IT RULES, 2021: A REGULATORY IMPACT ASSESSMENT STUDY 

Given the rise in online harms, the MeitY introduced the Information Technology (Intermediary Guidelines & Digital Media Ethics Code) Rules, 2021 in February 2021. While many provisions addressed some of the safety challenges, the lack of public consultation obviated the Rules to resolve the primary concerns. Towards this, The Dialogue in collaboration with Internet and Mobile Association of India undertook an impact study to determine the ease of doing business, safety and privacy implications of these Rules.

The study has been conducted in two volumes – the first volume focuses on Part II of the IT Rules envisaging the regulation of intermediaries and the second volume will focus on Part III of the IT Rules which governs the over the top platforms (OTT). This is the first volume. The research is primarily qualitative in nature, based on inputs of 82 stakeholders. Out of these 82 stakeholders, 70 gave inputs for volume 1 which includes all kinds of intermediaries regulated by Part II of the Rules, civil society organisations, women and child safety bodies, lawyers, public policy professionals, and cybersecurity experts. The study addresses the key operational and implementation aspects of the IT Rules, 2021 in not just ensuring a safe online space but also furthering ease of doing business in India.

POLICY RECOMMENDATIONS

1. Sustained consultation with civil society and technical experts is encouraged to drive the global best practices for platform accountability in the Indian regime.
2. Revisit the threshold prescribed under the IT Rules, 2021 for classification of SSMIs in light of international practices and & India’s economic interests.
3. Adopt a risk based content gradation mechanism guiding response timelines for takedowns and information assistance.
4. Revisit the data retention mandate in light of privacy harms and compliance costs.
5. Remove the personal liability provision considering its legal infeasibility and economic repercussions and replace it with corporate financial penalties as the norm.
6. Do not implement the originator traceability mandate given its potential to undermine users safety and national security;
7. Do not make safe harbour protection contingent on proactive monitoring given the inherent biases that are likely to creep into such technologies;
8. Uphold the broad immunity protection for intermediaries in accordance with the Shreya Singhal mandate to preserve the free, open and secure nature of the internet;
9. Publish implementable Standard Operating Procedures in consultation with experts to cater to the operational challenges within the IT Rules, 2021.

Read the full report here.