Data Protection Board: Implications of Absence of Judicial Member

In today’s era, where the value of data stands next to be priceless, the Indian Parliament has enacted the Digital Personal Data Protection Act, 2023. Before the law was enacted, the Bill went through a turbulent series of discussions and revisions since the inception of the Justice B.N. Shrikrishna Committee in the year 2017. The previous versions of the Bill drew criticism from both the opposition and experts in the field. After the Digital Personal Data Protection Bill, 2023 was tabled by the Union Minister for Electronics & Information Technology, Ashwini Vaishnaw on August 3, 2023, in the Lok Sabha, the Bill received the approval of the Lower House and the Upper House. On August 11, 2023, the Hon’ble President, Droupadi Murmu granted assent to the Bill.

In the discussion that ensues, this article delves into an analysis of a facet that has not been given enough consideration relative to its possible consequences – the foundational principles and attributes that define the Data Protection Board. It also examines the critical question of whether the Board aligns with the concept of a tribunal, given its quasi-judicial role in data protection matters. Furthermore, the paper explores the constitutional implications of not mandating a judicial member within the Board, assessing potential conflicts with the doctrine of separation of powers. 

Establishment of a Data Protection Board

For the first time in India’s legal landscape, the Legislators have proposed the establishment of a Board which would be entrusted with overseeing and addressing multifaceted aspects of data protection – the Data Protection Board. On the face of it, the Board seems to be a strategic endeavour to alleviate the burden on the judiciary by facilitating the resolution of data-related disputes. 

Section 18[1] of the Act provides for the establishment of the Board, wherein it has been stated that this institution shall be a “body corporate”; this legal status grants the Board certain rights and powers, similar to a legal person, which enables it to function independently in legal and financial matters. The provision also grants the Board the authority to acquire, possess, and transfer both movable and immovable property. More importantly, the Board will have the capacity to initiate legal actions (sue) or be subject to legal actions (sued) in its own name.

Section 19(3)[2] sets forth the criteria for the selection of individuals who will serve as the Chairperson and Members of the Board. The Section outlines the qualifications required for individuals who are to be appointed as the Chairperson and other Members of the Board. According to the said clause, these individuals are expected to possess specific attributes and a background that encompasses specialised knowledge or practical experience in various areas. Especially, the provision mandates that at least one of the appointed individuals must be an expert in the “field of law”.

With an emphasis on leveraging technology, the Board is set to function as an independent entity, adopting a digital approach to its operations.  

Is the Data Protection Board Equivalent to a Tribunal?

The term “tribunal” has not been defined explicitly in any law in India, however, there are judgments wherein Courts have laid down the requisites or features of tribunals. The Law Commission of India in its 272nd report defined it as an administrative body created to carry out quasi-judicial functions. Additionally, an administrative tribunal is not an executive body or a court; it occupies a space in the middle between an administrative body and a court.

In Jaswant Sugar Mills Ltd., Meerut v. Lakshmichand[3], the primary criteria for identifying a tribunal was established – authority to determine matters, compel witness attendance, follow essential rules of evidence, and wield sanctioning powers.  The legal understanding of a tribunal extends beyond mere courtroom connotations. As elucidated in Durga Shankar Mehta v. Raghuraj Singh[4], the Apex Court held that the expression “tribunal” according to Article 136 of the Constitution does not mean “Court” but includes within it, all adjudicating bodies, provided they are constituted by the State to exercise judicial powers. In Virindar Kumar Satyawadi v. The State of Punjab[5], the court has emphasised that tribunals, akin to Courts, hold the responsibility to decide disputes judiciously, offering parties the right to be heard, adduce evidence, and obtain judgments based on sound legal reasoning.

The Board as envisaged under the Digital Personal Data Protection Act, 2023, bears a striking resemblance to the legal concept of a tribunal, serving as an institutional mechanism for adjudication. Section 27(1)[6] of the Act confers powers upon the Board, akin to those of a tribunal. It responds to various breaches, such as personal data breaches and violations by data fiduciaries, consent managers, and intermediaries. This proactive role mirrors the adjudicatory function of a tribunal, which often investigates alleged violations and imposes penalties. Furthermore, the Board’s process of inquiry, during which affected parties can present their case and respond to allegations, resonates with the principles of natural justice, an essential trait of tribunal proceedings.

The pivotal role of the Board becomes even more pronounced when considered in tandem with Section 28[7] of the Act. This section outlines the Board’s functioning as an independent body, which not only enhances efficiency but also resembles the autonomous nature of a tribunal. The ability of the Board to issue interim orders, a power typical of tribunals, underscores its capacity to intervene promptly and effectively in disputes. The said Section also specifies that the Board shall have the same power as that of a civil court under the Code of Civil Procedure, 1908 in discharging its functions.

In essence, the attributes and functions prescribed in the Digital Personal Data Protection Act, 2023 undeniably establish the Board as a tribunal, holding the central role of quasi-judicial adjudication in matters of data protection.

Absence of a Judicial Member in the Data Protection Board

The composition and qualifications for the appointment of the Chairperson and Members of the Board are outlined under Section 19(3)[8] of the Act. The provision mandates that the members possess expertise in various fields, including data governance, administration, etc. However, it does not explicitly require the presence of a judicial member, which contrasts with certain landmark judgments emphasising the importance of including judicial experts in tribunals.

In the case of L Chandra Kumar v. Union of India[9], the Supreme Court deliberated on the competence of members in administrative tribunals. It highlighted the significance of a balanced blend of judicial and administrative members to ensure efficient and specialised adjudication. The judgment acknowledged that purely judicial members might undermine the primary rationale behind tribunals’ creation, while a combination of legal and administrative expertise would provide the best framework for delivering speedy and effective justice.

The Administrative Tribunals Act, 1985, and the case of S.P. Sampath Kumar v. Union of India & Ors.[10] further underscore the importance of insulation of tribunals from executive interference. The Court observed that total independence of the judiciary from executive pressure is a fundamental constitutional feature. The appointment process of tribunal members should involve consultation with the Chief Justice of India or a high-powered selection committee to ensure meaningful and effective appointments, preserving the tribunals’ independence and integrity. In the Rojer Mathew v. South Indian Bank Limited & Ors[11] case, the Court highlighted the necessity of a judicial member’s presence within tribunals. It emphasised that the performance of judicial functions cannot be effectively carried out by technical members alone, and the absence of judicial input impairs the tribunals’ efficacy.

The absence of a requirement for a judicial member in the Data Protection Board raises pertinent concerns, not only from the perspective of tribunal expertise but also in the context of the separation of powers.

Repercussions

The doctrine of separation of powers is a foundational principle in a democratic system, aimed at preventing the concentration of unchecked power in any one branch of government. By omitting the necessity of a judicial member, the Act deviates from this principle, potentially jeopardising the independence and impartiality of the Data Protection Board. The Act’s provisions empower the Central Government to appoint members of the Board based on their expertise in various fields, without explicitly mandating judicial representation. This situation creates a potential avenue for exploitation, as the Central Government could theoretically appoint individuals who align with its interests, potentially undermining the impartiality of the Board in cases involving disputes between individuals and the government or government entities. Such a scenario could lead to a perceived lack of objectivity and raise concerns about the Board being utilised as a tool for the government’s advantage.

References:

[1] The Digital Personal Data Protection Act, No. 22 of 2023, § 18, Acts of Parliament, 1992 (India).

[2] The Digital Personal Data Protection Act, No. 22 of 2023, § 19(3), Acts of Parliament, 1992 (India).

[3] Jaswant Sugar Mills Ltd. v. Lakshmichand, AIR 1963 SC 677.

[4] Durga Shankar Mehta v. Raghuraj Singh, AIR 1954 SC 520.

[5] Virindar Kumar Satyawadi v. The State of Punjab, AIR 1956 SC 153.

