Over the last two months, authorities in the United States of America ("US") and India have issued orders limiting the access and downloading of TikTok, a mobile application owned by ByteDance Ltd.. While the nature of the orders differ, the rationale seem to be articulated by the two Governments in a similar fashion. ByteDance has adopted a conciliatory stand in India requesting for a meeting with the Union Minister of Electronics, Information and Technology. In contrast, the Civil Action moved by ByteDance before the US District Court for the District of Columbia has provided valuable insights into the legal issues that may be brought before Indian courts of law in due course.
US and TikTok
On 6 August 2020, President Donald Trump issued an 'Executive Order on Addressing the Threat Posed by TikTok' ("Executive Order") wherein he sought to prohibit certain transactions "with ByteDance" or "its subsidiaries". The Executive Order accuses TikTok of censoring content on behalf of the Chinese Communist Party. It also makes direct allegations against the Chinese Communist Party of accessing "personal and proprietary information" of US citizens through TikTok, which has been downloaded over 175 million times in the US. Holding that such actions may potentially allow China to track locations, build dossiers for blackmail and conduct corporate espionage, the Executive Order is justified as action to protect national security.
Interestingly, the Executive Order also quotes a press release of the Government of India's Ministry of Electronics and Information Technology wherein they asserted that TikTok and other Chinese mobile applications were "stealing and surreptitiously transmitting users' data in an unauthorized manner to servers which have locations outside India." The Press Statement, referred by in the Executive Order, was issued on 29 June 2020 when 59 mobile apps were banned by the Government of India. Subsequently, on 2 September 2020, another 118 mobile apps were banned, on nearly identical grounds.
India and Ban of Mobile Apps
The Government of India banned 177 mobile apps using Section 69A of The Information Technology Act ("Section 69A") which empowers the Central Government to block public access to any information hosted in any computer resource. The term "Computer Resource" is defined to include computer, computer system, computer network, data, computer data base or software. The definition does not include mobile phones which falls within the ambit of "Communication Devices".
This gives rise to the question whether the Central Government has power under Section 69A to ban applications exclusively accessible through mobile phones. It is clear that power granted under this section can only be exercised over information hosted in a computer resource and not on a mobile phone. The legislative intent in distinguishing between computer resource and communication devices may be understood by referring to Section 66B and Section 66D of the said Act which treat computer resources and communication devices as two separate and exclusive instruments. When Section 69A was introduced by an amendment to the Information Technology Act ("IT Act") in 2008, mobile applications were not as prominent as they are now and therefore, it is entirely conceivable that the legislature did not intended the provision to be applied as it had been in the June and September orders.
What Section 69A does permit is that the Government can prohibit access to mobile applications as long as they are part of the internet and during their availability on the App Marketplace, prior to their download onto a mobile phone. It is trite that once an application is downloaded into the memory of a mobile phone, it ceases to be information hosted by a computer resource and becomes something which is hosted through a communication device. Therefore, the issuance of the June and September orders of the Government to prohibit mobile applications may be outside the scope of Section 69A.
Test of Reasonableness and Bona Fides
While the actual orders banning the mobile apps are yet to be made public, much of our understanding has been drawn from the two Press Releases issued by the Central Government. The Press Release of 2 September 2020 cites surreptitious data sharing as one of the reasons for issuing the banning orders. When the Government is yet to ensure passage of the Data Protection Act, pending before the Parliament for nearly a year, the seriousness of the Government with regard to data protection will need to be assessed. Furthermore, such a vehement response was nowhere to be seen when the Facebook-Cambridge Analytica data controversy broke out.
Another issue calling the bona fides of the June and September orders is that of their timing. On 15 June 2020, news broke out about clashes between Indian and Chinese soldiers at the Galwan Valley and exactly 14 days later, the Central Government issued the first order. Another skirmish was reported on 30 August 2020, which was also followed by the second order, only two days later.
Therefore, the actions of the Central Government provide the appearance of a reaction to the border skirmishes between the countries rather than a bona fide effort to protect personal data of its citizens. This is further cemented from the fact that the People's Republic of China had enacted the National Intelligence Law of the People's Republic of China which requires citizens and organisations to assist and cooperate with the state intelligence work back in 2017. As much of this information has been in public domain, the Central Government cannot claim to have woken up to the potential threats after three years.
Furthermore, the orders do not ban a number of the other applications linked with Chinese companies such as the PUBG (which is still available as computer application) and other applications belonging to the Ali Group continue to be available for download. The Central Government has not provided any clear inputs on how the 177 mobile apps were chosen and what was the exact security threat posed by them individually. As such, we are led to believe that all 177 mobile apps have potential security threats and possess risk of data theft without understanding their individual capabilities.
Finally, Section 72A of the IT Act penalises the disclosure of information without consent of the person concerned. As such, this provision would be better suited to protect data theft and any unauthorised transmission of sensitive personal information. There is no explanation as to why the Central Government did not initiate proceedings under this section or why Section 69A was preferred. Such actions may also have be weighed on the benchmark of doctrine of proportionality as laid down in the Justice (Retd.) Puttaswamy vs Union of India case to understand whether the least restrictive action was taken to curtail fundamental rights in a matter of public interest.
Possible Judicial Outcomes
On 27 September 2020, the United States District Court of the District of Columbia ("US Court") granted a Preliminary Injunction on the motion moved by TikTok Inc against implementation of President Trump's Executive Order. While doing so, the US Court considered the balancing between equities and public interest. The US Court held that though the US "government has provided ample evidence that China presents a significant national security threat" there is no specific evidence with regard to the threat posed by TikTok. The US Court also doubted the actions of the US Government as to "whether the prohibitions are the only effective way to address that threat".
There has been no legal challenge, as a judicial review of the two orders, mounted by the mobile apps against the orders, as yet, in Indian courts. The law in India also allows for reasonable restrictions of fundamental rights on the grounds of security and sovereignty of the country. So, the Central Government may have a better case to argue under public interest than their US counterparts. However, the order of the US Court has certainly provided an insight into how such a legal battle may play out in the Indian courts.
Views are personal.
(Manuraj Shunmugasundaram is an Advocate & B. Thiyagarajan, is a Trainee Advocate)