Facebook, YouTube, Twitter and TikTok will have to reveal users’ identities if Indian government agencies ask them to, according to the country’s controversial new rules for social media companies and messaging apps expected to be published later this month.
The requirement comes as governments around the world are trying to hold social media companies more accountable for the content that circulates on their platforms, whether it’s fake news, child porn, racist invective or terrorism-related content. India’s new guidelines go further than most other countries’ by requiring blanket cooperation with government inquiries, no warrant or judicial order required.
India proposed these guidelines in Dec. 2018 and asked for public comment. The Internet and Mobile Association of India, a trade group that counts Facebook Inc., Amazon.com Inc. and Alphabet Inc.’s Google among its members, responded that the requirements “would be a violation of the right to privacy recognized by the Supreme Court.”
But the Ministry of Electronics and Information Technology is expected to publish the new rules later this month without major changes, according to a government official familiar with the matter.
“The guidelines for intermediaries are under process,” said N.N. Kaul, the media adviser to the minister of electronics & information technology. “We cannot comment on the guidelines or changes till they are published.”
The provisions in the earlier draft had required platforms such as Google’s YouTube or ByteDance Inc.’s TikTok, Facebook or its Instagram and WhatsApp apps, to help the government trace the origins of a post within 72 hours of a request. The companies would also have to preserve their records for at least 180 days to aid government investigators, establish a brick-and-mortar operation within India and appoint both a grievance officer to deal with user complaints and a government liaison. The Ministry is still finalizing the language and content.
The rules cover all social media and messaging apps with more than 5 million users. India, with 1.3 billion people, has about 500 million internet users. It isn’t clear whether the identities of foreign users would be subject to the Indian government’s inquiries.
At the same time, tech companies and civil rights groups say the new rules are an invitation to abuse and censorship, as well as a burdensome requirement on new and growing companies.
In an open letter to India’s IT minister Ravi Shankar Prasad, executives from Mozilla Corp., GitHub Inc. and Cloudflare Inc. said the guidelines could lead to “automated censorship” and “increase surveillance.” In order to be able to trace the originator of content, platforms would basically be required to surveil their users, undermine encryption, and harm the fundamental right to privacy of Indian users, they said.
Companies such as Mozilla or Wikipedia wouldn’t fall under the new rules, the government official said. Browsers, operating systems, and online repositories of knowledge, software development platforms, are all exempt. Only social media platforms and messaging apps will be covered.