Mozilla is not happy with India's new IT rules claiming there aren't enough checks and balances in place

• Mozilla, a known supporter of the open internet, claims that India’s new rules and regulations for online platforms will have ‘disastrous consequences’.
• According to the internet giant, there aren’t enough checks and balances in place to account for over reach.
• Moreover, the rules can’t be followed without breaking end-to-end encryption, which could spell trouble for messaging services such as WhatApp, Signal and Telegram.
  

Internet giant Mozilla, the company behind Firefox browser, has always been a big propagator of the open internet. And, they are not pleased with India’s new IT Rules for social media platforms, OTTs and digital news content.

According to Mozilla’s public policy advisor, Udhbav Tiwari, the sudden move will have ‘disastrous consequences’ for the open internet.


“By expanding the ‘due diligence’ obligations that intermediaries will have to follow to avail safe harbour, these rules will harm end-to-end encryption, substantially increase surveillance, promote automated filtering and prompt a fragmentation of the internet,” he said in a blog post.

Tiwari highlighted six reasons why the new regulations are not going to empower Indians but harm their interests. Their implementation could even lead to unintended consequences on the overall health of the internet, according to him.

The rules can’t be followed without breaking end-to-end encryption
India’s new IT regulations ask all ‘significant’ social media intermediaries to track down the ‘first originator’. According to Mozilla, this will give platforms like WhatsApp, Signal and Telegram no option but to break end-to-end encryption. That, in turn, harms user interests since it weakens the overall security of the services.

“[The rules] contradict the principles of data minimisation endorsed in the Ministry of Electronic and Information Technology’s (MeitY) draft of the data protection bill,” wrote Tiwari adding that the the aspect of automated filtering of child sexual abuse materials (CSAM), non-consensual sexual acts is also fundamentally incompatible with end-to-end encryption.

Making companies embed monitoring infrastructure for surveillance will have ‘disastrous implications’ for the freedom of expression and privacy.

Not enough time is provided to verify claims of misuse
While a good move in theory, especially if you are one of the victims, it does complicate things on the behalf of the social media platforms. The 36-hour limit for content takedown and the 72-hour window for sharing user data is not enough to analyse requests or seek further clarification, according to Mozilla’s public policy head.

“This would likely create a perverse incentive to take down content and share user data without sufficient due process safeguards,” said Tiwari explaining how such a norm would undermine the people’s fundamental right to privacy and freedom of expression.

The new laws are against Supreme Court judgement
When it comes to revenge porn, deep fakes and other materials that are derogatory, social media platforms are now required to remove the posts within 24 hours.

While it is a legitimate issue, Mozilla’s Tiwari points out that it goes against the landmark Shreya Singhal judgement by the Supreme Court in 2015. The bench clarified that the companies would only be expected to remove content when told to so directly by a court or government order.

They take away all anonymity provided by the Internet
‘Voluntary’ verification, as mandated in India’s new IT rules, is asking social media platforms to provide a voluntary mechanism for users to prove their identity using phone numbers or government-issued IDs.

This may create an incentive for the collection of personal data. While the law says nothing about potential misuse, the details can be used to profile and target users.

The public has already seen an example of this during Facebook’s Cambridge Analytica scandal.

And, where there is personal data, there is a great risk of hackers trying to steal it. This will increase the pressure on social media intermediaries — those who can afford it — to step up their cybersecurity.

According to Mozilla, more than fighting misinformation, these laws will impede the benefits that anonymity on the internet has to offer, such as whistleblowing and protection from stalkers.

There aren’t enough checks and balances against over reach
Content has to be removed. There isn’t enough time to check each complaint. And, there’s nothing to keep the government from over reaching, according to Mozilla.

It asserts that if the government can issue takedown requests for online news websites, online news aggregators and others — then they can take down anything they deem to be offensive, with only a few checks and balances in place.

However, the new rules are not supported by sufficient accountability, says Mozilla. There are no safeguards in place to ensure that the rules themselves will not be misused just to silence opposing opinions, which may not necessarily be a ‘national security’ threat.

“Given the many new provisions in these rules, we recommend that they should be withdrawn and be accompanied by wide ranging and participatory consultations with all relevant stakeholders prior to the notification,” said Tiwari.

SEE ALSO:
Datacracy: Indian Prime Minister's 'data democracy' must avoid the flaws of the country’s political system

Whatsapp, Signal and Telegram face a catch-22 situation as India’s new social media rules threaten encryption

Facebook and Twitter have a ton of new rules to abide by in India ⁠— WhatsApp may find itself in the toughest spot of all