[6] The Digital Personal Data Protection Act, No. 22 of 2023, § 27(1), Acts of Parliament, 1992 (India).

[7] The Digital Personal Data Protection Act, No. 22 of 2023, § 28, Acts of Parliament, 1992 (India).

[8] Supra note 2.

[9] L. Chandra Kumar v. The Union of India & Ors, (1997) 3 SCC 261.

[10] S.P. Sampath Kumar v. Union of India & Ors, 1987 SCC Supl. 734.

[11] Rojer Mathew v. South Indian Bank Ltd and Ors, (2020) 6 SCC 1.

Image Credits:

Photo by @memorystockphoto: https://www.canva.com/photos/MAFlth-ZANA-protection-network-security-computer-and-safe-your-data-concept-/

The doctrine of separation of powers is a foundational principle in a democratic system, aimed at preventing the concentration of unchecked power in any one branch of government. By omitting the necessity of a judicial member, the Act deviates from this principle, potentially jeopardising the independence and impartiality of the Data Protection Board. The Act’s provisions empower the Central Government to appoint members of the Board based on their expertise in various fields, without explicitly mandating judicial representation. This situation creates a potential avenue for exploitation, as the Central Government could theoretically appoint individuals who align with its interests, potentially undermining the impartiality of the Board in cases involving disputes between individuals and the government or government entities. Such a scenario could lead to a perceived lack of objectivity and raise concerns about the Board being utilised as a tool for the government’s advantage.

Related Posts

POST A COMMENT

Empowering Gender Neutrality: DPDP Act’s Use of Feminine Pronouns to Refer to All Genders

In a remarkable stride towards gender neutrality and inclusivity, the recently enacted Digital Personal Data Protection Act, 2023, has shattered conventional norms by adopting the pronouns “she/her” to address individuals of all genders.

This audacious linguistic shift signifies not only a modern legislative approach but also a subtle yet impactful gesture towards promoting and recognising the diversity of identities in today’s society. The Act received the President’s assent on August 11, 2023, thereby becoming a transformative law that safeguards digital privacy.

Gender Neutrality in Contemporary Legislative Approaches

The innovative use of gender-inclusive pronouns is reflective of a broader global trend where feminism is increasingly influencing legislative initiatives. The incorporation of gender-neutral language in the Digital Personal Data Protection Act, 2023, builds upon the foundation laid by various historical and contemporary feminist movements. This inclusionary language in the Act not only aligns with this legacy but also represents a proactive step towards erasing linguistic gender biases. The resonance of the gender-neutral approach taken in the Act finds a parallel in the Kerala Public Health Bill, 2023 passed by the Kerala State Assembly in March 2023, which also adopted feminine pronouns, albeit within the context of the State Legislation. This step highlights an emerging trend towards inclusivity and sensitivity in policy-making across India.

The trajectory of gender neutrality within the Digital Personal Data Protection Act, 2023, reverberates with the intricate threads of legal precedent. By weaving the principles set forth in the NALSA judgment[1], the Act elucidates a comprehensive vision of gender inclusivity. The Act’s recognition of gender beyond the binary reflects jurisprudential ethos that reverberates with constitutional principles. It epitomises the ethos of the NALSA judgment, where the Courts affirmed the right to self-identify gender, emphasising perception over biology.

It’s interesting to note the interpretation of the term “person” within the General Clauses Act, 1897 specifically under Section 3(42); the expansive definition encompasses entities beyond individual human beings, encapsulating companies, associations, and bodies of individuals, whether incorporated or not. Intriguingly, the Act refrains from providing an explicit definition of “person” but under Section 2(y) of the Act, it is specified that “’she’ in relation to an individual includes the reference to such individual irrespective of gender”. This astute approach seamlessly aligns with the broader legal canvas, showcasing a nuanced understanding of legal intricacies.

Conclusion

The Digital Personal Data Protection Act, 2023, stands as a testament to the symbiotic relationship between evolving jurisprudence and legislative evolution. Its endorsement of gender-neutral pronouns not only signifies a linguistic transformation but also echoes the judicial strides made in recognising the rights of transgender persons. As the Act navigates the legislative process, it underscores the metamorphosis of legal thought, harmonising constitutional ideals with contemporary societal nuances. It remains to be seen whether the pronouns “she/her” would be used more frequently in laws enacted in the future.

References:

[1] National Legal Services Authority (NALSA) Vs. Union of India, AIR 2014 SC 1863.

Image Credits:

Photo by SasinParaksa: https://www.canva.com/photos/MADm9NnOmUQ-digital-data-security-and-mobile-phone-security-technology/

It’s interesting to note the interpretation of the term “person” within the General Clauses Act, 1897 specifically under Section 3(42); the expansive definition encompasses entities beyond individual human beings, encapsulating companies, associations, and bodies of individuals, whether incorporated or not. Intriguingly, the Act refrains from providing an explicit definition of “person” but under Section 2(y) of the Act, it is specified that “’she’ in relation to an individual includes the reference to such individual irrespective of gender”. This astute approach seamlessly aligns with the broader legal canvas, showcasing a nuanced understanding of legal intricacies.

Related Posts

POST A COMMENT

Regulation of Online Gaming: IT Amendment Rules Vis-à-Vis India’s Federal Structure

  • August 17, 2023
  • Sanjana Sreenath

This article explores whether the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2023  dilute the country’s federal structure and also examines the basis of the distribution of power in the constitution, the existing state legislations regulating online gaming, and the scope of the new amendment rules with respect to the regulation of online gaming.

Recently, a writ petition was filed by a Noida-based NGO, Social Organization for Creating Humanity (SOCH) before the Delhi High Court challenging the provisions of the amendment rules which regulate online gaming[1].

In this case, the petitioner contends that the power to enact laws in matters pertaining to betting and gambling lies solely with the State Governments as per the Constitution[2] and the amendment rules, in so far as they regulate online gaming, are beyond the Central Government’s legislative competence. Further, it is argued that this move has resulted in a dual set of laws, causing significant confusion in the domain of online gaming.

India’s Federal Structure – Overview

In the case of Dharam Dutt v. Union of India[3], the Hon’ble Supreme Court opined that the distribution of power is the most important characteristic of a federal constitution. The origins of this federal structure date back to the Government of India Act, 1935, from which the Constitution derives its federal framework. To bring out this federal structure in the Constitution, Part XI was enacted, which deals with the distribution of legislative power. Article 246 gives exclusive power to the Centre and States to legislate on the subjects enumerated under the Seventh Schedule.

This distribution of power between the Centre and the States does not carry a fixed formula and usually depends on whether the concerned matters are of national importance or local importance. Accordingly, there are three Lists under the said Schedule – List I (Union List with 100 entries), List II (State List with 61 entries) and List III (Concurrent List with 51 entries).

State Legislations on Online Gaming

States are empowered to legislate on subjects such as sports, entertainment & amusements, and betting and gambling under entries 33 and 34 of the State List. In the exercise of these powers, various laws pertaining to sports, gambling and betting have been enacted by state legislatures. Likewise, there are state laws in place for regulating online gaming.

The Sikkim Online Gaming (Regulation) Act, 2008 regulates online games, specifically digital casinos offering games like blackjack, etc. by imposing licensing and other requirements. Similarly, in Meghalaya, the gaming law allows for the operation of digital casinos once licensed[4], and in Nagaland, games of skill such as poker are permitted[5]. In the State of Tamil Nadu, the Tamil Nadu Prohibition of Online Gambling and Regulation of Online Games Act, 2022 has been enacted. The same received the governor’s assent on April 7, 2023, and prohibits online gambling and online games of chance played for money or other stakes, including Rummy and Poker.

