Adherence to a Dispute Resolution Policy could be “Due Diligence”

This is in continuation of our discussions on the Intermediary Guidelines which are proposed to be amended by the MeitY. The Government wants to urgently address the “Fake News” phenomenon which has exploded into a real mess with leaders like Rahul Gandhi taking it to ridiculous lengths and earlier respected media like Hindu falling into the gutter of lies with such political parties.

In this context we reiterate our strategy to address the concerns expressed by many companies and activists  while providing their comments by a completely different approach which no body other than one Commentator (FDPPI… Page 21-28 of the first batch of comments) has made.

The suggestion is to introduce a system of voluntary adoption of an “Intermediary Dispute Resolution Policy” (IDRP)  administered by “Intermediary Dispute Management Centers” (IDMC) which are accredited by the Ministry.

The big idea in this suggestion draws from the “Uniform Domain Name Dispute Resolution Policy” (UDRP) and the INDRP which resolves domain name disputes. It also goes along with the need to be compliant with the Data Protection Laws (PDPA 2018) which has introduced the concept of “Data Fiduciaries”, when it becomes applicable. It also takes into account the system of “Digi Lockers” which the Government has already introduced.

It uses the system similar to declaration of a company through “Prospectus” as used in IPO scenario and “Certification Practice Statement” as used in Digital Signature regulation.

When an organization commits itself to a declared policy and the consequences thereof, they also subject themselves to the requirements of avoiding “Breach of Trust” charge .

Additionally the “Due Diligence” becomes the self accepted level and if it fails to meet them, they should also accept the liabilities that may come upon them under Section 79.

Further, since the administration of the policy and its adjudication on a complaint will be through an expert non government organization and there is no need for political opponents of Mr Modi to muddy the discussion.

Before people start evaluating any suggestion, I request them to fully appreciate what Section 79 really means and what these guidelines actually indicate.

Section 79 says that if there is any contravention of ITA 2000/8 and such contravention has been done through a message which has passed through an intermediary, then the intermediary who follows the due diligence will not be held liable.  If the concerned intermediary fails to meet the definition as defined in ITA 2000/8 or is found to have abetted in the contravention or has failed in the due diligence as determined by a Court, it will be held liable along with the person/s who actually committed the contravention and caused damage to a complainant.

Section 79 is not itself a penal section which states that there will be some punishment if it is not followed. Similarly the guidelines which we are discussing does not prescribe  mandatory punishments to say that if these guidelines are not followed, the intermediary will be punished with imprisonment, fine or liability to compensate.

For these guidelines to hurt, some complainant should have a cause of action under ITA 2000/8 or other law and hold out the information handled by an “Intermediary” as the cause for his hurt. Then it is the responsibility of the Courts to consider that the Intermediary had some responsibility which he has overlooked and then hold them liable along with the original perpetrator of the crime.

Hence most of the objections that have been raised in the comments in the 608+84 page document are  untenable.

I request the interested persons to kindly peruse the suggestions and provide their feedback.

Naavi

This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.