The Digital India Act, 2023 (DIA), is being formulated with an aim to replace
the existing Information Technology ("IT Act"). The DI Act seeks to transform
the internet landscape today, with significant internet penetration, multiple
intermediaries operating across the internet, and complex forms of user harm.
The Act seeks to promote a safe, open, and trusted internet, provide
accountability, quality of service, and a better adjudicatory mechanism.
- Open Internet:
One of the key components of the new DIA is to promote an open internet that presents a choice to consumers, promotes competition among digital players, furthers online diversity, facilitates fair market access for start-ups and new entities, and extends the ease of doing business and compliance. The DIA seeks to safeguard innovation to enable growth and development of new cutting-edge technologies. Further, through the DIA, the government seeks to enable digital governance by providing easy access to government and public utility services through online and mobile platforms.
- Online Safety and Trust including User Harm:
The Bill aims to ensure Online Safety and Trust including User Harm by:
- Protect users from online harm by introducing offenses such as cyber-flashing, offenses against protected groups such as women, cyber-bullying, doxing, and salami-slicing attacks.
- Age-gating certain sections of the internet to protect children.
- Extending digital user rights such as the right to be forgotten (which has been excepted from the recent version of the DPDP Bill), the right to secured electronic means, etc.
- By moderating fake and other false online content
- By regulating high-risk AI systems quality testing frameworks, algorithmic accountability, etc.
- Empowering agencies like Indian Computer Emergency Response Team ('CERT-IN') for cyber resilience, issuing advisories on information and data security practices.
- Regulation of privacy-invasive devices such as spy cameras, etc
- Content monetization rules for user-generated and platform-generated content.
- Accountable Internet:
The DIA seeks to make the internet space accountable which includes adjudicatory and appellate mechanisms for digital operators, digital contraventions or offenses, algorithmic transparency, and periodic risk assessments applicable to certain players.
The DIA further seeks to address the multiple intermediaries which have developed in recent times. The Act seeks to provide separate rules for each class of intermediaries. The Act also recognizes the multiple types of participants in the internet ecosystem and proposes to provide different types of guardrails and regulatory requirements that would have to be developed for each of them and to extend the safe harbor, to all the intermediaries present.
- Regulatory Framework:
It was proposed that the comprehensive digital framework would comprise four pillars: the Digital India Act, which would govern information technology law, a telecommunications law framework, the Draft Indian Telecommunications Bill, 2022 the proposed personal data protection law- the Digital Personal Data Protection Bill, 2022 ('DPDP Bill') which deals with personal data and the National Data Governance Policy.