Naavi.org

Yesterday there was an important TV interview of Mr Rajeev Chandrashekar with Mr Arnab Goswami where the minister provided a great insight into the new Intermediary Guidelines  which come as an amendment to the February 25 2021 guidelines. The original version of this was the 11th April 2011 notification under Section 79, a part of which got endorsed by the Shreya Singhal judgement and part of which was clarified by the Visaka industries  judgement .

During the course of the interview several important aspects were discussed by Mr Rajeev Chandrashekar some of which are discussed here.

As regards the formation of the Grievance Appellate Committee (GAC), the minister stated that they delayed the notification by 3 months waiting for the industry to come up with a self regulation which they failed to do. According to the 25th February notification, a suggestion was made that industries could set up Level II dispute resolution mechanisms by creating a dispute resolution body at different industry levels.

Naavi.org had proposed setting up of a digital media compliance guidance center  along with the ODR service from www.odrglobal.in.

Additionally Naavi had suggested an important Self Regulatory method for the industry on the lines of the Domain Name dispute resolution policy such as IDRP/INDRP. This needs mention in the light of the observation made by the minister in the above interview.

We had proposed that the industry should develop an “Intermediary Dispute Resolution Policy” which incorporates the suggested regulatory methods and a voluntary contractual obligation to meet the requirements and settle disputes at the Level II dispute resolution mechanism managed by the industry itself.

Unfortunately the industry was in a combative mode and went to Court to obtain stay on the guidelines and several High Courts readily obliged staying the guideline in part. Had the industry responded positively  the Grievance Redressal Committee would not have been a critical necessity.

Even now the industry should look at the suggestions made for the “Intermediary Dispute Resolution Policy”. 

Second interesting aspect that came up during the interview was related to the “Naavi’s Theory of Data” in which we have discussed the hypothesis which we have named as “Additive Value Hypothesis”

The Additive value hypothesis was one of the three hypotheses which Naavi proposed under this theory, the other two being “Data Definition hypothesis”  and ” Reversible Life Cycle hypothesis“

This theory was presented in the context of the Personal Data Protection Act and the additive value hypothesis recognized that when data changes its avatar from the raw data status to different levels of personal data including pseudonymized state or anonymized state, its value changes. The value may increase in some processes as the depth of the personal data increases and reduces when the data elements are pruned.

When Diamond is cut, we may chip off part of the stone but depending on the angle of the cut the value of the diamond increases. Similarly in some forms of pruning of information, information may shrink but its value may increase.

The theory suggested that the entity responsible for the transformation of data from one status to the other should be credited with the value addition and made the owner for that part of the data. This is the same principle which is followed in the IPR law where value keeps adding and each subsequent creator of value may claim ownership subject to the licensing contract.

In the Arnab Goswami interview, a point was brought by Arnab that “News is created by agencies” and its value is unfairly reaped by the Google kind of information aggregators. He was making a case for the News industry to get a part of the value realization.

This concept that “Raw News” is created by a news agency which is aggregated and modified to create further value by the Intermediaries like YouTube etc goes well with the Naavi’s theory of data. The “News” as data is a matter of “Non Personal Data Value Realization” and hopefully the Government will try to find a mechanism for recognition of data value and a data value exchange mechanism.

This is part of the continuing discussion on Data Monetization and Data Valuation that Naavi/FDPPI are engaged in.

Reference:

Changes to Intermediary Guidelines

Guidelines challenged in Delhi High Court

Delhi High Court judgement of 20th April 2021 (WP 1082/2020)

The Chilling Effect

The Intermediary guidelines and Digital media  ethics  rules of 25th  February 2021  had attracted a  lot of criticism from the industry and has even been questioned in a Court.

A case is also going on in Karnataka High Court where Twitter is trying to fight some of these intermediary guidelines  (refer here)

Now the Government has come up with an amendment of the rules of 25/02/2021 through an amendment notification dated 28th October 2022.

The essential part of the  amendment is captured  below.

1.  Constitution of the Grievance Appellate  Committee

The new  notification states as under:

In the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (hereafter referred to as the said rules), in rule 2, in sub-rule (1), after clause (k), the following clause shall be inserted, namely:—

(ka) Grievance Appellate Committee‟ means a grievance appellate committee constituted under rule 3A;.

4. After rule 3 of the said rules, the following rule shall be inserted, namely:—

3A. Appeal to Grievance Appellate Committee(s).—(1) The Central Government shall, by notification, establish one or more Grievance Appellate Committees within three months from the date  of commencement of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2022.
(2) Each Grievance Appellate Committee shall consist of a chairperson and two whole time members appointed by the Central Government, of which one shall be a member ex-officio and two shall be independent members.
(3) Any person aggrieved by a decision of the Grievance Officer may prefer an appeal to the Grievance Appellate Committee within a period of thirty days from the date of receipt of communication from the Grievance Officer.
(4) The Grievance Appellate Committee shall deal with such appeal expeditiously and shall make an endeavour to resolve the appeal finally within thirty calendar days from the date of receipt of the appeal.
(5) While dealing with the appeal if the Grievance Appellate Committee feels necessary, it may seek assistance from any person having requisite qualification, experience and expertise in the subject matter.
(6) The Grievance Appellate Committee shall adopt an online dispute resolution mechanism wherein the entire appeal process, from filing of appeal to the decision thereof, shall be conducted through digital mode.
(7) Every order passed by the Grievance Appellate Committee shall be complied with by the intermediary concerned and a report to that effect shall be uploaded on its website.

