*Update (February 26): This post has been updated to represent the final version of the Rules that were notified on Thursday evening. The government has stuck to its stance of traceability on internet platforms. The Information Technology (Guidelines For Intermediaries And Digital Media Ethics Code) Rules, 2021 propose to make it mandatory for social media intermediaries to enable identification of the originator of a particular message or post. This ostensibly challenges end-to-end encryption on messaging platforms such as WhatsApp and Signal, and hence raises concerns around privacy. Note: This summary was initially based on a copy of the Rules that was released by the Internet Freedom Foundation, and had been circulating in journalist groups. The final Rules have differences that we have outlined below as and when relevant. The Rules have prescribed due diligence to internet intermediaries as defined under Information Technology Act, 2000. The Rules have defined a social media intermediary as one that “primarily or solely enables online interaction between two or more users and allows them to create, upload, share, disseminate, modify or access information using its services”. (Note: The previous version of the Rules had excluded from this definition intermediaries that enable commercial or business-oriented transactions; provide access to internet; search engines, online directories or online storage services. This distinction no longer exists in the final version.) The Rules do not define “significant social media intermediary”, and the threshold will be notified by the central government. Additionally, significant social media intermediaries need to have a physical…
