NEW DELHI: The government is set to tighten accountability rules for social media apps such as WhatsApp, with upcoming intermediary guidelines likely to propose penalties and jail terms for executives, especially on traceability and user consent before being added to groups, said people with knowledge of the matter.
“The intermediary guidelines should be out soon after elections and we expect all social media apps to comply with them,” a government official told ET. “In the guidelines, we are writing that encryption should be such that it should support traceability.”
The apps have resisted the government’s efforts to get them to help law enforcement agencies trace the origin of inflammatory messages or those related to illegal activities such as drug use or trafficking, according to the officials.
“They have been dilly-dallying on the issue,” another senior official said. “They say that it is not that they don’t wish to, it is just that they technically can’t. So once these guidelines are out, social media apps will be compelled to reengineer their processes to comply with the law of the land.”
The new guidelines are seen as the solution as multiple discussions with WhatsApp have not yielded results, the official said.
THE ENCRYPTION ARGUMENT
WhatsApp didn’t respond to ET’s emailed queries.
In previous responses, WhatsApp has pointed to its India safety factsheet, which states that it has made significant product changes and worked with civil society partners to address misinformation through public education campaigns, apart from changes such as limiting the number of forwarded messages and allowing group exits in one tap.
The intermediary guidelines for internet and social media companies such as WhatsApp and Facebook have assumed critical importance with the government seeking to crack down on fake news and rumours that have fuelled violence, including lynchings, in parts of the country. The consultation process is over and the MeiTY is working on the final rules. Officials disagree with WhatsApp’s view that traceability compromises end-to-end encryption. They regard it as companies providing information to law enforcement agencies about the origin of fake messages or posts intended to divide society and spark violence among other things.
“They don’t or refuse to understand this—we don’t want you to look into the video or the audio or content, just tell us where (it began) or who started it,” said the official cited above, drawing a parallel with telcos, which are obliged to provide call detail records (CDRs) to law enforcement. The final intermediary guidelines—which will be more focussed than the existing ones—will also address the need to obtain the permission of users before adding them to a group as well as the matter of appointing grievance officers.
“It has been over six months since the government requested WhatsApp to ensure that nobody is able to add users to a group without explicit consent. Just because you have my mobile number, you should not be able to add me to the group without my consent,” the official said. “It is possible that some mischievous group has your number and the group posts some objectionable content—the police can be coming after you too.”
The home ministry asked social media companies in 2018 to nominate grievance redressal officers in India and develop a monitoring and filtering mechanism to check content. Last year’s draft recommendations proposed that all intermediaries would have to hand over to government agencies any information related to cyber security, national security, investigations, prosecutions or prevention of an offence within 72 hours. Internet and social media companies will also have to take down or disable content considered defamatory or against national security under Article 19 (2) within 24 hours on being notified by the appropriate agency in addition to using automated tools to identify, remove and trace the origin of such content.
Source: Economic Times