The amendment to the Telangana Gaming Act, 1974 banned all forms of online games without distinguishing between games of skill and games of chance. And in Rajasthan, a draft of the Rajasthan Virtual Online Sports (Regulation) Bill, 2022 was introduced, which proposes a licensing regime to regulate fantasy sports and e-sports. Other skill-based games such as virtual poker, stock exchange, quiz games etc. have not been expressly included in the Bill and can reasonably be construed as allowed.

On the other hand, an attempt was made to ban all forms of online games by amending the Karnataka Police Act, 1963. However, this amendment was struck down by the Karnataka High Court in the case of All India Gaming Federation v. State of Karnataka & Ors.[6], as they were held to be ultra-vires the Constitution. The State of Kerala too issued a notification removing the exemption from general prohibition for online rummy citing reasons such as increased suicide rates, cheating, theft, etc. in the State[7]. This was also struck down by the Kerala High Court in September 2021. In these cases, the blanket ban on online gaming and banning games of skill were held to be violative of Article 19(1)(g) as it restricted the right to trade and profession. It was determined by the Courts that though the legislatures had the competence to enact said laws, they couldn’t pass such legislations which were violative of fundamental rights.

Regulation of Online Gaming under the IT Amendment Rules

The amendment rules seek to regulate online gaming, by way of self-regulation, by imposing due-diligence obligations on a new category of online gaming intermediaries and setting up a new body called the online gaming self-regulatory body. The amendments made with respect to online gaming intermediaries are discussed herein.

  • Firstly, the amendment has added the phrase “or an online game that causes user harm” to Rule 3(b)(ii), which enumerates the due diligence requirements to be followed by the three intermediaries – social, significant social, and online gaming intermediaries. This mandates intermediaries to take down those games which are causing user harm. The definition of user harm is limited to any effect that is harmful or detrimental to a user or child.
  • Secondly, the amendment has added Rule 4A, empowering the online gaming self-regulatory body to disallow such online real money games whose outcome depends on wagering.
  • Thirdly, under Rule 3(b)(xi), the general obligation of all three classes of intermediaries including online gaming intermediaries is to ensure that the information (or an online game in the case of an online gaming intermediary) does not contravene any laws in force in the country.

Overlapping of Powers and Resulting Conflict

By interpretation, it can be said that Rule 3(b)(xi) allows for the harmonious existence of the Central and State enactments. And mandating that the intermediaries have to ensure compliance with state laws does not restrict the power of the States. By such an imposition, the States are free to decide on what kind of online games they wish to allow/ disallow.

However, the amendment to Rule 3(b)(ii) and the introduction of Rule 4A, directly restrict the State governments’ power to decide the category of games it wishes to allow/ disallow and does not allow for the harmonious functioning of the legislations. Rule 4A restricts games that allow wagering or games that cause user harm. Here, the subject of wagering is purely within the purview of the States’ competence to legislate.

The Centre may argue that entry 31 under the Union List grants the Central Government the power to enact laws for forms of communication such as wireless, telecom and broadcasting. While the parliament has the legislative competence to enact laws for internet intermediaries under this entry, the pith and substance of the part of the amendment are to restrict online games that involve real money whose outcome depends upon wagering. The amendment, to this extent, is stepping into the powers of the States. Under the guise of the internet and entry 31, the Centre is trying to colourably exercise its powers which are in the exclusive domain of the state legislature.

It may also be contended that a Centrally controlled law for an all-encompassing medium such as the Internet is better than individual States legislating. However, with growing technology, it is not an impossibility to block content for a particular State. Geo-blocking may be used by different State Governments to disallow certain online games. It has already been used by intermediaries in States such as Tamil Nadu where a legislation has already been passed banning certain types of online games.

Implications

The distribution of power between the Centre and States is the backbone of the country’s federal structure. The dilution of such a power by holding the internet as a façade will only increase the risk of centralisation of power. With techniques such as geo-blocking available, there is no reason for the Centre to step into the powers of the State to bring in regulation in the sphere of online gaming. Such a circumvention of the Seventh Schedule of the Constitution creates a bad precedent and could be held unconstitutional as well.

References:

[1] Social Organization for Creating Humanity v. Union of India [WP(C) 8946/2023].

[2] Entry 34, List II of the Seventh Schedule.

[3] AIR 1974 SC 669.

[4] The Meghalaya Regulation of Gaming Act, 2021.

[5] The Nagaland Prohibition of Gambling and Promotion and Regulation of Online Games of Skill Act, 2016.

[6] MANU/KA/0345/2022.

[7] Jay Saytha, Kerala Issues Notification Banning Online Rummy, But Will It Withstand Legal Scrutiny?, Outlook (28 Feb, 2021).

Image Credits:

Photo by aliaksandrbarysenka: https://www.canva.com/photos/MAE3yBrJGHQ-computer-game-workplace-in-dark-room/

The Centre may argue that entry 31 under the Union List grants the Central Government the power to enact laws for forms of communication such as wireless, telecom and broadcasting. While the parliament has the legislative competence to enact laws for internet intermediaries under this entry, the pith and substance of the part of the amendment are to restrict online games that involve real money whose outcome depends upon wagering. The amendment, to this extent, is stepping into the powers of the States. Under the guise of the internet and entry 31, the Centre is trying to colourably exercise its powers which are in the exclusive domain of the state legislature.

Related Posts

POST A COMMENT

Harmonizing Data Privacy and Mediation: A Progressive Outlook in India's Digital Personal Data Protection Bill, 2023

From inventing the bulb to defying possibilities with the touch of a button, mankind has come a long way in technology to reach where we are today. Globally, there are 5.19 billion internet users[1], and the tremendous volume of data exchanged over cyberspace emphasizes the need to protect sensitive private data from exploitation by institutions. According to UNCTAD[2], 137 out of 194 nations have legislation to protect the data and privacy of their citizens on the internet.

Having legislation and regulating bodies is essential to ensuring devious cyber activities are kept in check. The Indian Legislator has been expeditiously working on the drafting of the Data Protection Law. The recently unveiled Digital Personal Data Protection Bill, 2023, marks a significant milestone in India’s legislative journey, following numerous previous endeavours and extensive consultations with stakeholders from diverse domains, greatly influencing its formulation.

 

Right to Privacy vis-à-vis Puttaswamy Judgment

In the well-known Supreme Court decision of K.S. Puttaswamy v. Union of India[3], which recognized “privacy” as intrinsic to the right to life and liberty, guaranteed by Article 21 of the Indian Constitution, establishing “right to privacy” as a fundamental right, the groundwork for a single statute of legislation for the protection of data in India was laid down in 2017. The Puttaswamy Judgment touches on protections for people in the private realm while primarily addressing the range of rights of a citizen as opposed to the State. The Supreme Court found that the State had a positive burden of upholding and sustaining this dignity and connected the value of privacy to the value of individual dignity. The Puttaswamy Judgment serves as the basis for both establishing a prohibition against privacy-violating State activities and the State’s duty to regulate private contracts and private data sharing in order to protect individual privacy.

 

Timeline of the Bill

The first draft of the Personal Data Protection (PDP) Bill was proposed by the Justice Shrikrishna Committee in 2018. Since then, the legislative process has witnessed a series of turbulent turns, starting with the introduction of the PDP Bill 2019 in the Lok Sabha. The bill was subsequently sent to the Joint Committee for review but was eventually withdrawn in December 2021. The following year, the Ministry of Electronics and Information Technology (MeitY) released another Draft of the Digital Personal Data Protection Bill, (DPDP) 2022, which was made open for public comment in November 2022.[4] However, this version received several criticisms and businesses complained about onerous provisions on cross border data transfer.

Moving on to the present timeframe, the Union Communications, Electronics, and Information Technology Minister Ashwini Vaishnaw on 3rd August, 2023 introduced the new bill in the Lok Sabha during Monsoon session of Parliament.[5] The long journey of the Bill was foreseeable since it is arduous to strike the perfect balance between the Fundamental Right to privacy along with the permissible limitations linked to this entitlement, business feasibility, and the international criteria for being recognized as an appropriate jurisdiction for data processing.

