Skip to main content

India bans 59 Chinese apps under section 69A; what does the law mean, why the order lacks transparency

The government’s much-publicised ban this Monday of 59 Chinese apps is most significant (for the cyber lawyer) for the use made of Section 69A of the Information Technology Act, 2000  first, as a tool for geopolitical strategy (widely viewed as such given the Chinese focus despite several American and other apps facing several allegations, the unusual announcement via a press release and the growing anti-Chinese sentiment in the country). While not much prevents the government from using any tool at its disposal with an underlying geopolitical motive, compliance with the law is essential, and here issues arise with the use of S.69A.

Image: Pixabay

S.69A and the related procedural safeguards laid down do not deal with data privacy concerns (unless it arises specifically in relation to the content being examined). Image: Pixabay

S.69A is a content regulation tool

The second significant new use of S.69A here is its use as a tool for achieving data protection compliance. Meity’s press release banning the apps lists broad concerns including national security and sovereignty concerns, arising from data security and privacy concerns, in particular from complaints of apps ‘stealing and surreptitiously transmitting users’ data in an unauthorised manner to servers which have locations outside India.

Illegal data harvesting is a concern for any app, Chinese or otherwise. S.69A, however, is not designed to deal with data harvesting, privacy, or even (technical) security concerns. It is essentially a content regulation tool, designed to deal with offending content via blocking access to it. The related Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009 reveal as much― a request to block information, for instance, must be accompanied with ‘printed sample content of the alleged offending information’. Complaint formats therein prescribe a screenshot/printout of the offending content, and it is this sample content that must be evaluated for whether it violates security, sovereignty, and other reasons listed under S.69A. S.69A and the related procedural safeguards laid down do not deal with data privacy concerns (unless it arises specifically in relation to the content being examined).

Range of apps banned

S.69A is thus basically a law in exercise of the State’s power under Article 19(2), to restrict free speech which violates the sovereignty, integrity, etc., of the country. The press release lists several national security concerns and related complaints, but does not list if any content-related issues specifically were found with these apps. Among the few publicly known cases are the content related issues against TikTok which led to its brief ban by the Madras High Court last year.

The range of apps that have been banned, further, make it harder to assess their content specific implications. For instance, apart from social networks, games, camera apps, image editors, etc. that are banned, the press release also bans mapping applications, video calling apps, document scanners and battery savers. It is primarily data harvesting and privacy concerns with these apps that is clear.

Even looking at the ban from a geopolitcal lens, the selection of the apps appears random. For instance, it bans Chinese games Clash if Kings and Mobile Legends, but not PUBG, despite PUBG’s tremendous popularity.  Nor are the apps company-specific, for instance with Tencent―WeChat, QQ Music, QQ Mail, etc. are banned, but not Tencent Cloud, Call of Duty or again, PUBG.  The implication would be that specific complaints were made against these 59 apps specifically.

Addressing the lack of transparency

The listed reasons for the ban and the selection of apps thus make for a press release that is difficult to understand. A reading of the actual order would make it easier to understand the legality of the order, in particular regarding whether actual content-specific issues arose in relation to the apps. A separate issue with the press release that has been highlighted is that S.69A is a law designed to address specific violations by individual apps, and not general violations by a collection of apps. Together, the ban of these 59 apps thus requires a separate, evidence-based evaluation of the alleged content violations by each of the 59 apps.

Under the rules, however, the government is under no obligation to disclose the order. To the contrary, such orders are expressly protected, requiring the maintaining of confidentiality w.r.t to the requests and complaints received, and the action taken.

Assuming that the purpose of the confidentiality clause is essentially to protect the identities of the persons making the complaints, the government should consider revealing more on the reasons behind the ban in the interest of transparency. Governmental actions, are after all, subject to the rule of law, and the press release makes it prima facie unclear as to how the ban is compliant with law.

Bringing in a data protection law

Setting aside the geopolitical angle to the ban, what stands out most is the sheer inadequacy of Indian laws to address data protection concerns. Section 43A of the IT Act, India’s primary data protection law, is very limited in its redressal― it protects only a breach of sensitive personal data by a body corporate, which leads to wrongful loss on account of a lack of reasonable security practices. The government needs to bring in the Personal Data Protection Bill soon.

The author is a lawyer specialising in tech, privacy and cyber laws. Views are personal.



Udimi - Buy Solo Ads from Firstpost Tech Latest News https://ift.tt/3dUKDmo
via IFTTT

Comments

Popular posts from this blog

9 VCs in Madrid and Barcelona discuss the COVID-19 era and look to the future

Spain’s startup ecosystem has two main hubs: Madrid and Barcelona. Most observers place Barcelona first and Madrid second, but the gap appears to close every year. Barcelona has benefitted from attracting expats in search of sun, beach and lifestyle who tend to produce more internationally minded startups. Madrid’s startups have predominantly been Spain or Latin America-focused, but have become increasingly international in nature. Although not part of this survey, we expect Valencia to join next year, as city authorities have been going all-out to attract entrepreneurs and investors. The overall Spanish ecosystem is generally less mature than those in the U.K., France, Sweden and Germany, but it has been improving at a fast clip. More recently, entrepreneurs in Spain have moved away from emulating success in pursuit of innovative technologies. Following the financial crisis, the Spanish government supported the creation of startups with the launch of FOND-ICO GLOBAL, a €1.5 billi...

How to Stay Creative and Keep SEO in Mind

Information Technology Blog - - How to Stay Creative and Keep SEO in Mind - Information Technology Blog Search engine optimization (SEO) refers to customizing your website’s content to ensure that web browsers give your website a high SEO score. The sites with the highest SEO scores are featured on the search engine’s first page of search results for relevant searches.  71%  of the click-throughs happen with articles listed on the first page of results on the search engine. This means that if your website’s article is the second (or third, or fourth page), it’s less likely the search user will even see your article. You want your article to be ranking as close to the top of the first page of results as possible. In order to have a good SEO score your site’s content needs to feature keywords and relevant phrases. It must be optimized for easy navigation between pages. It also needs to be referenced via external links that drive traffic to your site. Incorporating all of t...

Everything we know about HHS Protect, a secretive government project with Peter Thiel's Palantir that helps brief Trump's coronavirus task force

A secretive project at the US Department of Health and Human Services is working with technology companies to collect and analyze data related to the novel coronavirus .  Dubbed "HHS Protect," the effort tracks information from around the country about coronavirus case numbers, hospital capacity, and even supply chain issues.  HHS uses Palantir Technologies , a data firm cofounded by Peter Thiel, to distill that information for the White House coronavirus task force. Visit Business Insider's homepage for more stories . A secretive project at the US Department of Health and Human Services is working with technology companies to collect and analyze data related to the novel coronavirus.  Dubbed "HHS Protect," the effort includes roughly 2.5 billion pieces of data from healthcare providers, government officials, and labs around the country about coronavirus case numbers, hospital capacity, and even supply chain issues.  The goal is learn about the progress...