All social media platforms, who do not act as intermediaries, should be treated as publishers and can be held responsible for the content they host, as per the recommendation made by Joint Committee on Personal Data Protection Bill, 2019, headed by MP PP Chaudhary, in its report. Moreover, the Committee also recommended that no social media platform should be allowed to operate in India unless the parent company handling the tech sets up an office in India.
Watch the BuzzInContent Awards 2021 promo:
The Committee, considering the immediate need to regulate social media intermediaries expressed the view that these designated intermediaries may be working as publishers of the content in many situations, owing to the fact that they have the ability to select the receiver of the content and also exercise control over the access to any such content hosted by them. A mechanism may be devised in which social media platforms, which do not act as intermediaries, will be held responsible for the content from unverified accounts on their platforms, the Joint Committee said in its report submitted on Thursday.
Once application for verification is submitted with necessary documents, the social media intermediaries must mandatorily verify the account. Further, the Committee have recommended that a statutory media regulatory authority, on the lines of Press Council of India, may be setup for the regulation of the contents on all such media platforms irrespective of the platform where their content is published, whether online, print or otherwise.
The Joint Committee has recommended that since only one Data Protection Authority (DPA) will handle both personal and non-personal data, any further policy/legal framework on non-personal data should also be made a part of the enactment instead of any separate legislation.
As soon as the provisions to regulate non-personal data are finalized, there may be a separate regulation on non-personal data in the Data Protection Act to be regulated by the Data Protection Authority.
It has recommended that an approximate period of 24 months may be provided for implementation of any and all the provisions of the Act so that the data fiduciaries and data processors have enough time to make the necessary changes to their policies, infrastructure, processes. Apart from this, the report also says that the social media platforms should be treated as publishers and be regulated for the content they host, as per a release from the Lok Sabha Secretariat.
In the report the Joint Committee has also vouched for developing an alternative indigenous financial system, on the lines of similar systems elsewhere such as Ripple (USA), INSTEX (EU), which would not only ensure privacy but also give a boost to the digital economy.
It also asked for a new sub-clause to be inserted to enable DPA for framing the regulations to regulate hardware manufacturers and related entities. The Committee has strongly recommended that the Government should make efforts to establish a mechanism for the formal certification process for all digital and IoT devices that will ensure the integrity of all such devices with respect to data security. Along with this it has asked for some concrete steps to be taken by the Centre to ensure that a mirror copy of the sensitive and critical personal data which is already in possession of the foreign entities should be mandatorily brought to India in a time bound manner.
The government has also been urged by the Joint Committee to prepare a policy, after holding consultations with sectoral regulators, on data localisation encompassing broadly the aspects like development of adequate infrastructure for the safe storage of data of Indians which may generate employment; introduction of alternative payment systems to cover higher operational costs, inclusion of the system that can support local business entities and start-ups to comply with the data localisation 8 provisions laid down under this legislation; promote investment, innovations and fair economic practices; proper taxation of data flow and creation of local Artificial Intelligence ecosystem to attract investment and to generate capital gains.
Apart from these, it contains several recommendations on topics like having fixed guiding principles to handle data breach, mechanism to be followed for processing of personal data when the child attains the age of majority, among others.