Presently any grievance arising out of ITA 2000 goes to the Adjudicating officer  appointed under Section 46 of ITA 2000 and the appellate Tribunal appointed  under Section 48.

Now a new “Grievance Appellate Committee” will be established for addressing the disputes arising out of the rules under the 25/02/2021 notification. The powers of  this committee  is  restricted  to  this limited extent.

The committee will consist of a  Chairperson and one member both  of whom  will be non Government persons. One would be an official. Probably the Chairperson could be judicial person like the Press Council so that the decisions of the Committee will have sufficient weight.

The  committee is expected to  resolve the appeal within 30 days from the  receipt of the communication from the Grievance Officer who is expected to complete his resolution process within 15 days of  receiving the complaint from the member of the public.

The Grievance Committee may if required take assistance of suitable experts.

Another  point to be noted is that the rule states that the “Grievance Appellate Committee” shall adopt  ODR where in the entire appeal process shall be  conducted online.

Naavi.org has been advocating ODR since around 2005 when the website www.arbitration.in was put up as a platform which could be used. This was later called ODR  Global (www.odrglobal.in). Some proposals were also  discussed  with the Technical committee of the Supreme Court. All these efforts were in the era when online court proceedings were unacceptable to the judiciary and hence did not progress. Now FDPPI has a “Data Disputes Mediation and  Arbitration Center” (DDMAP) ready to provide a platform for such online dispute  resolution.

It is good to note that ODR would be  a mandatory process for this  Grievance Committee,

We may note that the rules donot mention any further remedy beyond the appeal committee. However this will be tested in a Court at some point of time later.

As regards the procedures to be followed

Further, some changes have also been made to  the functioning of the platform as per the following revised provisions.

3. In rule 3 of the said rules,—
(a) in sub-rule (1),—

(i) for clauses (a) and (b), the following clauses shall be substituted, namely:—

“(a) the intermediary shall prominently publish on its website, mobile based application or both, as the case may be, the rules and regulations, privacy policy and user agreement in English or any language specified in the Eighth Schedule to the Constitution for access or usage of its computer resource by any person in the language of his choice and ensure compliance of the same;
(b) the intermediary shall inform its rules and regulations, privacy policy and user
agreement to the user in English or any language specified in the Eighth Schedule
to the Constitution in the language of his choice and shall make reasonable efforts
to cause the user of its computer resource not to host, display, upload, modify,
publish, transmit, store, update or share any information that,—
(i) belongs to another person and to which the user does not have any right;
(ii) is obscene, pornographic, paedophilic, invasive of another‟s privacy including bodily privacy, insulting or harassing on the basis of gender, racially or ethnically objectionable, relating or encouraging moneylaundering or gambling, or promoting enmity between different groups on the grounds of religion or caste with the intent to incite violence;
(iii) is harmful to child;
(iv) infringes any patent, trademark, copyright or other proprietary rights;
(v) deceives or misleads the addressee about the origin of the message or knowingly and intentionally communicates any misinformation or information which is patently false and untrue or misleading in nature;
(vi) impersonates another person;
(vii) threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign States, or public order, or causes incitementto the commission of any cognisable offence, or prevents investigation of any offence, or is insulting other nation;
(viii) contains software virus or any other computer code, file or program designed to interrupt, destroy or limit the functionality of any computer resource;
(ix) violates any law for the time being in force;”;

(ii) for clause (f), the following clause shall be substituted, namely:—

“(f) the intermediary shall periodically, and at least once in a year, inform its users in English or any language specified in the Eighth Schedule to the Constitution in the language of his choice of its rules and regulations, privacy policy or user agreement or any change in the rules and regulations, privacy policy or user agreement, as the case may be;”;

(iii) after clause (l), the following clauses shall be inserted, namely,—

“(m) the intermediary shall take all reasonable measures to ensure accessibility of its services to users along with reasonable expectation of due diligence, privacy and transparency;(n) the intermediary shall respect all the rights accorded to the citizens under the Constitution, including in the articles 14, 19 and 21.”;

(b) in sub-rule (2), in clause (a), for sub-clause (i), the following sub-clause shall be substituted, namely:—

“(i) acknowledge the complaint within twenty-four hours and resolve such complaint within a period of fifteen days from the date of its receipt:
Provided that the complaint in the nature of request for removal of information or communication link relating to clause (b) of sub-rule (1) of rule 3, except sub-clauses (i), (iv) and (ix), shall be acted upon as expeditiously as possible and shall be resolved within seventy-two hours of such reporting;
Provided further that appropriate safeguards may be developed by the intermediary to avoid any misuse by users;”.

