[Varsha Singh is a fifth-year law student and contributing editor at robos of Tech Law and Policy, a platform for marginalized genders in the technology law and policy field. This essay is part of an ongoing collaboration between r – TLP and the NALSAR Tech Law Forum Blog and is the third post in the series. Previous entries can be found here.]
We live an increasingly online everyday life. Today, internet platforms are at the helm of conversations, dominating interactions and impacting relationships between social actors. These platforms’ power and control play a role in furthering fundamental values such as the right to communication and access to knowledge and information. Policies that govern this control, both at self-regulatory and state levels, should ensure the protection of such rights and freedoms while ensuring that users can reap these platforms’ benefits. The Ministry of Electronics and Information Technology recently published Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 to regulate intermediaries. While these guidelines adversely affect users’ rights and freedoms in general, the adverse effect is amplified manifold when it comes to marginalised genders, especially in light of India’s socio-political and cultural contexts.
Internet – A Safe Harbour for Marginalised Genders
It is crucial to understand that the internet has been a game-changer for marginalised sections of society. Access to the internet has given marginalised genders the opportunity to create spaces for interaction and finding solidarity. The internet plays a critical role in enabling young women to overcome social controls, assert their sexuality and identity, given a highly repressed socio-cultural context. It has allowed the creation of safe spaces for alternate sexualities such as Gaysifamily (intended as a safe and intimate space for peer sharing of members of the LGBTQ community residing in South Asia); Orinam (a bi-lingual Tamil and English website created as a virtual space by a Tamil Nadu based support group for alternate sexualities and gender identities, to provide a platform for commentary and self-expression for LGBT individuals); and QueerInk (an initiative which started as an online platform for India-based individuals who deviate from what is considered ‘sexually normal’ and which has now branched into publishing queer literature). Sexual minorities are also utilising a combination of old and new technologies to create solidarities such as Qradio, India’s first radio programme for the LGBT community that operates the FM and an online radio platform in its advocacy efforts. Additionally, the internet has proved a critical site for alternative sexualities to fight state repression. An example is social media’s critical role in the protests against the Supreme Court order, which overturned the High Court repeal of Section 377 of the Indian Penal Code.
While the internet has given shelter to marginalised genders, the connectedness also gives way to anti-social behaviour, which is particularly targeted towards persons from marginalised communities. Online abuse is directed towards certain identities, with women and trans persons routinely subjected to trolling and harassment. The key factor that enables these persons to speak freely without the fear of backlash is anonymity – an example is the Google spreadsheet of professors in India who have harassed women students. Such a document came into xistence solely due to the protection offered by anonymity – it is precisely this aspect that the Intermediary Rules seek to destroy.
Verification Clause and Anonymity
Under Rule 4(7) of the Intermediary Rules, significant social media intermediaries must allow their users to verify their accounts using appropriate mechanisms such as linking their accounts to their mobile numbers. Accounts that are verified will be given a visible and demonstrable mark. While the Rules prescribe that this option will be voluntary, the implementation can differ from the text. As was the case with Aadhaar, private and public entities are being asked to link accounts due to ease of compliance with government regulations. Further, the display of the “verification” mark gives credibility to the users with verified accounts, thus taking away the same from others. The need for credibility makes users gravitate towards linking their accounts without understanding the consequences. This exploitation of cognitive bias is called the ‘framing effect.’ The framing concept is prevalent in policies and political communication, where the informational emphasis is placed on a specific message. This concept of verified accounts attacks the idea of anonymity on the internet and the benefits that come with it. Persons from the marginalised genders who have anonymous or pseudonymous online profiles are often targets of online harassment. As per Facebook’s erstwhile ‘Real Name’ policy, anyone could flag an account as fake if the real name was not used. If flagged, women had to disclose their identities and risk further harm to themselves. The verifiability clause creates a risk of the same happening again.
An End to End-to-End Encryption
Further, the Intermediary Rules require intermediaries to trace the originator of the information. This puts an end to end-to-end encryption and compromises security on the internet. It leaves the data susceptible to hackers and state-backed surveillance. Additionally, the Information Technology Decryption Rules contain powers to make demands for the content of messages. Thus, when put together with the traceability requirements, the Government will gain knowledge of who sent a message and what the contents were. Cybersecurity is essential for marginalised genders using the safety and security of communication technology.
Data collection never takes place in a gender-neutral setting – as a result, when data breaches occur, their impact on women and LGBTIQ people is magnified because of historical and structural inequalities in power relations based on gender and sexuality. Women and sexual minorities are more profoundly affected by the consequences of these kinds of data breaches because they may face discrimination or even prosecution as a result. These breaches impact not only their right to privacy but also their sexual and reproductive health and rights. For instance, in July 2016, the municipality of São Paulo experienced a data breach exposing the personal data of an estimated 650,000 patients from the Brazilian public health system. This massive data breach included names, addresses, and medical information, such as information about pregnancy and abortion care. According to the media, the personal data was from 2001 to 2007 and referred – in almost all of the cases – to women at some point of their pregnancy. Among those affected were 15,926 mothers who had given birth before seven months of gestation, 4,237 abortions and 181 recent stillbirths. It is worth noting that abortion is illegal in Brazil, so this data breach not only violated the right to privacy of the women affected around a socially sensitive issue but also exposed them and their doctors to potential criminal charges. Another instance occured in Chile in 2016, where a cybersecurity failure on the part of a public hospital led to the publication of more than three million health records, including the names, ID numbers, and addresses of women and girls who asked for the morning-after pill in a public hospital and people living with HIV.
Lack of anonymity and fear of data breaches is a two-pronged attack on the very existence of marginalised genders on any online platform. In India, the stigma attached to HIV, abortions, sexuality and gender portend very real consequences when data is disclosed, including exclusion, honour killings or even state-backed retaliation (for instance, until 2017, Karnataka State Police Act included section 36A that allowed the police to maintain a register of the names and addresses of trans people who could be “reasonably suspected” of “undesirable activities”). This makes anonymity a sine qua non for the use of online spaces by marginalised genders. The fear of being exposed due to the usage of online platforms thus damages their ability to be seen, heard and hinders their ability to participate as social actors. Therefore, in the final analysis, the newly published Intermediary Rules have far-reaching consequences on online privacy, freedom of speech and expression, and access to information, whose adverse effects are multiplied manifold with respect to marginalised communities.