 

The New Road: Mediation

In a progressive step towards strengthening India’s data protection framework, the Digital Personal Data Protection Bill 2023 reflects a notable emphasis on Mediation as an Alternate Dispute Resolution (ADR) mechanism. This emphasis signifies the legislature’s recognition of Mediation as an effective means to address data-related disputes while promoting fair and amicable resolutions.

Comparing the language between the 2022 and 2023 versions of the bill reveals a significant shift in focus. Section 23 of the 2022 bill provided the Board with the discretion to direct parties towards mediation or any other dispute resolution process if deemed appropriate. However, in the 2023 bill, the language has been further refined in Section 33, clearly stating that if the Board believes a complaint may be better resolved through mediation, it can direct the concerned parties to attempt mediation, leaving little room for ambiguity. This explicit inclusion of mediation in the text underlines its growing importance as a preferred ADR mechanism in data protection matters.

Furthermore, the recent passage of the Mediation Bill 2021 by the Rajya Sabha offers additional evidence of the legislature’s dedication to promoting mediation as an integral part of India’s legal landscape. The Mediation Bill seeks to provide a comprehensive regulatory framework for mediation, bolstering its credibility as a legitimate dispute resolution process. With the establishment of the Mediation Council of India and provisions for pre-litigation mediation and legally binding mediated settlement agreements, the Mediation Bill reinforces the government’s commitment to make mediation an acceptable and cost-effective means of resolving disputes.

 

The Balancing Act

The unveiling of the Digital Personal Data Protection Bill, 2023, marks a momentous step in India’s legislative journey towards protecting individuals’ data privacy rights. Drawing inspiration from the landmark Puttaswamy Judgment, which recognized the right to privacy as a fundamental right, the new bill brings redefined concepts and provisions that align with the evolving data protection landscape.

One striking feature of the 2023 bill is its strong emphasis on Mediation as an Alternate Dispute Resolution mechanism. The legislative shift from the 2022 version, coupled with the recent passage of the Mediation Bill 2021 by the Rajya Sabha, showcases the government’s earnest efforts to promote mediation as an effective means of resolving data-related disputes. With the explicit inclusion of mediation in the text and the establishment of the Mediation Council of India, the bill reinforces mediation’s credibility as a preferred method for fair and amicable resolutions.

As India progresses in the digital era, the new Digital Personal Data Protection Bill, 2023, stands as a testament to the nation’s commitment to safeguarding data privacy while actively embracing mediation as an instrumental tool for resolving data disputes. By creating a balance between individual privacy rights and business feasibility, this bill ushers in a new era of data protection in the country, inspiring confidence among its citizens and businesses alike. With the combined efforts of the legislative and mediation frameworks, India is poised to set new standards for data protection and dispute resolution in the global arena.

References:

[1] Internet and social media users in the world 2023, Statista (2023), https://www.statista.com/statistics/617136/digital-population-worldwide/#:~:text=Worldwide%20digital%20population%202023&text=As%20of%20April%202023%2C%20there,population%2C%20were%20social%20media%20users. 

[2] Data Protection and Privacy Legislation Worldwide, United Nations Conference on Trade and Development (2023), https://unctad.org/page/data-protection-and-privacy-legislation-worldwide 

[3] Justice K.S. Puttaswamy (Retd.) & Anr. vs. Union of India & Ors., AIR 2017 SC 4161.

[4] Ministry of Electronics and Information Technology, The Digital Personal Data Protection Bill, 2022,  https://www.meity.gov.in/writereaddata/files/The%20Digital%20Personal%20Data%20Potection%20Bill%2C%202022_0.pdf.

[5] IT Minister Ashwini Vaishnaw introduces Digital Personal Data Protection Bill, 2023 in Lok Sabha, Newsonair.gov.in (2023), https://newsonair.gov.in/Main-News-Details.aspx?id=465464

One striking feature of the 2023 bill is its strong emphasis on Mediation as an Alternate Dispute Resolution mechanism. The legislative shift from the 2022 version, coupled with the recent passage of the Mediation Bill 2021 by the Rajya Sabha, showcases the government’s earnest efforts to promote mediation as an effective means of resolving data-related disputes. 

Related Posts

POST A COMMENT

Indian Space Policy, 2023: Placing India into a Higher Orbit in the Global Space Economy?

Achieving India’s space aspirations does have a lot to do with “rocket science”, but that alone won’t cut it. The Indian Space Policy, 2023 has taken an important step to create and nurture a robust enabling ecosystem, and the countdown has begun for India as a space power to move to a higher orbit.

Introduction

India’s space prowess has come a long way since ISRO launched the country’s first rocket in 1963. But in these 60 years – and especially in the last decade – space has become a critical domain given its potential not just for peaceful purposes such as superior communication in remote areas, better weather forecasting and disaster warnings/management but also for strategic (military) reasons. The rivalry between the USA and China clearly extends to space, with both countries building weapons that can be deployed in space and used to target virtually every corner of the earth.

In this context, India can ill-afford to not develop its space-related scientific and technological capabilities. We have emerged as a globally competitive provider of launch services. But this is not enough, given that India’s market share is still relatively small. Our space programs are still largely powered by government initiatives. This is not enough; advancing our spacetech capabilities and competing commercially with other global rivals needs a larger domestic ecosystem that can tap into the intellectual and financial capital available to the private sector. This process began a couple of years ago and has already seen many Indian startups design and build satellites and other space vehicles.

The Indian Space Policy, 2023

The announcement of the Indian Space Policy, 2023 by the Government of India earlier in April is important for three reasons, namely: –

  • It provides a sharper focus on the role of ISRO and more clearly demarcates the roles of New Space India Limited (NSIL) and Indian National Space Promotion and Authorization Center (IN-SPACe).
  • It creates a clearer path for private sector participation.
  • It takes a holistic view of the sector, including within its ambit not just the building and launch of satellites, rockets and other space vehicles but also satellite communications, deep-space exploration, remote sensing, data gathering and dissemination and space transportation.

The new policy is expected to boost this process by channelling efforts in different segments of the value chain. ISRO is being asked to develop new technologies and systems, in other words, drive critical R&D, while NSIL will handle the operational aspects of ISRO’s missions, as well as other strategic activities. IN-SPACe will function as the interface between ISRO and non-governmental entities (including the private sector, which was permitted to enter the space sector in 2020). This will improve the creation and adherence to more evolved operating procedures. 

The private sector will be allowed to use ISRO’s facilities for launches, which is critical because startups and smaller companies will often not have the resources needed to tap other launch facilities. The new policy also seeks to encourage private investment in the creation of new infrastructure as well – something that will be needed as more Indian ventures seek engineering, manufacturing and launch infrastructure. Private companies that ISRO sub-contracted work to can, under the new policy, also work with other customers (including foreign companies).

By one estimate, there are already more than 400 private sector entities associated with different facets of the space sector. ISRO itself has supported over 150 startups. College students from across India too have designed and built satellites, some of which have already been launched successfully.  Given rapid advances in various fronts – materials, fuel, communications, miniaturization, AI, etc., and the emergence of so many new application areas, the space industry is now virtually a “sunrise” industry. The new policy is intended to give a boost across the R&D-design-build-launch-harness value chain that will deliver even more thrust to power India’s aspirations as a leader in the space economy.

The fine print matters!

India currently accounts for less than 2% of the US $500 Billion space economy. It is possible to increase this to 10% in the next 3 years. But there’s many a slip between the proverbial cup and the lip. As with every other policy, how the rules are framed, the specific details covered, and the actual wording will collectively determine how well this policy achieves its objective of propelling India’s ability to garner a much larger share of this monopolistic market and become “atmanirbhar” in a sphere that is becoming increasingly critical by the day.

