Social media

India proposes social media censorship powers • The Register

India’s technology policies continue to stir controversy, with new objections raised against a pair of proposed regulations.

One such regulation concerns infosec notification and logging requirements introduced by India’s Computer Emergency Response Team (CERT-In) in late April. This package requires a VPN, cloud, and many other IT service providers to collect customers’ personal information and log their activity, and then turn that information over to Indian authorities upon request. A VPN provider, ExpressVPN, left India last week on the grounds that its on-premises servers are designed to log no logs, so compliance would be impossible. ExpressVPN will soon route customer traffic outside of India.

On Tuesday, another VPN – Surfshark – announced that it would do the same.

The company announced its decision in a Publish who called the CERT-In rules “a sweeping action that has a significant impact on the privacy of millions of people living in India”.

The Indian government decides what millions of Indians can or cannot say online.

CERT-In’s rules have also been criticized by The Internet Society, the non-profit organization that advocates for an open Internet.

In a Impact dossier [PDF] which assesses the impact of CERT-In rules, the Company assesses the requirement to synchronize with India-controlled network time protocol servers as creating a dangerous single point of failure. The Brief also takes issue with the rules requirement to collect user data, as India lacks privacy and data protection laws. The Society also suggests that CERT-In is not the appropriate body to collect data from, as it is not a law enforcement agency.

These criticisms come on top of similar suggestions from BSA The Software Alliance and ten other tech lobby groups, all of which suggest the rules make India a less attractive destination for foreign investment.

Glutton for punishment?

The Indian government has so far ignored these criticisms, but has gained the same at home by revising the IT rules (Guidelines for Intermediaries and Digital Media Code of Ethics) that it introduced. in 2021. These rules have seen social media companies push back on the grounds that regulations require them to identify users and may restrict free speech.

On Monday, India’s Ministry of Electronics and Information Technology (MeitY) released proposed amendments [PDF] to the Rules which, among other things, proposes the creation of a government-led committee to review complaints from citizens about content posted on social media. This committee would have the power to overrule social media content moderation decisions.

This is chilling, given that Indian police visited the local Twitter office last year to find out why the microblogging service chose to label a government spokesperson’s posts as ‘manipulated media’. .

The Internet Freedom Foundation of India defined the powers of the proposed committee as follows:

To complicate the perception of the proposed amendments is that MeitY published them last week, but then withdrew the file. An identical proposal reappeared on Monday.

India’s IT Minister, Rajeev Chandrasekhar, has said the amended rules add “more efficient handling of grievances ensuring respect for citizens’ constitutional rights” and will have “no impact on Indian startups”.

Many countries have laws that give local authorities the power to compel social media to remove content under specific circumstances.

India’s proposed amendments allow citizens to seek restraining orders whenever they feel aggrieved.

The register will be surprised if the proposed amendments do not generate another wave of letters from international pressure groups protesting India’s plans. ®