By Ranjana Adhikari & Sarthak Doshi,
“Education took us from thumb impression to signature. Technology has taken us from signature to thumb impression, again.”
– Justice AK Sikri, Aadhaar Judgment (2018)
Welcome to the 21st century, where a thumb impression, largely considered primitive till a few years ago, is today amongst the most significant and coveted pieces of information, thanks to technology. The digital age has pushed us tore-imagine traditional products and services and re-purposed them into entirely new industries, take cab aggregators (replacing traditional taxi services), smart watches (replacing the analogue ones) or smart phones being re-imagined as entertainment hubs, as examples. But this transformation, however good, has come with its own set of challenges. The models have evolved so rapidly, that the current laws do not keep pace with the speed of innovation.
As our Prime Minister opined, world economies must not resist the “natural flow of globalisation”, and given globalisation is increasingly dependent on digitisation, our laws need to be nimble enough. This is where MeitY’s fervent push to organize stakeholder consultations and solidifying internet regulation through the proposed Digital India Act (“DIA”) is a welcome step. But as MeitY embarks on the journey, it should keep in mind a few principles that are fundamental to the regulation of our digital economy.
In this article, we focus on some suggestions on what principles could the DIA adopt to remain contemporary and agile for years to come.
Firstly, co-regulatory and self-regulatory models may be adopted to keep the law effective and efficient. Which model is most suitable for a business will ultimately depend on the risk it poses to the user and the economy. Creation of multiple statutory bodies is unsustainable in the digital age where innovation may be curtailed through micro scrutiny by the government. The government and industry bodies should collaboratively work, where the government ensures policy objectives are met and industry bodies keep the law proximate to the market realities. Success stories of co-regulation and self-regulation are increasing in India. Be it NPCI’s governance of UPI, the contemporary advertising guidelines from ASCI, or the regulation of online games through self-regulatory bodies under the recently amended IT Rules 2021. The DIA should take inspiration and extend these ideas to sectors like e-commerce, mobility businesses, and aggregator platforms. Self-regulation and co-regulation also ties well with our Prime Minister’s objective of ‘Minimum Government, Maximum Governance‘.
Second, with the multi-functional nature of newer business models, it is sensible to regulate platforms for what they carry versus what they are. In the attempt to categorise platforms in siloes of “intermediaries”, “publishers”, “aggregators” etc., the current law fails to appreciate the dynamic and fungible nature of digital platforms. Since MeitYhas the power to regulate the internet as whole under the Indian Constitution, the question on its competence to regulate all digital platforms should be moot and the current lacunae should be addressed by the DIA. The DIAs should provide principles that apply to the platform as a whole and the specific content may be regulated by the relevant regulator. IT Rules 2021 is a classic example where OTT content is regulated by the MIB, whereas MeitY has provided guidance on the regulation of the underlying platform. A similar principle could equally apply to ed-tech or med-tech etc. Further, with the digital landscape truly being global today, application of the law should not be dependent on the location of the platform, but rather the ultimate consumer. User trust is an important facet in making India truly digital, and the DIA may fail on its purpose if an average internet user is left without recourse only because the law is inapplicable to platforms operated from overseas.
Third, the DIA should refrain from adopting a one-size-fits-all approach to regulating digital platforms. Keeping the same ground rules for a new-age technology start-up and a traditional big tech company might make governance easier, but may have a cascading impact on market entry, incentive to innovate, and ease of doing business. The DIA may adopt a graded approach where platforms are governed and classified based on the sector they operate in, the specific functionalities they offer, and the nature and volume of consumers they impact. It will be worth looking at examples from foreign legislations like the EU’s Digital Services Act that classifies “very large online platforms” and “very large online search engines” separately from smaller players. While the current law makes this classification for SSMIs, it fails to apply equally to the context of online gaming intermediaries.
Lastly, DIA should strive to make the internet open, safe, and secure for all users. User safety should be at the heart of DIA. Currently, data leaks, identity thefts, cyber bullying, and e-scams are unfortunate realities of the digital world. The lack of digital literacy and access should not create a digital divide among the masses. Accordingly, principles of accessibility, cybersecurity, encryption, user safety should be present in the DIA and become second nature to the government and industry bodies ensuring its governance and applicability.
If the government chooses to adopt these contemporary principles and embrace open standards of interoperability, India can be not just a destination for doing business but serve as the technology hub for globalisation. The future is completely open, and we are writing it from moment to moment.
The article has been authored byRanjana Adhikari, Partner and Sarthak Doshi, Senior Associate, Indus Law.
Disclaimer: Views expressed are personal and do not reflect the official position or policy of Financial Express Online. Reproducing this content without permission is prohibited.