Signal , the popular privacy-focused messaging app, has not reportedly complied with the new social media and intermediary guidelines in India. The company is also likely to be liable under the Information Technology (IT) Act, 2021, and the provision of safe harbour in it is unlikely to be applicable to it due to the non-compliance, Hindustan Times reports citing officials aware of the matter. The new IT rules that came into being in the country late last month mandates social media companies with over five million users to appoint a Chief Compliance Officer (CCO), Nodal Officer and Resident Grievance Officer to smoothen the grievance mechanism for citizens. For messaging companies like WhatsApp and Signal, the new IT rules include a traceability clause that requires platforms to locate “the first originator of the information" if required by authorities.
Signal, which gained massive popularity earlier this year for offering end-to-end encryption and other privacy features earlier this year, is yet to clarify its position on the central government’s IT Rules. The report notes that Signal has not shared the details of a compliance officer with the government under the new guidelines. “Signal has not complied with the guidelines. Services like iMessage do not fall under the traceability clause since the significant social media intermediaries in the nature of messaging services have to comply," an official told the publication. As mentioned, if the company has not yet complied with the rules, it could lose the safe harbour immunity that is guaranteed under Section 79 of the IT Act (if the companies follow laid rules). According to law, an intermediary [like Signal] is not liable for punishment when users use its platform to share information, even if the information violates local laws.
So far, several social media giants are complying with the new rules; however, some platforms are protesting against them as they allegedly violate freedom of expression and other human rights. Twitter recently lost its safe harbour protection for failing to comply with rules as of yet. WhatsApp, on the other hand, has challenged IT Rules, saying the traceability clause threatens its end-to-end encryption programme. WhatsApp says that if it had to trace an originator, it would have to “store information." For this to work, the company would have to add some sort of “permanent identity stamp" that effectively translates into surveillance.