IT Rules 2021: Impact assessment; legal, ethical and implementation concerns #
Social Media networks and platforms, chat and messaging applications, photo and video sharing services have radically transformed the internet landscape in India and elsewhere in the last decade. User generated content has allowed diverse voices to create and share views, political opinions, dance videos, movie and music commentaries.
While the platforms and networks have encouraged these voices, there is also a growing concern1 over the sharing of potentially offensive material such as pornographic content, child sexual abuse material (CSAM), hate speech and violent content often not suitable for the wide audience such platforms caters to.
The INFORMATION TECHNOLOGY (GUIDELINES FOR INTERMEDIARIES AND DIGITAL MEDIA ETHICS CODE) RULES, 2021 notified by the Ministry of Electronics and Information Technology (MEITY), together with the Ministry of Information and Broadcasting (MIB), Government of India – under the IT Act 2000, seeks to monitor and control user generated content and provide firm guidelines for social media Intermediaries, digital news publications and other organizations who host or transfer content on the internet.
The Rules were notified in February 2021, and went into effect in May 2021. Organizations and individuals have challenged the Rules on various counts2 – including their applicability under the parent law. Large platforms and social media networks have expressed concern about implementation and compliance.
Privacy Mode, a hub for conversations around privacy, data security and compliance, conducted a two-part research project seeking to understand the impact of the Rules on organizations and employees in the tech ecosystem who might be responsible for implementing the Rules and achieving compliance in tech and media products.
A qualitative study of Social Media Platforms, Digital News Publications, and Cloud Computing services providers, was undertaken to look at the possible impact on encryption, traceability, compliance, applicability of law among others, was conducted in May-June 2021; and a quantitative survey of tech workers across India, looking at awareness, professional and personal impact, work flows and requirements, was conducted in June-July 2021.
This report is a comprehensive analysis of both surveys and presents a rounded picture of the impact of the IT Rules 2021 on organizations and its employees. This research report also looks at larger questions and concerns about privacy, freedom of expression and speech given the discursive debates around responsible tech, digital platforms and ethics, and impact on society and individuals.
Executive Summary and Core Concerns #
Scope of the law #
By definition, the ‘Rules’ framed for any law in India are ‘Subordinate Legislation’ or ‘Delegated Legislation’. While laws are made by the Parliament/Legislature, Rules are made by the Executive i.e., the Government of India, to fulfill the requirements of the parent law. In Indian democracy, it is only the Legislative that can make laws. The Executive can only implement them. If the law says ‘XYZ has to be accomplished’, rules can frame the methods in which ‘XYZ’ can be accomplished. However, in the case of IT Rules 2021, the Rules are seen as overarching and exceeding the parent law.
Notified under the Information Technology Act, 20003 , which provides ‘Safe Harbour’ status to digital intermediaries, the Rules are ultra vires of the parent Act and seek to regulate activities that have no mention in it. Further, bringing digital news publishers under the ambit of the Rules, is unconstitutional and ultra vires of the IT act, as news websites do not fit the definition of ‘Intermediaries’ given under the Act4.
Further, the activities of news publishers and media are regulated by the Ministry of Information and Broadcasting (MIB)5, and thus excluded from the ambit of the IT Act. Concerns emerged that the Rules – which did not pass through the legislative body – sought to curtail rights and laws that did emerge from due legislative process.
Further, with existing guidelines under the Press Council Act that govern news organizations, the Rules are seen as overarching and drafted to censor specific media channels and outlets.
The Rules require intermediaries to identify the first originator of messages deemed objectionable. This implies that messaging platforms and social networking sites will have to significantly alter their product (and the technology underlying products) to comply. This is again not governed by the parent act, and is therefore unconstitutional. The Rules also operate from a position of assumed guilt, where all conversations and communications are expected to be scanned for potentially offensive material, and traced back to the original sender. This is against the assumption of innocence enshrined in the legal system operating in the country.
