New Delhi: To prevent the harm caused by misinformation through deepfakes, the Ministry of Electronics and Information Technology on Friday informed the Rajya Sabha that advisories have been issued to significant social media platforms, advising them to ensure that their rules and regulations and the user agreement contain appropriate provisions for the users not to host, display, upload, modify, publish, transmit, store, update or share any information that is prohibited under IT rules.
Union Minister of State for Electronics and Information Technology Rajeev Chandrasekhar shared the input, clarifying that "the policies of the government are aimed at ensuring that the Internet in India is open, safe, trusted and accountable to all users."
Chandrasekhar informed the Upper House that cheating by personation by using computer resources is punishable with imprisonment up to three years and a fine up to Rs 1 lakh under Section 66 D of Information Technology Act, 2000.
"Under Rule 3(2)(b) of IT Rules, 2021, an intermediary is obliged to remove and disable access to content in nature of impersonation within 24 hours from the receipt of a complaint in relation to such content," said the Minister while responding to the query of Independent MP Kartikeya Sharma, adding, "Under Rule 7 of IT Rules, 2021, where an intermediary fails to observe these rules, the provisions of sub-section (1) of Section 79 of the Information Technology Act, 2000 (immunity) shall not be applicable to such intermediary and the intermediary shall be liable for punishment under any law, including the provisions of the Act and the Indian Penal Code," he added.
The Minister's response came on a question about the measures taken by the government in ensure ethical use of futuristic technologies such as Artificial Intelligence (AI), machine learning, blockchain and Web3; and the measures taken by government in identification and resolution of cases pertaining to AI-generated deep fake content and identity theft.
"To prevent the harms caused by such misinformation through deepfakes, the Ministry of Electronics and Information Technology has issued advisories to significant social media intermediaries or platforms, drawing their attention to the above-mentioned provisions and advising them that they should ensure that their rules and regulations and the user agreement contain appropriate provisions for the users not to host, display, upload, modify, publish, transmit, store, update or share any information that is prohibited under IT rules," said the Minister.
"As part of the reasonable efforts made by them in this regard, they may also put in place appropriate technology and processes for identifying information that may violate the provisions of rules and regulations or user agreement; and that they are advised to ensure expeditious action, well within the timeframes stipulated under the IT Rules, 2021, to remove or disable access to information/content that violates the aforesaid provisions of the IT Rules, 2021, upon receipt of court orders or notification from the Appropriate Government or its authorised agency or on complaint made by the impersonated individual or person authorised by him in this behalf," said Chandrasekhar.
In case of failure to follow diligence as provided in the IT Rules, 2021, by intermediaries, the Minister said, the social media platforms shall lose their safe harbour protection under section 79 of the IT Act and shall be liable for consequential action as provided in IT Act, 2000, IT Rules, 2021, Indian Penal Code, 1860 and other applicable laws, as per the rule 7 of the IT Rules, 2021.
Asked whether government has set up teams for active monitoring of the dark web to identify malicious activities, the Minister said the term "Dark Net" is used to denote a class of content on the Internet that is not visible through general browsing and not indexed by search engines.
"To protect personal data of users, the Central Government, in exercise of its powers under the Information Technology Act, 2000, has prescribed reasonable security practices and procedures and sensitive personal data or information through the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011," said Chandrasekhar.
"These include the requirement that any person collecting, receiving, possessing, storing, dealing or handling information provided should publish on its website a policy for privacy and disclosure of personal information, that such person use the information collected for the purpose for which it was collected and keep it secure, that disclosure of sensitive personal data be done with prior permission of the information provider, that sensitive personal data or information not be published, and that a third party receiving sensitive personal data or information shall not disclose it further Section 72A of the Information Technology Act, 2000 provides for punishment for disclosure of information in breach of the lawful contract.
"It provides that any person including an intermediary who, while providing services under the terms of lawful contract, has secured access to any material containing personal information about another person, with the intent to cause or knowing that he is likely to cause wrongful loss or wrongful gain discloses, without the consent of the person concerned, or in breach of a lawful contract, such material to any other person, shall be liable to penalty which may extend to twenty-five lakh rupees," he added. (ANI)