The European Union (EU) proposed a slew of reforms making the content regulation of online information platforms. It included a direct oversight of the EU in this regard, thus making the law supranational in its approach. The focus in the EU is clearly stemming from the need for striking a balance between privacy and the transparency of what and more importantly, who is behind the content. This is clearly addressed towards a greater transparency to the user of the platform, while exercising their right under Article 10 of the European Court of Human Rights, which provides for the freedom of expression.
Turning to India, we have been battling with the data law for almost five years now and the end is nowhere in sight. To complicate matters, the new Telecom Bill, proposed a “sandbox model” of regulation. For those of us who do not understand what a “sandbox model” is, it is a jargon to say, “we will regulate and pass more restrictions and rules as we understand the Telecom Bill, proposed to be a legislation, when it passes”. While this may sound arbitrary, to give the benefit of doubt to India, it is currently grappling with issues of the Supreme Court of India stepping in and upholding fundamental rights by striking down arbitrary laws, if any. The case in point is Puttaswamy1 judgment which upheld the privacy, Section 66-A of the Information Technology Act, 2000, and the list goes on.
To conduct a transboundary analysis, the EU passed its General Data Protection Regulation (GDPR) law in 2016, which went into effect in 2018. The Digital Services Act2, which addresses privacy from a different perspective i.e. from the perspective of the users in general, rather than the GDPR which protects the individual freedom of privacy, is the welcome addition to the transparency framework. Again, this has been made supranational, that is, all the countries in the European Union must adhere to these norms. The Digital Services Act, which was in the negotiation stage for the past 18 months, passed the legislative hurdle in July. They added on the e-commerce rules by having a clear dividing line between the large online platforms and their transparency framework and most importantly, very large online search engines, with their own transparency framework.
Why would this not work in India? The answer is simple: bureaucracy. The e-commerce laws work in a silo addressing a myriad of problems which have emerged in India with the start-up boom. Similarly, the platforms that they use to access the user, are the large online platforms which work concomitantly with the e-commerce to analyse the purchase patterns and to decipher which targeted sale would work for which customer, which is regulated by the data law. Turning to the telecom laws, the silo is much more insulated from the others as it operates in the domain of telecom and the news of 5G is making the headlines.
One cannot ignore that a user with a smartphone is simultaneously accessing all the three laws congruously. The same conundrum is with the companies which operate using a heavy dependency of a smartphone – selling a product to a consumer, using the data of the consumer and the “sandbox regulation” which they are yet to decipher. This not only affects the ease of doing business in India, but can never be “single-windowed” for a company which is not a billion-dollar company, but a meagre start-up trying to start a business. The conversations of start-up founders are now with legal counsels, rather than the business architects. This is far from a healthy sign, of course, a merry time for legal professionals.
The reason that India cannot adapt to the EU-based framework is also the way we tackle an issue. For every law that the Parliament intends to regulate, the legislative drafting process is rather flawed. The comprehensiveness and the intention to have codified regulation, so that the legislators need not revisit the law, takes precedence over the issue that they intend to tackle. What started as a simple regulation for data law 5 years ago has turned into a nightmare of biblical proportions with consultations and notices flying across the legal corridors from the who’s who of the tech industry.
It is not suggestive that our law-making process is rather lengthy, but many a times, we have produced laws which are quite comprehensive, only to be revisited, redacted and worse, struck down by the Supreme Court. The comprehensive view taken at the time of the legislative notes, which culminates into a law, should consider the pragmatism over encyclopaedic legislation.
WhatsApp has blocked 22 lakh accounts in India, following the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. WhatsApp has an average user value of USD 1-USD 12 per account. Calculating the cost of compliance, this amounts to approximately 2300 crores at stake. This is just one instance of one company. The onerous task of harmonising all the laws towards an EU approach, while may not be “Indian” enough, but the cost of imposing a norm versus the benefit is one approach the legislators must take into account and present as a part of the Bill they intend to propose.
† Professor of International Law and an alumnus of The Hague Academy, Netherlands. Author can be reached at casrikantparth@gmail.com.
†† Principal Counsel, Chambers of Dr. Srikant Parthasarathy
1. K.S. Puttaswamy v. Union of India, (2019) 1 SCC 1
2. Regulation on a Single Market For Digital Services published on October 19, 2022