The rules will need to be drafted carefully to ensure that the legitimate interests of innovators are safeguarded (through appropriate mechanisms for protecting Intellectual Property Rights) without compromising national security or other interests (e.g., by allowing critical IPR or sensitive data to be commercially exploited). Shareholding structures and investment routing will need to be carefully monitored to ensure that interests inimical to India do not gain control over key technologies or assets. Individual contracts too will need to be carefully drawn up so that the interests of Indian entrepreneurs/ventures and other entities are protected.

By one estimate, there are already more than 400 private sector entities associated with different facets of the space sector. ISRO itself has supported over 150 startups. College students from across India too have designed and built satellites, some of which have already been launched successfully.  Given rapid advances in various fronts – materials, fuel, communications, miniaturization, AI, etc., and the emergence of so many new application areas, the space industry is now virtually a “sunrise” industry. The new policy is intended to give a boost across the R&D-design-build-launch-harness value chain that will deliver even more thrust to power India’s aspirations as a leader in the space economy.

Related Posts

POST A COMMENT

Intermediaries' Obligation to Pursue Complaints Against Infringers: Analysing the Latest Interpretation

The recent interim order dated March 1, 2023, issued by the Delhi High Court in Samridhi Enterprises vs. Flipkart Internet Private Ltd.[1] had sparked a lot of debate and confusion among the public concerning the liability of an intermediary. As per the order of the High Court, an intermediary is not obligated to take action in cases of infringement reported by their users. The Hon’ble Court delved deeply into the interpretation of Rule 3 of the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, on the question of whether there exists an obligation on the part of intermediaries to act on complaints against infringers.   

Facts

The plaintiff was in the business of manufacturing and selling car covers under the marks “UK Blue” and “Autofact” and had been selling them on Flipkart since 2018. The plaintiff happened to notice that some other entities started to copy their designs, looks and marketing strategies on the Flipkart platform itself. Apart from the fact that the covers were identical, the infringers also sold these covers in a fashion similar to that of the plaintiff’s company to create confusion and boost their sales.

The plaintiff had informed and reported to Flipkart about the infringement of their products by placing screenshots and other similar evidences of infringement committed by the infringer on record. The platform refused to take any action against the infringers and advised the plaintiff to approach a court of law for redressal of IPR disputes.

The plaintiff approached the Delhi High Court, citing that Flipkart cannot act as an intermediary if it fails to adhere to its obligations as an intermediary and to observe important due diligence mandated by Rule 3(2) of the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.

Law Involved

Rule 3(1)(b)(iv) requires intermediaries to inform their users of their privacy policy, rules and regulations and user agreement and shall make reasonable efforts to ensure that any information that infringes any patent, copyright, trademark, or other proprietary rights shall not be hosted, displayed, uploaded, modified, published, transmitted, stored, updated, or shared by the intermediary.

Rule 3(2)(a) of the IT rules requires the intermediary to publish on its website the details of the grievance officer and the mechanism by which a user could complain about any possible violations. Further, it requires the officer to acknowledge the complaint within 24 hours and resolve the issue within a period of 15 days.  

The plaintiff relied on these two sections to further their claim of infringement against Flipkart. 

Rule 3 (2)(1) (proviso) provides for intermediaries to acknowledge any complaint within 24 hours and resolve all such complaints within 15 days from their receipt. Moreover, the proviso also calls upon the intermediary to develop appropriate safeguards to avoid any misuse by users.

The Ruling

The Hon’ble Court was of the opinion that Rule 3(2)(a) only envisages complaints regarding violations of the obligation imposed on the intermediary under the rules. There is no scope for the intermediary to take any kind of action against the infringer upon receipt of the complaint. The same argument was also put forth by the court when the question surrounding Rule 3(1)(b)(iv) was raised, and the court clarified that the rule merely provides for intermediaries to inform users not to display or host infringing content. The rule does not mandate or require the intermediary to take any action upon receipt of the complaint of infringement.   

The Hon’ble Court stated that it cannot read into IT rules something that the rules do not contain expressly or by necessary implication. It further said that, “where the applicable statutory rules do not envisage action being taken by an intermediary merely on the complaint being made by an aggrieved victim or user regarding infringement of intellectual property rights, by content posted on the platform of the intermediary, the court cannot, by placing reliance on an internal policy of a particular intermediary, read into Clause 3 any such requirement, especially where such a provision existed in the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 and has consciously been omitted in the 2021 Rules”.  

The Hon’ble Court was of the opinion that the complaint against Flipkart that it is not taking action does not appear to be sustainable due to the above-mentioned reasons. However, a prima facie case of copyright violation was made out by the court and in order to protect the plaintiff from any further damages, an interlocutory injunction was granted against listing the alleged infringing content.

General Observations 

Though the Hon’ble Court did grant the injunction to protect the plaintiff from the ongoing infringement occurring on the platform, the main essence of the IT Act and rules was not taken into consideration while discharging Flipkart of any liability.

The plaintiff erred in not considering the many precedents laid by this very same court. For instance, in Super Cassettes Industries Ltd. vs. Myspace Inc. & Anr1, the court said that “I find that there is no impact of the provisions of Section 79 of the IT Act (as amended in 2009) on copyright infringements relating to internet wrongs where intermediaries are involved and the said provision cannot curtail the rights of the copyright owner by operation of the proviso of Section 81 which carves out an exception for cases relating to copyright or patent infringement”. 

The case witnessed that the Indian Copyright Act, 1957, overrode the provision of the safe harbour granted by the IT Act under Section 79. The Hon’ble Court relied on Section 81 of the IT Act, which provides for an exemption for people exercising their rights under the Copyright Act and the Patent Act. The Hon’ble Court should have recognised this precedent and acknowledged the obligation it posed to the intermediary to remove such infringing products from its platform.   

It doesn’t end here. The court should have considered in what instance the immunity available for intermediaries will be impacted under Section 79 of the IT Act. Section 79(3)(b) of the IT Act states that upon receiving actual knowledge of an unlawful act connected to the computer resource controlled by the intermediary, the intermediary shall expeditiously remove or disable access to such infringing material. If such action is not undertaken by the intermediary, it shall lose the safe harbour guaranteed by Section 79. If safe harbour protection is not available, then allowing an infringement to take place on their platform may constitute abetment and unlawful activity which in turn would make them liable under the law of the land.  

Another striking part of the order is that, even though the Hon’ble Court completely relied on the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, the court failed to read into Rule 3 (2) (1) of the IT Rules 2021. The proviso of the rule clearly stipulates that any complaint received from the user other than under Subclauses (i), (iv), and (ix) needs to be expeditiously resolved within 72 hours by the grievance officer. That does not take away the primary obligation of the intermediary to act within the 15 days mandated in the main provision in relation to such excluded matters, including cases of IP infringement. It is astonishing that the court or the parties gave more emphasis to the proviso than the main clause under Rule 3(2)(a)(i). 

Initially, Rule 3(2)(b) was worded as follows: “(i) acknowledge the complaint within twenty-four hours and dispose off such complaint within a period of fifteen days from the date of its receipt;  

(ii) receive and acknowledge any order, notice or direction issued by the Appropriate Government, any competent authority or a court of competent jurisdiction.”.   

On October 28, 2022, the government amended the above rule to read as follows: “acknowledge the complaint within twenty-four hours and resolve such complaint within a period of fifteen days from the date of its receipt: 

Provided that the complaint in the nature of request for removal of information or communication link relating to clause (b) of sub-rule (1) of rule 3, except sub-clauses (i), (iv) and (ix), shall be acted upon as expeditiously as possible and shall be resolved within seventy-two hours of such reporting;  

Provided further that appropriate safeguards may be developed by the intermediary to avoid any misuse by users;” 

The intention of this amendment is to prescribe faster action for certain kinds of wrongdoings and expect them to act within 72 hours. At the same time, for those others (sub-clauses (i), (iv) and (ix)) the original time frame of 15 days for taking action remains. Without a doubt, the goal of this amendment is not to encourage platform users to behave irresponsibly or complacently despite being aware that the platform is frequently used to violate intellectual property rights. It merely provides them with sufficient time and excludes the requirement of compliance within 72 hours.

