A few minutes ago, the Supreme Court delivered a judgement striking down Section 66 A of the Information Technology Act, 2000. This was in response to a PIL that challenged the constitutionality of this provision. In light of this, we present a background to Section 66 A and the recent developments leading up to its challenge before the Court. What does the Information Technology Act, 2000 provide for? The Information Technology (IT) Act, 2000 provides for legal recognition for transactions through electronic communication, also known as e-commerce. The Act also penalizes various forms of cyber crime. The Act was amended in 2009 to insert a new section, Section 66A which was said to address cases of cyber crime with the advent of technology and the internet. What does Section 66(A) of the IT Act say? Section 66(A) of the Act criminalises the sending of offensive messages through a computer or other communication devices. Under this provision, any person who by means of a computer or communication device sends any information that is:
Over the past few years, incidents related to comments, sharing of information, or thoughts expressed by an individual to a wider audience on the internet have attracted criminal penalties under Section 66(A). This has led to discussion and debate on the ambit of the Section and its applicability to such actions. What have been the major developments in context of this Section? In the recent past, a few arrests were made under Section 66(A) on the basis of social media posts directed at notable personalities, including politicians. These were alleged to be offensive in nature. In November 2012, there were various reports of alleged misuse of the law, and the penalties imposed were said to be disproportionate to the offence. Thereafter, a Public Interest Litigation (PIL) was filed in the Supreme Court, challenging this provision on grounds of unconstitutionality. It was said to impinge upon the freedom of speech and expression guaranteed by Article 19(1)(a) of the Constitution. How has the government responded so far? Subsequently, the central government issued guidelines for the purposes of Section 66(A). These guidelines clarified that prior approval of the Deputy Commissioner or Inspector General of Police was required before a police officer or police station could register a complaint under Section 66(A). In May 2013, the Supreme Court (in relation to the above PIL) also passed an order saying that such approval was necessary before any arrest is to be made. Since matters related to police and public order are dealt with by respective state governments, a Supreme Court order was required for these guidelines to be applicable across the country. However, no changes have been made to Section 66 A itself. Has there been any legislative movement with regard to Section 66(A)? A Private Member Bill was introduced in Lok Sabha in 2013 to amend Section 66(A) of the IT Act. The Statement of Objects and Reasons of the Bill stated that most of the offences that Section 66(A) dealt with were already covered by the Indian Penal Code (IPC), 1860. This had resulted in dual penalties for the same offence. According to the Bill, there were also inconsistencies between the two laws in relation to the duration of imprisonment for the same offence. The offence of threatening someone with injury through email attracts imprisonment of two years under the IPC and three years under the IT Act. The Bill was eventually withdrawn. In the same year, a Private Members resolution was also moved in Parliament. The resolution proposed to make four changes: (i) bring Section 66(A) in line with the Fundamental Rights of the Constitution; (ii) restrict the application of the provision to communication between two persons; (iii) precisely define the offence covered; and (iv) reduce the penalty and make the offence a non-cognizable one (which means no arrest could be made without a court order). However, the resolution was also withdrawn. Meanwhile, how has the PIL proceeded? According to news reports, the Supreme Court in February, 2015 had stated that the constitutional validity of the provision would be tested, in relation to the PIL before it. The government argued that they were open to amend/change the provision as the intention was not to suppress freedom of speech and expression, but only deal with cyber crime. The issues being examined by the Court relate to the powers of the police to decide what is abusive, causes annoyance, etc,. instead of the examination of the offence by the judiciary . This is pertinent because this offence is a cognizable one, attracting a penalty of at least three years imprisonment. The law is also said to be ambiguous on the issue of what would constitute information that is “grossly offensive,” as no guidelines have been provided for the same. This lack of clarity could lead to increased litigation. The judgement is not available in the public domain yet. It remains to be seen on what the reasoning of the Supreme Court was, in its decision to strike down Section 66A, today.
The Union government’s Cabinet Committee on Security recently gave clearance to the Home Ministry’s NATGRID project. The project aims to allow investigation and law enforcement agencies to access real-time information from data stored with agencies such as the Income Tax Department, banks, insurance companies, Indian Railways, credit card transactions, and more. NATGRID, like a number of other government initiatives (UIDAI), is being established through governmental notifications rather than legislation passed in Parliament. The examination of this issue requires an assessment of the benefits of legislation vis-a-vis government notifications. Government notifications can be issued either under a specific law, or independent of a parent law, provided that the department issuing such notification has the power to do so. Rules, regulations which are notified have the advantage of flexibility since they can be changed without seeking Parliamentary approval. This advantage of initiating projects or establishing institutions through government notifications is also potentially of detriment to the system of checks and balances that a democracy rests on. For, while legislation takes a longer time to be enacted (it is discussed, modified and debated in Parliament before being put to vote), this also enables elected representatives to oversee various dimensions of such projects. In the case of NATGRID, the process would provide Parliamentarians the opportunity to debate the conditions under which private individual information can be accessed, what information may be accessed, and for what purpose. This time consuming process is in fact of valuable import to projects such as NATGRID which have a potential impact on fundamental rights. Finally, because changing a law is itself a rigorous process, the conditions imposed on the access to personal information attain a degree of finality and cannot be ignored or deviated from. Government rules and regulations on the other hand, can be changed by the concerned department as and when it deems necessary. Though even governmental action can be challenged if it infringes fundamental rights, well-defined limits within laws passed by Parliament can help provide a comprehensive set of rules which would prevent their infringement in the first place. The Parliamentary deliberative process in framing a law is thus even more important than the law itself. This is especially so in cases of government initiatives affecting justiciable rights. This deliberative process, or the potential scrutiny of government drafted legislation on the floor of Parliament ensures that limitations on government discretion are clearly laid down, and remedies to unauthorised acts are set in stone. This also ensures that the authority seeking to implement the project is The other issue pertains to the legal validity of the project itself. Presently, certain departmental agencies maintain databases of personal information which helps them provide essential services, or maintain law and order. The authority to maintain such databases flows from the laws which define their functions and obligations. So the power of maintaining legal databases is implicit because of the nature of functions these agencies perform. However, there is no implicit or explicit authorization to the convergence of these independent databases. One may argue that the government is not legally prevented from interlinking databases. However, the absence of a legal challenge to the creation of NATGRID does not take away from the importance of establishing such a body through constitutionally established deliberative processes. Therefore, the question to be asked is not whether NATGRID is legally or constitutionally valid, but whether it is important for Parliament to oversee the establishment of NATGRID. In October 2010, the Ministry of Personnel circulated an “Approach paper for a legislation on privacy”. The paper states: “Data protection can only be ensured under a formal legal system that prescribes the rights of the individuals and the remedies available against the organization that breaches these rights. It is imperative, if the aim is to create a regime where data is protected in this country, that a clear legislation is drafted that spells out the nature of the rights available to individuals and the consequences that an organization will suffer if it breaches these rights.” As the lines above exemplify, it is important for a robust democracy to codify rights and remedies when such rights may be potentially affected. The European Union and the USA, along with a host of other countries have comprehensive privacy laws, which also lay down conditions for access to databases, and the limitations of such use. The UIDAI was established as an executive authority, and still functions without statutory mandate. However, a Bill seeking to establish the body statutorily has been introduced, and its contents are being debated in the Parliamentary Standing Committee on Finance and the Bill has also been deliberated on by civil society at large. A similar approach is imperative in the case of NATGRID to uphold the sovereign electorate’s right to oversee institutions that may affect it in the future.
