Author: Nikhil Kanekal
In a significant order on the security and jurisdiction of official communication, the Delhi High Court on Thursday directed the Government of India to ensure that all official communication be hosted on government controlled servers located within the country. The government was asked to comply with this order in four weeks.
A division bench comprising justices Badar Durez Ahmed and Vibhu Bakru while issuing a written order, observed, “(to government counsel) Don’t take eight weeks. Do it fast. It is important. We are sure that the government’s new email policy will be in consonance with the Public Records Act”, indicating that the court wants the government to secure all official communication as soon as possible. The court also made a reference to the recent expose of US government spying through its National Security Agency by former contractor Edward Snowden. “We know what the NSA is doing,” said the bench.
The direction was issued on a petition to the court which claims, amongst other things, that several public officials are using private email services (like gmail, yahoo, hotmail, etc.) for official communication. Counsel for the petitioner, Virag Gupta, argued that this imperiled national security and violated section 4 of the Public Records Act, 1993, which mandates that all public records be maintained by the government within Indian territory.
The government submitted a set of draft guidelines to the court which it is scheduled to notify and implement. The guidelines concern email use policy for public officials and other matters of data security. The court observed that the guidelines need to be modified because they did not specifically deal with public records being transmitted to servers outside Indian jurisdiction.
The fairly wide ranging public interest petition, filed by K. N. Govindacharya, has made Google and Facebook’s Indian subsidiaries party to the proceeding along with the national government. Both the Internet companies submitted before the court that they have complied with an earlier order, which required them to allow users to access a grievance officer on their websites. This is a compliance requirement for Internet intermediaries like Google and Facebook under Section 3(11) of the Information Technology (Intermediaries Guidelines) Rules, 2011. Users can now directly contact grievance officers to report a problem. Currently it appears Facebook’s grievance officer is based in Dublin, Ireland. The rules are silent on where the officer is to be located, although the petitioner claimed that the officer needs to be located in India or at least be an employee of the Indian subsidiary. If the court agrees with this, it could become a demanding compliance requirement for intermediaries located outside India, but are accessible in Indian territory.
The petition also deals with taxation issues, with Govindacharya claiming that both companies are liable to pay direct and indirect taxes to the Indian government because they earn revenues from this jurisdiction. The court is scheduled to take up the case on 30 October.
The CCG Blog 