"Parliamentary approval of the creation, mandate and powers of security agencies is a necessary but not sufficient condition for upholding the rule of law. A legal foundation increases the legitimacy both of the existence of these agencies and the (often exceptional) powers that they possess." Though mechanisms for ensuring accountability of the executive to the Parliament are in place for most aspects of government in India, such mechanisms are completely absent for the oversight of intelligence agencies. In India, various intelligence agencies such as the Research and Analysis Wing, and the Intelligence Bureau are creations of administrative orders, and are not subject to scrutiny by Parliament. This is in direct contrast to the practise of the Legislature's oversight of intelligence agencies in most countries.  Though different countries have different models of exercising such oversight, the common principle - that activities of intelligence agencies should be subject to Parliamentary scrutiny, remains uniform. In the US for example, both the House and the Senate have a Committee which exercises such scrutiny.  These are House Permanent Select Committee on Intelligence, established in 1977, and the Senate Select Committee on Intelligence, created in 1976.  Both committees have broad powers over the intelligence community.  They oversee budgetary appropriations as well as legislation on this subject.  In addition, the House Committee can do something which the Senate can not:  “tactical intelligence and intelligence-related activities.”  This gives the Committee the power to look into actual tactical intelligence, and not just broader policy issues.  Intelligence agencies are also governed by a variety of laws which clearly lay out a charter of responsibilities, as well as specific exemptions allowing such agencies to do some things other government agencies ordinarily cannot. (For source, click here) In UK, the Intelligence Services Act of 1994 set up a similar framework for intelligence organisations in the UK, and also set up a mechanism for legislative oversight.  The Act set up a Committee which should consists mostly of Members of Parliament.  The members are appointed by the Prime Minister in consultation with the leader of opposition, and the Committee reports to the Prime Minister.  The Prime Minister is required to present the report of the Committee before Parliament. (For the Act, click here) Recently, the Committee has expressed concerns in its 2009-10 report over the fact that it is financially dependent on the Prime Minister's office, and that there could be a conflict of interest considering it is practically a part of   the government over which it is supposed to express oversight. (For the report, click here) A study titled "Making Intelligence Accountable: Legal Standards and Best Practice" captures the best components of Parliamentary oversight of intelligence bodies.  Some of these are:

  1. The entire intelligence community, including all ancillary departments and officials, should be covered by the mandate of one or more parliamentary oversight bodies.
  2. The mandate of a parliamentary oversight body might include some or all of the following (a) legality, (b) efficacy, (c) efficiency, (d) budgeting and accounting; (e) conformity with relevant human rights Conventions (f) policy/administrative aspects of the intelligence services.
  3. The recommendations and reports of the parliamentary oversight body should be (a) published; (b) debated in parliament; (c) monitored with regard to its implementation by the government and intelligence community.
  4. The resources and legal powers at the disposal of the parliamentary oversight body should match the scope of its mandate.
  5. Parliament should be responsible for appointing and, where necessary, removing members of a body exercising the oversight function in its name.
  6. Representation on parliamentary oversight bodies should be cross-party, preferably in accordance with the strengths of the political parties in parliament.
  7. Government ministers should be debarred from membership (and parliamentarians should be required to step down if they are appointed as ministers) or the independence of the committee will be compromised. The same applies to former members of agencies overseen.
  8. The oversight body should have the legal power to initiate investigations; Members of oversight bodies should have unrestricted access to all information which is necessary for executing their oversight tasks.
  9. The oversight body should have power to subpoena witnesses and to receive testimony under oath.
  10. The oversight body should take appropriate measures and steps in order to protect information from unauthorised disclosure.
  11. The committee should report to parliament at least yearly or as often as it deems necessary.
  12. The oversight body should have access to all relevant budget documents, provided that safeguards are in place to avoid leaking of classified information.

On June 6, 2022, the Ministry of Electronics and Information Technology released the draft amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (IT Rules, 2021) for public feedback.  The IT Rules were notified on February 25, 2021, under the Information Technology Act, 2000 (IT Act).  The Ministry noted that there is a need to amend the Rules to keep up with the challenges and gaps emerging in an expanding digital ecosystem.  In this blog post, we give a brief background to the IT Rules, 2021 and explain the key proposed changes to the Rules.

Background to the IT Rules, 2021

The IT Act exempts intermediaries from liability for user-generated content on their platform provided they meet certain due diligence requirements.  Intermediaries are entities that store or transmit data on behalf of other persons and include telecom and internet service providers, online marketplaces, search engines, and social media sites.  IT Rules specify the due diligence requirements for the intermediaries.  These include: (i) informing users about rules and regulations, privacy policy, and terms and conditions for usage of its services, including types of content which are prohibited, (ii) expeditiously taking down content upon an order from the government or courts, (iii) providing a grievance redressal mechanism to resolve complaints from users about violation of Rules, and (iv) enabling identification of the first originator of the information on its platform under certain conditions.  It also specifies a framework for content regulation of online publishers of news and current affairs and curated audio-visual content.  For an analysis of the IT Rules 2021 please see here.

Key changes proposed to the IT Rules 2021

Key changes proposed by the draft amendments are as follows:

  • Obligations of intermediaries:  The 2021 Rules require the intermediary to “publish” rules and regulations, privacy policy and user agreement for access or usage of its services.   The Rules specify restrictions on the types of content that users are allowed to create, upload, or share.  The Rules require intermediaries to “inform” users about these restrictions.  Proposed amendments seek to expand the obligation on intermediaries to include: (i) “ensuring compliance” with rules and regulations, privacy policy, and user agreement, and (ii) "causing users to not" create, upload, or share prohibited content.
     
  • The proposed amendments also add that intermediaries should take all reasonable measures to ensure accessibility of their services to all users, with a reasonable expectation of due diligence, privacy, and transparency.   Further, intermediaries should respect the constitutional rights of all users.  The Ministry observed that such a change was necessary as several intermediaries have acted in violation of the constitutional rights of citizens.
     
  • Appeal mechanism against decisions of grievance officers:  The 2021 Rules require intermediaries to designate a grievance officer to address complaints regarding violations of the Rules.  The Ministry observed that there have been instances where these officers do not address the grievances satisfactorily or fairly.  A person aggrieved with the decision of the grievance officer needs to approach courts to seek redressal.  Hence, the draft amendments propose an alternative mechanism for such appeals.  A Grievance Appellate Committee will be formed by the central government to hear appeals against the decisions of grievance officers.  The Committee will consist of a chairperson and other members appointed by the central government through a notification.  The Committee is required to dispose of such appeals within 30 days from the date of receipt.  The concerned intermediary must comply with the order passed by the Committee.  Note that the proposed amendments do not restrict users from directly approaching courts.
  • Expeditious removal of prohibited content:  The 2021 Rules require intermediaries to acknowledge complaints regarding violation of Rules within 24 hours, and dispose of complaints within 15 days.  The proposed amendments add that the complaints concerning the removal of prohibited content must be addressed within 72 hours.  The Ministry observed that given the potential for virality of content over internet, a stricter timeline will help in removing prohibited content expeditiously.

Comments on the draft amendments are invited until July 6, 2022.