Hi there! In this edition, we are trying to pry open some answers on the government’s tightening hold on social media companies, if the PDP Bill only covers ‘personal data’, and the growing conflict on the proposed e-commerce rules. Read on for more on all this, and then some.
Digital media, online content and intermediary liability
We are delighted to share that we worked with the Data Security Council of India on a white paper on encryption and its role in India’s digital economy. The paper attempts to balance divergent themes of privacy, national security, and economic growth. It unpacks the regulatory landscape in India and other countries, and deep dives into key encryption debates. It also maps different methods used by governments to access encrypted information and covers alternate solutions for accessing protected data. It discusses the legal and technical considerations of traceability, and the economic benefits of encryption. The paper lists a set of recommendations that aim to kickstart deeper, more harmonised discussions on a unique yet divisive subject. Key recommendations include exploring government hacking backed by clear rules, building law enforcement capacity, instituting appropriate safeguards under India’s interception framework, among others.
In other news, the Ministry of Electronics and IT (MeitY) has reportedly initiated consultations to revamp the Information Technology Act, 2000 (IT Act). The new law may revisit the protection afforded to social media platforms against third-party user generated content (safe harbour protection), require such platforms to proactively monitor and remove offensive content and include provisions on online sexual harassment, cyberbullying, photo morphing, among others. Another report suggested the government is working on a single policy for all social media companies to regulate actions such as tagging media, suspending accounts and responding to user requests. These themes are likely to surface when the government discusses the new IT Act.
Also, the MeitY has reportedly come up with a strategy for making India a USD 1 Trillion Dollar economy in 1000 days. It will focus on simplifying existing tech regulations and aligning them with global standards, pushing innovations like AI, cybersecurity, blockchain, upscaling digital governance initiatives, and undertaking tech skill development and training.
In other news, Mr. Amitesh Kumar Sinha, (IRAS, 1997) was appointed as the new Joint Secretary, MeitY. In his previous stint, he was JS, Ministry of New and Renewable Energy (MNRE). He handled administrative and financial functions for the projects and schemes rolled out by the MNRE.
Data and privacy
The Joint Parliamentary Committee (JPC) examining the Personal Data Protection Bill (PDP Bill) continued to discuss its report and the suggestions of the newly appointed chairperson Mr. P.P Chaudhary. It is likely that the JPC will submit its report in the upcoming winter session of Parliament (tentatively 29 November to 23 December 2021). Reports indicate that the JPC may even finalise its report by 6 November 2021. The JPC may propose to expand the scope of the PDP Bill to include non-personal data (NPD) or anonymised data as well. Remember an expert committee headed by Infosys co-founder Mr. Kris Gopalakrishnan also discussed nuances of NPD and suggested to delete references to NPD from the PDP Bill, share NPD for public good purposes like policy making and research, among other things. Read our analysis of the recommendations of the NPD committee, here.
Earlier, we worked with NASSCOM on a study to understand the impact of the decision of the Europe’s top court, the CJEU, on EU-US privacy shield (Schrems II) on Europe-India data transfers. The CJEU believed that US surveillance laws didn’t adequately protect EU residents’ data. We analysed the CJEU’s decision, the new Standard Contractual Clauses (SCC) (a data transfer tool), the European Data Protection Board’s guidance on data transfers, and mapped 250+ Indian data access laws to understand how organisations could continue data transfers post Schrems II. Key findings indicate that organisations could continue to rely on SCCs for EU-India data transfers after conducting a case-by-case assessment of Indian laws and practices to see if they meet EU standards. Also, the upcoming PDP Bill could include additional safeguards that strengthen the case for India.
Gaming
Karnataka’s latest ban on online games of skill and chance invited a spate of legal challenges with industry body All India Gaming Federation and five other gaming companies moving the Karnataka High Court. The High Court said that there should be no arrests during the pendency of the cases. Meanwhile, the Karnataka Chief Minister, Mr. Basavaraj Bommai addressed the ban, explaining that its sole objective was to safeguard the health and peace of mind of poor families. Also, the Home Minister of Karnataka, Mr. Aarga Jnanendra said the government will release draft rules under the new law and seek feedback from all stakeholders, while also noting the government’s preparedness to defend the law if challenged in court.
Fin-tech
The theme for the fourth cohort of the Reserve Bank of India’s (RBI) regulatory sandbox is prevention and mitigation of financial frauds. RBI’s regulatory sandbox allows fintech companies to conduct live experiments in a controlled environment under its supervision, to gauge the effectiveness of an innovation, in practice. In the past, RBI has formed sandboxes to accelerate growth in the areas of retail payments, MSME lending and cross border payments. The aim of the fourth cohort is to design tools to reduce the lag between the occurrence and detection of frauds and reducing the response time to frauds.
For a round-up of developments in the fintech space, subscribe to our new monthly newsletter- FinTales! Read past issues here, and subscribe by emailing contact@ikigailaw.com with the subject “Sign me up for FinTales”.
Health-tech
In September 2021, the government launched the Ayushman Bharat Digital Health Mission nationally. The Mission will increase access to healthcare by linking patients, healthcare professionals (doctors, therapists), healthcare facilities (labs, hospitals), and providers of technology tools like telehealth applications, electronic health records management, and tools for online sale of medicines.
In other news, the Ministry of Health and Family Welfare constituted a panel to examine and draft a new law for drugs, cosmetics, and medical devices. Shambhavi had written about some aspects of medical devices evaluation that need to be strengthened, to secure India’s goal of being the pharmacy of the world; with reliable drugs and devices. This includes having more robust risk assessment parameters and evaluation mechanisms for software as a medical device (e.g., AI/ML-based medical devices).
E-commerce and consumer affairs
The Department for Promotion of Industry and Internal Trade (DPIIT) joined other government ministries in flagging concerns against the proposed amendments to the Consumer Protection (E-commerce) Rules 2020 (Draft Rules). The DPIIT opposed provisions that hold marketplaces liable for negligent act of sellers, prohibit discounted sales on e-commerce platforms, among others. The pushback was not limited to India. The government of Australian wrote to the Minister of Consumer Affairs Mr. Piyush Goyal about its concerns on the overly prescriptive Draft Rules. But why does Australia care? It is set to negotiate a Free Trade Agreement with India which will have a dedicated chapter on e-commerce. And the Australian Minister for Trade, Tourism, and Investment Mr. Dan Tehan believes that the Draft Rules impose “extensive extraterritorial obligations on foreign e-commerce entities operating in India”.
Meanwhile, Amitabh Singhal, former president of the Internet Service Providers Association of India and other industry veterans came together to form the Confederation of Indian Ecommerce (CIE). CIE will act as a not-for-profit trust of ecommerce companies and offer a neutral industry voice by bringing government officials, industry players, policymakers and consumers on one platform. CIE will engage with state governments to support the needs of e-commerce companies and local MSMEs, offer a platform for retail and e-commerce firms to raise “economic or policy issues” with the government, among other things. Venky Venkatesh, former CEO of the Press Trust of India, is the strategic advisor of CIE.
Additionally, the Ministry of Commerce’s desk has a new Joint Secretary, Vipul Bansal, (IAS, Karnataka cadre 2005) who was previously Private Secretary to the finance minister.
That’s it from us. We’d love to hear from you. Tell us what you think about the developments we covered. Or if you’d like us to cover another development. Write to us at contact@ikigailaw.com