Breaking encryption and implementing traceability, a fundamental requirement of the new Rules, have international legal implications, as messaging services and social media platforms will need to alter the underlying technical architecture of their products or services - or at least have a different product and user experience for Indian users. Since this cannot be implemented for users in India alone and will affect every user of the services across the world, these social media intermediaries will be in violation of international laws governing user privacy and security, thus inviting legal costs.
Freedom of expression and natural justice #
The Rules are seen as violating freedom of expression guaranteed in the Indian constitution by implementing traceability, which breaks encryption. Privacy, also a fundamental right as determined by the Supreme Court of India, is increasingly seen as a ‘make-or-break’ feature of all websites, apps, products, and services. Privacy operates from a position of assumption of innocence of the user. The Rules, by enforcing traceability, violate the fundamental rights of Indian citizens by reducing privacy to a conditional service, and not a constitutional guarantee
Cost of compliance #
When the IT Rules came into effect in May 2021, they were criticized for imposing high costs of compliance, including legal and personal liability attached to employees of social media organizations. In the case of the office of the Chief Compliance Officer (CCO), liability extended even after the CCO retired from office. Every social media and news organization surveyed during this research pointed to the personal liability attached to the role of the CCO, grievance and nodal officers as imposing financial and legal costs on their organizations.
Proactive content filtering requirements will impact human resources requirements, demand changes in product and business operations, thereby significantly increasing costs. Traceability clauses under the Rules require extensive overhaul of messaging services and social networking platforms’ core architecture, requiring significant monetary and human resource investment.
Further, respondents in the Focus Group Discussions (FGDs) believed that ease of doing business will diminish given the stringent compliance regime and employee impact.
The Rules are also framed vaguely and arbitrarily, leading to confusion over operating clauses. Additionally, they have stringent reporting requirements. This will affect all organizations, especially small and medium enterprises, financially, and otherwise.
Skill and competency of Industry #
In addition to the legal and ethical concerns emerging from implementation of the Rules, there are knowledge, awareness, and skill gaps across a representative sample of the IT industry, which may impact the ability of organizations to comply with the IT Rules.
Software developers in junior and mid-level roles in IT organizations believe their workload will increase with the IT Rules. Respondents hinted at their jobs now requiring them to do more documentation and reporting, and their role in achieving compliance in the company’s product as increasing their workload.
Industry representatives however felt that tech workers and product managers will fundamentally need knowledge in, or retraining in, privacy features, content filtering and user experience, in order to fully comply with the Rules. Experts in the industry believe that more than just technical skills or knowledge, what is missing is also perspective and understanding of how executing the Rules will impact users of media and tech products.
As noted above, encryption and traceability requirements of the Rules will mean major changes in products, especially user experience and inability to safeguard privacy of Indian users under the IT Rules. Implementing features such as voluntary verification will need product managers to acquire new skills and knowledge. Tech workers will need to learn how to work in coordination with legal teams. Given the implementation of the IT Rules, each content takedown request will have to be serviced on a case-by-case basis. This will impact scale and standard operating procedures in organizations, or will result in organizations relying more heavily on automation to censor content proactively (and to avoid being served takedown notices). In both cases, users of these products will bear the brunt, where their freedom of speech and expression will be reduced drastically.
Individual chapters and sections of the report are presented as submissions. Scroll down to read them.
About the principal researchers #
Nadika Nadja is a researcher at Hasgeek. She has worked across advertising, journalism, TV and film production as a writer, editor and researcher.
Bhavani S is a Research Associate at Hasgeek. She has previously worked for the Centre for Budget and Policy Studies (CBPS), Microsoft Research India, and the University of Michigan, Ann Arbor.
Support team #
Anish TP illustrated the report. Satyavrat KK provided research and editorial support. David Timethy and Zainab Bawa were project managers for producing this report. Kiran Jonnalagadda and Zainab Bawa advised on research design and execution.
We would like to thank the following individuals who provided feedback during different stages of the research. Their feedback helped the team fine-tune and bring rigour to the research process.
- Suman Kar, founder of security firm Banbreach, for reviewing early drafts of the quantitative research questionnaire, and providing detailed inputs on survey design.
