WhatsApp, Facebook Monetise Users’ Data, Can’t Claim Privacy Protection on Their Behalf, Says Government
The Centre has defended in the Delhi High Court the legal validity of its new IT rule requiring messaging apps, such as WhatsApp, to “trace” the first originator of the information, saying that the law empowers it to expect such entities to create safe cyberspace and counter illegal content either themselves or by assisting the law enforcement agencies.
The Centre said that Section 87 of the Information Technology Act gave it the power to formulate Rule 4(2) of the Intermediary Rules – which mandates a significant social media intermediary to enable the identification of the first originator of information in “legitimate state interest” of curbing the menace of fake news and offences concerning national security and public order as well as women and children.
In its affidavit filed in response to WhatsApp’s challenge to the rule on the ground that breaking the encryption invades its users’ privacy, the Centre has claimed that platforms “monetise users’ information for business/ commercial purposes are not legally entitled to claim that it protects privacy”.
“Petitioners (WhatsApp and Facebook), being multi-billion dollar enterprises, almost singularly on the basis of mining, owning and storing the private data of natural persons across the world and thereafter monetising the same, cannot claim any representative privacy right on behalf of the natural persons using the platform,” said the affidavit filed by Ministry of Electronics and Information Technology.
“WhatsApp collects users’ personal information and shares it with Facebook and third-party entities for business/commercial purposes (WhatsApp’s privacy policy of 2016 and its 2021 update). In fact, the regulators of various countries dearly hold that Facebook should be fixed with accountability for its services and data management practices,” it added.
The Centre said reasons regarding technical difficulties cannot be an excuse to refuse compliance to the law of the land and if a platform does not have the means to trace the “first originator” without breaking the encryption then it is the platform which “ought to develop such mechanism” in larger public duty.
“The Rule does not contemplate the platforms breaking the end-to-end encryption. The Rule only contemplates the platform to provide the details of the first originator by any means or mechanism available with the platform.
If the platform does not have such means, the platform ought to develop such mechanism considering the platforms widespread prevalence and the larger public duty,” the affidavit said.
The Centre said “if the intermediary is not able to prevent or detect the criminal activities happening on its platform, then the problem lies in the platform’s architecture and the platform must rectify their architecture and not expect the change of legislation. Reasons regarding ‘technical difficulties’ cannot be an excuse to refuse compliance to the law of the land.”
In August, a bench headed by Chief Justice DN Patel had sought the Centre’s stand on WhatsApp petition challenging new rule on the ground it violates the right to privacy and is unconstitutional.
WhatsApp’s parent company Facebook has also mounted a similar challenge to the rule.
In its plea, WhatsApp had said that the traceability requirement forced it “break end-to-end encryption” and thus infringe upon the fundamental rights to privacy and free speech of the hundreds of millions of citizens using its platform to communicate privately and securely.
The Centre, in its response, has said that the petition by WhatsApp is not maintainable as a challenge to the constitutionality of any Indian law is not maintainable at the instance of a foreign commercial entity.
It further claimed that Rule 4(2) is an “embodiment of competing rights of citizens of India” and aims to preserve the “rights of vulnerable citizens within the cyberspace who can be or are victims of cyber-crime”.
The Centre said there are checks and balances to ensure that the rule is not misused or invoked in cases where other less intrusive means are effective in identifying the originator of the information.
The identification of the first originator pertains only to viral content relating to heinous crimes, as specified in the rule, and not identifying all users or citizens, it said.
“If the IT Rules 2021 are not implemented the law enforcement agencies will have difficulty in tracing the origin of fake messages and such messages will percolate in other platforms thereby disturbing peace and harmony in the society further leading to public order issues,” the affidavit said.
The Centre has also said that in case of any legal proceeding having any message on the platform as evidence, WhatsApp would lose the defence of ‘intermediary protection’ but it “does not mean that WhatsApp will be held guilty and its officials would be legally responsible”.
“The courts can include WhatsApp as a respondent and consider ‘Contributory Negligence’ and ‘Vicarious liability on WhatsApp and its executives’ (under Section 85). Such liabilities will fructify only when such a case comes up and WhatsApp is named as an entity that it is sufficiently proved that it has contributed to the commission of the crime,” it added.
The centre also said that the Supreme Court itself had asked the Central government to “take all the steps necessary to identify persons who create and circulate electronic information” about certain offences such as sexual abuse.