As regards “publishing of the privacy policy” and “User agreement”, they should be in English or any language specified in the Eight schedule of the  constitution. It is better to read this as “English and any…” otherwise there will be problems in obtaining the consent. Further  the  intermediary shall make “Reasonable efforts” to cause  the  user  not do what  is prohibited. Under  this “Reasonable” requirement perhaps  we need interpret that the policies should be in English  and one of the other languages.

The rule also suggests reasonable efforts to be taken to ensure “Accessibility” to the impaired individuals.

As regards the time line for addressing the grievances the following has been specified.

a) Complaint shall be acknowledged within 24 hours

b)Complaint shall be resolved within 15 days

c) Complaints regarding removal of content shall be resolved within 72 hours

These rules will come into effect in 3 months if there is no judicial intervention.

We need to wait and see how the industry responds.

Naavi

The Government of India has introduced a scheme for simplifying the issue of life certificates for pensioners through an online service through the website www.jeevanpramaan.gov.in.

However there are  many clones of “Jeevan Praman”  that have  come online and pensioners have to be wary of them. They may either be an unfair exploitation of pensioners or a major scam.

Look at the following two web pages.

The one on the left side is the Government website and the second on the right side belongs to some Noida organization which uses the domain name jeevanpraman.online and the same pictures used by the Government website. It offers similar service but at a price.

This service involves providing aadhaar number and uses face recognition so that vital biometrics have to be provided for using the services offered. Most customers would do so thinking that this is a Government website.

This underscores the responsibility of organizations to guard against  a “Confusingly similar Website”  operating  in violation of trademark rights and causing a potential fraud risk to the community.

Not taking remedial action to bring down such  sites could be an abetment of any crime that may be committed by the alternate website using the similar domain name.

We recall the case of www.cgtmse-govt.in which was a fraudulent website which impersonated www.cgtmse.in which belonged to the Government. This fraud was brought to the notice of the public in 2013 but no action was taken by the authorities till in 2016 an adjudicator of Chattisgarh gave an award of compensation in a fraud case.

While it is open for any private sector company to offer a service to enable a citizen to make use of the Government service and also charge a reasonable fee, there should be clear indications that the company is not to be confused with the Government department.

A mere disclaimer at the bottom of the page that stating “Please be informed that this site serves content solely for knowledge purposes and is not affiliated with any pension agency or state institution. Your interaction with this site is subject to our terms of services, privacy, refunds and grievance policy. “For any questions, please email us at info@jeevanpraman.online.” in small print is not sufficient.

It should carry a bold visible mark “This is not a Government Website” or something similar.

Naavi introduced the service under “lookalikes.in” precisely for this purpose where a third party certified disclaimer can be visibly posted on the website.

This system will be effective if both websites post that he information that they are not related to the other.  At present the other  companies who are using the “Naavi” in their domain names have not yet posted the disclaimers on their websites.

I hope that such disclaimers are an obligation to the society and is a measure to ensure that regulatory authorities donot confuse one for the other.

It is time that such disclaimers are made part of the “Due Diligence” under Section 79 of ITA 2000.

Naavi

Also refer:

Domain Name Regulation in ITA 2000..to be amended

Emotional Analysis Techniques are a new age techniques used in Data Analytics  to process data such as gaze tracking, sentiment analysis, facial movements, gait analysis, heartbeats, facial expressions and skin moisture. Emotion analysis can also be applied to the use of textual data.

Other examples include monitoring the physical health of workers by offering wearable screening tools or using visual and behavioural methods including body position, speech, eyes and head movements to register students for exams.

Emotions are also gathered and analysed using EEG signals and sub conscious data which falls in the Neuro Rights domain.

These techniques are also related to Sentiment analysis or Opinion Mining which is a Machine learning and NLP technique used by some survey agents to assess the feedback on goods and services. The data gathered in this process is used for marketing.

These techniques have now attracted attention of ICO-UK, which has warned that “Immature biometric technologies could be discriminating against people”

The UK Commissioner has stated that a “Biometric guidance” may be released by the ICO-UK in the next year. For the time being the ICO-UK (Stephen Bonner) has said that  they  are concerned that incorrect analysis of data could result in assumptions and judgements about a person that are inaccurate and lead to discrimination.

It is recognized that the inability of algorithms which are not sufficiently developed to detect emotional cues, means there’s a risk of systemic bias, inaccuracy and even discrimination.

ICO has noted that the technique may be used along with many face recognition technologies used by Financial Companies who analyse photo IDs and Selfies, airports where passengers are scanned by facial recognition and use of voice recognition for access.

In view of the above all organizations who are using biometrics may come under a special watch to understand if they are using emotional analysis and if so responsibly.

Naavi