- Prithwiraj Mukherjee, Assistant Professor of Marketing at IIM-Bangalore, for reviewing early drafts of the quantitative research questionnaire, and providing detailed inputs on survey design.
- Chinmayi SK, Founder of The Bachchao Project, for reviewing and providing feedback on the final report and conclusions
While Hasgeek sought funding from organizations, the research itself was conducted – with full disclosure at all stages – independently and objectively. The findings do not reflect any individual organization’s needs.
*[MEITY]: Ministry of Electronics and Information Technology
*[MIB]: Ministry of Information and Broadcasting
*[MSME]: Ministry of Micro, Small, and Medium Enterprises
*[CSAM]: Child Sexual Abuse Material
Unicef: Growing concern for well-being of children and young people amid soaring screen time (2021) - https://www.unicef.org/press-releases/growing-concern-well-being-children-and-young-people-amid-soaring-screen-time ↩︎
LiveLaw: Supreme Court Lists Centre’s Transfer Petitions, Connected Cases After 6 Weeks
India Code: The Information Technology Act 2000 https://www.indiacode.nic.in/bitstream/123456789/1999/3/A2000-21.pdf ↩︎
India Code: IT Act Definitions https://www.indiacode.nic.in/show-data?actid=AC_CEN_45_76_00001_200021_1517807324077§ionId=13011§ionno=2&orderno=2 ↩︎
U.K's Online Safety Bill: An Overview
A Brief History Of The Online Safety Bill #
In May 2021, the U.K government published the ‘Online Safety Bill’, comprising a 145-page document, along with 123 pages of explanatory notes and a 146-page impact assessment on the ramifications of the bill. The U.K government positions the Bill as one which ushers in “a new age of accountability for tech and brings fairness and accountability to the online world”.1 The earlier avatar of the bill has had a contentious history; in April 2019, the UK government produced a White Paper, setting out proposals for keeping UK internet users safe online, and managing ‘online harms’. The white paper’s proposals cover : “‘online content or activity that harms individual users, particularly children, or threatens our way of life in the UK, either by undermining national security, or by reducing trust and undermining our shared rights, responsibilities and opportunities to foster integration”. The government received around 2400 responses focusing on impact of the proposals on freedom of expression, impact on businesses performing duty of care. The government released a response soon, and finally introduced the Online Safety Bill in 2021.2
A Summary Of The Bill #
The government’s new regulatory framework will apply to companies whose services:
Host user-generated content which can be accessed by users in the UK. This means an internet service by means of which content that is generated by a user of the service, or uploaded to or shared on the service by a user of the service, may be encountered by another user, or other users, of the service. This opens the possibilities to a wide range of services falling under this purview from small services such as ones dedicated to U.K Punk rock like TalkPunk, to Facebook. The wide scope has come to be critiqued as we shall see in the following passages.
Involve the provision of search engines.
There is also the non-trivial addition of ‘Category 1’ services, reserved for the largest online user-generated content platforms. Broadly, the bill will expect the above mentioned categories to comply with the following set of rules.
- All providers of user-to-user services are required to
- Conduct an illegal content risk assessment. This asks services of a particular kind to identify, assess and understand such of the following, taking into account the risk profile that relates to services of that kind— (a) the user base; (b) the level of risk of individuals who are users of the service encountering the following by means of the service – terrorism content, CSEA content, priority illegal content, and other illegal content (c) the level of risk of harm to individuals presented by illegal content of different descriptions; (d) the level of risk of functionalities of the service facilitating the presence or dissemination of illegal content, identifying and assessing those functionalities that present higher levels of risk; (e) the different ways in which the service is used, and the impact that has on the level of risk of harm that might be suffered by individuals; (f) the nature, and severity, of the harm that might be suffered by individuals from the matters identified in accordance with paragraphs (b) to (e); (g) how the design and operation of the service (including the business model, governance and other systems and processes) may reduce or increase the risks identified
- Take proportionate steps to mitigate and manage the risks of harm identified by the illegal content risk assessment
- Have systems and processes in place that minimize the presence and dissemination of illegal content and the length of time such content is present on the site, and swiftly take down illegal content when alerted to its presence
- Specify in its Terms of Service how individuals are protected from illegal content and ensure that Terms of Service are clear, accessible and consistently applied
- Pay heed to protecting users from unwarranted infringements of privacy as well as users’ right to freedom of expression in safety policies and procedures
- Have appropriate reporting systems and complaints procedures on which the service provider can take appropriate action
- Keep necessary written records pertaining to the above
- Providers of user-to-user services likely to be accessed by children are required to:
- Comply with all of the obligations outlined in point 1 above
- Conduct a children’s risk assessment
- Take proportionate steps to mitigate and manage the risks of harm to children both identified in the children’s risk assessment and present on the service
- Have systems and processes in place that prevent children from encountering harmful content
- Specify in its Terms of Service how children are prevented from encountering harmful content and ensure that such Terms of Service are clear, accessible and consistently applied
- Providers of user-to-user services within the scope of Category 1 are required to:
- Comply with all of the obligations outlined in points 1 and 2 above.
