IT Rules financially overwhelming for intermediaries: IAMAI report

Social media Intermediaries dealing with large volumes of user-generated content said that they are financially overwhelmed by the singular timeline for the takedown of all grades of harmful content. They also said that being identified as a significant social media intermediary for having 5 million users is “onerous” in terms of ease of doing business. Platforms offering encrypted services reiterated that introducing traceability was “technically impossible” without breaking encryption. 

These findings were revealed in a joint report by The Dialogue and Internet And Mobile Association of India (IAMAI), published July 4. The findings were based on 82 inputs from multiple industry stakeholders including platforms, lawyers, public policy professionals, safety organisations, and cybersecurity experts. 

IAMAI said that this is the first impact study on Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021, which was enforced in February 2021 in the name of making intermediaries more accountable to users and the law of the country. 

The IT Rules 2021 require significant social media intermediaries (platforms with over 5 million users) to observe additional due diligence and appoint a grievance redressal mechanism along with three officers. It also requires them to identify the first originator (first person to publish the content) of any information that is deemed unlawful and respond to content takedown requests within 36 hours. 

The IAMAI report further found that deployment of proactive monitoring should be enforced on a “best effort basis only” to ensure free expression is not impacted. The IT Rules 2021 require intermediaries to build automated tools for proactive monitoring. The respondents also opposed the personal liability of the chief compliance officer (CCO). Under the IT Rules 20221, CCO can be held liable for third-party content for failure to ensure due diligence on part of the intermediary. The respondents said that it is inconsistent with principles of criminal law and has increased the “economic burden” for the intermediaries. 

Though intermediaries were critical of the IT Rules 2021, according to the report, safety bodies “lauded” it for making monthly transparency reports mandatory. They also said that delineation of specific timelines for acknowledgment and redressal of user grievances has helped in getting better responses from intermediaries. 

In its recommendations, the report urged the government to revisit the threshold to classify significant social media intermediaries and adopt a risk-based content gradation mechanism to decide the timeline for takedowns. It also asked the government to remove the personal liability provision for CCOs and rethink the data retention mandate keeping in mind the privacy concerns it raises along with the cost incurred by intermediaries on compliance.