Facts and Background
In the year 2022, the Indian Government proposed the enactment of a comprehensive Digital India Act (DIA) to provide global and contemporaneous legal standards for catering to India’s evolving digital ecosystem. The DIA is aimed at completely overhauling the country’s existing Information Technology Act 2000 (IT Act), and make way for a comprehensive and dynamic legislation to regulate digital technologies. The Ministry of Electronics and Information Technology, on 9 March 2023, organised a consultation to apprise representatives of the legal and technology industry amongst others, about the broad framework and core tenets of the DIA.
As per the briefing in the consultation, it is likely that the DIA will consist of guiding principles and will capture the broad framework of certain core constituents of the DIA, such as ensuring open internet, online safety and trust and accountability.
Key components of the proposed DIA are as follows:
- Enabling an open internet: One of the core principles of the DIA will be to promote choice, competition, online diversity, ease of doing business, and fair access to digital markets. Keeping this principle in mind, provisions around mandating interoperability of digital services such as ad-tech platforms, mobile application stores, emphasis on fair trade practices for dominant market players and ensuring non-discriminatory access to digital services are expected.
- Enhanced obligations for intermediaries and other entities on the internet: The focus of the DIA will be to identify different set of compliances specific to each kind of intermediary and the nature of its business. The scope of intermediaries under the DIA is expected to be wide and include search engines, advertisement technology platforms, e-commerce platforms, social media platforms, digital content platforms, gaming platforms. Further, obligations may also be expected for entities operating on the internet which may not be necessarily operating as an intermediary.
- Safe harbour principle under the DIA: Notably, the DIA is expected to modify the safe harbour principle enshrined under Section 79 of the IT Act for intermediaries. Any protection from liability under the DIA regime is likely to be subject to continuing compliance with specific obligations with respect to hosting third party information for different sets of intermediaries.
- Ensuring online safety and trust: Robust provisions for protecting users against harmful content and cyber offences are expected to find place under the DIA. In the context of children, specific provisions around age gating to regulate their access to addictive technology and harmful content are expected. DIA also proposes to introduce measures such as periodic risk assessments, algorithmic transparency, disclosures by data intermediaries, to protect open internet framework, increasing accountability and enabling informed choices for users.
- False information: Curbing false information / fake news on the internet, especially on social media platforms and messaging services will perhaps be one of the key aspects under the DIA. In this regard, specific compliances on moderation of such information by intermediaries, such as social media platforms, will likely be prescribed.
- Regulating artificial intelligence: Given the widespread use of artificial intelligence in critical fields such as healthcare, banking and aviation, development as well as deployment of artificial intelligence may be made subject to rigorous requirements under the DIA. These requirements may consequently impact regulation and safeguarding of emerging technologies such as machine learning, Web 3.0, wearable technology, autonomous systems, blockchain, virtual reality, etc.
- Regulation for privacy invasive devices: Provisions to regulate devices which may be invasive of privacy such as spy camera glasses and wearable technologies may be introduced under the DIA. These may include implementation of ‘Know-Your-Customer’ requirements, prior to being approved for sale in markets.
- Enhanced penalties for cyber-crimes: The DIA will aim to strengthen the penalty framework for noncompliances, especially for cyber-crimes and other offences.
- Adjudicatory mechanism: The DIA proposes to enable a specialised and dedicated adjudicatory mechanism for addressing online civil and criminal offences. In light of this, a dedicated adjudicatory authority constituted under the DIA seems likely.
The proposed enactment of the DIA will be a significant milestone for India, which is arguably a country that has grappled with dated and nascent patchwork of technology laws. Currently, many emerging technologies operate in a legal vacuum, leading to uncertainty and challenges for stakeholders, businesses and consumers. The introduction of the DIA promises to bring about a significant transformation in the technology landscape and regulatory framework in India. Codified principles of fair access and fair-trade practices under the DIA, may also require alignment of existing legislative frameworks with respect to anticompetition and consumer protection.
This comprehensive legislation is expected to catalyse technology and innovation in the country and contribute to the realization of the Digital India mission of the Government. By providing a clear legal framework for emerging technologies, the DIA can create a more conducive environment for businesses to thrive and for consumers to benefit from cutting-edge technology. Overall, the DIA holds great potential to accelerate India's growth and development in the digital age.