- Conduct an adults’ risk assessment
- Specify in its Terms of Service how harmful content to adults is dealt with by its service and ensure that such Terms of Service are clear, accessible and consistently applied
- Conduct an assessment of the impact that safety policies and procedures would have on the protection of users from unwarranted infringements of privacy as well as users’ right to freedom of expression, conduct an additional assessment following the adoption of such policies and procedures, and specify the positive steps the provider has taken in response to the impact assessment
- Have systems and processes that take into account the importance of the free expression of content of democratic importance in certain decision-making, including with respect to diversity of political opinion, and specify its relevant policies and processes in its Terms of Service (again ensuring such Terms of Service are clear, accessible and consistently applied)
- Have systems and processes that take into account the importance of the free expression of journalistic content in certain decision-making as well as a dedicated and expedited complaints procedure in respect of journalistic content, and specify its relevant policies and processes in its Terms of Service (again ensuring such Terms of Service are clear, accessible and consistently applied)3
Consequences of non-compliance #
The Office of Communications, commonly known as Ofcom, is the government-approved regulatory and competition authority for the broadcasting, telecommunications and postal industries of the United Kingdom. Officially, it has a statutory duty to represent the interests of citizens and consumers by promoting competition and protecting the public from harmful or offensive material. According to the new Bill, Ofcom will have powers to issue fines of £18 million or 10% of qualifying worldwide revenue (whichever is higher) for non-compliance. Ofcom also has a range of enforcement powers relating to business disruption measures and use of technology warning notices under the Draft Bill. In certain circumstances, criminal liability may also fall on the shoulders of senior members of non-compliant service providers where they have failed to take reasonable steps to prevent offences from being committed.3:1
Critiques Of The Bill So Far #
Many corners of the U.K media praised the bill, the praise beginning with no less than a glowing preview by Oliver Dowden, the digital secretary of the U.K in the Telegraph newspaper, “Taken in full, this bill represents one of the most comprehensive and balanced responses to the digital revolution since technology began transforming our lives three decades or so ago. We’re entering a new age of accountability for tech - for the good of everyone who uses it.”4 Tim Barker, the CEO of Kooth, a digital platform for mental healthcare, said “From a mental health perspective, we have a duty of care as a nation to ensure that online content is appropriate. This is not just for those with current or emerging mental health difficulties but for everyone – we are all at risk of developing poor mental health given the right set of circumstances and triggers. This is the reason that the online safety bill is so important to the industry.”5
However, others were more critical. the London-based digital rights advocates, Global Partners Digital, called it “the most comprehensive and demanding piece of online content regulation in the world.”6 Alex Hern, the tech editor of The Guardian had a stern warning, “The message of the bill is simple: take down exactly the content the government wants taken down, and no more. Guess wrong and you could face swingeing fines. Keep guessing wrong and your senior managers could even go to jail. Content moderation is a hard job, and it’s about to get harder.”7
One of the more categorical and combative dismissals of the bill came from Heather Burns of the UK’s Open Rights Group, “You’re going to read a lot today about the government’s plans for the Online Safety Bill on #onlineharms, a regulatory process which has eaten up much of the past two years of my professional work. I suppose if I had a hot take to offer after two years, it’s this:
- If you see the bill being presented as being about “social media” “tech giants” “big tech” etc, that’s bullshit. It impacts all services of all sizes, based in the UK or not. Even yours. Bonus: take a drink every time a journo or MP says the law is about reining in Facebook.