The intermediary is still obligated to undertake the due diligence described in Rule 3(1)(b)(iv), and if they do not do so and do not take action within fifteen days even after becoming aware of the infringement, the immunity from liability specified in Section 79 will end. The safe harbour will be eliminated because the proviso to Section 81 of the IT Act clearly indicates that IP rights are to be expected to be protected by the intermediary.

Conclusion

The Hon’ble Court was right in granting the injunction in favour of the plaintiff to restrain Flipkart from allowing such infringing products on their platforms.

However, the Hon’ble Court erred by not making a harmonious reading of Rule 3 (2) (a) of the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, with Section 79 (3) (b) and the proviso to Section 81 of the IT Act. An isolated reading of the provision and discharging Flipkart of their liability under the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 seems to be an oversight.

The proviso appended to the said section provides that nothing contained in this act shall restrict the exercising of any right by any person under the Copyright Act. This, along with Section 79 (3) of the IT Act, mandates the intermediary not to conspire, abet or aid any infringement and to remove the infringing material on receiving actual knowledge of it.  

The above-referred order will only help the intermediaries and platforms to behave irresponsibly and indifferently even when an intellectual property owner notifies them of infringement on their platforms. It compels aggrieved intellectual property owners to initiate legal action for every infringement, which is expensive to carry out. IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, was primarily made to make the platforms more responsible and ethical. Allowing them to act irresponsibly through a limited interpretation of law is unconscionable.

References:

1. CS (COMM) 63/2023

The recent interim order dated March 1, 2023, issued by the Delhi High Court in Samridhi Enterprises vs. Flipkart Internet Private Ltd. (CS (COMM) 63/2023) had sparked a lot of debate and confusion among the public concerning the liability of an intermediary. Though the Hon’ble Court did grant the injunction to protect the plaintiff from the on-going infringement occurring on the platform, the main essence of the IT Act and rules was not taken into consideration while discharging Flipkart of any liability.

Related Posts

POST A COMMENT

Decoding IT Amendment Rules: The Hits and Misses

  • April 18, 2023
  • Padma Sinha
  • Sanjana Sreenath

On April 6, 2023, the Ministry of Electronics & Information Technology (MeitY) notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2023 to amend the 2021 Rules. In this article, the important changes introduced to the Rules are highlighted.

Introduction

Through the amendment, the Ministry intends to make a few changes to the intermediary eco-system by introducing new due-diligence requirements for intermediaries. It can be broadly summarised under two heads – partial censorship of digital media, and regulation of online gaming intermediaries. 

Partial censorship of digital media

The new amendment requires social media intermediaries, significant social media intermediaries and online gaming intermediaries to follow additional due diligence. It aims to regulate digital media by disallowing the publication of such information related to the business of the Central Government which is identified or declared as fake, false, or misleading by a fact-checking unit set up by the Central Government. This addition to the rules would make it mandatory for the intermediaries to take down (when given a notice by the user) any piece of information that is declared fake or misleading by the fact-checking authority. It is unclear from the amendment if the information checked by the already established fact-checking authority would warrant take-down, but with the available information, it would be reasonable to assume that any information fact-checked and deemed fake by the PIB fact-check mechanism would warrant takedown.

This part of the amendment has been challenged by a political satirist, Mr. Kunal Kamra. He filed a writ petition with the Bombay High Court with the averment that the amendment with respect to establishing a separate unit by the Central government to fact-check digital media is violative of Articles 14, 19(1)(a), and 19(1)(g) of the Indian Constitution and that it is ultra vires Section 79 of the Information Technology Act, 2000. The Bombay High Court has now directed MeitY to file its response within one week on why the IT Amendment Rules, 2023 should not be stayed, and also describe the factual background that necessitated the issuance of the amendments. The affidavit has been ordered to be filed by April 19, 2023, and the matter has been listed on April 21, 2023.

Regulation of online gaming intermediaries

Earlier, a draft of the amendment (pertaining to online gaming) to the 2021 Rules was released in January 2023; though the draft lacked clarity on the kind of online games it intended to regulate (click here to read more). Further, it did not delve into differentiating between games that are in the form of wagering/betting and those which are not. The current amendment attempts to overcome these shortcomings by providing for an ‘online gaming intermediary’ and stipulating the due-diligence requirements for such intermediaries.  

The amendment defines an online gaming intermediary as one that enables users to access one or more online games. It further defines an ‘online real money game’ that is played with real money, where the users are asked to deposit money. The amendment allows the online gaming intermediary to host only those games which are permissible online games and are certified by the online gaming self-regulatory body.

Disallowing online wagering and betting games.

As per the new amendment, social media intermediaries or online gaming intermediaries are not allowed to host an online game which is not verified as a ‘permissible online game’, or any information or content which is in the nature of an advertisement or a surrogate advertisement of such non-permissible online games. It also prohibits the hosting of such games that causes harm to the user.

Permissible online real money game

The amendment further clarifies that for a game to be certified as a permissible online real money game, any member of the online gaming self-regulatory body that enables online real money game can make an application to the online gaming self-regulatory body. The said private body is set up for the sole purpose of acting as an online-gaming self-regulatory body and is notified by the Central Government. It has the power to decide whether an online game is permissible or not. The regulatory body will inquire and ensure that the game does not involve any wagering and that the gaming intermediaries or the online game undertakes all the due diligence laid down in the Rules. Additionally, it shall also ensure that the permitted games are not against the interest of the country. It also has safeguards that protect users against harm, risk of addiction, financial loss, fraud, etc by providing repeated warnings or such. The body is required to adhere to the principles of natural justice. While the self-regulatory body has the power to certify an online game as a permissible one, the Central Government still reserves the right to suspend the certification if it believes that the said game is not in conformity with the Rules.

This is a private body set up for the sole purpose of acting as an online-gaming self-regulatory body and is notified by the Central Government. In brief, they have the power to decide whether an online game is permissible or not.

Due-diligence requirements

Previously, Rules 3 and 4 of the Rules stipulated the due-diligence requirements for social media intermediaries and significant social media intermediaries. With this amendment, such due-diligence requirements in Rules 3 and 4 are extended to online gaming intermediaries too.

Through these amendments, in addition to the existing due diligence requirements under Rules 3 and 4, the online gaming intermediaries that enable permissible real money games have certain additional due-diligence requirements like requiring to display a visible mark of verification, and inform the users about the policy related to the deposit and withdrawal of money, the KYC norms that they follow, the measures taken to protect the deposits made amongst others.  

Online games which are not real-money games do not have to follow the additional due-diligence requirements by default, the Central Government by notification may direct an intermediary to undertake certain due-diligence requirements.

Conclusion

The IT amendment rules are an improvement on the previously proposed amendment to the 2021 Rules. The definitional ambiguity is removed and a step is taken toward regulating online games that are based on wagering. It also makes the self-regulation of online gaming intermediaries more transparent by stipulating for disclosure of decision-making reasons, etc.

Image Credits:

Photo by anyaberkut: https://www.canva.com/photos/MADCr_H7g_U-it-concept-information-technology-diagram/ 

The new amendment requires social media intermediaries, significant social media intermediaries and online gaming intermediaries to follow additional due diligence. It aims to regulate digital media by disallowing the publication of such information related to the business of the Central Government which is identified or declared as fake, false, or misleading by a fact-checking unit set up by the Central Government. This addition to the rules would make it mandatory for the intermediaries to take down (when given a notice by the user) any piece of information that is declared fake or misleading by the fact-checking authority. It is unclear from the amendment if the information checked by the already established fact-checking authority would warrant take-down, but with the available information, it would be reasonable to assume that any information fact-checked and deemed fake by the PIB fact-check mechanism would warrant takedown.

