India's government is still seeking more direct control of the internet, using ill-defined buzzwords ("hate speech," "fake news") as justification for broken encryption and holding tech companies directly responsible for content created by users. The Indian government may have passed and killed a "fake news" law in the space of 24 hours, but the term lives on as a useful enabler for censorship.
New rules proposed by the Indian government to rein in tech giants and combat fake news could have a profoundly chilling effect on free speech and privacy online. The proposed changes involve Section 79 of the IT Act, a safe harbor protection for internet “intermediaries” that’s akin to Section 230 of the Communications Decency Act in the US. Current law protects intermediaries such as internet service providers and social media platforms from liability for the actions of their users until they are made aware of a particular post; intermediaries also must only censor content when directed by a court.
The proposed amendments attempt to curb the spread of misinformation on platforms like Facebook and Twitter by effectively forcing internet companies to censor a broad swath of user content. They also require secure messaging services like WhatsApp to decrypt encrypted data for government use, which could affect the security of users around the globe. The rules also would require internet companies to notify users of their privacy policies monthly.
Just the threat of government intervention has been enough to turn a number of US companies into proactive censors. As Paris Martineau notes in this Wired article, Netflix and a number of other streaming services have already voluntarily agreed to engage in self-censorship, purging their Indian offerings of content that "disrespects the country's flag," "hurts religious sentiments," or promotes terrorism.
Netflix's justification for self-censorship is apparently that this is somehow better than direct government censorship. But this justification makes no sense, especially when proactive measures tend to remove more content than is actually illegal. Add in some automation and legal content is going to get flagged and removed faster than the Indian government can issue self-serving removal requests.
The government's timetable on content removal only adds to the problem. The Indian government wants content it finds illegal removed within 24 hours of notification. Short turn times -- seen elsewhere in the world -- have increased proactive takedowns by internet companies, resulting in far more content removals than are strictly necessary.
Not that these governments are complaining. Bogus takedowns aren't their problem, beyond the occasional courtroom dispute over mistakenly-removed content. At this point, governments need only threaten to put direct censorship in place to start seeing content these governments don't like removed.
India's plan introduces compromised encryption to the mix, which would set a dangerous precedent if companies like WhatsApp comply. If it can be done in India, it can be done anywhere, and a long list of government entities frustrated that they don't have access to every domestic online conversation will see this as an invitation to make similar demands. And once the floodgates are opened halfway around the world, it's going to be tough to argue you can't do the same thing in your home country.