- If you see the Bill being presented as being about children’s safety, that’s bullshit. It’s about the government compelling private companies to police the legal speech and behaviour of everyone who says or does anything online. Children are being exploited here as an excuse.
- So as you read the Bill, consider how altruistic any government initiative must be if it requires two layers of A/B tested messaging disinformation.”8
In a reply to some of these concerns, the government put out a response that aimed to be a bit more precise as to who the bill will NOT target, namely:
- Business-to-business services.
- Services which play a functional role in enabling online activity, such as internet service providers.
- Low-risk businesses (such as retailers who offer only product and service reviews);
- Content published by a news publisher on its own site (e.g. on a newspaper or broadcaster’s website) and user comments on that content. In order to protect media freedom, legislation will include robust protections for journalistic content shared on in-scope services.
- Online services managed by educational institutions, where those institutions are already subject to sufficient safeguarding duties or expectations.
- Email and telephony.9
Global Parallels #
Taking a look at the broadly Western perspective, where most of the debates around tech are born and subsequently evolve, is crucial to our understanding as to where the compass needle points with regard to global policy debates.
“The internet is the greatest free-market innovation in history. It’s allowed us to live, play, work, learn and speak in ways that were inconceivable a generation ago. But it didn’t have to be that way. Its success is due in part to regulatory restraint. Democrats and Republicans decided in the 1990s that this new digital world wouldn’t be centrally planned like a slow-moving utility."
Ajit Pai, FCC (Federal Communications Commission)10
The Federal Communications Commission (FCC) is an independent agency of the United States government that regulates communications by radio, television, wire, satellite, and cable across the United States. We see a bit of the guiding logic of the FCC in these words by Thomas Hazlett speaking of the revolutionary advent of the iPhone, “Regulatory structure had to fade away for the new wireless world to evolve. Now whole new sectors are created, and nary a thought is given to the fact that the platform it sits on is a liberalized, deregulated spectrum market that frees the competitive forces that were so recently thought not up to the task at hand. What Herbert Hoover asserted had to be done by the state, it turns out, can only be done by open markets.”11 However, on the surface, it would seem we have come a long way from the words quoted by both Pai and Hazlett with the advent of the Online Safety Bill, a detailed document of rules and regulations, expressing, at least superficially, the very opposite of ‘regulatory restraint’. We would also do well to remember the FCC under Pai fought tooth and nail against net neutrality, the principle that internet service providers should treat all sources of data usage the same and not exercise favorability in providing broadband to their users. The predominant critique then was that this was a position favourable to the megacorporations and tech giants of the world. Currently, the U.K government positions the Bill as a means to reign in on big tech, but critics are quick to point out this is a red herring, with their primary interests lying in controlling the U.K populace.