Related Posts

POST A COMMENT

The Curious Case of the Robolawyer (No, it's not a Perry Mason Novel!)

With the advent of technology, there is a drastic increase in the use of AI (Artificial Intelligence) which has significantly altered the way technology is perceived and will have a far-reaching impact in the future. Hence, it becomes necessary to try to minimize its shortcomings and make prudent use of the technology.

I do not know how many of you have heard of Joshua Browder, the 26-year-old founder of DoNotPay, a US-based venture that has developed a “robolawyer”- essentially an AI-powered bot that helps users in use cases such as appealing vehicle parking tickets, negotiating airline ticket refunds, and contesting service provider bills. Although the app was first released in 2015, to be honest, until recently, I too had not heard of him or the app!

My curiosity was piqued when I recently read the news that his company is willing to pay a million US dollars to any person or lawyer willing to repeat verbatim in front of the Supreme Court judge all that their robolawyer asks them to. It remains to be seen whether someone will take Josh up on that offer, whether the US Supreme Court will grant permission and what the outcome will be. However, it is being reported in the media that the DoNotPay app will help two defendants argue speeding tickets in US courts next month. The company has promised to pay the fines on behalf of the users if the robolawyer loses their appeals.

The app runs on the AI model known as “Generative Pre-trained Transformer” or GPT. This is the same technology that runs ChatGPT, which reportedly hit a million users in less than a week of its launch. AI technologies are constantly improving, and there is now greater emphasis on “ethics” and “explainability.” Essentially, the software must be able to explain how it arrived at a certain conclusion or output. This is important to minimize, if not altogether eliminate, the risk of biases and prejudices that creep into AI software simply because it is trained using hundreds of millions of content elements on the web (articles, images, reports, videos, etc.) that were all created by humans, and as such, carry the individual beliefs, prejudices, convictions, etc. of their original creators.

Over the coming decades, AI will shake up many fields including legal practice, healthcare, finance, etc. Not all fields will be impacted at the same pace or to the same extent but change they will. Already, AI is being used by healthcare professionals in improving the efficacy of diagnosis and confirmation of lines of treatment. Law firms too are beginning to use AI to simplify the tedium of the process of trawling through case laws and legal judgments to identify precedents and the reasoning of the benches involved. Soon, lawyers will simply be able to type in questions into ChatGPT, which will provide well-reasoned answers in a matter of minutes. Of course, the real skill will be to ask the right questions and figure out how sensible the answers are, and decide on further courses of action. Think of it as an advocate briefing a senior lawyer before the latter argues in court.

Half-baked knowledge is dangerous. For many years, patients (and/or caregivers) have used search engines to find information about symptoms, diagnostic tests, and lines of treatment and then argue with qualified medical professionals about their choices, at times forcing doctors to explain their hypotheses and reasoning. It is quite likely that in the foreseeable future, clients of lawyers and law firms too will be tempted to adopt a similar approach, which means lawyers too will end up spending time and effort on educating clients on matters of law and jurisprudence. Maybe it is worth coming up with new pricing models to dissuade frivolous “brainstorming” and “legal strategy” sessions!

Note to myself: Try out ChatGPT to explore the kind of responses it provides and start preparing for a future that will undoubtedly be more closely linked with AI tools.

References:

[1] Design Application Numbers 274917, 274918, 284680, 276736, 260403

[2] 24 U.S.P.Q.2d (BNA) 1614 (BPAI Apr. 2, 1992)

[3] Apple, Inc. v. Samsung Elecs. Co., 926 F. Supp. 2d 1100 (N.D. Cal. 2013) (partially affirming jury damages award).

[4] US6763497B1

[5] US10915243B2

Image Credits:

Photo by cottonbro studio: https://www.pexels.com/photo/person-using-macbook-3584994/

Over the coming decades, AI will shake up many fields including legal practice, healthcare, finance, etc. Not all fields will be impacted at the same pace or to the same extent but change they will. Already, AI is being used by healthcare professionals in improving the efficacy of diagnosis and confirmation of lines of treatment. Law firms too are beginning to use AI to simplify the tedium of the process of trawling through case laws and legal judgments to identify precedents and the reasoning of the benches involved.

Related Posts

POST A COMMENT

Regulating Online Gaming Intermediaries - The Rules and their Implications

  • January 11, 2023
  • Padma Sinha
  • Ojasvi Agarwal

The Ministry of Electronics and Information Technology (MeitY) has released the draft Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules to bring online gaming intermediaries within the ambit of the IT Rules, 2021.

Background

Online gaming is one of the fastest-growing industries in India with the number of gamers expected to increase by 30 million from 2022 to 2023[1]. Following the increase in the number of users, it has become imperative that appropriate laws are introduced to regularize the online gaming industry. On January 02, 2023, the Ministry of Electronics and Information Technology (“MeitY”) proposed an amendment to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Rules”). The IT Rules, in its current structure, provide regulation for social media intermediaries and significant social media intermediaries. The Draft[2] “Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules” (the “Draft”), which is open for consultation from the public, proposes to extend its ambit to ‘online gaming intermediaries’ forming a part of Part II (that relates to other intermediaries).

The Draft defines “online gaming intermediaries” and “online games” but lacks to provide a clear distinction between “games of chance” and “games of skill”, which has been a sticky issue over the years. The Draft further proposes (inter alia) the following changes –

  • All online games would be required to be registered with a ministry-approved self-regulated body by creating a self-regulatory framework, to be registered with MeitY. The self-regulatory body will be responsible for reviewing and registering the online games offered by its members, subject to certain prescribed factors. Games approved by the self-regulatory body may be offered with a visible mark signifying their registration.
  • The proposed rules also mention certain compliances that need to be made by the social media firms such as checking the registration of the online gaming intermediary and consulting the self-regulatory officer before allowing any advertisement on their platform.
  • The online gaming intermediary shall comply with the requirement of due diligence and shall additionally ensure they do not host any online game that does not conform with Indian laws and shall make additional disclosures to the users including the refund and withdrawal policy, financial risks, and other risks associated with gaming, measures that are in place to ensure the safeguarding of deposits, etc.
  • In addition to the above, a new set of due diligence requires compliance with mandatory know-your-customer(KYC) norms for user verification as per Reserve Bank of India norms.
  • Similar to the requirement for social media intermediaries, requirements of appointment of a resident ‘compliance officer’ and ‘grievance officer’ have been mandated along with ‘nodal officers’ for round-the-clock coordination with law enforcement agencies and officers.
  • The online gaming intermediaries need to have a physical address in India and the same is required to be published on their website.

Purpose of the Draft

The purpose of the Draft, if it becomes the law, is to protect the interests of different stakeholders, ensure the safety of players and encourage responsible gaming.  The Draft is also put together to bring about uniformity of laws that online gaming intermediaries may be required to follow by reducing the burden of following state-specific gaming measures making it, not just easier for online gaming intermediaries to comply with the law, but also helps the enforcement agencies since it becomes difficult for the governments of different states to ensure geographical checks are in place. According to the ministry, the final amendments to the IT rules would be notified by April 2023.

Discussions & Implications

While the Draft seems to have been aiming at shaping a burgeoning gaming industry, the concerns around the Draft seem to be supplementing the already existing questions on the existing IT Rules.

At the outset, the question of whether ‘online gaming’ should remain a subject of the ‘States’ (as betting and gambling have traditionally been) or the ‘Centre’, remains unresolved. MeitY had earlier, in affidavits before the High Courts, consistently stated that is not within its purview and power to legislate on the subject and that rests solely on the states. Therefore, the introduction of the Draft without consultation and consensus amongst states seems not quite in line.

