The story so far: The website of VideoLAN Client (VLC) has been banned in India. Although there is no official information on the ban, VLC states that according to its statistics, its website has been banned since February this year.
VLC gained popularity in India in the late 90s when advancements in information technology led to the penetration of personal computers in Indian homes. It continues to be one of the most popular media players. Apart from being free and open source, VLC easily integrates with other platforms and streaming services and supports all file formats without requiring additional codecs.
Given VLC’s popularity, the ban on the VLC website caused quite a kerfuffle. Civil society organisations have repeatedly filed RTI applications with the Ministry of Electronics and Information Technology (MeitY). These applications have been met with similar responses stating that “no information is available” with the Ministry. This is despite the fact that when trying to access the website previously, the message “The website has been blocked as per order of Ministry of Electronics and Information Technology under IT Act, 2000”, was displayed. Lack of authoritative information from the government has led to speculation that VLC was banned along with the 54 Chinese applications in February this year. Although VLC is not a Chinese app, reports from cybersecurity firms, such as Symantec, in April this year suggested that Cicada, a hacker group allegedly backed by China, has been using the VLC Media Player to deploy a malicious malware loader. It is being suggested that this was part of a longer cyberattack campaign that started in mid-2021 and was still active in February 2022. It pointed out that Cicada’s targets were spread over a number of regions, including India. This is also being used to explain why the present ban is a soft ban rather than a hard ban. While the VLC website has been banned, the VLC app continues to be available for download on Google and Apple stores. This is probably because the app stores’ servers where the mobile apps are hosted are considered safer than servers where the desktop versions are hosted.
There are two routes through which content can be blocked online — executive and judicial. First, given the reach of the internet and its potential to cause significant harm to online users, governments across the world reserve the power to monitor and issue directions for regulation of the online content being available in their jurisdictions. The Government of India gets this power from Section 69A of the Information Technology Act, 2000. Section 69A allows the government to direct an intermediary to “block for access by the public ….. any information generated, transmitted, received, stored or hosted in any computer resource” if it is “necessary or expedient to do so, in the interest of sovereignty and integrity of India, defence of India, security of the state, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognisable offence”. Section 69A draws its power from Article 19(2) of the Constitution which allows the government to place reasonable restrictions on the fundamental right to freedom of speech and expression. Second, courts in India, also have the power to direct intermediaries to make content unavailable in India to provide effective remedy to the victim/plaintiff. For example, courts may order internet service providers to block websites which provide access to pirated content and violate the plaintiff’s copyright.
A detailed procedure for blocking content is provided by the Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009 (IT Rules, 2009) that have been formulated under Section 69A of the Information Technology Act, 2000. An important point to note is that only the Central government can exercise this power of directing intermediaries to block access to online content directly, and not the State governments. The procedure typically provides that Central or State agencies will appoint a “nodal officer” who will forward the blocking order to the “designated officer” of the Central government. The designated officer, as part of a committee, examines the request of the nodal officer. The committee comprises representatives from the Ministries of Law and Justice, Information and Broadcasting, Home Affairs, and the Cert-In. The creator/host of the content in question is given a notice to submit clarifications and replies. The committee then makes a recommendation on whether the request of the nodal officer should be accepted or not. If this recommendation is approved by the MeitY, the designated officer can direct the intermediary to remove content.
Civil society organisations have been advocating for certain reforms to the IT Rules, 2009 for some time now. The first is on the aspect of transparency. As witnessed in the case of VideoLan’s website blocking, there is no clarity on why its website has been blocked. Reasons for the same continue to be articulated on conjecture. Rule 16 of the IT Rules, 2009 provides that strict confidentiality is to be maintained with respect to any requests or actions under the IT Rules, 2009. This should be revisited and an element of transparency should be introduced whereby VideoLAN is given a reason for why such an order was made, something that has been done in the recent order in the Tanul Thakur case. Second, even though the IT Rules provide for an opportunity of hearing to the creator/host of content, given VideoLAN’s cluelessness it seems that this opportunity may not be afforded to affected parties in all cases. The lack of an opportunity to submit clarifications/replies by the creator/host violates the principles of natural justice. It can also lead to erroneous decision making by the committee, which may not be in possession of the full facts, that can have significant financial consequences for the blocked online service provider.
Third, a recent RTI has disclosed that the Review Committee, which is required to meet every two months to review orders of the committee, has not disagreed with a single decision of the committee. This raises doubts on the effectiveness of the review mechanism which has been provided as a safeguard against excesses of the committee.
Fourth, given that non-compliance with directions under the IT Rules can lead to loss of immunity from liability for content being hosted, it has been argued that intermediaries over-comply with these directions, which can have chilling effects on free speech. The Supreme Court in Shreya Singhal has upheld the procedure enshrined in IT Rules, 2009 on the basis that it provides for adequate application of mind and transparency. The government would do well to follow its own rules, in form as well as spirit.
The writer is a research fellow at the Centre for Applied Law and Technology Research, Vidhi Centre for legal policy