We live an increasingly online everyday life. Today, internet platforms are at the helm of conversations, domineer interactions and impact relationships between social actors. These platforms’ power and control play a role in furthering fundamental values such as the right to communication and access to knowledge and information. Policies that govern this control, both at self-regulatory and state levels, should ensure the protection of such rights and freedoms while ensuring that users can reap these platforms’ benefits. The Ministry of Electronics and Information Technology recently published Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, to regulate intermediaries. While these guidelines adversely affect users’ rights and freedoms in general, the adverse effect is amplified manifold when it comes to marginalised genders, especially in light of India’s socio-political and cultural contexts.
Internet- a safe harbour for marginalised genders
It is crucial to understand that the internet has been a game-changer for the marginalised genders. Access to the internet has given marginalised genders the opportunity to create spaces for interaction and finding solidarity. The internet plays a critical role in enabling young women to overcome social controls, assert their sexuality and identity, given a highly repressed socio-cultural context. It has allowed the creation of safe spaces for alternate sexualities such as Gaysifamily (intended as a safe and intimate space for peer sharing of members of the LGBTQ community residing in South Asia); Orinam (a bi-lingual Tamil and English website created as a virtual space by a Tamil Nadu based support group for alternate sexualities and gender identities, to provide a platform for commentary and self-expression for LGBT individuals); and QueerInk (an initiative which started as an online platform for India-based individuals who deviate from what is considered ‘sexually normal’ and which has now branched into publishing queer literature). Sexual minorities are also utilising a combination of old and new technologies to create solidarities – such as Qradio, India’s first radio programme for the LGBT community that operates the FM and an online radio platform in its advocacy efforts. Additionally, the internet has proved a critical site for alternative sexualities to fight state repression. An example is social media’s critical role in the protests against the Supreme Court order, which overturned the High Court repeal of Section 377 of the Indian Penal Code.
While the internet has given shelter to marginalised genders, the connectedness also gives way to anti-social behaviour, which is particularly targeted towards persons from marginalised communities. Online abuse is directed towards certain identities – women and trans persons face online harassment at routinised levels. The key factor that enables these persons to speak freely without the fear of backlash is anonymity. —an example is the google spreadsheet of professors in India who have harassed women students. Such a spreadsheet came into being due to one single factor- anonymity. The new Intermediary rules put this anonymity at risk of destruction.
Verification Clause and Anonymity
Under Rule 4(7) of the Intermediary Rules, significant social media intermediaries must allow their users to verify their accounts using appropriate mechanisms such as linking their accounts to their mobile numbers. Accounts that are verified will be given a visible and demonstrable mark. While the Rules prescribe that this option will be voluntary, the implementation can differ from the text. As was with Aadhaar, entities, both private and public, asked to link accounts due to ease of compliance with government regulations. Further, the display of the “verification” mark gives credibility to the users with verified accounts, thus taking away the same from others. The need for credibility makes users gravitate towards linking their accounts without understanding the consequences. This exploitation of cognitive bias is called the ‘framing effect.’ The framing concept is prevalent in policies and political communication, where the informational emphasis is placed on a specific message. This concept of verified accounts attacks the idea of anonymity on the internet and the benefits that come with it. Persons from the marginalised genders who have anonymous or pseudonymous online profiles are often targets of online harassment. As per Facebook’s erstwhile ‘Real Name’ policy, anyone could flag an account as fake if the real name was not used. If flagged, women had to disclose their identities and risk further harm to themselves. The verifiability clause creates a risk of the same happening again.
An end to End to End Encryption
Further, the Intermediary Rules require intermediaries to trace the originator of the information. This puts an end to end-to-end encryption and compromises security on the internet. It leaves the data susceptible to hackers and state-backed surveillance. Additionally, the Information Technology Decryption Rules contain powers to make demands for the content of messages. Thus, when put together with the traceability requirements, the Government will gain knowledge of who sent a message and what the contents were. Cybersecurity is essential for marginalised genders using the safety and security of communication technology.
Data collection never takes place in a gender-neutral setting, so when data breaches occur, even if they are not targeting people specifically on the basis of gender, they can have a more severe impact on women and LGBTIQ people because of historical and structural inequalities in power relations based on gender and sexuality. Women and sexual minorities are more profoundly affected by the consequences of these kinds of data breaches because they may face discrimination or even prosecution as a result. These breaches impact not only their right to privacy but also their sexual and reproductive health and rights. For instance, in July 2016, the municipality of São Paulo experienced a data breach exposing the personal data of an estimated 650,000 patients from the Brazilian public health system. This massive data breach included names, addresses, and medical information, such as information about pregnancy and abortion care. According to the media, the personal data was from 2001 to 2007 and referred – in almost all of the cases – to women at some point of their pregnancy. Among those affected were 15,926 mothers who had given birth before seven months of gestation, 4,237 abortions and 181 recent stillbirths. It is worth noting that abortion is illegal in Brazil, so this data breach not only violated the right to privacy of the women affected around a socially sensitive issue but also exposed them and their doctors to potential criminal charges. Another instance is, in Chile in 2016, a public hospital suffered a cybersecurity failure and made available to their workers and even to the general public (via their intranet) more than three million health records, including the names, ID numbers, and addresses of women and girls who asked for the morning-after pill in a public hospital and people living with HIV.
Lack of anonymity and fear of data breaches is a two-pronged attack on the very existence of marginalised genders on any online platform. In India, the stigma attached to HIV, abortions, sexuality and gender and the consequences of the disclosure of such data in the form of 1. societal exclusion, 2. honour killings or even 3. state-backed sanctions (for instance, until 2017, Karnataka State Police Act included section 36A that allowed the police to maintain a register of the names and addresses of trans people who could be “reasonably suspected” of “undesirable activities”), makes anonymity a sine qua non for the use of online spaces by marginalised genders. The fear of being exposed due to the usage of online platforms thus damages their ability to be seen, heard and hinders their ability to participate as social actors. Intermediary Rules have far-reaching consequences on online privacy, freedom of speech and expression, and access to information, whose adverse effects are multiplied manifold with respect to marginalised communities. Such policies should thus be framed after adequate consultation with civil society organisations.
This article is written by Varsha Singh from r-TLP as part of an ongoing collaboration between Tech Law Forum blog, NALSAR and r-TLP.
The Tech Law Forum is a student-run initiative at NALSAR University of Law, and it aims, essentially, to provide an open platform for opinions, comments, and responses, from students – a platform for discussions and debates on all issues relating to Technology Law, with a specific but not limited focus on India.