The ambiguity further extends to a lack of clarity on whether the Draft bans ‘gambling’. While IT Minister, Rajeev Chandrasekhar stated that “online games that allow wagering on the outcome are effectively a no-go area” there is no clear prohibition on ‘gambling’. The Rules only state, as a part of due diligence, online gaming intermediaries shall make reasonable efforts to ensure that online gaming platforms do not contravene any gambling or betting laws in India, which again differs from state to state.

An online game has been defined in the Draft as a “game that is offered on the Internet and is accessible by a user through a computer resource if he makes a deposit (in cash or in-kind) with the expectation of earning winnings”- In the absence of a definition of “gambling” and “betting” in the Draft and clarity on which category of games are sought to be regulated if the online game for consideration is sought to be regulated on one hand and gambling or betting content is prohibited on the other hand, remains a question[3]. While it may be assumed that the ‘kind’ component in the definition has been introduced to cover ‘non-monetary token’ or ‘online gaming currencies’, it may lead to the consequence where games that do not require any monetary incentive may also be included within the meaning of online games here. The definition can almost broadly cover all ‘gambling games’ within the purview of ‘makes a deposit (in cash or in-kind) with the expectation of earning winnings’. Would that mean that ‘gambling’ is brought within the purview of these Rules?

The Draft classifies online gaming platforms as ‘intermediaries’. Our understanding of the term ‘intermediary’ includes one that acts on behalf of another entity. However, in the case of online gaming platforms, we notice that most of them publish the gaming content themselves and do not host games on behalf of another. In view of the above, in an earlier debate, a government task force submitted a study stating that gaming platforms should be categorized as ‘publishers’ and not as ‘intermediaries’[4]. The question that remains unanswered is why we now bring online platforms within the purview of intermediaries thereby giving them passage to ‘safe harbour protection’ under Section 79 of the IT Act.

Apart from the few above-mentioned points, the Draft may expect push-back from various industry stakeholders on the Government’s over-arching power on issues of revocation of registration of self-regulatory bodies and exercising regulatory power for KYC. It is to be observed therefore how MeitY resolves the already existing issues on the IT Rules pending before the courts and accordingly brings about an amendment to the current online gaming Draft Rules catering to the purpose it mentioned in its notes[5] accompanying the Draft Rules.

References:

[1] https://www.indiatimes.com/explainers/news/how-rapidly-is-the-gaming-industry-growing-in-india-589059.html

[2]https://www.meity.gov.in/writereaddata/files/Draft%20notification%20for%20amendment%20to%20IT%20Rules%202021%20for%20Online%20Gaming.pdf

[3] https://g2g.news/online-gaming-laws/draft-online-gaming-rules-have-contradictory-provisions-ambiguity-can-still-continue/

[4] https://www.hindustantimes.com/india-news/govt-task-force-restarts-debate-on-status-of-online-gaming-platforms-101666896702910.html

[5] https://pib.gov.in/PressReleaseIframePage.aspx?PRID=1888143

Image Credits:

Photo by Yan Krukau: https://www.pexels.com/photo/gaming-chairs-and-computers-9072216/

An online game has been defined in the Draft as a “game that is offered on the Internet and is accessible by a user through a computer resource if he makes a deposit (in cash or in-kind) with the expectation of earning winnings”- In the absence of a definition of “gambling” and “betting” in the Draft and clarity on which category of games are sought to be regulated if the online game for consideration is sought to be regulated on one hand and gambling or betting content is prohibited on the other hand, remains a question.

Related Posts

POST A COMMENT

Generative AI: Generating Legal Headaches?

The year 2022 saw major breakthroughs in the field of generative Artificial Intelligence. This field is different from the more traditional “discriminatory” AI models, whose algorithms rely on the datasets they are fed during “training” to make decisions. By contrast, “generative” AI models are forced to make conclusions and draw inferences from datasets based on a limited number of parameters given to them during training. In other words, generative AI uses “unsupervised” learning algorithms to create synthetic data. The output of generative AI includes digital images and videos, audio, text or even programming code. In recent days, even poetry, stories, blog posts and art work have been created by AI tools 

Generative AI: The Socio-Economic and Legal Problems

Like every technology, generative AI too has pros and cons. While it has made it easy to create various kinds of content at scale and in much shorter timeframes, the same technology has also been used to create “deep fakes” that then go viral on social media.  

OpenAI’s image generator platform “DALL-E 2” and automatic text generator GPT-3 have already been used to create art work and other text-based content. GPT-4, which is expected to be far more powerful and advanced, is expected to be released in 2023. Until recently, Open AI did not allow commercial usage of images created using the platform. But it has now begun to grant “full usage rights”- which includes the rights to sell the images, reprint them and use them on merchandise.  

Generative AI has the potential to open a Pandora’s Box of litigation. A class action suit has already been filed against OpenAI, Microsoft and Github alleging copyright violations by Copilot, Github’s AI-based code generator that uses OpenAI’s Codex model. The argument behind the suit is this: the tool uses hundreds of millions of lines of Open-Source code written, debugged, or improved by tens of thousands of programmers from around the world. While these individuals support the Open- Source concept, code generators like Copilot draw on their code (which was fed to it during its training) to generate code that may well be used for commercial purposes. The original authors of the code remain unrecognized and do not get any compensation.  

A similar situation can easily occur with art work created using AI-based tools because all that such tools need to create a digital image is a text prompt. For example, Polish artist Greg Rutkowski, known for creating fantasy landscapes, has complained about the fact that just typing a simple text like “Wizard with sword and a glowing orb of magic fire fights a fierce dragon Greg Rutkowski” will create an image that looks quite close to his original work. The smarter text recognition and generative AI get, the simpler it will be for even lay people to use. Karla Ortiz, a San Francisco based illustrator is concerned at the potential loss of income that she and her fellow professionals might suffer due to generative AI.[1]

 Sooner than later, this challenge will be faced by playwrights, novelists, poets, photographers and pretty much all creative professionals. Indeed, AI tools could conceivably put writers out of business in the next few years! AI generators are “trained” using millions of poems, images, paintings etc that were created by persons dead or alive. Their creators or their legal heirs do not currently have the option to exclude their works from the training datasets. In fact, they do not even usually know that their works have been included.  

The creative industry itself is taking various steps to protect the rights of various categories of creative professionals. Such measures include the use of digital watermarking for authentication, banning the use of AI-generated images, and building tools that allow artists to check if their works have been used as part of any training datasets and then opt out if they so choose.  

A more pernicious problem could conceivably arise when deliberately or inadvertently, misleading content is created and posted- and consumed by innocent users. Some early examples of such misuse have already emerged, and there is a genuine concern that if these activities are not nipped in the bud and information on the internet is not somehow authenticated, serious, unexpected, and large-scale damage may be caused.  

Overhauling the Laws

In the US, AI tools may, for now, take legal cover under the fair use doctrine. But that applies only to non-commercial usage. Arguably, the current situation where researchers and companies building AI tools freely use massive datasets to “train” their tools violate the spirit of ownership and protection of IPR because these AI generators are also being used for commercial benefit. Also, as various lawsuits are already underway, changes to IPR and related laws will need to be made to explicitly enable AI. Not doing so will only impede the use of AI in various fields where such algorithms can deliver significant benefits by speeding up innovation.  

References:

[1] https://www.technologyreview.com/2022/09/16/1059598/this-artist-is-dominating-ai-generated-art-and-hes-not-happy-about-it/

Image Credits:

Photo by Tara Winstead: https://www.pexels.com/photo/robot-fingers-on-blue-background-8386369/

Like every technology, generative AI too has pros and cons. While it has made it easy to create various kinds of content at scale and in much shorter timeframes, the same technology has also been used to create “deep fakes” that then go viral on social media.  

Related Posts

POST A COMMENT