Remedy Worse Than Malaise: Striking a Balance Between Privacy and Security is a Difficult Challenge
Oct. 28, 2023

Context

  • Politics and misinformation have been interconnected for a long time and with elections around the corner, addressing political misinformation will remain a policy priority.
  • Amidst complexities surrounding political misinformation, it is important to focus on the potential consequences and controversies associated with Rule 4(2) of the 2021 Information Technology (IT) Intermediary Guidelines, which seeks to counter the growing problem of political deep fakes.

Why is Misinformation a Cause of Concern?

  • Rising Fake Synthetic Media in Politics: Misinformation in politics is nothing new, but recent advancements in artificial intelligence (AI) have made it easier to create convincing deep fake images, videos, and voices.
  • Synthetic Media Can Influence Voter’s Actions: These synthetic media pieces can be employed both intentionally and maliciously, posing a significant risk by potentially misleading users and influencing their actions, particularly in the context of elections.

Steps Under Consideration by the Government to Counter Misinformation

  • The central government is planning to rely on the Rule 4(2) of the 2021 IT Intermediary Guidelines to counter political deep fakes.
  • The Rule 4(2) demands that all significant social media messaging entities must have the capability to identify the first originator of the information on their platform.
  • Originator requests can then be invoked either under a court order or by the government using its powers to intercept, monitor or decrypt information.

Controversies Surrounding the Rule 4(2) of IT Intermediary Guidelines 2021

  • Meant to Target End to End Encryption
    • The provision is primarily meant to target end-to-end encrypted platforms like WhatsApp.
      • End-to-end encryption ensures that when one user messages another, only those two individuals will have the keys to unlock the message.
      • Neither the company nor a government agency can ordinarily do so. This makes encryption a powerful tool for preserving communications privacy.
    • For the same reason, law enforcement agencies view end-to-end encryption as a threat to their functioning and keep trying to look for ways to undermine it.
  • Triggered a Debate on Privacy vs Security
    • An imperfect analogy can be drawn between the demand for a "movement tag" for every citizen stepping out of their house and the potential invasion of privacy through Rule 4(2).
      • It can be assumed that a portion of the people who leave their houses every day will commit a crime.
    • To check against these crimes, the government wants a tag attached to every occasion a citizen steps out of their house.
    • They are not asking for the contents of the bag that you were carrying at the time. But privacy would already be in danger with the movement tag of each and every citizen being amassed by a corporation and made accessible to the government on demand.
    • While the stated purposes of this rule are to prevent serious offenses like threats to sovereignty, state security, public order, and sexual crimes with imprisonment exceeding five years, it can still be misused by the government.
  • Unclear Grounds for Implementation
    • The listed grounds, particularly the maintenance of public order, leave room for broad interpretation by courts and the government.
    • The example of public order restrictions imposed in various contexts highlights the potential for misuse and overreach in implementing the rule.
    • A report on the use of Section 144 of the CrPC in Delhi, highlights that public order restrictions imposed in contexts like flying drones, using metallic manjhas for kites and carrying tiffin boxes inside cinemas.
    • Thus, it is not hard to imagine why tracing encrypted messages to prevent such instances would be an excessive intrusion.
  • Unclear Definition of First Originator
    • The term first originator remains undefined which can lead to ambiguity in the application of the rule.
    • For instance, someone who copies and pastes an existing message may unintentionally become a new originator, while malicious actors can easily evade it by spoofing identities, making traceability both disproportionate and ineffective.
  • Logistical Challenges and Privacy Concerns
    • Traceability relies on the maintenance of logs for the origin of every message. This compromises the privacy of all messaging users in the pursuit of identifying a few.
    • The footprint of the rule will compromise the privacy of all messaging users in the hope of being able to deter and penalise a few of them.
    • This does not meet the proportionality requirements of the fundamental right to privacy. 
    • Experts also argue that traceability techniques are not only privacy-invasive but also impractical.

Legal Challenges Faced by the Rule 4(2) of IT Intermediary Guidelines 2021

  • Praveen Arimbrathodiyil vs. Union of India
    • A Petition was filed in the HC of Keralachallenging Rule 4(2)on the grounds that it violates the right to encryption of citizens as a subset of the right to privacy protected under Article 21 of the Constitution of India.
    • The challenge highlights that the traceability provision puts unreasonable restrictions on the ability of intermediaries, thereby, violating the right to freedom to trade and profession under Article 19(1)(g) of the Constitution of India.
  • Anthony Clement vs. Union of India
    • The issue of co-existence of traceability of users with end-to-end encryption was raised in the Madras HC.
    • To address the issue, a suggestion was made that tracing of originator can be done by adding information of the originator with each message and displaying the same during decryption.
  • WhatsApp vs. Union of India (2021)
    • WhatsApp Inc. and Facebook have filed two separate petitions in the HC of Delhi challenging the Rule 4(2).
    • The petitions state that the provision breaks end-to-end encryption and undermines the fundamental right to privacy.
    • It is violative of the law laid down in K.S. Puttaswamy vs. Union of India (2017) and goes against the principles of proportionality, necessity, and minimisation.
  • Recent Tripura HC Order
    • It recently stayed an order demanding the origin of a fake resignation letter by the state’s CM from WhatsApp.
    • This was on the ground that the trial court had not established the threat to public order while making the order. 

The Government’s Stance on the Rule 4(2) of IT Intermediary Guidelines2021

  • No Intent to Violate Right to Privacy
    • The government says that it recognises the right to privacy as a fundamental right but it is the Government’s duty to ensure law and order and national security.
    • It has reiterated that the traceability provision will not impact the right to privacy.
    • The fundamental rights are not absolute in nature and are subject to reasonable restrictions, the traceability provision being a reasonable restriction.
  • Rule 4(2) Qualifies the Proportionality Test: The cornerstone of this test is whether a lesser effective remedy exists.
  • Traceability is Essential in Abiding with Public Interest
    • The MeitY has argued that Rule 4(2) is important because it serves public interest.
    • It is in public interest that who started the mischief leading to such crime must be detected and punished.

Conclusion

  • The debate over Rule 4(2) and its implications for political deep fakes and election integrity continues to intensify. For all these reasons, Rule 4(2) is currently under challenge before courts.
  • Striking a balance between privacy and security is a difficult challenge, and finding a remedy that truly mitigates the problem without causing further harm remains a pressing concern.

Enquire Now