Monday, November 16, 2015

Social Networking Laws In India Need Clarity And Codification

Social networking websites have a very crucial role to play in fields like business and commerce, personal relationships, leisure activities, political usages, speech and expression, etc. This is the reason why social media websites like Facebook, Twitter, LinkedIn, etc are very popular world over.

India has also a significant population that is attached to various social media or social networking websites. This has given rise to unique law enforcement and regulatory challenges before the countries around the world. While the United States has the advantage in the sense that most of these social networking websites are located within the legal and territorial limits of US authorities yet law enforcement authorities of India and other countries find it really difficult to manage law enforcement related activities arising due to abuse of these social networking websites.

The conflict of laws in cyberspace has further widened the law enforcement access deficit that India is presently facing. Most of the law enforcement agencies of India openly admit that when the server of a website is located outside India it becomes next to impossible to prosecute a cyber criminal using such a website and committing an offence against Indian citizen.

For instance, Bangalore cyber police is facing investigation difficulties with Facebook and it is well known. Similarly, the Delhi Police was too late to get access to IP address of the accused who hacked the e-mail account of Amrita Rai. It is also well known that most of the social networking websites that are operating in India are not complying with the laws of India.

The Information Technology Act, 2000 (IT Act 2000) is the cyber law of India that governs legal issues pertaining to e-commerce, e-governance, cyber contravention and cyber crimes. However, the cyber law of India is a piecemeal legislation that covers multiple areas and in this attempt it is not covering even a single area effectively. India must either formulate a comprehensive and holistic techno legal framework or it must adopt specific and dedicated laws for various fields. There is no doubt that India needs a new and better cyber law and the old one must be repealed.

It has been suggested that foreign websites and social networking websites must establish servers in India. It has also been suggested that India’s own social networking websites must be established so that compliance with Indian laws can be ensured. As per the amended Indian Companies Act, 2013, the directors of India companies can be held liable for cyber law and cyber security related techno legal compliances. Individuals, companies and their directors are also required to observe cyber law due diligence (PDF) under the IT Act 2000.

India has been using mutual legal assistance treaty (MLAT) to mutually cooperate on law enforcement related issues. However, MLAT is not always successful as the country to whom such a request is issued may deny cooperation if the act committed by the accused is not an offence as per the laws of that country. For instance, in the past US has refused to issue summons upon companies like Facebook, Google, etc citing similar grounds. So the MLAT route is not full proof and it is full of surprises.

Some stakeholders have started using social networking websites for business purposes in such a manner that they violate Indian laws. However, as the servers of these social networking websites are located outside India and are governed by foreign laws, Indian law enforcement agencies are helpless to enforce Indian laws against such stakeholders.

For instance, online pharmacies related legal compliances are absolutely ignored in India by most of the online pharmacies operating from India. As a result Perry4Law has suggested that online pharmacies laws must be enacted by Indian government. Similarly, the online card games websites in India are also in a limbo and they are operating in a legally risky manner. This is more so when social networking websites are used for games like online rummy, online poker and other online card games.

India has no dedicated privacy and data protection (PDF) laws. Indian government is also very committed to violate the civil liberties of Indian citizens in cyberspace. This is the reason why we have no privacy rights in India that can protect the privacy of Indian in cyberspace. Further, e-surveillance tools like Aadhaar have been clubbed with projects like Digital India and this has made the digital India initiative the biggest digital panopticon of human history. The social networking websites provides further data and information to Indian government for data mining purposes and this result in violation of privacy of Indian citizens.

Nevertheless, business and other stakeholders are required to comply with applicable privacy, data protection, cyber law and other laws applicable to their respective fields. One of the requirements that is applicable to all stakeholders including e-commerce players pertain to observation of cyber law due diligence (PDF). Similarly, e-commerce laws in India are also required to be adhered to by various stakeholders. Since the stakeholders are also using the platform of foreign companies, they are also subject to the laws of foreign jurisdictions as well. Thus, there is no significant benefit of hosting a website on a foreign server if the law enforcement agencies of India are committed to punish an offender.

Perry4Law Organisation (P4LO) hopes that this article would help various stakeholders in sensibly using the social networking websites so that they remain on the right side of the law. At the same time P4LO also believes that very soon social networking related laws and regulations would be clearly enacted by the Indian government for the larger benefit of all stakeholders.