The parallels between the Online Safety Bill with the recent IT Rules 2021 released by the Government of India are too striking to miss. The primary messaging by both governments seem to suggest that there is an urgency to ensure big social media sites are regulated, as well as the need to curb CSAM (Child Sexual Abuse Material) in the digital sphere. In his preview of the bill in the Telegraph, Dowden makes this amply clear in his opening lines, “The internet is an amazing thing, and has totally redefined how we connect and communicate. But if platforms like Facebook and Twitter are the new town square, then that square is in serious need of a clean-up. In the last few weeks we’ve seen footballers leading a mass boycott of social media to protest abhorrent racist abuse. Women are trolled and threatened on a daily basis. Children are exposed to cyberbullying, sexual grooming and suicide content.”4:1 Likewise Rakesh Maheshwari, Group Coordinator, and Head of Cyber Law, Ministry of Electronics & Information Technology (MeitY) said that the Indian IT Rules seek “to curb the spread of problematic unlawful information on intermediary platforms like revenge porn and related content.”12
Online Safety Bill Vs IT Rules: A Comparative Table #
|The Draft Online Safety Bill 2021||IT Rules 2021|
|There are separate liabilities outlined for ‘Category 1’ services, i.e the largest online user-generated content platforms (Facebook, Twitter, Instagram etc)||The Rules lay down additional due diligence requirements to be observed by “significant social media intermediaries”. This is defined as those who primarily or solely enables online interaction between two or more users and allows them to create, upload, share, disseminate, modify or access information using its services and has more than 50 lakh registered users. These are classified as a significant social media intermediary. Thus, all popular social networking platforms such as Whatsapp, Facebook, Instagram and Twitter would be required to observe these additional due diligence requirements|
|The Bill states that Category 1 services should have appropriate reporting systems and complaints procedures on which the service provider can take appropriate action||The Rules state that Significant social media intermediaries are obligated to get an entire grievance redressal team as well as a Chief Compliance Officer. Further, a three-tier system of grievance redressal has been prescribed, this begins with an internal grievance officer attempting to mitigate the complaint, but could potentially go all the way up to a Government body making the final call|
|The Bill states that Category 1 services take proportionate steps to mitigate and manage the risks of harm to children both identified in the children’s risk assessment and present on the service||The Rules have made a requirement to develop automated tools or other mechanisms to proactively identify information that depicts any act or simulation in any form depicting rape, child sexual abuse or conduct|
|The Bill states that Category 1 services have systems and processes in place that minimizes the presence and dissemination of illegal content and the length of time such content is present on the site, and swiftly take down illegal content when alerted to its presence||The Rules state that The Grievance Officer of an intermediary is responsible for acknowledging complaints within 24 hours and resolving them within a reduced timeline of 15 days|
|The Bill states that Category 1 services have a duty to make and keep a written record of any steps taken to comply with a|
|relevant complaint||When an intermediary receives an order/notification to remove/disable access of information, from the court, Government or its lawful agencies, such information and associated records must be preserved by the intermediaries for 180 days or for such period as may be required by the court, Government or lawful agencies. Separately, any information collected from users during the registration process must be retained for a period of 180 days after cancellation of registration|
|In the event of non-compliance Category One services could face fines of up to £18 million (US$25 million) or be blocked in the U.K||If an intermediary fails to observe any of the rules laid down, it loses protection afforded to it by Section 79 of the Information Technology Act, which is ‘safe harbour’ provision which grants conditional immunity to intermediaries from liability for third party acts|
In India, we are already hearing news of Google and Facebook seeking to comply with the rules with a certain nimble footedness that speaks to the sheer extent of their resources and capabilities. This adds some strength to the aforementioned claim by Heather Burns that the rules impact “all services of all sizes, based in the UK or not.” The serious criminal liability and punitive damage in the event of non-compliance in both countries is another uniting factor, large platforms could face fines of up to £18 million (US$25 million) or be blocked in the U.K. if they fail to comply, while senior managers could face criminal action.3:2 Meanwhile in India, the Rules state that if an intermediary fails to observe any of the rules laid down, it loses protection afforded to it by Section 79 of the Information Technology Act, which is a ‘safe harbour’ provision which grants conditional immunity to intermediaries from liability for third party acts. Additionally, the Chief Compliance Officer is also subject to criminal liability.13 In 2018, the U.N. special rapporteur on freedom of expression said that tying heavy penalties to content regulation would chill freedom of expression, a concern that both the Indian and U.K press have also flagged.14 Where the Indian and the U.K context significantly diverge is the consultative participation of policy experts, digital rights organisations, and civil society in the U.K scenario (over 2400 responses to the original White Paper were considered and debated before passing the bill) and the lack of any such process in the Indian context. At the core of the trepidations around the bill is the suspicion that they have a wider sphere of influence than purported, with the stated focus on significant social media intermediaries and CSAM material serving as a red herring. In the latter case, both governments have pre-existing laws tackling CSAM, the U.K specifically criminalising “CSAM distribution, possession, and production is criminalised in the UK through the Sexual Offences Act, 2003”, and India having CSAM covered under the Protection of Children Against Sexual Offences Act, 2012 (POCSO Act), the Information Technology Act 2000 (IT Act), the Information Technology (Procedure and Safeguards for Interception, Monitoring, and Decryption of Information) Rules, 2009.15 In the former, with large social media companies seeking to comply with the Rules and many large social media companies having taken government friendly stances in many parts of the Global South, we are yet to see how the entire picture unfolds in the times to come.
