As part of a slew of measures adopted by the Government of India during months of heightened tensions between India and China, the Ministry of Electronics and Information Technology (MeitY), on June 29th of 2020, issued a press-release on its order blocking 59 Chinese applications on both mobile and non-mobile internet enabled devices. The blocked applications include PUBG, an online multi-player game, and TikTok, the increasingly popular video-sharing platform. In similar fashion, two more orders were issued, on September 2nd, 2020 and November 24th, 2020, which blocked respectively 118 and 43 more applications.
The orders, which have not been published, were issued by MeitY under the powers conferred to it under Section 69A of the Information Technology Act of 2000 and the Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules of 2009 framed under it. They were based on information, including complaints of data and privacy risk, received by MeitY that the applications were, ‘stealing and surreptitiously transmitting users’ data in an unauthorized manner to servers which have locations outside India.’
The blocking orders are not directed towards individuals but to intermediaries such as internet service providers. More clarity was shed on the scope of the blocking orders through MeitY’s responses to applications filed under the Right to Information Act of 2005, seeking information on the extent of the blocking.
MeitY’s response to one such RTI application inquiring about the maximum punishment and penalty for someone disobeying the ‘ban,’ was that while it does not ‘ban’ any application, it ‘blocks’ specific applications under the relevant information technology laws.[1] MeitY further stated that the law provides for a levy of penalty on intermediaries for non-compliance of blocking orders, and that penalties are not prescribed for individual users of such applications. According to MeitY’s response to another RTI application regarding the blocking of PUBG, the blocking order is directed at an application level and does not extend to the entities themselves that operate the applications.
After taking a closer look at the relevant information technology laws and issued press-releases, it appears that intermediaries, such as ISPs, are restricted from allowing access to blocked applications through their internet network, but, as per the blocking orders, there is no specific ‘ban’ on the applications. However, in this context, the line between ‘block’ and ‘ban’ is still blurry. Nevertheless, intermediaries that do not comply with the directions issued to them, [2] can be punished with a term of imprisonment that may extend to 7 (seven) years and will also be liable to a fine. [3]
Of course, virtual private networks are used to circumvent internet restrictions across the world, especially in instances of geo-blocking and where access to the internet or certain applications are restricted or controlled by governments as part of censorship measures. VPNs are used to establish a secure, encrypted network that can mask a user’s IP address while accessing the internet.
When it comes to the situation in India, news reports suggest that the use of VPNs by individuals to access blocked content, including applications, is commonplace. Though there are no specific laws prohibiting the use of VPNs, it is still unclear as to whether using one to access blocked applications may constitute as a prohibited activity under Indian laws. While the possible implications of such access are unknown, considering the purposes for which the blocking orders were issued, that is national interest and security, the mere act of engaging in the access, download or use of blocked applications may be construed as prohibited activity under Indian laws.
There is also the possibility that the use of VPNs to access computer or internet networks of intermediaries, such as ISPs, may amount to unauthorised access or use of such networks. This is because, on account of the blocking orders issued to them, ISPs cannot, and do not, allow or authorise users to access blocked applications through their network. In the same way, any acts of assistance, encouragement, or facilitation of access, through special tools, to blocked applications through the network of an ISP may be construed as unauthorised usage of such networks. Therefore, these acts may constitute as unauthorised acts vis-à-vis the ISP, the result of which could be a breach of the terms and conditions of use of such service by the users and may entail a cause of action for damages. Additionally, it may lead to potential violations of relevant provisions pertaining to unauthorised access of a computer network, thus resulting in the imposition of penalty and payment of compensation.[4]
Recent news reports seem to suggest that the blocking orders are here to stay, with no respite or relaxations seen in the foreseeable future.
Sources
[1] The Information Technology Act of 2000, Section 69A; The Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules, 2009.
[2] The Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules, 2009, Rule 12.
[3] The Information Technology Act, 2000, Section 69A.
[4] The Information Technology Act, 2000, Section 43(g).
——
Raghunath Ananthapur is a Partner with a law firm in Bangalore, India and advises in the areas of corporate law, technology, media and intellectual property transactional and advisory work. Raghunath can be reached at: raghunath.ananthapur@magnahlaw.com
Prithvika Prasad is a recent graduate of law, and currently works as an Associate at a law firm in Bangalore, India. She can be reached at: prithvika.prasad@magnahlaw.com