Multiple industry bodies have made representations to the Ministry of Electronics and Information Technology (MeitY) to remove the a specific clause in the new intermediary rules. The clause in question imposes criminal liability on the Chief Compliance Officer of significant social media intermediaries. Industry bodies have asked the government to remove the provision in the interest of “promoting ease of doing business” and better “enforcement of laws”, the Economic Times reported.
The industry bodies include The Internet and Mobile Association of India (IAMA), the Confederation of Indian Industry (CII) and the Federation of Indian Chambers of Commerce and Industry (FICCI), US-India Business Council (USIBC) and the US-India Strategic Partnership Forum (USISPF).
IAMAI said that the personal liability clause for the chief compliance officer should be replaced by an appropriate provision which is proportional to the harms caused by noncompliance.
Personal Liability of Chief Compliance Officer
As per the new rules, significant social media intermediaries need to appoint a Chief Compliance Officer. Such an officer will be responsible for ensuring compliance with the IT Act and associated rules. For non-compliance, the officer “shall be liable in any proceedings relating to any relevant third-party information, data or communication link made available or hosted by that intermediary where he fails to ensure that such intermediary observes due diligence while discharging its duties under the Act and rules.”
Long story short: The Chief Compliance Officer will be personally liable for any non-compliance of due diligence with the IT Act, or the intermediary rules. Unless the officer ensures all due diligence, he can be named and tried in any criminal case, which may arise due to any illegal activity of a user.
For our readers who are unaware of the due diligence requirements for significant social media intermediaries, here are the details.
Effects of Personal Liability
In the recent standoff between Twitter and Delhi Police, the Police had gone to the Twitter HQ in Delhi. Although the police said that it had gone to determine who to deliver a ‘notice’ to, Twitter later on expressed an apprehension to the safety of its employees in India. Such a provision will result in ‘compliance hesitancy’, as no company would want to put its employee in such a fragile position.
The industry groups also content this precise issue. They add that modern corporate jurisprudence is leaning towards replacing criminal liability with monetary penalty. Further, any personal liability could be highly disproportionate to a fault in due diligence.
One representative of IAMAI told ET that the industry grouping has requested MeitY to finalise and publish the Standard Operating Procedures for relevant provisions, which will add safeguards for the employees and help in confidence building for such officers in India.