Kenyon, Tilly. “The Online Safety Bill: What Is It and What Does It Mean?: Digital Transformation.” Technology Magazine, 2021, technologymagazine.com/digital-transformation/online-safety-bill-what-it-and-what-does-it-mean. ↩︎
Department for Digital Culture. “Online Harms White Paper.” GOV.UK, GOV.UK, 15 Dec. 2020, www.gov.uk/government/consultations/online-harms-white-paper. ↩︎
Dowden, Oliver. “Oliver Dowden’s Opinion Piece for The Telegraph on the Online Safety Bill.” GOV.UK, GOV.UK, 11 May 2021, www.gov.uk/government/speeches/oliver-dowdens-opinion-piece-for-the-telegraph-on-the-online-safety-bill. ↩︎ ↩︎
Barker, Tim. “The Online Safety Bill: a Step towards Digitally Safe Mental Health Support.” Pharmaphorum, Pharmaphorum, 19 May 2021, pharmaphorum.com/views-and-analysis/the-online-safety-bill-a-step-towards-digitally-safe-mental-health-support/. ↩︎
Global Partners Digital. First Thoughts on the UK’s Draft Online Safety Bill. 2021, www.gp-digital.org/first-thoughts-on-the-uks-draft-online-safety-bill/. ↩︎
Hern, Alex. “Online Safety Bill: a Messy New Minefield in the Culture Wars.” The Guardian, Guardian News and Media, 12 May 2021, www.theguardian.com/technology/2021/may/12/online-safety-bill-why-is-it-more-of-a-minefield-in-the-culture-wars. ↩︎
Burns, Heather. “Why the Online Safety Bill Threatens Our Civil Liberties.” Politics.co.uk, 27 May 2021, www.politics.co.uk/comment/2021/05/26/why-the-online-safety-bill-threatens-our-civil-liberties/. ↩︎
Heywood, Debbie. “Out of Harm’s Way? Online Safety Bill Published.” Lexology, 24 May 2021, www.lexology.com/library/detail.aspx?g=d0bde289-2857-4098-85bb-562cc2f20867. ↩︎
AARP. “Ajit Pai’s Policing the Internet as FTC Chariman.” AARP, 4 June 2019, www.aarp.org/politics-society/government-elections/info-2019/ajit-pai-chairman-fcc.html. ↩︎
Ajit Pai, and Thomas Hazlett. Cato.org, www.cato.org/policy-report/may/june-2018/untold-history-fcc-regulation. ↩︎
ET Telecom Editorial. “Meity Says Intermediary Guidelines Will Not Be Used to Break Encryption - ET Telecom.” ETTelecom.com, 7 May 2021, telecom.economictimes.indiatimes.com/news/meity-says-data-protection-rules-will-not-be-used-to-break-encryption-of-intermediaries/82455481. ↩︎
Kalra, Malavika Kapila. “Intermediary Liability under the Information Technology Act: Time for an Amendment?” Bar and Bench - Indian Legal News, 2021, www.barandbench.com/columns/intermediary-liability-under-the-information-technology-act-time-for-an-amendment. ↩︎
United Nations. “2018 Thematic Report to the Human Rights Council on Content Regulation.” OHCHR, 2018, www.ohchr.org/EN/Issues/FreedomOpinion/Pages/ContentRegulation.aspx. ↩︎
Human Rights Document. “Trends in Online Child Sexual Abuse Material.” Human Rights Documents Online, doi:10.1163/2210-7975_hrd-9926-20180017. ↩︎