By K. Yatish Rajawat
IANS | November 1
India is ready to assign and define responsibilities in the freedom without responsibility internet world. Indian court and lawmakers want global Internet companies to be more responsible for the content on their websites. The Information Technology Intermediaries Guidelines draft was released on December 2018 and is opposed by most global Internet players. Like the rules on data localization the biggest arguments against these rules by these players is that it will split the Internet. The Internet has already been split into Chinese, EU and US Internet. It is a vacuous argument to see the Internet as one single entity where rules will be international and not national.
India is trying to control misinformation and fake news by assigning responsibilities to intermediaries. The government has guaranteed the Supreme Court that these rules will be enacted by January 2020. There are still several gaps in the rules that were made Ministry of Electronics and Information Technology (MEITY). The definition of market intermediaries is too broad and open. The definition needs to differentiate between the different category of players and responsibility needs to be assigned category wise.
The first category comprises of infrastructure providers - the access providers to the Internet like ISPs and a subset of them in the form internet cafe. ISPs have two kinds of information subscriber information of who all has bought access from them and IP addresses of access to a particular website. If the access is over a WiFi then it becomes difficult to trace the IP though it's not impossible. ISPs can block a website but the website still exists and can be accessed through a VPN. They can't be held responsible for content as they can't take down specific content unless. Hence their responsibility is limited and needs clarification.
The second category are platform providers. These are players who provide different services and are global players. If they are global players, they do not want to change their platform to meet the requirement of any national law. Global tech players view themselves as nation states and do not want other nations to dictate law to them. They want to dictate a law that will work for them globally. They don't want to reconfigure their platform around laws for each country as it would break their platform in multiple segments.
It also involves engineering cost plus customization to local laws leads to complication with US and EU privacy and data norms. This is there defence against hate content.
This stance is clear from their submission to the Delhi high court as reported by Medianama. Facebook said that it is an intermediary … and has no role in starting transmission, selecting the receiver of any transmission … selecting or modifying the information in the transmissions. Facebook also said it didn't have any obligations to proactively monitor content on its platform.
"Facebook also argued that the request for global blocking would result in a conflict of laws situation, as a global injunction might not be in accordance with laws in other jurisdictions and jeopardize Facebook's status as an intermediary in other jurisdictions, Medianama reports. The Delhi HC judge had said that the company has to globally disable access to content if the court directs such content to remove it. The reason the court wants global removal as just geo blocking does not work and they can still access the content through a VPN and other means.
Medianama report says, Twitter submitted that a global blocking order would run contrary to the ‘principles of state sovereignty in international law and the principle of international comity'. It said that the laws relating to free speech and defamation are not co-extensive and differ from country to country.
"Any order for a global takedown or global blocking would interfere with the rights of the people over whom the Court has no jurisdiction." Deriving the argument on principles of state sovereignty basically assumes Twitter sees itself as a nation state. And an order by Delhi HC does not really have jurisdiction over its functioning.
Global tech companies do not want to bend every national law. They want to negotiate for a single global standard typically emerging from their home country. Though almost every tech companies have made changes to their platform to meet China's state requirements not just law. Chinese government censorship rules apply to all internet intermediaries including search engine and was the reason Google exited China in 2010.
China does not allow internet companies to access its market if they do not follow its diktats. Messaging platform like WahtsApp with encryption are not allowed in China. China has split the internet and censored it for Chinese users most large US based internet giants are not present on the Chinese internet. EU interprets privacy more strictly than US and global tech companies have to play a balancing act.
While India's user base is large for global tech platforms the contribution to their revenue is minuscule as compared to EU or US. This means that India adds more to their valuation from user growth but does not really matter from a revenue perspective. Take Google India's revenues of Rs 4,147 crores from India in the financial year ending on March 2019 compared to its global revenues of $136.2 bn for the fiscal year 2018-19 ending on December 2018, basically a rounding error.
Therefore, India can chortle all it wants about its importance in Googleplex. The reality is that Google will not spend engineering dollars to reconfigure its global products to meet Indian legal requirements. The same goes for every global tech company.
US Internet v/s EU Internet
If revenue from India was as big as the user base than these companies would invest to engineer their product. It is easier and cheaper to fight regulations in India than to reengineer the product.
Meanwhile, the passage of the CLOUD Act in US means that all US based cloud companies –Google, Amazon, Facebook and Microsoft have to reveal data to US courts irrespective of where it is stored. This allow US government and countries which have signed a bilateral agreement with it to reach into a data centre anywhere in the world. This has already split the Internet into a US version where privacy of data is no longer applicable. Whereas European Union with its strict privacy laws under GDPR is struggling now to address the new version of US Internet.
Europe's premier data agency European data protection board (EPDB), says The US CLOUD Act procedure for service providers to file a motion to quash or modify an US CLOUD Act warrant, is limited and subject to several conditions." Service providers may not oppose the order on the ground of common law comity. What EDPB means is that US companies have very little defence to protect its data stored anywhere in the world to requests made by US and countries that have signed a mutual agreement. It gives the US government extraterritorial reach into data across the world.
EPDB's also says, The US CLOUD Act opens the possibility for service providers to intercept or disclose the contents of a wire or electronic communication in response to an order from a foreign government including real-time interception. This has repercussions on end-to-end encryption of WhatsApp if it is using Facebook's data centers to store its information. The US CLOUD Act also allows service providers to intercept or disclose the contents of a wire or electronic communication in response to an order from a foreign government this includes real-time interception. This is possible if the foreign government has entered into an executive agreement with the US.
Technically this opens up the possibility for say the UK government to look at the encrypted conversation on WhatsApp between Indian citizens. If tomorrow, Pakistan signs an executive agreement with US, it will get the same access while they will deny India and Indian courts this access. UK has already signed an agreement with US for access under the CLOUD Act.
Hypothetically, if all countries were sign an executive agreement with US the end-to-end encryption will be open to state surveillance. The opposition by these companies to India's endeavours to tackle fake news and hate content will be tested both in court and Parliament in the coming months. The CLOUD Act shows that the US has clearly broken the rules of fair play as would apply to Internet. China has already barricaded access to the Internet. India will now set the boundaries as the largest Internet market for the world.
(K. Yatish Rajawat is a journalist and policy analyst. The opinion expressed is personal. He can be reached at email@example.com, and his Twitter handle is @yatishrajawat)