On 29 June, 2020, a press statement was released by the Ministry of Electronics and Information Technology (hereinafter ‘MEIT’) via the Press Information Bureau which stated that by invoking the power under Section 69A of the Information Technology Act, 2000 (hereinafter ‘IT Act’) along with the relevant provisions of the Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules, 2009 (hereinafter ‘Rules’), MEIT has banned 59 applications from public, citing reasons of national security, information privacy and data security. Such a move came just days after cross-border tensions began between China and India, which has been viewed as a motivating factor behind this decision by the MEIT and Government of India (hereinafter ‘GoI’). Moreover, this decision has been completely unprecedented since it’s the first of its kind to be announced by invoking Section 69A of the IT Act. Though the Press Statement does not mention it, it can be noticed that all the applications are of Chinese origin, and no other applications have been banned. Before the release of the Press Statement, intelligence agencies had red-flagged 53 out of the 59 applications that have been banned, for having links with China and possibly breaching the data security and information privacy of Indian citizens. This was backed by the National Security Council of India.
It is pertinent to note that this move has incited polar opposite reactions from the public. While some of the citizens have hailed this as a brilliant decision by the GoI in order to retaliate against China, others have questioned the legality behind such a move, and whether the repercussions of this move will leave a negative impact on the Indian public.
II. LEGALITY OF THE PRESS STATEMENT
Despite being viewed as a massive (and final) decision by the majority, some scholars and activists have questioned the legality of the Press Statement, and its capacity to be effectuated by law. The Press Statement explicitly mentioned Section 69A of the IT Act, and the IT Rules, thereby implying that the powers invoked would be in accordance with the same.
For the application of Section 69A, firstly, a legal order has to be issued. However, going by the information given by the GoI, the Press Statement is merely a press release, and in essence does not hold any legal validity. Such would not suffice as to effectuate a blanket ban on the 59 applications mentioned in the Press Statement. Secondly, the Press Statement had stated common grounds and reasoning (i.e. national security) for blocking all the applications, which goes against the individualized nature of the power under Section 69A and the IT Rules, and therefore a violation of the process prescribed under the aforementioned statutes. Thirdly, the IT Rules specify a defined process of notice, hearing and reasoned order – which has emerged from the infamous Shreya Singhal case’s judgment – and apply to all forms of blocking, including that which is on the basis of national security concerns. Moreover, a reasonable nexus has to be formed between banning the applications and national security, which the GoI and MEIT have failed to adequately articulate in their Press Statement.
According to a statement issued by the Head of Tiktok, Nikhil Gandhi, the Press Statement was only an interim order by the GoI; and the representatives of the application developers have been invited for an opportunity to respond and submit clarifications to the concerned government stakeholders. This essentially implies that the Press Statement was merely an interim order, and that the ban is yet to be effectuated by way of issuing a legal order in compliance with the procedure enshrined under Section 69A and the IT Rules.
If at all a legal order is issued under Section 69A and the IT Rules, specific directions would have to be given to the Internet Service Providers (hereinafter ‘ISP’), the application developers, and Google Playstore/AppStore before the order is implemented. Such is a lengthy process and would take considerable amount of time to take effect.
III. PROBLEMS FOR THE PUBLIC
Though the Press Statement might have been made as a retaliatory action against attacks by China, it will have negative impacts on the general public of India as well. Thousands, if not lakhs, of Indians had monetized the applications – meaning that they received monetary gains out of the banned applications – and if these applications were to be effectively banned from usage, they would suffer from the monetary repercussions of such ban. Moreover, activists and influencers had also used certain applications as means of spreading awareness vis-à-vis citizen rights, socio-political or legal issues, and banning such mediums would be detrimental to the public at large.
However, if the claims of breach of data security and information are legitimate and well-founded, usage of such applications would put the general public at major risk, and with the lack of an adequate Data Privacy Protection legislation, such concerns would have to be addressed and acted on in other ways, blanket ban being one of them.
Though a blanket ban might be a temporary solution for concerns of data security, better measures should be put in place in order to address these issues. Firstly, the long overdue and pending Protection of Data Privacy Bill (which has its own fallacies and concerns) should be put into gear and brought in as a legislation after recommended changes. Secondly, to ensure credibility and smooth functioning, data security and privacy may be achieved through regulatory processes which shall be beneficial both for the public as well as the GoI. And lastly, instead of going directly towards a blanket ban which is a radical and extreme move, subtler measures should be taken, which may include but not be limited to imposition of fines (for failing to comply to regulations), provision of directions by regulatory agencies and legislations, and finally, if all else, a blanket ban which, in essence, is absolute prohibition. All of the solutions can be envisaged in sufficient Data Privacy Protection laws if implemented and effectuated.
Though the Press Statement by MEIT and GoI has received polar opposite reactions, it is safe to say that it leans more towards being a façade order with no legal backing. This move by the GoI is bound to be challenged in a court of law, and knowing the present state of the judiciary, the matter is expected to be prolonged and remain undecided for years.