online real money games, to display verification mark of such online game. This is proportionate to the additional disclosure that must be made considering the risks associated with real-money online games as opposed to free-to-play online games.
|
|
d.
|
We had suggested that the proposed obligation on online gaming intermediaries to publish a random number generation certificate on their website should be there only in cases where online games use random number generators.
|
This proposed obligation has been removed altogether.
We believe that the requirement to check whether a proper random number generation certificate is being used by an online game might be placed under the dos and don’ts for SRBs (to be published in due course).
|
|
e.
|
User verification requirements – we had highlighted that compliances should be proportionate to the risk sought to be addressed. At the time of commencement of a user account, when no cash or cash equivalent is involved (in terms of deposit or winnings), a strict Know Your Customer (KYC) requirement of the level followed by financial institutions is unnecessary, not risk based, and may have unintended consequences.
|
Our suggestion has been accepted.
Notified amendments to IT Rules mandate RBI-level KYC by online gaming intermediaries only before accepting any deposit in cash or kind from a user.
|
|
f.
|
Board of Directors of the SRB – we had suggested the inclusion of an individual who has held a judicial office or possesses professional qualifications in law.
|
Our concern has been addressed.
Board of Directors of an SRB must consist of, inter alia, an individual having practical experience in the field of public policy, public administration, law enforcement, public finance or other relevant field, to be nominated by MEITY.
|
Other key highlights of the amendments related to online gaming are:
a. Addition of certain additional due diligence to only those online gaming intermediaries that enable user access to SRB-verified online real money games, such as: (i) appointment of Chief Compliance Officer, nodal contact person and resident grievance officer; (ii) publish its physical contact address in India; (iii) implement a mechanism to receive, track and resolve user complaints; (iv) providing option to voluntarily verify user accounts; (v) inform users of the money withdrawal policy, KYC procedures, measures taken to protect user’s deposit etc. These obligations have been introduced to keep at bay real-money online gaming services offered by off-shore entities, provide a strengthened grievance redressal to players and help them take informed decisions.
b. Obligation on online gaming intermediaries that enable user access to SRB-verified online real money games to not itself finance or enable financing by a third party, for the purpose of playing a real-money online game.
c. Procedure for the establishment of SRB, its constitution, legal structure, process of verification of an online real-money game, process for grievance redressal etc. Specific inclusions under the Memorandum of Association and Memorandum of Understanding of the SRB have been recommended. In a public consultation held on April 7, 2023, Hon’ble Ministry of State, MEITY, emphasized that SRBs must function independent of the online gaming industry.
d. Regulatory oversight powers of MEITY to:
- designate an entity as an online gaming SRB,
- direct such SRB to rectify improper verification of an online real-money game
- revoke or suspend the SRB, after giving the SRB an opportunity of being heard and recording reasons for such action in writing.
- consider the SRB’s reasoning of the verification of online real money game, while blocking access to the game, through its powers under section 69A of the Information Technology Act 2000.
e. Introduction of a transition period of 3 months from the date of designation of least 3 online gaming SRBs, before the obligations start applying.
f. Notify any online game to be subject to the obligations of a permissible real money online game, if it is necessary to do so in the in the interest of the sovereignty and integrity of India or security of the State or friendly relations with foreign States or public order, or preventing user harm.
2. Amendments related to Fake News
After these amendments, clause 3(1)(b)(v) of the IT Rules require that intermediaries make reasonable efforts to cause users not to upload or share any information that:
- deceives or misleads the addressee about the origin of the message; or
- knowingly and intentionally communicates any misinformation; or
- knowingly and intentionally communicates any information which is patently false and untrue.
- knowingly and intentionally communicates any information which, in respect of any business of the Central Government, is identified as fake or false or misleading by such fact check unit of the Central Government as the Ministry may, by notification, specify.
The underlined section is the new element added to this clause. The key change from the earlier draft put up for consultation is the removal of the reference to the PIB’s fact check unit.
In our feedback on the earlier draft, we had noted that the intended scope of the proposed change was difficult to determine. It was unclear if this is limited to online content made by the Central Government; or any information about the Central Government; or extends to any information in general.
We had cautioned, in particular, against this enabling any Government fact check unit being able to check any information on any subject held by any intermediary, as that would be overbroad.
This concern has been partially addressed in the final amendments through the insertion of “in respect of any business of the Central Government”. However, the final scope of the new clause remains unclear because the intended meaning of this underlined phrase is not defined.
If a wide reading is adopted, where “any business” is interpreted as a reference to the Allocation of Business Rules (AOBR), then this clause could extend to any information – as long as some connection to a line item in the AOBR is established. It is hoped that this can be further clarified in the future.
We had also noted that, the old rule (pre-amendment) was itself concerning because it did not require any intent to cause harm to be established and permitted content to be taken down just on the basis of it being untrue (capturing, therefore, legitimate speech like jokes or satire).
We had suggested taking up a dedicated discussion on the existing rule and also inviting feedback on alternative solutions. This suggestion was not pursued by MEITY, but future consultations on a Digital India Bill will hopefully afford us the opportunity to take this up.
3. Amendments related to Grievance Redressal
a. The amendments have introduced the ability of users to appeal to the Grievance Appellate Committee (GAC) if their grievance is not resolved within the timelines specified in the IT Rules. This is in addition to the existing option for users to appeal to the Grievance Appellate Committee against the decision of a Grievance officer. This will strengthen grievance redressal for users.
b. Under the provisions relating to the grievance redressal mechanism of intermediary, there is an obligation on the intermediary to prominently publish the details of the Grievance Officer and the mechanism to register a complaint against violation of these rules or any matter pertaining to the computer resource of the intermediary. The amendments have introduced an explanation that ‘prominently publish’ means publishing in a clearly visible manner on the:
- home page of the website, or
- home screen of the mobile based application, or
- both, as the case may be, or
- on a web page, or
- an app screen directly accessible from the home page or home screen.
The notified amendments are attached for reference.
For more information, kindly write to garima@nasscom.in or varun@nasscom.in with a copy to policy@nasscom.in.
